Which of the following technical controls places servers accessible to the public in a special network?

The correct choice is the De-Militarized Zone (DMZ), which is a specific security architecture that provides an additional layer of protection for servers that are accessible to the public. By placing these servers in a DMZ, an organization can isolate them from the internal network, thereby reducing the risk of direct attacks that could compromise internal resources.

The DMZ serves as a buffer zone between the public internet and the internal network, allowing external users to access certain services (such as web servers and email servers) while keeping the internal network secure. Any traffic that goes to or from the public servers must pass through this segregated layer, making it easier to monitor and control.

The other options represent different types of security controls but do not specifically serve the function of placing servers in a special network akin to a DMZ:

• An Intrusion Detection System focuses on monitoring network traffic for suspicious activity and does not offer a segregation layer for servers.

• A Virtual Private Network (VPN) is used to create secure connections over the internet without placing servers in a special public-access network environment.

• Proxy servers act as intermediaries for requests from clients seeking resources from other servers but do not create a separate network zone for public-access servers.

Therefore,