nerdexam
ExamsN10-005Questions#533
CompTIA

N10-005 · Question #533

N10-005 Question #533: Real Exam Question with Answer & Explanation

The correct answer is C: DMZ. A DMZ (Demilitarized Zone) is a network security architecture that places publicly accessible servers (such as extranet servers, web servers, or email servers) in a separate, isolated subnet between the untrusted external network and the trusted internal network, typically enforc

Question

Which of the following would be used to place extranet servers in a separate subnet for security purposes?

Options

  • AVPN
  • BNAT
  • CDMZ
  • DIDS

Explanation

A DMZ (Demilitarized Zone) is a network security architecture that places publicly accessible servers (such as extranet servers, web servers, or email servers) in a separate, isolated subnet between the untrusted external network and the trusted internal network, typically enforced by firewalls. This limits the exposure of the internal network: if an extranet server is compromised, the attacker cannot directly pivot into the internal LAN. A VPN creates encrypted tunnels for remote access, not server isolation. NAT translates IP addresses and provides some obscurity but is not a segmentation security control. An IDS (Intrusion Detection System) monitors for suspicious activity but does not create network segmentation.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full N10-005 Practice