Answer:
Step-by-step explanation:
In this scenario, the best option is to first create a DMZ. This stands for Demiliatirized Zone and basically allows anything connected to it to access networks that have not been completely verified (which in this case would be the internet). Once the DMZ is created you are going to want to add the web server to the DMZ. This will allow the web server to access the internet and be publicly available to its users. At the same time you are going to want to add the company network behind the DMZ so that it is not allowed to publicly access the internet without the data going through the firewall first. Therefore, protecting the company network users.