SNCF — Securing Networks with Firepower — Question 18

An organization has a compliancy requirement to protect servers from clients, however, the clients and servers all reside on the same Layer 3 network. Without readdressing IP subnets for clients or servers, how is segmentation achieved?

Answer options

• A. Change the IP addresses of the servers, while remaining on the same subnet.
• B. Deploy a firewall in routed mode between the clients and servers.
• C. Change the IP addresses of the clients, while remaining on the same subnet.
• D. Deploy a firewall in transparent mode between the clients and servers.

Correct answer: D

Explanation

The correct answer is D because a firewall in transparent mode can filter traffic without requiring IP address changes, effectively segmenting clients from servers. Option A and C are incorrect as they involve changing IP addresses, which is not allowed. Option B is also incorrect because a routed mode firewall would necessitate different subnets for clients and servers.