D4: Communications & Network Security Flashcards

1
Q

Communications and Network Security - Main Topics

A

OSI Model : Open Systems Interconnections Model

OSI Reference Model
Network Protocols
Network Connectivity Devices
Threats to Network Security
Firewalls
Wireless Communication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

OSI Model: Definition & Significance

A

In a company, you had all of these devices using their own computing protocols e.g. TCP/IP, Novelle, Apple Call - this requires translation between it all. The OSI protocol solves this

OSI Protocol: standards-based, open source protocol
- TCPIP - became the common protocol because it offered standardization, which is so significant

Promotes interoperability between vendors
Enables standardization
Describes encapsulation (packaging) of data to enable it to get from point A to point B
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

MUST KNOW OSI MODEL FOR THIS EXAM

A
  • know each layer, number of each layer, what happens in each layer, the concept of encapsulation

PDU: data in whatever packaging there is

  • at the top 3 layers is just called data
  • at the transport layer data is a segment
  • network layer becomes a packet
  • datalink data becomes frame
  • physical layer data becomes bits

‘do some people fear birthdays’

Potential Test Questions:

  • at what layer does XYZ device work?
  • across which layers does XYZ device work?
    • many devices don’t fit in one box
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

OSI Layers

A

All People Seem to Need Dominoes Pizza >
People Don’t Need to See Paula Abdul <

Application: data/protocol data unit (PDU) / data stream
Presentation: data
Session: data
Transport: segment/TCP protocols/datagram UDP
Network: packet
Datalink: frame
Physical: bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

OSI Model - Layer 1

- bottom > up

A

Physical Layer is concerned with physical connectivity and sending electric signals over a medium

All hardware devices have a point of connection, therefore at least partially have a layer 1 element

‘Dumb Devices’ - they don’t do anything to data
- Hubs, Cables, Connectors, Network Cards

A router would technically be at layer three, but it would also be at from level 1 to whatever top layer is

Threats to Physical Layer: theft, unauthorized access, vandalism, sniffing, interference, data emanation (radiation?), pipes, humidity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

OSI Model - Layer 2

- bottom > up

A

Data Link Layer: the only layer of the OSI model with 2 sublayers

  • Logical Link Control (LLC): error detection
  • Media Access Control (MAC): physical

CSMA/CD Carrier Sense Multiple Access with Collision Detection (IEEE standard) 802.3 Ethernet

  • detecting collisions, and expects to have collisions
  • in ethernet connections

CSMA/CA Carrier Sense Multiple Access with Collision Detection (IEEE standard) 802.11 Wireless

  • avoiding collisions
  • used in wireless devices

Token Passing: 24 bit control frame passed around the network environment with the purpose of determining which system can transmit data. There is only one token and since a system can’t communicate without the token, there are no collisions.

  • dated but does still exist
  • bring a microphone, and pass it in a circle and wait for your turn. Eliminates chance of collisions
  • between POS devices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

MAC Address

A

Unique identifier for every single network card on the planet - SHOULD be the case

48 bit address - first 24 for manufacturer, and last 24 for individual card itself

nothing about MAC address that would indicate your location

MAC address shouldn’t change but can change or be spoofed

A MAC address doesn’t have info in it to locate you

  • not good for global addressing, but really good for local addressing
  • once the packet get’s close to your local router, the MAC can be used to find you

ARP: Address Resolution Protocol????
- takes a known IP address and learns an unknown MAC address

Once the packet is close, the system sends out an ARP broadcast, system sends the MAC and picks it up off the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Ethernet

A

Carrier Sense Multiple Access with Collision Avoidance

Used by ethernet

Contention (or collision based)

Multiple systems can access the network, but data will collide

Collisions will slow things down

Ethernet requires the resolution of an IP address to a MAC address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ARP

A

ARP: Address Resolution Protocol????

  • takes a known IP address and learns an unknown MAC address
  • once a host on the local network learns the destination IP and is local, that host sends out a broadcast with the IP, and the system of that IP returns the MAC address

Once the system learns the recipient MAC address, the system will cache it and store it locally

  • the downside to this, is that its trusting old information
  • cache poisoning: system mapped an IP to a specific MAC address, an attacker can switch out their MAC address, or ARP, so the message comes to their host
  • anything with cache can be subject to poisoning, like web or DNS cache

What layer does it function? 2
Across which layers? 2 & 3
ARP poisoning would happen at layer 2

Unsolicited ARP replies are malicious, a lot of OS’s block it. Firewalls block it but also should see where the origin of the reply (smart firewall)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Switch

A

By default, switches operate at layer 2

Uses MAC addresses to direct traffic

Isolates traffic into collision domains

Does NOT isolate broadcasts natively

A HUB will not provide any isolate or traffic control, so every system on the hub is colliding
- if a sniffer is plugged into a hub,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Router

A

OSI Model - Layer 3 Network

Routers isolate traffic into broadcast domains and use IP addressing to direct traffic and segment out the network but still allow the different subnets to talk

Sales people’s broadcast away from the HR’s broadcast - different bandwidth, different security mechanisms

Production device routers are very expensive on a port by post basis
- when you have a lot of ports, you’ll only get one router at a time ???????

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

VLAN

A

VLAN = separate broadcast domains via a switch

Routers are expensive, so isolate the broadcast domain via a switch HOWEVER this is a native function on a switch - so some switches may not support VLAN (but most probably do)
- To get a broadcast isolation on a switch, a VLAN is necessary

A Layer 2 switch, even with a VLAN, doesn’t truly understand Layer 3 IP addressing
- you can a VLAN on a layer 2 switch, but you can’t have a VLAN layer 2 to talk to a VLAN layer 1, because the switch doesn’t understand where VLAN 1 is. It doesn’t work with IPs, it works with MAC addresses.

A Layer 3 switch is necessary for inter-VLAN Communication
- layer 3 VLAN can do IP address routing, determine traffic etc. it ALMOST replaces a router, but the difference is that it doesn’t allow to get off the local network

Routers shifted their role from being internal devices, to boundary devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Layer 3 Protocols

A

All protocols that start with the letter “I” except IMAP (which is a layer 7 mail protocol)

IP
ICMP: IP 'helpers' like ping
IGMP: Internet group Message Protocol
IGRP
IPSEC
IKE
ISAKMP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Internet Control Messaging Protocol: ICMP

A

Protocol used by most echoing capabilities; ping, traceroute, path-ping

ICMP is filled with holes, very weak and no inherent security and often without security mechanism.

Heavily used in DDoS attacks

Ping attacks = Layer 3 attacks that overwhelm the system

Ping Flood: send an overwhelming amount of ICMP echo request packets, that you can’t respond

Ping of Death: sends a lot of ping packets

SMURF: Uses a spoofed source address (Target) and directed broadcasts to launch a DDos

  • send a ping request, spoofed as someone safe as the source address, and send it to everyone on the broadcast
  • you should NEVER allow a broadcast from outside of the network, to come into inside of your network (directed broadcast) there is NO good reason for this to happen so it should be blocked!
  • everyone knows how exploited ICMP is, so everyone blocks them from the firewall
  • fraggle is the same thing but uses UDP (layer 4) but this is sometimes needed from the outside, so cannot block at the firewall level. so instead of blocking it all together, you can look for it misbehaving, like flooding

Loki Attack: information is being hidden behind or within the ICMP headers, which is not the function of ICMP headers. Data being placed there may avoid being detected by tools that don’t look for data there

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

User Datagram Protocol (UDP) - Layer 4

A
  • connectionless
  • unreliable
  • no handshaking
  • desirable when “real time” transfer is essential
    • media streaming, gaming, live time chat, etc.
    • FTP (file transfer protocol) used TCP; much more reliable
    • TFTP (trivial file transfer protocol) uses UDP for speed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Session - Layer 5

A

Layer 5 (Session) - responsible for establishing a connection between two applications (either on the same computer or two different computers)

Will see SQL, RPC, session hijacking, session-based info being stored on a local host

Dialogue control

Release connection

Services

  • session management
  • dialog management
  • activity management
  • synchronization

Protocol

  • connection-oriented
  • common protocols
  • ISO 8327 (OSI)
  • APPC (IBM)
  • DNA Session Control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Layer 6 - Presentation

A

Present the data in a format that all computers can understand

This is the only layer of OSI that does not have any protocols

  • concerned with encryption, compression and formatting
  • making sure data is presented in a universal format
  • file level encryption
  • removing redundancy from files
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Layer 7 - Application

A

This defines a protocol (way of sending data) that two different programs or applications understand.

  • HTTP, HTTPS, FTP, TFTP, SMPTP, SNMP, etc.
  • Application proxies
  • Non-repudiation
  • Certificates
  • Integration with Directory Services
  • Time Awareness

Intelligent devices - can be integrated with other applications, services can understand content of messages e.g. mail filter that can block mail with ‘free offer’ takes a lot of intelligence because it has to check the content and make decisions based on the content

Non Repudiation: digital signing, public private key pair, stop users from using without digital signatures, stop users fr5om looking at gaming websites after 5pm

Protocols that users interact with!

Email: SMTP, POP, IMAP,
Web Browser: HTTP, HTTPS

EXAM TIP: if you don’t know where a protocol lives, stick it in layer 7

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

TCP/IP Model - bottom up

A

Network Access Layer
Internet Layer
Transport Layer
Application Layer

does the same thing as OSI, but says that application, presentation and session is being handled by the OS, so they group them all into their own “application layer”

EXAM TIP: if they don’t specify the model, then answer as the OSI, but if they ask for the TCP/IP model for a question, make sure you use the correct layers because they will try to trick you. GO SLOW.

Memorize OSI model and then learn how TCP/IP maps to OSI

20
Q

7 Application

A

Responsibilities: User application services

Data Type: User Data

Info: GATEWAYS (exam) - smartest layer, content layer, certs, non-repudiation, mail. API - Application Program Interface

Firewall: Kernel Proxy FW - very fast hardware (GEN5)

Common Protocols & tech: FTP, TFTP, SSH, IMAP, POP, HTTP, HTTPS

TCP/IP Model Mapping: Application

21
Q

6 Presentation

A

Responsibilities: Data Transition, Compression, and Encryption

Data Type: Data

Info: File Level Formatting, Encryption and Compressing

Firewall: —

Common Protocols & tech: EFS - Encryption File System

TCP/IP Model Mapping: Application

22
Q

5 Session

A

Responsibilities: Session Establishment, Management and termination

Data Type: Data

Info: Application to Application

Firewall: Stateful? Firewall - inspects, understands traffic, allows protocols as long as it behaves like it should (GEN 3)

Common Protocols & tech: SQL: RPC (DNS is Layer 5 for the exam

TCP/IP Model Mapping: Application

23
Q

4 Transport

A

Responsibilities: End-to-End connections; segmentation and reassembly

Data Type: Segment

Info: Syn flood; fraggle - exploits UDP

Firewall: —

Common Protocols & tech: TCP and UDP, SSL / TLS

TCP/IP Model Mapping: Transport / Host to Host

24
Q

3 Network

A

Responsibilities: logical addressing; routing (path determination); diagram encapsulation; error handling and diagnostics

Data Type: Packages, diagrams

Info: Router - isolates broadcast traffic; logical addressing (IPSec for security), Ping floods/ping of death/loki/smurf attack - spoof course address

Firewall: static/stateless FW - very limited; all or nothing - FW blocks or allows entire protocol (gen 1)

Common Protocols & tech: IP, IPv6, IP NAT, IP Sec, ICMP, RIP, BGP

TCP/IP Model Mapping: Internet

25
Q

2 Data Link

A

Responsibilities: Logical Link Control; Media Access Control (MAC); Data Framing; Addressing; Error Detection

Data Type: Frames

Info: Switch - doesn’t address broadcast traffic; MAC, Ethernet, NIC Tunneling - encapsulation (L2TP gives you the tunnel / IPSec gives you the security)

Firewall: —

Common Protocols & tech: IEEE 802 2 LLC; Ethernet; Token Ring; FDDI and CDDI, IEEE 802, 11, WLAN, WiFi, PPTP; L2TP

TCP/IP Model Mapping: Network Access

26
Q

1 Physical

A

Responsibilities: encoding and signaling physical data transmission; hardware specifications; topology and design

Data Type: Bits

Info: Cable, Hub, Model (No Addressing)

Firewall: —

Common Protocols & tech: Physical Layer ??

TCP/IP Model Mapping: Network

27
Q

Firewalls

A

Provide isolation and separation based on trusted traffic vs. untrusted traffic

Create zones based on trusted zones vs. untrusted vs semi-untrusted (DMZ)
- DMZ gives us some control, but is also public; like web servers

Hardware firewalls vs. software firewalls
- if you have a software firewall, you need a system that would exist where that firewall would exist

Used rule-based access control; block or deny rules. SHOULD DENY BY DEFAULT; everything else can be whitelisted (explicitly allowed)

28
Q

Firewalls and the OSI Model

A
Layer 3 (Network Layer)
- packet filtering
- screening routers
inspect layer 3 and layer 4 headers
- source and destination IP
- source and destination port
- protocol (TCP or UDP)

You know what a firewall does, based on what layer it operates in

  • by default it’s probably layer 3
  • a layer 3 firewall has a tiny bit of layer 4 because it can look at ports number and protocols at layer 4
    • packet filtering fw (layer 3) you can determine source/destination IP, port and protocol; but you don’t have a lot of granularity. if you’re experiencing TCP sin flooding, all you can really do is block TCP which would bring the network to a screeching halt for external traffic
  • basically a router that has a access control list that does first level screening (screening router)

EXAM: Why would you use a layer 7 firewall over a layer 3?

  • things are
  • 7 has deeper packet inspection, decisions on more criteria

3 vs 7?
- 3 is faster and cheaper

29
Q

Stateful Filtering

A

Layer 5 - Session Layer

Stateful Filtering

  • awareness of the initiation of the session and the state
  • can block unsolicited replies
  • can understand syntax of lower protocols and can block misbehaving traffic

Unsolicited Replies (IRL Example)

  • I want to allow DNS replies through my firewall but only if they’re in response to a query
  • in the session layer, you can see all components of the session like who started it (or the state of the connection)
30
Q

Application Proxies / Firewalls

A

Layer 7 (Application Layer)

  • deep packet and content inspection / has access to all of the data

Forward Proxy: inspects traffic from inside going out
- audit where users’ traffic is going

Reverse Proxy: inspects traffic form outside going in

  • see and restrict users coming into the network
  • dns server directs their request to go to their proxt, inspects the traffic, forwards it onto the web server
  • SMTP
  • Can inspect on content, time, application-awareness, certificates, etc.
  • Specific to the application protocol

IRL Example: Don’t want a user to go to a specific website, and all we have is a layer 3 firewall - you can block that person’s IP from connecting to the website, or block IP on a certain port, or block all traffic thru a certain port

layer 5 - keep responses from coming in that weren’t solicited

layer 7: you want this person, who is on AD, to not access a malicious website before 5pm, you’ll need a layer 7

Application Proxies (layer 7 firewalls): can stop people from going to websites displaying the human body; unless their last query was medical in nature

31
Q

Firewalls

A
  • enforce network policy
  • usually firewalls are put on the perimeter of a network and allow or deny traffic based on company or network policy
  • must have IP forwarding turned off*
  • firewalls are often used to create a DMZ
  • generally are dual/multi-homed*

Types of firewalls

  • packet filtering
  • state full
  • proxy
  • dynamic packet filtering
32
Q

Packet Filter

A

ACLs: rules that firewall applies to each packet ir receives

Note state full, just looks at the network and transport layer packets (IP addresses, ports and “flags”)

  • does not look into the application, cannot block viruses, etc.
  • generally does not support anything advanced or custom

Packet Filters keep no state

  • each packet is evaluated on it’s own without regard to previous traffic
  • advantages
  • disadvantages (fragments)

Rule based access control

Packet filters are still used on the edge of the network before a state full firewall for performance reasons

33
Q

Stateful Firewall

A

Router keeps track of a connections in a table. It knows which conversations are active, who is involved, etc.

It allows return traffic to come back where a packet filter would have to have a specific rule to define returned traffic

More complex, and ca launch DoS against by trying to fill up all the entries in the state tables/use up memory

If rebooted can disrupt conversation that had been occurring

Context dependent access control*

34
Q

Encapsulation / Deencapsulation

A
  1. Application layer creates a message > passes the message to the Presentation layer
  2. All layers adds a header at the start of the message, and sometimes a footer before it passes along to the next layer.
  3. At the Physical layer, the message is converted into electrical impulses that represent bits and is transmitted over the physical connection
  4. The receiving computer captures the bits from the physical connection and re-creates the message in the Physical Layer.
  5. The Physical Layer converts the message from bits into a Data Link frame and sends the message up to the Data Link layer.
  6. The Data Link layer strips its information and sends the message up to the Network layer, and act called deencapsulation occurs all the way to the Application layer
    * the information removed at each layer includes instructions, checksums, etc. that can only be understood by the peer layer that originally added it
  7. When the message reaches the Application layer, the data in the message is sent to the intended software recipient
35
Q

Physical Layer

A

The Physical layer accepts the frame from the Data Link layer, and converts the frames to bits for transmission over the physical connection medium.

The Physical layer receives bits from a physical connection medium and converts the bits into a frame to be used in the Data Link Layer

The Physical layer contains device drivers that tell protocols how to employ hardware for transmission or reception of bits.

The Physical layer controls throughput rates, synchronization, line noise and medium access.

The Physical layer determines whether to use digital or analog signals or light pulses to transmit or receive data over the physical hardware interface.

Network Hardware Devices at Layer 1: devices that perform hardware-based signal operations, such as sending a signal from one connection port out on all other ports (a hub) or amplifying the signal to support greater transmission distances (a repeater).

  • NICs: (Network Interface Cards)
  • Hubs
  • Repeaters
  • Concentrators
  • Amplifiers
36
Q

Data Link Layer

A

The Data Link Layer is responsible for formatting the packet from the Network layer into the proper format for transmission - this is determined by the hardware and technology of the network. Some examples:

  • Ethernet (the only common one in modern networks)
  • Token Ring
  • Asynchronous Transfer Mode
  • Fiber Distributed Data Interface
  • Copper DDI

The Data Link Layer contains the technology specific protocols that convert the packet into properly formatted frame > then sent to Physical layer from transmission

The Data Link Layer adds the hardware source and destination address to the frame.
- MAC (Media Access Control) Address = hardware address
-

The Datalink Layer has two sub-layers:

  • Logical Link Layer (LLC)
  • Media Access Control (MAC)

MAC Address: 6-byte/48-bit binary address written in hexadecimal notation

  • first 3 bytes is the OUI (Organizationally Unique Identifier) which denote the vendor or manufacturer of the physical network interface - these are registered with the IEEE (Institute of Electrical
  • last 3 bytes represent a unique number assigned to the interface by the manufacturer
  • no two devices have the same MAC address in the same Ethernet broadcast domain, or it would lead to address conflict
  • when they are not unique by accident, the NIC hardware would have to be replaces or the MAC address would have to spoofed

Address Resolution Protocol (ARP): ARP is used to resolve IP addresses into MAC addresses. Traffic on a network segment is directed from its source system to its destination using MAC addresses

Layer 2 Network Hardware Devices: switches and bridges

  • these devices support MAC-based traffic routing
  • switches receive a frame on one port and send it out another port based on the destination MAC address
  • MAC address destinations are used to determine whether a frame is transferred over the bridge from the network to another
37
Q

Address Resolution Protocol and Why it Doesn’t Fit into Any Layers

A

ARP does not fit perfectly into OSI model since it is a conceptual model

ARP is carried as the payload of an Ethernet frame > since Ethernet is layer 2, it would make sense to consider ARP layer 3. HOWEVER - ARP does not use source/destination addresses to direct communications in its header > instead it is dependent on Ethernet’s source and destination MAC addresses

ARP is ALSO not a layer 2 protocol as it depends upon Ethernet to serve as its transportation host. So AT BEST it is a dependent layer 2 protocol.

38
Q

Network Layer

A

The Network Layer is responsible for adding routing and addressing information to the data.

The Network Layer accepts the segment from the Transport layer, and adds information to it to create a packet. The packet includes source and destination IP addresses.

The Network Layer is responsible for providing routing or delivery information it is not responsible for verifying guaranteed delivery - that is the responsibility of the Transport layer

The Network Layer manages error detection and node traffic data (traffic control)

Hardware Devices at Layer 3: routers and bridge routers (brouters)

  • routers determine the best logical path for the transmission of packets based on sped, hops, preference and so on
  • routers use the destination IP address to guide the transmission of packets
  • brouters work primarily in layer 3, but also in layer 2 when necessary
  • brouters are devices that attempt the route first, but if it fails, it will default to bridging.

Routing Protocols:

  • Distance Vector: maintains a list of destination networks along with metrics of direction and distance as measured in hops (the number of routers to cross to reach the destination). RIP, IGRP
  • Link State: maintains a topography map of all connected networks and use this map to determine the shortest path to the destination. OSPF, IGRP
39
Q

Protocols in the Data Link Layer

A

Protocols in the Data Link Layer:

  • SLIP Serial Line Internet Protocol
  • PPP Point-to-Point Protocol
  • ARP Address Resolution Protocol
  • L2F Layer 2 Forwarding
  • L2TP Layer 2 Tunneling Protocol
  • PPTP Point-to-Point Tunneling Protocol
  • ISDN Integrated Services Digital Networks
40
Q

Protocols in the Network Layer

A
  • ICMP Internet Control Message Protocol
  • RIP Routing Information Protocol
  • OSPF Open Shortest Past First
  • BGP Border Gateway Protocol
  • IGMP Internet Group Management Protocol
  • IP Internet Protocol
  • IPSec Internet Protocol Security
  • IPX Internetwork Packet Exchange
  • NAT Network Address translation
  • SKIP Simple Key Management for Internet Protocols
41
Q

Network Layer: Non-IP Protocols

A

Non-IP Protocols serve as an alternative to IP at the Network Layer. It used to be widely used but now only used for special-purpose networks.

The three most popular are IPX, AppleTalk and NetBEUI. They can be used as alternatives to IP in a dead-zone network implementation using IP to-alternate-protocol gateways
- A dead zone is a network segment using an alternative network layer protocol instead of IP.

IPX: part of the IPX/SPX packet suite commonly used on Novell NetWare networks in the 90s.

AppleTalk: a suite of protocols developed for Apple

NetBEUI: Microsoft protocol used for printer and file sharing and can be used in modern networks by devising NetBIOS over TCP/IP (NBT). This in turn serves the Windows sharing protocol of SMB (Server Message Block) which is also known as Common Internet File System (CIFS). It is no longer in use for lower layer protocols, only SMB and CIFS variants are still in use.

SECURITY RISK: since non-IPs are rare, most firewalls are unable to perform packet header, address, or payload content filtering on those protocols

  • when it comes to non-IP protocols, a firewall can ONLY block or allow. The most concern lives within packet segments.
  • Non-IP protocols can be encapsulated in IP to be communicated across the internet. In an encapsulation situation, IP firewalls are rarely able to perform content filtering on such encapsulation and thus security has t be set to an allow-all or deny-all configuration.
42
Q

Transport Layer

A

The Transport Layer is responsible for managing the integrity of a connection and controlling the session.

The Transport Layer accepts a PDU, aka a container of information or data passed between network layers.

A PDU coming from a Session layer is converted into a segment.

The Transport layer, which controls how devices on the network are addressed or referenced, establishes communication connections between nodes (also known as devices) and defines the rules of a session.

Session rules specify how much data each segment can contain, how to verify the integrity of data transmitted, and how to determine whether data has been lost.

Session rules are established through a handshaking process, so the communicating devices are in agreement on the rules

The Transport Layer establishes a logical connection between two devices and provides end-to-end transport services to ensure data delivery

Includes mechanisms for segmentation, sequencing, error checking, controlling the flow of data, error correction, multiplexing, and network service optimization

43
Q

Transport Layer Protocols

A
TCP Transmission Control Protocol
UDP User Datagram Protocol
SPX Sequences Packet Exchange
SSL Secure Sockets Layer
TLS Transport Layer Security
44
Q

Session Layer

A

The Session Layer is responsible for establishing, maintaining, and terminating communication sessions between two computers.

Session Layer manages dialogue discipline or dialogue control (simplex, half-duplex, or full duplex), establishes checkpoints for grouping and recovery and retransmits PDUs that have failed or been lost since the last verified checkpoint

Simplex: one way communication

Half-Duplex: two-way communication, but only one direction can send data at a time

Full-Duplex: two-way communication, in which data can be sent in both directions simultaneously

45
Q

Session Layer Protocols

A

NFS Network File System
SQL Structured Query Language
RPC Remote Procedure Call