Chapter 19

Implementing Secure Network Designs

This chapter covers the following topics related to Objective 3.3 (Given a scenario, implement secure network designs) of the CompTIA Security+ SY0-601 certification exam:

  • Load balancing

    • Active/active

    • Active/passive

    • Scheduling

    • Virtual IP

    • Persistence

  • Network segmentation

    • Virtual local area network (VLAN)

    • Screened subnet (previously known as demilitarized zone)

    • East-west traffic

    • Extranet

    • Intranet

    • Zero Trust

  • Virtual private network (VPN)

    • Always-on

    • Split tunnel vs. full tunnel

    • Remote access vs. site-to-site

    • IPsec

    • SSL/TLS

    • HTML5

    • Layer 2 tunneling protocol (L2TP)

  • DNS

  • Network access control (NAC)

    • Agent and agentless

  • Out-of-band management

  • Port security

    • Broadcast storm prevention

    • Bridge Protocol ...

Get CompTIA Security+ SY0-601 Cert Guide, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial