NCAE Mapping Hub Authoritative cross-reference for DCWF, NCAE Knowledge Units, O*NET, and the EWU Cyber Operations program

Security+ · 3.0 Security Architecture

Segmentation

Dividing a network into smaller zones (VLANs, subnets, or software-defined) to limit lateral movement. Complementary to DMZ.

How this shows up at NCAE

Your team has two IP ranges: 172.18.X.0 (external/router side) and 192.168.X.0 (internal/DNS VM side). That's micro-segmentation. Respect it. don't dual-home services across both.