Comptia Security Plus Mock Test Q69

Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic?

A. Connect the WAP to a different switch.
B. Create a voice VLAN.
C. Create a DMZ.
D. Set the switch ports to 802.1q mode.

Correct Answer: B
Section: Network Security

Explanation:
It is a common and recommended practice to separate voice and data traffic by using VLANs. Separating voice and data traffic using VLANs provides a solid security boundary,
preventing data applications from reaching the voice traffic. It also gives you a simpler method to deploy QoS, prioritizing the voice traffic over the data.

Incorrect Answers:
A: Doing this will not segment voice and data traffic.

C: The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.

D: IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network. It does not, however, segment certain traffic from other traffic

References:
http://www.ciscopress.com/articles/article.asp?p=1745631&seqNum=3
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 39
http://en.wikipedia.org/wiki/IEEE_802.1Q