CompTIA Security+ (SY0-501) — Question 351

A company has just completed a vulnerability scan of its servers. A legacy application that monitors the HVAC system in the datacenter presents several challenges, as the application vendor is no longer in business.
Which of the following secure network architecture concepts would BEST protect the other company servers if the legacy server were to be exploited?

Answer options

• A. Virtualization
• B. Air gap
• C. VLAN
• D. Extranet

Correct answer: B

Explanation

The correct answer is B, as an air gap physically separates the legacy server from the rest of the network, preventing potential threats from spreading. Options A (Virtualization), C (VLAN), and D (Extranet) do not provide the same level of isolation, which is crucial in safeguarding other servers from exploitation risks associated with a vulnerable legacy application.