• 8 months ago
Transcript
00:00 bismillah rahman rahim assalamu alaikum welcome back
00:03 and we are here at lecture number 1
00:06 CCNA Cyber Op Security Fundamental
00:09 is the lecture
00:12 210-250 you know about the book
00:15 if you buy the library
00:18 210-250 and 210-255
00:21 security fundamental and security operations
00:24 we will cover both of them
00:27 there is no catch up
00:30 before starting this work
00:33 i will give you a suggestion
00:36 go to urdu it academy
00:39 go to courses
00:42 and this CCNA ICND 1
00:45 i assume you have read this
00:48 because this is very important
00:51 i have no point to
00:54 give you a short description
00:57 everyone who works at the SOC
01:00 should know about TCP/IP
01:03 protocol suite, fundamental of IP packet
01:06 OSI layer model, application presentation
01:09 session, transport layer, IP addresses
01:12 RFC IP addresses, 169.254
01:15 IP addresses
01:18 because one day you will be in a SOC
01:21 and you will be monitoring security
01:24 and you will see
01:27 an IP address coming from 169.254
01:30 and producing traffic
01:33 and your colleague will tell you
01:36 this is a malicious IP address
01:39 this is a strange IP address
01:42 and you will say
01:45 this is a misconfiguration
01:48 when you will talk about this
01:51 it means you know about this
01:54 you should be on that level
01:57 you should know about TCP 3way handshake
02:00 you should know about UDP
02:03 i will give you a common example
02:06 one day a person says
02:09 you opened UDP port 23 and i can't check
02:12 i will tell you a common thing
02:15 if you want to check your access
02:18 to a server
02:21 you can go to telnet
02:24 sysco.com
02:27 and type 80
02:30 you will see a blank screen
02:33 you will say port 80 is open
02:36 he says you opened port 80
02:39 but i am telling you telnet
02:42 is a common troubleshooting method
02:45 if you want to use port 443
02:48 you will type 443
02:51 it will show you if 443 is open
02:54 what was he doing
02:57 he said i opened telnet
03:00 and you said you opened port 443
03:03 i said telnet is a TCP protocol
03:06 and i opened UDP port
03:09 i am not googling this
03:12 you should know these basic things
03:15 this is a networking 101
03:18 you should know about ARP, DCP
03:21 ICMP
03:24 people ask questions in interviews
03:27 to confuse people
03:30 tell me which port does ICMP work on
03:33 if i ask you this question
03:36 you will say 80, 443
03:39 no, ICMP is a different protocol
03:42 it does not use TCP, UDP
03:45 it uses ICMP protocol
03:48 how to do end to end packet delivery
03:51 i have explained this in detail
03:54 OSI layer model
03:57 switch hub, router
04:00 if you don't know this
04:03 data is on top layers
04:06 segmentation, packets
04:09 frames and bits
04:12 segments, packets, frames
04:15 application, presentation, session
04:18 transport, headers
04:21 network layer, IP header
04:24 data link, frames, MAC
04:27 physical layer, bits
04:30 4 layer TCP/IP model
04:33 ISO layer model
04:36 maps only 4 layer TCP/IP model
04:39 4 layer TCP/IP model
04:42 is also called TCP/IP stack
04:45 or
04:48 DUD model
04:51 protocol of packets network
04:54 in 1974
04:57 DUD wrote standard
05:00 because it was a defense project
05:03 ARPANET switched towards TCP
05:06 it was working on NCP
