homework 3

profilesarahmazin
lesson_4-2.pdf

LAb #6 – ASSESSMENT WORkSHEET

Design a De-Militarized Zone (DMZ) for a LAN-to-WAN Ingress/Egress

Course Name and Number:

Student Name:

Instructor Name:

Lab Due Date:

Overview In this lab, you designed a block diagram of a LAN-to-WAN DMZ for a fictitious e-commerce company, Online Goodies, given a list of functional and technical business requirements as well as a set of predefined components. You also provided a written functional overview and description of how your DMZ and LAN-to-WAN domain security solution meets the defined requirements.

Lab Assessment Questions & Answers

1. Describe how creating zones is helpful in the design of a DMZ and security solution for the LAN-to-WAN domain.

2. How many zones does your design incorporate? Do you think an additional zone may be needed if the e-commerce server were implemented? Explain why or why not.

80 Lab #6 | Design a De-Militarized Zone (DMZ) for a LAN-to-WAN Ingress/Egress

38504_LB06_Pass1.indd 80 26/02/13 6:21 PM

D esig

n a D e-M

ilitarized Zo

ne (D M

Z) fo

r a LA N

-to -W

A N

Ing ress/Eg

ress

3. While supporting IPSec VPNs provide a secure, remote access solution for mobile employees, they do not scale and require stringent security operations and management procedures. What alternatives would you recommend for a scalable remote access VPN solution for your design?

4. According to the functional and technical requirements, where must you terminate the VPN tunnels for remote access users?

5. Where would you put an e-mail filter and quarantine system to scan and monitor e-mails and e-mail attachments? Explain why.

6. Where would you put a content filter system to prevent employees from non-business use of the Internet connection? Explain why.

7. Explain how your IDS/IPS positioning and solution achieves the CIA goals of the internal network.

6

Assessment Worksheet 81

38504_LB06_Pass1.indd 81 26/02/13 6:21 PM

8. Explain how the risk of data leakage can be mitigated with a data leakage prevention system and security monitoring controls.

9. Your organization is under governance and compliance law requirements for protecting customer privacy data and implementing proper security controls to protect that data contained within the internal network. How many security controls does your DMZ and LAN-to-WAN domain design incor- porate? List them and describe how they help achieve CIA for your overall solution.

82 Lab #6 | Design a De-Militarized Zone (DMZ) for a LAN-to-WAN Ingress/Egress

38504_LB06_Pass1.indd 82 26/02/13 6:21 PM

  1. Course Name and Number:
  2. Student Name:
  3. Instructor Name:
  4. Lab Due Date:
  5. domain 1:
  6. domain 2:
  7. domain 3:
  8. domain 4:
  9. ecommerce server were implemented Explain why or why not 1:
  10. ecommerce server were implemented Explain why or why not 2:
  11. ecommerce server were implemented Explain why or why not 3:
  12. ecommerce server were implemented Explain why or why not 4:
  13. you recommend for a scalable remote access VPN solution for your design 1:
  14. you recommend for a scalable remote access VPN solution for your design 2:
  15. you recommend for a scalable remote access VPN solution for your design 3:
  16. you recommend for a scalable remote access VPN solution for your design 4:
  17. remote access users 1:
  18. remote access users 2:
  19. remote access users 3:
  20. remote access users 4:
  21. attachments Explain why 1:
  22. attachments Explain why 2:
  23. attachments Explain why 3:
  24. attachments Explain why 4:
  25. attachments Explain why 5:
  26. connection Explain why 1:
  27. connection Explain why 2:
  28. connection Explain why 3:
  29. connection Explain why 4:
  30. 7 Explain how your IDSIPS positioning and solution achieves the CIA goals of the internal network 1:
  31. 7 Explain how your IDSIPS positioning and solution achieves the CIA goals of the internal network 2:
  32. 7 Explain how your IDSIPS positioning and solution achieves the CIA goals of the internal network 3:
  33. 7 Explain how your IDSIPS positioning and solution achieves the CIA goals of the internal network 4:
  34. 7 Explain how your IDSIPS positioning and solution achieves the CIA goals of the internal network 5:
  35. 7 Explain how your IDSIPS positioning and solution achieves the CIA goals of the internal network 6:
  36. monitoring controls 1:
  37. monitoring controls 2:
  38. monitoring controls 3:
  39. monitoring controls 4:
  40. monitoring controls 5:
  41. porate List them and describe how they help achieve CIA for your overall solution 1:
  42. porate List them and describe how they help achieve CIA for your overall solution 2:
  43. porate List them and describe how they help achieve CIA for your overall solution 3:
  44. porate List them and describe how they help achieve CIA for your overall solution 4:
  45. porate List them and describe how they help achieve CIA for your overall solution 5:
  46. porate List them and describe how they help achieve CIA for your overall solution 6:
  47. porate List them and describe how they help achieve CIA for your overall solution 7:
  48. porate List them and describe how they help achieve CIA for your overall solution 8:
  49. porate List them and describe how they help achieve CIA for your overall solution 9: