Security + Exam Guide (Charles River Media Networking/Security)

As networking of computer systems became more popular in the world, a structured well organized logical framework for connecting networks and developing applications was needed. In the late 1970s, the ISO (International Standards Organization) developed the OSI networking reference model.

The OSI reference model is a seven-layered logical approach to network communications that includes specifications for the actual hardware connection to the network at the bottom layers of the model, and rules for applications and more complicated functions at the higher layers.

Networking rules for communication, also known as protocols, exist at almost every layer of the OSI model. The more complicated the protocol, the higher up on the model it resides. Important security-related protocols will be discussed in detail later in this chapter. Network transmission, security, session connection information, and hardware are all associated with particular layers.

Picture yourself sitting at your computer working on a Microsoft Word document. You are actually utilizing functions that reside at the top layer of the OSI reference model known as the Application layer or layer 7. You decide to attach your Word document to an e-mail message and send it to a coworker. The message or signal that you are sending is directed from the Application layer (layer 7) down through the other layers to the Physical layer (layer 1) where it is placed in converted format (0’s and 1’s) onto a network medium, such as a wire, and transmitted to your coworker. Your coworker, on the receiving end, accepts the message through their Physical layer (layer 1). The message is converted back to a readable format from 0’s and 1’s and is presented to your coworker’s Application layer (layer 7).

The seven layers of the OSI reference model are as follows:

• 7 (Application layer): Application layer applications, e-mail, FTP, user authentication, and any other major services that the end user interacts with directly are associated at this high-level layer. Network access and forms of error recovery are handled at this layer. High-level devices such as gateways are present at this layer. Application-specific protocols such as X.500, SMTP, SNMP, Telnet, and SMB reside at this layer as well as at the Presentation and Session layers (6 and 7, respectively).

• 6 (Presentation layer): Data on the sending computer is converted into a format that can be transmitted over media to another computer. On the receiving end, data is converted into a format that the end user or Application layer can understand. Encryption and data translation occur at this level. The network redirector operates at this level.

• 5 (Session layer): This layer establishes, holds, and controls sessions or connections between two applications. It provides checkpoint and synchronization service between two communication sessions. Security between two sessions is also handled at this layer.

• 4 (Transport layer): This layer’s primary concern is flow control and data handling. Large forms of data are broken down into manageable packets that can be presented to the higher layers on the receiving end. The successful transmission of data is acknowledged at this layer. If the transfer of information is incomplete or interrupted, this layer is responsible for a request of the information to be retransmitted by the sending application or session. Transfer protocols such as TCP, NetBEUI, NWLink, and SPX reside at this layer.

• 3 (Network layer): This layer is responsible for the routing of information to the correct network, device, or computer. Logical names are converted to physical names at this layer. In other words, computer IP (Internet Protocol) addresses are converted to their MAC (Media Access Control) equivalents. Priority of connection and quality of service are also handled at this layer. A network router and switch reside at this layer. Network protocols such as IP and IPX reside at this layer.

• 2 (Data Link layer): Data frames received from the network layer are converted into bits (0’s and 1’s) in preparation for the Physical layer (layer 1). On the receiving end, bits are packaged together into frames that can be understood by the higher layers. Frame synchronization, flow control, and error handling are addressed at this level. The Data Link layer has two sublayers known as the LLC (Logical Link Control) and MAC (Media Access Control) layers. The LLC sublayer is associated with IEEE standards 802.1 and 802.2 and is responsible for the implementation and placement of SAPs (service access points). The MAC sublayer is associated with IEEE standards 802.3, 802.4, 802.5, and 802.12. The MAC sublayer communicates directly with a network interface card. It is responsible for error-free communication between network interfaces. Devices called bridges segment network traffic and operate at this layer.

• 1 (Physical layer): This is the physical adapter or connection to the network wire or medium. This is where bits or bit streams of information are prepared to go across the network medium. Incoming bits of information are organized and prepared to move through the higher layers. Networking devices such as repeaters and hubs operate at this level.

If you are interested in a career in networking, it is very important that you understand the theory behind the OSI reference model. You will also need a solid understanding of the OSI reference model and the IEEE specifications if you wish to understand how networking components, protocols, and applications function.