Comptia Security Plus Mock Test Q73

According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this?

A. NIDS
B. DMZ
C. NAT
D. VLAN

Correct Answer: D
Section: Network Security

Explanation
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches.

Incorrect Answers:
A: A network-based IDS (NIDS) watches network traffic in real time. It’s reliable for detecting network-focused attacks, not separating networks.

B: A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. It does not separate networks.

C: NAT serves as a basic firewall by only allowing incoming traffic that is in response to an internal system’s request. It does not separate networks.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 21, 23, 39