374 exam 1 chap 10
Border router
A border router is subject to direct attack from an outside source. When you configure any router, you should determine whether it is the only point of defense or if it is one part of a multilayered defense. Of course, a multilayered defense is far better and more secure. The lone defense router can protect internal resources but is subject to attack itself.
Internal router
An internal router can also provide enhanced features to your internal networks. Internal routers can help keep subnet traffic separate. They can keep traffic out of a subnet and keep traffic in a subnet. For example, an internal router that sits between the network of an organization's research department network and the network for the rest of the organization can keep the two networks separate. These routers can keep confidential traffic inside the research department. They can also keep nonresearch traffic from crossing over into the research network from the organization's other networks.
Presentation layer of the OSI model
Data format; encryption This layer is responsible for the coding of data. The Presentation Layer includes file formats and character representations. From a security perspective, encryption generally takes place at the Presentation Layer.
HUBs
LAN devices: contain a number of plugs or ports where you can connect Ethernet cables for different network systems when they hub receive packets they automatically retransmit those packets to all the other ports . (this causes every system connected to the hub can hear everything that every other system communicates on the network) - which causes alot of network congestion by retransmitting everything it hears. and reduces the speed of the network for everyone using it
Session layer of the OSI model
Process to Process communication. This layer is responsible for maintaining communication sessions between computers. The Session Layer creates, maintains, and disconnects communications that take place between processes over the network.
physical layer of the OSI reference Model
This layer is responsible for the physical operation of the network. The Physical Layer must translate the binary ones and zeros of computer language into the language of the transport medium. In the case of copper network cables, it must translate computer data into electrical pulses. In the case of fiber optics, it must translate the data into bursts of light.
data link layer of the OSI model
This layer is responsible for transmitting information on computers connected to the same local area network (LAN). The Data Link Layer uses Media Access Control (MAC) addresses. Device manufacturers assign each hardware device a unique MAC address.
application level of the OSI model
User Interface This layer is responsible for interacting with end users. The Application Layer includes all programs on a computer that interact with the network. For example, your email software is included, since it must transmit and receive messages over the network. A simple game like Solitaire doesn't fit here because it does not require the network in order to operate.
order of the OSI reference model
application - layer 7 presentation session transport network data link physical -layer 1
IPv 6 addresses
are 128 buts long can provide more unique device addresses than the older stanard, it is more secure nut less common
IPv4 address
are four-byte (32-bit) addresses that uniquely identify every device on the network. with all the new number of network devices during the end of the last century it was clear that IPV4 did not allow for unique address for each device more common ip address technique in used today
switchs
better then a hub a switch performs the same basic function as a hub. connects to multiple systems to network. However they are smarter they know the mac address of the system connected to each port and will only send the packet only to the port where the destination resides. they are inexpensive and perform better than hubs. should used these
wide area network
connect system over a large geographic area the internet is an open network cant guarantee privacy consider the security issues surrounding the use of an open network develop your own private WAN
Ethernet Network
defines the way that computers communicate on the network governs how physical and data link layers defines how computer use MAC address to communicate with each other on the network become the most common LAN technology
transport layer of the OSI model
end to end communication This layer is responsible for breaking data into packets and properly transmitting it over the network. Flow control and error checking take place at the Transport Layer.
Dynamic Host Configuration Protocol
is within a network to simplify the configuration of each users computer. Provides a computer with an IPv4 address subnet mask and other essential communication information, simplies the network admin jobs
Network port
just a number that tells a receiving device where to send message it receives
Internet Control message Protocol
management and control protocol for IP delivers messages between hosts about the health of the network icmp tools: -ping sends a single packer to a target IP address - traceroute uses ICMP echo to request packers to identify the path that packets travel through a network want to block these request that are coming from outside of the network
local area network
provide network connectivity for computers located in the same geographic area. system on the same LAN do not protect themselves from each other good security is important
Network Security Risk - Reconnaissance
reconnaissance: is gathering information about a network for use in a future attack.- what are the ip addresses used on the network types of firewalls remote access procedure operating system of computers on the network weaknesses in network system
network layer of the OSI model
routing data logical addressing; WAN delivery This layer is responsible for the logical implementation of the network. One very important feature of the Network Layer, covered later in this chapter, is logical addressing. In TCP/ IP networking, logical addressing takes the familiar form of IP addresses.
packets
send data between networked computers an email will have 1,000s of packets packets are using broken up and encrypted and sent through the network and then when they reach point of destination they de encrypt and reassemble
TCP/IP
website use different languages TCP/IP is a set of rules that govern the format of messages that computer exchange. how networks interact with others to deliver data across the network -Governs all activity across the Internet and through most corporate and home networks -Developed by the Department of defense developed to provide a highly reliable and fault-tolerant network infrastructure (because when the internet first came out there was no focus on security )