Final answer:
A Demilitarized zone, or DMZ, is used at the edge of a network to host publicly accessible services, adding an additional layer of security by separating them from the internal network.
Step-by-step explanation:
Demilitarized zones (DMZs) are typically used at the edge of a network for publicly accessible services. A DMZ is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the internet. The primary purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has direct access to equipment in the DMZ, rather than any other part of the network. This way, services such as web servers, email servers, and FTP servers can be isolated and protected, while still being accessible from the internet. Implementing a DMZ is a good practice within network security to ensure that publicly accessible services are segmented away from the core internal network where sensitive data is stored.