05:09 network control protocol
05:12 it was a legacy protocol
05:15 in 1960s
05:18 ARPANET became DARPA
05:21 started in 1970, published in 1984
05:24 OSI 7 layer model
05:27 in 1983
05:30 ARPANET on TCP/IP
05:33 OSI standardized it
05:36 4 layer TCP/IP model
05:39 7 layer OSI model
05:42 all work the same
05:45 it is a map
05:48 TCP/IP is application
05:51 presentation, session
05:54 SMTP, email
05:57 HTTP post request
06:00 TCP/IP layer model
06:03 application, transport, internet
06:06 physical layer
06:09 ATIP
06:12 best way is
06:15 ATIF
06:18 you can use any other way
06:21 it is encapsulation process
06:24 HTTP post packet
06:27 HTTP post
06:30 HTTP packet
06:33 TCP/UDP
06:36 TCP header
06:39 encapsulation
06:42 IP layer
06:45 IP address
06:48 Ethernet
06:51 physical layer
06:54 3 layers
06:57 3,2,5,6,7
07:00 1,2,3,4
07:03 4 layers
07:06 when it reached receiving end
07:09 Ethernet header
07:12 HTTP header
07:15 HTTP post request
07:18 web services
07:21 interesting thing
07:24 I have not studied
07:27 one person asked
07:30 between one server and one client
07:33 communication
07:36 in detail
07:39 I have not studied
07:42 when you are
07:45 pulling data
07:48 from HTTP
07:51 I did not get that job
07:54 anyway
07:57 IP protocol
08:00 TCP
08:03 IP protocol
08:06 IP header
08:09 layer 3
08:12 connectionless protocol
08:15 don't worry about the sequencing
08:18 addressing, network and host
08:21 IP protocol
08:24 ignore it
08:27 this is your header
08:30 this is IPv4 header
08:33 version 0 to 4
08:36 IPv4
08:39 IP header
08:42 out of sync
08:45 IP header
08:48 8 bits
08:51 quality of services
08:54 6 bits
08:57 congestion
09:00 8,535 bytes
09:03 present
09:06 16 to 31
09:09 these 3 fields are used for
09:12 fragmentation of packet
09:15 and identifying
09:18 flag
09:21 fragment
09:24 I remember
09:27 I discussed
09:30 when someone is telling
09:33 version
09:36 I have told in detail
09:39 time to live is important
09:42 number decrement
09:45 default is 30
09:48 router opened
09:51 -1 increment
09:54 -29 increment
09:57 loop create
10:00 packet is roaming
10:03 when it is 0
10:06 discard it
10:09 as it reaches
10:12 important
10:15 packet
10:18 TTL counter 1
10:21 use it
10:24 what IP
10:27 which IP
10:30 help preventing loops
10:33 TTL packet
10:36 loop preventing
10:39 value is 30
10:42 IP address
10:45 32 bits
10:48 A class
10:51 127
10:54 RFC
10:57 1918
11:00 A class
11:03 B class
11:06 C class
11:09 A class
11:12 B class
11:15 192
11:18 172
11:21 16
11:24 RFC
11:27 1918
11:30 RFC
11:33 1918
11:36 RFC
11:39 1918
11:42 RFC
11:45 1918
11:48 RFC
11:51 1918
11:54 RFC
11:57 1918
12:00 RFC
12:03 1918
12:06 RFC
12:09 1918
12:12 RFC
12:15 1918
12:18 RFC
12:21 1918
12:24 RFC
12:27 1918
12:30 RFC
12:33 1918
12:36 RFC
12:39 1918
12:42 RFC
12:45 1918
12:48 RFC
12:51 1918
12:54 RFC
12:57 1918
13:00 RFC
13:03 1918
13:06 RFC
13:09 1918
13:12 RFC
13:15 1918
13:18 RFC
13:21 1918
13:24 RFC
13:27 1918
13:30 RFC
13:33 1918
13:36 RFC
13:39 1918
13:42 RFC
13:45 1918
13:48 RFC
13:51 1918
13:54 RFC
13:57 1918
14:00 RFC
14:03 1918
14:06 RFC
14:09 1918
14:12 RFC
14:15 1918
14:18 RFC
14:21 1918
14:24 RFC
14:27 1918
14:30 RFC
14:33 1918
14:36 RFC
14:39 1918
14:42 RFC
14:45 1918
14:48 RFC
14:51 1918
14:54 RFC
14:57 1918
15:00 RFC
15:03 1918
15:06 RFC
15:09 1918
15:12 RFC