CompTIA Cloud+ (CV0-003) — Question 165

A cloud administrator needs to control the connections between a group of web servers and database servers as part of the financial application security review. Which of the following would be the BEST way to achieve this objective?

Answer options

• A. Create a directory security group
• B. Create a resource group
• C. Create separate VLANs
• D. Create a network security group

Correct answer: D

Explanation

Creating a network security group is the best approach as it allows the administrator to define inbound and outbound traffic rules, specifically controlling access between web servers and database servers. While directory security groups and resource groups serve different purposes in identity management and resource organization, they do not provide the necessary traffic control. Separate VLANs could isolate the servers, but they would not offer the granular control that a network security group provides.