The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements?
A . A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator.
B . A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud.
C . A SaaS based firewall which logs to the company’s local storage via SSL, and is managed by the change control team.
D . A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware.
Answer: A
Leave a Reply