CompTIA Security+ (SY0-701) — Question 544

As part of new compliance audit requirements, multiple servers need to be segmented on different networks and should be reachable only from authorized internal systems. Which of the following would meet the requirements?

Answer options

• A. Configure firewall rules to block external access to Internal resources.
• B. Set up a WAP to allow internal access from public networks.
• C. Implement a new IPSec tunnel from internal resources.
• D. Deploy an internal jump server to access resources.

Correct answer: D

Explanation

The correct answer is D because deploying an internal jump server allows controlled access to the segmented servers, ensuring only authorized internal systems can reach them. Option A, while it restricts external access, does not facilitate internal access control. Option B introduces a security risk by allowing public network access. Option C does not provide a means to segment access effectively for the specific requirement of authorized internal systems.