Implementation should include the following:
- Zones/topologies
- Demilitarized zone (DMZ)
- Extranet
- Intranet
- Wireless
- Guest
- Honeynets
- Network Address Translation (NAT)
- Ad hoc
- Segregation/segmentation/isolation
- Physical
- Logical (e.g., Virtual Local Area Network [VLAN])
- Virtualization
- Air gaps
- Tunneling/VPN
- Site-to-site
- Remote access
- Security device/technology placement
- Sensors
- Collectors
- Correlation engines
- Filters
- Proxies
- Firewalls
- VPN concentrators
- SSL accelerators
- Load balancers
- DDoS mitigator
- Aggregation switches
- Taps and port mirror
- Software Defined Network (SDN)
Process/Skill Questions:
- What is the purpose of an SDN?
- What are the differences between a virtual switch and a physical switch?
- What are the components of a secure network?