Systems Security Certified Practitioner – SSCP – Question1047

What can best be defined as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall?

A.
A bastion host
B. A screened subnet
C. A dual-homed host
D. A proxy server

Correct Answer: A

Explanation:

The Internet Security Glossary (RFC2828) defines a bastion host as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall. Source: SHIREY, Robert W., RFC2828: Internet Security Glossary, may 2000.