Table of Contents

• Key Terms & Definitions
• Key Areas
• Communication and Network Security_Mindmap
• Domain 04_Practise Tests
• Domain 04_Flashcard
• Resources
• Credits & Disclaimer
• Contribution
• Related Mindmaps

CISSP Mindmap – Domain 04

A comprehensive CISSP Mindmap Series will include all 8 Domains. This collection is designed to equip prospective CISSP professionals with essential resources for exam preparation, training and reference.

1. Network Architecture and Design
   • Network Topology: The arrangement of different elements (links, nodes, etc.) in a communication network (e.g., star, ring, mesh).
   • OSI Model: A conceptual framework used to understand network interactions in seven layers (Physical, Data Link, Network, Transport, Session, Presentation, Application).
   • TCP/IP Model: A set of communication protocols used for the Internet and similar networks. It has four layers (Link, Internet, Transport, Application).

2. Secure Network Components
   • Firewall: A network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies.
   • Intrusion Detection System (IDS): A device or software application that monitors a network for malicious activity or policy violations.
   • Virtual Private Network (VPN): A service that creates a secure, encrypted connection over a less secure network, such as the internet.
3. Network Protocols and Security
   • SSL/TLS (Secure Sockets Layer/Transport Layer Security): Protocols for establishing authenticated and encrypted links between networked computers.
   • IPSec (Internet Protocol Security): A protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet in a data stream.
   • HTTPS (Hypertext Transfer Protocol Secure): An extension of HTTP used for secure communication over a computer network, widely used on the Internet.
4. Secure Communication Channels
   • Encryption: The process of converting information or data into a code, especially to prevent unauthorized access.
   • Public Key Infrastructure (PKI): A set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.
   • End-to-End Encryption (E2EE): A method of secure communication that prevents third-parties from accessing data while it’s transferred from one end system to another.
5. Wireless Network Security
   • WEP, WPA, WPA2, WPA3 (Wired Equivalent Privacy, Wi-Fi Protected Access): Security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks.
   • SSID (Service Set Identifier): A unique ID that consists of 32 characters and is used for naming wireless networks.
6. Network Attacks and Defenses
   • DoS/DDoS (Denial of Service/Distributed Denial of Service): Attack attempts to make a machine or network resource unavailable to its intended users.
   • Man-in-the-Middle Attack: A cyberattack where the attacker secretly intercepts and relays messages between two parties who believe they are directly communicating with each other.
   • Packet Sniffing: The practice of using a network device to intercept and log traffic passing over a digital network or part of a network.

• CISSP Practice Set_01: Communication And Network Security

• CISSP Flashcard_01: Communication And Network Security

• (ISC)2 CISSP Official Study Guide (OSG) 9th Edition by Mike Chapple, James Michael Stewart, and Darril Gibson
  • Chapter 11 – Chapter12, Pg495-635
• CISSP All-in-One Exam Guide, Ninth Edition by Fernando Maymi and Shon Harris
  • Part IV, Pg469-711
• Eleventh Hour CISSP® Study Guide, Third Edition by Eric Conrad, Seth Misenar, Joshua Feldma
  • Domain-04, Pg95-116
• Destination Certification – A Concise Guide by Rob Witcher, John Berti, Lou Hablas, Nick Mitropoulos
  • Domain-04, Pg241-312

• The Official (ISC)2 CISSP CBK Reference, 6th Edition by Arthur Deane and Aaron Kraus

  • Domain-04, Pg283-374

• (ISC)2 CISSP Official Practice Tests by Mike Chapple and David Seidl
• How to Think Like a Manager for the CISSP Exam by Luke Ahmed
• Boson Practice Exam
• Study Notes and Theory (SNT) by Luke Ahmed

• Mike Chapple’s CISSP Cert Prep on LinkedIn Learning.
• Kelly Handerhan’s CISSP Prep Course on Cybrary
• Destination CISSP Mindmap Video
• Pete Zerger’s CISSP Exam Cram 
• Prabh’s Coffee Shots
• Luke Ahmed’s Study Notes and Theory (SNT) 

We express our gratitude to the below-mentioned authors, creators, and sources which have been referred for the creation of our Interactive CISSP Mindmap – Mike Chapple and David Seidl (OSG), Luke Ahmed (SNT), Pete Zerger (Exam Cram), Prashant Mohan (Memory Palace) , Prabh (Coffee shots), Rob Witcher (destcert.com/)  and M. Waleed Khaliq (CISSP Concepts Guide).This Mindmap has been meticulously created to ensure that information is shared effectively. This Mindmap aims to offer a thorough grasp of essential concepts with a dedication to assist enhanced learning experiences. We hope that this resource helps people absorb information more thoroughly, which will lead to a broader understanding of each CISSP domains and is freely available for all.

We have already included some reference images and short notes for most of the topics so that users can more effectively refer to the content in the mindmap. If you have any information, images, or notes that can make the mindmap more effective, please feel free to share them.

https://github.com/sajinshivdas/CISSP_Interactive_Mindmap/tree/main/CISSP_Domain_04

For issues and concern please feel free to raise a issue in Github link https://github.com/sajinshivdas/CISSP_Interactive_Mindmap/issues

Connect with me www.linkedin.com/in/sajin-shivdas