Which additional security control can be used in multi-tier applications and multi-tier firewall
designs to force an attacker to compromise the exposed server before the attacker can attempt to
penetrate the more protected domains?
A.
Use a different firewall platform at each tier.
B.
Make exposed servers in the DMZs dual homed.
C.
At each tier, implement a transparent proxy component within the firewall system.
D.
Implement host IPS on the exposed servers in the DMZs.
E.
Implement in-band network admission control at the first tier.
F.
Use zone-based firewalling and assign each exposed server in the DMZs to a unique security
zone.