48. A security architect is reviewing the following proposed corporate firewall architecture and configuration: DMZ architecture Internet---------70.54.30.1-[Firewall_A] ----192.168.1.0/24---- [Firewall_B] ----10.0.0.0/16----corporate net Firewall A ACL 10 PERMIT FROM 0.0.0.0/0 TO 192.168.1.0/24 TCP 80, 443 20 DENY FROM 0.0.0.0/0 TO 0.0.0.0/0 TCP/UDP 0-65535 Firewall B ACL 10 PERMIT FROM 10.0.0.0/16 TO 192.168.1.0/24 TCP 80, 443 20 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP/UDP 0-65535 30 PERMIT FROM 192.168.1.0/24 TO $DB_SERVERS TCP/UDP 3306 40 DENY FROM 192.168.1.0/24 TO 10.0.0.0/16 TCP/UDP 0-65535 Both firewalls are stateful and provide Layer 7 filtering and routing. The company has the following requirements: - Web servers must receive all updates via HTTP/S from the corporate network. - Web servers should not initiate communication with the Internet - Web servers should only connect to preapproved corporate database servers. - Employees' computing devices should only connect to web services over ports 80 and 443. Which of the following should the architect recommend to ensure all requirements are met in the MOST secure manner? (Choose two.) A. Add the following to Firewall A 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP 80, 443 B. Add the following to Firewall A 15 PERMIT FROM 192.168.1.0/24 TO 0.0.0.0 TCP 80, 443 c. Add the following to Firewall A 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP/UDP 0-65535 D. Add the following to Firewall B: 15 PERMIT FROM 0.0.0.0/0 TO 10.0.0.0/16 TCP/UDP 0-65535 E. Add the following to Firewall B: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0 TCP/UDP 0-65535 F. Add the following to Firewall B: 15 PERMIT FROM 192.168.1.0/24 TO 10.0.2.10/32 TCP 80, 443