A penetration test was done at a company. After the test, a report was written and given to the company’s IT
authorities. A section from the report is shown below:
Access List should be written between VLANs.
Port security should be enabled for the intranet.
A security solution which filters data packets should be set between intranet (LAN) and DMZ.
A WAF should be used in front of the web applications.
According to the section from the report, which of the following choice is true?
A.
MAC Spoof attacks cannot be performed.
B.
Possibility of SQL Injection attack is eliminated.
C.
A stateful firewall can be used between intranet (LAN) and DMZ.
D.
There is access control policy between VLANs.