Implementing Network Isolation for R&D Group | Exam SY0-601: CompTIA Security+

A.

To ensure that the R&D network is not accessible from the Internet, the network administrator should implement the following setting:

C. Implement a router ACL (Access Control List)

An ACL is a security feature that acts as a filter to control inbound or outbound traffic on a router. It is configured on the router to permit or deny traffic based on specific conditions, such as the source or destination IP address, protocol, port number, or traffic type. In this case, the router ACL can be configured to deny any traffic from the R&D network to the Internet, effectively preventing any access from the Internet to the R&D network.

Option A (Configure the OS default TTL to 1) is incorrect because the TTL (Time To Live) is a value in IP packets that determines how many hops a packet can take before being discarded. Setting the TTL to 1 will only limit the number of hops a packet can take and has nothing to do with preventing access from the Internet to the R&D network.

Option B (Use NAT on the R&D network) is also incorrect because NAT (Network Address Translation) is a technique that allows multiple devices on a network to share a single public IP address. While NAT can provide some level of security by hiding the IP addresses of devices on the internal network, it does not prevent access from the Internet to the R&D network.

Option D (Enable protected ports on the switch) is also incorrect because protected ports are a feature of switches that prevent communication between connected devices on the same switch. While this feature can provide some level of security by preventing unauthorized access to the R&D network from other devices on the same switch, it does not prevent access from the Internet to the R&D network.

Therefore, the correct answer is option C (Implement a router ACL).