John is setting up a public web server. He has decided to place it in the DMZ. Which firewall should have the tightest restrictions?
A.
On the web server itself
B.
Inner end of the DMZ
C.
Outer end of the DMZ
D.
The restrictions should be consistent
Explanation:
The inner firewall is the one that protects the actual network from the outside world. Also it is usually necessary to allow far more users to connect to the web server than you allow into your actual network.Answer option C is incorrect. The outer end of the DMZ must have less restrictions in order to
allow a variety of outside users to connect to the web server.
Answer option A is incorrect. If you have a firewall on the web server itself, it should be consistent with the outer end of the DMZ.
Answer option D is incorrect. The inner end of the DMZ should be the most secure.