Back to CompTIA Security+ (CompTIA Security+)

Secure Network Architecture

Designing secure network infrastructures

5 minutes 5 Questions

Secure Network Architecture refers to the design and implementation of network infrastructure with security as a foundational element. It encompasses multiple layers of defense to protect organizational assets from threats. Core components include: 1. Network Segmentation - Dividing networks into…

Concepts covered
Secure ProtocolsNetwork SegmentationIntrusion Detection and Prevention Systems (IDPS)Secure Network DesignAccess Control Lists (ACLs)Demilitarized Zones (DMZs)Virtual Private Networks (VPNs)FirewallsHardeningSubnettingNetwork Access Control (NAC)Wireless Security
Test mode:
Start practice test
CompTIA Security+ - Secure Network Architecture Example Questions

Test your knowledge of Secure Network Architecture

Question 1

An organization has the IP address range of 10.100.0.0/16 and needs to allocate 1000 IP addresses to one of its departments. What is the appropriate subnet mask for the department?

Correct Answer: /22

To allocate 1000 IP addresses, we must find a new subnet mask that allows for at least 1000 hosts. The closest power of 2 larger than 1000 is 1024. The number of host bits needed for 1024 IP addresses is 10, so the new subnet mask is /22.

Question 2

A small business owner is concerned about the security of their wireless network and wants to ensure data transmission is encrypted. Which encryption method should be used?

Correct Answer: AES

AES is a strong encryption standard and is recommended for wireless network security. TKIP and RC4 are weaker and vulnerable to attacks. DES is an outdated encryption method, while CRC is not an encryption method but a data integrity check. PEAP is an authentication method, not an encryption method.

Question 3

An organization wants to provide its employees with secure wireless access to corporate resources while ensuring a separate, open network for guests. What should be implemented?

Correct Answer: Create an additional SSID and VLAN for guest access

Creating an additional SSID for guest access and implementing a separate VLAN ensures proper network segmentation and security. The other options do not provide the same level of network separation and security.

More Secure Network Architecture questions
39 questions (total)
Start 39 question test