CompTIA Network+ (N10-007) — Question 106

A network administrator is redesigning network security after an attack. During the attack, an attacker used open cubicle locations to attach devices to the network. The administrator wants to be able to monitor future attacks in a safe environment and determine the method of attack. Which of the following should the administrator do to BEST meet this requirement?

Answer options

• A. Create a VLAN for the unused ports and create a honeyspot on the VLAN.
• B. Install a BPDU guard on switchports and enable STP.
• C. Create a DMZ for public servers and secure a segment for the internal network.
• D. Install antivirus software and set an ACL on the servers.

Correct answer: A

Explanation

The correct answer is A because creating a VLAN for unused ports and setting up a honeyspot allows for monitoring and studying potential attacks in a controlled setting. Option B, while improving switch security, does not directly address monitoring attacks. Option C focuses on server security and segmentation but does not include monitoring capabilities. Option D emphasizes antivirus and ACLs, which are important but do not provide the same level of proactive monitoring for attack methods.