Introduction to

Security Concepts
Security Operations Course
Meet the Trainer:
Niall Joseph
• Started through an IT Apprenticeship.
• 3 – 4 years working as a Service Desk Analyst.
• Developed an Interest in InfoSec & began self-study.
• Worked as a Security Operations Engineer at Accumuli Security.
• Incident Response Team Leader (Accumuli was also acquired by NCC Group for 24/7 SOC capabilities)
• Was asked to provide SME for new Network Threat Management Offering, Threat Hunting, etc.
• Developed the offering, delivered to new customers, mentored juniors.
• Left NCC, began working internally with businesses to provide InfoSec.
• Worked in InfoSec in the food manufacturing business.
• Worked in InfoSec in Online Gambling.
• Academy Trainer.
Security Operations Course
Introductions

Let’s introduce ourselves!

What’s your name?

What did you did before FDM?

What do you know about IT security?

Welcome to the SecOps course!

Module 1: Introduction to Security Concepts

1. Course Introduction
1. Subject (Arial 20)

2. Introduction to Security Concepts

3. CIA and Related Technologies

4. Accountability

5. Kali Linux

6. OSI Model and Networking Concepts

 Security Operations Course
Agenda – Week 1
Module 1 Module 2 Module 3
Introduction
Title (Arial
to Security
16, Bold)
Concepts IdentityTitle
and(Arial
Access
16,Management
Bold) Threat Actor
TitleThinking

1. Course Introduction 1. IAA and IAM 1. Hacking Lifecycle

2. Introduction to Security Concepts 2. AC, NAC & Group Policy 2. Footprinting & Reconnaissance
3. CIA and Related Technologies 3. System and Network Defence Basics 3. Scanning
4. Accountability 4. RBAC, Firewalls, IDS/IPS and Web 4. Enumeration
5. Kali Linux Filtering
6. OSI Model and Networking Concepts

Module 4 FirstModule
Assessment
5
Titleand Procedures
Tactics, Techniques WeekTitle
1 Exam

1. Password Attacks 1. Questions and Review

2. Network Attacks
3. Web Attacks 2. Self-Study
4. OWASP Top 10
3. Week 1 Exam
5. Wireless Security & Attacks
 Security Operations Course
Agenda – Week 2
Module 5
1 Module 6
2 Module 7
3
Title
Offensive
(Arial Security
16, Bold) Title
Incident
(Arial
Response
16, Bold) Security Analysis
Title & Defence

1. Metasploit 1. Social Engineering 1. Malware and Other Bad Software

2. Cyber Kill Chain 2. Phishing Awareness Tools
2. NMAP 3. Incident Response 3. Vulnerability Management
4. Incident Response VS Defacement 4. Vulnerability Management Tools
3. Hackathon
5. OS Hardening, Phishing & Incident
Response

Module 8
4 FinalModule
Assessment
5
SecurityTitle
Operations WeekTitle
2 Exam

1. Security Operations Tooling Examples 1. Questions and Review

2. ATT&CK Framework
3. Cloud, Azure and O365 2. Self-Study
4. Disaster Recovery and Business
3. Week 2 Exam
Continuity Planning
Course Introduction
Recaps and Pop Quizzes

• Recap slides after throughout the course

• Pop Quiz slides will usually follow recaps

• Lab exercises will also have questions to keep you thinking

• Unsure of any topics or answers? Ask away!

Module 1: Introduction to Security Concepts
1. Course Introduction

2. 2Introduction
. Subject – onlyto Security
capitalise the Concepts
first word

3. CIA and Related Technologies

4. Accountability

5. Kali Linux

6. OSI Model and Networking Concepts

Introduction to Information Security
Security in IT and Business
• What is cyber security?

• Largest new risk to companies

• What is cyber and information war?

