SlideShare uma empresa Scribd logo

CISSP - Chapter 4 - Network Fundamental

Transferir como PPTX, PDF
K
Karthikeyan Dhayalan

CISSP Chapter 4 - Network fundamentals - OSI

Educação
1 de 43
Communications and Network Security
Basics • Telecommunications • Electromagnetic transmission of data across systems • Protocol • A standard set of rules that determine how system communicate with each other • Open Network Architecture • No one ones, not proprietary, can easily integrate various technologies and vendor implementations • Closed Network Architecture • Proprietary, owned by a specific company, not integrated with other vendors
OSI Layer • The primary Architectural model for inter-computer communications • Describes how information or data makes its way from application programs (such as spreadsheets) through a network medium (such as wire) to another application programs located on another network • OSI is a layered architecture • Layer architecture simplifies the network design • Easy to debug network applications • Network management is easier
OSI Model : Layered Architecture • The process of breaking up the functions or tasks of networking into layers reduces complexity. • Each layer provides a service to the layer above/below it in the protocol specification. • Each layer communicates with the same layer’s software or hardware on other computers. • The lower 4 layers (transport, network, data link and physical —Layers 4, 3, 2, and 1) are concerned with the flow of data from end to end through the network. • The upper 3 layers of the OSI model (application, presentation and session—Layers 7, 6 and 5) are orientated more toward services to the applications. • Data is Encapsulated with the necessary protocol information as it moves down the layers before network transit.
Data Encapsulation in a layered architecture Machine A Server B 7-Application http 7-Application http 6-Presentation unicode 6-Presentation unicode 5-Session security 5-Session security 4-Transport tcp 4-Transport tcp 3-Network ip 3-Network ip 2-Data link ethernet 2-Data link ethernet 1-Physical Bit stream 100100010101010010100 1-Physical Bit stream 100100010101010010100 User data A User data P A User data S P A User data T S P A User data N T S P A User data D N T S P A User data D N T S P A User data N T S P A User data T S P A User data S P A User data P A User data A User data
OSI Layers
Application Layer  The application layer is responsible for providing services to the user  It is at this point that the data is in a visual form a user can truly understand, rather than binary zeroes and ones  Does not include applications, rather only protocols that support the applications  Deals with properly processing and formatting the data before it moves to the layer below  This layer interfaces with the operating system and other applications and communicates data between files, messages, and other network activities.  Handles file transfer, virtual terminals, network management, and fulfilling network requests of applications.  Examples are: telnet, FTP, Web Browsers, Email, DNS
Presentation Layer • Responsible for defining how information is presented to the user in the interface (application layer) that they are using. • This layer provides a common means of representing data • It is not concerned with the meaning of the data but with the syntax and format of the data • Functions • Protocol conversion • Data translation • Compression • Encryption • Character set conversion • No protocols work in this layer • Example: ASCII, BMP, GIF, JPEG, WAV, AVI, and MPEG
Session Layer • The session layer is responsible for establishing, maintaining, synchronizing and terminating connections between two applications • Session layer provides mechanism for controlling the dialogue between the two end systems – Dialogue Management • This layer requests for a logical connection to be established on an end-user’s request • This layer provides services like dialogue discipline which can be full duplex, half duplex or simplex • This layer provides interprocess communication channels • Protocols that work at this layer • PAP, PPTP, NetBIOS, RPC • They are the least used protocols in network environments • Dangerous to have these protocols exposed to external networks
Transport Layer • Provides end-to-end data transport services and establishes the logical connection between two computers • Ensures that the data units are delivered error free. • Ensures that data units are delivered in sequence. • Ensures that there is no loss or duplication of data units. • Provides connectionless or connection oriented service. • Provides for the connection management. • Protocols at this layer: TCP,UDP, AH, SPX
Network Layer • Implements routing of frames (packets) through the network. • Defines the most optimum path the packet should take from the source to the destination • Defines logical addressing so that any endpoint can be identified. • Handles congestion in the network. • The network layer also defines how to fragment a packet into smaller packets to accommodate different media • Protocols that work at this layer: IP, ICMP, OSPF, RIP, IGMP
Data Link Layer • Organizes data bits into frames • The data link layer defines hardware (physical or MAC) addresses as well as the communication process that occurs within a media type. • LLC is responsible for handling multiple Layer3 protocols and link services like reliability flow control and error control • MAC is responsible for framing and media access control for broadcast media • Protocols that work at this layer: PPP, ATM, Ethernet, FDDI, L2TP
Physical Layer • Provides physical interface for transmission of information • Defines rules by which bits are passed from one system to another on a physical communication medium • Type of signaling such as analog or digital • Electrical or optical characteristics of signal • Asynchronous, synchronous, simplex, full or half duplex • Data rate such as 10, 100, or gigabit • Topology such as star, bus, ring • ISDN, DSL, SONET are some of the standard interfaces at this layer
Multilayer Protocols • Distributed Network Protocol 3 • Communications protocol specifically used for SCADA Systems • Does not incorporate routing functionality • Controller Area Network Bus • Protocol designed to allow microcontrollers and other embedded devices to communicate each other on a shared bus • Robust in noisy environments • All devices on the network receive every bit of information sent on the BUS • Cost Effective
TCP/IP Model
TCP • Connection oriented • Explicit set-up and tear-down of TCP session • Stream-of-bytes service • Sends and receives a stream of bytes, not messages • Reliable, in-order delivery • Checksums to detect corrupted data • Acknowledgments & retransmissions for reliable delivery • Sequence numbers to detect losses and reorder data • Flow control • Prevent overflow of the receiver’s buffer space • Congestion control • Adapt to network congestion for the greater good
Establishing a TCP Connection • Three-way handshake to establish connection • Host A sends a SYN (open) to the host B • Host B returns a SYN acknowledgment (SYN ACK) • Host A sends an ACK to acknowledge the SYN ACK A B
TCP UDP Acronym forTransmission Control Protocol User Datagram Protocol or Universal Datagram Protocol ConnectionTCP is a connection-oriented protocol. UDP is a connectionless protocol. UsageTCP is suited for applications that require high reliability, and transmission time is relatively less critical. UDP is suitable for applications that need fast, efficient transmission, such as games. UDP's stateless nature is also useful for servers that answer small queries from huge numbers of clients. Use by other protocolsHTTP, HTTPs, FTP, SMTP, Telnet DNS, DHCP, TFTP, SNMP, RIP, VOIP. Ordering of data packetsTCP rearranges data packets in the order specified. UDP has no inherent order as all packets are independent of each other. If ordering is required, it has to be managed by the application layer. Speed of transferThe speed for TCP is slower than UDP. UDP is faster because error recovery is not attempted. It is a "best effort" protocol. ReliabilityThere is absolute guarantee that the data transferred remains intact and arrives in the same order in which it was sent. There is no guarantee that the messages or packets sent would reach at all. Header SizeTCP header size is 20 bytes UDP Header size is 8 bytes. Streaming of dataData is read as a byte stream, no distinguishing indications are transmitted to signal message (segment) boundaries. Packets are sent individually and are checked for integrity only if they arrive. Packets have definite boundaries which are honored upon receipt, meaning a read operation at the receiver socket will yield an entire message as it was originally sent. WeightTCP is heavy-weight. TCP requires three packets to set up a socket connection, before any user data can be sent. TCP handles reliability and congestion control. UDP is lightweight. There is no ordering of messages, no tracking connections, etc. It is a small transport layer designed on top of IP. Data Flow ControlTCP does Flow Control. TCP requires three packets to set up a socket connection, before any user data can be sent. TCP handles reliability and congestion control. UDP does not have an option for flow control Error CheckingTCP does error checking and error recovery. Erroneous packets are retransmitted from the source to the destination. UDP does error checking but simply discards erroneous packets. Error recovery is not attempted. AcknowledgementAcknowledgement segments No Acknowledgment HandshakeSYN, SYN-ACK, ACK No handshake (connectionless protocol)
IPV4 Address • An IPv4 address is 32 bits long • Each address has a network portion and host portion • Addresses are grouped into classes and then into subnets • Provides addressing, packet fragmentation, timeouts, TTL, Type of Service capabilities • The process of dividing a network into smaller network sections is called subnetting
CIDR • Classless Inter Domain Routing provides flexibility to increase or decrease the class sizes as necessary • CIDR is also referred to as supernetting • It is a system of defining the network part of an IP address • It allows a way to break IP networks down more flexibly than their base class • CIDR was defined to allow variable length subnet masks (VLSM) to be applied to networks. The basic premise of VLSM is to provide the count of the number of network bits in a network.
IPV6 • Increases the address space than currently by IPV4 • IPv6 allows scoped addresses, end-to-end secure transmission and authentication • Has more flexibility and routing capabilities and allows for QoS • Allows auto configuration and auto tunneling • Routing infrastructure automatically determines the tunnel endpoints so that protocol tunneling takes place without pre-configuration
IPv6 IPv4 IP address size 128 bit IP address size 32 bit Scalability of multi-cast routing is improved by adding a scope field to multicast address No such option Anycast address – used to send a packet to any one of a group of nodes No such option Extensions to support authentication, data integrity, data confidentiality No support
Scoped Address http://www.tcpipguide.com/free/t_IPv6MulticastandAnycastAddressing-2.htm The scope allows routers to immediately determine how broadly they should propagate multicast datagrams, to improve efficiency and eliminate problems with traffic being sent outside the area for which it is intended
Tunneling Methods • 6to4 Tunneling Method • A system that allows IPv6 packets to be transmitted over an IPv4 network without the need to configure explicit tunnels. • 6to4 is simply a transparent mechanism used as a transport layer between IPv6 nodes • 6to4 does not facilitate interoperation between IPv4-only hosts and IPv6-only hosts • 6to4 performs three functions: • Assigns a block of IPv6 address space to any host or network that has a global IPv4 address. • Encapsulates IPv6 packets inside IPv4 packets for transmission over an IPv4 network using 6in4. • Routes traffic between 6to4 and "native" IPv6 networks.
• Teredo tunneling • Teredo is a built-in mechanism in Windows systems that is used to give a single system behind an IPv4 NAT access to IPv6 • Uses UDP encapsulation • It is not very reliable, but Teredo is only used when explicitly connecting to an IPv6 address • Like 6to4 it uses public relays
• ISATAP • managed technology for providing IPv6 on an IPv4 network • It emulates IPv6 connectivity on the IPv4 infrastructure. • Treats the IPv4 network as virtual IPv6 local links, with mappings from each IPv4 address to a link-local IPv6 address • ISATAP is an intrasite mechanism • Used for connectivity within a same network
Layer 2 Security Standards • IEEE MAC Security Standard – 802.1AE • Defines security infrastructure to provide data confidentiality, data integrity, and data origin authentication. • MACsec provides hop-by-hop protection at layer 2 • Integrates security protection into wired Ethernet networks • IEEE 802.1AR Standard • Specifies unique per device identifier and management/cryptographic binding of a device to its identifier • Allows trustworthiness of devices and facilities secure device provisioning • These unique hardware based credential identifiers can be used in EAP-TLS • IEEE 802.1AF – Carries out key agreement functions for the session keys used for data encryption.
