4.0 DOMAIN 4: COMMUNICATION AND NETWORK SECURITY

4.1 Apply secure design principles in network architectures

• 4.1.1 Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) models
• 4.1.2 Internet Protocol (IP) version 4 and 6 (IPv6)
• 4.1.3 Secure Protocols: IPsec, SSH, SSL/TLS
• 4.1.4 Implications of multilayer protocols
• 4.1.5 Converged Protocols (iSCSI, VoIP, etc.)
• 4.1.6 Transport Architecture (Data/control/Management Plan, etc.)
• 4.1.7 Performance Metrics (Bandwidth, Latency, Jitter, etc.)
• 4.1.8 Traffic Flows (E.g., North-south, east-west)
• 4.1.9 Physical Segmentation E.g., In-band, Out-of-band, air-gapped
• 4.1.10 Logical Segmentation, E.g. VLANs, VPNs, Virtual Routing, etc.
• 4.1.11 Microsegmentation
• 4.1.12 Edge Networks (e.g., ingress/egress, peering)
• 4.1.13 Wireless Networks (e.g. Bluetooth, Wi-Fi, Zigbee, Satellite)
• 4.1.14 Cellular Networks (E.g. 4G, 5G)
• 4.1.15 Content Distribution Network (CDN)
• 4.1.16 Software Defined Networks (SDN)
• 4.1.17 Virtual Private Cloud (VPC)
• 4.1.18 Monitoring and Management