A security administrator is segregating all web-facing server traffic from the internal network and restricting it to
a single interface on a firewall. Which of the following BEST describes this new network?

A.
VLAN

B.
Subnet

C.
VPN

D.
DMZ

Explanation:
A DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork
that contains and exposes an organization’s external-facing services to a larger and untrusted network, usually
the Internet. The purpose of a DMZ is to add an additional layer of security to an organization’s local area
network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other
part of the network. The name is derived from the term “demilitarized zone”, an area between nation states in
which military operation is not permitted.