According to the CISSP CBK Official Study Guide1, the main purpose of the demilitarized zone (DMZ) is to reduce the risk to internal systems. A DMZ is a network segment that is located between the external network (such as the Internet) and the internal network (such as the intranet) of an organization, and that contains servers or systems that are exposed or accessible to the external network, such as web servers, email servers, or DNS servers. A DMZ is used to isolate and protect the internal network from the external network, as it acts as a buffer or a barrier that prevents or limits the direct communication or connection between the external and the internal networks. A DMZ also helps to filter and monitor the traffic or the data that passes through the DMZ, as it is usually controlled and secured by firewalls, routers, or other security devices or mechanisms. By placing the servers or systems that are facing the Internet in the DMZ, the organization can reduce the risk to the internal systems, as it can prevent or mitigate the potential attacks or threats that may originate from the external network, such as the denial-of-service, the malware, or the hacking attacks. Prepare the server for potential attacks is not the main purpose of the DMZ, although it may be a benefit or a consequence of the DMZ. Preparing the server for potential attacks is the process of hardening or strengthening the server or the system that is facing the Internet, by applying the appropriate security measures or controls, such as the encryption, the authentication, or the patching of the server or the system. Preparing the server for potential attacks helps to increase the resilience or the resistance of the server or the system against the attacks or threats that may come from the external network, such as the denial-of-service, the malware, or the hacking attacks.
Preparing the server for potential attacks may be a benefit or a consequence of the DMZ, as the DMZ may provide an additional layer of security or protection for the server or the system, as well as an opportunity or a platform for testing or evaluating the security or the performance of the server or the system. However, preparing the server for potential attacks is not the main purpose of the DMZ, as it is not the primary reason or the objective for creating or implementing the DMZ. Mitigate the risk associated with the exposed server is not the main purpose of the DMZ, although it may be a benefit or a consequence of the DMZ. Mitigating the risk associated with the exposed server is the process of reducing or minimizing the impact or the consequence of the attacks or threats that may target or affect the server or the system that is facing the Internet, by applying the appropriate security measures or controls, such as the backup, the recovery, or the contingency of the server or the system. Mitigating the risk associated with the exposed server helps to ensure the availability or the continuity of the server or the system, as well as the services or the functions that are provided or supported by the server or the system, in the event of the attacks or threats that may come from the external network, such as the denial-of-service, the malware, or the hacking attacks. Mitigating the risk associated with the exposed server may be a benefit or a consequence of the DMZ, as the DMZ may provide an additional layer of security or protection for the server or the system, as well as an opportunity or a platform for restoring or recovering the server or the system. However, mitigating the risk associated with the exposed server is not the main purpose of the DMZ, as it is not the primary reason or the objective for creating or implementing the DMZ. Bypass the need for a firewall is not the main purpose of the DMZ, in fact, it is the opposite or the contrary of the main purpose of the DMZ. Bypassing the need for a firewall is the process of avoiding or eliminating the use or the implementation of a firewall, which is a security device or mechanism that controls and secures the traffic or the data that passes through the network, by applying the rules or the policies that grant or deny the access or the communication between the networks, such as the external and the internal networks. Bypassing the need for a firewall may expose or compromise the security or the integrity of the network, as well as the servers or the systems that are connected or accessible to the network, as it may allow or enable the unauthorized or unintended traffic or data to enter or exit the network, which may lead to the attacks or threats that may come from the external network, such as the denial-of-service, the malware, or the hacking attacks. Bypassing the need for a firewall is not the main purpose of the DMZ, in fact, it is the opposite or the contrary of the main purpose of the DMZ, as the DMZ is usually controlled and secured by firewalls, routers, or other security devices or mechanisms, which are essential or integral components or elements of the DMZ. The DMZ does not bypass the need for a firewall, rather, it relies on or utilizes the firewall to achieve its main purpose, which is to reduce the risk to the internal systems.

Interpreters translate one command at a time during execution, as opposed to
compilers and assemblers where source code for the whole application is transformed to
executable code before being executed. A translator is a generic term for the others.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002,
chapter 11: Application and System Development (page 751).

Explanation/Reference:
Explanation:
Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TCSEC was used to evaluate, classify and select computer systems being considered for the processing, storage and retrieval of sensitive or classified information.
The TCSEC, frequently referred to as the Orange Book, is the centerpiece of the DoD Rainbow Series publications. Initially issued in 1983 by the National Computer Security Center (NCSC), an arm of the National Security Agency, and then updated in 1985. TCSEC was replaced by the Common Criteria international standard originally published in 2005.
Incorrect Answers:
B: The Information Technology Security Evaluation Criteria (ITSEC) was the first attempt at establishing a single standard for evaluating security attributes of computer systems and products by many European countries. This is not what is described in the question.
C: The DoD Information Assurance Certification and Accreditation Process (DIACAP) is a United States Department of Defense (DoD) process that means to ensure that companies and organizations apply risk management to information systems (IS). This is not what is described in the question.
D: The National Information Assurance Certification and Accreditation Process (NIACAP) is the minimum- standard process for the certification and accreditation of computer and telecommunications systems that handle U.S. This is not what is described in the question.
References:
https://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 399

Reference: FORD, Warwick & BAUM, Michael S., Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption (2nd Edition), 2000, Prentice Hall
PTR, Page 589; Directive 1999/93/EC of 13 December 1999 on a Community framework for electronic signatures.