What is the purpose of a demilitarized zone on a network?
To scan all traffic coming through the DMZ to the internal network
To only provide direct access to the nodes within the DMZ and protect the network behind it
To provide a place to put the honeypot
To contain the network devices you wish to protect
Correct answer: B
Question 2
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?
All three servers need to be placed internally
A web server facing the Internet, an application server on the internal network, a database server on the internal network
A web server and the database server facing the Internet, an application server on the internal network
All three servers need to face the Internet so that they can communicate between themselves
Correct answer: B
Question 3
The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody can access to the ftp, and the permitted hosts cannot access the Internet. According to the next configuration, what is happening in the network?
The ACL 104 needs to be first because is UDP
The ACL 110 needs to be changed to port 80
The ACL for FTP must be before the ACL 110
The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router