.NODE

TELECOMMUNICATIONS AND NETWORK SECURITY

  1. The goal of security is to protect confidentiality, integrity, and availability.
  2. ARP poisoning sends fake ARP packets to change ARP cache tables and redirect traffic.
  3. DNS spoofing is much like ARP poisoning, except the attack attempts to poison the DNS cache. Victims can be redirected to wrong Internet sites.
  4. Sniffing is a passive attack that requires the attacker to gain some type of access to the network. Any clear-text information is at risk. FTP, Telnet, SMTP, and SNMP can be targets.
  5. POTS is a voice-grade analog telephone service used for voice calls and for connecting to the Internet and other locations via modem.
  6. ISDN is a communication protocol that operates similar to POTS, except all digital signaling is used. ISDN uses separate frequencies that are called "channels." It is configured as follows:

    ISDN BRI Two 64Kbps B channels and one 16Kbps D channel

    ISDN PRI Twenty-three 64Kbps B channels (US) and one 16Kbps D channel

  7. The seven layers of the Open Systems Interconnect models are: application, presentation, session, transport, network, data link, and physical.
  8. TCP/IP is the foundation of the Internet as we know it today. TCP/IP is similar to the OSI model but consists of only four layers. TCP/IP includes

    TCP A reliable, slow, and connection-oriented protocol that ensures that packets are delivered to the destination computer

    UDP A fast, best-effort, non-connection-oriented protocol

  9. Routing protocols can be divided into two broad categories.

    Distance-vector protocols: RIP

    Link-state protocols: OSPF

  10. TCP/IP data can be addressed as a unicast to one particular system; a multicast, which targets a group; or a broadcast, which goes to all systems.
  11. Data can be transmitted into two fundamental methods, including analog or digital, which converts the signals to a binary value.
  12. Information can move in two ways:

    Asynchronous communication Two devices are not synchronized in any way.

    Synchronous communication Two devices are synchronized and usually controlled by a clocking mechanism.

  13. Baseband transmission means the cable is used for the transmission of data.
  14. Broadband transmission means the cable is divided into channels so that different types of data can be transmitted at a time.
  15. Firewalls are used as a choke point and to control traffic into and out of a network.
  16. Common firewall terms include

    Demilitarized zone (DMZ) A network segment that is located between the protected and the unprotected networks.

    Bastion host A device that has been hardened and is to be deployed in the DMZ.

    Packet filtering Considered a first level of defense. Access is based on rules.

    Stateful packet filtering Method of control that keeps a state table to keep track of activity and control access.

    Proxy Stands between the trusted and untrusted network.

  17. Honeypots are computers that are used to attempt to lure attackers away from the real network assets.

The CISSP Cram Sheet

A Note from Series Editor Ed Tittel

About the Author

Acknowledgments

We Want to Hear from You!

Introduction

Self-Assessment

The CISSP Certification Exam

Physical Security

Security-Management Practices

Access-Control Systems and Methodology

System Architecture and Models

Telecommunications and Network Security

Applications and Systems-Development Security

Operations Security

Business Continuity Planning

Law, Investigations, and Ethics

Cryptography

Practice Exam 1

Answers to Practice Exam 1

Practice Exam 2

Answers to Practice Exam 2

show all menu





CISSP Exam Cram 2
CISSP Exam Cram 2
ISBN: 078973446X
EAN: 2147483647
Year: 2003
Pages: 204
Authors: Michael Gregg
Similar book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net