CompTIA Cloud+ (CV0-003) — Question 40

Lateral-moving malware has infected the server infrastructure. Which of the following network changes would MOST effectively prevent lateral movement in the future?

Answer options

• A. Implement DNSSEC in all DNS servers.
• B. Segment the physical network using a VLAN.
• C. Implement microsegmentation on the network.
• D. Implement 802.1X in the network infrastructure.

Correct answer: C

Explanation

Microsegmentation is effective because it limits communication between different segments of the network, allowing for stricter control over data flows and minimizing the risk of lateral movement by malware. The other options, while beneficial for network security, do not provide the same level of granularity in controlling traffic within the network segments.