Home » Cisco » 300-465 » Which three options describe how isolation can be achieved for VMDC data center security?
Which three options describe how isolation can be achieved for VMDC data center security? (Choose three.)
A. access control lists
B. intrusion prevention appliances that inspect traffic and detect security events on a per-VLAN basis
C. proper infrastructure hardening
D. role-based access and authentication
E. application redundancy
F. policy enforcement and access control
G. virtual routing and forwarding tables
Correct Answer: ABG
Explanation/Reference:
Isolation provides a secure foundation for multi-tenant data centers and server farms. Depending on the design goals, isolation can be achieved using firewalls; access control lists (ACLs); virtual LANs (VLANs), Virtual Routing and Forwarding tables (VRFs), virtualization, storage networks, and physical separation. In addition, Intrusion Prevention appliances that can inspect traffic and detect security events on a per-VLAN basis can provide an additional level of threat isolation between different tenants. When combined, these can provide appropriate levels of security enforcement to server applications and services for multiple tenants.
Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data Center/VMDC/Cloud Security/1-0/DG/ICSecurity/ICSecurity2.html
