RCR 068: Understanding OSI Model vs TCP/IP Model - CISSP Training and Study!
Feb 03, 2020
Description:
Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career. Shon utilizes his expansive knowledge while providing superior training from his years of training people in cybersecurity.
In this episode, Shon will talk about the following items that are included within Domain 4 (Communication and Network Security) of the CISSP Exam:
BTW - Get access to all my CISSP Training Courses here at: https://shongerber.com/
Want to find Shon Gerber elsewhere on the internet?
LinkedIn – www.linkedin.com/in/shongerber
Facebook - https://www.facebook.com/CyberRiskReduced/
LINKS:
- ISC2 Training Study Guide
TRANSCRIPT:
what color do Service Podcast 68 OSI model VS the T VIP model welcome to reduce cyber risk podcast where we provide you the training and tools you need to pass the cissp exam while enhancing your cybersecurity career hi my name is Sean Gerber and I'm your host for this action-packed informative podcast join me each week cuz I provide the information you need to grow your cybersecurity knowledge so that you're better prepared to pass the cissp exam all right multinational I said to her I said there is no way that this was a slow month January Blue by like a blink-of-an-eye is it's just crazy and one of the things I think is interesting is that as we had this coronavirus as rolling and spreading throughout the globe the the taxing us talking to a gentleman the other day that he had said that he was surprised or companies that are realizing how much or how little they had in place when it relates to their remote access and allowing third parties or even though in the case of employees to work from home due to the fact of the coronavirus so it's something as you consider was your working on your cissp and you're coming up with Solutions as you as you move up the chain and become a different roles that you may be looking for in cybersecurity if one of them is an architecture role you will have to come up with different ideas on how to best provide the capability for your business and remote access is one of those especially now it's becoming more and more clear that allowing ended to stay from home especially during these outbreaks if they're potentially could have is really an important aspect so if you haven't done it yet if you're working at a shop that doesn't have this capability would you do that in or even talk to the people that you work for how they work with a remote work from home group of people so we've had some people that are some CEOs don't really like the work-from-home strategy and it may not be the best for every company however in the event of something like this you probably need to have it just in the event that you've got something to fall back on in in case something happens with your course and they can't come into work so tide in cybersecurity as well as just good knowledge to know that it's a good capability today we are going to get into the OSI model and we're going to kind of go against what the TCP IP model are or is our son right there are for a plural yes VIP model they are very valuable in what we do on a daily basis now you probably did hear about the OSI model because you're sitting for your cissp but I had no idea what the OSI model was when I first started into cyber-security I had heard of TCP IP but never really knew understanding about the OSI model so we like to call it that the 7-Layer Burrito is for the OSI model and so my settle a burrito vs. TCP IP it we're going to talk about today so I'm going to pull an article from a company that's on the web called e d u c as in Charlie Bravo alpha.com that's a echo Delta uniform Charlie Bravo alpha.com and this is the OSI model VS their TCP IP model now they talk about their that both of these models are widely used communication Network protocols and I would agree with that use in the fact that OSI is the foundation of what mini kind of stood up as what we should plan for when you're dealing with an actual overall model and when we talk about a model what does that mean it's basic structure of how should things Network Lee communicate and so therefore this model of the OSI model was was out there and green gain traction but there was a eclipse by the TCP IP model now the main differences between the OSI is basically the conceptual model can a back to my first point it is used as a reference model that people use for their they're kind of trying to scale their applications but in reality a most people use a TCP IP I've really never heard of anybody that actually use OSI model as they're building their applications but what do I know there's probably somebody but the typical one that you see out in the world is the TCP IP how to find how data is transferred in a network or indifferent architectures nuts the purpose right so if you can't if you didn't have a model to go buy you would have each person creating their own aspects and so it really really hard for an application who created how they want their communication how they want their piece of application to communicate with other things on the network would be very hard for switches and routers and so forth if they didn't have a model to go by on how which to to send the data packets around so it's important to understand that that's why that they they came up with these industry manufacturers had something to go by now the TCP IP model is widely used for link establishment and network interaction you hear about that all the time I don't think there is anything really else that would be come close to peace TCP IP model that are available you've got your standard UDP and as well but it is an aspect that you need to consider is that it was used specifically for establishment of network interaction don't worry about the OSI model that was kind of an overview of how I was siver's TCP IP so the OSI model is a conceptual what kind of mentioned earlier and it was developed by the International Organization for standardization and it was designed for various communication system to communicate through a standard protocol or framework or just a standard of sometime right and it's broken down into seven various layers hence the 7-Layer Burrito if you're from the United States a company called Taco Bell which provides what is the Mexican type food is what they call it but it is not anywhere close to that I had kind of a story when I used to fly airplanes we buy Fluid that was from Italy and in the United States we have a restaurant called Olive Garden and Olive Garden has got good Italian food for what people who have don't really know what Italian food should we head out of garden let's go to Olive Garden Olive Garden is not the best if you understand and I've ever had really good Italian food so that being said all of that being said was that Taco Bell which is sort of okay fast food Mexican food sort of not really in the United States is a sword that killed the product called the burrito the 7-Layer Burrito and hence the fact is that the OSI model is the seven-layer burrito start the application layer is the first layer of this burrito and it is the top layer and it's designed to integrate with applications now something to note though is that software applications are not components of the application layer there it's the got the same title in the name however that is not part of their not from the same layer it's just that that is the the the layer that communicate specifically with the application so it's just it's an area that you will will provide you from the whole stack from the basically going all the way down all the way to top right so and you're starts at the bottom of the physical layer and works its way up and in the application layer it just states that it allows applications to communicate with it the application layer is accountable for protocols and information manipulation of which software use are relying to obtain significant information what does that mean was basically that the protocols that allows us to communicate between the various applications it is responsible for that it provides all the information that comes in and out of their entire stack now the second layer has your head down is the presentation layer now this is designed to prepare information so the application layer can be use it and basically what ends up happening is is the date of goes goes cuz coming up from the bottom of working his way to the top it'll come up through the session layer and session we will have certain aspects around it and so they will come up and present to the presentation layer and this Provera prepares information so that the application layer can actually use the information and provide it to various application software applications that it may be communicating with converted to a syntax which the receiving device application-layer can understand so what's going to happen is that they can use different communicare encryption capabilities what are things to consider that. I wouldn't want to do that you probably want to keep him the same it does add additional overhead by adding in more various levels of encryption if you stick with different strengths of encryption and different encryption methods that can add overhead that will just end up slowing down your your communication so therefore it's important that you try to keep the same the session layer is the layer below the presentation layer this layer is used to open and close Communications between two machines okay so that's the one that will set up a session and when you deal with TCP IP which we'll talk about in a minute that's we get your Acure send yours in a call about all of those communication communicate that start at 1 to beacation to it's one computer and a second communication with another computer that is what happened at the session layer this. Of opening and closing of Correspondence is known as how are you good I'm good how are you that. application piece is done through the session layer transport layer this flow control and air controls responsible for this layer that basically checks for any receiving of any errors ensuring that the completeness of the receive data and request retransmissions if not it basically make sure that the communication doesn't have bugs that there's not running into issues so I know where the things with TCP IP is you'll get dropped packets as you're getting with dropped packets it can cause issues with the special for dealing video it will not be as you get that come out wrong really weird talking if you have connection error is not typically what ends up happening those with when you're streaming videos that you'll see like such as on Netflix and so forth A lot of times they'll use UDP type Communications and is that uses UDP type Communications that would then not Nestle it wouldn't be connection maybe connectionless and it's therefore it's just a barrage of data packets that are coming in and with that being in place you don't run the risk of having these connection errors that it's is designed to lose packets it doesn't want to lose education stream that does come across the wire Network layer of the network layer allows the transfer of information between two distinct Networks information to reach its destination and so that's how about all that much to say other than that allows to hose to communicate with each other through the network the data link layer has electrolytes packets from the layer and breaks them into smaller parts okay so that's where it basically brings it up from the physical layer is breaking these packets from that that layer and it breaks up into smaller parts like the network layer the flow control in air control is interconnected so again there a Spec's around making sure that the deer that goes to and fro is done in a way that allows it to be communicating play Octavia physical devices such as why are switching eggs this is the bottom line we're the ones and zeros or the Matrix that you see on TV the other day the green little Matrix stuff that's floating that's in the physical are you have seven-layer burrito and it starts at the bottom with the physical layer data link layer Network layer transport layer session layer presentation layer and pops out of the top at the application layer of the OSI model now we're going to roll into the TCP IP model now the TCP IP model you have four layers okay so this one here is what it gets cuz they're the robust Network protocol model big words is the fact that it is considered the senior standard most people use it and it is obviously there's a different IP schemes for ipv4 and IPv6 but bottom line is the overall framework of TCP IP is what is primarily used throughout the world is power Lino's establishes the primary model be used for any sort of network communications throughout the globe most people use TCP IP before I don't know of anybody that really uses OSI but it tcpip is a primary one does your deal with the TCP IP model and Intuit in the past we used to deal with IP version 4 and IP version 6 a different IP models that are just the how the data package of set up so you'd get the for octet for the IP version 6 then you have a gazillion for the IP version or NIV version for is the four octave than the IP version 6 and 6X and that but how the difference is in how many IP addresses is staggering or an IP version 6 that is as we go into IP before the they were set up that we were going to run everything that was connected but they've things with internal Networks that there really isn't as big of a deal is a traditionally thought because guess what they can find will to fix the problem and they did but it is still as important to move as ever but he's moving away from IP version 4 they have moving into the IPv6 model and that is just as a little more complexity that we really hadn't anticipated but now in today's world the communication tools are so good that they can give an IPv6 IP address and no time at all it is it's really not much for people to have to mess with so with the TCP IP model we're going to start with the application layer way back down of the OSI in three specific layers Temptation and session layer so to get is they them combined forces having seven layers of the 7-Layer Burrito they have a 4 layer burrito and they combine the layer so instead of that 7-Layer Burrito will you have beans and you have guac and you have all these other areas that basically on top of each other they just mix them all together and they put them into into the paste so it's it's 8 it's not the same as the OSI model probably just totally distracted you all with that comment but that's okay play again though it combines the application presentation and session together the transport layer this allows information to be delivered on an information chart format from the source to the destination host without defects again very similar to the transport layer that we talked about in The OSI model it's getting when you're doing transport and then you'll be talked about transport and data link in the OSI model do are checking but again the transport layer does the same type of concept so that was the same but the application layer special air heater that layer is used to send independent packets to a network does the okay again it's that's kind of what we're getting in to the whole network layer that was it then the OSI model now again all machines web servers knows all attacks be at and that's where they occur over the Internet layer the last layer of the network access layer this is a combination of data link and the physic surround the OSI model that that's the one that's primary the network Apparel Design for the physical transmitted so you guys you see you go from the TCP IP model which is 4 or from the OSI model which is 7 to the TCP IP model which is for so there is some change and it's I like I like less is better just simple fact is if you can keep it simple it's important to do that I like the kiss principle because it's his principal if you're not aware as keep it simple and then you can say stupid you could say smarty you can say Hardy want to say it but bottom line is you want to keep it simple differences between the OSI and the TCP these are some things that they talked about in this article is that the horizontal approach is known for the OSI and the vertical approach is loan for the TCP IP approach that was I will scale sideways versus DC up and down the other side of protocol independent and very generic which we talked about it's it's a generic protocols design as a framework kind of design if you're going to go down something you at least would focus on the OSI model if you're designing something that would need some for a network connectivity but tcpp has a normal laws of support internet development because it's been the standard for so long TCP IP is extremely reliable think about it you just plug something in and that protocol is in place where is the OS I would add a lot of complexity if you wanted to integrate that within your network the different Elsa was the OSI model a presentation session layer is available while the TCP IP model does not have central air because basically it combined them and put them all under the the actual one of the application layer there's no other model is TCP IP why OSI is attempting to match other model designs because it is a reference model that again please give peas a known standard out their protocols can be easily turn into wild original rules are in the TCP IP model new ones can be introduced in the OSI model differences that they have now that one thing that they had also put on the website as well that are some basically OSI vs. TCP IP that would probably be on the cissp test I would expect now they'll probably play some trick mind games with you and call it the open sector interconnection or something like that if they're going to ask you a question it will be something to try to trick up your mind to make sure you understand that it's open systems interconnection and then the TCP IP is obviously transmission control an Internet Protocol question to say what is it they made change they put that in the title or in the question itself which will maybe throw you off if you're not sure if they're trying to mess with your mind on that so that understand what you should really consider what understanding what each of those terms means just because that that's a really good way to trick somebody up is to give you different types of acronym names rather than just going to stay in Iraq renovo SI radical framework the OSI model is vs. TCP he is actually in service time out has 7 PPI PS4 the OSI model is not used much TCP IP is used a lot and so what are some good ones right there the model delivery of the package is a guarantee so that's on the OSI but it's not necessarily always a shirt in TCP IP and that's true you will lose packets in TCP IP but the one thing to keep in mind around that is is that because it is the connections that occur it usually you can get away with loss packets not a lot but you can get away with a few okay that's all I have for this article that came from educba. Com OSI model VS TCP IP model so we're going to roll into my specific training around the OSI model that I have that covers objectives in the TC CSP exam before we do you need to go to Shawn gerber.com and check out my cissp mini course you can sign up for my email list and with that you'll get my cissp mini-course space to a different videos over at that have come specifically out of my training that I provide and that's going to walk you through what you should know for the cissp exam I've also got some free content that will come in up how you should study for the cissp exam and some key tips you need to know as you are getting prepped to take the test they also the best part about it is is that you will be able to see get exam questions it'll come with it I'll have those as well so there's a lot of great stuff you have just by going to sign up at Shawn gerber.com Gerber. Com so let's get into the cissp training that I have around the domain for and this is 4.1 objective Internet Protocol networking of the cissp exam cissp training for Sean gerber.com this is domain for objective 4.1 Internet Protocol networking now we talked about the TCP IP in the OSI model play the considers a TCP IP model was created before the OSI and they do have different layers which we talked about versus the 7-Layer Burrito in the OSI model versus the TCP IP for layer burrito taco does the taco talk about the differences in the house then the TCP IP there's the four as you got your your Link Internet transport application layer and then also in the OSI it basically transport so your link is your physical and data link your internet is your network layer your transport layer is transport layer and your application layers and session presentation application so we kind of talked about how those map cross VIP is you have various security mechanisms that will help you virtual private Network so if you're not what one of those are it's basically a VPN tunnel that goes between you your point your device and your internal Network and you become in all the senses a node on your network when you have a VPN connection so you can sit at home connect what you guys I know you guys understand this but bottom line is you can sit on your computer and you can log into your Enterprise Network or whatever Network you want with a VPN connection and a tunnel and you have a secure connection between two points there's also a security aspirin VIP is pptp which is your point-to-point tunneling that's another one is first similar to BPM is a little bit different protocol that's in place and allows you to have a connection between two physical devices you have secure shell which is your SSH and then you have Internet Protocol security which is your ipsec they all work pretty much the same type of way VPN is typically used because it gives you a little bit more flexibility but they all can be used in very similar matters I've used inner ice ipsec tunnel between two devices especially when you have regular regulatory requirements around that and you want them to be connected in a secure Manner and ipsec tunnel can be connected between the two devices which acts as a protocol firewall basically what it does it has Port restriction so you wraps that TCP pack it up and it does limit what you can do with it or I should say it it doesn't matter what where the fact that it's not any any it's not wide open there are Port restrictions on that specific TCP rapper communication modes there are different types of communication modes and we have talked about this earlier if you have your full duplex which is your TCP IP and that means duplex Space Music Communications back and forth and you have your Simplex which is UDP so that the communication account to look at it like a walkie-talkie with the duplex they talk back and forth whereas a Simplex is just broadcasting kinda like this podcast with your radio you turn on your radio to listen to music that would be a live version of a UDP packet I'm not saying that that is a UDP packet but that would be similar to what that is it's just broadcasting out streams of data to you now as he's dealing with the different various communication ports that are available when you're done with TCP IP where was over 65536 Port. So if you're trying to use one thing I would like to recommend you guys as that are selling through cissp as you talk to senior leaders we talked about this before on this podcast important that you break it down to the third grade level and I don't mean for you to tell people that I'm so smart and you're a 3rd grader no that's not hurt you when you're trying to influence people that will be a bad thing that does not something you want to happen but do what you want to do is communicate this to individuals and let them know that like and I like use this example is yours a event or a piece of mesh or like a net that you use to catch fish and in that net there is approximately 65000 holes in this net and they all purpose is that you want to plug up as many of those holes as you possibly can Nations that actually utilize only a few of those ports of those holes when they communicate so therefore you want to lock down as many parts as you can. Some of those ports have standard communication pass some of them do not so many applications will if there are certain type of remote desktop type application they will use a specific set a range of Port if there another types applications that usually typical use another set of Port however you can use you can communicate over the Internet overport 250 you can communicate over the port 22360 to they have a typical ports for desist using that for an example is Port 80 or port 8080 those might be in place but the simple fact of it is is typically they are used for Port 80 in your SSL is typically used over Port 443 so those are the actual communication pass a tarkir now from 0 to 1023 are well known ports and that's what however I have