7 Layers of the OSI Model

Questions and Answers

What is the primary purpose of the integrity component in the CIA triad?

To prevent unauthorized access to systems

To maintain confidentiality of sensitive data

To ensure data is not modified without authorization (correct)

To keep information accessible to authorized users

Which of the following best describes the availability aspect of the CIA triad?

Ensuring only authorized individuals can access data

Preventing data loss during transfer

Making information accessible to authorized users when needed (correct)

Providing detailed logs of data access

Which of the following is NOT one of the functions in the cybersecurity framework?

Recover

Identify

Monitor (correct)

Protect

What type of malware spreads without user authorization and can replicate itself?

Worm

Which cryptography concept is primarily used for securing data transmission?

Encryption

Which type of security control is primarily implemented by people rather than technology?

Operational

In cybersecurity, what does the term 'vulnerability' refer to?

A weakness that can be exploited

Which of the following protocols is associated with ensuring data is transmitted accurately and reliably?

TCP

Which of the following is an example of a well-known port?

Port 22

Which of the following describes the concept of non-repudiation in cybersecurity?

Preventing a subject from denying a performed action

What is ransomware primarily used for?

To display threatening messages and extort money

Which type of phishing targets specific individuals?

Spear phishing

What does the term 'ciphertext' refer to?

An encrypted message

What is a common goal of a Distributed Denial of Service (DDoS) attack?

To make a network resource unavailable

Who created Linux?

Linus Torvalds

Which of these commands prints the current user in Linux?

whoami

What distinguishes a Trojan from other types of malware?

It is concealed within legitimate software

Which of the following is NOT an element of cryptography?

Encryption key rotation

Study Notes

OSI Model Overview

• Framework consisting of 7 layers for networking and telecommunications.
• Layers include Application, Presentation, Session, Transport, Network, Data Link, and Physical.

Layer 7: Application

• User-facing layer that displays data to users.
• Interacts directly with end-user applications.

Layer 6: Presentation

• Responsible for converting data formats between network and application.
• Handles encryption/decryption for secure data transmission.
• Compresses data for efficient transfer.

Layer 5: Session

• Manages communication sessions between hosts.
• Sets up, coordinates, and terminates connections between devices.

Layer 4: Transport

• Ensures end-to-end communication for data transfer.
• Controls the amount and rate of data sent.
• Assigns port numbers for services.
• Key protocols include:
  • TCP (Transmission Control Protocol) for reliable communication.
  • UDP (User Datagram Protocol) for faster, connectionless communication.

Layer 3: Network

• Facilitates packet forwarding and routing between routers.
• Segments data into packets for efficient transmission.
• Uses IP addresses for locating devices on the network.

Layer 2: Data Link

• Enables data transfer between directly connected network devices.
• Responsible for node-to-node communication and error correction.
• Contains two sub layers:
  • MAC (Media Access Control).
  • LLC (Logical Link Control).

Layer 1: Physical

• Covers the physical mediums for data transmission, such as cables and connectors.
• Responsible for the transmission of raw bits across media.

Traffic Flow in OSI Model

• Traffic from sender descends the OSI layers, while receiver traffic ascends.

Ports

• Networking constructs that manage multiple network requests.
• Total of 65,535 ports available.
• Categories of ports:
  • Well-known ports
  • Registered ports
  • Dynamic ports used by applications
• Notable ports include:
  • Port 22: SSH (Secure Shell) for remote connections.
  • Port 53: DNS (Domain Name System) for resolving domain names.
  • Port 25: SMTP (Simple Mail Transfer Protocol) for email.
  • Port 20/21: FTP (File Transfer Protocol) for file transfer.
  • Port 80: HTTP (Hyper Text Transfer Protocol) for web communication.
  • Port 443: HTTPS (Secured HTTP).

Protocols

• Established rules for data transmission across networks.
• Examples include:
  • ICMP (Internet Control Message Protocol) for diagnostic messages.
  • TCP for reliable data transfer via three-way handshake.
  • UDP for low-latency communications.

Cybersecurity

• CIA Triad:

  • Confidentiality: Access limited to authorized personnel.
  • Integrity: Data integrity and authorized modifications.
  • Availability: Authorized access to information.
  • Non-repudiation: Ability to deny actions by subjects.

• Cybersecurity Framework consists of five functions:

  • Identify: Develop security policies and capabilities.
  • Protect: Implementation of security measures.
  • Detect: Ongoing monitoring for security risks.
  • Respond: Contain and eradicate identified threats.
  • Recover: Restore systems and data post-incident.

Vulnerability, Threat, and Risk

• Vulnerability: Weakness that can be exploited.
• Threat: Potential to exploit a vulnerability.
• Risk: Likelihood and impact of threats exploiting vulnerabilities.

Malware Types

• Viruses and worms: Spread without authorization.
• Trojan: Malware disguised as legitimate software.
• Potentially Unwanted Programs (PUPs): Installed alongside other software.

Ransomware

• Software that threatens users to extort money.

Social Engineering Attacks

• Phishing: Deceives users into accessing malicious sites.
• Spear phishing: Targeted phishing attempts toward specific individuals.
• Whaling: Phishing aimed at high-profile targets like executives.

Cryptography Concepts

• Plaintext: Original unencrypted message.
• Ciphertext: Encrypted message.
• Cipher: Method used to encrypt/decrypt messages.
• Hashing: Generates fixed-length strings from input data.

Distributed Denial of Service (DDoS) Attacks

• Aim to make network resources unavailable by overwhelming them.

Linux Overview

• Created in 1991 by Linus Torvalds, widely used in smart devices and systems.
• Highly customizable open-source OS with distributions like Red Hat and Fedora.

Basic Linux Commands

• whoami: Displays the current user.
• pwd: Prints the working directory path.

Description

Test your knowledge of the OSI Model, which breaks down networking and telecommunications into seven distinct layers. From the Application layer to the Physical layer, explore the functions and roles of each layer. Understand how they interconnect to facilitate communication in network systems.