Come ho già detto nell'altra domanda, questo testo sembra essere una "back translation" da un'altra lingua in inglese perché le frasi non sono ben costruite e la terminologia non è appropriata.

Un approccio più sicuro consiste nell'utilizzare due firewall per creare una DMZ. La configurazione consiste nell’usare un primo firewall esterno come prima linea di difesa e deve essere configurato per consentire solo il traffico destinato alla DMZ[11].
https://it.wikipedia.org/wiki/Demilitarized_zone

Finally, assuming that a well-resourced threat actor is able to breach the external firewall and take over a system hosted in the DMZ, they must still break through the internal firewall before they can reach sensitive enterprise resources.
https://searchsecurity.techtarget.com/definition/DMZ

Network demilitarized zones (DMZs) are an effective second layer of perimeter defense, providing a separate, less trusted perimeter network between the supposedly trusted and untrusted networks for Internet facing application components such as externally facing Web, email and DNS servers. Traditionally IT configures firewall protection at both ends of the DMZ--between the external Internet and the DMZ, and the DMZ and the internal network--so that externally facing Web servers have restricted access to internal application and/or database servers and any users attempting to breach the internal network through externally facing applications must get through two levels of perimeter firewall protection.
https://kemptechnologies.com/uk/white-papers/securing-intern...