SECTION 3 : OSI MODEL

Question 1

What is the acronym of OSI

Answer 1

Open system Interconnections Model.

Question 2

Difference between OSI Model and TCP/IP model ?

Answer 2

The TCP/IP model is closer to reality while the OSI model is mostly theoretical and could be applied to every networks.

Question 3

What is the order of the 7 layers ?

Answer 3

From bottom to top :
Physical
Data link
Network
Transport
Session
Presentation
Application
(please do not throw sausage pizza away)

Question 4

How do we call data when it comes to layers ?

Answer 4

7 - 6 - 5 : Data
4 : Segments
3 : packets
2 : frames
1 : bits
(Do Some People Fear Birthday)

Question 5

Sum up briefly the physical layer

Answer 5

Where transmission of bits across the notwork occurs and includes physical and electrical network characteristics

Question 6

What is transition modulation ?

Answer 6

1. One way to electrically or optically represent a binary 1 or 0 is to use the transition between a voltage level (for example, going from a state of no voltage to a state of voltage, or vice versa, on a copper cable) or the transition of having light or no light on a fiber optic cable to represent a binary 1.
2. Similarly, a binary 0 is represented by having no transition in a voltage level or light level from one time period to the next. This approach of representing binary digits is called state transition modulation.

Question 7

Explain bits representation in fiber

Answer 7

Light on = 1
Light off = 0

Question 8

What are the two main wiring standards operating at layer 1 ?

Answer 8

TIA/EIA-568A and TIA/EIA-568B

Question 9

How is communication synchronized ?

Answer 9

It is a layer 1 issue. Asynchronously and synchronously.

Question 10

What does synchronous communication mean ?

Answer 10

Uses à reference clock to coordinate transmissions between receivers and senders.

Question 11

How can the bandwidth of the cable be utilized ?

Answer 11

There are two ways :
Broadband
Baseband

Question 12

What are thé différence between broadband and baseband ?

Answer 12

Broadband : divides bandwidth into separate Channel (TV cable -200 channels).
Baseband : use all available frequencies on a medium to transmit data all of the time. Ex: telephone. Baseband uses a référence clock. That’s why we can’t have two phonecalls. A wire home ethernet Network is the same they use all the frequency of a cable.

Question 13

How can we get more out of a limited Network?

Answer 13

Different mechanisms :
TDM - time division multiplexing | each session takes a turn, using Time slots, to Share the medium between all users.
STDM - StatTDM | dynamically allocate the time based on an as-needed basis. More efficient.
FDM - Frequency division miltiplexing | divides the medium into channels based on frequencies and each session is teansmitted over a different Channel. Similar to broadband !!

Multiplexing is getting more out of a limited network. It allows multiple people to use a baseband connections at the sametime

Question 14

What are the devices that operate at layer 1 ?

Answer 14

Cables (ethernet, fiber and so on)
Wireless things (Bluetooth, NFC, WIFI)
Infrastructure devices (hub, WAP, Mediaconverter)
Layer 1 devices only repeat bits.

Question 15

Define the basic principle of layer 2 ?

Answer 15

This layer packages up the bits into frames and transmits those frames on the network.
Layer 2 devices view networks logically.

Question 16

What is a MAC adress ?

Answer 16

Physical adressing system of a device which operates on a logical topology. It uses a 48 bit physical adressing to any network interface card (NIC). The first half bits will identify the producer. Thé other is a unique value.

Question 17

What is logical link control (LLC)?

Answer 17

1. Provides connection services and allows acknowledgment of receipt of messages.
2. The most basic form of flow control.
3. It also provides basic error control functions (data frame not received, corrupted data frames and so on). Since we are talking about 1 and 0, it will add up and the last bit must be even or odd to determine if it was good or not.

Operates at layer 2

Question 18

How is communication synchronized across layer 2 ?

Answer 18

Isochronous : network devices use a common reference clock and create time slots for transmission (cf. Multiplexing).

Synchronous : network devices agree on clocking method to indicate beginning and end of frames and can use control characters.

Asynchronous : they reference their own internal clocks and uses start and stop bits.

Question 19

What are the devices of layer 2 ?

Answer 19

Switches that can learn ports and devices. NIC and bridges too.

Question 20

Basic principle of layer 3?

Answer 20

Forwards traffic with logical adresses. (Routing).

Question 21

What does switching mean ?

Answer 21

It means routing (layer3).

Question 22

How should data be forwarded or routed at layer 3?

Answer 22

• packet switching
• circuit switching
• message switching

Question 23

What is packet switching ?

Answer 23

Thé most commonly used.

Data is divides into packets and then forwarded. Packets will be switched from place to place. Every time it can get another route.

Question 24

What is circuit switching ?

Answer 24

Dedicated communication link is established between two devices.

A phone call creates a temporary connection that all data uses.

For thé entire phone call, it uses the same paru.

Question 25

What is message switching ?

Answer 25

Data is divided into messages which may be stored and then forwarded.

Similar to packet switching but it can be stored.

It operates at layer 3.

Question 26

What is route discovery and selection ?

Answer 26

Manually configured as a static route or dynamically through a routing protocol.

Routers will maintain a routing table. Using RIP, OSPF or EIGRP. Routing protocols help us décide how data will flow.

Question 27

Principle of dynamic routing ?

Answer 27

Routers consistantly talk to each other to find the best path.

Question 28

What are connection services ?

Answer 28

Augment layer 2 connection services to imprévue reliability.

More flow control and packet reordering allows to reorder the packets.

Question 29

What is ICMP ?

Answer 29

Sends error messages and operational information to an IP destination. Thé most used message is Ping. Ping tells if the packets were received and in How much time. Used for troubleshooting.

Traceroute is more or les the same but uses many ping to locate the servers.

Question 30

What are the devices that operate at layer 3?

Answer 30

• routers and multilayer switches.
• multilayer combines switch of layer 2 and routers of layer 3. Multilayerswitch is considérered a layer 3 device.
• ICMP
• Ipv4

Question 31

What is the data type of the transport layer ?

Answer 31

We deal with segments and datagram.

Question 32

What are the two protocols of the layer 4?

Answer 32

TCP : connection oriented protocol that is a reliable way to transport segments accros thé network.

UDP :

Question 33

Explain TCP handshake.

Answer 33

The client will send a syn packet then thé server will send a syn+ack and the client will send back an ack. The transmission of data will then begin. It’s like certified mail.

Question 34

Explain UDP.

Answer 34

Connectionless protocol that is an unreliable way to transport segments across thé Network. If we use UDP it’s datagram. If the datagrams are dropped thé sender is unaware. Good for audio and vidéo streaming. Increase the performance.

Question 35

Compare TCP and UDP

Answer 35

Reliable (three way handshake) \ unreliable

Connection-oriented \ connectionless

Segment retransmission and flow control through windowing \ no windowing

Segment sequencing \ no sequencing (if they arrive in different order it will be broadcasted so)

Acknowledge segments \ no acknowledgment

Question 36

What is windowing ?

Answer 36

Allows thé clients to adjust the amount of data in each segments.

Sends less data with decreased retransmissions.

For instance à download says 20 min remaining then five and so on. This is windowing. The window adjusts to send more segment according to the bandwidth.

Window opens up —> less segments with more data (it’s good)

We speed up and slow-down.

Question 37

What is buffering ?

Answer 37

Occurs when devices allocate memory to store segments if bdwt isn’t readily available.

Routers have a special memory and store segments for instance. If the network is congested it will keep information to send it later.

For instance if three routers send 210 MB/s to a router and if it can only send 50 mb there is a bottleneck. Router will keep in its buffer.

There is a possibility in some network (see picture). Some devices do not operate at their full capabilities.

Question 38

Layer 4 devices?

Answer 38

TCP and UDP.
Wan accelerator (?)
Load balancer and firewalls
If we block a port 80 over TCP it’s layer4.

Question 39

What is the session layer ? (L5)

Answer 39

Keeps conversations separate to prevent intermingling of data.

Question 40

What are the three phases of a session?

Answer 40

1. Set Up
2. Maintain
3. Tear down

Question 41

What is session set up ?

Answer 41

Checking of user credentials and assigning numbers to sessions to help identify them.

Question 42

Maintain a session

Answer 42

Transferring data over and over again allows a session to be maintained.
If we have a break ==> reestablish connection (“can you repeat ? “)
Acknowledge receipt ==> “did you understand ?”

Question 43

Tear down session

Answer 43

Ending of a session after the transfer is done or when the other party disconnects.
When one party is not getting the information, the session is being torn down.

Question 44

Layer 5 devices ?

Answer 44

H.323 and NetBios

Question 45

What is H.323 ?

Answer 45

H.323 is used to set up, maintain and tear down voice and video connections. it operates over the RTP (real time protocol). ==> like facetime, skype or youtube.
RTP is related to streaming audio and streaming video.

Question 46

What is NetBIOS ?

Answer 46

Used to share files over a network. Windows uses it a lot.

Question 47

What is layer 6 ?

Answer 47

The presentation layer formats the data to be exchanged and secures that data with proper encryption. (data formatting and encryption). The presentation layer translates information in a way that the application layer understands. It also translates information from the application layer to the session layer.

Question 48

What is data formatting ?

Answer 48

Data is formatted by the computer to have compatibility between different devices.

ASCII for instance, or GIF or JPG, PNG and so on.

Question 49

What is ASCII ?

Answer 49

It ensures data is readable and provides proper data structure. It allows us to negotiate data transfer over layer 7.

Question 50

What is encryption ?

Answer 50

Used to scramble the data in transit to keep it secure from prying eyes and provide data confidentiality.

For instance TLS. It create an encrypted tunnel.

Question 51

What are layer 6 devices or protocols ?

Answer 51

• Scripting languages
• Standard text
• Pictures
  -Movie files
• ERncryption algorithms

Question 52

What is the Application layer ?

Answer 52

Provides application-level services where users communicate with the computer.
We talk about low level applications like file transfer or network transfer.

Question 53

What are application services ?

Answer 53

Application services are the things that unites communicating components from more than one network application. For instance POP3 or Imap are low level application but Microsoft Outlook is not.

Question 54

What is service advertisement ?

Answer 54

this is where application can send out announcements to other devices on the network to state the service they offer.
for instance a printer alerts that it can be used for printing.

Question 55

What are layer 7 devices ?

Answer 55

Email applications, web browsing, DNS, HTTP, Pop3 IMAP, FTP, FTPS, SFTP or TELNET and SSH.

Question 56

What is Wireshark ?

Answer 56

Wireshark allows to inspect packet in-depth. It is used for troubleshooting, forensics and pentest.

Question 57

What is encapsulation ?

Answer 57

Process of putting headers (and trailers) around the data.
if we move down the OSI layers from 7 to 1 we encapsulate. If we move up we decapsulate.

Question 58

What is protocol Data Unit ?

Answer 58

A single unit of information transmitted in a computer network.
In the real world we use PDUs to transmit data. They are called L7PDU or L4PDU. They follow the name of data used for every layers.

Question 59

what is the cinematic of encapsulation ?

Answer 59

We take the data from the application layer and wrap it with the headers of each layer. At layer 4 we add our source and destination ports. At layer 3 we add our source and destination IP addresses. At layer 2 we add our source and destination MAC addresses. At layer 1 we transmit our layer 2 frames as a series of 1 and 0. When it is received by the other device it will decapsulate by reading the ethernet header. If the destination MAC is correct it will decapsulate everything. Or else it will be sent to the default gateway. It can decapsulate the following header until the right host is found. The right host will decapsulate everything.

Question 60

What is the TCP header ?

Answer 60

It contains 20 bytes (source port, destination port, sequence number, acknowledgment number, control flags)

Question 61

What are the control flags of a TCP header ?

Answer 61

SYN : used to synchronize connection during the three-way handshake.
ACK : used during the handhsake but also used to acknowledge the successful receipt of packets.
FIN : tear down the virtual connections created by the handshake and the syn flags.
RST : used when a client or server receives a packet that was not expecting during the current connection.
PSH : Used to ensure data is given priority and is processed at the sending or receiving ends
URG: simiar to PSH and identifies incoming data as urgent. PSH is used by the sender. URG violates the packets priority order.

Question 62

What is the UDP header ?

Answer 62

smaller than TCP because it is a connectionless (8bit).
source port : same than TCP
destination pot : idem
length :
checksum : not a mandatory field but it can be used to provide some validation that the UDP data was well received.

Question 63

Where does ethernet header operate ?

Answer 63

Layer 2.
in the ethernet header, we find the destination and source MAC addresses, the EtherType and the VLAN tag (optional).
The Ethertype field is used to indicate which protocol is encapsulated in the payload of that frame.

Question 64

What is the minimum bytes for an ethernet payload ?

Answer 64

42 Bytes if VLANs are being used and 46 bytes if no VLANs are being used.

Question 65

What is the MTU ?

Answer 65

when you send a pyaload there is a maximum size. By default ethernet uses an MTU of 1500 bytes as a maximum. If you have a payload that is larger you need to use a jumbo frame larger than 1500 bytes.