No, I am sorry but that is just plain incorrect.

Data going from the internet to the server touches _all three_ firewalls! therefore it is no different as the attacker can pick now from 4 systems (the three firewalls and the server) to attack, and _any_ of those will have very bad consequences. Unlike a system with only a single firewall. When you add more in this manner you are adding surface area for the attacker to target.

IF... if you were using three different firewalls, and each one was told to block everything, then you would have a different situation, but you are forgetting the fact that they must pass data for the server to work.

Do you understand?

catch