Skip to content

Chapter 5: Domain 4: Communication and Network Security

Abstract

Domain 4: Communications and Network Security, covered in this chapter, is another very technical domain to be tested. One of the most technical of the domains included in the CISSP®, Domain 4 requires an understanding of networking and the TCP/IP suite of protocols at a fairly substantial level of depth. Networking hardware such as routers and switches are presented within this domain. Technical aspects of Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Virtual Private Networks (VPN), 802.11 wireless, Radio Frequency ID (RFID), and also authentication devices and protocols are found in this large domain. More recently added topics such as micro-segmentation, Virtual eXtensible Local Area Network (VXLAN), Software-Defined Wide Area Network (SD-WAN), and Li-Fi are also presented in this chapter.

Keywords

OSI model; The TCP/IP model; Packet-switched network; Switch; Router; Carrier Sense Multiple Access

Exam objectives in this chapter:

  • Network Architecture and Design
  • Secure Network Devices and Protocols
  • Secure Communications

Unique Terms and Definitions

  • The OSI model—a network model with seven layers: physical, data link, network, transport, session, presentation, and application
  • The TCP/IP model—a simpler network model with four layers: network access, Internet, transport, and application
  • Packet-switched network—a form of networking where bandwidth is shared and data is carried in units called packets
  • Switch—a layer 2 device that carries traffic on one LAN, based on MAC addresses
  • Router—a layer 3 device that routes traffic from one LAN to another, based on IP addresses
  • Carrier Sense Multiple Access (CSMA)—a method used by Ethernet networks to allow shared usage of a baseband (one-channel) network and avoid collisions (multiple interfering signals)

Introduction

Communication and Network Security is fundamental to our modern life. The Internet, the World Wide Web, online banking, instant messaging email, and many other technologies rely on network security: our modern world cannot exist without it. Communications and Network Security focuses on the confidentiality, integrity, and availability of data in motion.

Communications and Network Security is one of the largest domains in the Common Body of Knowledge and contains more concepts than any other domain. This domain is also one of the most technically deep domains, requiring ing technical knowledge down to packets, segments, frames, and their headers. Understanding this domain is critical to ensure success on the exam.