🛡️ Free practice test question from: Microsegmentation (Security+)

A) While microsegmentation does rely on software-based configuration, VLANs can also be configured via software, especially in software-defined networking environments. Therefore, this is not the most fundamental difference.

B) While microsegmentation can utilize next-generation firewalls, their use is not exclusive to microsegmentation and does not fundamentally distinguish it from VLANs.

C) Both VLANs and microsegmentation can create multiple network segments. The ability to segment a network is not unique to microsegmentation.

D) Microsegmentation operates at the application layer (Layer 7), allowing for granular visibility into application-level traffic and enabling context-aware security policies. This is a significant departure from VLANs, which operate at the data link layer (Layer 2) and lack application-level awareness.

For example: Kubernetes provides built-in capabilities for microsegmentation through Network Policies, enabling you to control traffic between pods with fine-grained rules