A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Ba
sed on this information, what should be one of your key recommendations to the bank?
A. Place a front-end web server in a demilitarized zone that only handles external web traffic
B. Require all employees to change their passwords immediately
C. Move the
financial data to another server on the same IP subnet
D. Issue new certificates to the web servers from the root certificate authority
A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical
subnetwork that contains and exposes an organizations external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organizations local area network (LAN); an extern
al network node only has direct access to equipment in the DMZ, rather than any other part of the network.
References: