OSI Model

Question 1

What is the OSI Model

Answer 1

Open Systems Interconnection Model.
The OSI model consists of seven layers. Each layer has a different set of responsibilities and is arranged from Layer 7 to Layer 1.
7. Application
6. Presentation
5. Session
4. Transport
3.Network
2.Data Link
1. Physical

Question 2

What does the Application layer do?

Answer 2

The application layer is the layer in which protocols and rules are in place to determine how the user should interact with data sent or received.

Everyday applications such as email clients, browsers, or file server browsing software such as FileZilla provide a friendly, Graphical User Interface (GUI) for users to interact with data sent or received. Other protocols include DNS (Domain Name System), which is how website addresses are translated into IP addresses.

Question 3

What does the Presentation Layer do?

Answer 3

This layer acts as a translator for data to and from the application layer (layer 7). The receiving computer will also understand data sent to a computer in one format destined for in another format. For example, when you send an email, the other user may have another email client to you, but the contents of the email will still need to display the same.

Security features such as data encryption (like HTTPS when visiting a secure site) occur at this layer.

Question 4

What does the Session Layer do

Answer 4

Once data has been correctly translated or formatted from the presentation layer (layer 6), the session layer (layer 5) will begin to create a connection to the other computer that the data is destined for. When a connection is established, a session is created. Whilst this connection is active, so is the session.

The session layer (layer 5) synchronises the two computers to ensure that they are on the same page before data is sent and received. Once these checks are in place, the session layer will begin to divide up the data sent into smaller chunks of data and begin to send these chunks (packets) one at a time. This dividing up is beneficial because if the connection is lost, only the chunks that weren’t yet sent will have to be sent again — not the entire piece of the data (think of it as loading a save file in a video game).

What is worthy of noting is that sessions are unique — meaning that data cannot travel over different sessions, but in fact, only across each session instead

Question 5

What does the Transport layer do

Answer 5

Layer 4 of the OSI model plays a vital part in transmitting data across a network and can be a little bit difficult to grasp. When data is sent between devices, it follows one of two different protocols that are decided based upon several factors:

TCP
UDP

Question 6

What is TCP

Answer 6

The Transmission Control Protocol (TCP). Potentially hinted by the name, this protocol is designed with reliability and guarantee in mind. This protocol reserves a constant connection between the two devices for the amount of time it takes for the data to be sent and received.

Not only this, but TCP incorporates error checking into its design. Error checking is how TCP can guarantee that data sent from the small chunks in the session layer (layer 5) has then been received and reassembled in the same order.
TCP is used for situations such as file sharing, internet browsing or sending an email. This usage is because these services require the data to be accurate and complete (no good having half a file!).

Question 7

What is UDP

Answer 7

User Datagram Protocol (or UDP for short). This protocol is not nearly as advanced as its brother - the TCP protocol. It doesn’t boast the many features offered by TCP, such as error checking and reliability. In fact, any data that gets sent via UDP is sent to the computer whether it gets there or not. There is no synchronisation between the two devices or guarantee; just hope for the best, and fingers crossed

Question 8

What are the advantages of TCP

Answer 8

Guarantees the accuracy of data.

Capable of synchronising two devices to prevent each other from being flooded with data.

Performs a lot more processes for reliability

Question 9

What are the disadvantages of TCP

Answer 9

Requires a reliable connection between the two devices. If one small chunk of data is not received, then the entire chunk of data cannot be used and must be re-sent.

A slow connection can bottleneck another device as the connection will be reserved on the other device the whole time.

TCP is significantly slower than UDP because more work (computing) has to be done by the devices using this protocol.

Question 10

What are the advantages of UDP

Answer 10

UDP is much faster than TCP.

UDP leaves the application layer (user software) to decide if there is any control over how quickly packets are sent.

UDP does not reserve a continuous connection on a device as TCP does.

Question 11

What are the disadvantages of UDP

Answer 11

UDP doesn’t care if the data is received.

It is quite flexible to software developers in this sense.

This means that unstable connections result in a terrible experience for the user.

Question 12

What is the Network Layer

Answer 12

Whilst some protocols at this layer determine exactly what is the “optimal” path that data should take to reach a device, we should only know about their existence at this stage of the networking module. Briefly, these protocols include OSPF (Open Shortest Path First) and RIP (Routing Information Protocol). The factors that decide what route is taken is decided by the following:

What path is the shortest? I.e. has the least amount of devices that the packet needs to travel across.
What path is the most reliable? I.e. have packets been lost on that path before?
Which path has the faster physical connection? I.e. is one path using a copper connection (slower) or a fibre (considerably faster)?
At this layer, everything is dealt with via IP addresses such as 192.168.1.100. Devices such as routers capable of delivering packets using IP addresses are known as Layer 3 devices — because they are capable of working at the third layer of the OSI model.
Think packets.

