A company has a flat network that is deployed in the cloud. Security policy states that all production and development servers must be segmented. Which of the following should be used to design the network to meet the security requirements?
A company has a flat network that is deployed in the cloud. Security policy states that all production and development servers must be segmented. Which of the following should be used to design the network to meet the security requirements?
To segment production and development servers in a cloud environment, a Virtual Private Cloud (VPC) should be used. A VPC provides a logically isolated network environment where separate subnets can be created and managed. This allows for the segmentation and isolation of different components of the network, such as production and development servers, aligning with the company's security policy requirements.
VPC: Virtual private cloud ohh! See the hardest part is just memorizing all these damn acyromns argH!
Ameen sister! this keeps happening argh
Why not CASB? Before, anytime there was question regarding cloud, the answer was always CASB, why not now?
Hahahaha. Same thought was in my head
Think about it this way, what does a VPN (Virtual Private Network) do? It segments your physical network/LAN into subnets, right? In the same vein, a VPC (Virtual private Cloud) helps to segment your private/public cloud infrastructure into cloud subnets.
A Virtual Private Cloud (VPC) is a logical network environment provided by a cloud service provider that allows users to create and control their own isolated network within the cloud infrastructure. It provides the ability to segment and isolate different components of the network, such as production and development servers, based on security requirements. By using a VPC, the company can create separate subnets within the cloud environment and define access controls between them. This allows for the segmentation of production and development servers, ensuring that they are logically separated and isolated from each other.
Like *V*LAN but for the cloud (*V*PC)?
VPC consists of cloud resources isolated from other cloud resources.
My thoughts are that a VPC offers segmentation in a cloud environment.
map the question with Q174
"Security policy states that all production and development servers must be segmented" which can be achieved by using a VPC
Answer B. VPC
VPC is the only option that provides segmentation on the cloud Perimeter network, also known as DMZ/screened subnet, is typically used to segregate public-facing services from the internal network
CASB (Cloud Access Security Broker). CASB is a security technology used to secure and control the use of cloud services. While CASB is important for enhancing cloud security, it doesn’t directly address the network segmentation requirement mentioned in the question. Network segmentation involves dividing your network into separate segments or Virtual LANs (VLANs) to isolate different categories of servers or services. This helps to contain potential security risks by limiting lateral movement of threats. CASB is more focused on cloud application and data security
"An example of a virtual private cloud (VPC) offers an organization the ability to provision a logically isolated section and launch resources in a virtual network as defined by the organization’s requirements. The organization then has control over the virtual networking environment, including the selection of its IP address range, creation of subnets, and configuration of route tables and network gateways. The Amazon VPC, for example, offers a transit gateway, a network transit hub that connects the VPC and on-premises networks." -Mike Meyers Certification Passport SY0-601 Sixth Edition by Dawn Dunkerley
VPC should be the right answer here, as you could use multiple VPCs within your cloud enviroment to segementate the network