Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CompTIA Exam CAS-005 Topic 2 Question 13 Discussion

Actual exam question for CompTIA's CAS-005 exam
Question #: 13
Topic #: 2
[All CAS-005 Questions]

A company wants to install a three-tier approach to separate the web. database, and application servers A security administrator must harden the environment which of the following is the best solution?

Show Suggested Answer Hide Answer
Suggested Answer: C

The best solution to harden a three-tier environment (web, database, and application servers) is to implement microsegmentation on the server VLANs. Here's why:

Enhanced Security: Microsegmentation creates granular security zones within the data center, allowing for more precise control over east-west traffic between servers. This helps prevent lateral movement by attackers who may gain access to one part of the network.

Isolation of Tiers: By segmenting the web, database, and application servers, the organization can apply specific security policies and controls to each segment, reducing the risk of cross-tier attacks.

Compliance and Best Practices: Microsegmentation aligns with best practices for network security and helps meet compliance requirements by ensuring that sensitive data and systems are properly isolated and protected.


CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl

NIST Special Publication 800-125: Guide to Security for Full Virtualization Technologies

CIS Controls: Control 12 - Boundary Defense

by Ernest at Apr 07, 2025, 04:30 AM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Christoper
24 days ago
SASb? Isn't that some kind of fancy-pants solution for people who have too much money and not enough security know-how? Microsegmentation is the real deal.
upvoted 0 times
Shawn
1 days ago
But what about using SASb? It's known for providing strong security measures.
upvoted 0 times
...
Abel
10 days ago
Microsegmentation is definitely the way to go for securing the environment.
upvoted 0 times
...
...
Arlie
1 months ago
A VPN to prevent remote access? That's so 2010. Microsegmentation is where it's at these days. Keep up with the times, folks!
upvoted 0 times
Helga
12 days ago
It's much more effective than just relying on a VPN for security.
upvoted 0 times
...
Dorsey
24 days ago
I agree, it provides granular control and limits lateral movement within the network.
upvoted 0 times
...
Susana
28 days ago
Microsegmentation is definitely the way to go for securing the environment.
upvoted 0 times
...
...
Deeanna
1 months ago
I'm not sure, but I think deploying a VPN could also be a good option to prevent unauthorized access.
upvoted 0 times
...
Phuong
2 months ago
I agree with Annmarie, microsegmentation can provide granular control and enhance security.
upvoted 0 times
...
Rashida
2 months ago
Hmm, I don't know about that. Installing a firewall at the network core? That's like using a sledgehammer to crack a nut. Talk about overkill!
upvoted 0 times
Mi
5 days ago
User 3: What about using access control lists (ACLs) to restrict traffic between the servers?
upvoted 0 times
...
Pamella
18 days ago
User 2: Pamella, that's a good idea. VLANs can help isolate the servers without the need for a firewall at the network core.
upvoted 0 times
...
Isreal
1 months ago
User 1: How about implementing VLANs to separate the servers?
upvoted 0 times
...
...
Stanford
2 months ago
C) Implementing microsegmentation on the server VLANs is the way to go. That's the best solution to harden the environment and limit access to specific server resources.
upvoted 0 times
...
Annmarie
2 months ago
I think the best solution is implementing microsegmentation on the server VLANs.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77