CISSP Domains: Who’s on first?
I just realized something today that I found a tad bit annoying. The numbering of the domains of the CISSP Common Body of Knowledge (CBK) is actually trivial (can’t think of a better word at the moment). I am reviewing some items on my CISSP notes today and was looking at Domain 2: Telecommunications and Network Security. I wanted to compare some of my notes (written in 2006) to whatever else I can find in the web.
So I Googled, “CISSP Domain 2”. The result was TechTarget’s SearchSecurity.com listed at number 1. And it says “CISSP Domain 2 quiz: Access Control.” Access Control? What do you mean Access Control? I thought “Telecommunications and Network Security” is the CBK”s Domain 2? Read more
CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Virtual Private Networks
Virtual Private Networks
- Secure connection between two nodes using secret encapsulation method
- Secure Encrypted Tunnel – encapsulated tunnel (encryption may or may not be used)
- Tunnel can be created by the following three methods:
- Installing software or agents on the client or network gateway
- Implementing user or node authentication systems
- Implementing key and certificate exchange systems
PMP Review Notes (Chapter 1) – Projectized Organizations
Projectized Organizations
- Nearly the opposite of functional organizations
- Focus is the project itself
- Idea is to develop loyalty to the project, not to a functional manager
- Organizational resources are dedicated to projects and project work Read more
CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Network Address Translation
NAT – Network Address Translation
- 3 Private IP Address Ranges
- Global Non-routable Addresses
- Class A – 10.0.0.0 to 10.255.255.255
- Class B – 172.16.0.0 to 172.31.255.255
- Class C – 192.168.0.0 to 192.168.255.255 Read more
PMP Review Notes (Chapter 1) – Functional Organizations
Functional Organizations
- Centered on specialties and grouped by function
- Set-up to be a hierarchy / Has chain of command
- Workers are assigned to departments assigned with a particular function, workers specialize in an area of expertise
- Clear upward career path for employees of a functional organization
- Disadvantage: Projects have very little or no formal authority
- Projects are typically undertaken in a divided approach
- Competition for resources and project priorities can be very fierce Read more
CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Firewalls
Firewalls
Packet Filtering Firewall – First Generation
- Screening router
- Operates at Network and Transport Level
- Examines Source and Destination IP address
- Can deny based on ACLs
- Can specify port
You may also want to consider these CISSP resources from Amazon.com
CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Security Protocols
Security Protocols
At the OSI Application Layer
SET – Secure Electronic Transaction
- Originated by Visa and Mastercard
- Being overtaken by SSL
SHTTP – Secure HTTP
- Early standard for encrypting HTTP documents
- Also being overtaken by SSL
PMP Review Notes (Chapter 1) – What is Project Management?
Project Management
- Brings together a set of tools and techniques – performed by people – to describe, organize and monitor the work of project activities
- According to PMBOK Guide: involves applying knowledge skills, tools and techniques during the course of the project to accomplish the project’s objective; it is the responsibility of the project manager to ensure that project management techniques are applied and followed
CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – More Protocols
Host-to-Host Transport Layer Protocols
TCP – Transmission Control Protocol
- Connection oriented
- Sequenced packets
- Acknowledgement is sent back for received packets
- If no acknowledgement then packet is resent
- Packets are re-sequenced
- Manageable data flow is maintained
Note: TCP and UDP use dynamic port numbers greater than 1023
PMP Review Notes (Chapter 1) – Projects Defined
Projects
- Temporary in nature
- Have definite start dates and definite end dates
- Completed when goals and objectives are accomplished to the satisfaction of the stakeholders
- Exist to bring about a product, service, or result that didn’t exist before
- Unique
Join Me On Facebook
Business Tech Press Releases- How to Get Bloggers to help in Your Press Release Distribution May 20, 2012
- Companies Cash In With Their Unwanted Computers, Electronics & Inventory May 20, 2012
- Sea Launch Prepares for the Launch of Intelsat-19 May 20, 2012
- Irosoft anuncia la exitosa implementación de sus soluciones LIMS en Barbados May 19, 2012
- El nuevo Barneys.com es más que comprar, es comprar con una historia May 19, 2012
- From the National Vulnerability Database
- CVE-2012-1090 (linux_kernel) May 16, 2012The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO. […]nvd@nist.gov
- CVE-2012-2123 (linux_kernel) May 16, 2012The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities (aka fcaps) for implementing a privileged executable file, which allows local users to bypass intended personality restrictions via a crafted application, as demonstrated by an attack that uses a parent process […]nvd@nist.gov
- CVE-2012-0044 (linux_kernel) May 16, 2012Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call. […]nvd@nist.gov
- CVE-2012-2121 (linux_kernel) May 16, 2012The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices. […]nvd@nist.gov
- CVE-2012-0207 (linux_kernel) May 16, 2012The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets. […]nvd@nist.gov
- CVE-2012-1601 (linux_kernel) May 16, 2012The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists. […]nvd@nist.gov
- CVE-2011-4621 (linux_kernel) May 16, 2012The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop. […]nvd@nist.gov
- CVE-2012-1179 (linux_kernel) May 16, 2012The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages. […]nvd@nist.gov
- CVE-2012-0879 (linux_kernel) May 16, 2012The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context. […]nvd@nist.gov
- CVE-2012-1146 (linux_kernel) May 16, 2012The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. […]nvd@nist.gov
- CVE-2012-1090 (linux_kernel) May 16, 2012