Chapter 3 ISO Model, Network Security, and Protocols THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE: International Organization for StandardizationOpen Systems Interconnection ISOOSI Layers and Characteristics Communications and Network Security InternetIntranetExtranet Components Network Services Computer systems and computer networks are complex entities. They combine hardware and software components to create a sys- tem that can perform operations and calculations beyond the capabilities of humans. From the integration of communication devices, storage devices, pro- cessing devices, security devices, input devices, output devices, operating systems, software, ser- vices, data, and people emerge computers and networks. The CISSP CBK states that a thorough knowledge of the hardware and software components a system comprises is an essential element of being able to implement and maintain security. The Telecommunications and Network Security domain for the CISSP certification exam deals with topics related to network components primarily network devices and protocols; specifically, how they function and how they are relevant to security. This domain is discussed in this chapter and in Chapter 4, “Communications Security and Countermeasures.” Be sure to read and study the materials in both chapters to ensure complete coverage of the essential mate- rial for the CISSP certification exam. OSI Model Communications between computers over networks is made possible by the use of protocols. A protocol is a set of rules and restrictions that define how data is transmitted over a network medium e.g., twisted-pair cable, wireless transmission, and so on. Protocols make computer-to- computer communications possible. In the early days of network development, many companies had their own proprietary protocols, which meant interaction between computers of different vendors was often difficult if not impossible. In an effort to eliminate this problem, the Interna- tional Organization for Standardization ISO developed the OSI model for protocols in the early 1980s. ISO Standard 7498 defines the OSI Reference Model also called the OSI model. History of the OSI Model The OSI model wasn’t the first or only movement to streamline networking protocols or estab- lish a common communications standard. In fact, the most widely used protocol today, the TCPIP protocol which was based upon the DARPA model, also known now as the TCPIP model, was developed in the early 1970s. The Open Systems Interconnection OSI protocol was developed to establish a common communication structure or standard for all computer systems. The actual OSI protocol was never widely adopted, but the theory behind the OSI protocol, the OSI model, was readily