Course 10 - Network Security Fundamentals | Episode 1: Models, Security, Protocols, and IP Addressing

In this lesson, you’ll learn about:Networking communication frameworks, including the OSI and TCP/IP modelsIdentity and Access Management (IAM) and the AAA security modelSecure and insecure network protocolsIPv4 and IPv6 addressing fundamentalsI. Networking Models and Communication Frameworks OSI Model (Open Systems Interconnection) — 7 Layers A standardized reference model used globally to explain network communication. Data moves through the layers using encapsulation (adding headers/footers) and de-encapsulation (removing them). Each layer communicates only with its direct neighbors.Layer 1 — Physical:Handles the transmission of bits over physical media (cables, radio waves).Devices: NICs, hubs, repeaters.Layer 2 — Data Link:Responsible for LAN communication using MAC addresses (48-bit hex).Devices: Switches, bridges.Protocols: Ethernet, ARP (maps IP → MAC).Layer 3 — Network:Handles routing and logical addressing.Protocols: IP, IPsec, ICMP.Devices: Routers.Layer 4 — Transport:Handles data delivery using:TCP: Reliable, connection-orientedUDP: Fast, connectionless (e.g., VoIP)TLS/SSL also function here for secure data transfer.Layers 5–7 — Session, Presentation, Application:Session: Controls communication sessions (simplex, half-duplex, full-duplex).Presentation: Formats data (JPEG, MP4, ASCII).Application: Interfaces with the user (HTTP, FTP, email protocols).TCP/IP Model — 4 Layers An older, more practical model used in real networks (ARPANET origin).Layers: Application, Transport, Internet, Link. II. Security and Access Management (IAM & AAA) Identity and Access Management defines how users authenticate, what they can access, and how their actions are tracked. AAA ModelAuthentication (A1):Proving identity, typically via passwords hashed with SHA or MD5 and compared to stored hashes.Authorization (A2):Defines what actions or resources a user is allowed to access.Accounting (A3):Logging and auditing user activity for accountability.Example: Windows event logs for login attempts.Access Control ModelsDiscretionary Access Control (DAC):Users can manage permissions for their own resources (less strict).Mandatory Access Control (MAC):Centralized, classification-based access rules (e.g., “Top Secret”).III. Secure Network Protocols Older protocols often send credentials in plain text and must be avoided. Secure versions provide encryption and integrity.Insecure Protocol (Avoid)Secure Alternative (Use)ReasonHTTPHTTPS (TLS 1.2+)Plain text can be sniffed; TLS encrypts traffic. SSL is outdated.FTPSFTPSFTP uses SSH for secure file transfers.TelnetSSH v2SSH provides encrypted remote administration.POP3 / IMAPPOP3S / IMAPSSecures email retrieval.SNMP v1/v2SNMP v3Adds encryption for management traffic.IV. IP Addressing: IPv4 and IPv6 IPv4Introduced in 1983Uses 32-bit dotted decimal notation (e.g., 192.168.1.1)Address space nearly exhaustedAddress Classes A, B, C for general use (D and E reserved). NAT (Network Address Translation) Used to conserve IPs by translating internal private IPs (RFC 1918 ranges) into a single public address:10.x.x.x172.16–31.x.x192.168.x.xIPv6Introduced in 1996Uses 128-bit hexadecimal notationVirtually unlimited address space → no need for NATCommunication ModesUnicast: One-to-oneMulticast: One-to-manyAnycast: One-to-nearest node among manyAdoption remains slow (~20% globally).You can listen and download our episodes for free on more than 10 different platforms:https://linktr.ee/cybercode_academy