Comptia Security Plus Mock Test Q70

An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?

A. Create three VLANs on the switch connected to a router
B. Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router
C. Install a firewall and connect it to the switch
D. Install a firewall and connect it to a dedicated switch for each device type

Correct Answer: A
Section: Network Security

Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.

Incorrect Answers:
B: Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.
C, D: Firewalls are used to protect one network from another, not separate it.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 5, 23, 29