Chapter 2: The OSI Model and Networking Protocols Flashcards
Physical (Layer 1)
Device: Hub
Physical (Layer 1): Defines the physical structure of the network and the topology
Data Link (Layer 2) Device: Wireless Bridge, Switch, NIC, AP
Provides error detection and correction; Media Access Control (MAC) and Logical Link Control (LLC) layers; Identifies the method by which media are accessed; Defines hardware addressing through the MAC sublayer.
Network (Layer 3)
Device: Switch or Router
Handles the discovery of destination systems and addressing. Provides the mechanism by which data can be passed and routed from one network system to another.
Transport (Layer 4)
Provides connection services between the sending and receiving devices and ensures reliable data delivery. Manages flow control through buffering or windowing. Provides segmentation, error checking and service identification.
Session (Layer 5)
Synchronizes the data exchange between applications on separate devices
Presentation (Layer 6)
Translates data from the format used by applications into one that can be transmitted across the network. Handles encryption and decryption of data. Provides compression and decompression functionality. Formats data from the application layer into a format that can be sent over the network.
Application (Layer 7)
Provides access to the network for applications
Dynamic Host Configuration Protocol (DHCP)
Enables a range of IP addresses to be defined on a system running a DHCP server application; Protocol dependent NOT platform dependent; Can provide DNS suffixes to clients
Scopes
A range of IP addresses
Leases
The predetermined amount of time of the address that the server assigns from the scope to the client
Reservations
A specific address configured by DHCP to a client, as opposed to a random one from the scope; Guarantees the same IP address
DHCP Relays
An agent on the router that acts as a go-between for clients and the server; Useful when working with clients on different subnets since a client cannot communicate directly with the server until it has the IP configuration information assigned to it
Domain Name Service (DNS)
Resolves host names to IP addresses; Platform independent; Default port 53
Resolvers or DNS Clients (DDNS)
Systems that ask DNS servers for a hostname-to-IP address mapping
Dynamic DNS (DDNS)
A newer system that enables hosts to be dynamically registered with the DNS server
DNS namespace
Logical divisions hierarchically organized; Top levels are domains (e.g. .com and .edu) as well as domains for countries (e.g. .uk and .de); Below the top level are subdomains or second-level domains associated with organizations or commercial companies (e.g. Microsoft); Within these domains, hosts or other subdomains can be assigned
Fully Qualified Domain Name (FQDN)
The domain name, along with any subdomains, because it includes all the components from the top of the DNS namespace to the host
Reverse lookup
When DNS performs IP address-to-hostname resolution (as opposed to DNS resolving hostnames to IP addresses) using pointer (PTR) records
DNS Records - Pg. 61 A MX AAAA CNAME PTR
IPv4 Address (A): Stores info for IPv4 (32-bit) addresses, most commonly used to map hostnames to an IP address for a host.
IPv6 Address (AAAA): Stores info for IPv6 (128-bit) addresses, most commonly sed to map hostnames to an IP address for a host.
Mail Exchange (MX): Stores info about where mail for the domain should be delivered
Canonical Name (CNAME): Stores additional hostnames, or aliases, for hosts in the domain. A CNAME specifies an alias or nickname for a canonical hostname record in a Domain Name Service (DNS) database. CNAME records give a single computer multiple names (aliases)
Pointer (PTR): A pointer to the canonical name, which is used to perform a reverse DNS lookup, in which case the name is returned when the query originates with an IP address.
Simple Network Management Protocol (SNMP)
Default Port 161
SNMP enables network devices to communicate information about their state to a central system (manager). It also enables the central system to pass configuration parameters to the devices.
SNMP is a protocol that facilitates network management functionality. It is not, in itself, a network management system (NMS), simply the protocol that makes NMS possible.
Network Management System (NMS)
Software run on a computer with SNMP management system; Can monitor all devices on a network, including switches, hubs, routers, servers, and printers, as well as any device that supports SNMP, from a single location.
SNMP Agent
Any device that can run a small software component that facilitates communication with an SNMP manager. SNMP agent functionality is supported by almost any device designed to be connected to a network.
Management Information Bases (MIBs)
Databases of information that SNMP uses to define what parameters are accessible, which of the parameters are read-only, and which can be set. MIB creation controlled by the International Organization for Standardization (ISO).
SNMP Communities
Logical groupings of systems
SNMPv3
Support authentication and encryption unlike SNMPv1 and SNMPv2
Internet Protocol (IP) Connectionless
Protocol used to transport data from one node on a network to another; Operates at the network layer of the OSI model; Performs fragmentation and reassembly tasks for network transmissions; Maximum transmission unit (MTU) size is limited in IP.
