CompTIA CASP+ (CAS-004) — Question 75

An organization is designing a network architecture that must meet the following requirements:
✑ Users will only be able to access predefined services.
✑ Each user will have a unique allow list defined for access.
✑ The system will construct one-to-one subject/object access paths dynamically.
Which of the following architectural designs should the organization use to meet these requirements?

Answer options

• A. Peer-to-peer secure communications enabled by mobile applications
• B. Proxied application data connections enabled by API gateways
• C. Microsegmentation enabled by software-defined networking
• D. VLANs enabled by network infrastructure devices

Correct answer: C

Explanation

The correct answer is C, as microsegmentation allows for precise access control and dynamic paths for users based on their unique allow lists. Option A does not provide the controlled access necessary, option B may offer some level of control but lacks the granularity of microsegmentation, and option D does not inherently support the dynamic access paths required by the scenario.