| < Day Day Up > |
|
In this exercise, you will read a scenario about a company’s challenge with providing security for communications to and from its public Web site, and then answer the questions that follow. The questions are intended to reinforce key information presented in this chapter. If you are unable to answer a question, review the lessons and try the question again. You can find answers to the questions in the “Questions and Answers” section at the end of this chapter.
You are a systems engineer at Adventure Works, a publicly owned company that manages hundreds of sporting goods stores throughout the United States. Your management is under pressure to continually increase sales, but the company’s capital budget is too low to build new stores. Lacking the funds to expand reach by using traditional retail outlets, Adventure Works management has decided to sell sporting goods directly to consumers by using a public Web site.
At the request of your management, you acquired the domain name adventure- works.com. After talking to the Web developers, you have determined that you will need to configure two Web servers (for redundancy and performance) and a single database server. For at least the first six months, you plan to host the Web servers on the perimeter network at your company’s headquarters, which is connected to the public Internet by a 45-megabits-per-second (Mbps) T3 connection. The planned systems architecture is shown in Figure 11.17.
Figure 11.17: Systems architecture for www.adventure-works.com
How should you protect the personal information and credit card numbers of consumers purchasing products from your Web site?
IPSec
S/MIME
PKI
SSL
Physical security
You want to purchase SSL certificates created by a trusted public CA for your Web servers so that users will not be prompted about the certificate. How many SSL certificates do you need to purchase?
1
2
3
4
How can you protect the communications between the Web servers and the database servers? (Choose all that apply.)
IPSec
S/MIME
PKI
SSL
Physical security
| < Day Day Up > |
|