An electronic equipment manufacturing company with several divisions such as
designing, prototyping, production, testing, HR, sales, maintenance, stores, marketing,
etc., has some of its divisions in their main building premises, and other divisions are in
different places due to lack of physical space. All locations in the city are connected
through Metro-Ethernet provided by a communication services provider, and remote
locations are connected through the service provider’s WAN that uses MPLS
connectivity. All divisions located in the main office premises or remote locations have
their respective VLANs. Some divisions are in multiple locations due to space
limitation as well as convenience in collaborating with other relevant divisions. The
management of this organisation plans to extend its network to several service branch
offices in the future. These branch offices are different from its divisions, and have
some autonomy, and each branch office may have two or three divisions to provide
customer services such as sales, maintenance, stores, marketing, etc.
The company already has wireless LANs. As part of the service expansion project, the
management wishes to have wireless connectivity for the customers who may visit the
company main premises or branch offices, for the purpose of providing some interactive
applications that their staff can enable the customers to utilize to gain awareness on the
new product releases and trouble shooting guidelines.
This company has its NOC in the main building premises. It hosts the corporate server
farm (also called high security zone or HSZ) and the public services network (also called
the de-militarised zone or DMZ in the main building premises. The disaster recovery site
(DRS) is hosted in the datacentre of the communication services provider. DMZ hosts
the necessary public servers using public IP addresses (both IPv4 and IPv6). HSZ is not
visible from the Internet due to a firewall, and configured with IPv6 and private IPv4
addresses. All divisions and branch networks use private IPv4 addresses. The company
also plan to have remote video conferencing facility for its designated executives,
specifically when they are out of the city.

How to design a network according to the above description? If you can just point me to where to look to be able to do these kind of questions that would be enough.

I tried to look up the answers for some of the past papers and some answers are contradicting so I just want a theoretical way to build up a secure network design.