Exam CISSP topic 1 question 477 discussion

Bastion host can be used to provide access to hosts from untrusted network to trusted network. A bastion host is a server whose purpose is to provide access to a private network from an external network, such as the Internet. Because of its exposure to potential attack, a bastion host must minimize the chances of penetration.

B. Bastion host

B. Bastion host A bastion host, also known as a jump host or a jump server, is a dedicated system that acts as an intermediary between the untrusted network and the trusted network. It's a highly secure and controlled point of entry that allows authorized users to access the trusted network from the untrusted network. The bastion host is typically hardened, monitored, and tightly controlled to minimize security risks while providing access to specific hosts or services in the trusted network.

Correct Answer: B. Bastion host Explanation: A Bastion host serves as a strongly secured gateway between an inside network (trusted) and an outside network (untrusted). It is hardened to resist attacks and is specially configured to allow only specific types of access from specific hosts. Given that the requirement is to provide access to the trusted network from a few of the hosts from the untrusted network, a Bastion host is the most suitable option. It can be configured to allow only those specific hosts to access the trusted network while maintaining a high level of security.