Skip to content

Dated: 11-11-2024

Ch02. what Are the Major Components of the Enterprise it Network

  • Edge router
    • WAN interfaces
    • Edge filtering (access lists)
    • DDOS protection
  • NGN FW
    • Capable of APT attack prevention, malware filtering, web security, email security, application bandwidth filtering
  • DMZ
    • Security zone with placement of published web server, web & email security GWs, app security GW
  • IPS
    • Intrusion prevention (signature based)
    • May be feature in NGN-FW
  • Distribution switch
    • Connectivity to access switches, external exit point (WAN), and DC switch
  • Data center switch & FW
    • Data center filtering (malware & access-lists)
  • Access switch
    • User connectivity
    • Switchport security & access switch security
  • NAC
    • Network admission control (IEEE802.1X)
  • SIEM
    • Logging & dashboard for events, root cause analysis, event correlation
  • Vulnerability Manager
    • Vulnerability scanning and asset tracking
  • System AV
    • Signature based malware prevention
  • Server HIPS
    • IPS features for servers, also file integrity checking
  • UTM
    • Multi-featured NGN FW device
  • Mobile device - MDM
    • Security features for mobile devices
Post Assessments
DMZ stands for
  • Demilitarized zone
  • Distributed zone
  • Derived zone
  • Dominant zone
IPS stands for
  • Internal Protection System
  • Intrusion Protection System
  • Intrusion Prevention System
  • Intrusion Passive System
Considering the major components of the Enterprise IT network, NGN FW stands for
  • Next Generation Firewall
  • Next Global Firewall
  • Node Generation Firewall
  • Net Generation Firewall