Chapter 2 System Fundamentals Flashcards
- Network Topologies
- Physical Layout (List 5 types)
- Logical Layout
-
Network topologies - represent the physical side of a network, as well as the foundation of our overall system
-
Physical Layout - relates directly to the wiring & cabling that connect devices
- Bus, ring, star, mesh, & hybrid topologies
- Logical Layout - the flow of information or other data, the stuff you can’t readily see or touch OR how traffic enters the NW
-
Physical Layout - relates directly to the wiring & cabling that connect devices
Bus Topology
- lays out all connecting nodes in a single run that acts as the common backbone connection for all connected devices
- Analogy: such as a person on a bus, signals get on, travel to their destination, and get off
- Downside to its simplicity is its vulnerability. All connectivity is lost if the bus backbone is damaged
- Imagine Christmas lights, if one turns off, they all turn off
Token
A token is used to be passed around for permission to transmit
This token-based method is only used by the Bus Topology
Ring Topology
the common backbone is looped in a ring; some ring layouts use a concentric circle design to provide redundancy if one ring fails (not required).
each client or node attaches to the ring & delivers packets according to its designated turn or availability of the token
Star Topology
one of the most common bc of its ease of setup & isolation of connectivity problems, meaning a single node of a star can go offline without affecting other nodes;
A star topology attaches multiple nodes to a centralized NW device, a hub or a switch, that ties the NW together
Mesh Topology
essentially a web of cabling that attaches a group of clients or nodes to each other;
can look a little messy and convoluted, but this setup is often used for mission critical services bc of its high level of redundancy & resistance to outages.
The internet was designed to survive a nuclear attack and is built as one large mesh NW
Hybrid Topology
By far most common in use today;
A hybrid layout combines different topoologies into one mixed topology; it takes the best of other layotus and uses them to its advantage
OSI
Open Systems Interconnection Model is an industry standard for data communication; data travels from one end to another, & each layer communicates with the next
The OSI model has 7 layers
- Application Layer (App Layer)
- Presentation Layter (App Layer)
- Session Layer (App Layer)
- Transport Layer (Host 2 Host Transport)
- NW Layer (Internet Layer, strictly deals with IP addresses)
- Data Link Layer (NW Interface Layer, strictly deals with MAC addresses)
- Physical (NW Interface Layer)
Layer 1: Physical Layer
consists of the physical media & devices that make up the infrastructure of our NWs;
- Attack considerations are aligned with the physical security of site resources*
- Examples: cabling, connections, fiber optics, microwave transmission equipment*
- Stuxnet - a worm named Stuxnet shows up on the scene - wreaking havac & destroying industrial equipment; it replicated itself via removable drives (physical layer)*
Layer 2: Data Link Layer
works to ensure that the data it transfers is free of errors;
Functions such as media access control (MAC) & link establishment occur at this layer; as well as basic protocols such as 802.3 for Ethernet & 802.11 for WiFi
MAC
Media Access Control - unique identifier assigned to network interfaces for communications on the physical network segment
Layer 3: NW Layer
determines the path of data packets based on protocol used;
At this layer, we see IP addressing for routers
Routing Information Protocol
prevents routing loops by limiting the # of hops allowed in a path from source to destination
Layer 4: Transport Layer
ensures the transport or sending of data is successful;
Layer 5: Session Layer
identifies established system sessions between different NW entities
When accessing a system remotely, you are creating a session between your computer & the remote system;
NetBIOS & RPC is found here
NetBIOS
LAN
RPC
Network Basic Input/Output System - a program that allows applications on different computers to communicate within a LAN
LAN - a computer NW that interconnects computers within a limited area using NW media
Remote Procedure Call - inter-process communication that allows a computer program to execute in another address space
Most attacks reside within layers
3,4,5 which is NW, Transport, Session
Layer 6: Presentation Layer
provides translation of data that is understandable by the next receiving layer
& can optionally be encrypted with protocols such as SSL (Secure Sockets Layer)
SSL
Secure Sockets Layer - standard security technology for establishing an encrypted link between web server & browser
Layer 7: Application Layer
functions as a user platform in which the user & SW processes within the system can operate & access NW resources
Apps & SW suites that we use on a daily basis are under this layer; includes protocols such as FTP and HTTP
TCP
3 way handshake
connection-oriented protocol that establishes connection & verifies the packets sent across that connection make it to their destination
3 way handshake - Process starts with a SYN packet that tells the receiving system that another system wants to connect; (random seq #1000)
The receiving system responds with a SYN-ACK (random seq #2585)
Then an ACK is sent back verifying and connection is initiated (#1001)
3 way handshake, SYN, SYN-ACK, ACK explained
SYN (start)
SYN-ACK (acknowledge start)
ACK (acknowledge the acknowledge)
IP Subnetting
Purpose: if you can subnet, you can pinpoint a target & know how to go after it in the most efficient & effective way
Knowing a few IP addresses can give you a clue as to how an organization’s NW is laid out
Defined: Subnetting is a sequential breakdown of IP addresses based on desired NW size & host quantity
NW bits & host bits are manipulated by the subnet mask;
The mask is used to determine what subnet an IP address belongs to. An IP address has two components, the NW address & the host address
Localhost Loopback Address
NW Address
Broadcast Address
CIDR
Loopback : 127.0.0.1 is a hostname that refers to this computer & is used to access this computer’s own NW services via its loopback NW interface
NW Address : address that identifies the subnet of a host
Broadcast Address: an IP address that allows information to be sent to all machines on a given subnet rather than a specific machine
Classless Inter-Domain Routing: CIDR Value is equivalent to the # of ON bits in a 32 bit address going left to right
