Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

CISSP Study Guide:

advertisement 
CISSP Cram Sheet:
Compiled by: Jason Robinett, Ascend Solutions
Last Updated 4/10/02
NOTE:
This guide does not replace in any way the outstanding value of the ISC2 CISSP CBK Seminar,
nor the fact that you must have been directly involved in the security field or one of the 10
domains of expertise for at least 3 years if you intend to take the CISSP exam. This booklet
simply intends to make your life easier and to provide you with a centralized and compiled list of
resources for this particular domain of expertise. Instead of a list of headings, we will attempt to
give you the headings along with the information to supplement the headings.
As with any security related topic, this is a living document that will and must evolve as other
people read it and technology evolves. Please feel free to send comments and input to be added
to this document. Any comments, typo correction, etc… are most welcome and can be sent
directly to jasonr@ascendsolutions.com. Thanks.
Domain 2 – Telecommunications & Network Security
Domain Definition:
Telecommunications and Network Security domain encompasses the structures, transmission
methods, transport formats, and security measures used to provide integrity, availability,
authentication, and confidentiality for transmission over private and public communications
networks and media.
The candidate is expected to demonstrate an understanding of communications and network
security as it relates to voice communications; data communications in terms of local area, wide
area, and remote access; Internet/Intranet/Extranet in terms of Firewalls, Routers, and TCP/IP;
and communications security management and techniques in terms of preventive, detective and
corrective measures.
 ISO/OSI Model – Is the standard model for network communications (Please Do Not
Throw Sausage Pizza Away).
 Layers & Characteristics
 Application – Provides specific services for applications such as file transfer
 Examples: FTP, TFTP, HTTP, SNMP, SMTP
 Presentation – Provides data representation between systems
 Examples: JPEG, GIF, MPEG, MIDI
 Session – Establishes, maintains, & manages sessions as well as synchronization of
the data flow
 Examples: NFS, RPC, X Windows, AppleTalk
 Transport – Provides end-to-end transmission integrity
 Examples: TCP, UDP, IPX
 Network – Switches and routes information units. Determines the best way to
transfer data.
 Examples: IP, Routers operate at this layer
 Data link – Provides transfer of units of information to other end of physical link.
Handles physical addressing, network topology, error notification, delivery of frames,
and flow control
 Examples: Bridges and switches operate at this layer
 Physical – Transmits bit stream on physical medium. Specifies the electrical,
mechanical, procedural, and functional requirements for the physical link
 Communications & Network Security
 Physical Media Characteristics
 Fiber Optic – Refers to the medium and the technology associated with
transmission of information as light impulses along a glass or plastic wire.
 Coaxial Cable – Used for Cable TV.
 Twisted Pair – Ordinary copper wire that connects home and business computers
together. Two types are STP (Shielded twisted pair) and UTP (Unshielded twisted
pair)

Network Topologies – defines the manner in which the network devices are organized
to facilitate communications.
 BUS Topology – All the transmissions of the network nodes travel the full length of
cable and are received by all other stations. (Picture a straight line)
 RING Topology – The network nodes are connected by unidirectional transmission
links to form a closed group.
 STAR Topology – The nodes of a network are connected to a central device
directly, like a hub.
 TREE Topology – A BUS type topology where branches with multiple nodes are
possible.
 MESH Topology – All nodes are connected to every other node to make the
network redundant.

IPSEC Authentication & Confidentiality
 Operates at the network layer and it enables multiple tunnels. IPSEC has the
functionality to encrypt and authenticate IP data. It is built into IPv6. Works in two
modes, Transport and Tunnel.

TCP/IP Characteristics & Vulnerabilities - TBD

LANs – a group of computers and associated devices that share a common
communications line within a small geographical area.

WANs – A geographically dispersed network that is usually made up of smaller LANs

Remote Access/Telecommuting Techniques
 Tend to use Analog and ISDN lines along with the newer cable and DSL lines to
connect to corporate networks. ISDN and Analog allow for the use of “callback” as an
extra security measure.

Secure Remote Procedure Call (S-RPC) - TBD

RADIUS/TACAS
 Remote Access Dial In User System – A client/server protocol that enables RAS
server to communicate with a central authentication authority. Allows the
implementation of policies.
 Terminal Access Control Access System – An older protocol common to UNIX
networks that was revamped by Cisco as TACACS+ using TCP.

