A.23. Working with Security Zones
Even in a purely discretionary access control environment, security zones are important. Security zones are a form of classification. Basically, it is a designation of what portions of the company-controlled IT are accessible to which types of users. You will have at least three user types to deal with: employees, nonemployee business contacts, and external users. These easily lend themselves to the three standard security zones of intranet, extranet, and DMZ, respectively.
In addition to the basic ideas covered in the Security+ content, here are a few considerations:
Never place the only copy of data or other resources into the DMZ or extranet.
Regularly back up all data present in the DMZ and extranet.
Never ...
Get CompTIA Security+™ Deluxe: Study Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
