Building a Web Server for Online Banking Application
Question
An administrator is building a web server to host an online banking application.
The server should not have access to the internal network, and only ports that are used by the application should be opened.
Which of the following MUST be implemented to meet the business requirements?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The correct answer is D. Use the company firewall to block all ports that are not used by the application.
Explanation: To meet the business requirements of preventing access to the internal network and limiting the open ports to only those required by the application, a firewall should be used to restrict access.
Option A, which suggests adding the server to the internal network and using IPSec to encrypt communication between the web server and other devices, does not prevent access to the internal network and only encrypts communication, but does not restrict it.
Option B suggests using an ISA server to block access to the internal network, which may be effective, but the more straightforward approach would be to use a firewall to restrict access to only the necessary ports.
Option C suggests using VPN to block all ports that are not used by the application, which is not entirely accurate since VPN is not used to block ports, but rather to create secure communication channels. Besides, using a VPN would not address the requirement of preventing access to the internal network.
Therefore, option D, using the company firewall to block all ports that are not used by the application, is the most appropriate solution to meet the business requirements stated in the question. By doing so, access to the internal network is prevented, and only the necessary ports are open, which enhances security and reduces the attack surface.
