CISSP Exam Note (Telecommunications and Networking Security Domain) – LAN Media Access Methods

April 2, 2010 · Posted in Don's eBook Report, IT Docs, InfoSec Docs, Information Security, Information Technology, eBooks, etc... · Comment

LAN Media Access Methods

Physical & Data Link Layers
Controls the use of a network

Ethernet 802.3

Uses CSMA/CD
Designed for sporadic traffic
Defines a bus topology with 3 different cabling standards:
- Thinnet (10Base2) – coax with segments up to 185 meters
- Thicknet (10Base5) – coax with segments up to 500 meters
- Unshielded Twisted Pair (UTP) – all devices connected to a hub or a switch

Tags: ARCnet, CSMA/CD, ethernet, FDDI, LAN, media access methods, thicknet, thinnet, token ring, UTP

CISSP Exam Note (Telecommunications and Networking Security Domain) – 5 Common LAN Topologies

March 30, 2010 · Posted in Don's eBook Report, IT Docs, InfoSec Docs, Information Security, Information Systems, Information Technology, eBooks, etc... · Comment

Topologies – defines the manner in which the network devices are organized to facilitate communication

Bus

All transmissions travel full length of the cable and receive by all other stations
Single point of failure n the cable
If one of the links between any of the computers is broken, the network is down
Primarily Ethernet
These networks were originally designed to work with more sporadic traffic Read more

Tags: bus, CISSP RE, CISSP reviewer, LAN, LAN topologies, mesh, ring, star, topologies, tree

CISSP Exam Note (Telecommunications and Networking Security Domain) – Data Networking Technologies

March 29, 2010 · Posted in Don's eBook Report, InfoSec Docs, Information Security, Information Systems, Information Technology, Internet Docs, eBooks, etc... · Comment

LAN Cabling Types

Twisted Pair Cable

Relatively slow speed
Two insulated wires can be shielded (STP0 or unshielded (UTP)
UTP is four-pair medium and comes in several categories
UTP can be easily tapped by eavesdroppers than the other cable types
Category based on how tightly wound the wires are, the tighter the wind the higher the rating and the higher the resistance to interference
Cat 1 UTP – was used for telephone lines, not good for data
Cat 2 UTP – up to 4 MBps
Cat 3 UTP – Used for 10BaseT networks up to 10 MBps
Cat 4 UTP – Used in Token Ring Networks up to 16 MBps
Cat 5 – Current UTP standard for new installations up to 100MBps
Cat 6 UTP – up to 155MBps
Cat 7 UTP – up to 1 GBps

You may also want to consider these CISSP resources from Amazon.com

Tags: ARCnet, baseband, broadband, broadcast, CAT 5, CAT 6, CISSP Exam Notes, coaxial cable, CSMA, CSMA/CA, CSMA/CD, FDDI, firber optic cable, LAN, LAN cabling types, LAN transmission methods, LAN transmission protocols, multicast, Polling, thicknet, thinnet, token passing, token ring, twisted pair, unicast, unshielded, UTP

CISSP Exam Note (Telecommunications and Networking Security Domain) – Common Data Network Services

March 26, 2010 · Posted in Don's eBook Report, IT Docs, InfoSec Docs, Information Security, Information Systems, Information Technology, eBooks, etc... · Comment

File Services – Share data files and subdirectories on the file server

Mail Services – Send and receive e-mail internally and externally

Print Services – Print documents to shared printers

Client/Server Services – Allocate computing resources among workstations Read more

Tags: CISSP Exam, CISSP reviewer, client/server, client/server services, data network services, DNS, domain name service, file services, mail services, print services

CISSP Exam Note (Telecommunications and Networking Security Domain) – Data Networking Basics

March 23, 2010 · Posted in Don's eBook Report, InfoSec Docs, Information Security, Information Technology · Comment

Data Network Types:

Local Area Network (LAN)
Wide Area Network (WAN)
Internet, Intranet and Extranet

You may also want to consider these CISSP resources from Amazon.com

Tags: asynchronous communications, CISSP reviewer, data network types, extranet, internet, intranet, LAN, local area network, synchronous communications, WAN, wide area network

CISSP Domains: Who’s on first?

March 19, 2010 · Posted in Don's eBook Report, InfoSec Docs, Information Security, Information Systems · Comment

I just realized something today that I found a tad bit annoying. The numbering of the domains of the CISSP Common Body of Knowledge (CBK) is actually trivial (can’t think of a better word at the moment). I am reviewing some items on my CISSP notes today and was looking at Domain 2: Telecommunications and Network Security. I wanted to compare some of my notes (written in 2006) to whatever else I can find in the web.

So I Googled, “CISSP Domain 2”. The result was TechTarget’s SearchSecurity.com listed at number 1. And it says “CISSP Domain 2 quiz: Access Control.” Access Control? What do you mean Access Control? I thought “Telecommunications and Network Security” is the CBK”s Domain 2? Read more

Tags: Access Control, Application Development Security, Business Continuity and Disaster Recovery Planning, CISSP Domains, CISSP Exam, Common Body of Knowledge, Cryptography, Information Security Governance and Risk Management, Investigations and Compliance, ISC2, Legal, Official CISSP Book, Operations Security, Physical (Environmental) Security, Regulations, Security Architecture and Design, Shon Harris, Telecommunications and Network Security

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Virtual Private Networks

March 16, 2010 · Posted in Don's eBook Report, InfoSec Docs, Information Security, Information Technology · Comment

Virtual Private Networks

Secure connection between two nodes using secret encapsulation method
Secure Encrypted Tunnel – encapsulated tunnel (encryption may or may not be used)
Tunnel can be created by the following three methods:
- Installing software or agents on the client or network gateway
- Implementing user or node authentication systems
- Implementing key and certificate exchange systems

Tags: CISSP, CISSP Exam, Firewall-based VPNs, IPSec, IPSec Compatible, L2TP, Layer 2 Tunneling Protocol, Non-IPSec Compatible, Point-to-Point Tunneling Protocol, PPTP, Virtual Private Networks, VPN, VPN Devices, VPN Protocal Standards

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Network Address Translation

March 15, 2010 · Posted in Don's eBook Report, IT Docs, InfoSec Docs, Information Security, Information Technology · Comment

NAT – Network Address Translation

3 Private IP Address Ranges

Global Non-routable Addresses
Class A – 10.0.0.0 to 10.255.255.255
Class B – 172.16.0.0 to 172.31.255.255
Class C – 192.168.0.0 to 192.168.255.255 Read more

Tags: CISSP Exam, CISSP Exam Review, Global Nonroutable addresses, multicast, NAT, Network Address Translation

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Firewalls

March 12, 2010 · Posted in Don's eBook Report, InfoSec Docs, Information Security, Information Systems, Information Technology · Comment

Firewalls

Packet Filtering Firewall – First Generation

Screening router
Operates at Network and Transport Level
Examines Source and Destination IP address
Can deny based on ACLs
Can specify port

You may also want to consider these CISSP resources from Amazon.com

Tags: application level firewall, CISSP RE, CISSP reviewer, dynamic packet filtering firewall, firewalls, kernel proxy, NT kernel, packet filtering firewall, proxy server, screening router, stateful inspection firewall, TCP/IP, UDP

CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols – Continued

March 7, 2010 · Posted in Don's eBook Report, InfoSec Docs, Information Security, Information Systems, Information Technology · Comment

Data Encapsulation

The process in which information from one packet is wrapped around or attached to the data of another packet
In the OSI model each layer encapsulates the layer immediately above it

OSI Layers

Process down the stack and up the stack
Each layer communicates with corresponding layer through the stack

Tags: CISSP Review, data encapsulation, OSI layers, OSI Security Mechanisms, OSI Security Services, TCP/IP Suite of Protocols

Join Me On Facebook

Trehb101 - Got Geek?