• Legality
Introduction to Information Security
Threat Actors

Cyber Criminals Trolls Competitors

Insiders

Hacktivists Nation State Sponsored (APT)

Script Kiddies Ideologues

Introduction to Information Security
Attack Vectors

Compromised
Phishing Unpatched Software
Credentials
Missing
Patches

Misconfigurations Missing Security Controls

Physical Compromise Natural Disasters Malware

Introduction to Security Concepts
More Security Concepts

Least Privilege / Need

Due Care Due Diligence
to know
OS
Hardening

Separation of Duty Layered Security / Defence In Depth

Rotation of Duty Defence Diversity Environmental

Introduction to Information Security
Security Lifecycle

Prevention

Analysis Security Lifecycle Detection

Response
Introduction to Information Security
Security Controls
Introduction to Information Security
Defence in depth – Layered Security

Keep

Inner Wall

Outer Wall

Moat
Introduction to Security Concepts
Usability Triangle

Functionality

Security Usability
Introduction to Security Concepts
What we’ve covered so far

• Security in IT and Business

• Terminology and concepts

• Threat Vectors

• Usability Triangle: Usability, Functionality, Security

• Types of Security: Preventative, Detective, Corrective

• More security concepts

Introduction to Security Concepts
Pop Quiz

Answer the following:

1. What are the three security types?

2. What does an Information Security Policy govern?

3. What is the concept of Least Privilege?

Hands up in Teams once you’re done!

Module 1: Introduction to Security Concepts
1. Course Introduction

2. Introduction to Security Concepts

3. CIA and Related Technologies

3. Subject

4. Accountability

5. Kali Linux

6. OSI Model and Networking Concepts

Introduction to Information Security
CIA
Introduction to Information Security
CIA Model

Confidentiality

Integrity Availability
Introduction to Information Security
Confidentiality

The importance of protecting your most sensitive

information from unauthorized access.
Introduction to Information Security
Confidentiality – Permissions & Access Control
• Permissions are used to allow explicit access to a resource.

• Subjects are granted permissions over objects.

• Common types of permissions:

- Discretionary

- Role-based
Introduction to Information Security
Confidentiality - Permissions - Discretionary Access Control
• DAC properties:

- Decentralized access

- Access control lists (ACLs)

- Access control entries (ACEs)

- Auditing

- Dynamic access control

Introduction to Information Security
Confidentiality – Permissions – Role Based Access Control

• Permissions are assigned based on job roles:

- Role 1 – Systems Administrator

- Role 2 – Sales Account Manager

Introduction to Information Security
Confidentiality – Data

• Permissions alone can’t ensure confidentiality:

Data in motion Data at rest

Introduction to Information Security
Confidentiality – Cryptography

• Cryptography is the practice and study of hiding information:

- Plaintext

- Ciphertext

- Encryption

- Decryption

- Encryption Algorithm (cipher)

Introduction to Information Security
Confidentiality – Cryptography

• Some terminology and concepts to be familiar with are:

- Substitution - Entropy

- Permutation - Confusion

- Key - Diffusion

- Nonrepudiation - Redundancy

- Hashing
Introduction to Information Security
Confidentiality – Symmetric Encryption

• Symmetric encryption uses the same key to encrypt and decrypt data

Hello

Encryption Decryption
Function A$y9Lo-* Hello
Function

User A User B
Introduction to Information Security
Confidentiality – Symmetric Encryption Algorithms
Name Type Block size (bits) Key size (bits)
DES Block 64 56

3DES Block 64 168

AES Block 128 256

Blowfish Block 64 32 - 448

Twofish Block 128 128 – 256

RC4 Stream 1 128

RC5 Block 32, 64, 128 0 - 2040

RC6 Block 128 128, 192, 256 -

2040
 Introduction to Information Security
Confidentiality – Asymmetric Encryption
• Asymmetric encryption uses two keys that are mathematically linked, these keys are referred
to as a keypair.

• An asymmetric keypair contains a public key and a private key

Hello
User A
User B

Encryption Decryption
A$y9Lo-* Hello
Private Function Function Private
Key - A Key B

Public Public
Key - A Key - B
Introduction to Information Security
Confidentiality – Asymmetric Encryption Algorithms

• Diffie-Hellman

• Diffie-Hellman Ephemeral

• Elliptic Curve Diffie-Hellman Ephemeral

• RSA

• DSA

• PGP
Introduction to Information Security
Confidentiality – Asymmetric Encryption - PKI

• If you receive a public key, how can you be sure that it is in fact the intended public key –
How do you know it is FDM Groups Public key? How do you know it is Niall Joseph’s Public
key? How can we trust this?

• This is where Public Key Infrastructure comes in, based on the practical implementation of
keys, PKI enables Confidentiality, Integrity, Nonrepudiation and Authenticity.

• PKI enables trust, so we can be sure that the website we are navigating to in our web
browser, is actually the website we intended to go to.
 Introduction to Information Security
Confidentiality – PKI

CRL
Website
VA User

RA CA Validation copy
Approve
Certification

Request SSL/TLS Issued Certificate

Certificate

Website
Website
Bind certificate to website
Owner
Introduction to Information Security
Confidentiality – Symmetric vs Asymmetric Encryption

Name Pros Cons

Symmetric • Fast processing • Management becomes exponentially

• Can encrypt and decrypt large amounts more complex as keys are added
of data without compromising speed • No possibility to secure the transfer of the
• Extremely secure (if the right algorithm key
is used) • Does not offer any other security
functionality but confidentiality

Asymmetric • Secures transfer of symmetric key • Slow processing

• Easy to manage key ecosystem • Can be used for shorter data only
• Provides additional security services • Requires additional software to manage
(non-repudiation, authentication, and so infrastructure (PKI)
on)
Introduction to Information Security
Confidentiality – Transport Layer Security / Secure Sockets Layer

• Uses hybrid cryptography to generate and exchange session keys.

• RSA, Diffie-Hellman and its derivatives, like the elliptic curve versions DHEC and ECDHE,
can be used for key generation and key exchange.

• TLS handshake is an extension of the 3-way handshake and incorporates encryption and
session establishment between a client and server.
 Introduction to Information Security
Confidentiality – Hybrid Cryptography
Symmetric Private
Shared Key B
Private
Secret
Key - A
Symmetric
Encryption Decryption Shared
User A A$y9Lo-*
Function Function Secret
Public User B
Public
Key - A
Key - B

Decryption Encryption
Message Yn8$vs; Message
Function Function

User A User B
Symmetric shared secret
Introduction to Information Security
Confidentiality – Steganography
• Distinct from cryptography.

• Used to hide information in seemingly normal documents, images, audio or video files.

• Can be used to transmit data or codes undetected.

• Oftentimes threat actors can use steganography to covertly exfiltrate data from secure
networks
Lab Exercise
Confidentiality lab

Spammimic
Steganography example

Questions:

1. Describe another example of steganography.

2. Give an example of how this would be used

Introduction to Information Security
Integrity
Is protecting data from modification or deletion
by unauthorized parties and making sure that if
authorized people do make changes that shouldn't
have been made, it can be undone.
Introduction to Information Security
Integrity – Hashing
• A one way cryptographic algorithm that can be used to verify the integrity of a file.

• As well as being used to verify the integrity of a file, hashing is also used to store passwords
without keeping them in plaintext, demonstrating the benefits from a confidentiality
standpoint.
Introduction to Information Security
Integrity – Digital Signatures - Sending

01101001001 10011100100
Hash function Hash Encrypt Hash Encrypted Hash Signature
using Private Key
Data

Send to recipient
Signature Certificate Data
Digitally
Signed
data
Introduction to Information Security
Integrity – Digital Signatures - Receiving

10011100100 01101001001
Decrypt using Hash
Signature
Public Key

Digitally
Received message Signed
data 01101001001
Hash function Hash
Data
 Lab Exercise
Hashing

Linux hash
Let’s create our own hashes from data

Questions:

1. What do you notice about the hash once altering a single character?

2. Why is this useful?

Hashes are found in a lot of places in IT and help maintain security

through integrity – one of our core pillars~
 Introduction to Information Security
Availability

Systems, access channels, and authentication mechanisms must all be working

properly for the information they provide and protect to be available when needed.
Introduction to Information Security
Availability – Controls
Preventative Detective Corrective

• Clustering • WAF’s • Backup’s

• High Availability • SNMP Monitoring • Disaster Recovery

Plans
• Fault tolerance • Database Monitoring
• Hot Site
• Permissions
Introduction to Information Security
Availability – Threats

• DoS (Denial of Service) attacks

• DDoS (Distributed Denial of Service) attacks

• Natural Disasters

• Hardware Faults

• HVAC Malfunctions
Introduction to Information Security
What we’ve covered so far
• What is InfoSec / CyberSec • Symmetric Cryptography

• Key Concepts • Asymmetric Cryptography

• Attack Vectors • Public Key Infrastructure

• Threat Actors • Steganography

• Security Lifecycle • Digital Signatures

• Security Control Types • Hashing

• CIA Model • Availability Solutions

• Permissions • Threats to Availability

Introduction to Information Security
Pop Quiz

Answer the following:

1. What are the phases of the security lifecycle?

2. List the differences between Symmetric & Asymmetric Cryptography

3. What is the CIA model?

Hands up in Teams once you’re done!

Questions?
Module 1: Introduction to Security Concepts
1. Course Introduction

2. Introduction to Security Concepts

3. CIA and Related Technologies

4. Accountability
4. Subject

5. Kali Linux

6. OSI Model and Networking Concepts

Accountability
Solution for Accountability

• Application logging

• Audit files

• Firewall and proxy servers

• Log files
Accountability
Threats to Accountability

• Clearing tracks

• Corrupting audit files

• Wiping disks
Accountability
What we’ve covered so far

• Logging

• Auditing

• Firewalls

• Proxy servers

• Digital Signatures

• Clearing tracks

• Wiping data
Accountability
Pop Quiz

Answer the following:

1.Name a threat to accountability

2.What helps administrators hold users accountable for their actions on applications?

3.What logs help us identify traffic coming in and out of our network?

Hands up in Teams once you’re done!

Questions?
Module 1: Introduction to Security Concepts
1. Course Introduction

2. Introduction to Security Concepts

3. CIA and Related Technologies

4. Accountability

5. 5.
Kali Linux
Subject

6. OSI Model and Networking Concepts

Kali Linux
Skytap VM Environment

• These 5 machines will be used at varying times to complete labs during the course.

• 9 hours maximum runtime per day – please shut them down after you’re done!

• Kali Linux

• Metasploitable

• Sophos UTM

• Win7

• EPIROSH
Kali Linux
What is Kali Linux?

• Advanced Penetration Testing and Security Auditing platform.

• Designed to replace the BackTrack Linux distro.

• Kali distro is an operating system based on Debian.

Kali Linux
Kali’s Features

• Rewrite of BackTrack – starting from scratch

• Can now customize Kali ISOs

• Streaming security and package updates from Debian

• Easy upgrade to future versions

• Customizable desktop environment

• Automatable Kali Installations

• Streamlined Development Process

• Long Term Tool Packaging and Maintenance

Kali Linux
Why us Kali?

• It is free.

• 300+ applications, from password crackers to digital forensics software.

• Completely Customizable.

• Multilingual Support.

• Secure Development Environment.

• Open-source Git tree.

 Lab Exercise
Exploring Kali

Explore Kali
Look around on Kali

Have a look at the types of tools available

There should be a lot of interesting tools for you to take a look at…
 Lab Exercise
Presentation

Kali’s Tools
Pick 1 tool in Kali Linux

What does it do?

How does it do it?

How can it be used by the good guys?

Remember that Kali Linux is not made to be a tool for threat actors…
It’s there to educate and try to level the playing field for defenders~
Kali Linux
Pop Quiz

Answer the following:

1. Name three groups or professions that utilise Kali Linux.

2. What distro is Kali based on?

3. Kali was a complete rewrite of which previously infamous application suite?

Hands up in Teams once you’re done!

Questions?
Module 1: Introduction to Security Concepts
1. Course Introduction

2. Introduction to Security Concepts

3. CIA and Related Technologies

4. Accountability

5. Kali Linux

6. OSI Model and

6. Networking
Subject Concepts
Network Fundamentals
OSI Model – The 7 Layer Model
Away 7 Application HTTP, FTP, IRC, DNS

SSL, SSH, JPEG,

Pizza 6 Presentation
MPEG, IMAP

Sausage 5 Session RPCs and NFS

Throw 4 Transport TCP, UDP

IP, ICMP, IPSec,

Not 3 Network
Routers

Ethernet, Switch,
Do 2 Data Link
MAC

Coax, Fibre,
Please 1 Physical
Wireless, Hubs
Network Fundamentals
Coax, Fiber, Twisted
OSI Model – Layer 1 1 Physical
Pair, Wireless, Hubs

• Layer one is concerned with the physical Network Hub

transmission of binary data over a medium, some
examples are the different types of cables we can
see below, but this transmission can also be
wireless using a wireless network interface card.

Coaxial Cable Twister Pair Fiber-optic

Jacket Color coded pair of
insulated copper wires Buffer Material
Glass Fibers

Shielding Cladding
Insulating Jacket
Network Fundamentals
Coax, Fiber, Twisted
OSI Model – Layer 1 1 Physical
Pair, Wireless, Hubs

• Using different types of encoding, all data can be converted to binary, below we
can see a table illustrating how to convert the decimal number thirteen to binary.

8 7 6 5 4 3 2 1
Bit position

Binary 27 26 24 23 22 21 20
Power 25

Decimal 128 64 32 16 8 4 2
Value 1

Bit: 1 or 0? 0 0 0 0 1 1 0 1
 Network Fundamentals
OSI Model – Layer 2 2 Data Link NIC’s, Switches, ARP

• Layer two of the OSI model is primarily

concerned with getting data from one
“hop” to the next. This can be thought of Network Switch
Network Interface Card
as getting data from your laptop at home
to the router provided by your ISP, then
from the router in your home to a router
in the ISP’s network, and so on.

ARP Table CAM Table

IP Address MAC Address Interface MAC Address Port VLAN

10.6.20.12 00:50:56:0A:1A:77 Eth0 00:50:56:0A:1A:77 1 1
10.6.20.15 00:50:56:2D:D5:CA Eth0 00:50:56:2D:D5:CA 4 1

10.6.50.9 00:50:56:08:32:09 Eth0 00:50:56:08:32:09 2 6

 Network Fundamentals
OSI Model – Layer 2 2 Data Link NIC’s, Switches, ARP

ARP Request
Source MAC: A4:1F:72:12:34:56
Source IP: 192.168.0.1
Destination MAC: FF:FF:FF:FF:FF:FF
Destination IP: 192.168.0.2

PC 1 PC 2
MAC: A4:1F:72:12:34:56 MAC: A4:1F:72:43:76:67
IP: 192.168.0.1 IP: 192.168.0.2

Source MAC: A4:1F:72:12:34:56 Source IP: 192.168.0.1

Layer 2 Header Layer 3 Header DATA (Segment)
Destination IP: 192.168.0.2
Destination MAC: ???
 Network Fundamentals
IP Addressing, Path
OSI Model – Layer 3 3 Network
Determination, Routing

Network Router
• Layer three of the OSI model is primarily concerned with
addressing things at a global scale with IPv4/IPv6 addressing,
determining the path between a source and destination IP address
using protocols like OSPF, and routing the data packets accordingly.

Routing Table

Destination Subnet Mask Interface

123.60.70.0 255.255.255.0 Eth0
123.60.70.0 255.255.255.128 Eth1

192.15.10.9 255.255.255.255 Eth2

 Network Fundamentals
IP Addressing, Path
OSI Model – Layer 3 3 Network
Determination, Routing
• IP addresses are split into their classes based on their capacity for
subnetting – The number of different networks and hosts that a
given range can support
Class Subnet No. Hosts / No. Networ Start - End Address
Mask Network ks
A 255.0. 0.0 16 Million 127 1.0.0.0 - 126.255.255.255

Loopback 127.0.0.0 -
Private address ranges
127.255.255.255
Class Private Address Range
B 255.255.0.0 65000 16000 128.0.0.0 - 191.255.255.2
55 A 10.0.0.0 to 10.255.255.255
C 255.255.255.0 254 2 Million 192.0.0.0 B 172.16.0.0 to 172.31.255.255
- 233.255.255.255 C 192.168.0.0 to 192.168.255.255
D Reserved for multicast groups 224.0.0.0 -
239.255.255.255
E Reserved for future use, or research 240.0.0.0
and Development purposes - 254.255.255.255
 Network Fundamentals
OSI Model – Layer 3 - Network Address Translation (NAT)
10.0.0.254 104.20.181.25

Switch Default Gateway and

Internet
NAT device

IP Address Class Address Range Private Range

Class A 0.0.0.0 – 10.0.0.1 –

127.255.255.255 10.255.255.255
10.0.0.4 10.0.0.5 10.0.0.6 Class B 128.0.0.0 – 172.16.0.0 –
191.255.255.255 172.31.255.255
Class C 192.0.0.0 – 192.168.0.0 –
223.255.255.255 192.168.255.255
 Network Fundamentals
TCP, UDP – Establishing
OSI Model – Layer 4 4 Transport
end to end connections

• Layer four of the OSI model is primarily concerned with

establishing an end-to-end connection between two hosts,
building on the work of the network layer. This is the layer where
data from higher layers of the OSI model are broken down into
segments for transmission and addressed to specific ports on a
remote host.

• The two main protocols you will encounter at this layer are the
Transmission Control Protocol (TCP) and the User Datagram
Protocol (UDP).
 Network Fundamentals
OSI Model – Layer 4 – Transmission Control Protocol

Client Server
• The transmission control protocol is concerned with providing
SYN
reliable, ordered, and error checked delivery of data, between
applications on hosts connected to an IP network. Details of how SYN/ACK
this is done can be found in RFC 9293. Whilst not an exhaustive list,
some Important fields in a TCP header are below: ACK

- Source & Destination Port

- Sequence Number Connection Established
- Acknowledgement Number
- TCP Flags
- Checksum
Network Fundamentals
OSI Model – Layer 4 – Transmission Control Protocol
Port Protocol Full Name
• In the same way that we can identify hosts on an 21 FTP File Transfer Protocol
IP network using the IP address, we can identify 22 SSH Secure Shell
specific applications running on a host using a 23 Telnet Telnet
port number. 25 SMTP Simple Mail Transfer
Protocol
• As TCP ports use a 16-bit number, we have 2^16 53 DNS Domain Name System
ports on each machine (65536). The first 1024 80 HTTP Hypertext Transfer
ports are often described as “Known Ports” and Protocol
some protocols run on specific ports as default, 88 Kerberos Kerberos
some examples of this can be seen in the figure 110 POP3 Post Office Protocol v3
to the right.
139 NetBIOS Network Basic
• A cheat sheet containing some of these “known Input/Output System
ports” can be found here. 443 HTTPS Hypertext Transfer
Protocol Secure
445 SMB Server Message Block
3389 RDP Remote Desktop Protocol
 Network Fundamentals
OSI Model – Layer 5 5 Session RPCs and NFS

• Layer five of the OSI model is primarily concerned with providing

mechanisms for opening, managing and closing sessions between
two end user applications.

• A good example of a session layer protocol is Remote Procedure

Call (RPC) – This protocol is used to execute actions in a foreign
address space (another computer), as if it were being called locally.

• Network File Share (NFS) is a good example of this, it is used to

read and write files to file shares that are in remote locations, as if
they were local.
 Network Fundamentals
ASCII, JPEG, WAV,
OSI Model – Layer 6 6 Presentation
AVI, and MPEG

• Layer six of the OSI model is concerned with presentation, as you

may guess from its name. As we know, all data on a network is
transmitted at the physical layer in binary format, yet when we
request a webpage through HTTP, we receive HTML, CSS, Images,
Videos, Audio and more! This is because of the encoding used at
the presentation layer, the presentation layer is also concerned
with encryption, decryption, as well as compression and
decompression.
 Network Fundamentals
OSI Model – Layer 7 7 Application HTTP, FTP, IRC, DNS

• The application layer of the OSI model is responsible for providing

applications running on hosts with the ability to access network
resources.

• Examples of protocols that operate at this layer are things like

HTTP, SMTP, FTP and many more.

• In the following slides we will discuss some of these application

layer protocols in more detail..
 Network Fundamentals
OSI Model – Layer 7 - HTTP 7 Application HTTP, FTP, IRC, DNS

• The Hypertext Transfer Protocol is what we use to browse the

internet, you may recall seeing something like –
http://careers.fdmgroup.com/vacancies/113/uk--returners-progra
mme.html
In your browsers address bar, this is an example of a Uniform
Resource Locator (URL) and it is what we use to access a specific
resource.

