Domain 4: Communication and Network Security Flashcards
OSI Reference Model
Open Systems Interconnect Model
Promotes interoperability between vendors
Enables standardization
Describes the encapsulation of data to enable it to get from point A to point B
Application has least encapsulation, Physical has most encapsulation
“All People Seem to Need Data Processing”
“People Don’t Need to See Paula Abdul”
OSI Physical Layer (Layer 1)
Least Complex
Concerned with Physical connectivity and sending electric signals over a medium
Cables, Hubs, Network Card (partially), Devices (partially)
Threats: Theft, vandalism, interference, etc.
OSI Data Link Layer (Layer 2)
Has 2 Sublayers, LLC and Media access
Where MAC Address is assigned/utilized (used for internal communication)
Utilizes ARP protocol
Switches are layer 2
OSI Network Layer (Layer 3)
Isolate traffic into broadcast domains and use IP addressing to direct traffic (Router)
VLANs
Protocols: IP, ICMP (ping), IGMP (message), IGRP, IPSEC, IKE, ISAKMP
If a protocol starts with I it is layer 3
OSI Transport Layer (Layer 4)
End to End deliver Provides end-to-end data transport services Adds port info to PDU Protocols used: SSL/TLS (4-7) TCP UDP
OSI Session Layer (Layer 5)
Responsible for establishing a connection between two applications
Dialogue control
Release Connections
OSI Presentation Layer (Layer 6)
present the data in a format that all computers can understand
Does not have any protocols
Concerned with encryption, formatting and compression
OSI Application Layer (Layer 7)
Defines a protocol (way of sending data) that two different programs or applications understand
HTTP, FTP, SMTP, SNMP, etc (a lot of protocols)
Application Proxies
non-repudiation
certificates
Directory services
Time awareness
ARP
Maps an IP address to a MAC Address
ARP
Maps an IP address to a MAC Address
Devices at Layer 1
Hub - send all data out all ports all the time (Obsolete)
Devices at Layer 2
Switch - Uses MAC addressing to address traffic out the appropriate port
Collision Domain Isolation for each port
Devices at Layer 3
Router - Uses IP addressing
Broadcast Domain Isolation for each port
Creates subnets
Devices at Layer 3
Router - Uses IP addressing
Broadcast Domain Isolation for each port
Creates subnets
Switches can Create VLANs to isolate broadcast traffic on a switch
Devices at Layer 3
Router - Uses IP addressing
Broadcast Domain Isolation for each port
Creates subnets
Switches can Create VLANs to isolate broadcast traffic on a switch
Layer 3 Switch to allow inter-VLAN communications
Devices at Layer 3
Router - Uses IP addressing
Broadcast Domain Isolation for each port
Creates subnets
Switches can Create VLANs to isolate broadcast traffic on a switch
Layer 3 Switch to allow inter-VLAN communications
Common Layer 3 attack
ICMP based: Loki, hide messages in ICMP messages PING of death, oversized ping Ping flood, DoS with Ping SMURF, use a spoofed source address to launch a DDoS Fraggles, SMURF but with UDP
TCP Protocol
Connection oriented guaranteed delivery
Advantages; easier to program with, implements a session, adds security
Disadvantages; more overhead/slower, SYN floods (attack)
TCP Handshake
Client -> Server - Synchronize (SYN)
Server -> Client - Synchronize Acknowledge (SYN-ACK)
Client -> Server - Acknowledge (ACK)
UDP Protocol
Connectionless Unreliable No handshaking Desirable when real time transfer is essential Media streaming, gaming, live chat
File Transfer Protocol (FTP) uses what protocol
TCP
Trivial File Transfer Protocol (TFTP) uses what protocol
UDP
TCP vs OSI model
TCP only has 4 layers
TCP Network Layer is Physical and Data Link
TCP Internet is Network
TCP Transport is Transport
TCP Application is Application, Presentation, Session
Firewalls
Isolates traffic/networks into security zones 3 different layers; 3 5 and 7 Software or Hardware Based Provide isolation and separation Create zones based on trust Use rule-based access control (RBAC)
Security Zone
Different security levels in different zones