312-50V10 · Question #202
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a sing
The correct answer is A. Place a front-end web server in a demilitarized zone that only handles external web traffic. A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additiona
Question
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?
Options
- APlace a front-end web server in a demilitarized zone that only handles external web traffic
- BRequire all employees to change their passwords immediately
- CMove the financial data to another server on the same IP subnet
- DIssue new certificates to the web servers from the root certificate authority
How the community answered
(48 responses)- A69% (33)
- B19% (9)
- C4% (2)
- D8% (4)
Explanation
A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. https://en.wikipedia.org/wiki/DMZ_(computing)
Topics
Community Discussion
No community discussion yet for this question.