CompTIA Security Plus Mock Test Q807

Which of the following can be used to maintain a higher level of security in a SAN by allowing isolation of mis-configurations or faults?

A. VLAN
B. Protocol security
C. Port security
D. VSAN

Correct Answer: D
Section: Application, Data and Host Security

Explanation:
A storage area network (SAN) is a secondary network that offers storage isolation by consolidating storage devices such as hard drives, drive arrays, optical jukeboxes, and tape
libraries. Virtualization can be used to further enhance the security of a SAN by using switches to create a VSAN. These switches act as routers controlling and filtering traffic into and
out of the VSAN while allowing unrestricted traffic within the VSAN.

Incorrect Answers:
A: A Virtual area network (VLAN) is segmented network in which switches are used to perform the segmentation. The switches also perform routing functions, controlling and filtering
traffic between VLANS.
B, C: Protocol and Port security is provided by firewalls. Firewalls control or filter traffic between systems based on protocols and the ports used by those protocols. Firewalls could be
used to isolate the SAN but it is unlikely to isolate mis-configurations or faults.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 89-91
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 5-6, 31
http://en.wikipedia.org/wiki/VSAN