Please enable JavaScript.
Coggle requires JavaScript to display documents.
Module 1: Networking today, Module 16: Network Security Fundamentals,…
Module 1: Networking today
Peer-to peer Network
Device can be client and server
Advantages: Easy to setup, less complex, lower cost and used for simple tasks
Disadvantages: No centralized administration, not as secure, not scalable and slower performance
Network characteristics
Fault tolerance
Limits the impact of a failure by limiting the number of affected devices.
Scalability
Can expand quickly and easily to support new users and applications without impacting the performance of services to existing users.
Quality of service (QOS)
Audio conference > Financial transactions > Web browsing
Security
Network infrastructure security: Physical security of network devices
Information security: Protection of the info or data transmitted over the network.
Module 16: Network Security Fundamentals
AAA
Authorization, Accounting and Authentication
way to control who is permitted
to access a network (authenticate), what
actions they perform while accessing the
network (authorize), and making a record
of what was done while they are there
(accounting)
Types of malware
Worms
Computer worms are like viruses in that they replicate functional copies of themselves and can cause the same type of damage. Worms are standalone software and do not require a host program or human help to propagate.
Ways to defend them
Security patch
Keep backup
Firewall
Endpoint security
Trojan Horses
It is a harmful piece of software that looks legitimate. Unlike viruses and worms, Trojan Horses do not reproduce them by infecting other files. They self-replicate. They must spread through user interaction, such as opening an email attachment or downloading and running a file from the internet.
Viruses
propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels.
Functions of IPS
Actively monitors network traffic to detect and block malicious activities before they cause damage
Functions of firewall
Reside between 2 or more networks, control the traffic between them and help prevent unauthorized access.
Function of IDS
Monitor network traffic and system behavior for suspicious activity or policy violations.
Functions of VPN
Virtual Private Network
Module 3: Protocols and Models
Without default gateway
No communication with other networks
Protocols
Message size
Encoding between hosts must be in an appropriate format for the medium.
Delivery options
Unicast: one to one communication
Multicast: one to many, typically not all.
Broadcast: one to all
Message encoding
Process of converting info into another acceptable form for transmission.
TCP/IP Layers
Application
Transport
3.Internet
4.Network Access
OSI Layer
Application
Presentation
3, Session
Network
Transport
Data Link
Physical
Module 6: Data Link Layer
UTP
uses twisted pair to reduce crosstalk
Data Link layer
Exchanges frames over local media.
Frame check sequence
ensures data integrity using CRC
Functions of LLC subplayer
Enables IPV4 and IPV6 to utilize the same physical medium
Allows multiple Layer 3 protocols over same medium.
Module 2: Basic Switch Configuration
Must be in privilege EXEC mode
Test banner
Exit privilege EXEC mode and press enter
show startup-config displays saved config in NVRAM.
VLAN 1 with IP and up/up
Remote management possible
Ip default gateway
Enables remote management across network.
Module 8: Network Layer
Layer 3 IP address remain constant
Time to live field
Decremented by each router
Network Layer functions
Unique network ID
Packet routing
Module 14: Transport Layer
TCP
Ensures reliable delivery
Uses checksum to verify data integrity & port numbering to identify specific applications or services on a host.
UDP
Ensures fast delivery
Uses checksum to verify data integrity & port numbering to identify specific applications or services on a host.
Responsibilities
Tracking individual conversations.
Segmenting data and reassembling
Adds header information
Identify, separate and manage multiple conversations
Uses segmentation and multiplexing to enable different communication conversations to be interleaved on the same network
Frame forwarding Methods
Store-and-forward switching
drops frames that fails FCS check.
Module 7: Ethernet Switching
UTP signal degradation causes
Improper termination
Low-quality cable
Receive the entire frames and computes the CRC.
Cut through switching
Forwards the frame before it is entirely received
Do not perform any error checking on the frame
2 Variants
Fast-forwarding switching
Fragment-free switching
Module 9: Address Resolution
No ARP cache
ARP request for default gateway MAC
ARP
Broadcast request
Unicast reply
Builds MAC to IP mapping table
Module 12: IPV6 Addressing
ICMPV6 new messages
Router Advertisement
Neighbor Solicitation
IPV6 header
Hop Limit
Source Address retained
No header checksum
Neighbor Discovery
Neighbor Solicitation
Sent by a host to discover the MAC address of another host
Neighbor Advertisement
Sent in response, providing the MAC address
IPV6 unicast routing
IPV6 enabled router interfaces being sending ICMPV6 Router Advertisement messages
Layer 2 MAC address change per hop
Module 15: Application Layer
Handle protocols
HTTP
Web browser
FTP
Handled by TCP, which is reliable, connection-orientated protocols
File Transfer Protocol
Allow for data transfers between a client and a server.
DHCP
Handled by UDP, which is lightweight, connectionless protocols
Automates the assignment of IPV4 addresses, subnet mask, gateways and other IPV4 networking parameters
TFTP
DNS
Domain Name Service
Domain names were created to convert the numeric IP addresses into a simple, recognizable name
Contain name, address and type of record which are A - An end device IPV4 Address, NS-Authoritative name server, AAA- An end device IPV6 address, MX-An mail exchange record
DNS uses a hierarchical system to create a database to provide name resolution
SMTP
Used to send email
Module 17: Build a small network
Accessing traffic flow and type
Capturing during peak times ensures visibility into real world usage patterns
Capturing across different segments helps identify localized issues and traffic distribution.
Module 10: Basic Router configuration
SSH Setup
Configure domain name
Generate RSA keys
Enable SSH on vty lines