Introduction

Data communications, as defined by the SSCP exam objectives, encompass the structures, transmission methods, transport formats, and security measures used to provide integrity, availability, authentication, and confidentiality for data transmitted over private and public communications paths.

Information is processed data that is compiled in a manner that is useful to individuals. Data networks allow data to be shared in ways that were not thought possible 20 years ago. It is the security administrator's job to ensure that the data is confidential, accurate, and available. A data network is an organization's livelihood and must be protected as such. Keeping data confidential means that it must not be made available to unauthorized sources. Keeping data accurate means that the message must be received exactly as it was sent. To keep data available means it must be protected from network outages caused by physical failures or attackers.

This chapter covers a broad range of information that is required for the SSCP exam. It begins by looking at networking concepts such as local area networks (LANs), wide area networks (WANs), and the Open Systems Interconnect (OSI) model. In each section, the risks associated with each topic are covered. It then moves on to the subject of firewalls and virtual private networks (VPNs) and their related technologies. And finally, it looks at common network attack methods and ways to defend against them. All of these sections will build on each other and provide you with the knowledge you will need to protect the data on your network and to help you pass the SSCP exam.