The best configuration to fulfil this requirement is B. ACL (Access Control List). An Access Control List can be used to restrict access to external service providers based on their IP addresses, enabling a secure method of publishing the internal website to the internet.

I miss stoneface

The BEST configuration to fulfill the requirement of publishing an internal website to the internet, reachable by a limited number of specific, external service providers in a secure manner, would be: C. WAF (Web Application Firewall). A WAF is specifically designed to protect web applications from a variety of attacks, including SQL injection, cross-site scripting (XSS), and other common web-based threats. By deploying a WAF in front of the internal website, the marketing department can enforce access controls, inspect and filter incoming web traffic, and apply security policies to ensure that only authorized external service providers can access the website. While ACLs (Access Control Lists) could be used to restrict access to specific IP addresses or ranges, they typically operate at a lower level of the network stack and may not provide the same level of application-layer protection as a WAF.

WAF (Web Application Firewall)

I had to go with WAF on this one. WAF is a firewall, and has ACL built into it. The only problem I have with this question is it asks for "configurations", not device, so maybe I'm wrong here. ACL is a configuration, WAF is a device. UGH!!!

The question asks for the “BEST” configuration not best technology. Whilst ACL is a capability of a WAF it is also the best configuration.

I initially accepted that this was ACL, but after going through all 800+ questions, studying comptia content, and coming back to this one, it's definitely WAF.

A VPN (virtual private network) is a secure tunnel used to encrypt traffic and prevent unauthorized access to the internal network. It is a secure way to extend a private network across public networks, such as the Internet, and can be used to allow remote users to securely access resources on the internal network. Additionally, a VPN can be used to prevent malicious traffic from entering the internal network.

WAF is the correct answer

ACL is the most logical answer here's why. NAC will be good if the vendors are physically connecting to the network. WAF only protects against web application attacks.

WAF will inspect traffic. ACL and NAT will allow the traffic. WAF is the higher security protocol as it looks at layer 7.

Considering practicality and efficiency, it's WAF. ACL using IP doesn't make sense if they use DHCP. Don't use NAC (+ VPN) coz it's not mentioning VPN.

"reachable by a limited number of specific". normally WAF but in this case protection by allowing some IP only thus ACL ..

C. WAF A WAF can be deployed in front of an internal website to filter and block malicious requests from the internet, while allowing authorized access from specific external service providers. A WAF can also provide encryption, authentication, and logging features to enhance the security of the web application.

ACL can be configured to allow only relevant IPs.

A Web Application Firewall (WAF) is specifically designed to protect web applications from various security threats, including common web vulnerabilities and attacks. In the context of publishing an internal website to the internet, a WAF can provide an additional layer of security by inspecting and filtering HTTP traffic between a user's browser and the web application.

talking about security? WAF is the answer.