SNCF — Securing Networks with Firepower — Question 21

An engineer is monitoring network traffic from their sales and product development departments, which are on two separate networks. What must be configured in order to maintain data privacy for both departments?

Answer options

• A. Use passive IDS ports for both departments.
• B. Use a dedicated IPS inline set for each department to maintain traffic separation.
• C. Use 802.1Q inline set Trunk interfaces with VLANs to maintain logical traffic separation.
• D. Use one pair of inline set in TAP mode for both departments.

Correct answer: C

Explanation

The correct answer is C, as using 802.1Q inline set Trunk interfaces with VLANs allows for logical separation of traffic, ensuring data privacy. Option A does not provide sufficient separation, while option B offers redundancy without logical segregation. Option D would compromise data privacy by merging traffic into one pair of inline sets.