Aakriti, Author at Network Kings

A Guide to the Different Types of Attacks in Network Security

February 6, 2023February 6, 2023 by Aakriti

‍Network security is an important part of any business, organization, or individual’s online safety and protection. Cybercriminals are continuously developing new and advanced methods of attack, making it crucial to stay up-to-date on the different types of attacks in network security.

This comprehensive guide provides a detailed overview of the most common threats and the best practices for protecting your network. From Denial of Service (DoS) attacks to phishing scams, you’ll learn about the different types of attacks, the risks associated with each, and the steps you can take to mitigate them.

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

Knowing about the different types of network security attacks is very important from CCNA 200-301 exam point of view. In this blog, we will discuss all the attacks that are asked in the CCNA certification exam.

Make sure to understand each one of them. Let’s begin!

What is Network Security?

Network security is the process of protecting your networks from unauthorized access, breaches, or damage. It can also be applied to protecting your systems and data from potential threats on networks such as intranet or extranet connections.

Network security is an important part of data security, but it is only one part. Data security is the practice of protecting valuable information by keeping it secure. It is important to remember that network security is a process, not an end result. It is an ongoing process that requires ongoing vigilance and attention.

Types of Attacks in Network Security

Before we learn about different types of attacks in network security, it’s important to understand the basic components of a network. Networks can be made up of a variety of devices, ranging from computers to routers to network storage devices to printers. The devices on a network are connected together either wirelessly or over a wired connection.

These devices communicate with each other using a variety of protocols and standards, including IPv4, IPv6, and Transmission Control Protocol/Internet Protocol (TCP/IP). IP addresses are the protocols and addresses used to identify and identify devices on a network.

In order to send and receive data, devices on a network must be able to communicate. This communication is typically done through ports, which are used to assign devices a specific amount of bandwidth in order to allow them to send and receive data. Systems on a network may also use services, such as SMTP to send e-mail or HTTP to access a website.

Let us now begin learning about different types of attacks in network security.

1.Denial-of-Service (DoS) attacks:

DoS attacks threaten the availability of a system, the A of the CIA triad.
There are many kinds of DoS attacks and we will discuss a few of them. One of the most common DoS attacks is TCP SYN flood. It exploits the TCP three-way handshake which consists of the SYN, SYN-ACK and ACK.
In a TCP SYN flood, the attacker sends countless TCP SYN messages to the target.
The target sends a SYN ACK message in response to each SYN it receives.
The attacker never replies with the final ACK of the TCP three-way handshake. This final ACK is never sent.
The target waits for the final ACK of each handshake, and the incomplete connections fill up the target’s TCP connection table.
The incomplete connections will be timed out and they will be removed from the table after a certain amout of time.
The attacker continues sending SYN messages to fill up the table.
In the end, the target is no longer able to make legit TCP connections because it has reached the maximum limit of the number of TCP connections it can maintain.

A hacker can rent a website and then rent a server to launch a flood.

2. Distributed Denial-of-Service (DDoS) attack:

In distributed denial-of-service (DDoS) attack, the attacker infects many target users with malware and uses them to begin a Denial-of-Service (DoS) attack, for example, a TCP SYN flood attack.
The infected computers together are called a botnet.

3. Man in the Middle (MITM) attacks

Man in the Middle attacks (MITM) is some of the most common types of network security attacks.
If you’ve ever wondered how hackers hijack computers and steal personal information or disrupt businesses, it’s all thanks to man in the middle attacks.
An example of a man in the middle attack would be if your email exchange is going to a third party, such as Gmail or Microsoft Outlook.

Another example of a man in the middle attack is when data is being sent over a network, such as when a browser is communicating with a website.
These attacks occur when an attacker captures traffic between two parties and modifies the traffic so that it looks as if it is coming from the victim and going to the attacker.
This is done by using eavesdropping and interface manipulation.
This can cause all kinds of problems, such as sending a hacker’s password or downloading malicious software.
The attacker can also alter the content of a packet by adding new information to the packet as opposed to modifying the packet.
If a hacker is in the middle of a conversation, he can alter the conversation to make it look like he’s the one talking to the other person. This is similar to a MITM attack, except the hacker is in the middle and not the victim.
The attacker can change the information being sent so that it appears as if it is coming from the victim.

4. SQL injection attacks

SQL injection attacks are some of the most dangerous types of network security attacks.
The basic premise of this type of attack is that malformed SQL code is injected into the web application.

The code is then executed, and the attacker is able to cause damage to the network, such as stealing data, deleting data, changing data, or even deleting the entire database.
This type of attack is increasing in prevalence because web applications are getting more and more complex.
They need to be fast, reliable and secure all at the same time.
Unfortunately, most applications are not developed with security in mind, making them vulnerable to SQL injection attacks.
A hacker can easily use a tool, such as SQLMAP, to find and inject malicious SQL code into a website.
If a hacker is able to inject malicious code and then access a database, he or she can cause all kinds of damage, from deleting data to stealing money.

5. Phishing Attacks

The term phishing means “fishing” and refers to attempting to fish out a user’s sensitive information such as a password, banking account details, or other confidential data.
Phishing attacks are often disguised as a trustworthy source, such as a bank website or email.
Hackers often use malicious links or messages to trap unsuspecting users into providing their login credentials or other sensitive information.
Phishing attacks are frequently used for financial gain.

These attacks often come in the form of an email that appears to come from a legitimate source, such as a bank or credit card company.
Phishing messages often include links to websites that look like they’re from a legitimate source, such as a brand-new bank website.
Users are advised to be cautious of any links that are sent to them and to avoid clicking anything they’re not 100% sure is safe.

Best practices for mitigating Network Security threats

Here are some of the best precautions that you can use to reduce your chances of getting exposed to various types of network security attacks:

Use strong passwords:

Most people reuse simple passwords, make them too short, or choose terrible passwords. Make sure your password meets one of the following criteria:

Is at least eight characters in length
Contains numbers, letters, and symbols
Is different from your email account password
Is not easily guessable
Use a password manager

Using a password manager is one of the best ways to make sure your passwords are safe. It will save you time, keep you organized, and help prevent you from making any mistakes that could lead to your information being stolen.

Install antivirus software:

There are many free antivirus programs available. As an added bonus, many programs block links, offer cloud protection, and provide real-time updates. –

Use 2-factor authentication:

Many websites now require two-factor authentication to prevent hackers from stealing your information. This is often accomplished through an app or text that is sent to your phone to verify your identity.

Two-factor authentication will help protect against man-in-middle attacks and phishing attacks.

Keep your software updated:

Keep your devices such as computer, PCs, laptops, etc. updated. Double check that there are no vulnerabilities in your device thay cam be hacked. Update your software and devices as soon as possible.

Lock your device and/or turn off remote/web access:

Many hackers use remote access tools (RATs) to gain access to a target’s device. A common way to do this is through remote access utility (RAU).

Conclusion

In this blog we have covered what is network security and how it gets suffered because of the most prevailing attacks. We learned how they attacks occur and we understood the approach of these attacks.

Additionally, we also learned how to mitigate these attacks and the important measures that you can take to reduce these attacks.

This was all about the various types of attacks in network security.

Stay tuned for more such free content for our CCNA series!

What is QoS and How important it is in a Computer Network?

February 2, 2023 by Aakriti

Quality-of-Service (QoS) is a method used to manage network resources and prioritize different types of traffic. QoS solutions can be either hardware- or software-based, and they use different mechanisms to achieve their goals. The most common QoS solutions are Traffic Shaping, Traffic Policing, and Quality of Service Marking.

QoS is important because it allows you to prioritize different types of traffic, which can be important in a number of situations. For example, if you are running a VoIP call and your computer is also downloading a file, you can use QoS to give priority to the VoIP call and ensure that the call quality is not affected.

There are a number of benefits to using QoS, but there are also some disadvantages that you should be aware of. In this blog, we will discuss what QoS is, the different types of QoS solutions, how QoS works, the benefits of using QoS, and the disadvantages of QoS.

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

Let’s get started!

What is QoS?

Quality-of-Service (QoS) is a networking technique used to prioritize certain types of traffic over others. It ensures that important traffic, such as VoIP calls, receives first priority on the network.

QoS solutions can be either hardware- or software-based, and they use different mechanisms to achieve their goals.

Common QoS solutions include the following:

Traffic Shaping,
Traffic Policing, and
Quality of Service Marking.

The main purpose of QoS is to ensure that important network traffic is prioritized over less important traffic, such as file transfers. This is done by applying different levels of priority to different types of traffic, as well as by controlling the amount of bandwidth available for each type of traffic. By doing this, important traffic can be given priority and not affected by any congestion caused by traffic on the network.

Why is QoS Important in a Computer Network?

QoS is important because it allows you to prioritize different types of traffic over others. The following are the important functions of the QoS. These are:

Prioritize traffic:

This can be essential in a number of situations, such as when you are running a VoIP call and your computer is also downloading a file. In this case, you can use QoS to give priority to the VoIP call and ensure that the call quality is not affected.

Balancing resource access:

QoS is also important for ensuring that all users have equal access to the resources on the network.

Managing bandwidth usage:

By using QoS, you can guarantee that certain traffic (such as VoIP or video streaming) gets the bandwidth that it needs, while less important traffic (such as file transfers or web browsing) receives the remaining bandwidth.

With QoS, you can also ensure that no one user or application is using too much bandwidth, thus preventing any one user from dominating the network resources.

What are the different types of QoS Mechanisms?

There are several different types of QoS mechanisms that can be used to prioritize network traffic. These include:

Traffic Shaping
Traffic Policing
Quality of Service Marking.

1. Traffic Shaping:

Traffic Shaping is a QoS mechanism that is used to manage the amount of data that is sent on the network.
It helps to ensure that important traffic is not adversely affected by congestion.

2. Traffic Policing:

Traffic Policing is another QoS mechanism that is used to control the amount of data sent over the network.
It can be used to limit the amount of bandwidth that a certain type of traffic is allowed to use.

3. Quality of Service Marking:

Quality of Service Marking is a QoS mechanism that is used to set different levels of priority for different types of traffic.
This allows important traffic to be given priority over other types of traffic.
The Quality of Service Marking can also be used to identify and provide priority to latency-sensitive traffic, such as VoIP.

Implementing QoS in a Computer Network

This is how Quality-of-Service (QoS) is implemented in a computer network:

The first step in implementing QoS is to identify all of the applications, users, and devices that will be using the network. This will allow you to identify which traffic should be given priority.
After this, you will need to configure the appropriate QoS solutions. This will include Traffic Shaping, Traffic Policing, and Quality of Service Marking.
Finally, you will need to monitor the network to make sure that the QoS policies are working as intended.
You will also need to adjust the QoS settings as needed. This can be done manually, or you can use a network management system to automate the process.

What are the benefits of QoS?

There are several benefits to using QoS on your network.

The most important benefit is that it allows you to prioritize different types of traffic over others. This is important for ensuring that VoIP calls, video streaming, and other latency-sensitive traffic are not poorly affected by any congestion on the network.

Another benefit of QoS is that it can be used to ensure that no one user or application is hogging the network resources.

By setting limits on how much bandwidth each user or application is allowed to use, you can manage the resources on the network and ensure that everyone is getting a fair share.

What are the drawbacks of QoS?

While QoS can be beneficial in many cases, there are some drawbacks as well.

One potential drawback is that it can be difficult to configure a QoS solution correctly. If the QoS settings are not configured correctly, the network may not operate properly.

Another potential drawback is that the QoS solutions available on the market are often expensive. This means that using QoS may add an additional cost to the network.

QoS solutions can also be complex and hard to manage, which can increase the amount of time that is needed to configure and maintain the network.

Bottom Line

Quality-of-Service (QoS) is a networking technique used to prioritize certain types of traffic over others. It allows you to prioritize important network traffic and ensure that everyone has access to the resources on the network.

There are a number of benefits to using QoS, but there are also some drawbacks that you should be aware of. With the right configuration and management, QoS can be a great tool for managing your network resources. It just depends on the user how he can make the most out of it!

Stay tuned for upcoming informative blogs for our free CCNA series.

Cloud Computing Interview Questions for Freshers

1. What is meant by cloud computing?

Cloud computing is a new-age technology based on the Internet. It consists of various provisions such as storage, networks, hardware, services, and interfaces that make up the cloud as a service. It can provide access to many servers all across the globe.

Below mentioned are some of the examples of cloud computing are as follows:

Software-as-a-Service (SaaS): Google Workspace
Infrastructure-as-a-Service (IaaS): AWS Elastic Cloud Compute (EC2)
Platform-as-a-Service (PaaS): Boomi

Big Data Analysis
File sharing and data storage
Data governance
Cybersecurity

2. What are the advantages of cloud computing?

There are a large number of advantages of cloud computing. Here are some of the benefits of cloud computing are as follows:

Accessibility:

Any device that uses cloud computing can access any application and data from anywhere across the globe.

Efficiency:

The significant advantage of cloud computing is providing business efficiency through its various services.

Cost savings:

Cloud computing cuts the cost of acquiring and maintaining businesses with scalable computing resources. Cloud computing works on the pay-as-you-go model thus, making it the most attractive option for business organizations.

Security:

The client’s data that is stored in the cloud computing applications are very well secured. Therefore, cloud computing, especially private cloud services are the best to use.

Flexibility and increased collaboration:

People from various places can collaborate and co-create a project by using the cloud abilities without the need of satisfying them. Therefore, flexibility is offered at its best!

Disaster recovery:

From small to big enterprises, all of them depend on the cloud in backing up their data.

3. Name the biggest cloud providers and databases.

The following are some of the biggest cloud providers:

Microsoft Azure
Amazon Web Services
Google Cloud Platform
EnterpriseDB
Garantia Data
Cloud SQL by Google
Google BigTable
Cloud-based SQL
Rackspace
Amazon SimpleDB
SAP

4. Name the different layers that define cloud architecture.

The layers that are utilized by cloud architecture are as follows:

CLC or Cloud Controller
Walrus
Cluster Controller
SC or Storage Controller
NC or Node Controller

5. Name the different data types used in cloud computing.

The generation of data is increasing by multifold every day. Therefore, there is a need for new data types to store various new data types. For example, in order to save a video, we will need a new data type.

The various data types in cloud computing are as follows:

Text
Emails
Boolean
Decimal
Locale
Number
Date
Images
Contacts

6. Mention the models for deployment in cloud computing.

The different types of deployment models in cloud computing are:

Public cloud:

The public cloud includes all the commercial providers that provide networking, hardware, storage, and interfaces owned and operated by a third party.

Private cloud:

It is set up by an organization for its employees to use exclusively. Therefore, it often uses a firewall to secure the network, applications, interfaces, etc. all the applications are owned and operated by one single organization.

Hybrid cloud:

A hybrid cloud environment refers to using both private and public clouds. Most companies use a hybrid cloud.

Multi-cloud:

Some business organizations also use a collection of public cloud services. They do so to support different developers and businesses called multi-cloud environments.

7. What is meant by EUCALYPTUS in cloud computing? What is it used for?

The full form of EUCALYPTUS is Elastic Utility Computing Architecture For Linking Your Program To Useful Systems.

It functions to implement clusters in cloud computing platforms and it is an open-source software infrastructure. It builds the following:

Public cloud
Private cloud
Hybrid cloud

Therefore, it allows a user to build his own data center in a private cloud.

8. What are the most important cloud architectures?

The following are the building blocks of the cloud architecture:

Reference Architecture
Technical Architecture
Deployment operation Architecture

9. What are the main constituents of a cloud ecosystem?

The main parts of a cloud ecosystem that decide how you view a cloud architecture are:

Cloud consumers
Direct consumers
Cloud service providers

10. Mention different phases of a cloud architecture.

The various phases are mentioned below:

Launch phase
Monitor phase
Shutdown phase
Cleanup phase

11. Give an example of open-source cloud computing.

When open-source software or technology is used to create a cloud service or solution, it is referred to as an open-source cloud. It also includes private, public, and even hybrid cloud models consisting of SaaS, PaaS, IaaS, and XaaS-built models that entirely run on open-source cloud technologies.

Some of the most common examples of open-source cloud computing are as follows:

OpenStack
OpenNebula
VirtualBox

12. Why are APIs used in cloud services?

Application Programming Interfaces, commonly referred to as APIs are used in cloud services for the following reasons:

There is no need to write the complete program. You can use APIs instead.
A well-communicated channel can be built between one or more applications.
It links the cloud services with other systems and creates applications.

For example, Google Compute Engine API is an API presented by Google that is used to create and run virtual machines (VMs) on Google Cloud.

Cloud Computing Interview Questions for Experienced

13. Mention cloud-enabling technologies.

A lot of other technologies also contribute to the current modern scenario of cloud-based platforms. Such technologies are called cloud-enabling technologies.

Examples of such cloud-enabling technologies are:

Broadband Networks and Internet Architecture
Data Center Technology
Service Technology
(Modern) Virtualization Technology
Web Technology
Multitenant Technology

14. What are the various data center deployments of cloud computing?

There are different data centers that make up cloud computing. These are:

Containerized data centers:

These are the packages that consist of a defined set of network components, servers, and storage in order to deliver them to large warehouses. Each deployment is unique in relation to the other. Since containerized data centers are very dense and therefore, release a lot of heat and cause trouble, it led to the usage of low-density data centers.

Low-density data centers:

They are the best alternative to containerized data centers. These do not dissipate heat. They are able to do so because the equipment is placed at a distance from each other. Therefore, the generated heat is cooled down.

15. What is meant by cloud usage monitor?

It is a self-autonomous and lightweight software program. It functions to collect and process the IT resource usage data. It is called autonomous as it does not depend on any other application to perform the procedure of collecting and processing the data.

There could be different formats in which the cloud usage monitor can exist based on the usage metrics. Here are the three most common agent-based implementation formats:

Monitoring agent
Polling agent
Resource agent

16. What is meant by serverless components in cloud computing? What are its advantages and disadvantages?

When you can build an application without the need for managing the infrastructure, it means that you have used the serverless components in cloud computing. You can even write code without having a presence of a server. These serverless machines take care of:

multi-threading
hardware allocating
container management, and
virtual machines.

The following are the advantages of serverless computing:

It is economical.
It provides scaling options.
There is no need for server management.
The operations are simple as there is no server.
There is an increase in productivity.

The following are the disadvantages of serverless computing:

You can suffer response latency in the case of serverless computing.
When we need to perform high-computing operations, serverless computing is not useful because of its limited resources.
It is difficult to debug serverless code.
The security comes under the service company instead of the customer which makes it more vulnerable to cyber-attacks.

17. What is AWS? Mention its key components.

Amazon Web Services (AWS) is a collection of remote computing services which are referred to as cloud computing. It comes under the Infrastructure-as-a-Service (IaaS) service.

The main components of AWS are :

Simple E-mail service:

Either a regular Simple Mail Transfer Protocol (SMTP) or RESTFUL API call is used to send emails.

AWS Route 53:

It is a Domain Name Server (DNS) service platform that is based on the web.

Identity and access management:

Identity management and improved security are provided by AWS.

Elastic Compute Cloud (EC2):

It has two functions:

It provides on-demand computing resources in order to host applications.
It is really helpful in case of spontaneous unexpected workloads.

Simple Storage Device (S3):

It is a storage application commonly used in AWS.

Elastic Block Stores:

They are attached to EC2. These are nothing but storage volumes that allow the data lifespan of an EC2.

CloudWatch:

It is an application that is used to look after the AWS cloud resources. It allows cloud administrators to get a full view of all the keys needed. A notification alarm can be set in case of trouble.

18. What is meant by CaaS?

Containers as a Service (CaaS) is a special system that lets developers scale, manage, run, upload, and organize containers by making use of virtualization.
A container is actually a software package.
It allows businesses to scale their apps to highly-available cloud infrastructures.

19. What are microservices?

When we develop an application that is made up of code that is independent of each other and also of the used platform to create it, this process is referred to as microservices.
Each of the microservices is able to communicate with other applications with the help of well-defined and standard APIs.
These services are maintained as a catalog for easy accessibility and maintenance.

20. What is meant by cloud-native applications?

It is a software framework designed by the following:

Containers
Microservices
Dynamic orchestration

For optimal resource utilization, each part of the cloud-native application has its own container and is dynamically orchestrated.

It’s a Wrap!

That’s all for the most-asked cloud interview questions and answers. We have assembled questions both for freshers and experienced candidates to help them crack the cloud interviews.

Happy learning!

Cyber Security Interview Questions and Answers

January 25, 2023January 25, 2023 by Aakriti

Despite a recession this year, Cybersecurity has been booming like no other industry. Thanks to the increased number of cyberattacks thus, calling in for the need for more cybersecurity professionals. In fact, the cybersecurity industry is set to face over 2.5 million unfilled job positions up until 2025. This is a clear sign that cybersecurity engineers are in so much demand. It is very important to prepare yourself for an interview if you are planning to enter the cybersecurity industry. In this blog, we are going to discuss cyber security interview questions and answers for both beginners and experienced candidates. We will also discuss some frequently asked questions at the end of the blog.

Without any further ado, let us start with the cybersecurity interview questions.

Cyber Security Interview Questions for Beginners

1. What is meant by cryptography?

Cryptography is a method that is used to protect confidential information from third parties. Therefore, it is a method to transfer confidential data without revealing the information to third parties that are not authorized to access the information.

