homework 4

profilesarahmazin
lesson_5.pdf

Lab #8 – aSSESSmENT WORkSHEET

Design a Layered Security Strategy for an IP Network Infrastructure

Course Name and Number:

Student Name:

Instructor Name:

Lab Due Date:

Overview In this lab, you designed a layered security strategy, similar to the seven domains of a typical IT infra- structure, for the Cisco Mock IT infrastructure shown in Figure 8.2. You based your design on a set of functional and technical requirements. You also provided a written functional overview and description of how your security strategy meets the defined requirements.

Lab Assessment Questions & Answers

1. Explain why a layered security strategy helps mitigate risk and threats both external and internal.

2. Why is it a good idea to put shared servers and services on a DMZ when both internal and external users need access?

108 Lab #8 | Design a Layered Security Strategy for an IP Network Infrastructure

38504_LB08_Pass1.indd 108 27/02/13 2:46 AM

D esig

n a Layered Security Strateg

y fo

r an IP N etw

o rk Infrastructure

3. What recommendations do you have for the future e-commerce server and deployment in regard to physical location and backend security for privacy data and credit card data?

4. What recommendations do you have to secure the server farm from unauthorized access?

5. If the organization implemented wireless LAN (WLAN) technology, what would you recommend regarding the use of VPNs or encryption within the internal network when accessing the server farm?

6. What is the purpose of a proxy server on a DMZ?

7. What is the purpose of an IDS/IPS on a DMZ?

8

Assessment Worksheet 109

38504_LB08_Pass1.indd 109 27/02/13 2:46 AM

8. Where should the IDS/IPS be located on the DMZ and why?

9. What servers or services can you install on the public-facing side of your DMZ?

10. Do you need a firewall in a router enabled if you have an external IP stateful firewall?

110 Lab #8 | Design a Layered Security Strategy for an IP Network Infrastructure

38504_LB08_Pass1.indd 110 27/02/13 2:46 AM

  1. Course Name and Number:
  2. Student Name:
  3. Instructor Name:
  4. Lab Due Date:
  5. 1 Explain why a layered security strategy helps mitigate risk and threats both external and internal 1:
  6. 1 Explain why a layered security strategy helps mitigate risk and threats both external and internal 2:
  7. 1 Explain why a layered security strategy helps mitigate risk and threats both external and internal 3:
  8. 1 Explain why a layered security strategy helps mitigate risk and threats both external and internal 4:
  9. need access 1:
  10. need access 2:
  11. need access 3:
  12. need access 4:
  13. physical location and backend security for privacy data and credit card data 1:
  14. physical location and backend security for privacy data and credit card data 2:
  15. physical location and backend security for privacy data and credit card data 3:
  16. physical location and backend security for privacy data and credit card data 4:
  17. physical location and backend security for privacy data and credit card data 5:
  18. physical location and backend security for privacy data and credit card data 6:
  19. physical location and backend security for privacy data and credit card data 7:
  20. 4 What recommendations do you have to secure the server farm from unauthorized access 1:
  21. 4 What recommendations do you have to secure the server farm from unauthorized access 2:
  22. 4 What recommendations do you have to secure the server farm from unauthorized access 3:
  23. 4 What recommendations do you have to secure the server farm from unauthorized access 4:
  24. regarding the use of VPNs or encryption within the internal network when accessing the server farm 1:
  25. regarding the use of VPNs or encryption within the internal network when accessing the server farm 2:
  26. regarding the use of VPNs or encryption within the internal network when accessing the server farm 3:
  27. regarding the use of VPNs or encryption within the internal network when accessing the server farm 4:
  28. 6 What is the purpose of a proxy server on a DMZ 1:
  29. 6 What is the purpose of a proxy server on a DMZ 2:
  30. 6 What is the purpose of a proxy server on a DMZ 3:
  31. 6 What is the purpose of a proxy server on a DMZ 4:
  32. 7 What is the purpose of an IDSIPS on a DMZ 1:
  33. 7 What is the purpose of an IDSIPS on a DMZ 2:
  34. 7 What is the purpose of an IDSIPS on a DMZ 3:
  35. 7 What is the purpose of an IDSIPS on a DMZ 4:
  36. 8 Where should the IDSIPS be located on the DMZ and why 1:
  37. 8 Where should the IDSIPS be located on the DMZ and why 2:
  38. 8 Where should the IDSIPS be located on the DMZ and why 3:
  39. 8 Where should the IDSIPS be located on the DMZ and why 4:
  40. 9 What servers or services can you install on the publicfacing side of your DMZ 1:
  41. 9 What servers or services can you install on the publicfacing side of your DMZ 2:
  42. 9 What servers or services can you install on the publicfacing side of your DMZ 3:
  43. 9 What servers or services can you install on the publicfacing side of your DMZ 4:
  44. 10 Do you need a firewall in a router enabled if you have an external IP stateful firewall 1:
  45. 10 Do you need a firewall in a router enabled if you have an external IP stateful firewall 2:
  46. 10 Do you need a firewall in a router enabled if you have an external IP stateful firewall 3:
  47. 10 Do you need a firewall in a router enabled if you have an external IP stateful firewall 4: