Domain: Telecommunication and Network Security

TheProfezzor

Hello,

I've been going through different domains from different books and, I always find this particular domain very scary. I'm not quite familiar with the networking and telecommunication world and therefore, almost all of it is new to me. Is there any way, I can make this domain, appear less scary . It's the only hindrance I am facing.

JockVSJock

TheProfezzor wrote: »

Hello,

I've been going through different domains from different books and, I always find this particular domain very scary. I'm not quite familiar with the networking and telecommunication world and therefore, almost all of it is new to me. Is there any way, I can make this domain, appear less scary . It's the only hindrance I am facing.

My question to you is what resources are you using to study for the CISSP? Recommendation would be to find the CISSP sunflower pdf, which can be found on this forum.

Since I have Network+ and networking experience, some of the material is familiar to me.

However I would recommend reviewing flash cards and/or notes that you are not familiar with (protocols, port numbers, types of firewalls, routing protocols, various TCP/IP flags, different type of network attacks, etc.)

TheProfezzor

JockVSJock wrote: »

My question to you is what resources are you using to study for the CISSP? Recommendation would be to find the CISSP sunflower pdf, which can be found on this forum.

Since I have Network+ and networking experience, some of the material is familiar to me.

However I would recommend reviewing flash cards and/or notes that you are not familiar with (protocols, port numbers, types of firewalls, routing protocols, various TCP/IP flags, different type of network attacks, etc.)

Irrespective of resources, I find it very confusing and hard to retain. I've tried using Shon Harris, Eric Conrad and the Official. Since the domain is new to me, it seems quite confusing and very irritating not being able to comprehend what it's about. Also, I don't know to what extent do I need to cover this domain, since CISSP isn't a technical domain.

sojourn

Have you read through the Sunflower PDF? I think the tough part of T & NS is that it is very vast and there are some quite out-there concepts to get your ahead around, if you're not already familiar with them. I remember learning subneting, masks, CIDR etc for the first time and it was a tough concept for me back then.

From reading various exam reports from people on here, the T & NS domain is one of the most examined of all 10. There are loads of questions. I think it would be good to retain as much as possible, and the Sunflower PDF does condense that down quite well.

philz1982

Get the CCNA or CCDA and you will laugh at this domain it is really quite basic. The hardest part is memorizing codecs for VOIP.

TheProfezzor wrote: »

Hello,

I've been going through different domains from different books and, I always find this particular domain very scary. I'm not quite familiar with the networking and telecommunication world and therefore, almost all of it is new to me. Is there any way, I can make this domain, appear less scary . It's the only hindrance I am facing.

Xyro

The fact that people try to work in Network Security without at least CCNA level knowledge, perplexes me. How can one secure networks if one cannot even understand how network traffic functions??

paul78

The CISSP is about information security and not network security. Securing a network perimeter is only one dimension of a comprehensive security program. I've noticed that there is a common perception that security is only about the network which is very far from the truth.

@TheProfezzor - if this domain is new to you, hopefully a little patience and practice reviewing the concepts will eventually stick. Good luck in your studies. The CISSP doesn't expect candidates to know everything. The Telecom and NetSec domain as expected for the CISSP is actually not too bad once you spend some time with it. Is there some particular aspect that you find challenging?

broli720

Network security might be one dimension, but it sure is an important one. That's what makes information security so difficult; you really have to know a bit of everything. As Paul78 said, is there something in particular that you're having issues with? We may be able to help fill in the gaps.

Xyro

broli720 wrote: »

Network security might be one dimension, but it sure is an important one. That's what makes information security so difficult; you really have to know a bit of everything.

This ^

Precisely why it perplexes me how anyone attempts to become knowledgeable in InfoSec without understanding one of the most important aspects of it. Cover CCNA material people, please. JMTC

philz1982

broli720 wrote: »

Network security might be one dimension, but it sure is an important one. That's what makes information security so difficult; you really have to know a bit of everything. As Paul78 said, is there something in particular that you're having issues with? We may be able to help fill in the gaps.

You just need to know how to google . That and have friends who are pen-testers

TheProfezzor

Xyro wrote: »

The fact that people try to work in Network Security without at least CCNA level knowledge, perplexes me. How can one secure networks if one cannot even understand how network traffic functions??

I have been working as a "Security Consultant" for quite some time now and I believe, I've done a good job. I wasn't talking about knowing the basics of network security. I was talking about, memorizing the plethora of terms, technologies and abbreviations. The concept is crystal clear to me. But, there are a lot of things, I haven't encountered in my experience. I'm having trouble cramming them, since I don't have experience in those particular concepts.

moyondizvo

TheProfezzor, how much time do you have until you sit the CISSP? If you have some time, I would strongly recommend @philz1982 advice. Go through some of the chapters in the CCNA or CCDA material, whatever you find relevant to what you are studying. It is a huge domain and quite imperative that you understand it. You don't have to sit the Cisco exams, just gaining that knowledge and understanding. Remember, repetition is key.

teancum144

If you have time, I suggest either of the following books:

• CompTIA Network+ Study Guide Authorized Courseware: Exam N10-005: Todd Lammle: 9781118137550: Amazon.com: Books
• CompTIA Network+ Certification All-in-One Exam Guide, 5th Edition (Exam N10-005): Michael Meyers: 9780071789226: Amazon.com: Books

Both are vendor neutral books to prepare you for the CompTIA Network+ exam. I've read both and they are excellent resources and easy to read. The material in the Telecommunication and Network Security domain seems like a summary/review of what is in these books.

JDMurray

paul78 wrote: »

I've noticed that there is a common perception that security is only about the network which is very far from the truth.

This was the truth in the 1990's that is unfortunately still being repeated today. Today, there are actually very few successful exploits against network devices (switches, routers, firewalls, IDS/IDP) when compared to the enormous amount of successful exploits against the Application-layer software. In the past 30 years, the attackers have moved up the OSI ladder to where the low-hanging fruit is now growing.

paul78

Right... I realize we are going off-topic but from my seat, if I had to place weight in the 2 ISC2 domains which are most applicable today, it would be Software Development Security and Operations Security.