CompTIA DataX (CNX-001) — Question 12

A network engineer is installing new switches in the data center to replace existing infrastructure. The previous network hardware had administrative interfaces that were plugged into the existing network along with all other server hardware on the same subnet. Which of the following should the engineer do to better secure these administrative interfaces?

Answer options

• A. Connect the switch management ports to a separate physical network.
• B. Disable unused physical ports on the switches to keep unauthorized users out.
• C. Set the administrative interfaces and the network switch ports on the same VLAN.
• D. Upgrade all of the switch firmware to the latest hardware levels.

Correct answer: A

Explanation

Connecting the switch management ports to a separate physical network isolates administrative interfaces from regular traffic, reducing the risk of unauthorized access. Disabling unused ports is a good practice but does not address the fundamental issue of exposure on the same subnet. Setting the interfaces on the same VLAN does not improve security; instead, it could expose them to potential threats. Upgrading firmware is important for security but does not specifically address how administrative interfaces are connected.