The following questions are designed to test your knowledge of secure network design and sometimes build on knowledge found elsewhere in the book. The following questions have no one answer and are meant to foster thought into your own security system requirements. There are no answers provided for Questions 4-7 in the appendix, as they are exercises you can complete on your own network.
Should the 10 steps be followed in rigid order? Which steps might be done in a different order, depending on the circumstances?
Can you rely on vendor-supplied performance numbers for security technology?
When does it make sense to deploy to a noncritical area instead of a critical one?
Based on your completed security policies (or what you imagine they will become if they are still in process), are there any areas that will be particularly hard to implement in your network security system? How might you address them?
Which areas of your current network require the most work to properly implement security? Must you redesign the network from scratch, or are you able to add security to the existing designs?
Based on the information you've read so far in this book, are there product or technology choices you could make that could minimize redesign?
Based on the way your organization is set up, what do you think will be the biggest organizational impediments to implementing a secure network? How do you plan to deal with them?
If you are operating under significant financial pressures, what are some technologies you can focus on in your design to lessen the financial impact on the network?