seen that if there's an application that requires multiple ports for communication so let's say for example it has a lot of people that can connect to it and it has to communicate via a port it will put out a range that would be pretty substantial maybe potentially to 3000 different ports that could be open that that application must communicate back through so that you'll get ranges they don't always just go over one specific Port like 4 for 3 the one thing to consider is is that that is how I would communicate to individuals about what is this port thing because they all it will do is confuse people and if you can then tell them in a way that's understandable and easy to digest you will win friends and influence people as a really good book you should read from Dale Carnegie on How to Win Friends and Influence People very very good book a good book If you're looking for those is a book called skill with people and that's by Les Giblin it's really easy read it's a kind of read that you can use bathroom reading that will take you 30 minutes to read the entire book that's about it so yeah I mean through a couple different bathroom visits you can have that whole book read the entire book and its really good daily activities that you can use on how you communicate with people awesome what they want to talk about is the synack dance so this is the three-way handshake that occurs when a TCP IP packet does connect and this sit at dance works this way so basically Dunlop happen is they still be a synchronization packet will be sent to a server or defecation one of them or identification but to a server and that server them will respond with a sin act which is your they would do it was that Bebop give me that guy's real name is that little little dude that would you go pee pee pee pee so he would act he would say that yes I'm here I'm here I'm talking to you so your sin pack will be sent in your snack would kick in and I could tell you that yes I acknowledge Your Existence and then the client would respond to the act now there's other other flags that are used to trigger the swells you have your the fenders reset and these communication these flippers he's lacked Kathy the name was struggling with the name but there's basically these triggers that will then help with a communication path between both parties save your sin your synack and then your act and and all of those will help make a communication between the TCP IP Communications stream work so they're important I like to call the snack dance but it's really what it is it's a three-way handshake between the two all I have for today we're going to roll into some cissp questions okay so the cissp question what type of software testing does the tester have access to underlying source code a static testing Dynamic testing cross-site scripting testing Black Box testing testing Black Box testing what is it is it what type of source software testing does a tester have access to underlying source code static testing Dynamic testing cross-site scripting testing or Black Box testing got somebody that you think are like no that's not right so I won't leave I have a CB cross-site scripting testing and black box testing don't really fall into the bucket of what you're looking for so then you got to bring it down to his what does it happen to deal with the underlying source code dynamic testing is typically done with when they're doing user acceptance testing and are trying to play with the product static testing is there just testing one piece of code and that would be under static testing so basically in order to conduct a static test to test your might have access to the code Escape Wow's developers to prioritize tasks a Release Control Beacon Truck configurations role see request control or D change audit okay so what portion of the change management process which is very important by the way allows developers to prioritize tasks control B configuration control request control or D change audit request control the request control provides users to work to request changes and developers with the opportunity to prioritize those requests can you put it into depend upon how you do your development an agile method where you would then put in user stories based on that and then request for that Evergreen escapes as well which one of the following key types is used to enforce Liberty between database tables to that's a lot of Big Ten Dollar words in there so it one more time which of the following key types is used to enforce referential Integrity between data table types a candidate key be primary key foreign key Super Key like super key enforce referential Integrity between database tables a karyotype or can the key be primary key foreign key Super Key answer is disease that the sea and sea for geese foreign keys are used to enforce referential Integrity constraint between tables and participants in a relationship for a key that's actually a new one for me I didn't know that that's pretty cool don't let anybody tell you that they got it all figured out cuz guess what lying to you they don't the other piece of information will be quit if you go into a meeting about something and you don't understand it asked the question because guess what I guarantee you there are people in that same room that are confused about the topic and they're just not going to lead on because they don't want to look stupid I tend to look stupid on a daily basis so that looking stupid is a good thing it's a very good thing I got to do is sign up for my email list all right have a great day guys and we will catch you on the flip side show me the day on my podcast head over to Shawn gerber.com and look at all the free content that I have available for you there is a cissp mini course free cissp exam questions podcast and so much more it's all available to my email subscriber so sign up if you want my personalized cissp training he with your cissp need so you can pass the test the first time thanks so much for listening will catch you on the flip side CPI
CISSP Cyber Training Academy Program!
Are you an ambitious Cybersecurity or IT professional who wants to take your career to a whole new level by achieving the CISSP Certification?
Let CISSP Cyber Training help you pass the CISSP Test the first time!