CISSP Domain Refresh 4: Communications and Network Security

The Certified Information Systems Security Professional (CISSP), is the perfect cert for Security professionals. As per the survey depicted in the below screenshot, this gold standard certification requires demonstrating that you have sufficient work experience and passing an exam covering the eight domains of information security.

This article covers the fourth of those eight domains, Communications and Network Security. Total of 14% of the questions in the CISSP exam comes from this domain. In this article, we will focus on each topic covered in the first domain. 

Computer networks are one of the most vulnerable components of any business, mainly because they are utilized so frequently by the majority of the individuals in an organization. This domain of CISSP involves making secure communication channels over a network, which may be an in-house email system, messages, phone calls, faxes, etc.

Computer Networking

The domain 4 of CISSP starts with the basics of networking, which build the foundation of the whole domain, the exam takers should familiarize themselves with basic networking concepts like

  • TCP/IP protocol suite
  • DNP3
  • Public and private addressing
  • Subnetting
  • Domain Name System
  • Network ports
  • ICMP
  • Multilayer protocols

Network Security Devices

Security professionals should develop defense-in-depth strategies that consolidate network-enforced security devices & technologies with best practices. This domain discusses:

  • Switches and routers
  • Firewalls
  • Load balancers
  • Proxies
  • Web security gateways
  • VPNs and VPN concentrators
  • Network Intrusion detection and prevention
  • Protocol analyzers
  • Unified threat management
  • Content distribution networks
  • Modems

Building blocks to Secure Networks Design

The implementation of a Network Infrastructure requires the proper configuration in accordance with security principles, this requires security professionals to understand basic network security concepts which is covered under this domain:

  • NATing and PATing
  • VLAN’s and network segmentation
  • Network access control (NAC) and 802.1x
  • Remote network access
  • Desktop and Application virtualization
  • Defense in depth (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Sumit Bhattacharya. Read the original post at: