Lesson 2 – Computer Network Models 4.

Promotes interoperability among different network devices and

systems.
Network Model: A set of rules (protocols) for transmitting data over a
network. Examples include the OSI model and the TCP/IP model. Disadvantages:

Data Packet: A packet is a unit of data sent across a network. 1. Complex and not practical for real-world use.

OSI Model (7 Layers): 2. Slow adoption, as it's mostly a reference model.

• Physical (Layer 1): Transfers bits across a physical medium. 3. Redundancy in certain functions across layers.

• Data-Link (Layer 2): Ensures error-free data transfer and formats data 4. Less efficient compared to simpler models like TCP/IP.
into frames. TCP/IP Model: Advantages:
• Network (Layer 3): Routes data between devices using IP addresses. 1. Widely used and forms the backbone of the internet.
• Transport (Layer 4): Ensures complete data transfer without errors 2. Simpler and more efficient than the OSI model.
(TCP/UDP).
3. Highly scalable, suitable for both small and large networks.
• Session (Layer 5): Manages sessions (dialog) between computers.
4. Open standard, ensuring cross-platform compatibility.
• Presentation (Layer 6): Translates data formats and manages
encryption/compression. Disadvantages:

• Application (Layer 7): Provides network services to applications like 1. Not very modular; hard to replace/update specific layers.
HTTP, FTP. 2. Lacks strict layering, making it less structured than OSI.
TCP/IP Model (4 Layers): 3. Limited support for new technologies compared to the OSI model.
• Application: Network services (HTTP, FTP). 4. Focuses more on implementation, neglecting theoretical aspects.
• Transport: Process-to-process data transfer (TCP/UDP). differences between the OSI and TCP/IP models:
• Internet: Routing and addressing (IP).
OSI model TCP/IP model
• Network Access: Physical and data-link layer functionalities. has 7 layers has 4 layers.
OSI is a theoretical model practical implementation used on internet.
OSI Model: Advantages:
OSI is less commonly used standard for internet communication
1. Layered approach makes it easier to understand and troubleshoot.
protocol-independent defines specific protocols like TCP and IP
2. Supports modular design, allowing technology updates in individual
layers.
3. Provides clear standards for different network protocols. Lesson 3 - Network Media
4. allows different protocols to operate at each layer, supporting a wide range of technologies.
1. Ethernet Media: Ethernet, Fast Ethernet, and Gigabit Ethernet are • Parity Check: Ensures data has even or odd number of 1s based on
widely used LAN technologies, with speeds ranging from 10 to 1000 Mbps. parity bit.
2. Wireless Media: • Hamming Code: Detects and corrects single-bit errors, detects two-bit
errors.
• Consists of devices like Access Points and wireless NICs. WLANs use
radio frequencies for communication and can operate up to 300 feet in Flow Control: Prevents fast senders from overwhelming slower receivers
open areas. using feedback mechanisms.
3. Cabling Methods: MAC Protocols:
• Straight-through: For switch-to-router, switch-to-PC, or hub-to-PC • CSMA/CD (used in wired networks): Detects collisions, stops
connections. transmission, and retries after random delay.
• Crossover: For connecting similar devices (switch-to-switch, PC-to- • CSMA/CA (used in wireless networks): Avoids collisions by sending
PC). intent to transmit before sending data.
• Rollover: For terminal to console port connections.
Framing: Converts packets to frames and ensures frames start/end are
4. LAN and WAN: detected.
• LANs use devices like hubs, bridges, and switches to manage traffic and Error Handling:
reduce congestion.
• WANs use routers for connecting to the WAN and routing data packets. • Error-Correcting Codes (ECC): Corrects errors, used in wireless
networks.
5. Network Types:
• Error-Detecting Codes (EDC): Detects errors but does not correct
• Peer-to-peer: All computers act as equal peers. them, common in wired networks.
• Client/server: Services are provided by a dedicated server to the clients.
Lesson 05 – Ethernet standard
Lesson 04 – Data link control
Ethernet Overview:
Data Link Layer: Responsible for transporting packets, media access
control, framing, synchronization, error control, and flow control. • Networking technologies like Legacy Ethernet, Fast Ethernet, and
Gigabit Ethernet.
Error Detection Methods:
• Speeds: 10 Mbps, 100 Mbps, 1 Gbps, and 10 Gbps.
• Checksum: Divides data into blocks, calculates and transmits
checksum. Types of Ethernets:

