Domain 4 - Communication and Network Security Flashcards
Defense in depth
Have defenses throughout the network. Not just in perimeter.
Simplex
one way (radio, broadcast tv).
Way to define network comms like full/half duplex.
Baseband
Network has one channel and can only send one signal at a time.
ethernet is baseband
Broadband
Networks have multiple channels and can send multiple signals at a time, like cable TV
Analog comms
comms are a continuous wave of information.
Digital comms
Transfer data in bits, ones and zeros.
PAN
Personal Area Network (bluetooth is best example)
LAN
Local Area network
MAN
Metropolitan area network. Confined to a Zip code or city usually
WAN
Wide Area Network
GAN
Global Area network
Circuit-switched networks
Dedicated circuit or channel is dedicated between two nodes. Circuit is dedicated to data flow.
Not resilient
Packet-switched network
Data is broken up and sent individually. Unused bandwidth is available for other stuff.
Layered Design
OSI, TCP/IP models are an example. Functions in one layer do not directly affect another.
Network Model
description of how a network protocol suite works/operates
Network Stack
Suite of protocols programmed in software or hardware
Protocol
set of rules that end points in telecommunications use dto communicate.
OSI Model
Open System Interconnetion
OSI origin org
ISO
OSI LAyers
Physical - Bits Data Link Network Transport Session Presentation Application
Physical Data unit
bits
Data Link data unit
frames
Network data unit
packet
Transport data unit
segment
Session, presentation, and application data unit
data
Physical layer
Dumb. Encapsulates cable standards, repeaters, electrical signals.
Data Link
Switch, or bridge. ethernet card and MAC address.
Data Linc sub layer 1
MAC Media Access Control, interface.
Data Link sub layer 2
LLC Logical Link Control. Handles LAN comms, touches layer 3.
Network layer
IP addresses and layers. IPV4, IPV6, others. Routers.
Transport Layer
TCP, UDP, GRE. handles packet sequencing, flow control, error detection.
Session
Duplexes live here. Manages sessions, provides maintenance to connections.
Presentation
Presents data to apps and user in comprehensible ways
Application
What user interfaces with. apps live here. Complex protocols live here.
Please Do not Tell Sales People Anything
Physical, Data Link, Network, Transport, Session, presentation, Application
TCP/IP Model creator
Created by DARPA
TCP/IP model
suite of protocls using UDP, icmp, among others.
TCP/IP Layers
Network Access layer (OSI physical and data link) Internet Layer(osi network) Transport Layer (osi transport) Application layer (OSI session, presentation, app)
Encapsulation
takes info from a higher leayer and adds a header to it. One layer’s header is a lower layers’ data.
EUI-64 MAC Addresses
Extends serial portion of MAC from 24 to 40 bits.
IP Header length
20 bytes
Key IP HEader fields
IP Version Type of service time to live protocol tcp/udp, etc source and dest ips
IPV6 routing
Simpler routing
IPV6 header size
40 bytes
IPV6 header contents
IP Version source/dest address traffic class flow label payload length
Stateless Autoconfig ipv6
takes host MAC Address and uses it to config IPV6
Statefull autoconfig ipv6
uses DHCP
IPV6 sec challenges
Deveices can give themselves IP addresses
Many network pros have limited experience.
RFC 1918
defines private addresses and NAT
Static NAT
one to one
Pool Nate (AKA Dynamic NAT)
reserves a number of public IPs in a pool. Addresses can be assigned from pool then returned.
PAT
port address translation, NAT overloading. Many to one translation.
TCP header fields
20 bytes minimum source/dest port sequence and ack numbers. TCP flags window size
DNSSEC
Provides security extensions to DNS to authenticate DNS servers.
PVC
Permanent virutal circuit
dedicated bandwidth
SVC
switched virtual circuit - on demand