Comptia Security Plus Mock Test Q61

When designing a new network infrastructure, a security administrator requests that the intranet web server be placed in an isolated area of the network for security purposes. Which of the following design elements would be implemented to comply with the security administrator’s request?

A. DMZ
B. Cloud services
C. Virtualization
D. Sandboxing

Correct Answer: A
Section: Network Security

Explanation:
A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access. The DMZ is a buffer network between the public untrusted Internet and the private trusted LAN. Often a DMZ is deployed through the use of a multihomed firewall.

Incorrect Answers:
B: A private cloud is a cloud service within a corporate network and isolated from the Internet. The private cloud is for internal use only.

C: Virtualization offers several benefits, such as being able to launch individual instances of servers or services as needed, real-time scalability, and the ability to run the exact OS
version required for a certain application.

D: Sandboxing is a means of quarantine or isolation. It’s implemented to restrict new or otherwise suspicious software from being able to cause harm to production systems. It can be
used against applications or entire OSs.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 37, 38, 39, 250