• Cyclic Redundancy Check (CRC): Adds zeros and computes • 10BASE Ethernet: Uses coaxial or UTP cables, bus/star topology,
remainder to detect errors. half/full-duplex.
• 100BASE Ethernet (Fast Ethernet): UTP or fiber optic cables, star
topology, 100–200 Mbps.
• 1000BASE Ethernet (Gigabit Ethernet): UTP/fiber optic cables, full- • Link State: Routers build a network map to calculate best paths.
duplex, speeds up to 1 Gbps.
• Path Vector: Similar to distance vector but includes paths.
Ethernet Frame:
Routing Protocols:
• Frame size: 64–1518 bytes.
• RIP: Oldest, uses hop count.
• Components: Destination MAC address, Source MAC address, Type,
Data, and Frame Checksum. • OSPF: Uses Shortest Path First (SPF) algorithm.

Ethernet Operations: • BGP: Border Gateway Protocol for path vector routing.

• Half Duplex: Devices take turns sending data. ICMP (Internet Control Message Protocol):

• Full Duplex: Simultaneous sending and receiving of data. • Handles error reporting and network management.

Collision Detection (CSMA/CD): Devices monitor the network to avoid • Tools like Ping and Traceroute use ICMP messages.
collisions and handle them using random backoff timers. Other Routing Protocols:
Types of Ethernet Errors: Collisions, frame errors, FCS (Frame Check • ARP: Maps IP addresses to MAC addresses.
Sequence) errors, and alignment errors.
• DHCP: Dynamically assigns IP addresses to devices on a network.
Lesson 06 – Network Layer
Lesson 08 – Transport Layer and Quality of Service
Network Layer:
Transport Layer:
• Transports packets from sender to receiver.
• Ensures data transport between processes on hosts.
• Handles routing and forwarding to determine the best path for data.
• Responsible for error handling, maintaining message order, and end-to-
• Routing algorithms such as RIP (Routing Information Protocol) and end delivery.
BGP (Border Gateway Protocol) are used.
Transport Layer Protocols:
Lesson 07 - Logical Addressing Protocol • TCP (Connection-oriented, reliable): Sets up, maintains, and closes
Routing Basics: connections.

• Routing: Determines the path for packets from sender to receiver. • UDP (Connectionless, unreliable): Simple, no flow or error control,
used for short requests like DNS, TFTP, SNMP.
• Forwarding: Moves packets between router input and output ports.
TCP Characteristics:
Routing Algorithms:
• Point-to-point, full duplex.
• Distance Vector: Routers share distance to nodes.
• Reliable with acknowledgments (ACK), sequence numbers, and error • Confidentiality: Ensuring only authorized parties can view assets.
control.
• Integrity: Ensuring only authorized parties can modify assets.
UDP Characteristics:
Threats to Security
• No connection setup.
1. Availability
• No error control or retransmission, useful for quick communication.
o Hardware: Devices disabled or removed.
Quality of Service (QoS):
o Software: Programs deleted.
• Manages data speed, delay, jitter (delay variation), and packet loss in a
network. o Data: Files deleted.

Why QoS is Important: o Communication: Messages destroyed or deleted.

• Ensures that different types of traffic (voice, video, data) get appropriate 2. Confidentiality
bandwidth, reducing congestion. o Unauthorized access to hardware, software, data, and communication.
QoS Implementation: 3. Integrity
• Traffic shaping, queue management, congestion avoidance, bandwidth o Hardware replaced or removed.
reservation.
o Software modified by unauthorized users.
• Prioritize traffic types based on application needs.
o Data/information altered.
Lesson 10 - Computer Security o Communication messages modified, delayed, or duplicated.
Computer Security Ensuring Security
• Definition: Protection of computer assets which include hardware, 1. Availability:
software, data, networks, and people.
o Regular maintenance, system updates, backups, disaster planning, new
Cyber Security technologies, and monitoring.
• Definition: Protection of internet-connected assets like hardware, 2. Confidentiality:
software, servers, mobile devices, networks, and data.
o Use authentication, authorization, and accounting (AAA).
• Categories: Network security, application security, information security,
and operational security. 3. Integrity:
Security Cube Principles o Validation, verification, reliability checks, backups, access controls,
encryption, and monitoring.
• Availability: Ensuring authorized users can access computer assets.
Types of Harm • Methods: Firewalls, access control, Advanced Malware Protection
(AMP), Email Security Application (ESA), Web Security Application
• Disclosure: Unauthorized access to assets. (WSA).
• Deception: Unauthorized changes leading to false data being accepted Objectives of Secure Communications
as true.
1. Authentication: Verifying the message's authenticity (e.g., Hash
• Disruption: Interruptions to system operations. Message Authentication Code - HMAC).
Access Control 2. Integrity: Ensuring the message is not altered during transmission (e.g.,
• Definition: Determines how resources or services are allowed or denied Hash Algorithms).
on a system. 3. Confidentiality: Protecting the message from being read by
• Models: unauthorized parties (e.g., Symmetric Encryption Algorithms).

o Discretionary Access Control (DAC): Resource owners set access Authentication Methods
permissions. • Services: Ensure the message is from a real source and verify personal
o Mandatory Access Control (MAC): System-enforced policy identification (e.g., ATM PIN).
determines access. • Non-repudiation: Sender cannot deny sending the message; receiver
o Role-Based Access Control (RBAC): Access based on user roles. can verify the source.

o Attribute-Based Access Control (ABAC): Access based on attributes Encryption

and contextual factors. • Definition: Converting information into a secret code (plaintext to
Physical Security Implementation ciphertext).

• Elements: Restricted areas, CCTV, locks, access control, barriers, • Key: Required for encrypting and decrypting messages.
security services, and intrusion detection systems. • Algorithms:
Lesson 11 – Cryptography-Concepts Symmetric Encryption: Same key for encryption and decryption.
Cryptography Basics Common Algorithms: Data Encryption Standard (DES), Three times-
Data Encryption Standard (3DES), Software Encryption Algorithm
• Definition: Secure communication techniques that allow only the
(SEA).
sender and receiver to view the message contents.
Types of Encryptions
Cryptography Services
• Data Encryption Standard (DES): Operates in block mode,
• Network Security: Protect network infrastructure (routers, switches,
encrypting data in 64-bit blocks.
servers).
• 3DES: Applies DES three times to a plaintext block.
• Data Security: Ensure the safety of data/information.
• Hash Function: Transforms a string into a shorter, fixed-length value
(e.g., password hashing).
Cryptography Techniques
• Transposition Ciphers: Rearranging letters without replacement.
o Example: Message "FLANK EAST ATTACK AT DAWN"
transposed to "NWAD TA KCATTA TSAE KNALF".
• Substitution Cipher: Shifting each letter in the plaintext a certain
number of places.
• One-time Password (OTP): Unique password used once for logging in
to a network/service.
Firewalls
• Definition: Network security device that monitors and controls
incoming and outgoing traffic.
• Types:
o Packet Filtering Firewall: Operates at junction points like routers
and switches; compares packets against criteria.
o Stateful Firewall: Monitors the state of connections and analyzes
traffic at OSI Layers 4 and 5.
o Application Gateway Firewall: Filters information at multiple OSI
layers, often works with a proxy server.
Firewall Design
• DMZ (De Militarized Zone): Firewall design with one interface
connected to a private network and another to a public network.
• Key Considerations: Device interfaces, traffic type, source, and
destination.