Organizations depend on their network infrastructure to securely transmit data flows across networks—local area networks (LANs), wide area networks (WANs), metropolitan area networks (MANs), internets, intranets, extranets—both internally and externally to other entities. These security structures must ensure the integrity, availability, and confidentiality of organizations' information. Whether they use analog or digital methods of data network communication or synchronous or asynchronous modes of communication, network structures must employ strategies for both detecting and mitigating the risk of network attacks.
The seven-layer Open Systems Interconnection (OSI) reference model, considered the "foundation of communication networks," provides the base for the development of the five-layer TCP/IP Protocol architecture, which is widely used to provide these protections to data in motion.
Both wired (e.g., twisted pair, coaxial cable, fiber optic) and wireless (e.g., microwave, spread-spectrum, 3G, Bluetooth) solutions must be supported. Network devices (e.g., switches, routers, modems, gateways, firewalls) must be securely configured. Secure communications accomplished through routing protocols must be implemented. And technical countermeasures, such as intrusion detection and prevention (IDS/IPS) systems, must be put in place to protect against cyberattacks (e.g., denial-of-service attacks (DoS), distributed denial-of-service attacks, MAC flooding) and cyberterrorism.
Click on each of the following links for topics related to the Certified Information Systems Security Personnel (CISSP) Common Body of Knowledge to help you better understand the subject area.
Ad-Hoc Wireless Network
Attacks to Enterprise Networks
Auditing and Logging of Changes
Bring Your Own Device (BYOD)
Cross-Site Scripting (XSS/CSRF) Flaws
Cyber-Physical Systems (CPS)
Data in Motion
Data in Transit Vulnerabilities
Enclave Boundary Defense
Form Factors of Smart Devices and Other Wireless Technologies
Internet of Things (IoT)
IP Address Schemes
IP Spoofing and Packet Sniffing
Open and Closed Networks
Overview of Cellular Networks
PCI Standards DSS 12 Requirements
SQL PL/SQL, XML and Other Injections
Jha, A. (n.d.). Networking: OSI reference model [Blog post]. Used under the Creative Commons Attribution 4.0 International license. Retrieved from http://cyberlingo.blogspot.com/2016/09/networking-osi-reference-model.html
Jha, A. (n.d.). TCP/IP model [Blog post]. Used under the Creative Commons Attribution 4.0 International license. Retrieved from http://cyberlingo.blogspot.com/2016/09/tcpip-model.html
Ouyang, A. (n.d.). Telecommunications & network security domain -- part 1. In CISSP common body of knowledge review. Used under the Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported license. Retrieved from http://opensecuritytraining.info/CISSP-3-TNS_files/3-Telecom+Network-Part1.pdf