Summary of Exam Objectives

The Open Systems Interconnection (OSI) model contains seven layers used as a standard for how data is transmitted for the user's perspective (the Application layer) to the format any network can understand (the Physical layer). The OSI model passes data down from the Application layer to the Presentation layer to the Session layer to the Transport layer to the Network layer to the Data Link layer and finally to the Physical layer. The data travels across the network and then moves its way back up the OSI model on the receiving machine. The different types of network cabling reside at the Physical layer. Fiber optics transmits data using pulses of light and is very secure. Twisted-pair is a common cable used in networks, but is subject to sniffing if an attacker physically taps the cable.

A LAN is a data network confined to a specific geographic area. The five LAN topologies are star, bus, ring, mesh, and tree. The mesh topology is the most redundant, but also the most expensive due to the amount of cabling required. The star topology is the most commonly used layout. The ring topology provides the best data transmission success rate and is the fastest. A WAN is a data network that consists of one or more LANs and spans a broad geographic area.

RADIUS and TACACS provide a central database for devices to reference when authenticating users on a network. PAP and CHAP are authentication protocols that allow remote users to authenticate to a network. PAP transmits passwords in cleartext.

The Internet is the global WAN that allows anyone to connect to it and is therefore untrusted. An Extranet is a middle ground that allows some access from the Internet, but is still somewhat protected from full access. An Intranet is an organization's private data network that should only contain trusted communications. Firewalls are a networks first line of defense against attacks from the Internet. The three firewall types are the screened host firewall, the dual homed host firewall, and the screened subnet firewall. NAT allows an organization to use private IP addresses on its internal network and allows those internal devices to communicate with the Internet by hiding behind one public IP address.

A VPN creates a virtual dedicated connection between two devices across an untrusted, public network. VPNs can use PPTP, L2TP, IPSec, or a combination of L2TP and IPSec to create the secure connection. IPSEc has two transmission modes, which are transport mode and tunneling mode. Transport mode encrypts the data packet but not the header of the packet. Tunneling mode encrypts both the data and the header of the packet. SSH is not a VPN protocol, but can be used as a VPN when creating a secure terminal connection between a client and server.

There are several common attack methods used to compromise a data network. Spoofing is when an attacker pretends to be a trusted source so that confidential data can be accessed. Sniffing is a passive network attack that involves capturing broadcasted data packets to extract confidential information. A SYN flood is a method used to deny service to legitimate users of a public server by using all of the server's available resources. PBX war dialing is the process of dialing an organization's phone numbers in the hopes of finding a computer with a modem attached that can be attacked.