To Contact Me

Phone: 07768 113497

Fax: 01473 423491


CISSP Domain 2 : Telecommunications & Network Security

Home Page | Network Penetration Testing | Firewall and VPN Engineering | Network Design | Security Policy | Network Support | Employment / Contract History | CV and References | Personal

Overview


Telecommunications and Network Security domain encompasses the structures, transmission methods, transport formats, and security measures used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media.

The candidate is expected to demonstrate an understanding of

communications and network security as it relates to voice communications; data communications in terms of local area, wide area, and remote access; Internet/Intranet/Extranet in terms of Firewalls, Routers, and TCP/IP; and communications security management and techniques in terms of preventive,

detective and corrective measures.


Key Areas of Knowledge

§ International Standards Organization/ Open Systems Interconnection

(ISO/OSI) Layers and Characteristics

§  Physical Layer

§  Data Link Layer

§  Network Layer

§  Transport Layer

§  Session Layer

§  Presentation Layer

§  Application Layer

§ Communications and Network Security

§  Physical Media Characteristics (e.g., Fiber Optics/Coaxial/Twisted

Pair)

§  Network Topologies (e.g., Star/Bus/Ring)

§  IPSEC Authentication and Confidentiality

§  TCP/IP Characteristics and Vulnerabilities

§  Local Area Networks (LANs)

§  Wide Area Networks (WANs)

§  Remote Access/Telecommuting Techniques

§  Secure Remote Procedure Call (S-RPC)

§  Remote Access Dial-In User System/Terminal Access Control

Access System (RADIUS/TACACS)

§  Network Monitors and Packet Sniffers

§ Internet/Intranet/Extranet

§  Firewalls

§  Routers

§  Switches

§  Gateways

§  Proxies

§  Protocols

§  Transmission Control Protocol/Internet Protocol (TCP/IP)

§  Network Layer Security Protocols (IPSEC, SKIP, SWIPE)

§  Transport Layer Security Protocols (SSL)

§  Application Layer Security Protocols (S/MIME, SSL, SET, PEM)

§  Challenge Handshake Authentication Protocol (CHAP) and

§  Password Authentication Protocol (PAP)

§  Point-to-Point Protocol (PPP)/Serial Line Internet Protocol (SLIP)

§  Services

§  HDLC

§  Frame relay

§  SDLC

§  ISDN

§  X.25

§  Communications security techniques to prevent, detect, and correct

errors so that integrity, availability, and confidentiality of transactions

over networks may be maintained.

§  Tunneling

§  Virtual Private Network (VPN)

§  Network Monitors and Packet Sniffers

§  Network Address Translation

§  Transparency

§  Hash totals

§  Record sequence checking

§  Transmission logging

§  Transmission error correction

§  Retransmission controls

§ E-mail security

§ Facsimile security

§ Secure Voice Communications

§ Security boundaries and how to translate security policy to controls

§ Network Attacks and Countermeasures

§  ARP

§  Brute force

§  Worms

§  Flooding

§  Eavesdropping

§  Sniffers

§  Spamming

§  PBX Fraud and Abuse


Click to email me