Converged protocols • Fiber channel over Ethernet (FCoE) • Protocol encapsulation that allows Fiber channel frames to ride over Ethernet networks • Currently used in some SAN environments, otherwise not commonly used • Multiprotocol labeling Switching (MPLS) • It has elements of both layer 2 and layer 3 • It can encapsulate any higher level protocol and tunnel it over a variety of links • iSCSI • Encapsulates SCSI data in TCP segment • This gives the ability of the peripheral device to appear as local though they may be not physically closer to the local computer.
Transmission Types Analog Digital Data is represented in Wave values Data is represented in discrete voltage values Not reliable over long distance due to distortion More reliable over long distance Difficult to extract analog signals from background noise Provides efficient and clear cut signaling method Could have infinite number of values or states Is a Square wave that exists in discrete states Can implement data compression to increase data throughput; provide signal integrity through repeaters and multiplex different type of data onto same transmission channel
Asynchronous Synchronous Start and stop bits are used for communication Synchronization happens over timing sequence, which is initiated by a clock pulse ATM protocol uses start stop bits Data link protocol HDLC uses clock pulse Transfers as frames per start and stop bit Transfer data in a stream of bits Parity bit used for error control Robust error-checking, CRC Each byte requires 3 bits of transmission (start, stop, parity) Minimal overhead compared to Asynchronous Environments that send data in a non-predictable manner have protocols that use asynchronous timing mechanisms Used for high-speed high-volume transactions
Broadband Baseband Divides the communication channel into independent sub-channel Uses the entire communication channel for transmission Carriers different signals over different sub channel Permits only one signal to transmit at a time • Bandwidth: • Number of electrical pulses that can be carried over a link within a second • Data transfer capability of a connection • Commonly associated with the amount of available frequencies and speed of a link • Data throughput: • Actual amount of data that can be carried over the connection • Data throughput values can be higher than bandwidth if compression is used.
Common network cable types • Coaxial cable • Unshielded twisted pair • Fiber optic
Why copper? Copper has several important properties which make it well suited for electronic cabling: • Conductivity — Copper is an excellent conductor of electric current and heat. • Corrosion Resistance — Copper will not rust and is fairly resistant to corrosion. • Ductility — Copper possesses the ability to be drawn into thin wires without breaking. • Malleability — Pure copper is easy to shape. • Strength — Copper keeps its strength and toughness up to about 400 °F.
Copper Cable Components Regardless of the construction, most cables contain certain common elements. These are: • A sheath or jacket for protection. • Insulation to prevent short circuits between the individual conductors. • Spacers to preserve the electrical properties of the cable.
Cable Insulation Insulation is a high resistance material that is coated on the conductor to resist the flow of current between conductors in the cable. There are three primary categories of insulators: • Thermoplastics - Polyvinylchloride (PVC), Polyethylene, Polypropylene. These are widely used and resist most sunlight, ozone, oil, and solvents. • Fluoropolymers - Teflon. These are used for high temperature applications. Used in Plenum areas. • Elastomers - These are rubber like and return to shape after tension is released.
Plenum • Cable type codes are important because cables often run in ventilation system return spaces above ceilings or below floors. • Such spaces, called plenums, must not quickly fill with toxic gasses should a small fire break out because the air conditioning system will spread the poisonous fumes to other areas of the building. • Plenum-rated cables have jackets made of materials that are slow burning and do not emit toxious fumes.
Coaxial Copper Cable • Coaxial cable consists of a copper center conductor, either stranded or solid, which is wrapped in insulation and covered with one or more layers of braid and foil. • More resistant to EMI, provides higher bandwidth, supports longer cable length than twisted pairs • Used as transmission line for Radio frequency signals
Twisted Pair Copper Cable • Twisted-pair cabling consists of pairs of insulated copper wires that are twisted together and then housed in a protective sheath. • The twisting of each pair of wires provides a cancellation effect that helps neutralize noise and null out interference. • The tighter the twisting, the more resistant the cable is to interference and attenuation • The result is that in twisted-pairs, interference such as EMI and RFI tends to be canceled out.
Unshielded Twisted-Pair (UTP) Cable / STP • This type of cable relies solely on the cancellation effect, produced by the twisted wire pairs, to limit signal degradation caused by EMI (Electromagnetic Interference) and RFI (Radio Frequency Interference). • UTP cable is used in a variety of networks. It can come with many different numbers of pairs inside the jacket. • It is the least secure networking cable compared to coaxial and fiber • STP is more expensive than UTP due to the extra shielding. • STP is less flexible than UTP because of the shielding and is more difficult to install.
Fiber-optic cable • Carries data over glass as light waves • The glass core is surrounded by protective casing which is enclosed inside an outer jacket • It has higher transmission speeds that allow signals to travel over longer distance • It is much more secure than UTP/Coaxial • Single mode: • Small glass core; can transfer data over long distance; less susceptible to attenuation • Multimode: • Large glass core; can transfer more data, but only to shorter distance
Cabling Problems • Noise • Caused by surrounding devices or characteristics of the wiring • Eg: motors; computers, fluorescent light, microwave oven • Attenuation • Loss of signal strength as it travels • Attenuation increases with higher frequencies • Can also be caused by cable breaks and malfunctions • Cross talk • Occurs when electrical signals spill over the wires • UTP is more vulnerable than STP
Karthikeyan Dhayalan MD & Chief Security Partner www.cyintegriti.com

Recomendados

CISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsCISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranets
Karthikeyan Dhayalan
 
CISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureCISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU Architecture
Karthikeyan Dhayalan
 
Chapter 1 Security Framework
Chapter 1 Security FrameworkChapter 1 Security Framework
Chapter 1 Security Framework
Karthikeyan Dhayalan
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
Karthikeyan Dhayalan
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development Security
Karthikeyan Dhayalan
 
CISSP - Chapter 4 - Network Topology
CISSP - Chapter 4 - Network TopologyCISSP - Chapter 4 - Network Topology
CISSP - Chapter 4 - Network Topology
Karthikeyan Dhayalan
 
CISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical securityCISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical security
Karthikeyan Dhayalan
 
CISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityCISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset Security
Karthikeyan Dhayalan
 

Recomendados

CISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsCISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranets
Karthikeyan Dhayalan
 
CISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureCISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU Architecture
Karthikeyan Dhayalan
 
Chapter 1 Security Framework
Chapter 1 Security FrameworkChapter 1 Security Framework
Chapter 1 Security Framework
Karthikeyan Dhayalan
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
Karthikeyan Dhayalan
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development Security
Karthikeyan Dhayalan
 
CISSP - Chapter 4 - Network Topology
CISSP - Chapter 4 - Network TopologyCISSP - Chapter 4 - Network Topology
CISSP - Chapter 4 - Network Topology
Karthikeyan Dhayalan
 
CISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical securityCISSP - Chapter 3 - Physical security
CISSP - Chapter 3 - Physical security
Karthikeyan Dhayalan
 
CISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset SecurityCISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset Security
Karthikeyan Dhayalan
 
CISSP Chapter 1 BCP
CISSP Chapter 1 BCPCISSP Chapter 1 BCP
CISSP Chapter 1 BCP
Karthikeyan Dhayalan
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architecture
Karthikeyan Dhayalan
 
CISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and TestingCISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and Testing
Sam Bowne
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk Management
Sam Bowne
 
CISSP - Security Assessment
CISSP - Security AssessmentCISSP - Security Assessment
CISSP - Security Assessment
Karthikeyan Dhayalan
 
Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2
infosecedu
 
Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & Ethics
Karthikeyan Dhayalan
 
CNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management HandbookCNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management Handbook
Sam Bowne
 
CISSP Prep: Ch 8. Security Operations
CISSP Prep: Ch 8. Security OperationsCISSP Prep: Ch 8. Security Operations
CISSP Prep: Ch 8. Security Operations
Sam Bowne
 
6. Security Assessment and Testing
6. Security Assessment and Testing6. Security Assessment and Testing
6. Security Assessment and Testing
Sam Bowne
 
CISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk ManagementCISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk Management
Karthikeyan Dhayalan
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
Sam Bowne
 
CompTIA PenTest+: Everything you need to know about the exam
CompTIA PenTest+: Everything you need to know about the examCompTIA PenTest+: Everything you need to know about the exam
CompTIA PenTest+: Everything you need to know about the exam
Infosec
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About Compliance
Dinesh O Bareja
 
4 Getting Started & 5 Leads
4 Getting Started & 5 Leads4 Getting Started & 5 Leads
4 Getting Started & 5 Leads
Sam Bowne
 
CNIT 152: 1 Real-World Incidents
CNIT 152: 1 Real-World IncidentsCNIT 152: 1 Real-World Incidents
CNIT 152: 1 Real-World Incidents
Sam Bowne
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
Wajahat Rajab
 
Incident response
Incident responseIncident response
Incident response
Anshul Gupta
 
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - CryptographyCISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
Karthikeyan Dhayalan
 
How to Prepare for the CISSP Exam
How to Prepare for the CISSP ExamHow to Prepare for the CISSP Exam
How to Prepare for the CISSP Exam
koidis
 
lecture 4.pptx
lecture 4.pptxlecture 4.pptx
lecture 4.pptx
MelkamuEndale1
 
Lecture 1 Network Reference Models Final.pptx
Lecture 1 Network Reference Models Final.pptxLecture 1 Network Reference Models Final.pptx
Lecture 1 Network Reference Models Final.pptx
Ronoh Kennedy
 

Mais conteúdo relacionado

Mais procurados

Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
Wajahat Rajab
 

Mais procurados (20)

CISSP Chapter 1 BCP
CISSP Chapter 1 BCPCISSP Chapter 1 BCP
CISSP Chapter 1 BCP
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architecture
 
CISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and TestingCISSP Prep: Ch 7. Security Assessment and Testing
CISSP Prep: Ch 7. Security Assessment and Testing
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk Management
 
CISSP - Security Assessment
CISSP - Security AssessmentCISSP - Security Assessment
CISSP - Security Assessment
 
Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2Cissp d5-cryptography v2012-mini coursev2
Cissp d5-cryptography v2012-mini coursev2
 
Chapter 1 Law & Ethics
Chapter 1 Law & EthicsChapter 1 Law & Ethics
Chapter 1 Law & Ethics
 
CNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management HandbookCNIT 121: 2 IR Management Handbook
CNIT 121: 2 IR Management Handbook
 
CISSP Prep: Ch 8. Security Operations
CISSP Prep: Ch 8. Security OperationsCISSP Prep: Ch 8. Security Operations
CISSP Prep: Ch 8. Security Operations
 
6. Security Assessment and Testing
6. Security Assessment and Testing6. Security Assessment and Testing
6. Security Assessment and Testing
 
CISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk ManagementCISSP Chapter 1 Risk Management
CISSP Chapter 1 Risk Management
 
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)CISSP Prep: Ch 5. Communication and Network Security (Part 2)
CISSP Prep: Ch 5. Communication and Network Security (Part 2)
 
CompTIA PenTest+: Everything you need to know about the exam
CompTIA PenTest+: Everything you need to know about the examCompTIA PenTest+: Everything you need to know about the exam
CompTIA PenTest+: Everything you need to know about the exam
 
Information Security It's All About Compliance
Information Security It's All About ComplianceInformation Security It's All About Compliance
Information Security It's All About Compliance
 
4 Getting Started & 5 Leads
4 Getting Started & 5 Leads4 Getting Started & 5 Leads
4 Getting Started & 5 Leads
 
CNIT 152: 1 Real-World Incidents
CNIT 152: 1 Real-World IncidentsCNIT 152: 1 Real-World Incidents
CNIT 152: 1 Real-World Incidents
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
Incident response
Incident responseIncident response
Incident response
 
CISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - CryptographyCISSP - Chapter 3 - Cryptography
CISSP - Chapter 3 - Cryptography
 
How to Prepare for the CISSP Exam
How to Prepare for the CISSP ExamHow to Prepare for the CISSP Exam
How to Prepare for the CISSP Exam
 

Semelhante a CISSP - Chapter 4 - Network Fundamental

ETE405-lec7.pdf
ETE405-lec7.pdfETE405-lec7.pdf
ETE405-lec7.pdf
mashiur
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IP
Piero Fraternali
 

Semelhante a CISSP - Chapter 4 - Network Fundamental (20)

lecture 4.pptx
lecture 4.pptxlecture 4.pptx
lecture 4.pptx
 
Lecture 1 Network Reference Models Final.pptx
Lecture 1 Network Reference Models Final.pptxLecture 1 Network Reference Models Final.pptx
Lecture 1 Network Reference Models Final.pptx
 
CCNA ppt Day 2
CCNA ppt Day 2CCNA ppt Day 2
CCNA ppt Day 2
 
nv.ppt
nv.pptnv.ppt
nv.ppt
 
presentation on TCP/IP protocols data comunications
presentation on TCP/IP protocols data comunicationspresentation on TCP/IP protocols data comunications
presentation on TCP/IP protocols data comunications
 
Module 1 slides
Module 1 slidesModule 1 slides
Module 1 slides
 
MVA slides lesson 2
MVA slides lesson 2MVA slides lesson 2
MVA slides lesson 2
 
Sargation university's open system interconnection
Sargation university's open system interconnectionSargation university's open system interconnection
Sargation university's open system interconnection
 
Unit 2 ppt-idc
Unit 2 ppt-idcUnit 2 ppt-idc
Unit 2 ppt-idc
 
TCP/IP Protocols
TCP/IP ProtocolsTCP/IP Protocols
TCP/IP Protocols
 
Cn
CnCn
Cn
 
Computer Networks- Introduction and Data Link Layer
Computer Networks- Introduction and Data Link LayerComputer Networks- Introduction and Data Link Layer
Computer Networks- Introduction and Data Link Layer
 
ETE405-lec7.pdf
ETE405-lec7.pdfETE405-lec7.pdf
ETE405-lec7.pdf
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IP
 
unit1 network model osi and tcpip.pptx
unit1 network model osi and tcpip.pptxunit1 network model osi and tcpip.pptx
unit1 network model osi and tcpip.pptx
 
Osi
OsiOsi
Osi
 
Lecture 3- tcp-ip
Lecture 3- tcp-ipLecture 3- tcp-ip
Lecture 3- tcp-ip
 
POLITEKNIK MALAYSIA
POLITEKNIK MALAYSIA POLITEKNIK MALAYSIA
POLITEKNIK MALAYSIA
 
Bhargava Presentation.ppt
Bhargava Presentation.pptBhargava Presentation.ppt
Bhargava Presentation.ppt
 
Bhargava Presentation.ppt
Bhargava Presentation.pptBhargava Presentation.ppt
Bhargava Presentation.ppt
 

Último

The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 

Último (20)

