Disable ads (and more) with a premium pass for a one time $4.99 payment
A Demilitarized Zone (DMZ) is primarily used to separate an organization's internal network from external networks, particularly the internet. It is designed to host services that need to be accessible from the outside while keeping the internal network secure. Therefore, it primarily controls access to publicly available servers, such as web servers, mail servers, and other resources that require external access.
The purpose of a DMZ is to provide an additional layer of security. By placing servers that require external access in a DMZ, an organization can better protect its internal network from potential threats that may come from the internet. If an external attack were to compromise a server in the DMZ, the organization’s internal systems remain unaffected due to the added layer of separation.
While the other choices involve important security considerations, they do not specifically reflect the primary function of a DMZ. Access to sensitive materials pertains more to internal security measures, ingress and egress of data can be considered in broader network security strategies, and user activity logging typically focuses on monitoring actions within a network rather than controlling external access.