Question 13

What is the Data Link Layer

Answer 13

The data link layer focuses on the physical addressing of the transmission. It receives a packet from the network layer (including the IP address for the remote computer) and adds in the physical MAC (Media Access Control) address of the receiving endpoint. Inside every network-enabled computer is a Network Interface Card (NIC) which comes with a unique MAC address to identify it.

MAC addresses are set by the manufacturer and literally burnt into the card; they can’t be changed – although they can be spoofed. When information is sent across a network, it’s actually the physical address that is used to identify where exactly to send the information.

Additionally, it’s also the job of the data link layer to present the data in a format suitable for transmission.
Think Frames

Question 14

What is the Physical Layer

Answer 14

This layer is one of the easiest layers to grasp. Put simply, this layer references the physical components of the hardware used in networking and is the lowest layer that you will find. Devices use electrical signals to transfer data between each other in a binary numbering system (1’s and 0’s). Think Bits and Bits

Question 15

What is a frame

Answer 15

A frame is at layer 2 - the data link layer, meaning there is no such information as IP addresses.

Question 16

TCP/IP packets contain various sections of information known as headers that are added from encapsulation. Name them

Answer 16

Source Port, Destination Port, Source IP, Destination IP, Sequence Number, Acknowledgement Number, Checksum, Checksum, and Flag

Question 17

As a TCP/IP Header, what is a Source Port

Answer 17

This value is the port opened by the sender to send the TCP packet from. This value is chosen randomly (out of the ports from 0-65535 that aren’t already in use at the time).

Question 18

As a TCP/IP Header, what is a Destination Port

Answer 18

This value is the port number that an application or service is running on the remote host (the one receiving data); for example, a webserver running on port 80. Unlike the source port, this value is not chosen at random.

Question 19

As a TCP/IP Header, what is a Source IP

Answer 19

This is the IP address of the device that is sending the packet.

Question 20

As a TCP/IP Header, what is a sequence number

Answer 20

When a connection occurs, the first piece of data transmitted is given a random number. We’ll explain this more in-depth further on.

Question 21

As a TCP/IP Header, what is an Acknowledgement Number

Answer 21

After a piece of data has been given a sequence number, the number for the next piece of data will have the sequence number + 1. We’ll also explain this more in-depth further on.

Question 22

As a TCP/IP Header, what is a Checkksum

Answer 22

This value is what gives TCP integrity. A mathematical calculation is made where the output is remembered. When the receiving device performs the mathematical calculation, the data must be corrupt if the output is different from what was sent.

Question 23

As a TCP/IP Header, what is Data

Answer 23

This value is what givesTCPintegrity. A mathematical calculation is made where the output is remembered. When the receiving device performs the mathematicalcalculation, the data must be corrupt if the output is different from what was sent.

Question 24

As a TCP/IP Header, what is a Flag

Answer 24

This header determines how the packet should be handled by either device during the handshake process. Specific flags will determine specific behaviours, which is what we’ll come on to explain below.

Question 25

In TCP/IP, what is a three way handshake?

Answer 25

the term given for the process used to establish a connection between two devices. The Three-way handshake communicates using a few special messages, SYN, SYN/ACK, ACK, DATA, FIN, RST

Question 26

In a three way handshake what is SYN

Answer 26

A SYN message is the initial packet sent by a client during the handshake. This packet is used to initiate a connection and synchronise the two devices together (we’ll explain this further later on).

Question 27

In a three way handshake what is SYN/ACK

Answer 27

This packet is sent by the receiving device (server) to acknowledge the synchronisation attempt from the client.

Question 28

In a three way handshake what is ACK

Answer 28

The acknowledgement packet can be used by either the client or server to acknowledge that a series of messages/packets have been successfully received.

Question 29

In a three way handshake what is DATA

Answer 29

Once a connection has been established, data (such as bytes of a file) is sent via the “DATA” message.

Question 30

In a threeway handshake what is FIN

Answer 30

This packet is used to cleanly (properly) close the connection after it has been complete.

Question 31

In a threeway handshake what is RST

Answer 31

This packet abruptly ends all communication. This is the last resort and indicates there was some problem during the process. For example, if the service or application is not working correctly, or the system has faults such as low resources.

Question 32

What is a quality of UDP

Answer 32

Unlike its brother TCP, UDP is a stateless protocol that doesn’t require a constant connection between the two devices for data to be sent. For example, the Three-way handshake does not occur, nor is there any synchronisation between the two devices.

Question 33

What packet headers are in a UDP Packet

Answer 33

Time to Live (TTL), Source Address, Destination Address, Source Port, Destination Port, Data

Question 34

What is the complete number range of network ports?

Answer 34

0 and 65535

Question 35

What is the common range of network ports?

Answer 35

Any port that is within 0 and 1024

Question 36

FTP

Answer 36

File Transfer Protocol
21
UDP
This protocol is used by a file-sharing application built on a client-server model, meaning you can download files from a central location.

Question 37

SSH

Answer 37

Secure Shell
22
UDP/TCP
This protocol is used to securely login to systems via a text-based interface for management.

Question 38

HTTP

Answer 38

HyperText Transfer Protocol
80
UDP/TCP
This protocol powers the World Wide Web (WWW)! Your browser uses this to download text, images and videos of web pages.

Question 39

HTTPS

Answer 39

HyperText Transfer Protocol Secure
443
UDP/TCP
This protocol does the exact same as above; however, securely using encryption.

Question 40

SMB

Answer 40

Server Message Block
445
UDP/TCP
This protocol is similar to the File Transfer Protocol (FTP); however, as well as files, SMB allows you to share devices like printers.

Question 41

Remote Desktop Protocol

Answer 41

RDP
3389

This protocol is a secure means of logging in to a system using a visual desktop interface (as opposed to the text-based limitations of the SSH protocol).

Question 42

Describe a Stateful Firewall

Answer 42

This type of firewall uses the entire information from a connection; rather than inspecting an individual packet, this firewall determines the behaviour of a device based upon the entire connection.

This firewall type consumes many resources in comparison to stateless firewalls as the decision making is dynamic. For example, a firewall could allow the first parts of a TCP handshake that would later fail.

If a connection from a host is bad, it will block the entire device.

Question 43

Describe a Stateless Firewall

Answer 43

This firewall type uses a static set of rules to determine whether or not individual packets are acceptable or not. For example, a device sending a bad packet will not necessarily mean that the entire device is then blocked.

Whilst these firewalls use much fewer resources than alternatives, they are much dumber. For example, these firewalls are only effective as the rules that are defined within them. If a rule is not exactly matched, it is effectively useless.

However, these firewalls are great when receiving large amounts of traffic from a set of hosts (such as a Distributed Denial-of-Service attack)

Question 44

What level of the OSI Model do Firewalls operate at?

Answer 44

Layers 3 and Layer 4. thpough,
Some go to layer 7

Question 45

What is a VPN

Answer 45

A Virtual Private Network is a technology that allows devices on separate networks to communicate securely by creating a dedicated path between each other over the Internet (known as a tunnel). Devices connected within this tunnel form their own private network.

Question 46

What can a VPN provide you with?

Answer 46

Allows networks in different geographical locations to be connected. Offers privacy and anonymity.

Question 47

List some of the VPN technologies

Answer 47

PPP, PPTP, IPSec

Question 48

Describe PPP VPN technology

Answer 48

This technology is used by PPTP to allow for authentication and provide encryption of data. VPNs work by using a private key and public certificate (similar to SSH). A private key & certificate must match for you to connect.
This technology is not capable of leaving a network by itself (non-routable).

Question 49

Describe PPTP VPN technology

Answer 49

The Point-to-Point Tunneling Protocol is the technology that allows the data from PPP to travel and leave a network.

PPTP is very easy to set up and is supported by most devices. It is, however, weakly encrypted in comparison to alternatives.

Question 50

Describe IPSec VPN technology

Answer 50

Internet Protocol Security encrypts data using the existing Internet Protocol (IP) framework.
IPSec is difficult to set up in comparison to alternatives; however, if successful, it boasts strong encryption and is also supported on many devices.

Question 51

What is a switch

Answer 51

A switch is a dedicated networking device responsible for providing a means of connecting to multiple devices. Switches can facilitate many devices (from 3 to 63) using Ethernet cables.

Switches can operate at both layer 2 and layer 3 of the OSI model. However, these are exclusive in the sense that Layer 2 switches cannot operate at layer 3.

Question 52

What is a router

Answer 52

It’s a router’s job to connect networks and pass data between them. It does this by using routing (hence the name router!).

Routing is the label given to the process of data travelling across networks. Routing involves creating a path between networks so that this data can be successfully delivered. Routers operate at Layer 3 of the OSI model. They often feature an interactive interface (such as a website or a console) that allows an administrator to configure various rules such as port forwarding or firewalling.
- What path is the shortest?
- What path is the most reliable?
- Which path has the faster medium (e.g. copper or fibre)?

Question 53

What is VLAN

Answer 53

Virtual Local Area Network allows specific devices within a network to be virtually split up. This split means they can all benefit from things such as an Internet connection but are treated separately. This network separation provides security because it means that rules in place determine how specific devices communicate with each other.