CAS-004 Security Architecture • Timed 10 Questions
This is a timed practice session. You have 10 minutes to answer 10 questions — approximately 1 minute per question, matching real CAS-004 exam pace. Answer every question before time expires.
Time remaining
10:00
Exam-pace drill
Allow 1 minute per question. On the real CAS-004 exam you have approximately 72 seconds per question — this session trains you to maintain that pace under pressure.
A security architect is designing a new DMZ for an e-commerce platform. The DMZ must host a web server, an API gateway, and a database server. The architect needs to minimize the attack surface while ensuring the web server can communicate with the API gateway, and the API gateway can communicate with the database. Which network segmentation approach best meets these requirements?