CISSP考试指南笔记:4.16 快速提示

最新推荐文章于 2021-04-16 22:59:28 发布
最新推荐文章于 2021-04-16 22:59:28 发布
阅读量241 收藏
点赞数
分类专栏: CISSP备考资料
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xuzhina/article/details/113626427
版权

  • A protocol is a set of rules that dictates how computers communicate over networks.

  • The application layer, layer 7, has services and protocols required by the user’s applications for networking functionality.

  • The presentation layer, layer 6, formats data into a standardized format and deals with the syntax of the data, not the meaning.

  • The session layer, layer 5, sets up, maintains, and breaks down the dialog (session) between two applications. It controls the dialog organization and synchronization.

  • The transport layer, layer 4, provides end-to-end transmissions.

  • The network layer, layer 3, provides routing, addressing, and fragmentation of packets. This layer can determine alternative routes to avoid network congestion.

  • Routers work at the network layer, layer 3.

  • The data link layer, layer 2, prepares data for the network medium by framing it. This is where the different LAN and WAN technologies work.

  • The physical layer, layer 1, provides physical connections for transmission and performs the electrical encoding of data. This layer transforms bits to electrical signals.

  • TCP/IP is a suite of protocols that is the de facto standard for transmitting data across the Internet. TCP is a reliable, connection-oriented protocol, while IP is an unreliable, connectionless protocol.

  • Data is encapsulated as it travels down the network stack on the source computer, and the process is reversed on the destination computer. During encapsulation, each layer adds its own information so the corresponding layer on the destination computer knows how to process the data.

  • Two main protocols at the transport layer are TCP and UDP.

  • UDP is a connectionless protocol that does not send or receive acknowledgments when a datagram is received. It does not ensure data arrives at its destination. It provides “besteffort” delivery.

  • TCP is a connection-oriented protocol that sends and receives acknowledgments. It ensures data arrives at the destination.

  • ARP translates the IP address into a MAC address (physical Ethernet address), while RARP translates a MAC address into an IP address.

  • ICMP works at the network layer and informs hosts, routers, and devices of network or computer problems. It is the major component of the ping utility.

  • DNS resolves hostnames into IP addresses and has distributed databases all over the Internet to provide name resolution.

  • Altering an ARP table so an IP address is mapped to a different MAC address is called ARP poisoning and can redirect traffic to an attacker’s computer or an unattended system.

  • Packet filtering (screening routers) is accomplished by ACLs and is a first-generation firewall. Traffic can be filtered by addresses, ports, and protocol types.

  • Tunneling protocols move frames from one network to another by placing them inside of routable encapsulated frames.

