CompTIA CySA+ (CS0-002) — Question 4

A cybersecurity analyst needs to rearchitect the network using a firewall and a VPN server to achieve the highest level of security. To BEST complete this task, the analyst should place the:

Answer options

• A. firewall behind the VPN server.
• B. VPN server parallel to the firewall
• C. VPN server behind the firewall.
• D. VPN on the firewall.

Correct answer: C

Explanation

The correct answer is C because placing the VPN server behind the firewall allows the firewall to filter traffic before it reaches the VPN, enhancing security. Option A is incorrect as it exposes the firewall to unfiltered traffic. Option B does not provide the optimal layering of security. Option D is also incorrect because integrating the VPN into the firewall may not provide the same level of separation and security as having them as distinct entities.