212-82 Question #97: Real Exam Question with Answer & Explanation

Question

Elliott, a security professional, was appointed to test a newly developed application deployed over an organizational network using a Bastion host. Elliott initiated the process by configuring the nonreusable bastion host. He then tested the newly developed application to identify the presence of security flaws that were not yet known; further, he executed services that were not secure. identify the type of bastion host configured by Elliott in the above scenario.

Options

• AExternal services hosts
• BVictim machines
• COne-box firewalls
• DNon-routing dual-homed hosts

Explanation

Non-routing dual-homed hosts are the type of bastion hosts configured by Elliott in the above scenario. A bastion host is a system or device that is exposed to the public internet and acts as a gateway or a proxy for other systems or networks behind it. A bastion host can be used to provide an additional layer of security and protection for internal systems or networks from external threats and attacks.A bastion host can have different types based on its configuration or functionality. A non-routing dual-homed host is a type of bastion host that has two network interfaces: one connected to the public internet and one connected to the internal network. A non- routing dual-homed host does not allow any direct communication between the two networks and only allows specific services or applications to pass through it.A non-routing dual-homed host can be used to isolate and secure internal systems or networks from external access.In the scenario, Elliott was appointed to test a newly developed application deployed over an organizational network using a bastion host. Elliott initiated the process by configuring the non-reusable bastion host. He then tested the newly developed application to identify the presence of security flaws that were not yet known; further, he executed services that were not secure. This means that he configured a non-routing dual-homed host for this purpose. An external services host is a type of bastion host that provides external services, such as web, email, FTP, etc., to the public internet while protecting internal systems or networks from direct access.A victim machine is not a type of bastion host, but a term that describes a system or device that has been compromised or infected by an attacker or malware.A one-box firewall is not a type of bastion host, but a term that describes a firewall that performs both packet filtering and application proxy functions in one

No community discussion yet for this question.