A security architect is setting up their demilitarized zone to place one firewall on each side. What is this type of configuration called?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the WGU ITAS6291 D488 Cybersecurity Architecture and Engineering exam. Use flashcards and multiple-choice questions, each with explanations and guidance. Master your knowledge and excel in your exam!

Multiple Choice

A security architect is setting up their demilitarized zone to place one firewall on each side. What is this type of configuration called?

Explanation:
The configuration described, where a security architect places one firewall on each side of a demilitarized zone (DMZ), is referred to as a screened subnet. This setup is designed to enhance security by creating a buffer area between the internal network and the external network (the internet). The DMZ typically houses public-facing services such as web servers, email servers, or FTP servers, which need to be accessible from the outside while still being protected from potential threats. By using a screened subnet approach, the architect ensures that external traffic must pass through the first firewall, which filters requests and limits access to the DMZ. Then, traffic is further filtered by a second firewall before it reaches the internal network. This multilayered defense provides additional security by segmenting public-facing services from the more sensitive internal network, effectively reducing the risk of attacks penetrating into the core infrastructure. This design contrasts with other options. Staging environments are typically used for testing and development and do not pertain to the security architecture of a DMZ. ACLs, or access control lists, are a set of rules used to control network traffic but do not describe a specific architectural configuration like a DMZ. Peer-to-peer refers to a decentralized communications model where each party in the

The configuration described, where a security architect places one firewall on each side of a demilitarized zone (DMZ), is referred to as a screened subnet. This setup is designed to enhance security by creating a buffer area between the internal network and the external network (the internet). The DMZ typically houses public-facing services such as web servers, email servers, or FTP servers, which need to be accessible from the outside while still being protected from potential threats.

By using a screened subnet approach, the architect ensures that external traffic must pass through the first firewall, which filters requests and limits access to the DMZ. Then, traffic is further filtered by a second firewall before it reaches the internal network. This multilayered defense provides additional security by segmenting public-facing services from the more sensitive internal network, effectively reducing the risk of attacks penetrating into the core infrastructure.

This design contrasts with other options. Staging environments are typically used for testing and development and do not pertain to the security architecture of a DMZ. ACLs, or access control lists, are a set of rules used to control network traffic but do not describe a specific architectural configuration like a DMZ. Peer-to-peer refers to a decentralized communications model where each party in the

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy