Computer Networking & Security Flashcards
What is the Physical Layer?
Represents the Physical devices that interconnect Computers. Copper, Fiber, and Wireless (Radio). Deals with the Cables, Connectors, and their respective Specifications.
Data Unit: Bits (The 1s, and 0s)
What is the Data Link Layer?
Responsible for defining a common way of interpreting these signals so network devices can communicate.
Protocol: Ethernet and/ or WiFi (wireless radio)
Data Unit: Frames
Addressing: MAC Address (00:07:5f:d5:2b:84)
What is the Network Layer?
Allows different networks to communicate with each other through devices known as routers.
Protocol: IP
Data Unit: Packets/ Datagram
Addressing: IP address (192.168.1.1)
What is the Transport Layer?
Sorts out which client and server programs are supposed to receive appropriate data.
Protocol: TCP/ UDP
Data Units: Segmets
Address: Port Numbers (443, 8080)
What is the Application Layer?
Home of applications - web browsers to Email clients.
Protocols: HTTP, SMTP
Data: Messages
What is Internet Protocol (IP)?
The Heart of the Internet and most smaller networks around the world.
Crosstalk
When an electrical pulse on one wire is accidentally detected on another wire.
Fiber Cables
Contain individual optical fibers, which are tine tubes made out of glass about the width of a human hair.
-transfer data faster than copper
-more expensive
Hub
A physical layer device that allows for connections from many computers at once.
-Layer 1 device
Collision Domain
A network segment where only one device can communicate at a time.
Switch
Primary device used to connect computers on a single network, referred to as a LAN, Local Area Network.
-Switching is the process of moving data within networks
-Layer 2 device
-inspects Ethernet Data
-Maintains MAC address Table
*Learn
*Flood
*Forward
Router
*A device that knows how to forward data between independent networks.
*A network device that forwards traffic depending on the destination address of that traffic.
-Layer 3 device
-Inspects IP Data
*Directly connected
*Static Route
*Dynamic Route
Border Gateway Protocol (BGP)
Routers share data with each other via this protocol, which lets them learn about the most optimal paths to forward traffic.
Bit
The smallest representation of data that a computer can understand: either a 1 or a 0.
Modulation
A way of varying the voltage of this charge moving across the cable
Duplex Communication
Concept that information can flow in both directions across the cable
Simplex communication
Data flows only one way - unidirectional.
Ethernet
The protocol most widely used to send data across individual links. (CAT5, CAT6, CAT7)
Carrier Sense Multiple Access / Collision Detection (CSMA/ CD)
Used to determine when the communications channels are clear, and when a device is free to transmit Data.
MAC Address
A Globally unique identifier attached to an individual network interface. It consists of a 48-bit number normally represented by 6 groupings of 2 hexadecimal numbers.
First 3 Octets of a MAC = Organizationally Unique Identifier (OUI)
Last 3 Octets of a MAC = Vendor assigned (NIC)
Binary
A representation of numbers using only 2-digits.
Hexadecimal
A representation of numbers using 16-digits.
Octet
In computer networking, any number that can be represented by 8 bits.
Unicast
Transmission meant for just One receiving address
Multicast
Transmission meant for a certain group (the meets criteria).
Broadcast
Transmission sent to every single device on the LAN (Network). Ethernet broadcast address is all “Fs”
FF:FF:FF:FF:FF:FF
Start Frame Delimiter (SFD)
Part of the Preamble (the last byte). Signals to a receiving device that the preamble is over and that the actual frame contents will now follow.
Ethernet Frame
A highly structured collection of information presented in a specific order.
Consists of the following:
1 - Preamble
2 - Destination MAC
3 - Source MAC
4 - Payload
Ether-type field
16 bits long - used to describe the protocol of the contents of the frame
Preamble
8 or 64 bits long, split into 2 sections. First part is used to regulate speed at which data is sent.
VLAN Header
Indicates that the frame itself is what’s called a VLAN frame
Payload
In Networking terms, it is the actual data being transported, which is everything that isn’t a Header.
Frame Check Sequence
A 4-byte (32-bit) number that represents a checksum value for the entire frame
Checksum value
Is calculated by performing what is known as a cyclical redundancy check against the frame
Cyclical Redundancy Check (CRC)
An important concept for data integrity, and is used all over computing, not just network transmissions.
IP Datagram
Highly structured series of fields that are strictly defined.
IP Header
Consists of:
1 - Version. IPv4 vs IPv6
2 - Header Length. Almost always 20 bytes in length
3 - Service Type. 8 bits used to specify details about Quality of Service (QoS). Determines which IP Datagram has priority.
4 - Total Length. Indicates the total length of the IP datagram it’s attached to.
5 - Identification - 16 bit number used to group messages together.
6 - Flag - use to indicate if a datagram is allowed to be fragmented, or to indicate that the datagram has already been fragmented.
7 - Fragmentation - The process of taking a single IP datagram and splitting it up into several smaller datagrams.
8 - Time to Live (TTL) - 8 bit field that indicates how many router hops a datagram can traverse before it is thrown away “expires.”
9 - Protocol. 8 bit field that contains data about what transport layer protocol is being used (TCP or UDP).
10 - Header Checksum. A checksum of the contents of the entire IP datagram header
11 - Source IP
12 - Destination IP
13 - IP Options. An optional field and is used to set special characteristics for datagrams primarily used for testing purposes
14 - Padding. A series of Zeros used to ensure the header is correct total size.
Address Resolution Protocol (ARP)
A protocol used to discover the hardware address of a node with a certain IP address.
ARP Table
A list of IP addresses and the MAC addresses associated with them. Entries expire after a short amount of time to ensure changes in the network are accounted for.
Subnetting
The process of taking a large network and splitting it up into many individual and smaller subnetworks, or Subnets.
IP Address Classes
Class A: 0-127 Range, 16 million hosts
Class B: 128-191 Range, 64,000 hosts
Class C: 192-223 Range, 254
Class D: 224-239 Range, N/A hosts
Class E: 240-255 Range, N/A hosts
Subnet Masks
32-bit numbers that are normally written out as four octets in decimal.
CIDR
Classless Inter Domain Routing.
Address classes are no longer relevant. Network masks now determines the Network ID. This gives flexibility to Networks and allows Networks to be different sizes.
Demarcation Point
Describes where one network or system ends and another one begins
Routing Table (Basic)
Destination Network - This column contain a row for each network that the router knows about.
Next Hop - The IP address of the next router that should receive data intended for the destination networking question
Total Hop - a collection of “hops” that Routers maintain to ensure they know the shortest path.
Interface - a collection of IP address (Network) that is assigned to each of the Router’s interface
Subnetting
Taking a network and dividing it into SUB-NETWORKS
*Network ID
*Broadcast IP
*First Host IP
*Last Host IP
*Next Network
*Total # of IP Addresses
*CIDR/ Subnet
VLAN
Virtual Local Area Network.
-Allows you to break up one Physical Switch into multiple Virtual Switches
-Allows to extend Virtual Switches to other Physical Switches
-Cost effective
-Increase Security
-Each VLAN is its own Broadcast Domain
-Enables Logical Topology to be unconstrained by your Physical Topology
-802.1Q is the open standard for Tagging Layer 2 Frames
-Native VLAN can traverse a Trunk (tagged) link without a VLAN Tag
Route Precedence
Routers compare 3 items to determine a best patch:
1 - Route Specificity (More Specific is Best)
2 - Admin Distance (lower is better)
3 - Metric (lower is better)
*If all 3 are identical, Routers will load balance across multiple paths (ECMP - Equal Cost Multi Path)
NAT
Network Address Translation.
-translates private IP addresses to public IP addresses and vice versa
-used to also conserve Public IP addresses
-masks (hides) internal network infrastructure (private local)
*Inside vs Outside
*Local vs Global
HTML & HTTP
Hyper Text Markup Language - how websites are written
Hyper Text Transfer Protocol - how websites are transferred / translated
SSL & TLS
Secure Socket Layer & Transport Layer Security - builds a secure, protected Tunnel (conceptual illustration) across the Internet.
Cryptographic protocols used to secure communication over a network. They provide encryption (C), data integrity (I), and authentication (AAA) between client and server.
SSL VPN - can also protect other Data Transfer
*VPN Providers allows for anonymity over the Internet (hides IP Address)
Hashing
Used to provide Integrity. Creates what is called a Digest (aka Checksum, Fingerprint, Hash, CRC).
Algorithm which takes as input a message of arbitrary length and produces as output a “fingerprint” of the original message.
hello = (8+5+12+12+15) = 52 Digest
*Infeasible to produce a given digest
*Impossible to extract original message
*Slight changes produce drastic difference
*Resulting digest is fixed width (length)
Encryption
Is used to provide Confidentiality (only intended recipient can interpret the data).
Simple Encryption
hello —> Encryption —> lohel
Plain Text (Data before Encryption) —– Cipher Text (Data while/ after Encrypted)
Key Based Encryption
*Symmetric (same Key)
*Asymmetric (Public & Private Keys)
*Algorithm created by Experts
*Secret Keys can be randomly generated
*Scalable
hello —> Encryption + [KEY] —> xH8q9
Key Based Encryption
Symmetric Encryption: Encrypt/ Decrypt using SAME keys
*Faster (lower CPU cost
*Cipher is same size as Plain Text
*Secret key must be shared (less secure)
*used for Bulk Data
Asymmetric Encryption: Encrypt / Decrypt using DIFFERENT keys
*2 different keys are mathematically related
*What one Key Encrypts, only the other can Decrypt (Public & Private Keys)
*Slower - requires larger Key sizes
*Private Key is never shared (more secure)
*Restricted to Limited Data
Asymmetric vs Symmetric Types
Asymmetric algorithms:
*DSA
*RSA (2048 bits key)
*Diffie-Hellman
*ECDSA
*ECDH
Symmetric algorithms:
*DES (56 bit key)
*RC4 (128 bit key)
*3DES (168 bit key)
*AES (128, 192, 256 bit keys)
*ChaCha20 (128 or 256 bit keys)
Public & Private Keys
Each User has a Public Key and a Private Key.
*Encryption - provides Confidentiality
*Signature - provides Integrity & Authentication (Pair of Asymmetric Keys)
Hybrid Encryption - concept of using both Asymmetric and Symmetric Encryption. Best of both worlds.
*How SSH / IPSec protect bulk data
*SSL/ TLS protect bulk data
