Which of the following are examples of network segmentation? (Select TWO).
Correct Answer: C,D
Section: Application, Data and Host Security
C: A demilitarized zone (DMZ) is a part of the network that is separated of segmented from the rest of the network by means of firewalls and acts as a buffer between the untrusted
public Internet and the trusted local area network (LAN).
D. IP subnets can be used to separate or segment networks while allowing communication between the network segments via routers.
A: An intrusion detection system (IDS) is an automated system that detects intrusions or security policy violations on networks or host systems. It does not feature or offer network
B: The Infrastructure as a Service (IaaS) model is a cloud computing business model uses virtualization, with the clients paying for resources used.
E: An intrusion prevention system (IPS) is an automated system that attempts to prevent intrusions or security policy violations on networks or host systems. It does not feature or offer
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 21, 26, 27-28
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 65, 110-111