Comptia Security Plus Mock Test Q41

Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO).

A. Virtual switch
B. NAT
C. System partitioning
D. Access-list
E. Disable spanning tree
F. VLAN

Correct Answer: A,F
Section: Network Security

Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. A virtual switch is a software application that allows communication between virtual machines. A combination of the two would best satisfy the question.

Incorrect Answers:
B: NAT converts the IP addresses of internal systems found in the header of network packets into public IP addresses.

C: System partitioning has to do with separating data on a physical hard disk.

D: The purpose of an access list is to identify specifically who can enter a facility.

E: STP creates a spanning tree within a network of connected layer-2 bridges (typically Ethernet switches), and disables those links that are not part of the spanning tree. Disabling it
will not solve the problem

References:
http://www.techopedia.com/definition/27140/virtual-switch-vswitch
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 23, 39
http://en.wikipedia.org/wiki/Spanning_Tree_Protocol