The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 

CISSP - Chapter 4 - Network Fundamental

  • 2. Basics • Telecommunications • Electromagnetic transmission of data across systems • Protocol • A standard set of rules that determine how system communicate with each other • Open Network Architecture • No one ones, not proprietary, can easily integrate various technologies and vendor implementations • Closed Network Architecture • Proprietary, owned by a specific company, not integrated with other vendors
  • 3. OSI Layer • The primary Architectural model for inter-computer communications • Describes how information or data makes its way from application programs (such as spreadsheets) through a network medium (such as wire) to another application programs located on another network • OSI is a layered architecture • Layer architecture simplifies the network design • Easy to debug network applications • Network management is easier
  • 4. OSI Model : Layered Architecture • The process of breaking up the functions or tasks of networking into layers reduces complexity. • Each layer provides a service to the layer above/below it in the protocol specification. • Each layer communicates with the same layer’s software or hardware on other computers. • The lower 4 layers (transport, network, data link and physical —Layers 4, 3, 2, and 1) are concerned with the flow of data from end to end through the network. • The upper 3 layers of the OSI model (application, presentation and session—Layers 7, 6 and 5) are orientated more toward services to the applications. • Data is Encapsulated with the necessary protocol information as it moves down the layers before network transit.
  • 5. Data Encapsulation in a layered architecture Machine A Server B 7-Application http 7-Application http 6-Presentation unicode 6-Presentation unicode 5-Session security 5-Session security 4-Transport tcp 4-Transport tcp 3-Network ip 3-Network ip 2-Data link ethernet 2-Data link ethernet 1-Physical Bit stream 100100010101010010100 1-Physical Bit stream 100100010101010010100 User data A User data P A User data S P A User data T S P A User data N T S P A User data D N T S P A User data D N T S P A User data N T S P A User data T S P A User data S P A User data P A User data A User data
  • 7. Application Layer  The application layer is responsible for providing services to the user  It is at this point that the data is in a visual form a user can truly understand, rather than binary zeroes and ones  Does not include applications, rather only protocols that support the applications  Deals with properly processing and formatting the data before it moves to the layer below  This layer interfaces with the operating system and other applications and communicates data between files, messages, and other network activities.  Handles file transfer, virtual terminals, network management, and fulfilling network requests of applications.  Examples are: telnet, FTP, Web Browsers, Email, DNS
  • 8. Presentation Layer • Responsible for defining how information is presented to the user in the interface (application layer) that they are using. • This layer provides a common means of representing data • It is not concerned with the meaning of the data but with the syntax and format of the data • Functions • Protocol conversion • Data translation • Compression • Encryption • Character set conversion • No protocols work in this layer • Example: ASCII, BMP, GIF, JPEG, WAV, AVI, and MPEG
  • 9. Session Layer • The session layer is responsible for establishing, maintaining, synchronizing and terminating connections between two applications • Session layer provides mechanism for controlling the dialogue between the two end systems – Dialogue Management • This layer requests for a logical connection to be established on an end-user’s request • This layer provides services like dialogue discipline which can be full duplex, half duplex or simplex • This layer provides interprocess communication channels • Protocols that work at this layer • PAP, PPTP, NetBIOS, RPC • They are the least used protocols in network environments • Dangerous to have these protocols exposed to external networks
  • 10. Transport Layer • Provides end-to-end data transport services and establishes the logical connection between two computers • Ensures that the data units are delivered error free. • Ensures that data units are delivered in sequence. • Ensures that there is no loss or duplication of data units. • Provides connectionless or connection oriented service. • Provides for the connection management. • Protocols at this layer: TCP,UDP, AH, SPX
  • 11. Network Layer • Implements routing of frames (packets) through the network. • Defines the most optimum path the packet should take from the source to the destination • Defines logical addressing so that any endpoint can be identified. • Handles congestion in the network. • The network layer also defines how to fragment a packet into smaller packets to accommodate different media • Protocols that work at this layer: IP, ICMP, OSPF, RIP, IGMP
  • 12. Data Link Layer • Organizes data bits into frames • The data link layer defines hardware (physical or MAC) addresses as well as the communication process that occurs within a media type. • LLC is responsible for handling multiple Layer3 protocols and link services like reliability flow control and error control • MAC is responsible for framing and media access control for broadcast media • Protocols that work at this layer: PPP, ATM, Ethernet, FDDI, L2TP
  • 13. Physical Layer • Provides physical interface for transmission of information • Defines rules by which bits are passed from one system to another on a physical communication medium • Type of signaling such as analog or digital • Electrical or optical characteristics of signal • Asynchronous, synchronous, simplex, full or half duplex • Data rate such as 10, 100, or gigabit • Topology such as star, bus, ring • ISDN, DSL, SONET are some of the standard interfaces at this layer
  • 14. Multilayer Protocols • Distributed Network Protocol 3 • Communications protocol specifically used for SCADA Systems • Does not incorporate routing functionality • Controller Area Network Bus • Protocol designed to allow microcontrollers and other embedded devices to communicate each other on a shared bus • Robust in noisy environments • All devices on the network receive every bit of information sent on the BUS • Cost Effective
  • 16. TCP • Connection oriented • Explicit set-up and tear-down of TCP session • Stream-of-bytes service • Sends and receives a stream of bytes, not messages • Reliable, in-order delivery • Checksums to detect corrupted data • Acknowledgments & retransmissions for reliable delivery • Sequence numbers to detect losses and reorder data • Flow control • Prevent overflow of the receiver’s buffer space • Congestion control • Adapt to network congestion for the greater good
