Q: 8
Whenasystem needs to be exposedtothepublic Internet, what typeofsecuresystem wouldbe
used to perform only the desired operations?
Options
Discussion
Option D makes sense, it's about a bastion host that's hardened to only do what it's supposed to when exposed on the internet. Firewall and proxy are more about traffic control, not hosting the service itself. I think this is right, unless I'm missing something?
Had something like this in a mock, D for bastion host.
Its D, seen similar on practice exams. Official guide and labs both mention bastion hosts for this use case.
D for bastion host fits best, since it's a hardened system that's exposed directly to the internet and only handles specific tasks. Proxies forward requests but don't actually run the service. Pretty sure it's D, unless I'm missing a nuance here-let me know if you see it different.
That would be D, bastion. It's all about a hardened host set up for just specific public services. Proxy (B) sounds secure too but it doesn't actually run the operation, just forwards requests. Think I've seen this phrasing in practice sets before, so I'm pretty confident.
D vs B-proxy feels close but it's a distractor here, D is correct for hardened public systems.
C or D. Proxy is tempting but that's a distractor since it's not really running the service itself. Pretty sure it's D.
I thought B fits since a proxy sits between users and the service, kind of acting as a secure layer for just the allowed operations. Saw something similar in exam reports. Not 100% though, maybe someone disagrees?
Maybe D, since a bastion host is purposely hardened for public access. Proxy is a common trap here but not really the same thing. If anyone thinks it's B let me know why.
A is wrong, D. Had something like this in a mock, pretty sure public-facing hardened system is called a bastion.
Be respectful. No spam.
