A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?
A)Install a bastion, configure host
B)Set up a choke in front of the web server
C)Create a DMZ, add necessary hosts.
D)Configure a reduction point on a firewall

Question

Quizplus · Accepted Answer

The best solution to isolate a web server and other similar hosts from more secure hosts on a network is to create a Demilitarized Zone (DMZ). A DMZ is a separate physical or logical network that sits between an organization's internal network and an external network, such as the internet. The DMZ is usually designed to contain servers that are accessible to untrusted outside users, such as web servers, email servers, and DNS servers. By placing the web server and other similar hosts in a DMZ and configuring the necessary security controls, organizations can reduce the risk of a compromised web server affecting more secure hosts on the internal network.

A Web Server Must Be Accessible to Untrusted Outside Users