An organization would like to store customer data on a separate part of the network that is not accessible to users on the mam corporate network. Which of the following should the administrator use to accomplish this goal?
An organization would like to store customer data on a separate part of the network that is not accessible to users on the mam corporate network. Which of the following should the administrator use to accomplish this goal?
Segmentation involves dividing a network into smaller subnetworks or segments with their own security controls and permissions. This allows the administrator to create a separate section of the network, ensuring that customer data is not accessible to users on the main corporate network. This method provides the required separation while still allowing for managed and controlled access where needed, making it an effective solution for protecting sensitive data. Isolation, on the other hand, implies a stricter separation that might not align with the requirement of being part of the same network infrastructure.
Segmentation involves dividing a network into separate subnetworks or segments, each with its own security controls and access permissions. By segmenting the network, the administrator can isolate sensitive customer data from the main corporate network, reducing the risk of unauthorized access to the data.
Isolation is more appropriate for achieving the goal of storing customer data on a separate part of the network that is not accessible to users on the corporate network. While segmentation (Option A) can be a part of the isolation solution, the most direct and specific answer is network isolation, as it ensures complete separation and inaccessibility between the isolated parts of the network.
Thanks GPT!
ChatGPT4 suggested Segmentation. Isolation is a completely separate network, if you take the definition of it to heart. Question mentions separate part of the network, not an isolated one. In reality, completely isolating the customer data (the info you work with every day), would make running the company a lot more difficult.
I think also Isolation is more appropriate. It’s extra security after segmentation. Network segmentation involves partitioning a network into smaller networks, while network isolation involves developing and enforcing a ruleset for controlling the communications between specific hosts and services with group policy ACL
*On Exam, Taken On July 31, 2023*
Going with B, based on the additional information from 701 Study Guide from Dion Training. Now that there is a 701 exam, it makes sense why some material tested is not found on 601. Isolation seems to fit ■ Isolation - Isolate vulnerable systems from the enterprise network ■ Segmentation - Divide the network into segments to limit the impact of breaches Professor Messer 601 With an isolation policy we can disable the connection between this laptop and the rest of the network. And we might also put this device on its own isolated VLAN, which means that it would be able to communicate to other devices on the isolated VLAN, but no one else inside of the organization. https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/security-configurations/
B. Isolation Network Isolation is the process of creating a standalone network with no connectivity to other parts of the network. This is a stringent form of segregation that can protect sensitive data from unauthorize access or tampering. Network segmentation, on the other hand, involves dividing a network into subnets to control access and traffic flow. This can improve network performance and security, but it does not completely isolate the network from other segments.
Questions specifies it should not be accessible to "users", not admins. Segmentation is the way to go. Isolation, by most applications, would also prevent administrators from accessing it through the network.
B is right. some chose A, but segmentation still accessible from main network, it is possible. however, isolation, say air gap or something like that, is fully not accessible.
an example of network segmentation is where a corp network is divided into IT, marketing, management, retail, warehouse, database, etc. logically each network segment should have the ability to talk to each other; otherwise the corp network wouldn't be functional. the context of the question appears to imply the customer data requires air gap which I believe network segmentation wouldn't provide
Isolation isn't part of exam objectives, going with A.
Not true...Isolation is listed in section 4.4 of CompTIA Sec + Objectives
You're correct but isolation is treated as isolating a device if infected with malware.
Isolation is more appropriate for achieving the goal of storing customer data on a separate part of the network that is not accessible to users on the corporate network. While segmentation (Option A) can be a part of the isolation solution, the most direct and specific answer is network isolation, as it ensures complete separation and inaccessibility between the isolated parts of the network.
Isolation ensures that sensitive systems or data are physically or logically disconnected from other networks or systems. -Physical isolation involves segregating an entire network from others or a system from external interference. Faraday cages and air-gapped networks exemplify physical isolation. -Logical isolation is achieved through segmentation, dividing a large network into smaller isolated segments. The scenario specifies that customer data remains within our network but in an isolated section apart from the main corporate network.
IMO, Answer is A because of the wording "separate part of the network." It doesn't say, "Separate network" which would imply isolation.
Isolation is what, segmentation is how.
Segmentation divides a network into smaller, controlled segments for security purposes, while isolation completely separates a network or system to protect sensitive assets or mitigate risks.
"mam" corporate network?
Answer is B. Isolation It asks for the most APPROPIATE choice. Isolation involves physically or logically separating different parts of the network to prevent unauthorized access. By isolating the network segment containing customer data from the main corporate network, the administrator ensures that only authorized personnel can access this sensitive information. This approach enhances security by reducing the risk of unauthorized access or data breaches.
This approach provides a strong level of security and confidentiality for sensitive data.
Isolating a vpc/subnet is a form of segmentation. Answer is A.