312-50V9 · Question #21
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a sing
The correct answer is A. Place a front-end web server in a demilitarized zone that only handles external web traffic. A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additiona
Question
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?
Options
- APlace a front-end web server in a demilitarized zone that only handles external web traffic
- BRequire all employees to change their passwords immediately
- CMove the financial data to another server on the same IP subnet
- DIssue new certificates to the web servers from the root certificate authority
How the community answered
(20 responses)- A75% (15)
- B15% (3)
- C5% (1)
- D5% (1)
Explanation
A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. https://en.wikipedia.org/wiki/DMZ_(computing)
Topics
Community Discussion
No community discussion yet for this question.