Network Segmentation 3.2 Flashcards

1
Q

Segmenting a Network

A

Physical, logical, or virtual segmentation via devices, VLAN’s and virtual networks. We commonly do this for things like high-bandwidth applications, security, or compliance reasons.

Security: Users should only talk to applications such as SQL and SSH, not the actual database server.

Compliance: PCI compliance requires segmentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Physical Segmentation

A

Devices that are physically separate. Sometimes intentional to separate servers or connection routes, and if you need to connect them, they will need an additional connection between them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Logical Segmentations with VLAN’s

A

Virtual Local Area Network used instead of physical segmentation. You can only connect these networks together with a router. They are on the same switch but they cant talk to each other otherwise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Virtualization

A

You could virtualize everything if you needed to, literally every device. Servers, switches, routers, firewalls, load balancers. This gives you complete control. You could build a network with literally pushing buttons in a virtual environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Air Gaps

A

The ultimate in physical segmentation. The devices are literally physically separated from each other. There is literally no way for one device to connect to the other. This is used on highly secured networks or very important applications such as SCADA or manufacturing networks. Vulnerable to USB drives!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly