Security Architecture: Network Infrastructure concepts Flashcards

1
Q

Why do we have to consider beign in ful control of network?

A

On-Prem: Being in full control. (Centralized)

Why do you want full control?

For less you can be put on your own device but don’t know serial numbers.

Do we go centralize or decentralize

In wireless environments: You can choose all the wireless LAN controllers and security appliances in a centralize data center. Or you can choose to disperse them and spread them out.

Need to consider optimization, ease of management

Most now move to cloud for decentralized

Isolation: physical Segmentation and Logical Segmentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Air-Gapped?

A

Some networks carry such sensitive information that they’re air-gapped, which means they’re physically disconnected from public internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is logical Segmentations?

A

Logical segmentation is a much more common approach and uses software constructs to create a virtual network inside a physical network. Technologies such as virtual local area networks (VLANS) and Virtual eXtensible LANs (VXLANs) are common methods of logical segmentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is VXLANS?

A

In summary, VLANs are useful for segmenting smaller networks within a single location, while VXLANs provide a scalable solution for large, distributed, and multi-tenant environments by extending Layer 2 networks over a Layer 3 infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is SDN?

A

SDN software defined network is a revolutionary approach to network management and control that simplifies and centralizes management of network resources. It separates the control and data planes, enabling administrators to programmatically control network behavior through a centralized software controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the main keypoints about network infrastructure?

A

It’s important to note that network infrastructures aren’t always on premises. They can be virtual and exist in public or private clouds.

Additionally, network-infrastructure design can be centralized or decentralized. A centralized infrastructure features the required network elements located in a central location versus being dispersed throughout the geography of the IT department. It’s often easier to secure since resources are more concentrated in a single location and easier to protect with network appliances and technologies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly