Please enable JavaScript.
Coggle requires JavaScript to display documents.
(CAP 11) Secure network architecture and securing network components (OSI…
(CAP 11) Secure network architecture and securing network components
OSI Model
application (HTTP,FTP, etc)
presentation - (ASCII, JPEG, etc)
session - responsible for sessions management between two computers
transport - responsible for managing the integrity of a connection and controlling the session (NFS,etc)
network - responsible for adding routing and addressing info to data (ICMP, NAT, etc) (routers)
data link (MAC address) (switch devices)
physical
TCP/IP model
stack
application (FTP, SNMP, SMTP,etc)
transport (TCP, UDP)
Internet (IP)
Link (Ethernet, Fast Ethernet, Token ring, FDDI)
Transport layer protocols
65536 ports
0-1023 ports: well-known ports
1024-49151: registered software ports
49512-65535: ephemeral ports
three-way handshake
transmission window
TCP: full-duplex communications, connection oriented, reliable sessions
UDP: connectionless, best-effort communication protocol
Netowrk layer protocols
IP classes
class A 255.0.0.0 /8
class B 255.255.0.0 /16
class C 255.255.255.0 /24
TCP/IP vulnerabilities
Converged protocols (FCOE,MPLS,iSCSI,VoIP)
Wireless networks
securing the SSID (change default SSID and disable beacon frame)
conducting a site survey
using secure encryptin protocols (WEP,WPA,WPA2)
wireless attacks
war driving
war chalking
replay
IV
rogue access point
evil twin
secure network components
firewalls
static packet filtering - layer 3
application-level gateway - proxy - layer 7
stateful inspection firewalls
firewall deployment architectures
single tier
two tier
three tier
cabling,wireless,topology,communications and trasmission media technology
transmission media
coaxial cable
baseband and broadband calble
twisted pair
network topologies
ring topology
bus topology
star topology
mesh topology
wireless communications
cell phones
bluetooth
RFID
NFC
cordless phones