Communications and Network Security

Organizations depend on their network infrastructure to securely transmit data flows across networks—local area networks (LANs), wide area networks (WANs), metropolitan area networks (MANs), internets, intranets, extranets—both internally and externally to other entities. These security structures must ensure the integrity, availability, and confidentiality of organizations' information. Whether they use analog or digital methods of data network communication or synchronous or asynchronous modes of communication, network structures must employ strategies for both detecting and mitigating the risk of network attacks.

The seven-layer Open Systems Interconnection (OSI) reference model, considered the "foundation of communication networks," provides the base for the development of the five-layer TCP/IP Protocol architecture, which is widely used to provide these protections to data in motion.

Both wired (e.g., twisted pair, coaxial cable, fiber optic) and wireless (e.g., microwave, spread-spectrum, 3G, Bluetooth) solutions must be supported. Network devices (e.g., switches, routers, modems, gateways, firewalls) must be securely configured. Secure communications accomplished through routing protocols must be implemented. And technical countermeasures, such as intrusion detection and prevention (IDS/IPS) systems, must be put in place to protect against cyberattacks (e.g., denial-of-service attacks (DoS), distributed denial-of-service attacks, MAC flooding) and cyberterrorism.

Click on each of the following links for topics related to the Certified Information Systems Security Personnel (CISSP) Common Body of Knowledge to help you better understand the subject area.


Jha, A. (n.d.). Networking: OSI reference model [Blog post]. Used under the Creative Commons Attribution 4.0 International license. Retrieved from

Jha, A. (n.d.). TCP/IP model [Blog post]. Used under the Creative Commons Attribution 4.0 International license. Retrieved from

Ouyang, A. (n.d.). Telecommunications & network security domain -- part 1. In CISSP common body of knowledge review. Used under the Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported license. Retrieved from