Implementing Secure Network Solutions

Learning Outcomes:

In this module, you will complete the following exercises:

• Exercise 1 – Load Balancing
• Exercise 2 – Network Segmentation
• Exercise 3 – Virtual Private Network (VPN)
• Exercise 4 – Port Security
• Exercise 5 – Network Appliances and Services

After completing this module, you should be able to:

• Perform Media Access Control (MAC) filtering
• Implement Access Control Lists (ACLs).

After completing this module, you should have further knowledge of:

• Active/active and active/passive
• Scheduling
• Virtual IP and persistence
• Virtual Local Area Network (VLAN)
• Intranet and extranet
• Demilitarized zone (DMZ)
• East-West traffic
• Zero trust
• Always On
• Split tunnel versus full tunnel
• Remote access versus site-to-site
• IPSec
• Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
• HTML5
• Layer 2 Tunneling Protocol (L2TP)
• Broadcast storm prevention/loop prevention
• Bridge protocol data unit (BPDU) guard
• Dynamic Host Configuration Protocol (DHCP) snooping
• Jump servers and proxy servers
• Network-Based Intrusion Detection System (NIDS)/Network-Based Intrusion Prevention System (NIPS)
• Hardware security module (HSM)
• Firewalls
• Route security          
• Quality of Service (QoS)
• Implications of IPv6
• Port spanning/port mirroring       
• Monitoring services
• File integrity monitors
• DNS
• Network Access Control (NAC)
• Out-of-band management

Exam Objectives:

The following exam objective is covered in this lab:

3.3 Given a scenario, implement secure network designs.

• Load balancing
• Network segmentation
• Virtual Private Network (VPN)
• DNS
• Network Access Control (NAC)
• Out-of-band management
• Port security
• Network appliances
• Access Control List (ACL)
• Route security
• Quality of Service (QoS)
• Implications of IPv6
• Port spanning/port mirroring
• Monitoring services
• File integrity monitors