Holiday Skills Carnival:
 Buy 1 Get 1 FREE
AVAIL NOW
Days
Hours
Minutes
Seconds

ISC2 CC Domain 4: Network Security

Author by: Pooja Rawat
Aug 5, 2025 1842

4.1: Understand computer networking

Understanding computer networking is an essential building block for anyone preparing for the Certified in Cybersecurity (CC) exam by ISC2. This foundational knowledge allows professionals to comprehend how devices communicate, share data, and interact within various network environments, which is critical for securing these systems. Domain 4 of the CC exam emphasizes Network Security, with “Understanding Computer Networking” as its first objective. This article simplifies the complexities of networking to ensure candidates feel confident in tackling questions from this section.

ISC2 CC Domain 4- Network Security

Why is Computer Networking Essential?

Computers are powerful on their own, but their true potential is unleashed when they are connected to networks. Networking facilitates tasks such as sending emails, streaming videos, sharing files, and accessing the internet. Networks come in various forms, including Local Area Networks, Wide Area Networks, and personal networks that utilize technologies like Bluetooth and NFC.

For cybersecurity professionals, understanding these networks is critical. Knowledge of how data moves, the protocols governing communication, and the technologies involved helps ensure robust network security. Let’s dive into the essential concepts.

Types of Computer Networks

  1. Local Area Networks (LANs): LANs are confined to a small area, such as an office or home. They connect devices like computers, printers, and servers, enabling fast and reliable communication. LANs often form the backbone of organizational IT infrastructure.
  2. Wide Area Networks (WANs): WANs connect multiple LANs across larger geographical areas. For example, a company with offices in multiple cities can connect them using a WAN. The internet itself is the largest WAN.
  3. Wireless Networks: Wireless networks, such as Wi-Fi, enable devices to connect without physical cables. They create flexible and mobile environments commonly found in homes, offices, and public spaces.
  4. Personal Area Networks (PANs): PANs, such as Bluetooth networks, support connections between a user’s devices, such as pairing a smartphone with wireless earbuds. Near-field communication (NFC), used in mobile payments, is another form of PAN but with an extremely short range.
  5. Metropolitan Area Networks (MANs): MANs cover a larger geographical area than LANs but are smaller than WANs, typically spanning a city or a large campus. They connect multiple LANs within a metropolitan area, often managed by a single organization or municipality. MANs are used for city-wide internet access, corporate campuses, or connecting university buildings.
  6. Campus Area Networks (CANs): CANs interconnect multiple LANs within a specific geographic location, such as a university, corporate campus, or military base. These networks are optimized for the needs of the specific organization and are typically designed for efficient, high-speed communication between interconnected buildings.

The Framework of Networking: Protocols and Models

TCP/IP Suite: The Transmission Control Protocol/Internet Protocol (TCP/IP) is the basis of Internet communication. Here’s a breakdown of its core components:

  • Internet Protocol (IP): IP is responsible for routing information across networks. It assigns unique IP addresses to devices, ensuring accurate identification and communication. Data is broken into small packets for transmission, enhancing reliability and efficiency.
    • IPv4: Uses a dotted-quad notation (e.g., 168.1.1).
    • IPv6: Uses hexadecimal addresses (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334) to accommodate the growing number of devices.

Key functions

  • Breaks data into packets
  • Reassembles packets at the destination
  • Manages packet loss and retransmission

NOTE: A bit is the smallest unit of information, consisting of a binary 1 or 0 A byte is a collection of 8 bits.

  • Transmission Control Protocol (TCP): TCP ensures reliable data transfer by establishing connections, tracking packets, and requesting retransmission of lost data. It’s commonly used for applications requiring accuracy, such as file transfers and email.
  • User Datagram Protocol (UDP): A faster alternative to TCP but without reliability guarantees. It is ideal for streaming video and online gaming.
  • Internet Control Message Protocol (ICMP): Facilitates network troubleshooting. Tools like ping use ICMP to test connections between devices.

Open Systems Interconnection (OSI) Model: The OSI model provides a framework for understanding how networks operate across seven layers:

  • Physical Layer: Transmits raw data through cables, fiber optics, or radio waves.
  • Data-Link Layer: Ensures data transfer between devices on the same physical network.
  • Network Layer: Handles routing and addressing (IP operates here).
  • Transport Layer: Guarantees reliable data delivery (TCP and UDP work here) and is used for data segmentation.
  • Session Layer: Manages sessions between systems.
  • Presentation Layer: Translates and encrypts data for transmission.
  • Application Layer: Interfaces with users (protocols like HTTP and SMTP reside here).

IP Addressing: The Backbone of Communication

Every device connected to a network needs a unique address. These addresses ensure data reaches its intended destination. The two types of IP addresses are:

  • IPv4: Uses a 32-bit format written as four numbers separated by periods (e.g., 192.168.1.1). It’s the most widely used, though limited in capacity.
  • IPv6: Expands addressing capacity with a 128-bit format, written as eight groups of hexadecimal digits (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).

