• Home
  • The Song
  • The Avatar
  • The Cat
  • Contact the Cat

Gyp the Cat dot Com

ISC(2) CISSP Revision Notes – Telecommunications and Network Security
Revision

ISC(2) CISSP Revision Notes – Telecommunications and Network Security

Networks and security are a large part of the syllabus for the CISSP.

[alert style=”red”]In NO way should these notes be used as your sole source of study for the CISSP exam.  These notes lack things completely that could be included on your exam.  I in no way provide any guarantee or assurance that these notes are correct or satisfactory for your learning.  For further information see my CISSP Study and Exam Tips.[/alert]

ISC(2) CISSP Revision Notes – Study and Exam Tips
ISC(2) CISSP Revision Notes – Overarching Themes for the CISSP
ISC(2) CISSP Revision Notes – Access Control
ISC(2) CISSP Revision Notes – Business Continuity and Disaster Planning
ISC(2) CISSP Revision Notes – Cryptography
ISC(2) CISSP Revision Notes – Information Security Governance and Risk Management
ISC(2) CISSP Revision Notes – Legal, Regulatory, Investigations and Compliance
ISC(2) CISSP Revision Notes – Operations Security
ISC(2) CISSP Revision Notes – Security Architectural Design
ISC(2) CISSP Revision Notes – Software Development Security
ISC(2) CISSP Revision Notes – Telecommunications and Network Security (You are here)

Networking

OSI Model TCP/IP (DOD) Like What?
7 Application Application SMTP, HTTP
6 Presentation Application JPEG, MPEG
5 Session Application RPC, NetBIOS
4 Transmission Transport TCP
3 Network Internet Routers, IP, ICMP
2 Data-Link (LLC & MAC) Network Switches, Ethernet, ARP
1 Physical Network Cables, hubs, topology

 

1) Physical

  • Star, Mesh, Ring, Bus
  • Cable Types:
    • Coaxial – Durable and resistant to EMI, quite slow and expensive
    • Twinaxial – 2 X coaxial, faster and short distance
    • Twisted Pair – eg Cat3, Cat5, Cat5e, Cat6, etc.  UTP vs STP.  Cheap
    • Fiber-optic – No EFI or RFI, fast and very expensive

2) Data-Link Layer

  • Ensures delivery to proper device
  • LLC – Managed Frames
  • MAC – Error Control (CRC), contention, token passing, polling
  • L2TP, PPTP, SLIP
  • Circuit Switched Networks
    • “Think old leased lines”, always on, examples include DSL, DOCSIS, ISDN
    • Packet Switched Networks
      • ATM, Frame Relay, MPLS, X.25

3) Network Layer

  • Routers & routing protocols
  • RIP
    • Split horizon (don’t push routes back down the same way)
    • Route poising (unreachable routes)
    • Hold down (how long until link is dead)
    • OSPF uses Autonomous System (AS)
    • BCP in use by ISPs
    • IP, IPX, ICMP
    • Class A            1 – 126           0.0.0.0
    • Class B            128 – 191      255.0.0.0
    • Class C                        192 – 223      255.255.0.0
    • Class D            224 – 239      255.255.255.0
    • Class E                        240 – 254

4) Transport Layer

  • Flow Control, Multiplexing, Virtual Circuits & Error Checking
  • “Reliable end to end control”
  • TCP – Full duplex & connection orientated
  • UDP – Connectionless, best efforts but fast
  • SSL & TLS

5) Session Layer

  • Establishes, co-ordinates and terminates communication sessions
  • SSH, NetBIOS, NFS, RPS, SIP

6) Presentation Layer

  • Coding and conversion function
  • ASCII, JPG, GIF, MPEG, etc

7) Application Layer

  • Identify and establish
  • FTP, HTTP, IMAP, POP3, etc

Firewall Types

  • Packet Filtering / Screening Router
    • Basic and inexpensive
    • Uses on TCP, UDP, ICMP and IP headers (source, destination, service) with ACLs
    • Circuit Level Gateway / Stateful Inspection Firewall
      • Maintains state information of stream
      • Tunnel/virtual circuit created
      • Layer 5
      • Fast
      • Application Level Gateway
        • Think proxy server
        • Slows down the channel

