2 cissp ® Official Study Guide Eighth Edition

Cabling, Wireless, Topology, Communications, and Transmission Media Technology 
495
reviewing its mappings and then sends the packets on to the client. Systems on either side of 
a proxy are part of different broadcast domains and different collision domains. 
Network Infrastructure Inventory
If you can gain approval from your organization, perform a general survey or inventory of 
the signifi cant components that make up your network. See how many different network 
devices you can locate within your network. Also, do you notice any patterns of device 
deployment, such as devices always deployed in parallel or in series? Is the exterior of a 
device usually suffi cient to indicate its function, or must you look up its model number?
LAN Extenders
A
LAN extender
is a remote access, multilayer switch used to connect 
distant networks over WAN links. This is a strange beast of a device in that it creates 
WANs, but marketers of this device steer clear of the term WAN and use only LAN and 
extended LAN. The idea behind this device was to make the terminology easier to under-
stand and thus make the product easier to sell than a normal WAN device with complex 
concepts and terms tied to it. Ultimately, it was the same product as a WAN switch or 
WAN router. 
While managing network security with filtering devices such as firewalls 
and proxies is important, we must not overlook the need for endpoint 
security. Endpoints are the ends of a network communication link. One end 
is often at a server where a resource resides, and the other end is often 
a client making a request to use a network resource. Even with secured 
communication protocols, it is still possible for abuse, misuse, oversight, 
or malicious action to occur across the network because it originated at 
an endpoint. All aspects of security from one end to the other, often called 
end-to-end security
, must be addressed. Any unsecured point will be dis-
covered eventually and abused.
Cabling, Wireless, Topology, 
Communications, and Transmission 
Media Technology 
Establishing security on a network involves more than just managing the operating system 
and software. You must also address physical issues, including cabling, wireless, topology, 
and communications technology. 

496
Chapter 11 
■
Secure Network Architecture and Securing Network Components
lANs vs. WANs
There are two basic types of networks: LANs and WANs. A 
local area network (LAN)
is a network typically spanning a single floor or building. This is commonly a limited 
geographical area. 
Wide area network (WAN)
is the term usually assigned to the long-
distance connections between geographically remote networks.
WAN connections and communication links can include private circuit technologies and 
packet-switching technologies. Common private circuit technologies include dedicated 
or leased lines and PPP, SLIP, ISDN, and DSL connections. Packet-switching technologies 
include X.25, Frame Relay, asynchronous transfer mode (ATM), Synchronous Data Link 
Control (SDLC), and High-Level Data Link Control (HDLC). Packet-switching technologies 
use virtual circuits instead of dedicated physical circuits. A virtual circuit is created only 
when needed, which makes for efficient use of the transmission medium and is extremely 
cost-effective.

Download 19,3 Mb.

Do'stlaringiz bilan baham: