New Technologies Covered on The CISSP Exam
- Thursday, June 26, 2008, 22:09
- Exam Topics
- 15 views
- Add a comment
One of the most recognizably and important book for the information security field has been updated and released. The book (CISSP All-In-One Study Guide) is commonly referred to as the information security “bible” and is used all over the world for studying for the CISSP exam, but even more important it is used continually as a resource by security professionals because it covers all of the elements needed to develop and maintain a security program for any organization. Some of the new items that this book, and its corresponding course, dives into technologies which are just starting to mature in the industry, thus are confusing to thousands of people. Some of these items that are covered in the book and its extensive course are new protocols, identity management and web security.
One of the newer protocols is unknown to many security professionals, but is silently spreading and will soon be known as well as people Radius and TACACS+. Diameter is this protocol that has been developed to build upon the functionality of RADIUS and overcome many of its limitations. The creators of this protocol decided to call it Diameter as a play on the term RADIUS—as in the diameter is twice the radius.
Diameter is another AAA protocol that provides the same type of functionality as
RADIUS and TACACS+ but also provides more flexibility and capabilities to meet the
new demands of today’s complex and diverse networks. At one time, all remote communication
took place over PPP and SLIP connections and users authenticated themselves
through PAP or CHAP. Those were simpler, happier times when our parents had
to walk uphill both ways to school wearing no shoes. As with life, technology has become
much more complicated and there are more devices and protocols to choose
from than ever before. Today, we want our wireless devices and smart phones to be able
to authenticate themselves to our networks and we use roaming protocols, Mobile IP,
Ethernet over PPP, Voice over IP (VoIP), and other crazy stuff that the traditional AAA
protocols cannot keep up with. So in came the smart people with a new AAA protocol,
Diameter, that can deal with these issues and many more.
Diameter protocol consists of two portions, as shown in the graphic below. The first is the base protocol, which provides the secure communication among Diameter entities, feature discovery, and version negotiation. The second is the extensions, which are built on top of the base protocol to allow various technologies to use Diameter for authentication.
Donwload Free PassGuide Braindumps-The Most Realistic Practice Questions and Answers,Help You Pass any Exams
Mobile IP is a technology that allows a user to move from one network to another and still use
the same IP address. It is an improvement upon the IP protocol because it allows a
user to have a home IP address, associated with his home network, and a care-of address.
The care-of address changes as he moves from one network to the other. All
traffic that is addressed to his home IP address is forwarded to his care-of address.
Up until the conception of Diameter, IETF has had individual working groups who
defined how Voice over IP (VoIP), Fax over IP (FoIP), Mobile IP, and remote authentication
protocols work. Defining and implementing them individually in any network can
easily result in too much confusion and interoperability. It requires customers to roll
out and configure several different policy servers and increases the cost with each new
added service. Diameter provides a base protocol, which defines header formats, security
options, commands, and AVPs. This base protocol allows for extensions to tie in
other services, such as VoIP, FoIP, Mobile IP, wireless, and cell phone authentication. So
Diameter can be used as an AAA protocol for all of these different uses.
As an analogy, consider a scenario in which ten people all need to get to the same
hospital, which is where they all work. They all have different jobs (doctor, lab technician,
nurse, janitor, and so on), but they all need to end up at the same location. So,
they can either all take their own cars and their own routes to the hospital, which takes
up more hospital parking space and requires the gate guard to authenticate each and
every car, or they can take a bus. The bus is the common element (base protocol) to get
the individuals (different services) to the same location (networked environment). Diameter
provides the common AAA and security framework that different services can
work within.
High quality IT Certification Training Exam Questions, Study Guides and Practice Tests are in Downloadable PassGuide Testing Engine,Successful for IT Certification or Full Refund for you.Contact Us:Sales@PassGuide.com|
Type |
Exam Bible | New Questions & Answers |
Latest Updated |
Download link |
| All Certbible 's Exam Dumps |
597 |
1 days ago | Available |
PassGuide Training Materials & Practice Tests
About the Author
Write a Comment
Gravatars are small images that can show your personality. You can get your gravatar for free today!

