CompTIA CASP+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Enhance your CompTIA CASP+ exam readiness with our comprehensive quizzes. Sharpen your skills with detailed flashcards and multiple choice questions, each with hints and in-depth explanations. Prepare effectively for this challenging exam!

Practice this question and more.

Which firewall setup provides the MOST protection for a bank's online banking system?

Single interface firewall
Dual interface firewall
Tri-interface firewall with DMZ
Filterless firewall

The correct answer is: Tri-interface firewall with DMZ

The tri-interface firewall with a DMZ (Demilitarized Zone) offers the most robust protection for a bank's online banking system due to its architecture, which segregates traffic and enhances security. In this setup, the tri-interface firewall typically includes one interface connected to the internal network, another to the external network (the internet), and a third interface managing a DMZ. The DMZ serves as a buffer zone between the internal network and external network, allowing public-facing services, such as online banking applications or web servers, to operate while protecting the internal network from direct exposure to the internet. This design allows for enhanced security because it minimizes the risk of attacks originating from the internet reaching the internal network. Traffic can be strictly monitored as it passes between the external interface and the DMZ, and additional layers of security measures, such as intrusion detection and prevention systems, can be applied specifically to the DMZ. Moreover, if a web server in the DMZ is compromised, the attacker is still separated from accessing the internal network, thereby protecting sensitive data and resources. The other options, such as a single or dual interface firewall, do not provide the same level of segmentation and protection as a tri-interface setup with a DMZ. A filterless