Which two secure deployment models can provide external user access to some apps?

The choice that involves creating a VPN to enable external access and deploying Qlik Sense in a DMZ is a secure and effective way of providing external user access to applications.

Implementing a VPN (Virtual Private Network) allows for secure communication over the internet, ensuring that data is transmitted in an encrypted format, thus protecting it from potential external threats. By deploying Qlik Sense in a DMZ (Demilitarized Zone), an organization can segregate its internal network from the external network, allowing for controlled access to specific applications. This setup enhances security by limiting potential attack surfaces and enabling secure external access for users who require it.

In contrast, utilizing a public server with disabled firewall restrictions or allowing guest access via remote desktop poses significant security risks, as it opens up the system to potential threats and unauthorized access. Similarly, using local connections and creating a separate domain does not inherently provide secure external access to Qlik Sense apps, as it lacks the necessary infrastructure to safeguard data when accessed from outside the organization's network.