Are DMZ’s (and servers held within) typically behind a perimeter firewall? If not where do they “sit” in terms of a corporate network? If they aren’t behind any type of firewall what kind of protection stops them being easy targets for Internet based attacks?
If they are behind a firewall what kind of rules allow outsiders to talk to these servers from the Internet?
And finally is it typical to just have 1 DMZ per company, or can they have more. If they have more than 1, why is that? Why do they need more than one DMZ?