nerdexam
Exams312-50V9Questions#21
EC-Council

312-50V9 · Question #21

312-50V9 Question #21: Real Exam Question with Answer & Explanation

The correct answer is A: Place a front-end web server in a demilitarized zone that only handles external web traffic. A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additiona

Question

A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?

Options

  • APlace a front-end web server in a demilitarized zone that only handles external web traffic
  • BRequire all employees to change their passwords immediately
  • CMove the financial data to another server on the same IP subnet
  • DIssue new certificates to the web servers from the root certificate authority

Explanation

A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. https://en.wikipedia.org/wiki/DMZ_(computing)

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice