A corporation relies on a server running a trusted operating system to broker data transactions between different security zones on their network. Each zone is a separate domain and the only connection between the networks is via the trusted server.
The three zones at the corporation are as followed.
– Zone A connects to a network, which is also connected to the Internet through a router.
– Zone B to a closed research and development network.
– Zone C to an intermediary switch supporting a SAN, dedicated to long-term audit log and file storage, so the corporation meets compliance requirements.
A firewall is deployed on the inside edge of the Internet connected router.
Which of the following is the BEST location to place other security equipment?
A . HIPS on all hosts in Zone A and B, and an antivirus and patch server in Zone
C . A WAF on the switch in Zone C, an additional firewall in Zone A, and an antivirus server in Zone
E . A NIPS on the switch in Zone C, an antivirus server in Zone A, and a patch server in Zone
G . A NIDS on the switch in Zone C, a WAF in Zone A, and a firewall in Zone
Answer: C