OSI Model: Layers and Protocols

Questions and Answers

Which organization created and ratified the OSI model?

• ISO (International Organization for Standardization) (correct)
• ANSI (American National Standards Institute)
• IEEE (Institute of Electrical and Electronics Engineers)
• IETF (Internet Engineering Task Force)

The OSI model primarily categorizes TCP/IP transactions for network installation, configuration, maintenance, and troubleshooting.

True (A)

At which layer of the OSI model do cables, hubs, and patch panels operate?

Physical Layer

The unit of measurement used at the Data Link layer is ______.

frames

Match the OSI layer with the corresponding data unit:

Physical Layer = Bits Data Link Layer = Frames Network Layer = Packets Transport Layer = Segments/Messages

Which OSI layer is responsible for routing and switching information between different networks?

Network Layer (B)

The Transport layer ensures error-free transmission between hosts using physical addresses.

False (B)

Which layer of the OSI model manages the establishment, termination, and synchronization of sessions?

Session Layer

The OSI layer that translates data formats between sender and receiver is the ______ Layer.

Presentation

Which of the following protocols operates at the Application layer of the OSI model?

SMTP (C)

End-user protocols like FTP and Telnet work at the Network Layer of the OSI model.

False (B)

According to the content, which layers comprise the communications subnetwork in the OSI model?

Layers 1 through 3

The 'speed' or data transfer rate of a computer's internet connection is primarily associated with the ______ layer of the OSI model.

Physical

Increasing the number of times you test your internet speed will not give you a more reliable number for your data transfer rate.

False (B)

What command would you execute on a Windows command prompt to display the MAC addresses of other hosts your computer has recently connected to?

arp -a (D)

What type of address is the MAC address considered, and what device is it burned into?

Physical Address, ROM of the NIC

The Layer 2 switch uses the ______ address of each host computer's network adapter when deciding where to direct the frames of data.

MAC

Layer 2 switches typically modify frames as they pass through the switch from one computer to another.

False (B)

What security concern can compromise Layer 2 switches, causing them to broadcast data on all ports?

MAC flood attack (B)

What command is used to display your IP address in the command prompt?

ipconfig

According to the text the IP packet is ______ into the Ethernet frame.

encapsulated

Which of the following is a key difference between a Layer 2 and a Layer 3 switch?

Layer 2 switches use MAC addresses, while Layer 3 switches use IP addresses. (A)

Layer 3 switches are managed utilizing the Simple Network Management Protocol (SNMP).

True (A)

What protocol prevents bridge loops when connecting multiple switches?

Spanning Tree Protocol (STP)

______ is a method used in cases where critical hardware components fail and another system is available to take over.

Hardware redundancy

What is the primary function of a virtual switch (vSwitch)?

To allow communication between virtual machines. (B)

A virtual switch is hardware and can connect to a server's network interface card (NIC).

False (B)

Name the four upper layers of the OSI model?

Transport, Session, Presentation, Application

The upper OSI layers deal with protocols such as HTTP, FTP, e-mail protocols, and perform compression, ______ and session creation.

encryption

Which of the following protocols operates at the transport layer?

TCP (C)

In connection-oriented communications (CO mode), no end-to-end connection is necessary before data is sent.

False (B)

How many ports are there altogether listed in the text and how are they numbered?

65,536, Between 0 and 65,535

Port numbers correspond to specific applications and according to the text port ______ is used by web browsers via the HTTP protocol.

80

What command is used to display a list of all the connections to and from your computer in numeric format?

netstat -a (A)

After a certain time period of no activity, web sessions do not change their state.

False (B)

The Application layer is the applictions themselves (Internet Explorer or Outlook).

False (B)

Match the command prompt entry with the meaning

netstat = shows basic connections netstat -a = shows in-depth TCP and UDP connections netstat -an = shows TCP and UDP connections numerically

Every device that makes a physical connection to the network is on the ______ layer.

Data Link

Which of the following would be something found on the Physical layer?

Cables (C)

What two addresses does a typical computer have?

MAC and IP

When you think ports, you should think Transport Layer.

True (A)

Flashcards

OSI Model

A reference model defining data communication on computer networks, divided into layers providing services to those above and below.

OSI Model Layers

A set of seven layers categorizing protocols like TCP/IP, crucial for installing, configuring, maintaining, and troubleshooting networks.

Physical Layer (Layer 1)

The physical and electrical medium for data transfer, including cables, hubs, and topologies, measured in bits.

Data Link Layer (Layer 2)

Establishes, maintains, and decides how transfer is accomplished over the Physical layer under LAN transmissions, measured in frames.

Network Layer (Layer 3)

Dedicated to routing and switching information between networks, using logical addressing (IP addresses), measured in packets.

Transport Layer (Layer 4)

Ensures error-free transmission between hosts via logical addressing, managing message transmission, and controlling ports, measured in segments or messages.

Session Layer (Layer 5)

Governs the establishment, termination, and synchronization of sessions within the OS over the network, like logging on and off.

Presentation Layer (Layer 6)

Translates data format from sender to receiver, including code conversion, data compression, and file encryption.

Application Layer (Layer 7)

Where message creation begins, using protocols like HTTP, FTP, and SMTP but isn't the app itself.

Communications Subnetwork

Core of OSI model transmissions, comprising Layers 1 through 3.

MAC Address

An address burned into the ROM of the network interface card (NIC).

Layer 2 Switch

The most common type of switch used on a LAN; uses MAC addresses to direct frames of data.

MAC or CAM table

Memory in switches that stores the MAC address to port translation table.

MAC Flood Attack

A type of attack sending numerous packets to the switch, each with a different source MAC address, to fill up memory space.

Fail Open Mode

A state where aswitch broadcasts data on all ports due to a MAC flood attack.

Layer 3 Switch

Determines paths for data using logical addressing (IP addresses).

Uplink Ports

Ports used to connect different ethernet devices to connect to each other.

Fixed Configuration Switches

Switches are low end switches with a set number of ports.

Modular switch

Switches are switched inside the chassis that help manage network traffic

Stackable Switches

Switches can be connected together using a special back cable.

Unmanaged Switches

Switches are the least expensive and mostly used in small home environment.

Smart Switches

Switches include a command line interface or web interface to configure the switch.

Spanning Tree Protocol (STP)

Prevents bridge loops when connecting multiple switches, useful if a loop is created and the switches do not use STP.

Hardware redundancy

Redundancy critical hardware components fail and another system is available to take over.

Virtual Redundancy

An additional server is added.

Virtual switch (vSwitch)

A software application that allows communication between virtual machines.

Upper OSI Layers

Transport, Session, Presentation, and Application layers.

Connection-oriented communications

Requires that both devices or computers establish an end-to-end logical connection before data can be sent between the two.

connectionless communications

no end-to-end connection is necessary before data is sent.

Well Known Ports

This range defines commonly used protocols; for example, FTP utilizes port 21 to accept client connections.

Registered Ports

These ports are used by vendors for proprietary applications. These must be registered with IANA.

Ports, Dynamic and Private

These ports can be used by applications, but cannot be registered by vendors.

Ports: inbound

These are used when another computer wants to connect to a service or application running on your computer.

Ports: Outbound

These are used when your computer wants to connect to a service or application running on another computer.

Study Notes

Understanding OSI Basics

• The Open Systems Interconnection (OSI) model serves as a reference for data communication processes on computer networks
• It uses layers to provide services
• The layers are associated with protocols and devices
• The International Organization for Standardization (ISO) created and ratified the OSI model
• The American National Standards Institute (ANSI) represents it in the United States

Defining the OSI Model Layers

• The OSI model has seven layers, each containing different protocols from protocol suites like TCP/IP
• It categorizes TCP/IP processes and is useful for installing, configuring, maintaining, and troubleshooting networks
• TCP/IP is a protocol suite or stack
• A protocol stack operates on different transmission levels

Layer 1: Physical Layer

• It is the physical and electrical medium for data transfer
• Components include cables, jacks, patch panels, punch blocks, hubs, and multi station access units (MAUs)
• The physical plant is another name for it
• Topologies, analog vs. digital encoding, bit synchronization, baseband vs. broadband, multiplexing, and serial (5-volt logic) data transfer are related concepts
• It is the easiest layer to understand as it involves tangible components
• The unit of measurement to use on this layer is bits

Layer 2: Data Link Layer

• Defines how transfer occurs over the Physical layer
• Network interface cards and bridges are devices on this layer
• It ensures error-free transmission over the Physical layer for LAN transmissions using physical (hexadecimal) or MAC addresses from the NIC's ROM
• MAC address is a device's address burned into the ROM of the NIC
• Any device that physically connects to and moves data on the network is on the Data Link layer
• The unit of measurement is frames

Layer 3: Network Layer

• Dedicated to routing and switching information between networks, LANs, or internetworks
• It exists on LANs or WANs
• Routers and IP switches are devices on this layer
• Logical addressing of hosts occurs at this layer, unlike the physical addressing of previous layers
• The addressing system is stored in the OS, like an IP address
• Computers have a physical (MAC) and a logical (IP) address
• The unit of measurement is packets

Layer 4: Transport Layer

• Ensures error-free transmission between hosts using logical addressing
• Message transmission is managed through Layers 1-3
• Protocols break up messages, send them through the subnet, and ensure reassembly to prevent duplicates or lost messages
• Connection-oriented and connectionless systems are present
• It controls inbound and outbound ports
• Ports are handled by the Transport layer
• Segments or messages are the unit of measurement
• Data and messages are terms to describe this layer

Layer 5: Session Layer

• Governs the establishment, termination, and synchronization of sessions within the OS over the network and between hosts, such as when logging on and off
• The name and address database for the OS or NOS is controlled by it
• NetBIOS (Network Basic Input/Output System) operates on this layer

Layer 6: Presentation Layer

• Translate data format between sender and receiver in various operating systems
• Code conversion, data compression, and file encryption are concepts include in this layer
• Redirectors such as mapped network drives are on this layer

Layer 7: Application Layer

• Location for message and packet creation to begin
• Database access is on this level
• Protocols like FTP, SMTP, Telnet, and RAS operate on this layer
• Protocols that applications initiate, such as HTTP or POP3 exist here
• It is not the application itself, but the protocols initiated

Defining the Communications Subnetwork

• The communications subnetwork comprises Layers 1-3 and is the core of OSI model transmissions
• It is employed regardless of the data transmission type
• The Physical layer deals with tangible elements and transmits bits of information
• A data transfer rate is measured, testing a computer's internet connection speed

Layer 2 Switching

• Layer 2 switches are common in LANs
• Layer 2 switches are hardware-based
• Use the MAC address of each host computer’s network adapter to direct data frames
• Each port on the switch maps to the specific MAC address of the connected computer
• Layer 2 switches generally do not modify frames
• Each port is its own segment, providing usable bandwidth equivalent to the switch's rating

Layer 2 Switching and Security

• MAC address storage happens in memory assigned to a port translation table, MAC table, or Content Addressable Memory table (CAM table)
• A MAC flood attack can compromise this table by sending many packets with differing source MAC addresses to fill the switch memory
• The switch enters fail open mode and broadcasts data on all ports like a hub
• Network bandwidth decreases dramatically
• A protocol analyzer in promiscuous mode can capture data from any computer

Layer 3 Switching

• Layer 3 switches differ from Layer 2 switches by determining data paths using logical (IP) addresses instead of physical (MAC) addresses
• Layer 3 switches forward packets and Layer 2 switches forward frames
• Layer 3 switches are often manageable via SNMP
• They allow network engineers to analyze all packets passing through the switch
• Layer 2 switch is an advanced bridge and Layer 3 switch is a router
• Layer 3 switches connect multiple IP networks

Characteristics of Switches

• Number and types of ports and their transmission speed
• Number and speed of uplink ports
• Expandability capabilities
• Managed or unmanaged
• VLAN capabilities
• Hardware redundancy
• Security options
• Routing/Layer 3 capabilities

More Characteristics of Switches

• Larger networks use larger switches to connect more devices
• Switches process packets to determine the destination port
• Faster backplane and processing are required with more devices
• Backplane bandwidth measures the internal architecture's bandwidth, depending on the switch type

Uplink Ports

• Connect different Ethernet devices, like connecting a small to a larger switch, or a switch to a router
• Special port reversing transmit and receive circuits

Switch Configurations

• Fixed: Low-end with a set amount of ports
• Modular: Chassis that can slide in modular line cards
• Stackable: Connect together using a back cable for high bandwidth

Managed and Unmanaged Switches

• Unmanaged switches: Inexpensive for homes and SOHO environments and only require AC power and network devices
• Managed switches: Include a command-line or web interface; more advanced features like Spanning Tree Protocol, port mirroring, setting port bandwidth, and creating and modifying virtual LANs

Spanning Tree Protocol (STP)

• Network protocol that prevents bridge loops
• Looping traffic can take down a local area network
• Enables redundant links between switches

Hardware Redundancy

• A method for cases where critical hardware components need a backup
• The network continues to function if one component fails
• Achieved is reached by using multiple copies of a hardware component
• Disadvantages include increased size, power consumption, and cost

Virtual Switch

• Software to communicate between virtual machines
• Directs network communication by checking the data packets before sending them
• Reduces network configuration complexity by reducing physical switches
• May be embedded in installed software or a server's hardware as firmware
• Completely virtual and connects to a network interface card (NIC)
• Merges physical switches into a single logical switch

Advantages of a Virtual Switch

• Eases deployment and migration of virtual servers
• Allows network administrators to manage virtual switches deployed by using a hypervisor
• Computer software that creates and runs virtual machines is known as a hypervisor or virtual machine monitor (VMM)
• Easier to set up a virtual switch compared to a physical switch

Defining the Upper OSI Layers (4-7)

• Transport, Session, Presentation, and Application layers
• Handles protocols like HTTP, FTP, and mail protocols
• Compression, encryption, and session creation are performed by these layers

Ways To Define The Upper OSI Layers (4-7)

• Define Transport layer via connections in Command Prompt and port descriptions
• Define Session layer by logging into websites/servers, Microsoft networks, and email programs
• Define Presentation layer via encryption in Windows and websites
• Define Application layer by capturing and analyzing web server packets

Defining the Transport Layer

• Layer 4 manages message transmission through the communications subnetwork
• Provides connection-oriented data stream support, reliability, flow control, and multiplexing
• TCP (Transmission Control Protocol) is a connection-oriented protocol
• UDP (User Datagram Protocol) is connectionless
• A web browser uses TCP and streaming media uses UDP
• TCP ensures data arrives at its destination without losing packets

Connection-Oriented (CO) Communications

• Requires devices to establish an end-to-end logical connection before sending data
• Considered reliable network services, also known as CO mode
• Re-sends individual packets not delivered by resending the packet

Connectionless (CL) Communications

• No end-to-end is made before data transfer
• Every packet includes the destination address located in its header
• Sufficient to move independent packets, for example, streaming media
• Lost packets not resent because the sending computer doesn’t know which connection to use

Ports

• Layer 4 manages the ports that transfer Data
• Logical communication endpoints for computers
• There are 65,536 ports, numbered 0-65,535
• Defined by IANA (Internet Assigned Numbers Authority)

IANA Categories

• Well-Known Ports (0-1023): Commonly used protocols, for example, FTP uses port 21 for client connections
• Registered Ports (1024-49,151): Used by vendors for proprietary applications and required registration with IANA, for example, Microsoft registered port 3389 used with Remote Desktop Protocol
• Dynamic and Private Ports (49,152-65,535): used by applications, and vendors cannot registered them

Inbound Ports

• For computers connecting to a service or application running on another computer
• Servers primarily use to accept incoming connections and serve data
• IP addresses and port numbers combine, for example, a server's IP/port 66.249.91.104:80 uses port 80 to accept incoming web page requests

Outbound Ports

• Used by your computer to connect to a service/application on another computer
• Client computers primarily use these
• Dynamically assigned by the operating system

Defining the Session Layer

• The Session layer is involved every time you connect to a website, mail server, or other computer
• The same is involved when logging on or off
• Make several connections to other computers; for example:
  • www.microsoft.com
  • A mail account with MSN, Gmail, Yahoo!, or others
  • A network share (if available)
  • An FTP server (if available)
• Go back to the Command Prompt window and execute netstat –a
• Analyze the various sessions that were created
• Compare the results of both commands
• Check one Command Prompt windows and the other windows’ IP addresses

Logging On And Log Off Processes

• Log off/log on your Microsoft network
• Log on to a website like Amazon
• It starts with the Session Layer
• The Session layer terminates sessions
• Notice that web sessions change from Established to either Time wait, or closed
• Finally, log off the computer and log back on

Defining Layers Of The Presentation Layer

• The Presentation layer modifies data, including code conversion, encryption, or compression
• Occurs when connecting to a mapped network drive
• Showing how information is modified before being sent across the network

1. Access File Explorer on a Windows client computer
2. Create a simple text file
3. Right-click the text file and choose Properties
4. Click the Advanced button
5. Select the “Encrypt contents to secure data” check box
6. Click OK (The file will display in blue), and from now on, if the file is sent across the network, the Presentation layer comes into effect due to the encryption,

The Application Layer

• Protocols like HTTP, FTP, and POP3 reside in the Layer 7
• The Application is not the applications themselves (Internet Explorer or Outlook)
• Applications initiate network services and protocols, such as HTTP or POP3
• When you open Internet Explorer, you open a new application
• The HTTP protocol is started by filling in http://www.microsoft.com and the OSI model is started