Which of the following mitigation techniques places devices - CompTIA Security+ SY0-701
Question
Which of the following mitigation techniques places devices in physically or logically separated networks and leverages policies to limit the types of communications that are allowed?
Answers
-
-
correct
-
-
Explanation
Correct Answer: B. Access control list
An Access Control List (ACL) is a mitigation technique that is used to enforce network segmentation by placing devices in physically or logically separated networks and defining policies to restrict the types of communications allowed between them. ACLs specify rules that permit or deny traffic based on criteria such as IP addresses, protocols, or ports. This ensures that only authorized communications occur within the network.
Explanations for Incorrect Options:
-
Host-based firewalls:
Host-based firewalls are used to filter traffic specific to an individual device. While they provide protection at the host level, they do not enforce segmentation across networks or manage communication policies for multiple devices. -
Port security:
Port security is a technique used on switches to limit and control access to network ports. It helps prevent unauthorized devices from connecting but does not address broader network segmentation or traffic policies. -
Least privilege:
Least privilege refers to limiting user or process permissions to only what is necessary for their function. While it is a key security principle, it focuses on user and system permissions, not network segmentation or communication restrictions.
No Payment Cards Needed
