What’s new in Telecommunications and Network Security

ISC2 published the 3rd edition of their CISSP CBK in late 2012. I ordered my copy in December 2012 and said, “So what’s new in Telecomm?”
First, let me say that all quoted material in this article is from the “Official (ISC)2 Guide to the CISSP® CBK Third Edition.”

I started going through the Telecommunications and Network Security domain and “WOW!!!” My hat’s off to the people who put this domain together.
In the 3rd edition, there are four main sections:

  1. Secure Network Architecture and Design
  2. Securing Network Components
  3. Secure Communication Channels
  4.   Network Attacks

Compare this to the 2nd edition, which had eight sections:

  1. Introduction
  2. Layer 1: Physical Layer
  3. Layer 2: Data-link Layer
  4. Layer 3: Network Layer
  5. Layer 4: Transport Layer
  6. Layer 5: Session Layer
  7. Layer 6: Presentation Layer
  8. Layer 7: Application Layer

You can tell just by looking at the index that the emphasis has changed from the old OSI model to a “new way of thinking” about network security.
When I was looking at the Network Layer and found that 3rd edition went into detail regarding RIPv1 and RIPv2, as well as OSPFv1 and OSPFv2 I was OK with the level of detail, what I found impressing was how “easy” it was to read and understand. Even when it went into all the protocols associated with the Network Layer, I found it “easy” to read. But on to some good stuff; check out SASE and CASE in the Presentation Layer.

I noticed that this new edition also contained SCADA, which I found to be quite factual and straightforward. It is of interest to note the vulnerabilities in the reference table on page 312.

Multimedia collaboration and spimming, I think I need a new dictionary. Even SEM and SEIM, no wait a minute that should be SIEM. That is of course, unless they are coining a new phrase. I’m going to stick with SIEM, Security Information and Event Management. In any event, in the Telecommunications domain they refer to Security Event and Incident Management but talk about SIEM devices. Maybe it’s just a typo, you know how those things happen.

I like how the “Attack” section was organized. It clarified some things for me.

For me this domain is well organized, well highlighted, and as I said before, an “easy” read. There is however, way too much information in this domain to include it here, you’ll simply have to get the new CISSP CBK and read this domain or enroll in one of our training programs. Fill out the short form below for pricing information and details regarding our course.

Want to learn more?? The InfoSec Institute CISSP Training course trains and prepares you to pass the premier security certification, the CISSP. Professionals that hold the CISSP have demonstrated that they have deep knowledge of all 10 Common Body of Knowledge Domains, and have the necessary skills to provide leadership in the creation and operational duties of enterprise wide information security programs.

InfoSec Institute's proprietary CISSP certification courseware materials are always up to date and synchronized with the latest ISC2 exam objectives. Our industry leading course curriculum combined with our award-winning CISSP training provided by expert instructors delivers the platform you need in order to pass the CISSP exam with flying colors. You will leave the InfoSec Institute CISSP Boot Camp with the knowledge and domain expertise to successfully pass the CISSP exam the first time you take it. Some benefits of the CISSP Boot Camp are:

  • Dual Certification - CISSP and ISSEP/ISSMP/ISSAP
  • We have cultivated a strong reputation for getting at the secrets of the CISSP certification exam
  • Our materials are always updated with the latest information on the exam objectives: This is NOT a Common Body of Knowledge review-it is intense, successful preparation for CISSP certification.
  • We focus on preparing you for the CISSP certification exam through drill sessions, review of the entire Common Body of Knowledge, and practical question and answer scenarios, all following a high-energy seminar approach.