Four architectural layers of the TCP/IP Suite
Application (HTTP/SMTP), Host to Host (TCP/UDP), Internet (IP), Network Access (Network Topology)
TCP/IP Application Layer
Is the highest layer of the suite. Allows applications to access services or protocols to exchange data.
(Hypertext Transfer Protocol (HTTP), HTTP Secure (HTTPS), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Telnet, Domain Name System (DNS), Routing Information Protocol (RIP), Simple Network Management Protocol (SNMP), Post Office Protocol (POP))
HTTP (Hypertext Transfer Protocol)
The protocol used for communication between a
web server and a web browser.
SMTP (Simple Network Management Protocol)
The management protocol created for
sending information about the health of the network-to-network management consoles.
TCP/IP Host-to-Host or Transport layer
Provides the Application layer with session and datagram communications services. The TCP and UDP operate at this level.
This connection-oriented protocol breaks a large message into smaller segments, assigns a sequence number to each segment, and puts them back in order
This connectionless protocol divides packets into datagrams, given numbers, sends the packets, and puts them back together at the receiving end.
TCP / IP Internet Layer
TCP / IP layer that is responsible for routing, IP addressing, and packaging
(The four standard protocols of this layer are: Internet Protocol (IP), Address Resolution Protocol (ARP), Internet Control Message Protocol (ICMP), and Internet Group Management Protocol (IGMP))
IP (Internet Protocol)
The protocol in the TCP/IP suite responsible for network addressing.
TCP / IP Network Access Layer
This layer is responsible for placing and removing packets on the physical network through communications with the network adapters in the host.
The dominant version of the Internet protocol (IP) today; addresses are 32 bits long
A version of the Internet protocol (IP) designed to replace IPv4; currently has not replaced IPv4; supports 128-bit addresses and includes mandatory IPSec security
Allows a transport protocol to be sent across the network and utilized by the equivalent service or protocol at the receiving host (During the encapsulation process, header information is added as emails move down the layers)
Special addresses that allow communication between hosts; a ____ number is added from the originator, indicating which ____ to communicate with on a server
FTP Port Number
TCP 20 Data
TCP 21 Control
SSH and SCP Port Number
TCP & UDP 22
Telnet Port Number
SMTP Port Number
TCP & UDP 25
TACACS Authentication Service Port Number
TCP & UDP 49
HTTP Port Number
TCP & UDP 80
POP3 Port Number
SFTP Port Number
NNTP Port Number
NetBIOS Port Number
TCP & UDP137-139
IMAP Port Number
LDAP Port Number
TCP & UDP 389
HTTPS Port Number
FTPS Port Number
TCP & UDP 989 Data
TCP & UDP 990 Control
DNS Name Queries Port Number
Trivial File Transfer Protocol (TFTP) Port Number
IMAP Port Number
1) Client sends SYN-synchronization packet requesting a connection with server
2) Web server responds with SYN-ACK-synchronization acknowledgement packet
3) Client responds with its own ACK.
Four Security Topology Areas of Concern
Design goals, Security Zones, Technologies, Business Requirements
Assurance that data remains private and no one sees it except for those expected to see it.
A quality that provides a level of confidence that data won't be jeopardized and will be kept secret.
The ability of a resource to be accessed, often expressed as a time period. Many networks limit users' ability to access network resources to working hours, as a security precaution.
Being responsible for an item. The administrator is often accountable for the network and the resources on it.
The four most common security zones
Internet, Intranet, Extranet, Demiliterized Zone (DMZ)
A global network made up of a large number of individual networks that are interconnected and use TCP/IP.
Private networks implemented and maintained by an individual company or organization
An extension of Intranets that allows connection to outside partners via a private network or a connection using a secure communications channel across the Internet.
Demilitarized Zone (DMZ)
A separate network that sits outside the secure network perimeter, often used to provide "outside services" such as Web service and e-mail.
Allows a single physical machine (host) to run multiple virtual machines (guest) operating systems. Each virtual machine appears self-contained with a separate physical systems.
Virtual LAN (VLAN)
Local area network (LAN) that allows users on different switch ports to participate in their own network separate from, but still connected to, the other stations on the same or a connected switch.
Network Address Translation / IP Proxy
A server that acts as a go-between for clients accessing the Internet. All communications look as if they originated from a proxy server because the IP address of the user making a request is hidden.
A virtual dedicated connection between two systems or networks, created by encapsulating the data in a mutually agreed-upon protocol for transmission
Computer software and hardware that can perform functions usually associated with a telephone.
A combination of hardware and software that protects a network from attack by hackers who could gain access through public networks, including the Internet.
A firewall technology that accepts or rejects packets based on their content.
A proxy server that also acts as a firewall, blocking network access from external networks.
Stateful Packet Filtering
A firewall technology that keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.
