nerdexam
EC-Council

312-50V13 · Question #12

You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture i

The correct answer is B. A web server facing the Internet, an application server on the internal network, a database server. For a secure web application architecture exposed to the internet, a multi-tier approach with distinct security zones for each server type is recommended.

Submitted by lukas.cz· Mar 6, 2026Network and Perimeter Hacking

Question

You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

Options

  • AAll three servers need to be placed internally
  • BA web server facing the Internet, an application server on the internal network, a database server
  • CA web server and the database server facing the Internet, an application server on the internal
  • DAll three servers need to face the Internet so that they can communicate between themselves

How the community answered

(38 responses)
  • A
    3% (1)
  • B
    84% (32)
  • C
    5% (2)
  • D
    8% (3)

Why each option

For a secure web application architecture exposed to the internet, a multi-tier approach with distinct security zones for each server type is recommended.

AAll three servers need to be placed internally

Placing all three servers internally would make the web application inaccessible from the Internet, contradicting the requirement for Internet availability.

BA web server facing the Internet, an application server on the internal network, a database serverCorrect

The recommended architecture is a three-tier design for security and performance: a web server (front-end) in a DMZ facing the Internet, an application server (middle-tier) on a more protected internal network, and a database server (back-end) on the most protected internal network. This architecture minimizes the attack surface for critical data.

CA web server and the database server facing the Internet, an application server on the internal

Placing both the web server and the database server directly facing the Internet significantly increases the attack surface for the most critical component (the database), which stores sensitive data.

DAll three servers need to face the Internet so that they can communicate between themselves

Placing all three servers directly on the Internet exposes all components to direct attacks, representing a severe security vulnerability, especially for application and database servers.

Concept tested: Multi-tier web application architecture

Source: https://learn.microsoft.com/en-us/azure/architecture/guide/architecture-styles/web-queue-worker

Topics

#network architecture#DMZ#web server#application server

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice