CompTIA Security+ (SY0-501) — Question 426

A network administrator is creating a new network for an office. For security purposes, each department should have its resources isolated from every other department but be able to communicate back to central servers. Which of the following architecture concepts would BEST accomplish this?

Answer options

• A. Air gapped network
• B. Load balanced network
• C. Network address translation
• D. Network segmentation

Correct answer: D

Explanation

Network segmentation is the best approach as it allows different departments to have isolated resources while still enabling necessary communication with central servers. An air gapped network physically separates systems and would not allow any communication, while load balancing and NAT do not provide the required isolation between departmental resources.