Firewall Architectures

Screening Router

  • Placed Between trusted and untrusted networks
  • ACL based but otherwise basic

Dual Homed Gateways / Bastion Host

  • Think proxies, gateways, etc
  • Usually a hardened system

Screened Host Gateways

  • Uses screening router to an internal bastion host (think DMZ on home routers)
  • Screened Subnet
  • Think DMZ, uses screening router – bastion host – screening router

IPS, IDP & IDPS

  • Active: IPS (Automatically stops bad traffic)
  • Passive: IDS (Monitors and analyses)
  • Knowledge Based: Signature, low false alarm rates, signatures need to be up to date
  • Behavior Based: Baselines, high false alarm rates, traffic may change over time

Remote Access

RAS (PAP, CHAP, EAP), RADIUS, Diameter, TACAS

VPNs

  • Client to Firewall, Firewall to Firewall, Router to Router
  • PPTP: Layer 2 (Microsoft)
  • L2F: Layer 2 (Cisco)
  • L2TP: Combination of PPTP and L2F
  • IPSec VPN
    • Modes
      • Transport: only data is encrypted
      • Tunnel: Entire packet is encrypted
  • Protocols & Terms
    • Security Association (SA): Details individual tunnel (each AH and ESP requires one 2:n SAs)
    • Authentication Header (AH): Integrity, Authentication and Non-repudiation
    • Encapsulation Security Payload (ESP): Confidentiality
    • SPI: 32 bit string identifying SA
    • Destination IP
    • Security Protocol ID: Either AH or ESP
    • IKE (Internet Key Exchange)

WLAN

  • Modes: Root, Repeater, Bridge, (ad-hoc)
  • WEP
    • RC4 Ciher, 40 or 104 bit key (+IV (24bit) = 64 or 128bit), CRC-32, NOT SECURE
    • WPA
      • 802.11x TKIP, key plus counter
      • WPA2
        • AES, counter mode and Cipher Block Chaining (CBC)

Email Security

RBLs, scanning, reputation, third party, in-house, etc

Web Security

Script injections, buffer overflow, DoS

Attacks

Bluejacking and Bluesnarfing: Bluetooth

Fraggle: UDP Echo

ICMP Flood: Large number of pings

Session Hijacking: Poor generation of session numbers

Smurf: ICMP echo request broadcast to susceptible network segment which then saturate the target

Syn Flood: Half opened TCP connections flood the target and left half open, consumes resources

Teardrop: Fragments of length of packets confuse the target

UDP Flood: UDP consumes bandwidth

[alert style=”red”]In NO way should these notes be used as your sole source of study for the CISSP exam.  These notes lack things completely that could be included on your exam.  I in no way provide any guarantee or assurance that these notes are correct or satisfactory for your learning.  For further information see my CISSP Study and Exam Tips.[/alert]

Related

Written by gyp - November 25, 2013 - 2643 Views
Tags | cissp, isc, qualification, revision, security

You Might Also Like

Fail2ban

October 2, 2010

ISC(2) CISSP Revision Notes – Study and Exam Tips

November 25, 2013

How to Block Internet Access with Group Policy (GPO)

July 9, 2017

3 Comments

  • ISC(2) CISSP Revision Notes – Software Development Security | Gyp the Cat dot Com November 25, 2013 at 1:07 am

    […] ISC(2) CISSP Revision Notes – Study and Exam Tips ISC(2) CISSP Revision Notes – Overarching Themes for the CISSP ISC(2) CISSP Revision Notes – Access Control ISC(2) CISSP Revision Notes – Business Continuity and Disaster Planning ISC(2) CISSP Revision Notes – Cryptography ISC(2) CISSP Revision Notes – Information Security Governance and Risk Management ISC(2) CISSP Revision Notes – Legal, Regulatory, Investigations and Compliance ISC(2) CISSP Revision Notes – Operations Security ISC(2) CISSP Revision Notes – Security Architectural Design ISC(2) CISSP Revision Notes – Software Development Security (You are here) ISC(2) CISSP Revision Notes – Telecommunications and Network Security […]

