1.1

Describe the function of the network layers as specified by the OSI and the TCP/IP network models.

OSI Model

• Application: HTTP, SSH, IMAP
• Presentation: Encoding
• Session: Sockets, Winsock
• Transport: UDP/TCP
• Network: Packets, IP, Routers (Layer-3 Switches)
• Data-Link: Switches, MAC Address, Frames
• Physical: Cabling, Media, Hubs

Acrostic to remember in order, All People Seem To Need Data Processing or Please Do Not Throw Sausage Pizza Away

TCP/IP Model

• Application: Maps to top three OSI layers
• Transport
• Network
• Physical: Maps to bottom two OSI layers

1.2

Describe the operation of the following:

• IP: Internet Protocol, used to define the addressing of hosts and network
• TCP: Connection oriented using a three way handshake to establish communication. Packets must be acknowledged or they are retransmitted.
• UDP: Connectionless, no retransmission
• ICMP: Internet Control Message Protocol, allows for testing routes and host availability, also can communicate issues along a path

1.3

Describe the operation of these network services

• ARP: Address Resolution Protocol
  • ARP Request Made by a host to broadcast address FF:FF:FF:FF:FF:FF
  • Either a gateway or the host with the IP responds with the MAC Address
• DNS: Domain Name System, allows computers to resolve names like www to an IP address
• DHCP: Dynamic Host Configuration Protocol, allows a host to request an IP address along with other parameters like default gateway and DNS server addresses.
  • DHCP Discover: Find a DHCP server by a broadcast packet
  • DHCP Offer: DHCP server offers an IP
  • DHCP Request: Client requests offered IP
  • DHCP Acknowledge: Server acknowledges the IP assignment.

1.4

Describe the basic operation of these network device types

• Router: Operates at Layer 3 of the OSI Model. Each interface is it’s own broadcast domain. Connects multiple networks.
• Switch: Operates at Layer 2 of the OSI Model. Many interfaces, each with its own collision domain.
• Hub: Operates at Layer 1 of the OSI Model. Shared medium with a single collision domain.
• Bridge: Divides a network into two collision domains, similar to a switch with less ports.
• Wireless Access Point (WAP): Device that bridges the wireless media to wired.
• Wireless LAN Controller (WLC): Controls WAPs using CAPWAP protocol

1.5

Describe the functions of these network security systems as deployed on the host, network, or the cloud:

• Firewall: permits or denies traffic based on L3/L4 information in the packet, some NG Firewalls function up to L7.
• Cisco Intrusion Prevention System (IPS): denies traffic that matches rules that can either be compound or atomic.
• Cisco Advanced Malware Protection (AMP): determines if files are malicious
• Web Security Appliance (WSA)/Cisco Cloud Web Security (CWS): Provides web filtering and security scanning
• Email Security Appliance (ESA) / Cisco Cloud Email Security (CES): protects against e-mail attack vectors and spam

NOTE:

While I’ve briefly covered many of the topics, if you are less familiar with network basics, I would suggest reviewing the information in the certification guide or in the CCENT curriculum.