Final answer:
The statement that HTTP requests should be directed to an internal filtering firewall and that only the web server should be allowed by the firewall to access the internal server is true.
Step-by-step explanation:
To address the question regarding the configuration of an internal network to direct all HTTP requests to an internal filtering firewall and to configure the router/firewall to allow only the internal web server access: This statement is true. In order to secure a web server within an internal network, network administrators typically set up a perimeter defense using firewalls and routers with access control lists (ACLs). These security measures are designed to allow only specified traffic to enter or exit the network, as per the organization's security policies.
By directing all HTTP requests to an internal filtering firewall, the organization can scrutinize and analyze inbound and outbound traffic for potential threats. Configuring the internal filtering router/firewall to permit only the web server to access the internal network creates an additional layer of security, preventing unauthorized access while facilitating necessary communication protocols for the web server.
If followed accurately, these configurations provide a controlled environment, mitigating risks from external threats and ensuring that the web server's security posture aligns with the organization's overall security strategy.