(ISC)2 Certified in Cybersecurity Practice Exam

Which of the following would be best placed in the DMZ of an IT environment?

• A. User's workplace laptop
• B. Mail server
• C. Database engine
• D. SIEM log storage

The correct answer is: Mail server

A mail server is best placed in the DMZ of an IT environment because it serves as a point of contact for external communications, such as sending and receiving emails from the internet. The DMZ, or demilitarized zone, is specifically designed to host services that need to be accessible from outside the organization's internal network while providing a layer of security. By placing the mail server in the DMZ, the organization can mitigate risks associated with direct exposure to the internal network. Any potential threats incoming from untrusted sources can be contained within the DMZ, which is typically more secure than a fully exposed external environment but less secure than the internal network. Moreover, this setup helps protect sensitive internal resources because if the mail server is compromised, the internal network remains better insulated from threats. In contrast, other options like a user's workplace laptop or a database engine would not be suitable for the DMZ since they typically contain sensitive information that should be protected from external access. A user's laptop is not designed to be a public-facing device and would pose significant security risks if exposed. Similarly, a database engine would hold valuable and confidential information, and placing it in the DMZ could lead to unauthorized access, exposing the organization to data breaches. SIEM log storage