Promote Your Page Too
Entry Categories
- All Other Items (1)
- Biz Mgt & Dev (8)
- Blog-keeping (1)
- Bum-A-Post (3)
- Don's eBook Report (22)
- eBooks, etc… (9)
- eCommerce / eBiz (22)
- Entrepreneurship (21)
- Geek Mail (4)
- Information Security (49)
- Information Systems (46)
- Information Technology (34)
- InfoSec Docs (11)
- Internet Docs (3)
- Internet Marketing (44)
- IT Docs (4)
- Life Happens (22)
- Project Management (28)
- Random Stuff (13)
- The Demondaynizer (4)
- The Internet (75)
- Web Design / Development (34)
- Yeah Boy! Yah Suck! (5)
Recent Posts
Follow Me on Twitter
Business Tech Press Releases
- Cisco CCNP SWITCH Training Released by TrainSignal February 8, 2012
- The Pinball Arcade Launches on iOS and Android February 8, 2012
- Synopsys Announces Earnings Release Date for the First Quarter Fiscal Year 2012 February 8, 2012
- Apogee Shares Success Story at Major Industry Conference February 8, 2012
- Great Place to Work® Celebrates Strong Workplace Cultures Through the "We Heart Our Workplace" Video Contest February 8, 2012
Archives
Tags

Book Building business CISSP CISSP Exam CISSP reviewer Development Dummies eBusiness Edition Engine Entrepreneurship Exam facebook From Google Guide Hardcover Information Information Security internet Joomla Maceo MAD MAC Management marketing Media Online Optimization Paperback PMP Exam Professional Project Search Secrets Security Social strategies Technology Trehb101 Tweets Twitter with Wordpress Your

Your Shopping Cart
Your cart is empty
Calendar

February 2012

M T W T F S S

« Mar

1 2 3 4 5

6 7 8 9 10 11 12

13 14 15 16 17 18 19

20 21 22 23 24 25 26

27 28 29
From the National Vulnerability Database
- CVE-2012-1034 (episerver_cms) February 7, 2012
  Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. […]
  nvd@nist.gov
- CVE-2011-5076 (hdwiki) February 6, 2012
  SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. […]
  nvd@nist.gov
- CVE-2012-1021 (4images) February 6, 2012
  Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote attackers to inject arbitrary web script or HTML via the cat_parent_id parameter in an addcat action. […]
  nvd@nist.gov
- CVE-2012-1031 (episerver_cms) February 6, 2012
  Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417. […]
  nvd@nist.gov
- CVE-2012-1008 (officesip_server) February 6, 2012
  OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message. […]
  nvd@nist.gov
- CVE-2012-0992 (openemr) February 6, 2012
  interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter. […]
  nvd@nist.gov
- CVE-2012-1004 (foswiki) February 6, 2012
  Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl, (6) Profession, (7) Country, (8) State, (9) Address, (10) Location, (11) Telephon […]
  nvd@nist.gov
- CVE-2012-1019 (xwiki_enterprise) February 6, 2012
  Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) XWiki.XWikiComments_comment parameter to xwiki/bin/commentadd/Main/WebHome, (2) XWiki.XWikiUsers_0_company parameter when editing a user profile, or (3) projectVersion parameter to xwiki/bin/view/DownloadCode/D […]
  nvd@nist.gov
- CVE-2012-1002 (openconf) February 6, 2012
  Unspecified vulnerability in OpenConf 4.x before 4.12 has unknown impact and attack vectors. […]
  nvd@nist.gov
- CVE-2012-1029 (tube_ace) February 6, 2012
  SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these details are obtained from third party information. […]
  nvd@nist.gov

February 2012
M	T	W	T	F	S	S
« Mar
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29

Information Security : Information Technology Project Management : Life

Join Me On Facebook

Entry Categories

Recent Posts

Follow Me on Twitter

Archives

Tags

Your Shopping Cart

Calendar

Information Security : Information Technology
Project Management : Life