Network Diagram PBQs: CISSP - Certified Information Systems Security Professional

easy

Question 1 of 3

You are a security architect reviewing the network design for a corporate headquarters. The network uses a classic three-zone architecture: the DMZ hosts all services that must be reachable from the internet, such as web servers and email relays; the Internal Network connects employee workstations, department file shares, and business applications; and the Management Network is isolated for administrative access, authentication services, and infrastructure monitoring. A perimeter firewall and an employee workstation are already placed. Assign the remaining devices to the correct zone based on defense-in-depth principles.

Network Topology

DMZ

Internet-reachable services — web, email relay, public DNS

Perimeter Firewall🔒

Internal Network

Employee workstations, file shares, business applications

Employee Workstation🔒

Management Network

Admin access, authentication, infrastructure monitoring

Drop devices here

Available Devices

Drag devices into the correct network zone above

Email Relay

Department File Server

Centralized Log Server

Progress

0 of 3 devices placed

Drag devices into the correct network zones

0 of 3 marked complete