Which device gives endpoints without public IP addresses access to the Internet without exposing those resources to incoming Internet connections?

• A. NAT Gateways
• B. Internet Gateways
• C. Proxy Server
• D. WAF

Answer: (A)

End-to-end access is provided by translating private addresses to a public one, so devices without public IPs can reach the Internet without exposing their internal hosts to unsolicited inbound connections. A NAT gateway sits as the exit point for private subnets and uses network address translation (often PAT) to map many private IPs and ports to a single or few public IPs. Because the NAT device only allows return traffic that corresponds to an outbound request, internal endpoints remain hidden from direct Internet-originated connections. This combination lets private endpoints access online resources while their direct addresses aren’t reachable from outside.

The Internet Gateway simply connects a network to the Internet but does not perform address translation or hide internal hosts. A proxy server can provide outward access through a single point and can hide internal identities, but NAT is the standard mechanism that enables private IPs to access the Internet without exposing those resources to inbound connections. A WAF protects web applications and does not provide general Internet access or address translation.