Question

Given the network security applications and countermeasures in the first column of the table below, explore answers to the following questions:

Where does the application or countermeasure belong in the seven domains of a typical IT infrastructure? An application or countermeasure may span two or more domains.

What confidentiality, integrity, and availability (CIA) function(s) does the countermeasure provide?

Provide your answers in the table below.

Network Security Applications and Domain(s) CIA Function(s) Countermeasures Intrusion detection system/intrusion prevention system (IDS/IPS) Cryptography Logon rights Firewall WPA Antivirus scanner Virtual private networlk MAC address filtering

Answer 1

Each listed countermeasure belong within the seven domains of a typical IT infrastructure is explained in following manner Network Security Applications and Countermeasures Domains CIA Function LAN-to-WAN Integrity Intrusion detection system/intrusion prevention system (IDS/IPS) Workstation Workstation LAN LAN-to-WAN WAN Remote Access System/Applications Confidentiality Integrity Cryptography Workstation LAN LAN-to-WAN System/Applications Confidentiality Logon rights LAN-to-WAN System/Applications Confidentiality Firewalls LAN-to-WAN System/Applications Confidentiality WPA Workstation LAN Remote Access System/Applications Integrity Antivirus scanners

Workstation Integrity Virtual Private Network System/Applications Confidentialit MAC address filtering Integrity

The seven domains of atypicalIT nfrastnce the following domains User Domain: Actual users Workstation Domain: Workstations, laptops, and end-point devices, such as smartphones and printers . LAN Domain: Physical and logical LAN technologies-100 Mbps/1000 Mbps switched Ethenet, 802.11-family of wireless LAN technologies-used to support workstation connectivity to the organization's network infrastructure LAN-to-WAN Domain: Routers, firewalls, demilitarized zones (DMZs), and IDS/IPS WAN Domain: Routers, circuits, switches, firewalls, gateways, and equivalent gear at remote locations, sometimes under a managed service offering by the service provider socket layer/VPN (SSLVPN) tunnels client/server applications, and data that are typically housed in the organization's data center and .Remote access Domain: Virtual private networks (VPNs), laptops with VPN software, and secured " System/Application Domain: Hardware, operating system software, database software computer rooms

LAN Domain LAN-to-WAN Domain WAN Domain Server Firewall User Domain Domain Computer Hub Router Firewall Remote Access Domain Mainframe Application & Web Servers Broadband Internet Computer System/Application Domain Representation of the Seven Domains of a typical IT Infrastructure