nerdexam
EC-Council

312-50V9 · Question #21

A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a sing

The correct answer is A. Place a front-end web server in a demilitarized zone that only handles external web traffic. A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additiona

Introduction to Ethical Hacking

Question

A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?

Options

  • APlace a front-end web server in a demilitarized zone that only handles external web traffic
  • BRequire all employees to change their passwords immediately
  • CMove the financial data to another server on the same IP subnet
  • DIssue new certificates to the web servers from the root certificate authority

How the community answered

(20 responses)
  • A
    75% (15)
  • B
    15% (3)
  • C
    5% (1)
  • D
    5% (1)

Explanation

A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. https://en.wikipedia.org/wiki/DMZ_(computing)

Topics

#DMZ#network segmentation#security architecture#defense in depth

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice