Network Protocols and Data Encapsulation

Questions and Answers

In the context of network protocols, what is the primary role of a 'host'?

• To provide specialized software for servers.
• To participate directly in network communication. (correct)
• To connect networks to the internet.
• To manage network security protocols.

Which of the following scenarios exemplifies a Small Office Home Office (SOHO) network?

• A network connecting several computers in a library for public access.
• A remote office connecting to a corporate network to access shared resources. (correct)
• A network used by a large corporation with thousands of interconnected hosts.
• A home network used for connecting a few personal computers to the internet.

When Terry connects to her school's Wi-Fi and performs a search, what happens to the search string of binary data?

• It remains in binary format throughout the entire process to maintain data integrity.
• It's directly sent to the search engine's servers without any conversion.
• It's converted into electrical signals that travel on the school's wired network. (correct)
• It is stored on the school's server for later analysis.

In the scenario where Michelle is gaming online, what type of information is added to the game data when her actions are sent to the gamer network?

Information identifying Michelle, the game she is playing, and her network location. (D)

Why do cybersecurity analysts need a deep understanding of how networks operate?

To determine the origin and destination of network traffic. (D)

Which of the following best describes the role of Tier 1 and Tier 2 ISPs in the structure of the internet?

They connect portions of the internet together, often through Internet Exchange Points (IXPs). (D)

Why are network protocols essential for communication between devices?

They dictate the 'how' of communication, ensuring devices can understand each other. (A)

Which aspect of network communication does 'message structure' define?

How the message is formatted or structured. (B)

What does 'path sharing' achieve in network communications?

It allows networking devices to share information about pathways with other networks. (B)

What is the function of 'Session Management' in network protocols?

To manage the setup and termination of data transfer sessions. (C)

Which of the following characteristics describes the TCP/IP protocol suite?

It is an open standard protocol suite, freely available and used by any vendor. (D)

What is the purpose of DNS (Domain Name System) in the TCP/IP protocol suite?

To translate domain names into IP addresses. (C)

What is a key distinction between TCP and UDP at the transport layer?

TCP provides reliable transmissions with confirmation of delivery, while UDP does not. (C)

What function does NAT (Network Address Translation) perform?

It translates IPv4 addresses from a private network into globally unique public IPv4 addresses. (B)

What role does the Address Resolution Protocol (ARP) play in network communication?

It provides dynamic address mapping between an IPv4 address and a hardware address. (D)

In the context of network communication, what is 'encapsulation'?

The process of adding protocol information at each layer as data is passed down the protocol stack. (A)

When sending a message over a computer network, what aspect must the message follow to ensure proper delivery and processing?

It must follow specific format rules. (C)

In network communication, why are messages often broken into smaller parts or segments?

To limit the size of messages to what the receiving person or device can process at one time. (B)

In addition to flow control, what does message timing include in network communications?

The response timeout, specifying how long to wait for responses and what action to take if a timeout occurs. (C)

What is the key difference between unicast, multicast, and broadcast delivery options?

Unicast is one-to-one, multicast is one-to-many, and broadcast is one-to-all message delivery. (C)

What is a primary benefit of using a layered model in network communications?

It modularizes network operations into manageable layers, assisting in protocol design and fostering competition. (B)

Which of the following options accurately describes the purpose of the OSI model?

To provide a list of functions and services that can occur at each layer of network communication. (A)

What is the term for the data unit at the transport layer when TCP is used?

Segment (A)

What is the correct order of Encapsulation?

Data, Segment, Packet, Frame, Bits (D)

If a Transport header is TCP, what is produced through encapsulation?

Segment (B)

What is the general term for the PDU at the Application Layer?

Data (A)

Which of the listed items in the OSI model defines services to segment, transfer, and reassemble to data for individual communication between end devices?

Transport (C)

According to what you have learned, what is the purpose for segmenting messages?

To speed up data transmission (B)

When referring to three addresses for client-server communications, which of the following is correct?

OSI Transport, Network, and Data Link layers implement addressing in some form (A)

According to what you have learned, which of the protocols listed falls under the Data Link Protocols?

Wireless Local Area Network (WLAN) (C)

Which OSI model layer provides a representation of data transferred between application layer services?

Presentation Layer (A)

Within the internet layer in the TCP/IP model, which of the protocols listed does NOT belong?

Simple Mail Transfer Protocol (SMTP) (C)

Why is segmentation an important process for data encapsulation?

Segmentation avoids tying up a data communications link. (B)

What part does the Physical Layer PDU play in the encapsulation process?

The Physical layer PDU is used when physically transmitting data over the medium. (B)

What is the name of the process where a receiving device removes one or more of the protocol headers?

De-encapsulation (D)

Flashcards

Network Sizes

Small networks consisting of two computers to networks connecting millions of devices.

Peer-to-peer network

A network where computers can function as both servers and clients.

SOHO Network

This network allows a home office or remote office to connect to a corporate network, or access centralized, shared resources.

Medium to Large networks

These are used by corporations and schools and can have many locations with hundreds or thousands of interconnected hosts.

World Wide Networks

The internet, a network that connects hundreds of millions of computers world-wide

Hosts

All computers connected to a network that participate directly in network communication. Also called end devices, endpoints or nodes.

Servers

Computers providing information with specialized software

Network Protocols

The rules that govern communication between devices on a network.

Message Structure

Specifies how the message is formatted or structured.

Path Sharing

How networking devices share info about pathways with other networks.

Information Sharing

How/when messages are passed between devices.

Session Management

Manages the setup and termination of data transfer sessions.

TCP/IP

The protocol suite used by the internet and networks today.

DNS

Translates domain names into IP addresses.

DHCPv4

Dynamically assigns IPv4 addressing information to clients at start-up.

SMTP

Enables message clients to send email to a mail server and enables servers to send email to other servers.

POP3

Enables clients to retrieve email from a mail server and download the email to the client's local mail application

FTP

Enables a user on one host to access and transfer files to and from another host over a network.

HTTP

protocol for exchanging text, graphic images, sound, video, and other multimedia files on the World Wide Web.

TCP

Enables reliable communication between processes on separate hosts.

UDP

Enables a process on one host to send packets to a process on another host.

IPv4

Packages messages into packets, and addresses packets for end-to-end delivery.

ICMPv4

Provides feedback from a destination host to a source host about errors in packet delivery.

ARP

Provides dynamic address mapping between an IPv4 address and a hardware address.

Unicast

A one-to-one delivery option where there is only one destination

Multicast

Delivery where a host sends messages using a one-to-many delivery option

Broadcast

A one-to-all message Delivery Option, if all networks need to see a message at the same time.

Segmentation

Breaks data into smaller units for transmission over the network.

What is a PDU

Protocol data unit

De-encapsulation

Is the process used by a receiving device to remove one or more of the protocol headers

What is Data

Data - The general term for the PDU used at the application layer

Segments

Segment - Transport layer PDU

Data Link Address

Specifies the devices on the local LAN that should handle data frames

Study Notes

Network Protocols

• Protocols allow network operations

Module Objectives

• Network Communications Process explains data networked communications
• Communications Protocols explains how these protocols enable network operations
• Data Encapsulation explains how data encapsulation allows data to be transported across networks

Network Communications Process

Networks of Many Sizes

• Networks range in size
• Some networks consist of 2 computers
• Others connect millions of devices
• Networks provide consolidation, storage, and access to information on network servers
• Networks also provide email, instant messaging, and collaboration among employees
• Many organizations use their network’s connection to the internet to provide products and services to customers
• In smaller settings, peer-to-peer networks mean computers function as both the servers and clients

Network Types (contd.)

• Small home networks connect a few computers to each other and the internet
• Small Office and Home Office (SOHO) networks allow a home or remote office to connect to a corporate network, or access centralized, shared resources
• Medium to Large networks are used by corporations and schools
• These large networks have many locations with hundreds or thousands of interconnected hosts
• World Wide networks, such as the internet, connect hundreds of millions of computers

Client-Server Communications

• Hosts are all computers directly connected to a network and participate in network communication
• Hosts are also called end devices, endpoints, or nodes
• Servers have specialized software and enable other end devices to get information across the network
• Servers can be single-purpose, such as web pages, or it can be multipurpose such as email, and file transfers
• Client computers have software that enables them to request and see the info from the server
• A single computer can run multiple types of client software

Client-Server Examples

• File Servers store corporate and user files in a central location
• Client devices access these files via client software, such as Windows Explorer
• Web Servers run web server software
• Clients use their browser software, such as Windows Internet Explorer, to access web pages
• Email Servers run email server software, such as Microsoft Outlook, so clients can access email

Typical Sessions for Network Use

• A typical network user uses a computing device to establish many connections with network servers that can be located anywhere

Network Use at School Example

• Students can use devices such as laptops and tablets to access learning resources
• Terry connects to the school’s wi-fi network and searches for the required resources with a search engine
• The search is submitted wirelessly from Terry's device to the school’s network
• All search data is addressed so that it can find its way back to Terry
• The binary data search string is encoded into radio waves and converted into electrical signals
• These signals go through the school’s wired network to reach the school’s Internet Service Provider’s (ISP) network
• Technologies take Terry’s search to the website, where it is processed by the Search Engine’s servers
• The website results are encoded and addressed to her school and eventually to Terry’s device

Network Use While Gaming Example

• Michelle uses a gaming console to play games against other players
• Michelle's network connects to an ISP using a router and a cable modem
• The router and cable modem allows her home network to connect to a cable TV network belonging to her ISP
• Cable wires connect Michelle’s neighborhood to a central point on a telephone pole and then to a fiber-optic network
• The fiber-optic network connects many neighborhoods served by Michelle’s ISP
• When Michelle connects her gaming console to a company that hosts a popular online game, her in-game actions become data that is sent to the gamer network
• Other data identifies Michelle, including the game, and her network location
• This collective data is sent at high speed to the game provider’s network
• The results are returned to Michelle in the form of graphics and sounds

Network Use in Medical Consultations Example

• Dr. Ismael Awad frequently needs to consult with other specialists on patient cases
• His hospital subscribes to a Cloud service that allows medical data, including patient x-rays, to be stored in a central location that accessible via the internet
• When a patient has an X-ray taken, the image is digitized as data
• A hospital uses network services which encrypts the image data and patient information
• This encrypted data cannot be intercepted and read as it travels across the internet to the cloud service provider's data centers
• The data is addressed so that it can be routed to the cloud provider’s data center to reach the correct services that provide storage and retrieval of high-resolution digital images
• All of this interaction is digital via networked services provided by the medical cloud service

Tracing the Path of a Network

• Cybersecurity analysts deeply understand how networks operate
• They determine the origin of traffic and its destination
• Traffic from a computer to an internet server takes many paths

Network Connections

• Copper and fiber-optic cables carry data traffic over land and under the ocean
• These connections link telecommunications facilities and ISPs throughout the world
• Global Tier 1 and Tier 2 ISPs connect portions of the internet together, usually through an Internet Exchange Point (IXP)
• Larger networks connect to Tier 2 networks through a Point of Presence (PoP)
• PoPs are usually located in a building where physical connections to the ISP are made
• Tier 3 ISPs connect homes and businesses to the internet

Route Tracing Utilities

• Route tracing utilities examine the internet pathway to destination networks
• The objectives are to verify connectivity to a website, use the traceroute utility on the Linux command line and use a web-based traceroute tool

Communications Protocols

What are Protocols?

• Protocols are the rules of how a device communicates
• Protocols must be specific to the communication method being used
• Network protocols specify many features of network communication

Network Protocols

• Network protocols give computers the means for network communication
• These protocols dictate the message encoding, formatting, encapsulation, size, timing, and delivery options
• Networking protocols define a format and rules for exchanging messages between devices
• Some common networking protocols are Hypertext Transfer Protocol (HTTP), Transmission Control Protocol (TCP), and Internet Protocol (IP)
• IP refers to both the IPv4 and IPv6 protocols
• IPv6 is the most recent version of IP and will eventually replace the more common IPv4

Network Protocol Structure

• Message Structure specifies how the message is formatted or structured
• Path Sharing specifies the process by which networking devices share information about pathways with other networks
• Information Sharing specifies how and when error and system messages are passed between devices
• Session Management manages the setup and termination of data transfer sessions

TCP/IP Protocol Suite

• TCP/IP is the protocol suite used by the internet and today’s networks
• This open standard protocol suite is freely available to the public
• Any vendor can use the TCP/IP protocol suite in their hardware or software
• It is a standards-based protocol suite endorsed by the networking industry and approved by standards organizations

Application Layer

• The Domain Name System (DNS) translates domain names into IP addresses
• DHCPv4 dynamically assigns IPv4 addressing information to DHCPv4 clients at start-up
• DHCPv4 allows the addresses to be re-used when no longer needed
• DHCPv6 dynamically assigns IPv6 addressing information to DHCPv6 clients at start-up
• SLAAC lets a device obtain its IPv6 addressing information without using a DHCPv6 server

TCP/IP Email Protocols

• Simple Mail Transfer Protocol (SMTP) enables clients to send email to a mail server so the server can send email to other servers
• Post Office Protocol version 3 (POP3) enables clients to retrieve email from a mail server and download the email to the client's local mail application
• Internet Message Access Protocol (IMAP) enables clients to access email stored on a mail server and also to maintain email on the server

TCP/IP File Transfer Protocols

• File Transfer Protocol (FTP) sets the rules that enable a user on one host to access and transfer files to and from another host over a network
• SSH File Transfer Protocol (SFTP) establishes a secure file transfer session with file transfer encryption
• Trivial File Transfer Protocol (TFTP) has a simple, connectionless protocol with best-effort, unrecognized file delivery

TCP/IP Web and Web Services Protocols

• Hypertext Transfer Protocol (HTTP) defines rules for exchanging text, graphic images, sound, video, and other multimedia files on the World Wide Web
• Hypertext Transfer Protocol Secure (HTTPS) is a secure form of HTTP that encrypts the data exchanged over the World Wide Web
• REST (Representational State Transfer) offers web services that use application programming interfaces (APIs) and HTTP requests to create web applications

Transport Layer Protocols

• Transmission Control Protocol (TCP) enables reliable communication between processes running on separate hosts and provides reliable transmissions confirming successful delivery
• User Datagram Protocol (UDP) enables a process running on one host to send packets to a process running on another host

Internet Layer Protocols

• Internet Protocol version 4 (IPv4) receives message segments from the transport layer, packages messages into packets, and addresses packets for end-to-end delivery via a 32-bit address
• Internet Protocol version 6 (IPv6) functions like IPv4 but uses a 128-bit address
• Network Address Translation (NAT) translates IPv4 addresses from a private network into globally unique public IPv4 addresses

Protocol Messaging Info

• Internet Control Message Protocol for IPv4 (ICMPv4) gives feedback from a destination host to a source host about errors in packet delivery
• Internet Control Message Protocol for IPv6 (ICMPv6) is similar, but used for IPv6 packets
• ICMPv6 Neighbor Discovery (ICMPv6 ND) includes four protocol messages to resolve addresses and detect duplicate addresses

Protocol Routing Info

• Open Shortest Path First (OSPF) is a link-state routing protocol which uses a hierarchical design based on areas, and it is an open standard interior routing protocol
• Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco proprietary routing protocol which uses a composite metric based on bandwidth, delay, load, and reliability
• Border Gateway Protocol (BGP) describes a standard exterior gateway routing protocol used between Internet Service Providers (ISPs)

Network Access Layer Protocols

• Address Resolution Protocol (ARP) provides dynamic address mapping between an IPv4 address and a hardware address
• Ethernet defines standards for wiring/signaling within a network access layer
• Wireless Local Area Network (WLAN) defines rules for wireless signaling across the 2.4 GHz and 5 GHz radio frequencies

Message Formatting and Encapsulation

• A message sent from source to destination must use a specific format or structure, based on the message type and channel used

Message Analogy

• Sending a letter requires correct formatting
• An envelope contains the sender and receiver addresses at the proper location
• Encapsulation puts one message format (the letter) inside another message format (the envelope)
• De-encapsulation occurs when the recipient reverses the process and removes the letter from the envelope

Network Message Formatting

• Instead of a letter, a message going over a computer network needs to follow specific format rules to be delivered and processed
• The Internet Protocol (IP) has a similar function to the envelope where it sends a message from source to destination

Message Size

• Another communication rule is message size

Message Size Analogy

• People usually break the messages into parts or sentences
• The limited sentences allow the receiving person to process at one time
• It makes it easier for the receiver to read and comprehend

Network Message Size

• Encoding between hosts require an appropriate medium format
• Messages are converted into bits by the sending host
• Each bit is encoded into a pattern of sounds, light waves, or electrical impulses depending on the network media
• The destination host receives and decodes the signals to interpret the message

Message Timing

• Message timing includes flow control, response timeout, and access method

Flow Control, Response Timeout and Access Method

• Flow Control defines how much information can be sent and the speed at which it can be delivered
• Response Timeout describes how network hosts wait for responses and what action to take if the response times out
• Access Method occurs when a device sends a message
• For a wireless LAN, the WLAN NIC has to determine whether the wireless medium is available

Communication Delivery Options

• Messages have delivery options on a network, these include unicast, multicast, and broadcast

Unicast, Multicast and Broadcast

• A Unicast is a one-to-one delivery option
• A Multicast is required when a host sends messages using a one-to-many delivery option
• Broadcasting happens when all hosts need to receive the message
• Broadcasting represents a one-to-all message delivery option

Using a Layered Model

• A layered model modularizes a network into manageable layers
• In protocol design, it assists protocol design, fosters competition, prevents technology/capability changes, and provides a common language
• The network uses Open Systems Interconnection (OSI) Reference and TCP/IP Reference models

The OSI Reference Model

• The OSI reference model provides a list of functions and services that can occur at each layer
• This model provides consistency in network protocols and services by describing the work at a layer, but not how it should be accomplished
• OSI also describes the interaction of each layer
• Also, the 7 OSI layers are referred to more often by number rather than by name

OSI Model Layers

• Layer 7, Application, contains protocols for process-to-process communications
• Layer 6, Presentation, provides representation of data transferred between application layer services
• Layer 5, Session, provides services to the presentation layer to organize communication and manage data exchange
• Layer 4, Transport, defines services to segment, transfer, and reassemble individual data communications between devices
• Layer 3, Network, provides transmission of individual pieces of data over the network
• Layer 2, Data Link, describes transfer methods for exchanging data frames between devices over a common medium
• Layer 1, Physical, describes the mechanical, electrical, functional, and procedural means to activate, maintain, and de-activate physical connections for bit transmission between devices

The TCP/IP Protocol Model

• The TCP/IP protocol model is also referred to as the internet model
• It describes the functions that occur at each layer of protocols in the TCP/IP suite and also acts as a reference model

TCP/IP Layers

• 4 - Application represents data to the user, plus encoding and dialog control
• 3 - Transport supports communication between devices across diverse networks
• 2 - Internet determines the best path through the network
• 1 - Network Access controls the hardware devices and media that make up the network

Data Encapsulation

• Data encapsulation is covered

Segmenting Messages

• If large streams of data are sent across a network, delays would occur
• If any link in the network failed during transmission, the complete message may be lost
• Segmentation divides a stream of data into smaller units for network transmissions
• Segmentation is necessary for networks using TCP/IP protocol to send data in individual IP packets
• Segments for the same destination are sent in separate packets over different paths

Segmenting Messages (cont.)

• Multiplexing increases speed through allowing a greater amount of data being sent over the network while not tying up a communications link
• Increased efficiency happens when segments that fail to reach its destination, instead only that segment is transmitted again

Sequencing

• When transmitting messages using segmentation and multiplexing, the data may reach the destination in an incorrect order
• Segments of messages have a sequencing process to ensure it gets to the correct destination and can be reassembled like the original message
• TCP helps to sequence the individual segments

Protocol Data Units

• The encapsulation process adds protocol information for sending application data passed down the protocol stack on the network
• Protocol Data Units (PDUs) are the form that a piece of data takes at any layer
• During encapsulation, each layer encapsulates the PDU it receives from the layer above
• Each stage of the process has different PDU names that reflect its new functions
• UDP PDU is called a datagram
• IP packets are sometimes also considered IP datagrams

Types of PDUs

• Data refers to the term for the PDU used at the application layer
• Segment refers to the transport layer PDU
• Packet refers to network layer PDU
• Frame refers to the Data Link layer PDU
• Bits refers to the physical layer PDU used when transmitting data over the medium

TCP, UDP and Segments

• If the transport header is TCP, then it is a segment
• If the transport header is UDP, then it is a datagram

Network Addresses

• Network protocols require addresses
• The OSI transport, network and data link layers use addressing
• The transport layer uses protocol addresses that use port numbers to identify network applications
• The network layer uses addresses that identify the networks for clients and servers
• The data link layer specifies devices on the local LAN that should handle data frames
• All three addresses are required for client-server communication

Encapsulation Example

• Messages being sent on a network will have the encapsulation process working from top to bottom
• Info from each upper layer is considered data within the encapsulated protocol
• A TCP segment will be considered data within the IP packet

De-encapsulation

• The reverse of the encapsulation happens at the receiving host
• This is called de-encapsulation
• In it, a receiving host removes protocol headers
• Then the data is de-encapsulated as it moves through the stack toward the end-user

Introduction to Wireshark

• Wireshark is a software protocol analyzer used for network troubleshooting, analysis, and protocol development/education
• You can use Wireshark to capture and analyze network traffic

Network Protocols Summary

• What was learned in this module

Module 5 Learning Outcomes

• Networks come in all sizes for homes, businesses, and other organizations, such as the internet
• Servers are hosts which use specialized software that handle data requests from clients
• Clients are hosts that use web browsers, email, or file transfers to request data from servers
• Larger businesses may connect to Tier 2 ISPs through a Point of Presence (POP)
• Tier 3 ISPs connect homes and businesses to the internet
• Network protocols specify network communication features such as message encoding, message formatting/encapsulation, and delivery options

More Module 5 Learning Outcomes

• Protocols describe messages that are structured, and the way networking devices share information about pathways to other networks
• Common protocols at the application layer of the suite are DNS, DHCP, POP3, and HTTPS
• OSI includes seven layers, while TCP/IP includes four layers
• Segmentation describes data being broken up into smaller pieces
• Multiplexing describes how increased speed is gained thanks to the many data conversations happen at the same time on the network
• Encapsulation occurs because data is passed down the protocol stack
• Protocol Data Unit (PDU) is the form that data takes at each layer
• De-encapsulation the is process where a receiving device removes one or more of the protocol headers