Valid CMMC-CCA Dumps shared by EduDump.com for Helping Passing CMMC-CCA Exam! EduDump.com now offer the newest CMMC-CCA exam dumps, the EduDump.com CMMC-CCA exam questions have been updated and answers have been corrected get the newest EduDump.com CMMC-CCA dumps with Test Engine here:
An OSC seeking Level 2 certification wants to develop and launch a website for customers to purchase items online and submit contact forms. The OSC plans to host the web server in their own data center while also maintaining the security of their internal IT environment. Based on this information, what would be the BEST approach?
Correct Answer: B
Public-facing systems (such as web servers) must be separated from internal enterprise networks to limit exposure. CMMC (aligned with NIST SP 800-171 SC.L2-3.13.5 "Boundary Protection") specifies that placing public servers into a demilitarized zone (DMZ) provides a security buffer and prevents direct access from the internet into the internal LAN. Exact extracts: * "Publicly accessible systems should be placed on separate subnets or in DMZs." * "Boundary protection devices should separate public servers from the enterprise network." * "DMZs provide layered protection for internet-facing assets." Why the other options are incorrect: * A: Relocating the server physically does not provide network-layer security. * C: Firewall rules allowing only internal traffic would prevent public access, defeating the purpose of a public website. * D: Object reuse protections are unrelated to network boundary security. References: CMMC Assessment Guide - Level 2, SC.L2-3.13.5 "Boundary Protection." NIST SP 800-171 Rev. 2, 3.13.5.