Official CompTIA Network+
Studied by 4 people
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/677
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
678 Terms
What is Layer 1 of OSI Model?
Physical Layer
What is Layer 2 of OSI Model?
Data Link Layer
What is Layer 3 of OSI Model?
Network Layer
What is Layer 4 of OSI Model?
Transport Layer
What is Layer 5 of OSI Model?
Session
What is Layer 6 of the OSI Model?
Presentation Layer
What is Layer 7 of OSI Model?
Application Layer
What is the Physical Layer ? (OSI Model)
The physics of the network
Signalling, cabling, connectors
This layer isn’t about protocols
"You have a physical layer problem”
Fix your cabling, punch-downs, etc.
Run loopback tests, test/replace cables, swap adapter cards
What is the Data Link Layer ? (OSI Model)
The basic network “language”
The foundation of communication at the data link layer
Data Link Control (DLC) Protocols
MAC (Media Access Control) address on Ethernet
The “switching” layer
What is the Network Layer ? (OSI Model)
The “routing” layer
Internet Protocol (IP)
Fragments frames to traverse different networks
What is the Transport Layer ? (OSI Model)
The “post office” layer
Parcels and letters
TCP and UDP
What is the Session Layer ? (OSI Model)
Communication management between devices
Start, stop, restart
Control protocols, tunnelling protocols
What is the Application Layer ? (OSI Model)
The layer we see
HTTP, FTP, DNS, POP3
Physical Layer 1 (Real-world to OSI model)
Cables, fiber, and the signal itself
Electrical Signals
Data Link Layer 2 (Real-world to OSI model)
Frame, MAC address, Extended Unique Identifier (EUI-48, EUI-64), Switch
Ethernet
Network Layer 3 (Real-world to OSI model)
IP Adress, Router, Packet
IP Encapsulation
Transport Layer 4 (Real-world to OSI model)
TCP segment, UDP datagram
TCP Encapsulation
Session Layer 5 (Real-world to OSI model)
Control protocols, tunnelling protocols
Link the presentation to the transport
Presentation Layer 6 (Real-world to OSI model)
Application encryption (SSL/TLS)
SSL Encryption
Application Layer 7 (Real-world to OSI model)
Your eyes
https://mail.google.com
Router
Routes traffic between IP subnets
OSI layer 3 device
Routers inside of switches sometimes called “layer 3 switches”
Layer 2 = Switch
Layer 3 = Router
Often connects diverse network types
LAN, WAN, copper, fiber
Switch
Bridging done in hardware
Application-specific integrated circuit (ASIC)
An OSI layer 2 device
Forwards traffic based on data link address
Many ports and features
The core of an enterprise network
May provide Power over Ethernet (PoE)
Multilayer switch
Includes layer 3 (routing) functionality
Firewalls
Filter traffic by port number or applicaiton
Traditional vs NGFW
Encrypt traffic
VPN between sites
Most firewalls can be layer 3 devices (routers)
Often sits on the ingress/egress of the network
Network Address Translation
Dynamic Routing
IDS and IPS
Watch network traffic
Intrusions (IDS and IPS)
Exploits against operating systems, applications, etc.
Buffer overflows, cross-site scripting, other vulnerabilities
Detection vs Prevention (IDS and IPS)
Detection - Alarm or alert
Prevention - Stop it before it gets into the network
Balancing the load
Distribute the load
Multiple servers
Invisible to the end-user
Large-scale implementations
Web server farms, database farms
Fault tolerance
Server outages have no effect
Very fast convergence
Load Balancer
Configurable load
Manage across servers
TCP offload
Protocol overhead
SSL offload
Encryption/Decryption
Caching
Fast response
Prioritization
QoS
Content Switching
Application-centric balancing
Proxies
Sits between the users and the external network
Receives the user requests and sends the request on their behalf (the proxy)
Useful for caching information, access control, URL filtering, content scanning
Applications may need to know how to use the proxy (explicit)
Some proxies are invisible (transparent)
Network Attached Storage (NAS)
Connect to a shared storage device across the network
File-level access
Storage Area Network (SAN)
Looks and feels like a locals torage device
Block level access
Very efficient reading and writing
NAS and SAN require lots of…
BANDWIDTH
May use an isolated network and high-speed network technologies
Access point (AP)
Not a wireless router
A wireless router is a router and an access point is a single device
Is a bridge
Extends the wired network onto the wireless network
OSI layer 2 device
Wireless networks everywhere
Wireless networking is pervasive
And you probably don’t just have a single access point
Your access points may not even be in the same building
One (or more) at every remote site
Configurations may change at any moment
Access policy, security policies, AP configs
The network should be invisible to your users
Seamless network access, regardless of role
Wireless LAN controllers
Centralized management of access points
A single “pane of glass”
Deploy new access points
Performance and security monitoring
Configure and deploy changes to all sites
Report and access point use
Usually a proprietary system