Transmission Control Protocol (TCP)
Connection-Oriented
TCP provides reliability to IP communications; Adds features such as flow control, sequencing, and error detection and correction. Higher level applications that need guaranteed delivery use TCP rather than the connectionless UDP. TCP operates at the transport layer of the OSI model. Three way handshake (SYN -> SYN ACK -> ACK)
User Datagram Protocol (UDP)
“Fire-and-forget” protocol; UDP operates at the transport layer of the OSI model; No session established between sending and receiving hosts, but also much lower overhead
File Transfer Protocol (FTP)
Provides for the uploading and downloading of files from a remote host running FTP server software; Allows you to view the content of folders on an FTP server and rename and delete files and directories if you have the necessary permissions. Uses TCP as a transport protocol to guarantee delivery of packets. Application layer protocol
Secure File Transfer Protocol (SFTP)
Provides robust authentication between sender and receiver; Implemented through client and server software available for all commonly used computing platforms
Trivial File Transfer Protocol (TFTP)
Default port 69
Associated with simple downloads (firmware to a device like a router and booting diskless workstations); No security capability or directory navigation; Uses UDP; Application layer protocol; Connectionless file transfer method
Simple Mail Transfer Protocol (SMTP)
Default port 25
Defines how mail messages are sent between hosts; Uses TCP; Send and receive mail
Hypertext Transfer Protocol (HTTP)
Default port 80
Protocol that enables text, graphics, multimedia, and other material to be downloaded from an HTTP server.; Connection oriented using TCP as a transport protocol
Hypertext Transfer Protocol Secure (HTTPS)
Default port 443
Uses SSL which encrypts the information sent between the client and host
Post Office Protocol Version 3 (POP3)/Internet Message Access Protocol Version 4 (IMAP4)
Mechanisms for downloading or pulling email from a server; Storing emails since users cannot always immediately read; IMAP4 has an authentication system while POP3 has a clear text passwrod
Telnet
Virtual terminal protocol; Enables sessions to be opened on a remote host and then commands can be executed on that remote host; Not secure so must use SSH; Used to access UNIX and Linux systems
Secure Shell (SSH)
Provides security by encrypting data as it travels between systems, making it difficult for hackers using packet sniffers and other traffic-detection systems; SSH2 is more secure and the two are incompatible; Implementations of SSH are available for all computing platforms
Internet Control Message Protocol (ICMP)
Works with the IP layer to provide error checking and reporting functionality; Ping utility, which sends a stream of ICMP echo requests to a remote host; ICMP can return error messages such as “Destination unreachable” and “Time exceeded”; Source quench
Address Resolution Protocol (ARP)/Reverse Address Resolution Protocol
ExamAlert: ARP links IP addressing to Ethernet addressing (MAC addressing)
Resolving IP addresses to MAC addresses; ARP cache is a table on the local system that stores mappings between data link layer addresses (MAC/physical addresses) and network layer addresses (IP addresses)
Commonly Used ARP Command Switches
- a: Displays the entries in the ARP cache
- s: Manually adds a permanent entry to the ARP cache
- d: Deletes an entry from the ARP cache
Network Time Protocol (NTP)
Part of the TCP/IP protocol suite that facilitates the communication of time between systems.
Lightweight Directory Access Protocol (LDAP)
A protocol that provides a mechanism to access and query directory services systems.
Internet Group Management Protocol (IGMP)
Protocol within the TCP/IP protocol suite that manages multicast groups. Used to register devices into a multicast group as well as to discover what other devices on the network are members of the same multicast group.
Transport Layer Security (TLS)
Security protocol designed to ensure privacy between communicating client/server applications. TLS is the successor to SSL
TLS Record Protocol: Uses a reliable transport protocol such as TCP and ensures that the connection made between systems is private using data encryption
TLS Handshake Protocol: Used for authentication between the client and server
Session Initiation Protocol (SIP)/Real-Tim Transport Protocol (RTP)
Default ports 5060 and 5061
SIP operates at the application layer of the OSI model and used to maintain a multimedia session
RTP is used to transport real-time data and is often used with VoIP; UDP used more often
Remote Desktop Protocol (RDP)
Default port 3389
Used by a Windows environment for remote connections; Does not send data, only screenshots and client keystrokes
Server Message Block (SMB)
Default port 445
Used on a network for providing access to resources such as files, printers, ports, and so on running on Windows