What is the primary purpose of a De-militarized Zone (DMZ) in a network?

The primary purpose of a De-militarized Zone (DMZ) in a network is to provide a screened subnet accessible from the internet. This area acts as a buffer between an organization's internal network and untrusted external networks, like the internet. The DMZ typically hosts services that need to be accessible by outside users, such as web servers, email servers, or FTP servers, while providing an additional layer of security.

By placing these accessible services in a DMZ, organizations can better protect their internal network from potential threats originating from internet traffic. The DMZ architecture allows for closer monitoring of traffic and helps in controlling access to internal resources. Traffic directed to the DMZ can be filtered and logged, reducing the risk of external attacks reaching the internal systems.

Creating a secure connection for all devices, allowing access only to trusted devices, and restricting all external traffic do not address the primary function of a DMZ, which is specifically designed to serve as a controlled and monitored access point for external users while protecting the internal network.