3.3 Implement secure network design

Question 1

Its purpose is to obtain more optimal infrastructure utilization, minimize response time, maximize throughput, reduce overloading, and eliminate bottlenecks. It is used to spread or distribute network traffic load across several network links or network devices.

Answer 1

Load Balancers

Question 2

A form of load balancing that uses all available pathways or systems during normal operations.

Answer 2

Active/active (Load balancing)

Question 3

A form of load balancing that keeps some pathways or system in an unused dormant state during normal operations.

Answer 3

Active/passive (Load balancing)

Question 4

Involves controlling traffic among networked devices. This can be imposed with switches using VLANs, using RFC 1918 private IP addresses, TTL/hop limit manipulation, or through other traffic-control means, including MAC addresses, IP addresses, physical port, TCP or UDP ports, protocols, or application filtering, routing, and access control management.

Answer 4

Network segmentation

Question 5

A switch-imposed network segmentation.

Answer 5

Virtual Local Network (VLAN)

Question 6

A special-purpose subnet that is designed specifically for low-trust users to access specific systems, such as the public accessing a web server.

Answer 6

Screened subnet (Net Seg)

Question 7

A privately controlled network segment or subnet that functions as a screened subnet for business-to-business transactions.

Answer 7

Extranet (Net Seg)

Question 8

A private network or a private LAN

Answer 8

Intranet (Net Seg)

Question 9

A communication channel between two entities across an intermediary network. They provide several critical security functions, namely, access control, authentication, confidentiality, and integrity.

Answer 9

Virtual Private Network (VPN)