Data residing in a static form on a storage device is fairly simple to secure. As long as physical access control is maintained and reasonable logical access controls are implemented, stored files remain confidential, retain their integrity, and are available to authorized users. However, once data is used by an application or transferred over a network connection, the process of securing it becomes much more difficult. Communications security covers a wide range of issues related to the transportation of elec- tronic information from one place to another. That transportation may be between systems on opposite sides of the planet or between systems on the same business network. Data becomes vulnerable to a plethora of threats to its confidentiality, integrity, and availability once it is involved in any means of transportation. Fortunately, many of these threats can be reduced or eliminated with the appropriate countermeasures. Communications security is designed to detect, prevent, and even correct data transportation errors i.e., integrity protection. This is done to sustain the security of networks while support- ing the need to exchange and share data. This chapter takes a look at the many forms of com- munications security, vulnerabilities, and countermeasures. The Telecommunications and Network Security domain for the CISSP certification exam deals with topics of communications security and vulnerability countermeasures. This domain is discussed in this chapter and in the preceding chapter Chapter 3. Be sure to read and study the materials from both chapters to ensure complete coverage of the essential material for the CISSP certification exam. Virtual Private Network VPN A virtual private network VPN is simply a communication tunnel that provides point-to-point transmission of both authentication and data traffic over an intermediary network. Most VPNs use encryption to protect the encapsulated traffic, but encryption is not necessary for the con- nection to be considered a VPN. VPNs are most commonly associated with establishing secure communication paths through the Internet between two distant networks. However, VPNs can exist anywhere, including within private networks or between end-user systems connected to an ISP. VPNs provide confidentiality and integrity over insecure or untrusted intermediary net- works. VPNs do not provide or guarantee availability.