The following questions are designed to test your knowledge of secure network design and sometimes build on knowledge found elsewhere in the book. The following questions have no one answer and are meant to foster thought into your own security system requirements. There are no answers provided for Questions 4-7 in the appendix, as they are exercises you can complete on your own network.
Should the 10 steps be followed in rigid order? Which steps might be done in a different order, depending on the circumstances?
Can you rely on vendor-supplied performance numbers for security technology?
When does it make sense to deploy to a noncritical area instead of a critical one?
Based on your completed security policies (or what you imagine they will become if they are still in process), are there any areas that will be particularly hard to implement in your network security system? How might you address them?
Which areas of your current network require the most work to properly implement security? Must you redesign the network from scratch, or are you able to add security to the existing designs?
Based on the information you've read so far in this book, are there product or technology choices you could make that could minimize redesign?
Based on the way your organization is set up, what do you think will be the biggest organizational impediments to implementing a secure network? How do you plan to deal with them?
If you are operating under significant financial pressures, what are some technologies you can focus on in your design to lessen the financial impact on the network?
Part I. Network Security Foundations
Network Security Axioms
Security Policy and Operations Life Cycle
Secure Networking Threats
Network Security Technologies
Part II. Designing Secure Networks
General Design Considerations
Network Security Platform Options and Best Deployment Practices
Common Application Design Considerations
Identity Design Considerations
IPsec VPN Design Considerations
Supporting-Technology Design Considerations
Designing Your Security System
Part III. Secure Network Designs
Edge Security Design
Campus Security Design
Teleworker Security Design
Part IV. Network Management, Case Studies, and Conclusions
Secure Network Management and Network Security Management
Appendix A. Glossary of Terms
Appendix B. Answers to Applied Knowledge Questions
Appendix C. Sample Security Policies
INFOSEC Acceptable Use Policy
Guidelines on Antivirus Process