Pro Tips:

Identifying Valid IPv4 Addresses: Key rules for valid IPv4 addresses:

  • No octet exceeds 255.
  • Addresses starting with 127 are loopback addresses (e.g., 0.0.1) and cannot be used on a network.
  • The first octet must not exceed 223.

Dynamic vs. Static IP Addresses

  • Static IPs are manually assigned and remain constant, often used for servers and important devices.
  • Dynamic IPs are automatically assigned using Dynamic Host Configuration Protocol (DHCP), which is common for personal devices.

APIPA Addresses: When a device cannot obtain an IP address from DHCP, it assigns itself an Automatic Private IP Addressing (APIPA) address starting with 169.254. While useful as a fallback, it indicates network issues requiring resolution.

Domain Name System (DNS): DNS simplifies networking by translating user-friendly names (e.g., www.google.com) into IP addresses (e.g., 142.250.190.78). DNS operates hierarchically, ensuring accurate mappings.

Key functions:

  • Resolves domain names to IP addresses
  • Facilitates web browsing without memorizing numeric addresses

Network Ports: Guiding Traffic

While IP addresses identify devices, ports direct data to specific applications or services. Ports are numbered between 0 and 65,535 and categorized as:

  • Well-known Ports (0–1023): Reserved for common services (e.g., HTTP on port 80, HTTPS on port 443).
  • Registered Ports (1024–49151): Used by specific applications (e.g., Microsoft SQL on port 1433).
  • Dynamic Ports (49152–65535): Temporary ports for dynamic connections.

Pro Tips: Memorizing key port numbers, such as those for DNS (53) and SSH (22), is critical for cybersecurity professionals.

Common Port Numbers to Know

Port Services
53 DNS
22

SSH
80

HTTP (unencrypted)

443

HTTPs (encrypted)
3389 Remote Desktop (RDP)

Securing Wi-Fi Networks:

Wireless networks are convenient but vulnerable to unauthorized access and eavesdropping. Implementing robust security measures is crucial.

  • Disable SSID Broadcasting: Hiding the network’s Service Set Identifier (SSID) reduces visibility, making it harder for unauthorized users to detect.
  • Change Default Passwords: Access points often come with default administrative credentials. Change these to strong, unique passwords to prevent unauthorized configuration changes.

Authentication Methods

  • Preshared Keys (PSK): A shared password for accessing the network. While simple, PSKs are impractical for large organizations.
  • Enterprise Authentication: Users log in with individual credentials verified by an authentication server, enabling better control and security.
  • Captive Portals: Common in public Wi-Fi networks, captive portals require users to authenticate via a login page before granting access.

Wireless Encryption

Encryption secures wireless communications against eavesdropping. Options include:

  • WEP (Wired Equivalent Privacy): Outdated and insecure; should no longer be used.
  • WPA (Wi-Fi Protected Access): Improved over WEP but still vulnerable.
  • WPA2: Secure and widely adopted, employing the Advanced Encryption Standard (AES) for encryption.
  • WPA3: Introduced in 2020, offering enhanced security with Simultaneous Authentication of Equals (SAE).

Exam Tips

  • Understand Protocols: Know the roles of TCP, IP, UDP, and ICMP.
  • Memorize Ports: Be familiar with well-known ports and their services.
  • Recognize IP Addresses: Identify valid and invalid IPv4 addresses.
  • Study the OSI Model: Understand how the seven layers work together.
  • Apply Security Best Practices: Know authentication methods and encryption standards.

CC Training with InfosecTrain

Understanding computer networking is not just about passing the CC exam but also about building a solid foundation for your cybersecurity career and staying updated with the latest cybersecurity trends. Mastery of networking concepts, protocols, and security measures equips you to defend systems from threats and ensure data integrity across complex environments. With 24% of the CC exam dedicated to Network Security, investing the time to learn these concepts can significantly boost your chances of success.

Certified in Cybersecurity (CC) Exam Training

At InfosecTrain, we understand the importance of effective preparation. Our Certified in Cybersecurity (CC) Training Course is designed to simplify complex concepts, guide you through key exam topics, and provide hands-on examples with real-world scenarios. Whether you’re an aspiring cybersecurity professional or looking to validate your skills, InfosecTrain’s expert instructors and curated curriculum will help you achieve your goals.

TRAINING CALENDAR of Upcoming Batches For

Start Date End Date Start - End Time Batch Type Training Mode Batch Status
08-Dec-2025 18-Dec-2025 20:00 - 22:00 IST Weekday Online [ Open ]
05-Jan-2026 15-Jan-2026 20:00 - 22:00 IST Weekday Online [ Open ]

Get Ready to Ace the CC Exam with InfosecTrain!

  • Expert Guidance: Learn from experienced professionals with years of industry experience.
  • Comprehensive Coverage: Master every domain of the CC exam, including Network Security.
  • Hands-On Labs: Gain practical skills to apply your knowledge in real-world situations.
  • Flexible Learning: Choose from self-paced modules or live, instructor-led sessions tailored to your schedule.

Prepare confidently, knowing that networking knowledge is not just a test requirement but also a core skill for securing the digital future. Take the next step in your cybersecurity journey—Enroll in InfosecTrain’s CC Training Course Today!

TOP