Mike's random thoughts and ramblings

SSSE Domain 3 - Data Networking

No understanding of information security can really be complete without a solid foundation in data networking. While I have met great security people without this foundation (usually those from a coding/reverse-engineering background), they have almost all suffered from the lack at some time or another in their careers. The hardest thing about security is that it involves touching each part of the computing environment, and that environment is defined by the network.

That doesn't mean that you need to be a routing guru - but if you don't understand (in general) how routing and switching works, and how protocols are interrelated (can you explain the OSI model in your sleep?), you're going to have a much harder time than you need to.

Required Text

Computer Networks (4th ed) - Andrew Tanenbaum wrote the seminal book on networking many, many years ago. While this book won't tell you how to configure a Cisco router or a Juniper switch, what it will give you is a deep understanding of the fundamental concepts of networking, and a good overview of the associated technologies.

Supplemental Reading

TCP/IP Illustrated Volume 1 - the ultimate TCP/IP reference. Much like his other books, Richard Stevens made this one the seminal reference on the subject. Stick with volume 1 for a great foundation in TCP/IP - and, since TCP/IP is the main protocol stack for most networks these days, it acts as a brilliant reference manual.

An Engineering Approach to Computer Networking - I haven't used this one myself, but having flipped through it a few times, there's no question that it's a solid supplemental text for understanding the concepts around building and maintaining a computer (or telecom) network. It approaches networking from an incredibly logical and rational perspective, making it easy to read and easier to use as a reference.

Share this post

About the author

Michael Murray

Michael Murray