Page 490 - StudyBook.pdf
P. 490
474 Chapter 7 • Topologies and IDS
A: The Internet is a network of networks that are connected together and is the
biggest public network in existence, which grew out of the ARPANet project.
An intranet is a private internal network available to users within the organiza-
tion, whereas an extranet is a special topology that is implemented in certain
cases where you have a need to allow access to some of your internal network
data and resources by users outside of your internal network.
Q: What type of IDS should I choose?
A: The type of IDS you choose to employ on your network will depend on what
type of network you have and what types of applications you are running.
Host-based IDSes can effectively monitor one specific computer, but not the
entire network. Network-based IDSes can monitor the entire network from a
high-level view, but may miss some type of attacks.Application-based IDSes are
specific to one application, such as a database application, and will monitor
attacks only on that application.
Q: Why would I want to use a VLAN?
A: VLANs can be used to segment network traffic into different broadcast
domains.This adds another layer of security for your network by keeping cer-
tain traffic segmented from the rest of your network traffic—all inside of your
firewall.
Self Test
A Quick Answer Key follows the Self Test questions. For complete questions,
answers, and explanations to the Self Test questions in this chapter as well as
the other chapters in this book, see the Self Test Appendix.
1. Your company is considering implementing a VLAN.As you have studied for
you Security+ exam, you have learned that VLANs offer certain security ben-
efits as they can segment network traffic.The organization would like to set
up three separate VLANs in which there is one for management, one for man-
ufacturing, and one for engineering. How would traffic move for the engi-
neering to the management VLAN?
www.syngress.com
