Week 3 Lab - Assessment Worksheet Design Your DMZ and LAN-to-WAN Security Solution

Overview This lab will demonstrate how to properly design a LAN-to-WAN DMZ given functional and technical business requirements. Students will transform the design requirements into a block diagram design of a DMZ with LAN-to-WAN security appliances.

Lab Assessment Questions & Answers 1. Describe how creating zones is helpful in the design of a DMZ and security solution for the LAN-to-WAN Domain. The purpose of a DMZ is to add an additional layer of security to an organization's local area network. an external attacker only has direct access to equipment in the DMZ, rather than any other part of the network 2. How many zones does your design incorporate? Do you think an additional zone may be needed if the e-commerce server was implemented? Explain why or why not. 2 zones, I would implement a zone due to the costly nature of the e-commerce server I would want the added sevurity. 3. While supporting IP-SEC VPNs provides a secure, remote-access solution for mobile employees, it does not scale and requires stringent security operations and management procedures. What alternatives would you recommend for a scalable remote-access VPN solution for your design?
SSL because almost all web browsers support ssl it provides extra security without any additional software needed 4. As per the functional and technical requirements, where must you terminate the VPN tunnels for remote-access users? Terminate the VPN in a DMS and locate the Web front end in the DMZ 5. Where would you put an e-mail filter and quarantine system in place to scan and monitor e-mails and e-mail attachments? Explain why. Antivirus software in place to scan in realtime , also enable scanning on the email provider options

6. Where would