Network Diagram PBQs: CompTIA Security+ (SY0-701)

Your organization is redesigning its network to improve its security posture after a recent audit. The network has three zones: a DMZ for public-facing services, an Internal network for employee workstations and file servers, and a Management network for administrative access. Several network devices need to be placed into the correct zone. The DNS server that handles public record lookups should be in the DMZ. The IDS/IPS should monitor DMZ traffic. The RADIUS server must be on the Management network for centralized authentication. The WAF should protect web services in the DMZ. The file server belongs on the Internal network.