WK2 Introduction to Network Protocols Flashcards
Network Protocols
Network protocols are a set of rules used by two or more devices on a network to describe the order of delivery and the structure of the data.
Network protocols serve as instructions that come with the information in the data packet. These instructions tell the receiving device what to do with the data. Protocols are like a common language that allows devices all across the world to communicate with and understand each other.
Even though network protocols perform an essential function in network communication, security analysts should still understand their associated security implications. Some protocols have vulnerabilities that malicious actors exploit. For example, a nefarious actor could use the Domain Name System (DNS) protocol, which resolves web addresses to IP addresses, to divert traffic from a legitimate website to a malicious website containing malware. You’ll learn more about this topic in upcoming course materials.
Scenario to demonstrate a few different types of network protocols and how they work together on a network.
Transmission Control Protocol (TCP)
Say you want to access your favorite recipe website. You go to the address bar at the top of your browser and type in the website’s address. For example:
www.yummyrecipesforme.org. Before you gain access to the website, your device will establish communications with a web server.
That communication uses a protocol called the Transmission Control Protocol, or TCP. TCP is an internet communications protocol that allows two devices to form a connection and stream data.
Scenario to demonstrate a few different types of network protocols and how they work together on a network.
TCP Handshake
TCP also verifies both devices before allowing any further communications to take place. This is often referred to as a handshake. Once communication is established using a TCP handshake, a request is made to the network.
Using our example, we have requested data from the Yummy Recipes For Me server. Their servers will respond to that request and send data packets back to your device so that you can view the web page.
Scenario to demonstrate a few different types of network protocols and how they work together on a network.
Data Packets
A data packet is a unit of data made into a single package that travels along a given network path.
As data packets move across the network, they move between network devices such as routers.
Scenario to demonstrate a few different types of network protocols and how they work together on a network.
The Address Resolution Protocol (ARP)
The Address Resolution Protocol, or ARP, is used to determine the MAC address of the next router or device on the path. This ensures that the data gets to the right place. Now the communication has been established and the destination device is known, it’s time to access the Yummy Recipes For Me website.
Scenario to demonstrate a few different types of network protocols and how they work together on a network.
The Hypertext Transfer Protocol Secure, or HTTPS
The Hypertext Transfer Protocol Secure, or HTTPS, is a network protocol that provides a secure method of communication between client and website servers.
It allows your web browser to securely send a request for a webpage to the Yummy Recipes For Me server and receive a webpage as a response.
Scenario to demonstrate a few different types of network protocols and how they work together on a network.
Domain Name System (DNS)
Next comes a protocol called the Domain Name System, or DNS, which is a network protocol that translate internet domain names into IP addresses. The DNS protocol sends the domain name and the web address to a DNS server that retrieves the IP address of the website you were trying to access, in this case, Yummy Recipes For Me. The IP address is included as a destination address for the data packets traveling to the Yummy Recipes For Me web server.
So just by visiting one website, the device on your networks are using four different protocols: TCP, ARP, HTTPS, and DNS.
But how do these protocols relate to security? Well, on the Yummy Recipes For Me website example, we used HTTPS, which is a secure protocol that requests a webpage from a web server. HTTPS encrypts data using the Secure Sockets Layer and Transport Layer Security, otherwise known as SSL/TLS. This helps keep the information secure from malicious actors who want to steal valuable information.
3 Categories of Network Protocols
- Communication Protocols
Communication protocols govern the exchange of information in network transmission. They dictate how the data is transmitted between devices and the timing of the communication. They also include methods to recover data lost in transit. Here are a few of them.
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
Hypertext Transfer Protocol (HTTP)
Domain Name System (DNS)
3 Categories of Network Protocols
- Communication Protocols
Transmission Control Protocol
Transmission Control Protocol (TCP) is an internet communication protocol that allows two devices to form a connection and stream data. TCP uses a three-way handshake process. First, the device sends a synchronize (SYN) request to a server. Then the server responds with a SYN/ACK packet to acknowledge receipt of the device’s request. Once the server receives the final ACK packet from the device, a TCP connection is established. In the TCP/IP model, TCP occurs at the transport layer.
3 Categories of Network Protocols
- Communication Protocols
User Datagram Protocol (UDP)
User Datagram Protocol (UDP) is a connectionless protocol that does not establish a connection between devices before a transmission. This makes it less reliable than TCP. But it also means that it works well for transmissions that need to get to their destination quickly. For example, one use of UDP is for internet gaming transmissions. In the TCP/IP model, UDP occurs at the transport layer.
3 Categories of Network Protocols
- Communication Protocols
User Datagram Protocol (UDP)
User Datagram Protocol (UDP) is a connectionless protocol that does not establish a connection between devices before a transmission. This makes it less reliable than TCP. But it also means that it works well for transmissions that need to get to their destination quickly. For example, one use of UDP is for internet gaming transmissions. In the TCP/IP model, UDP occurs at the transport layer.
3 Categories of Network Protocols
- Communication Protocols
Hypertext Transfer Protocol (HTTP)
Hypertext Transfer Protocol (HTTP) is an application layer protocol that provides a method of communication between clients and website servers. HTTP uses port 80. HTTP is considered insecure, so it is being replaced on most websites by a secure version, called HTTPS. However, there are still many websites that use the insecure HTTP protocol. In the TCP/IP model, HTTP occurs at the application layer.
3 Categories of Network Protocols
- Communication Protocols
Domain Name System (DNS)
Domain Name System (DNS) is a protocol that translates internet domain names into IP addresses. When a client computer wishes to access a website domain using their internet browser, a query is sent to a dedicated DNS server. The DNS server then looks up the IP address that corresponds to the website domain. DNS normally uses UDP on port 53. However, if the DNS reply to a request is large, it will switch to using the TCP protocol. In the TCP/IP model, DNS occurs at the application layer.
3 Categories of Network Protocols
- Management Protocols
The next category of network protocols is management protocols. Management protocols are used for monitoring and managing activity on a network. They include protocols for error reporting and optimizing performance on the network.
Simple Network Management Protocol (SNMP)
Internet Control Message Protocol (ICMP)
3 Categories of Network Protocols
- Management Protocols
Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP) is a network protocol used for monitoring and managing devices on a network. SNMP can reset a password on a network device or change its baseline configuration. It can also send requests to network devices for a report on how much of the network’s bandwidth is being used up. In the TCP/IP model, SNMP occurs at the application layer.