CISSP Cram Sheet:

enginestagΔίκτυα και Επικοινωνίες

26 Οκτ 2013 (πριν από 3 χρόνια και 7 μήνες)

63 εμφανίσεις

CISSP Cram Sheet:

Compiled by: Jason Robinett, Ascend Solutions

Last Updated 4/10/02


NOTE:

This guide does not replace in any way the outstanding value of the ISC2 CISSP CBK Seminar,
nor the fact that you must have been directly involved in the security
field or one of the 10
domains of expertise for at least 3 years if you intend to take the CISSP exam. This booklet
simply intends to make your life easier and to provide you with a centralized and compiled list of
resources for this particular domain of
expertise. Instead of a list of headings, we will attempt to
give you the headings along with the information to supplement the headings.


As with any security related topic, this is a living document that will and must evolve as other
people read it and
technology evolves. Please feel free to send comments and input to be added
to this document. Any comments, typo correction, etc… are most welcome and can be sent
directly to
jasonr@ascendsolutions.com
. T
hanks.



Domain 2


Telecommunications & Network Security


Domain Definition:

Telecommunications and Network Security domain encompasses the structures, transmission
methods, transport formats, and security measures used to provide integrity, availability,

authentication, and confidentiality for transmission over private and public communications
networks and media.


The candidate is expected to demonstrate an understanding of communications and network
security as it relates to voice communications; data c
ommunications in terms of local area, wide
area, and remote access; Internet/Intranet/Extranet in terms of Firewalls, Routers, and TCP/IP;
and communications security management and techniques in terms of preventive, detective and
corrective measures.




ISO
/OSI Model


Is the standard model for network communications (
Please Do Not
Throw Sausage Pizza Away
).



Layers & Characteristics



Application



Provides specific services for applications such as file transfer



Examples: FTP, TFTP, HTTP, SNMP, SMTP



Presentat
ion


Provides data representation between systems



Examples: JPEG, GIF, MPEG, MIDI



Session



Establishes, maintains, & manages sessions as well as synchronization of
the data flow



Examples: NFS, RPC, X Windows, AppleTalk



Transport



Provides end
-
to
-
end tra
nsmission integrity



Examples: TCP, UDP, IPX



Network



Switches and routes information units. Determines the best way to
transfer data.



Examples: IP, Routers operate at this layer



Data link



Provides transfer of units of information to other end of physica
l link.
Handles physical addressing, network topology, error notification, delivery of frames,
and flow control



Examples: Bridges and switches operate at this layer



Physical



Transmits bit stream on physical medium. Specifies the electrical,
mechanical, p
rocedural, and functional requirements for the physical link




Communications & Network Security



Physical Media Characteristics



Fiber Optic



Refers to the medium and the technology associated with
transmission of information as light impulses along a glass

or plastic wire.



Coaxial Cable



Used for Cable TV.



Twisted Pair



Ordinary copper wire that connects home and business computers
together. Two types are STP (Shielded twisted pair) and UTP (Unshielded twisted
pair)




Network Topologies



defines the mann
er in which the network devices are organized
to facilitate communications.



BUS Topology



All the transmissions of the network nodes travel the full length of
cable and are received by all other stations. (Picture a straight line)



RING Topology



The netw
ork nodes are connected by unidirectional transmission
links to form a closed group.



STAR Topology


The nodes of a network are connected to a central device
directly, like a hub.



TREE Topology


A BUS type topology where branches with multiple nodes are
p
ossible.



MESH Topology



All nodes are connected to every other node to make the
network redundant.




IPSEC Authentication & Confidentiality



Operates at the network layer and it enables multiple tunnels. IPSEC has the
functionality to encrypt and authentica
te IP data. It is built into IPv6. Works in two
modes, Transport and Tunnel.




TCP/IP Characteristics & Vulnerabilities

-

TBD




LANs



a group of computers and associated devices that share a common
communications line within a small geographical area.




WANs



A geographically dispersed network that is usually made up of smaller LANs




Remote Access/Telecommuting Techniques



Tend to use Analog and ISDN lines along with the newer cable and
DSL

lines to
connect to corporate networks. ISDN and Analog allow for the

use of “callback” as an
extra security measure.




Secure Remote Procedure Call (S
-
RPC)

-

TBD




RADIUS/TACAS



Remote Access Dial In User System



A client/server protocol that enables RAS
server to communicate with a central authentication authority. Allows t
he
implementation of policies.



Terminal Access Control Access System



An older protocol common to UNIX
networks that was revamped by Cisco as TACACS+ using TCP.




Network Monitors & Packet Sniffers

-

TBD




Internet/Intranet/Extranet



Firewalls



Firewall Types
:



Packet Filtering



Examines both the source and destination addresses of the
incoming data packet and applies ACL’s to them. Operates at either the Network
or Transport layer. First generation.



Application Level



Often called a Proxy Server. It works by

transferring a
copy of each accepted data packet from one network to another. Second
generation.



