Pete, a network administrator, is capturing packets on the network and notices that a large amount of the
traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic
from the other traffic?
A.
Connect the WAP to a different switch.
B.
Create a voice VLAN.
C.
Create a DMZ.
D.
Set the switch ports to 802.1q mode.
Explanation:
It is a common and recommended practice to separate voice and data traffic by using VLANs. Separating
voice and data traffic using VLANs provides a solid security boundary, preventing data applications from
reaching the voice traffic. It also gives you a simpler method to deploy QoS, prioritizing the voice traffic
over the data.
Incorrect Answers:
A: Doing this will not segment voice and data traffic.
C: The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often
a DMZ is deployed through the use of a multihomed firewall.
D: IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network. It
does not, however, segment certain traffic from other traffichttp://www.ciscopress.com/articles/article.asp?p=1745631&seqNum=3
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 39
http://en.wikipedia.org/wiki/IEEE_802.1Q