Certified Ethical Hacker (CEH v10) — Question 175

What is the purpose of a demilitarized zone on a network?

Answer options

• A. To scan all traffic coming through the DMZ to the internal network
• B. To only provide direct access to the nodes within the DMZ and protect the network behind it
• C. To provide a place to put the honeypot
• D. To contain the network devices you wish to protect

Correct answer: B

Explanation

The correct answer, B, highlights that the primary role of a DMZ is to allow limited access to certain nodes while ensuring the internal network remains secure. Option A is incorrect as it focuses on traffic scanning rather than access control. Option C is not the main purpose of a DMZ, and option D misrepresents the DMZ's function since it is not solely for protecting devices.