Protocol Path

https://careers.fdmgroup.com/vacancies/113/uk--returners-programme.html

Domain File
 Network Fundamentals
OSI Model – Layer 7 – HTTP Requests

• We can see an example of a HTTP request above, HTTP uses request methods in order to interact with
web servers and perform specific actions, there are 8 request methods, but the most common are GET
and POST.
Request Method Description
GET Requests a representation of a specific resource.
POST Submits an entity to the specified resource.
HEAD Requests a resource, without the response body (Just the HTTP headers)
TRACE Performs a loopback test along the path to a resource
PUT Replaces a resource with the content in the request body
DELETE Deletes a resource
CONNECT Creates a tunnel to the server specified by specified resource
PATCH Applies partial modifications to a resource
OPTIONS Describes the communication options for a specified resource
 Network Fundamentals
OSI Model – Layer 7 – HTTP Responses

• HTTP Responses contain the resources that we’ve just requested by sending a request to a specific URL,
more often than not this response contains some HTML, CSS sheets, client-side script and more.

• HTTP Uses response codes to indicate the type of response that’s being sent, we can see some ranges of
HTTP response codes below:

Response Code Range Meaning

100 - 199 Informational Responses
200 - 299 Successful Responses
300 - 399 Redirection Responses
400 – 499 Client-Side Error
Responses
500 - 599 Server-Side Error
Responses
Network Fundamentals
Other Protocols – DNS
3
Root
Server

7
1 8
5
TLD
Server
4
User
2
Recursive
Server Authoritative
Server
6
Network Fundamentals
Other Protocols – DNS
Record Type Description
A Maps domain names to IPv4 addresses

AAAA Maps domain names to IPv6 addresses

CNAME Redirects a domain to a different domain

PTR Resolves IPv4 or IPv6 addresses to domain names

NS Provides a list of the authoritative name servers responsible for the domain

MX Provides the domain names of mail servers that receive emails on behalf of a domain

SOA Provides important details about a DNS zone; required for every DNS zone

TXT Provides any type of descriptive information in text format

A Maps domain names to IPv4 addresses

 Network Fundamentals
Other Protocols – DHCP

• DHCP is the dynamic host configuration protocol and is used to automatically assign IP addresses to
hosts as they join a network.

Client Server

Discover

Offer
Request

Acknowledge
 Network Fundamentals
Other Protocols – SMTP, POP3 & IMAP
• The protocols on this slide are all mail protocols, SMTP – The simple mail transfer protocol is used to
transfer emails from one mail server to another.
• POP3 is the post office protocol, and IMAP is the Internet message access protocol, both of which are
concerned with fetching mail from a mail server to an email client (Mail Transfer Agent).

Mail Clients Mail Clients

Mail Server Mail Server

INTERNET

POP3 & SMTP POP3 &

IMAP IMAP
 Network Fundamentals
Other Protocols – ICMP
• ICMP is the internet control messaging protocol and is primarily used to troubleshoot network issues and
identify live hosts on a network.

• It is the protocol that supports network troubleshooting tools like PING and Traceroute.
Network Fundamentals
What we’ve covered so far

• OSI Model • OSI Layer 7 - HTTP

• OSI Layer 1 – Hub’s, Cables, Binary • DNS

• OSI Layer 2 – NIC’s, Switches, ARP • DHCP

• OSI Layer 3 – Router’s, IP, OSPF, NAT • Mail Protocols – POP3, IMAP, SMTP

• OSI Layer 4 – TCP, UDP • ICMP

• OSI Layer 5

• OSI Layer 6
Network Devices and Security Features
What we’ve covered so far

• Switches – VLAN’s, Port Security, STP

• Routers – Subnetting and ACL’s

• Firewalls

• Web Application Firewalls

• Forward Proxy

• Reverse Proxy

• NIDS/NIPS
OSI Model and Networking Concepts
Pop Quiz

Answer the following:

1. What is the primary purpose of Network Address Translation?

2. What does DNS do when browsing? (simplify)

3. Name the two most common protocols that run at layer 4 of the OSI model

Hands up in Teams once you’re done!

Questions?
Have a good evening

and

see you tomorrow!