In the previous post on CISSP Demystifying Domain 3: Security Architecture and Engineering we discussed the major CISSP exam objectives for Domain 3.
Domain 4 - Communications and Network Security of the CISSP exam focuses on communications and network security. This domain covers a wide range of topics including network architectures, network devices, protocols, and securing network transmissions. For candidates, this domain can seem overwhelming given the breadth of content. Weighted at 13% it is one of the larger domains to cover and very important to understand conceptually. If you can or already understand all 7 OSI model layers and where packets, frames and protocols fit within them ... you are already off to a great start!
In this article, I will break down the key areas of focus and provide recommendations for the best educational resources written and online video wise to prepare for this domain.
Starting off I want to highly recommend the following FREE CISSP Domain 4 Youtube video resource by Pete Zerger and his Inside Cloud and Security CISSP series and channel. I used this one extensively while running, working out etc and consistently listened to it at 1.5x or 2.x or higher speeds over and over to hash out the specific focus areas of Domain 4: Communications and Network Security.
03:54:31 - Domain 4: Communications and Network Security
Network architectures: Understand common architectures like local area networks (LANs) and wide area networks (WANs).
Study network topologies in depth including mesh, star, bus, ring, and hybrid networks.
*Know the OSI and TCP/IP models inside and out and how they relate
Network devices: Be familiar with different types of intrusion prevention (IPS) and intrusion detection (IDS) systems, routers, switches, firewalls, proxies, gateways, access points and other network hardware.
Understand how each device operates and its role in a network and within the TCP/IP and OSI 7 layer models.
Resources: Cisco’s beginner networking course on Udemy and the Boson CISSP practice exams (for more technical in depth questions).
CISSP Exam Study Material Resources such as the following:
(ISC)2 CISSP (Sybex) Study Guide 9th Edition
Luke Ahmeds : How To Think Like A Manager
Destination CISSP - A Concise Guide - Rob Witcher
will help strengthen your knowledge.
Protocols: Know common protocols for each layer of the OSI and TCP/IP models, especially IP, TCP, UDP, DNS, DHCP, SNMP, SSH, and HTTPS. Understand how each protocol supports network functionality and security.
Resources: The Shon Harris All-In-One 9th Edition CISSP Guide
Securing network transmissions: Review methods for securing data including encryption, VPNs, tunneling, and port security. Know how tools like IPSec, SSL, TLS, SSH and certificates work to protect communications.
Resources: Skillset’s CISSP certification course and the YouTube channel “IT Dojo.”
Maintaining a high-level understanding of each topic and how they connect is key to success in this domain. Studying diagrams, watching video overviews and completing practice questions will boost comprehensive of the material. With work and the right resources, Domain 4: Communications and Network Security does not have to remain a mystery.
I'm happy you are here and I hope this helps you reach all of your CISSP certification and future goals!
Now study and go schedule your CISSP exam—you've GOT THIS!