The wireless controller is paired with the access points
Networking Functions
There’s a lot happening behind the scenes
Many networking functions are part of the infrastructure
Access to important data
From anywhere in the world
Remote access
Secure network communication
Traffic management
Prioritize the important applications
Protocol support
Maintain uptime and availability
Content Delivery Network (CDN)
It takes time to get data from one place to another
Speed up the process
Geographically distributed caching servers
duplicate the data
Users get the data from a local server
You’re using one right now
Used on many websites
Invisible to the end user
Virtual Private Network (VPN)
Secure private data traversing a public network
Encrypted communication on an insecure medium
Concentrator / head-end
Encryption/decryption access device
Often integrated into a firewall
Many deployment options
Specialized cryptographic hardware
Software-based options available
Often used with client software
Sometimes built into the OS
Quality of Service (QoS)
Traffic shaping, packet shaping
Control by bandwidth usage or data rates
Set important applications to have higher priorities and other apps
Mange the QoS
Routers, switches, firewalls, ____ devices
Time to live (TTL)
How long should data be available?
Not all systems or protocols are self-regulating
We sometimes need to tell a system when to stop
Create a timer
Wait until traversing a number of hops, or wait until a certain amount of time elapses
Then stop (or drop)
Many different uses
Drop a packet caught in a loop
Clear a cache
Routing loops
Router A thinks the next hop is to Router B
Router B thinks the next hop is to router A
And repeat
Easy to misconfigure
Especially with static routing
This can’t go on forever
TTL is used to stop the loop
IP (Internet Protocol)
Loops could cause a packet to live forever
Drop the packet after a certain number of hops
Each pass through a router is a hop
Default TTL for macOS/Linux is 64 hops
Default TTL for Windows is 128 hops
The router decreases TTL by 1
A TTL of zero is dropped by the router
DNS (Domain Name System)
DNS Lookups
Resolve an IP address from a fully-qualified domain name
www.professormesser.com = 172.67.41.114
A device caches the lookup for a certain amount of time
How long? TTL seconds long.
Designing the cloud
On demand computing power
Click a button
Elasticity
Scale up or down as needed
Applications also scale
Scalability for large implementations
Access from anywhere
Multi tenancy
Many different clients are using the same cloud infrastructure
Virtual Networks
Server farm with 100 individual computers
It’s a big farm
All servers are connected with enterprise switches and routers
With redundancy
Migrate 100 physical servers to one physical server
With 100 virtual servers inside
What happens to the network?
Network function virtualization (NFV)
Replace physical network devices with virtual versions
Manage from the hypervisor
Same functionality as a physical device
Routing, switching, load balancing, firewalls, etc.
Quickly and easily deploy network functions
Click and deploy from the hypervisor
Many different deployment options
Virtual machine, container, fault tolerance, etc.
Virtual Private Cloud (VPC)
A pool of resources created in public cloud
VPC (Connecting to the cloud)
Common to create many VPCs
Many different application clouds
Connect VPCs with a transit gateway
And users to the VPCs
A “cloud router”
Now make it secure
VPCs are commonly on different IP subnets
Connecting to the cloud is often through a VPN
VPN (Connecting to the cloud)
Site-to-site VPN through the Internet
Virtual Private Cloud Gateway / Internet gateway (Connecting to the cloud)
Connects users on the Internet
VPC NAT gateway
Network address translation
Private cloud subnets connect to external resources
External resources cannot access the private cloud
VPC Endpoint (Connecting to the cloud)
Direct connection between the cloud provider networks
Security groups and lists
A firewall for the cloud
Control inbound and outbound traffic flows
Layer 4 port number
TCP or UDP port
Layer 3 address
Individual addresses
CIDR block notation
IPv4 or IPv6
Network Security List
Assign a security rule to a entire IP subnet
Applies to all devices in the subnet
Very Broad
Can become difficult to manage
Not all devices in a subnet have the same security posture
More granularity may be needed
Broad rules may not provide the right level of security
Network security group
Assign a security rule to a specific virtual NIC (VNIC)
Applies to specific devices and network connections
More granular than networks security lists
Different rules for devices in the same IP subnet
Better control and granularity
The best practice for the cloud security rules
Public (Cloud Deployment Models)
Available to everyone over the internet
Private (Cloud Deployment Models)
Your own virtualized local data center
Hybrid (Cloud Deployment Models)
A mix of both public and private
Software as a service (SaaS)
On demand software
No local installation
Why manage your own email distribution? Or Payroll?
