PrepAway - Latest Free Exam Questions & Answers

Which of the following combinations is BEST to meet the requirements?

A company has several conference rooms with wired network jacks that are used by both employees and
guests. Employees need access to internal resources and guests only need access to the Internet. Which
of the following combinations is BEST to meet the requirements?

PrepAway - Latest Free Exam Questions & Answers

A.
NAT and DMZ

B.
VPN and IPSec

C.
Switches and a firewall

D.
802.1x and VLANs

Explanation:
802.1x is a port-based authentication mechanism. It’s based on Extensible Authentication
Protocol (EAP) and is commonly used in closed-environment wireless networks. 802.1x was initially used
to compensate for the weaknesses of Wired Equivalent Privacy (WEP), but today it’s often used as a
component in more complex authentication and connection-management systems, including Remote
Authentication Dial-In User Service (RADIUS), Diameter, Cisco System’s Terminal Access Controller AccessControl System Plus (TACACS+), and Network Access Control (NAC).
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. By
default, all ports on a switch are part of VLAN 1. But as the switch administrator changes the VLAN
assignment on a port-by-port basis, various ports can be grouped together and be distinct from otherVLAN port designations. VLANs are used for traffic management. Communications between ports within
the same VLAN occur without hindrance, but communications between VLANs require a routing function.
Incorrect Answers:
A: NAT converts the IP addresses of internal systems found in the header of network packets into public
IP addresses. A demilitarized zone (DMZ) is an area of a network that is designed specifically for public
users to access.
B: A virtual private network (VPN) is a communication tunnel between two entities across an intermediary
network. In most cases, the intermediary network is an untrusted network, such as the Internet, and
therefore the communication tunnel is also encrypted. Internet Protocol Security (IPSec) is both a standalone VPN protocol and a module that can be used with L2TP.
C: A switch is a networking device used to connect other devices together and potentially implement
traffic management on their communications. Firewalls manage traffic using filters.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 6, 11, 21, 23, 27,
39, 53


Leave a Reply