剩余内容请看本人公众号debugeeker, 链接为CISSP考试指南笔记:4.16 快速提示

debugeeker
关注
专栏目录
CISSP学习指南:用于2018 CISSP考试的学习材料
02-05
CISSP学习指南:用于2018 CISSP考试的学习材料
CISSP学习详细笔记、错题,考点标黑标红
03-19
### CISSP 学习详细笔记与错题分析 #### 安全管理核心概念与原则 **保密性(Confidentiality)**: - **目的**:确保数据处于保密状态,阻止或最小化未授权访问(包括恶意攻击和无意识的人为错误)。 - **控制手段**...
CISSP考试指南笔记:1.20 快速提示
debugeeker的专栏
12-18 227
The objectives of security are to provide availability, integrity, and confidentiality protection to data and resources. A vulnerability is a weakness in a system that allows a threat source to compromise its security. A threat is the possibili..
CISSP考试指南笔记:2.8 快速提示
debugeeker的专栏
12-19 214
Information goes through a life cycle that starts with its acquisition and ends with its disposal. Each phase of the information life cycle requires different considerations when assessing risks and selecting controls. New information is prepared for use .
CISSP考试指南笔记:8.15 快速提示
debugeeker的专栏
04-16 349
Security should be addressed in each phase of system development. It should not be addressed only at the end of development because of the added cost, time, and effort and the lack of functionality. The attack surface is the collection of possible e..
CISSP考试指南笔记:7.14 快速提示
debugeeker的专栏
03-17 217
Facilities that house systems that process sensitive information should have physical access controls to limit access to authorized personnel only. Clipping levels should be implemented to establish a baseline of user activity and acceptable errors...
CISSP考试指南笔记:5.12 快速提示
debugeeker的专栏
03-05 269
Access is a flow of information between a subject and an object. A subject is an active entity that requests access to an object, which is a passive entity. A subject can be a user, program, or process. Some security mechanisms that provid..
CISSP考试指南笔记:6.6 快速提示
debugeeker的专栏
03-06 295
An audit is a systematic assessment of the security controls of an information system. Setting a clear set of goals is probably the most important step of planning a security audit. Internal audits benefit from the auditors’ familiarity with th..
CISSP考试指南笔记:3.24 快速提示
debugeeker的专栏
01-28 167
System architecture is a formal tool used to design computer systems in a manner that ensures each of the stakeholders’ concerns is addressed. A system’s architecture is made up of different views, which are representations of system components and ..
CISSP考试指南笔记:1.19 道德
debugeeker的专栏
12-18 207
(ISC)2 requires all certified system security professionals to commit to fully supporting its Code of Ethics. Protect society, the common good, necessary public trust and confidence, and the infrastructure. Act honorably, honestly, justly, responsi
CISSP考试指南笔记:2.6 保护资产
debugeeker的专栏
12-19 187
Data Security Controls Which controls we choose to use to mitigate risks to our information depend not only on the value we assign to that information, but also on the dynamic state of that information. Data exists in one of three states: at rest, in moti
CISSP考试资料合集(含最新第八版教程指南).zip
08-19
CISSP考试辅导资料 CISSP历年考试习题 CISSP最新全套培训讲义(完整版) CISSP 2020年最新考生复习经验分享汇总 cissp 考试复习重点与做题方法(考生汇总) 国内顶级培训机构CISSP中英文对照习题1000题 CISSP官方...
CISSP考试指南
06-18
在本文档中,有关CISSP认证考试指南的内容较为有限,但可以推断出该指南主要面向希望考取CISSP认证的个人。文档提到了中国民间信息安全学习群体和一个相关的网站***,以及“国盟信息安全基地”这几个关键词。这里...
CISSP学习笔记 CISSP关键知识点总结汇总.zip
01-05
CISSP学习笔记CISSP关键知识点总结汇总,以网上搜集到的CISSP学习资料为基础,补充修改了关键内容,不保证正确。 第一章 通过原则和策略的安全治理 第二章 人员安全和风险管理概念 第三章 业务连续性计划 第四章 ...
_Command_line_settings_desktop_wallpaper_tool,_Su_command-wallpa
最新发布
09-17
_Command_line_settings_desktop_wallpaper_tool,_Su_command-wallpaper
IMG_20240917_151703.jpg
09-17
IMG_20240917_151703.jpg
吉他谱_Pneuma - Tool.pdf
09-17
初级入门吉他谱 guitar tab
Java项目-基于SSM+Jsp的计算机网络课程试卷生成器系统的设计与实现(源码+数据库脚本+部署视频+代码讲解视频+全套软件)
09-17
【基于SSM+Jsp的计算机网络课程试卷生成器系统的设计与实现】高分通过项目,已获导师指导。 本项目是一套基于SSM+Jsp的计算机网络课程试卷生成器系统,主要针对计算机相关专业的正在做毕设的学生和需要项目实战练习的Java学习者。也可作为课程设计、期末大作业 包含:项目源码、数据库脚本、开发说明文档、部署视频、代码讲解视频、全套软件等,该项目可以直接作为毕设使用。 项目都经过严格调试,确保可以运行!
CISSP考试精华笔记:安全治理与核心原则
"CISSP官方教材最完备精华笔记-V1.01" ...这些知识点是CISSP考试的核心,掌握它们对于通过考试和在信息安全领域工作至关重要。通过深入理解并实践这些概念,专业人士可以更好地设计、实施和管理组织的信息安全策略。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值