Central management of data and applications
Your data is out there
A complete application offering
No development work required
Google Mail, Office 365
Infrastructure as a Service (Iaas)
Sometimes called as Hardware as a Service (Haas)
Outsource your equipment
You’re still responsible for the management
And for the security
Your data is out there but more within your control
Web server providers
Platform as a Service (PaaS)
No servers, no software, no maintenance team, no HVAC
Someone else handles the platform, you handle the development
You don’t have direct control of the data, people, or infrastructure
Trained security professionals are watching your stuff
Choose carefully
Put the building blocks together
Develop your app from what’s available on the platform
SalesForce.com
A series of moving vans (Understanding IP)
Efficiently move large amounts of data
Use a shipping truck
The network topology is the road
Ethernet, DSL, cable system
The truck is the Internet Protocol (IP)
We’ve designed the roads for this truck
The boxes hold your data
Boxes of TCP and UDP
Inside the boxes are more things
Application information r
TCP and UDP
Transported inside of IP
Encapsulated by the IP protocol
Two ways to move data from place to place
Different features for different applications
OSI Layer 4
The transport layer
Multiplexing
Use many different applications at the same time
TCP and UDP
TCP (Transmission Control Protocol)
Connection-oriented
A formal connection setup and close
“Reliable” delivery
Recovery from errors
Can manage out-of-order messages or retransmissions
Flow control
The receiver can manage how much data is sent
UDP (User Datagram Protocol)
Connectionless
No formal open or close to the connection
“Unreliable” delivery
No error recovery
No reordering of data or retransmissions
No flow control
Sender determines the amount of data transmitted
Speedy Delivery
The IP delivery truck delivers from one (IP) adress to another (IP) address
Every house has an address, every computer has an IP address
Boxes arrive at the house / IP address
Where do the boxes go?
Each box has a room name
Port is written on the outside of the box
Drop the box into the right room
Lots of Ports
IPv4 sockets
Server IP address, protocol, server application port number
Client IP address, protocol, client port number
Non-ephemeral-ports - permanent port numbers
Ports 0 through 1,023
Usually on a server or service
Ephemeral ports - temporary port numbers
Ports 1,024 through 65,535
Port Numbers
TCP and UDP ports can be any number between 0 and 65,535
Most servers (services) use non-ephemeral (not temporary) port numbers
This isn’t always the case
It’s just a number
Port numbers are for communication, not security
Service port numbers need to be “well known”
TCP port numbers aren’t the same as UDP port numbers
FTP (File transfer protocol)
Transfers files between systems
Generic file transfer method
Not specific to an operating system
tcp/20 (activate mode data), tcp/21 (control)
Authenticates with a username and password
Full-featured functionality
List, add, delete, etc.
SSH (Secure Shell)
Text-based console communication
Encrypted communication link - tcp/22
SFTP (Secure FTP)
Generic file transfer with security
Encrypted network communication
Uses the SSH File Transfer Protocol
tcp/22
Provides file system functionality
Resuming interrupted transfers, directory listings, remote file removal
Uses SSH (port 22)
SSH isn’t just for console communication
Telnet
Telecommunication Network
tcp/23
Console access
Similar functionality to SSH
In-the-clear communication
Not the best choice for production systems
SMTP (Simple Mail Transfer Protocol)
Server to server email transfer
tcp/25 (using plaintext)
tcp/587 (using TLS encryption)
Also used to send mail from a device to a mail server
Commonly configured on mobile devices and email clients
Other protocols are used for clients to receive email
IMAP, POP3
DNS (Domain Name System)
Converts names to IP addresses
udp/53
Large transfers may use tcp/53
www.professormesser.com = 162.159.246.164
These are very critical resources
Usually multiple DNS servers are in production
DHCP (Dynamic Host Configuration Protocol)
Automated configuration of IP address, subnet mask and other options
udp/67,udp/68
Requires a _____ server
Server, appliance, integrated into a SOHO router, etc.
