ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-003 All Questions

View all questions & answers for the CAS-003 exam
Go to Exam

Exam CAS-003 topic 1 question 14 discussion

Actual exam question from CompTIA's CAS-003
Question #: 14
Topic #: 1
[All CAS-003 Questions]

During a security assessment, an organization is advised of inadequate control over network segmentation. The assessor explains that the organization's reliance on VLANs to segment traffic is insufficient to provide segmentation based on regulatory standards. Which of the following should the organization consider implementing along with VLANs to provide a greater level of segmentation?

  • A. Air gaps
  • B. Access control lists
  • C. Spanning tree protocol
  • D. Network virtualization
  • E. Elastic load balancing
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by jacktors22 at Dec. 17, 2019, 2:37 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
tek
Highly Voted 5 years, 1 month ago
B. ACLs. While the VLANs segment the networks the ACLs provide authority over the actual traffic passing between.
upvoted 11 times
...
mcse123
Most Recent 3 years, 9 months ago
B is the correct answer. check the link : https://searchsecurity.techtarget.com/tip/The-security-standards-dilemma-Network-segmentation-and-PCI-Compliance
upvoted 2 times
...
americaman80
3 years, 11 months ago
Correct answer is in fact D: Network virtualization (NV) is quite different than setting up VLANs. NV allows the creation of entire networks in software including switching, routing, firewalling, and load balancing. This provides far greater flexibility and granularity. With all networking and security services handled in software and attached to VMs, labor‐intensive management and configuration processes can be streamlined and automated, and networks are created automatically to meet workload demands.
upvoted 2 times
...
TheThreatGuy
4 years, 2 months ago
I think this has to be air gaps. Regulatory standards aren’t going to say there “has to be ACLs”. They are going to say you have to physically separate the devices. Air gaps has to be correct.
upvoted 1 times
D1960
3 years, 8 months ago
You may be right. But, I don't think of air gapped networks as being "segmented." Air gapped networks are completely separate networks.
upvoted 1 times
...
...
Neo2020
4 years, 2 months ago
In its simplest form, network virtualization is the provisioning of network and security services independent of the physical infrastructure. By enabling network segmentation in the entire network and not just at the perimeter, network virtualization plays a key role in driving efficient network segmentation. D
upvoted 3 times
Trap_D0_r
4 years, 2 months ago
I think you're trying to describe subnetting in very loose terms, but the writing of logical network boundaries has never really been considered virtualization. Network virtualization, in practice, refers to Software-Defined-Networking with automation and agility tools, not the simple application of L3 subnets to match VLAN boundaries. https://www.vmware.com/topics/glossary/content/network-virtualization
upvoted 2 times
...
...
Trap_D0_r
4 years, 2 months ago
B ACLs will improve existing network segmentation regardless of how the network is built. Network virtualization would be a strategy to replace the existing network with a virtualized network layer (this could involve replacing hardware or going to cloud managed networking--either way, it does not address the root problem of the question which is to improve network segmentation at layer 2).
upvoted 1 times
...
TheSkyMan
4 years, 3 months ago
The questions asks "Which of the following should the organization consider implementing along with VLANs to provide a greater level of segmentation?" ACLs are more for security and network virtualization is more for segmentation. I think the answer is right, D.
upvoted 2 times
TheSkyMan
4 years, 3 months ago
I take it back, it has to be ACLs. "VLANs can also enforce some security by implementing segregation via Access Control Lists (ACLs) on the intermediary router(s)." https://www.sciencedirect.com/topics/computer-science/network-segmentation
upvoted 2 times
...
...
franbarpro
4 years, 10 months ago
I am going with B: ACL - I mean think about it. We create VLANs and apply ACL to allow and deny traffic alike.
upvoted 4 times
...
2old4this
5 years, 2 months ago
D. Network virtualization
upvoted 1 times
...
Romex
5 years, 2 months ago
I think the answer is Air gaps
upvoted 1 times
...
jacktors22
5 years, 4 months ago
Elastic load balancing (ELB) - is a load balancing solution that automatically scales its request-handling capacity in response to incoming application traffic.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago