A vice president at a manufacturing organization is concerned about desktops being connected to the network.
Employees need to log onto the desktops' local account to verify that a product is being created within specifications; otherwise, the desktops should be as isolated as possible.
Which of the following is the BEST way to accomplish this?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Option A: Putting the desktops in the DMZ (demilitarized zone) is not a good option since DMZ is typically used to provide internet-facing services, and it is not an isolated network segment.
Option B: Creating a separate VLAN for the desktops is a better option, as it provides a level of isolation while still allowing the necessary network connectivity. VLANs allow for network segmentation while keeping the same physical network infrastructure.
Option C: Air-gapping the desktops is the most secure option, as it involves physically isolating the desktops from the network, making them completely inaccessible from the outside. However, air-gapping can be challenging to implement and can limit productivity.
Option D: Joining the desktops to an ad-hoc network is not a recommended option as ad-hoc networks are typically insecure and provide limited connectivity.
Therefore, the best option to accomplish the given requirements would be to create a separate VLAN for the desktops. This will allow the employees to log onto the local account to verify the product, while providing isolation from the rest of the network.