Dynamic/pooled
IP addresses are assigned in real-time from a pool
Each system is given a lease, must renew at set intervals
DHCP serervation
Addresses are assigned by MAC address in the DHCP server
Quickly manage addresses from one location
TFTP (Trivial File Transfer Protocol)
Port Number
udp/69
Very simple file transfer application
Read files and write files
No authentication
Not used on highly secure systems
Useful when starting a system
Transfer configuration files
Quick and easy
HTTP and HTTPS
Hypertext Transfer Protocol
Communication in the browser
and by other applications
In the clear or encrypted
SSL (Secure Sockets Layer) or TLS (Transport Layer Security)
NTP (Network Time Protocol)
Switches, routers, firewalls, servers, workstations
Every device has its own clock
udp/123
Synchronizing the clocks becomes critical
Local files, authentication information, outage details
Automatic updates
No flashing 12:00 lights
Flexible
you control how clocks are updated
Very accurate
Accuracy is better than 1 millisecond on a local network
SNMP (Simple Network Management Protocol) s*
Gather statistics from network devices
udp/161
v1 - the original (SNMP)
structured tables
In-the-clear
v2 - a good step ahead (SNMP)
Data type enhancements
Bulk transfers
Still in-the-clear
v3 - A secure standard (SNMP)
Message integrity
Authentication
Encryption
SNMP traps
automatic alert messages sent by a device (like a router or switch) to a network management system to report a problem or important event, such as a failure or status change, without being asked
LDAP (Lightweight Directory Access Protocol)
tcp/389
Store and retrieve information in a network directory
LDAPS (LDAP Secure)
A non-standard implementation of LDAP over SSL
tcp/636
SMB (Sever Message Block)
Protocol used by Microsoft Windows
File sharing, printer sharing
Also called CIFS (Common Internet File System)
Integrated into the operating system
Access rights integration across systems
File sharing publishing
File locking
Direct over tcp/445 (NetBIOS - less)
Direct ___ communication over TCP
Syslog
Standard for message logging
Diverse systems, consolidated log
udp/514
Usually a central log collector
Integrated into the SIEM
Security Information and Event Manager
You’re going to need a lot of disk space
No, more, More than that.
Data storage from many devices over an extended timeframe
Databases
Collection of information
Many different types of data
One common method to sroe and query
Structured Query Language (SQL)
A standard language across database servers
Microsoft SQL Server
MS-SQL (Microsoft SQL)
tcp/1433
RDP (Remote Desktop Protocol)
Share a desktop from a remote location over tcp/3389
Connect to an entire desktop or just an application
Remote Desktop Services on many Windows versions
Clients for Windows, MacOS, Linux, Unix, iPhone, and others
SIP (Session Initiation Protocol)
Voice over IP (VoIP) signaling
tcp/5060 and tcp/5061
Setup and manage VoIP sessions
Call, ring, play busy signal, hang up
Extend voice communication
Video conferencing
Instant messaging
File transfer
etc.
ICMP (Internet Control Message Protocol)
“Text messaging” for your network devices
Another protocol carried by IP
Not sued for data trasnfer
Devices can request and reply to administrative requests
Hey, are you there? / Yes, I’m right here
Devices can send messages when things don’t go well
That network you’re trying to reach is not reachable from here
Your time-to-live expired, just letting you know
GRE (Generic Routing Encapsulation)
The “tunnel” between two endpoints
Encapsulate traffic inside of IP
Two endpoints appear to be directly connected to each-other
No built-in encryption
VPNs (Virtual Private Networks)
Encrypted (private) data traversing a public network
Concentrator
Encryption/decryption access device
Often integrated into a firewall
Many deployment options
Specialized cryptographic hardware
Software-based options available
Site-to-site VPN
Always-on
Or almost always
Firewalls often act as VPN concentrators
Probably already have firewalls in place
IPSec (Internet Protocol Security)
Security for OSI Layer 3
Authentication and encryption for every packet
Confidentiality and integrity/anti-replay
Encryption and packet signing
Very standardized
Common to use multi-vendor implementations
Two core IPSec protocols
Authentication Header (AH)
Encapsulation Security Payload (ESP)
Internet Key Exchange (IKE)
Agree on encryption/decryption keys
Without sending the key across the network
Builds a Security Association (SA)
Phase II (IKE)
Coordinate ciphers and key sizes
Negotiate an inbound and outbound SA for IPsec
Phase I (IKE)
Use Diffie-Hellman to create a shared secret key
udp/500
ISAKMP (Internet Security Association and Key Management Protocol)
Authentication Header (AH)
Hash of the packet and a shared key
MD5, SHA-1, or SHA-2 are common
Adds the AH to the packet header
Encapsulating Security Payload (ESP)
Encrypts the packet
MD5, SHA-1, or SHA-2 for hash, and 3DES or AES for encryption
Adds a header, a trailer, and an Integrity Check Value
Note 
Flashcards (28)