  • 17. Establishing a TCP Connection • Three-way handshake to establish connection • Host A sends a SYN (open) to the host B • Host B returns a SYN acknowledgment (SYN ACK) • Host A sends an ACK to acknowledge the SYN ACK A B
  • 18. TCP UDP Acronym forTransmission Control Protocol User Datagram Protocol or Universal Datagram Protocol ConnectionTCP is a connection-oriented protocol. UDP is a connectionless protocol. UsageTCP is suited for applications that require high reliability, and transmission time is relatively less critical. UDP is suitable for applications that need fast, efficient transmission, such as games. UDP's stateless nature is also useful for servers that answer small queries from huge numbers of clients. Use by other protocolsHTTP, HTTPs, FTP, SMTP, Telnet DNS, DHCP, TFTP, SNMP, RIP, VOIP. Ordering of data packetsTCP rearranges data packets in the order specified. UDP has no inherent order as all packets are independent of each other. If ordering is required, it has to be managed by the application layer. Speed of transferThe speed for TCP is slower than UDP. UDP is faster because error recovery is not attempted. It is a "best effort" protocol. ReliabilityThere is absolute guarantee that the data transferred remains intact and arrives in the same order in which it was sent. There is no guarantee that the messages or packets sent would reach at all. Header SizeTCP header size is 20 bytes UDP Header size is 8 bytes. Streaming of dataData is read as a byte stream, no distinguishing indications are transmitted to signal message (segment) boundaries. Packets are sent individually and are checked for integrity only if they arrive. Packets have definite boundaries which are honored upon receipt, meaning a read operation at the receiver socket will yield an entire message as it was originally sent. WeightTCP is heavy-weight. TCP requires three packets to set up a socket connection, before any user data can be sent. TCP handles reliability and congestion control. UDP is lightweight. There is no ordering of messages, no tracking connections, etc. It is a small transport layer designed on top of IP. Data Flow ControlTCP does Flow Control. TCP requires three packets to set up a socket connection, before any user data can be sent. TCP handles reliability and congestion control. UDP does not have an option for flow control Error CheckingTCP does error checking and error recovery. Erroneous packets are retransmitted from the source to the destination. UDP does error checking but simply discards erroneous packets. Error recovery is not attempted. AcknowledgementAcknowledgement segments No Acknowledgment HandshakeSYN, SYN-ACK, ACK No handshake (connectionless protocol)
  • 19. IPV4 Address • An IPv4 address is 32 bits long • Each address has a network portion and host portion • Addresses are grouped into classes and then into subnets • Provides addressing, packet fragmentation, timeouts, TTL, Type of Service capabilities • The process of dividing a network into smaller network sections is called subnetting
  • 20. CIDR • Classless Inter Domain Routing provides flexibility to increase or decrease the class sizes as necessary • CIDR is also referred to as supernetting • It is a system of defining the network part of an IP address • It allows a way to break IP networks down more flexibly than their base class • CIDR was defined to allow variable length subnet masks (VLSM) to be applied to networks. The basic premise of VLSM is to provide the count of the number of network bits in a network.
  • 21. IPV6 • Increases the address space than currently by IPV4 • IPv6 allows scoped addresses, end-to-end secure transmission and authentication • Has more flexibility and routing capabilities and allows for QoS • Allows auto configuration and auto tunneling • Routing infrastructure automatically determines the tunnel endpoints so that protocol tunneling takes place without pre-configuration
  • 22. IPv6 IPv4 IP address size 128 bit IP address size 32 bit Scalability of multi-cast routing is improved by adding a scope field to multicast address No such option Anycast address – used to send a packet to any one of a group of nodes No such option Extensions to support authentication, data integrity, data confidentiality No support
  • 23. Scoped Address http://www.tcpipguide.com/free/t_IPv6MulticastandAnycastAddressing-2.htm The scope allows routers to immediately determine how broadly they should propagate multicast datagrams, to improve efficiency and eliminate problems with traffic being sent outside the area for which it is intended
  • 24. Tunneling Methods • 6to4 Tunneling Method • A system that allows IPv6 packets to be transmitted over an IPv4 network without the need to configure explicit tunnels. • 6to4 is simply a transparent mechanism used as a transport layer between IPv6 nodes • 6to4 does not facilitate interoperation between IPv4-only hosts and IPv6-only hosts • 6to4 performs three functions: • Assigns a block of IPv6 address space to any host or network that has a global IPv4 address. • Encapsulates IPv6 packets inside IPv4 packets for transmission over an IPv4 network using 6in4. • Routes traffic between 6to4 and "native" IPv6 networks.
  • 25. • Teredo tunneling • Teredo is a built-in mechanism in Windows systems that is used to give a single system behind an IPv4 NAT access to IPv6 • Uses UDP encapsulation • It is not very reliable, but Teredo is only used when explicitly connecting to an IPv6 address • Like 6to4 it uses public relays
  • 26. • ISATAP • managed technology for providing IPv6 on an IPv4 network • It emulates IPv6 connectivity on the IPv4 infrastructure. • Treats the IPv4 network as virtual IPv6 local links, with mappings from each IPv4 address to a link-local IPv6 address • ISATAP is an intrasite mechanism • Used for connectivity within a same network
  • 27. Layer 2 Security Standards • IEEE MAC Security Standard – 802.1AE • Defines security infrastructure to provide data confidentiality, data integrity, and data origin authentication. • MACsec provides hop-by-hop protection at layer 2 • Integrates security protection into wired Ethernet networks • IEEE 802.1AR Standard • Specifies unique per device identifier and management/cryptographic binding of a device to its identifier • Allows trustworthiness of devices and facilities secure device provisioning • These unique hardware based credential identifiers can be used in EAP-TLS • IEEE 802.1AF – Carries out key agreement functions for the session keys used for data encryption.
