Page 936 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 936

few public IP addresses. NAT is often a native feature of border
               security devices, such as firewalls, routers, gateways, and proxies.

               In circuit switching, a dedicated physical pathway is created between

               the two communicating parties. Packet switching occurs when the
               message or communication is broken up into small segments (usually
               fixed-length packets, depending on the protocols and technologies
               employed) and sent across the intermediary networks to the
               destination. Within packet-switching systems are two types of

               communication: paths and virtual circuits. A virtual circuit is a logical
               pathway or circuit created over a packet-switched network between
               two specific endpoints. There are two types of virtual circuits:
               permanent virtual circuits (PVCs) and switched virtual circuits (SVCs).

               WAN links, or long-distance connection technologies, can be divided
               into two primary categories: dedicated and nondedicated lines. A
               dedicated line connects two specific endpoints and only those two

               endpoints. A nondedicated line is one that requires a connection to be
               established before data transmission can occur. A nondedicated line
               can be used to connect with any remote system that uses the same type
               of nondedicated line. WAN connection technologies include X.25,
               Frame Relay, ATM, SMDS, SDLC, HDLC, SDH, and SONET.

               When selecting or deploying security controls for network
               communications, you need to evaluate numerous characteristics in

               light of your circumstances, capabilities, and security policy. Security
               controls should be transparent to users. Hash totals and CRC checks
               can be used to verify message integrity. Record sequences are used to
               ensure sequence integrity of a transmission. Transmission logging
               helps detect communication abuses.

               Virtualization technology is used to host one or more operating
               systems within the memory of a single host computer. This

               mechanism allows virtually any OS to operate on any hardware. It also
               allows multiple operating systems to work simultaneously on the same
               hardware. Virtualization offers several benefits, such as being able to
               launch individual instances of servers or services as needed, real-time
               scalability, and being able to run the exact OS version needed for the
               application.
   931   932   933   934   935   936   937   938   939   940   941