    Reply
  • ISC(2) CISSP Revision Notes – Access Control | Gyp the Cat dot Com November 25, 2013 at 1:42 am

    […] ISC(2) CISSP Revision Notes – Study and Exam Tips ISC(2) CISSP Revision Notes – Overarching Themes for the CISSP ISC(2) CISSP Revision Notes – Access Control (You are here) ISC(2) CISSP Revision Notes – Business Continuity and Disaster Planning ISC(2) CISSP Revision Notes – Cryptography ISC(2) CISSP Revision Notes – Information Security Governance and Risk Management ISC(2) CISSP Revision Notes – Legal, Regulatory, Investigations and Compliance ISC(2) CISSP Revision Notes – Operations Security ISC(2) CISSP Revision Notes – Security Architectural Design ISC(2) CISSP Revision Notes – Software Development Security ISC(2) CISSP Revision Notes – Telecommunications and Network Security […]

    Reply
  • ISC(2) CISSP Revision Notes – Study and Exam Tips | Gyp the Cat dot Com November 27, 2013 at 1:18 pm

    […] ISC(2) CISSP Revision Notes – Study and Exam Tips (You are here) ISC(2) CISSP Revision Notes – Overarching Themes for the CISSP ISC(2) CISSP Revision Notes – Access Control ISC(2) CISSP Revision Notes – Business Continuity and Disaster Planning ISC(2) CISSP Revision Notes – Cryptography ISC(2) CISSP Revision Notes – Information Security Governance and Risk Management ISC(2) CISSP Revision Notes – Legal, Regulatory, Investigations and Compliance ISC(2) CISSP Revision Notes – Operations Security ISC(2) CISSP Revision Notes – Security Architectural Design ISC(2) CISSP Revision Notes – Software Development Security ISC(2) CISSP Revision Notes – Telecommunications and Network Security […]

    Reply
  • Please Post Your Comments & Reviews
    Cancel reply

    Your email address will not be published. Required fields are marked *

    Previous Post
    Next Post

    Latest Posts

    • Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
    • HTTP to HTTPS Redirect on Azure CDN
    • Strongswan IPSec (Including Cryptomap) to Microsoft Azure Virtual Network Gateway
    • Black Ops 3 NAT Type Strict & PS4 NAT Type 3 with pfSense Fixed!
    • Sorry for the lack of posts
    • How to Block Internet Access with Group Policy (GPO)
    • Enforcing Microsoft Office 365 and Azure Tennancy with McAfee Web Gateway (MWG)
    • Scanning Subnet for Issuing Certificate Authority with OpenSSL
    • How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
    • Steam & Valve IP Ranges

    Top Posts & Pages

    • IPSec VPN Host to Host on Ubuntu 14.04 with strongSwan
      IPSec VPN Host to Host on Ubuntu 14.04 with strongSwan
    • How to Block Internet Access with Group Policy (GPO)
      How to Block Internet Access with Group Policy (GPO)
    • How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
      How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
    • Tinyproxy A Quick and Easy Proxy Server on Ubuntu
      Tinyproxy A Quick and Easy Proxy Server on Ubuntu
    • ISEB Business Analysis (BA) Revision Notes
      ISEB Business Analysis (BA) Revision Notes
    • How to Log BIND Queries on Ubuntu 12.10
      How to Log BIND Queries on Ubuntu 12.10
    • Steam & Valve IP Ranges
      Steam & Valve IP Ranges
    • HTTP to HTTPS Redirect on Azure CDN
      HTTP to HTTPS Redirect on Azure CDN
    • Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
      Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA

    Tags

    apache2 azure azure log analytics blops business centos cheating cissp cloudflare cryptography dns game google gyp internet iphone ipsec isc linux mac marketing microsoft mw2 mx mysql nginx pfsense postfix proxy ps3 qualification radius revision security seo smtp socks squid ssh strongswan tinyproxy ubuntu windows 2012 wordpress xdecrypt.com
    Gyp the Cat dot Com

    Some rights retained Gyp the Cat Dot Com