  • 28. Converged protocols • Fiber channel over Ethernet (FCoE) • Protocol encapsulation that allows Fiber channel frames to ride over Ethernet networks • Currently used in some SAN environments, otherwise not commonly used • Multiprotocol labeling Switching (MPLS) • It has elements of both layer 2 and layer 3 • It can encapsulate any higher level protocol and tunnel it over a variety of links • iSCSI • Encapsulates SCSI data in TCP segment • This gives the ability of the peripheral device to appear as local though they may be not physically closer to the local computer.
  • 29. Transmission Types Analog Digital Data is represented in Wave values Data is represented in discrete voltage values Not reliable over long distance due to distortion More reliable over long distance Difficult to extract analog signals from background noise Provides efficient and clear cut signaling method Could have infinite number of values or states Is a Square wave that exists in discrete states Can implement data compression to increase data throughput; provide signal integrity through repeaters and multiplex different type of data onto same transmission channel
  • 30. Asynchronous Synchronous Start and stop bits are used for communication Synchronization happens over timing sequence, which is initiated by a clock pulse ATM protocol uses start stop bits Data link protocol HDLC uses clock pulse Transfers as frames per start and stop bit Transfer data in a stream of bits Parity bit used for error control Robust error-checking, CRC Each byte requires 3 bits of transmission (start, stop, parity) Minimal overhead compared to Asynchronous Environments that send data in a non-predictable manner have protocols that use asynchronous timing mechanisms Used for high-speed high-volume transactions
  • 31. Broadband Baseband Divides the communication channel into independent sub-channel Uses the entire communication channel for transmission Carriers different signals over different sub channel Permits only one signal to transmit at a time • Bandwidth: • Number of electrical pulses that can be carried over a link within a second • Data transfer capability of a connection • Commonly associated with the amount of available frequencies and speed of a link • Data throughput: • Actual amount of data that can be carried over the connection • Data throughput values can be higher than bandwidth if compression is used.
  • 32. Common network cable types • Coaxial cable • Unshielded twisted pair • Fiber optic
  • 33. Why copper? Copper has several important properties which make it well suited for electronic cabling: • Conductivity — Copper is an excellent conductor of electric current and heat. • Corrosion Resistance — Copper will not rust and is fairly resistant to corrosion. • Ductility — Copper possesses the ability to be drawn into thin wires without breaking. • Malleability — Pure copper is easy to shape. • Strength — Copper keeps its strength and toughness up to about 400 °F.
  • 34. Copper Cable Components Regardless of the construction, most cables contain certain common elements. These are: • A sheath or jacket for protection. • Insulation to prevent short circuits between the individual conductors. • Spacers to preserve the electrical properties of the cable.
  • 35. Cable Insulation Insulation is a high resistance material that is coated on the conductor to resist the flow of current between conductors in the cable. There are three primary categories of insulators: • Thermoplastics - Polyvinylchloride (PVC), Polyethylene, Polypropylene. These are widely used and resist most sunlight, ozone, oil, and solvents. • Fluoropolymers - Teflon. These are used for high temperature applications. Used in Plenum areas. • Elastomers - These are rubber like and return to shape after tension is released.
  • 36. Plenum • Cable type codes are important because cables often run in ventilation system return spaces above ceilings or below floors. • Such spaces, called plenums, must not quickly fill with toxic gasses should a small fire break out because the air conditioning system will spread the poisonous fumes to other areas of the building. • Plenum-rated cables have jackets made of materials that are slow burning and do not emit toxious fumes.
  • 37. Coaxial Copper Cable • Coaxial cable consists of a copper center conductor, either stranded or solid, which is wrapped in insulation and covered with one or more layers of braid and foil. • More resistant to EMI, provides higher bandwidth, supports longer cable length than twisted pairs • Used as transmission line for Radio frequency signals
  • 38. Twisted Pair Copper Cable • Twisted-pair cabling consists of pairs of insulated copper wires that are twisted together and then housed in a protective sheath. • The twisting of each pair of wires provides a cancellation effect that helps neutralize noise and null out interference. • The tighter the twisting, the more resistant the cable is to interference and attenuation • The result is that in twisted-pairs, interference such as EMI and RFI tends to be canceled out.
  • 39.
  • 40. Unshielded Twisted-Pair (UTP) Cable / STP • This type of cable relies solely on the cancellation effect, produced by the twisted wire pairs, to limit signal degradation caused by EMI (Electromagnetic Interference) and RFI (Radio Frequency Interference). • UTP cable is used in a variety of networks. It can come with many different numbers of pairs inside the jacket. • It is the least secure networking cable compared to coaxial and fiber • STP is more expensive than UTP due to the extra shielding. • STP is less flexible than UTP because of the shielding and is more difficult to install.
  • 41. Fiber-optic cable • Carries data over glass as light waves • The glass core is surrounded by protective casing which is enclosed inside an outer jacket • It has higher transmission speeds that allow signals to travel over longer distance • It is much more secure than UTP/Coaxial • Single mode: • Small glass core; can transfer data over long distance; less susceptible to attenuation • Multimode: • Large glass core; can transfer more data, but only to shorter distance
  • 42. Cabling Problems • Noise • Caused by surrounding devices or characteristics of the wiring • Eg: motors; computers, fluorescent light, microwave oven • Attenuation • Loss of signal strength as it travels • Attenuation increases with higher frequencies • Can also be caused by cable breaks and malfunctions • Cross talk • Occurs when electrical signals spill over the wires • UTP is more vulnerable than STP
  • 43. Karthikeyan Dhayalan MD & Chief Security Partner www.cyintegriti.com