3.1 Network Isolation, Virtualization, and Cloud Infrastructure

Question 1

What is the primary concern in networking that physical isolation addresses?

Answer 1

The possibility of an attacker moving from one device to another through existing connections.

Question 2

Explain the concept of an ‘air gap’ in networking.

Answer 2

A complete physical separation between two or more network devices or segments, ensuring no direct physical or logical connection exists.

Question 3

Provide an example of how physical isolation might be used in a highly secure environment.

Answer 3

A managed service provider might use physical isolation to host different customers on entirely separate, physically isolated switches.

Question 4

What is the main limitation of relying solely on physical isolation for network segmentation?

Answer 4

Scalability; needing a separate physical switch for every isolated segment is not efficient or cost-effective.

Question 5

How do VLANs address the scalability issues of physical isolation?

Answer 5

VLANs allow for logical segmentation on a single physical switch, achieving the same isolation effect with fewer physical devices.

Question 6

Name the three planes of operation in Software Defined Networking (SDN).

Answer 6

The data plane, the control plane, and the management plane.

Question 7

Describe the primary function of the data plane.

Answer 7

Responsible for the actual forwarding of traffic from one device to another, including tasks like network address translation, encryption, and trunking.

Question 8

What role does the control plane play in network operations?

Answer 8

Responsible for managing the information that dictates how the data plane forwards traffic, including routing tables and dynamic routing updates.

Question 9

What activities occur within the management plane?

Answer 9

Configuration changes to a network device are made, typically through a console or management interface.

Question 10

How does Software Defined Networking (SDN) facilitate the dynamic creation of network infrastructure in the cloud?

Answer 10

SDN allows traditional physical components of network devices to be defined and managed as software, enabling dynamic creation and configuration of network infrastructure.

Question 11

Fill in the blank: An ‘air gap’ refers to a complete physical _______ between two or more network devices or segments.

Answer 11

separation

Question 12

True or False: VLANs require more physical switches than physical isolation to achieve the same level of network isolation.

Answer 12

False

Question 13

What is the function of the management plane?

Answer 13

Where configuration changes are made to the device, influencing the behavior of the control and data planes.

Question 14

What are the three planes of operation in SDN?

Answer 14

• Data Plane
• Control Plane
• Management Plane

Question 15

True or False: The data plane is responsible for managing routing tables.

Answer 15

False

Question 16

What does SDN stand for?

Answer 16

Software Defined Networking

Question 17

Fill in the blank: Network _______ is the practice of separating network devices or segments to prevent unauthorized communication.

Answer 17

Isolation

Question 18

What is the role of the control plane in relation to the data plane?

Answer 18

Dictates how the data plane forwards traffic based on routing and network address tables.

Question 19

What does VLAN stand for?

Answer 19

Virtual Local Area Network

Question 20

Describe a scenario where physical isolation would be most appropriate.

Answer 20

In a highly secure environment where different customers need to be hosted without risk of cross-access.

Question 21

What is one disadvantage of physical isolation?

Answer 21

It is expensive and impractical to manage in large-scale environments.

Question 22

What aspect of networking does SDN transform?

Answer 22

It abstracts network control from forwarding functions.