CISCO CCNA 200-301 Q78

You have multiple departments sharing a common network. You are concerned about network traffic from one department reaching another department. What would be a solution for isolating the departments? (Choose all that apply.)

A. Configure separate VLANs for each department.
B. Assign a unique VTP domain for each department.
C. Put each department in a separate collision domain.
D. Configure trunk links between departmental switches.
E. Configure separate subnets for each department

Correct Answer: A, E

You could either configure separate VLANs for each department or configure separate subnets for each department. Either approach has the effect of restricting each department’s traffic to its local subnet or VLAN, unless you configure and allow inter-VLAN routing.

VLANs logically divide a switched network into multiple independent broadcast domains. Broadcast traffic within one VLAN will never be sent to hosts in other VLANs. In this respect, VLANs operate exactly as subnets do. The only way for hosts in different VLANs to communicate is through a router or multilayer switch configured to perform inter-VLAN routing between the VLANs.

The VLAN Trunking Protocol (VTP) is used to synchronize VLAN databases across multiple switches, and is not a method for isolating departmental traffic.

Collision domains cannot be used to isolate traffic between departments. Multiple departments cannot share a collision domain when using switches. Every port on a switch is a separate collision domain, which allows the switch to forward more than one frame at a time. This also reduces collisions, since each host is therefore in a separate collision domain. The switch processes data based only on MAC addresses, and has no knowledge of which host is in which IP subnet or department.

Trunk links are used to connect switches to other switches and to routers for the purpose of carrying traffic from multiple VLANs, and are not a method of isolating traffic between different departments.