An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the
following types of network design elements would MOST likely be used?

A.
Routing

B.
DMZ

C.
VLAND. NAT

Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches.
VLANs are used for traffic management. Communications between ports within the same VLAN occur
without hindrance, but communications between VLANs require a routing function.
Incorrect Answers:
A: Routing is the process of selecting best paths in a network.
C: A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to
access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN.
Often a DMZ is deployed through the use of a multihomed firewall.
D: NAT converts the IP addresses of internal systems found in the header of network packets into public
IP addresses.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 39, 277
http://en.wikipedia.org/wiki/Routing