Tryhackme: Secure Network Architecture

Task 1: Introduction

Task 2: Network Segmentation

Open vSwitch

How many trunks are present in this configuration?

Answer: 4

What is the VLAN tag ID for interface eth12?

Answer: 30

Task 3: Common Secure Network Architecture

From the above table, what zone would a user connecting to a public web server be in?

Answer: External

From the above table, what zone would a public web server be in?

Answer: DMZ

From the above table, what zone would a core domain controller be placed in?

Answer: Restricted

Task 4: Network Security Policies and Controls

According to the corresponding ACL policy, will the first packet result in a drop or accept?

Answer: accept

According to the corresponding ACL policy, will the second packet result in a drop or accept?

Answer: drop

Task 5: Zone-Pair Policies and Filtering

What is the flag found after filling in all blanks on the static site?

Answer: THM{M05tly_53cure}

Task 6: Validating Network Traffic

Does SSL inspection require a man-in-the-middle proxy? (Y/N)

Answer: Y

What platform processes data sent from an SSL proxy?

Answer: Unified Threat Management

Task 7: Addressing Common Attacks

Where does DHCP snooping store leased IP addresses from untrusted hosts?

Answer: DHCP Binding Database

Will a switch drop or accept a DHCPRELEASE packet?

Answer: Drop

Does dynamic ARP inspection use the DHCP binding database? (Y/N)

Answer: Y

Dynamic ARP inspection will match an IP address and what other packet detail?

Answer: MAC Address

Task 8: Conclusion