Stateful Inspection



Packets are captured by the inspection engine operating
at the network layer and then analyzed at all layers. Third generation



Dynamic P
acket Filtering



Makes informed decisions on the ACL’s to apply.
Fourth generation.



Kernel Proxy



Very specialized architecture that provides modular kernel
-
based, multi
-
layer evaluation and runs in the NT executive space. Fifth
generation.



Firewall Arch
itectures:



Packet
-
filtering Routers



Screened
-
Host



Dual
-
homed host



Screened
-
subnet (DMZ)




Routers


Connected to at least two networks and make decisions on where to route
traffic.



Switches



Operates at layer 2 making decisions on where to send packets to
their
destination.



Gateways



Acts as a point of entrance into a network.



Proxies



Acts as an intermediary for internal hosts to access the Internet in order to
ensure security.



Protocols
:



TCP/IP



A 2 layer program with the higher level, TCP, manages the

assembly of
the message file into packets which are then transmitted over the lover layer, IP,
which manages addresses.



Network Layer Security



IPSEC


A developing protocol that ensures confidentiality and integrity to IP
packets using either ESP or AH to

secure the packets.



SKIP



(Simple Key Management for Internet Protocols). A technology that
provides high availability in encrypted sessions. Similar to SSL, except that it
requires no prior communication in order to establish keys.



SWIPE

-

TBD




Transpor
t Layer Security (SSL)



Since replaced by TLS, SSL is the commonly
used security protocol. It’s a socket layer security protocol and is two
-
layered
protocol that contains the SSL record protocol and the SSL handshake protocol.



Application Layer Security
:



S/MIME



A secure method of sending email that uses the Rivest
-
Shamir
-
Adleman encryption system.



SET



Originated by Visa and
MasterCard
. It supports the authentication of both
the sender and the receiver and it ensures content privacy using digital
certif
icates and signatures.



PEM



Created by the IETF to act for email in a similar fashion as IPSEC does to
IP.



CHAP



An authentication mechanism where the server will send the client a key to
be used to encrypt the username and password. This allows the logo
n credentials to
be sent encrypted.



PAP



An authentication mechanism where th
e username and password are sent

in
clear text to the server that then compares the password to the password table
which is encrypted.



PPP



A protocol for communicating between
two computers using serial interfaces.
It uses IP to transfer the traffic but operates at layer 2.



SLIP



A protocol used to allow two machines to
communicate

that have been
previously configured to do so.



Services:



HDLC



Derived from SDLC. It specifies t
he data encapsulation method on
synchronous serial links using frame characters and checksums. It was created to
support both point
-
to
-
point and multi
-
point configurations.



Frame Relay



High performance WAN protocol that operates at

t
he physical and
data
link layers.
Designed for cost efficient data transmission. It uses a simplified
framing approach and utilizes no error correction. It uses SVCs, PVCs, and DLCIs for
addressing.



SDLC



Created by IBM to make connecting to mainframes easier and is similar t
o
layer 2. It uses a primary station to control all communications and one or more
secondary stations. It’s based on leased lines with permanent physical connections.



ISDN



Integrated Services Digital Network is a combination of digital telephony and
data
-
transport services. It consists of digitization of the telephone network by
permitting voice and other digital services to be transmitted over existing wires. Two
types are BRI, basic rate, and PRI, primary rate.



X
.
25



The first packet
-
switching network.

It defines point
-
to
-
point communication
between DTE and DCE or DSU/CSU, which support both SVCs and PVCs.



Communication Security Techniques:



Tunneling



Using the Internet to “tunnel” data in a fashion similar to a private line.
It often uses PPTP or the
new L2TP.



VPN



A private network that makes use of the public networks to ensure secure
transmission of data using tunneling protocols.



Network Monitors & Packet Sniffers



Tools to analyze and capture packets as
they traverse a network.



Network Address T
ranslation



The translation of Internet IP addresses to RFC
1918 IP addresses often behind a firewall.



Transparency



A condition within the OS or other services that allow the user
access to a remote resource through a network without needing to know whe
ther it
is local or remote. NFS is a nice example.



Hash Total



Producing hash values generated from a sting of text. Often
generated using a formula that will make it difficult to create a similar hash value.
Used for data integrity.



Transmission Logging



TBD



Transmission error correction



TBD



Retransmission controls



TBD



E
-
mail security



Facsimile Security



Secure Voice Communications



Security boundaries and how to translate security policy to controls



Network Attacks & Countermeasures



ARP



A protocol
for mapping IP addresses to physical machine addresses (MAC).
RARP allows them to request an IP address from the MAC address.



Brute Force



A trial and error method used by application programs to decode
encrypted data.



Worms



A self
-
replicating virus tha
t does not alter files, but resides in memory and
duplicates itself.



Flooding



The forwarding by a router of a packet from a node to every other node
on the network.



Eavesdropping



TBD



Sniffers



TBD



Spamming



TBD



PBX Fraud & Abuse



TBD