From the course: CompTIA Security+ (SY0-701) Cert Prep

Introducing TCP/IP

From the course: CompTIA Security+ (SY0-701) Cert Prep

Start my 1-month free trial

Introducing TCP/IP

- [Instructor] We use networks every day, but we don't always pause to reflect upon what's happening under the covers to make our networks function properly. As we begin our exploration of network security, let's first talk about the basics of networking and a set of protocols called TCP/IP. TCP/IP is an acronym. It stands for Transmission Control Protocol, TCP, Internet Protocol, IP. TCP and IP are two of the main protocols that make up all modern networks. The internet protocol is responsible for routing information across networks. Now, the name is a little deceiving because it's not just used on the internet. It's also used on the networks in your home and office. The main responsibilities of the internet protocol are providing an addressing scheme, known as IP addressing, that uniquely identifies computers on a network and delivering information in chunks known as packets from their source to the correct destination. IP is known as a network layer protocol. IP supports transport layer protocols that have higher level responsibilities. The two main transport layer protocols are the Transmission Control Protocol, TCP, and the User Datagram Protocol, UDP. TCP is responsible for the majority of network traffic. It's a connection-oriented protocol, meaning that it establishes connections between two systems before data is transferred. TCP is also a reliable protocol that guarantees delivery by having the destination system acknowledge receipt of every packet. TCP's reliability makes it widely used for applications that require this guaranteed delivery, such as email and websites. Because TCP is connection-oriented, systems go through a handshaking process to create a connection before transmitting data. This process is known as the three-way handshake. TCP packets include special flags that identify packets used in this handshaking process. The SYN flag identifies packets that are requesting a new connection. While the FIN flag identifies packets that are requesting the closure of an existing connection. The ACK flag is used to acknowledge a SYN or FIN request. Let's look at that three-way handshaking process in more detail. In the first step, the system originating the connection sends a packet with the SYN flag set. This indicates that the system would like to open a connection to the destination system. The destination system receives this packet and replies with another packet that does two things. It acknowledges the original connection request and then asks to open a reciprocal connection in the other direction. This packet has both the SYN and ACK flag set. Then finally, the original system that started the connection receives the SYN/ACK packet and sends a final ACK packet to the system, completing the reciprocal connection. Once this three-packet sequence completes, the connection is open, and the systems may begin exchanging data. Now, the User Datagram Protocol, on the other hand, is a much more lightweight protocol that doesn't use the three-way handshake because it is not connection-oriented. Systems basically send data off to each other blindly, hoping that it is received on the other end. UDP does not perform acknowledgements, and therefore cannot guarantee delivery. It is often used for applications like voice and video where guaranteed delivery of every packet isn't essential. Networking professionals describe these protocols using a model known as the Open Systems Interconnection or OSI model. The model describes networks as having seven different layers. The first, the physical layer, is responsible for sending bits over the network using wires, radio waves, fiber optics, and other means. The second layer, the data link layer, transfers data between two nodes connected to the same physical network. The third layer, the network layer, expands networks to many different nodes. The internet protocol works at this layer. The fourth layer, the transport layer, creates connections between systems, and transfers data in a reliable manner. TCP and UDP are transport layer protocols. Above them, the fifth layer is called the session layer. This layer manages the exchange of communications between systems. The sixth layer, the presentation layer, translates data so that it may be transmitted on a network. This layer describes how to represent a character in terms of bits and performs encryption and decryption. And then finally, the seventh layer, the application layer, determines how users interact with data using web browsers or other client applications. This OSI model is a great reference to help you understand how networks function, and you should be familiar with it as you prepare for the exam.

Contents