Comptia Security Plus Mock Test Q37

A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?

A. Implement a virtual firewall
B. Install HIPS on each VM
C. Virtual switches with VLANs
D. Develop a patch management guide

Correct Answer: C
Section: Network Security

Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. VLANs can be used to isolate traffic between network segments.

Incorrect Answers:
A: A virtual firewall (VF)is a network firewall service or appliance running entirely within a virtualized environment and which provides the usual packet filtering and monitoring provided
via a physical network firewall.

B: HIPS watch the audit trails and log files of a host system.

D: Patch management is the formal process of ensuring that updates and patches are properly tested and applied to production systems.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 12, 23, 246
http://en.wikipedia.org/wiki/Virtual_firewall