Simple devices that connect network components, sending a packet of data to all other connected devices
A hardware device that connects digital signals from a computer to an analog telephone line
Remote Access Services (RAS)
Any server service that offers the ability to connect remote systems
An intelligent connecting device that examines each packet of data it receives and then decides which way to send it onward toward its destination
Filter and forward data between nodes; Are similar to routers but work within a single network
A hardware or software solution associated with a device that splits the traffic intended for a website into individual request that are then rotated to redundant servers as they become available
Systems used in transmitting messages over a distance electronically
A device that automatically connects an organization's telephones and computing devices for data communications
Virtual Private Network (VPN)
Private data network that creates secure connections or tunnels over regular internet lines
Web Security Gateway
A device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site).
Software that identifies unsolicited and unwanted e-mail messages and blocks them form the recipient's Inbox
A full-duplex line protocol that supersedes Serial Line Internet Protocol (SLIP). It's part of the standard TCP/IP suite and is often used in dial-up connections.
Point-to-Point Tunneling protocol
An extension to Point-to-Point Protocol (PPP)
that is used in virtual private networks (VPNs). An alternative to this protocol is L2TP.
Layer 2 Forwarding (L2F)
A protocol created by Cisco as a method of creating tunnels primarily for dial-up connections; it shouldn't be ued over WANS, as it provides authentication, but doesn't provide encryption.
Layer 2 Tunneling Protocol (L2TP)
A tunneling protocol that adds functionality to the Point-to-Point Protocol (PPP). This protocol was created by Microsoft and Cisco and is often used with virtual private networks (VPNs).
Secure Shell (SSH)
A replacement for rlogin in Unix/Linux that includes security. rlogin allowed one host to establish a connection with another with no real security being employed; SSH replaces it with slogin and digital certificates.
Internet Protocol Security (IPSec)
A set of protocols that enable encryption, authentication, and integrity over IP. IPSec is commonly used with virtual private networks (VPNs) and operates at Layer 3.
Which of the following devices is the most capable of providing infrastructure security?
Upper management has decreed that a firewall must be put in place immediately, before
your site suffers an attack similar to one that struck a sister company. Responding to this
order, your boss instructs you to implement a packet filter by the end of the week. A packet
filter performs which function?
A. Prevents unauthorized packets from entering the network
B. Allows all packets to leave the network
C. Allows all packets to enter the network
D. Eliminates collisions in the network
Which device stores information about destinations in a network?
As more and more clients have been added to your network, the efficiency of the network
has decreased significantly. You're preparing a budget for next year, and you specifically
want to address this problem. Which of the following devices acts primarily as a tool to
improve network efficiency?
Which device is used to connect voice, data, pagers, networks, and almost any other con-
ceivable application into a single telecommunications system?
Most of the sales force have been told that they should no longer report to the office on a
daily basis. From now on, they're to spend the majority of their time on the road calling on
customers. Each member of the sales force has been issued a laptop computer and told to
connect to the network nightly through a dial-up connection. Which of the following pro-
tocols is widely used today as a transport protocol for Internet dial-up connections?
Which protocol is unsuitable for WAN VPN connections?
You've been given notice that you'll soon be transferred to another site. Before you leave, you're to audit the network and document everything in use and the reason why it's in use. The next administrator will use this documentation to keep the network running. Which of the following protocols isn't a tunneling protocol but is probably used at your site by tunneling protocols for network security?
A socket is a combination of which components?
A. TCP and port number
B. UDP and port number
C. IP and session number
D. IP and port number
You're explaining protocols to a junior administrator shortly before you leave for vacation. The topic of Internet mail applications comes up, and you explain how communications are done now as well as how you expect them to be done in the future. Which of the following
protocols is becoming the newest standard for Internet mail applications?
Which protocol is primarily used for network maintenance and destination information?
You're the administrator for Mercury Technical. A check of protocols in use on your server
brings up one that you weren't aware was in use; you suspect that someone in HR is using it
to send messages to multiple recipients. Which of the following protocols is used for group
messages or multicast messaging?
IPv6, in addition to having more bits allocated for each host address, also has mandatory
requirements built in for which security protocol?
Which ports are, by default, reserved for use by FTP? (Choose all that apply.)
A. 20 and 21 TCP
B. 20 and 21 UDP
C. 22 and 23 TCP
D. 22 and 23 UDP
Which of the following services use only TCP ports and not UDP? (Choose all that apply.)
Which of the following can be implemented as a software or hardware solution and is usu-
ally associated with a device—a router, a firewall, NAT, and so on—and used to shift a
load from one device to another?
C. Load balancer
Which of the following are multiport devices that improve network efficiency?
Which service(s), by default, use TCP and UDP port 22? (Choose all that apply.)
What protocol, running on top of TCP/IP, is often used for name registration and resolu-
tion with Windows-based clients?
20. How many bits
How many bits are used for addressing with IPv4 and IPv6, respectively?
A. 32, 128
B. 16, 64
C. 8, 32
D. 4, 16