Continuing with series of article on CISSP domains, in this article I will cover the Domain 4 of CISSP, which is based on Networking and Telecommunications. CISSP concentrates on only the basic networking and telecommunication concepts, and would most probably not test the candidate for Domain 4 on any deeper concepts.

So lets’ start with important points on this domain:

  • Know the port ranges
    • Well Known Ports: 0-1023
    • Registered Ports:1024-49151
    • Dynamic Ports:49152-65535
  • Understand Network Classes and their ranges.
    • Class A
    • Class B
    • Class C
    • Class D
    • Class E
  • Important concepts on OSI model
    • Which layer in OSI model follows which?
    • Functionality of each layer.
    • Difference between TCP and UDP.
    • PAPS, PPTP, RPC are layer 5 protocols.
  • Difference between NULL and XMAS scanning:
    • In NULL scanning, no flags are set on the initiating TCP Packet.
    • In XMAS scanning, all the TCP flags are set.
  • Understanding of purpose of IDS/IPS and where they should be placed in the network.
  • Difference between Smurf and Fraggle Attack:
    • The Smurf attack uses ICMP echo request to create DOD attacks
    • Fraggle attacks use UDP packet on port 7.
  • A very important concept is Tunneling:
    • Point to Point Tunneling Protocol offers authentication by way of PAP, CHAP or EAP. Consider following table:
      Password Database
      • PAP
      • Clear text
      • encrypted
      • CHAP
      • unencrypted
      • unencrypted
      • MS-CHAP
      • encrypted
      • encrypted
    • Layer 2 Tunneling Protocol (L2TP): It has no native encryption but relies on IPsec for encryption.
    • Authentication Header (AH): It provides authenticity and integrity but no confidentiality.
    • Encapsulating Security Payload (ESP): it encrypted IP packets and ensures their integrity.
    • Security Associations (SA): These contain the details that should b used during negotiation like encryption and authentication algorithm.
    • Understand the difference between Transport and Tunnel Mode:
      • Transport Mode: IN this IP payload is protected and it is used for end-to-end protection.
      • Tunnel Mode: In this IP payload as well as IP header is protected. This is mostly used within networks.
    • Internet Key Exchange: This provides the basis to exchange the encryption keys for use in AH or ESP.
      • Diffie-hellman negotiation
      • Public key Certificates
    • RADIUS: Password is encrypted but user identification is in clear text.
    • Only SNMP v3 encrypts the passwords.
  • Remote Access Services:
    • TELNET: It is limited to username and password authentication and also it does not offer encryption.
    • Remote login (rlogin): It is only used in trusted networks and it does not provide password protection. A more secure implementation is ssh.
  • Understand all the weakness of the Network Topologies. Below are the weaknesses of the network topologies.
    • Bus
      • Since topology has a central bus, its failure will leave the entire network inoperable
    • Tree
      • Branch cable failure could result in entire network down.
    • Ring
      • Since it is a closed loop topology, one node failure results in entire ring failure
    • Mesh
      • Since it requires every node to be connected with each other, it is very costly to set up.
    • Star
      • Central Network device to which all the devices connect poses a single point of failure risk for the network.
  • Types of Digital Subscriber Lines (DSL):
    • Asymmetric Digital Subscriber Line (ADSL)
      • Downstream transmission rates are much greater than upstream transmission rates.
    • Rate Adaptive DSL (RADSL):
      • As the name suggests, Upstream transmission rate is adjusted auto w.r.t to quality of line
    • Symmetric Digital Subscriber Line (SDSL):
      • Since it is symmetric, it uses the same rate for upstream and downstream transmission rates.
    • Very High Bit Rate DSL (VDSL):
      • It deals in Mbps for transmission rates.
  • Types of Secondary PVLAN
    • Promiscuous
      • Any node can send packet to any other node in other secondary PVLAN under the same primary PVLAN
    • Isolated
      • Node in this PVLAN can only send and receive packet from promiscuous PVLAN
    • Community
      • Any node can send packet to any other node in same secondary PVLAN under the same primary PVLAN
  • Difference between Multiplexers, Concentrators, Hubs and Repeaters
    • Concentrator: It multiples connected devices into one signal for transmission over network
    • Multiplexer: It combines multiple signals into one signal for transmission
    • Hubs: Hubs retransmits single from one port to all ports.
    • Repeater: They are used to overcome signal degradation and is used to amplify signal strength.
  • Media : Understand various type of media used for transmission:
    • Twisted Pair: Pair of copper wires is twisted together and is covered by an outer layer that protects the wires.
    • Unshielded Twisted Pair: They are susceptible to interference but since they do not have any outer shield they can be easily bend o support any installation
    • Shielded Twisted Pair: They are enclosed in a protective shield otherwise they are mostly similar to UTP.
    • Coaxial Cable: It uses a thick conductor instead of copper wires and is surrounded by a grounding braid of wire.
    • Fiber Optic: All above uses electronic pulses to transmit information whereas fiber optic uses light pulses to transmit signals.

CISSP Instant Pricing- Resources

  • Content Distributed Network(CDN) : It is a large distributed system of servers deployed to server content to end users with high availability ,with high performance and securely.
  • Understand the difference between WEP, WAP and WAP2.
  • Difference between FTP, TFTP & SFTP; HTTP & HTTPS.

These are most of the important points that candidate should be aware of with reference to Domain 4. Please realize that this is not an exhaustive list and only provides the minimum level of concepts that should be understood.