In multi-tier applications and multi-tier firewall designs, which additional security control can be
used to force an attacker to compromise the exposed server before the attacker attempts to
penetrate the more protected domains?
A.
Implement host IPS on the exposed servers in the DMZs.
B.
Make exposed servers in the DMZs dual homed.
C.
At each tier, implement a transparent proxy component within the firewall system.
D.
Implement in-band network admission control at the first tier.