Secure Network Architecture and Components Flashcards
Know the OSI model
The OSI layers are as follows: Application, Presentation, Session, Transport, Network, Data Link, and Physical.
Understand encapsulation
Encapsulation is the addition of a header, and possibly a footer, to the data received by each layer from the layer above before it’s handed off to the layer below. The inverse action is deencapsulation.
Know the network container names
The network containers are: OSI layers 7–5 protocol data unit (PDU), layer 4 segment (TCP) or a datagram (UDP), layer 3 packet, layer 2 frame, and layer 1 bits.
Understand protocol analyzers
A protocol analyzer is a tool used to examine the contents of network traffic.
Understand the MAC address
Media Access Control (MAC) address is a 6-byte (48-bit) binary address written in hexadecimal notation, aka hardware address, physical address, the NIC address, and the Ethernet address. The first 3 bytes (24 bits) of the address is the organizationally unique identifier (OUI), which denotes the vendor or manufacturer.
Know routing protocols
Interior routing protocols are distance vector (Routing Information Protocol ([RIP] and Interior Gateway Routing Protocol [IGRP]) and link state (Open Shortest Path First [OSPF] and Intermediate System to Intermediate System [IS-IS]); exterior routing protocols are path vector (Border Gateway Protocol [BGP]).
Understand the TCP/IP model
Also known as DARPA or the DOD model, the model has four layers: Application (also known as Process), Transport (also known as Host-to-Host), Internet (sometimes known as Internetworking), and Link (although Network Interface and sometimes Network Access are used).
Be aware of the common application layer protocols
These include Telnet, FTP, TFTP, SMTP, POP3, IMAP, DHCP, HTTP, HTTPS (TLS), LPD, X Window, NFS, and SNMP.
Understand transport layer protocols
Be aware of the features and differences between TCP and UDP; also be familiar with ports, session management, and TCP header flags.
Understand DNS
The Domain Name System (DNS) is the hierarchical naming scheme used in both public and private networks. DNS links human-friendly fully qualified domain names (FQDNs) and IP addresses together. DNSSEC and DoH are DNS security features.
Understand DNS poisoning
DNS poisoning is the act of falsifying the DNS information used by a client to reach a desired system. It can be accomplished through a rogue DNS server, pharming, altering a hosts file, corrupting IP configuration, DNS query spoofing, and proxy falsification.
Understand domain hijacking
Domain hijacking, or domain theft, is the malicious action of changing the registration of a domain name without the authorization of the valid owner.
Understand typosquatting
Typosquatting is a practice employed to capture and redirect traffic when a user mistypes the domain name or IP address of an intended resource.
Know about IP
Be familiar with the features and differences between IPv4 and IPv6. Understand IPv4 classes, subnetting, and CIDR notation.
Understand network layer protocols
Be familiar with ICMP and IGMP.
Know about ARP
Address Resolution Protocol (ARP) is essential to the interoperability of logical and physical addressing schemes. ARP is used to resolve IP addresses into MAC addresses. Also know about ARP poisoning.
Be able to give examples of security communication protocols
Examples include IPsec, Kerberos, SSH, Signal protocol, S-RPC, and TLS.
Understand multilayer protocols
Benefits of multilayer protocols include the fact that they can be used at higher OSI levels and that they offer encryption, flexibility, and resiliency. Drawbacks include covert channels, filter bypass, and violation of network segment boundaries.
Know about converged protocols
Examples include FCoE, MPLS, iSCSI, VPN, SDN, cloud, virtualization, SOA, microservices, infrastructure as code (IaC), and serverless architecture.
Define VoIP
Voice over IP (VoIP) is a tunneling mechanism that encapsulates audio, video, and other data into IP packets to support voice calls and multimedia collaboration over TCP/IP network connections.