Network Monitors & Packet Sniffers - TBD
 Internet/Intranet/Extranet
 Firewalls







Firewall Types:
 Packet Filtering – Examines both the source and destination addresses of the
incoming data packet and applies ACL’s to them. Operates at either the Network
or Transport layer. First generation.
 Application Level – Often called a Proxy Server. It works by transferring a
copy of each accepted data packet from one network to another. Second
generation.
 Stateful Inspection – Packets are captured by the inspection engine operating
at the network layer and then analyzed at all layers. Third generation
 Dynamic Packet Filtering – Makes informed decisions on the ACL’s to apply.
Fourth generation.
 Kernel Proxy – Very specialized architecture that provides modular kernelbased, multi-layer evaluation and runs in the NT executive space. Fifth
generation.
Firewall Architectures:
 Packet-filtering Routers
 Screened-Host
 Dual-homed host
 Screened-subnet (DMZ)
Routers – Connected to at least two networks and make decisions on where to route
traffic.
Switches – Operates at layer 2 making decisions on where to send packets to their
destination.
Gateways – Acts as a point of entrance into a network.
Proxies – Acts as an intermediary for internal hosts to access the Internet in order to
ensure security.
Protocols:
 TCP/IP – A 2 layer program with the higher level, TCP, manages the assembly of
the message file into packets which are then transmitted over the lover layer, IP,
which manages addresses.
 Network Layer Security
 IPSEC – A developing protocol that ensures confidentiality and integrity to IP
packets using either ESP or AH to secure the packets.
 SKIP – (Simple Key Management for Internet Protocols). A technology that
provides high availability in encrypted sessions. Similar to SSL, except that it
requires no prior communication in order to establish keys.
 SWIPE - TBD



Transport Layer Security (SSL) – Since replaced by TLS, SSL is the commonly
used security protocol. It’s a socket layer security protocol and is two-layered
protocol that contains the SSL record protocol and the SSL handshake protocol.
Application Layer Security:
 S/MIME – A secure method of sending email that uses the Rivest-ShamirAdleman encryption system.
 SET – Originated by Visa and MasterCard. It supports the authentication of both
the sender and the receiver and it ensures content privacy using digital
certificates and signatures.
 PEM – Created by the IETF to act for email in a similar fashion as IPSEC does to
IP.
CHAP – An authentication mechanism where the server will send the client a key to
be used to encrypt the username and password. This allows the logon credentials to
be sent encrypted.
PAP – An authentication mechanism where the username and password are sent in
clear text to the server that then compares the password to the password table
which is encrypted.
 PPP – A protocol for communicating between two computers using serial interfaces.
It uses IP to transfer the traffic but operates at layer 2.
 SLIP – A protocol used to allow two machines to communicate that have been
previously configured to do so.
Services:
 HDLC – Derived from SDLC. It specifies the data encapsulation method on
synchronous serial links using frame characters and checksums. It was created to
support both point-to-point and multi-point configurations.
 Frame Relay – High performance WAN protocol that operates at the physical and
data link layers. Designed for cost efficient data transmission. It uses a simplified
framing approach and utilizes no error correction. It uses SVCs, PVCs, and DLCIs for
addressing.
 SDLC – Created by IBM to make connecting to mainframes easier and is similar to
layer 2. It uses a primary station to control all communications and one or more
secondary stations. It’s based on leased lines with permanent physical connections.
 ISDN – Integrated Services Digital Network is a combination of digital telephony and
data-transport services. It consists of digitization of the telephone network by
permitting voice and other digital services to be transmitted over existing wires. Two
types are BRI, basic rate, and PRI, primary rate.
 X.25 – The first packet-switching network. It defines point-to-point communication
between DTE and DCE or DSU/CSU, which support both SVCs and PVCs.
Communication Security Techniques:
 Tunneling – Using the Internet to “tunnel” data in a fashion similar to a private line.
It often uses PPTP or the new L2TP.
 VPN – A private network that makes use of the public networks to ensure secure
transmission of data using tunneling protocols.
 Network Monitors & Packet Sniffers – Tools to analyze and capture packets as
they traverse a network.
 Network Address Translation – The translation of Internet IP addresses to RFC
1918 IP addresses often behind a firewall.
 Transparency – A condition within the OS or other services that allow the user
access to a remote resource through a network without needing to know whether it
is local or remote. NFS is a nice example.
 Hash Total – Producing hash values generated from a sting of text. Often
generated using a formula that will make it difficult to create a similar hash value.
Used for data integrity.
 Transmission Logging – TBD
 Transmission error correction – TBD
 Retransmission controls – TBD
E-mail security
Facsimile Security
Secure Voice Communications
Security boundaries and how to translate security policy to controls
Network Attacks & Countermeasures
 ARP – A protocol for mapping IP addresses to physical machine addresses (MAC).
RARP allows them to request an IP address from the MAC address.
 Brute Force – A trial and error method used by application programs to decode
encrypted data.
 Worms – A self-replicating virus that does not alter files, but resides in memory and
duplicates itself.













Flooding – The forwarding by a router of a packet from a node to every other node
on the network.
Eavesdropping – TBD
Sniffers – TBD
Spamming – TBD
PBX Fraud & Abuse – TBD
Related documents
Scoring Rubric Regional Science Olympiad Protein Modeling
Scoring Rubric Regional Science Olympiad Protein Modeling
SAC Science and Math Building
SAC Science and Math Building
2008-2009 Emily Brittain School Important Dates to Remember Draft 1
2008-2009 Emily Brittain School Important Dates to Remember Draft 1
Educational Foundations Department Meeting Agenda
Educational Foundations Department Meeting Agenda
2014 Annual Meeting - Saline Ridge Homeowners Association
2014 Annual Meeting - Saline Ridge Homeowners Association
Provincial Exam Schedule Jan 2016
Provincial Exam Schedule Jan 2016
Project-Proposal - Ohio Association for Court Administration
Project-Proposal - Ohio Association for Court Administration
Vice President/ VP of Programs
Vice President/ VP of Programs
Syllabus
Syllabus
Download
advertisement