It sends the data in an encoded manner so that no third party can decrypt it. Only the sender and the receiver can see the data.

2. What is meant by firewall? Why is it used?

A firewall is a network security system that acts as a barrier used to control, monitor, and filter incoming network traffic. It is used to block any harmful traffic such as hackers, malware, viruses, worms, etc. from entering the network system.

The uses of the firewall are as follows:

It is used to maintain data privacy.
It keeps a check over the incoming and outgoing packets of data (traffic). It only allows the information packets that follow the network protocols.
It acts as a protection gate between the network and the incoming traffic from external sources like the Internet.
It keeps malicious attacks away from the network system.

3. What is meant by VPN?

If we elaborate the term VPN, it stands for Virtual Private Network.
Its function is to connect the VPN client to the VPN server.

The user device or the VPN client gets connected to the VPN server via an encrypted tunnel.
This is how the information is sent and received by the Internet in a secure manner.
VPN technology is mostly used in the corporate environment to protect sensitive data from being exposed.

4. What do you understand by a botnet? How does it work?

A botnet refers to a group of Internet-connected devices such as laptops, PCs, servers, mobile phones, etc. These devices are often infected and controlled by malware.

Botnets can be used to attack a large number of devices if used to their full capacity by hackers.

A botnet works in the following way:

An infected system or a device which is called a bot or a zombie computer is used to create a botnet.
These devices work on the orders of bot herder’s commands.
The bad actor finds out the vulnerability of the device that is to be infected.
It then infects the user with the help of a malware.
It then gains control over all the infected devices.

5. What are the different types of cybersecurity attacks?

Here are some of the most important cybersecurity attacks:

SQL injection attack
Malware
Denial-of-Service (DoS)
Cross-Site Scripting (XSS)
Credential Reuse
Phishing
Session Hijacking
Man-in-the-Middle Attacks
Brute Force
Domain Name System Attack

6. What is meant by the three-way handshake process?

A three-way handshake process is a data transmission process used in the Transmission Control Protocol (TCP/IP) network. It is a process that happens when a connection is built between a local host and the server.

It is a three-step process that occurs before communication starts to discuss acknowledgment and synchronization.

Step 1:

Using SYN, the client makes a connection with the server.

Step 2:

The server then responds to the request of the client with SYN+ACK.

Step 3:

The server’s response is acknowledged by the client with ACK. the actual data transmission then starts to occur.

7. What is meant by CIA Triad?

CIA Triad refers to a security model. It is a sustainable model designed to that handle policy for information security in an organization.

The CIA triad stands for the following three terms:

Confidentiality:

It is a group of rules that limits access to information. It is used to protect sensitive information from any third-party access which is not authorized to access it.

Integrity:

It makes sure that the information is reliable and true. It protects the data from getting modified by an unknown person who should not have access to it.

Availability:

It enables access to the authorized people of the data. It makes sure that the data availability to the client user.

8. What is meant by XXS? How to prevent it?

Cross-Site Scripting also known as XXS is a web security shortcoming that can allow client-side injection attacks. It allows an attacker to modify how a user interacts with a particular web browser. The modifier does so by injecting malicious code into the user’s web browser.

The cross-site scripting allows the attacker to behave like the victim user and make undesirable changes.

The following steps can be taken to prevent cross-site scripting:

Filter the user input on arrival.
Encode special characters on the output.
Use headers such as content-type and X-Content-Type-Options headers to make sure that the browser reads the required HTTP responses.
Use anti-XSS tools or services.
Use a Content Security Policy (CSP) to reduce the effects of remaining XSS issues.

9. What is meant by a honeypot?

It is a bait to know how different attackers attempt exploits. It is used as an attack target. Most government and private firms can also use this concept to find the weaknesses in their security systems. This is also often used in educational setups.

10. What is Phishing? How to prevent it?

Phishing is categorized as a cyber attack in which the attacker appears to be a normal user such as a business personnel, co-worker, trusted website, etc., and attempts to steal private/unauthorized information through fake pop-up messages, calls and emails, etc.

They also often send some foreign link to the user to set it as a trap for the legit user. When the user taps on the link, the attacker gets access to the user’s device and can control it remotely.

Phishing can be prevented by taking the following measures:

Always verify a website’s security. Do not surf on untrusted websites.
Always use VPN when surfing online.
Make use of good firewalls such as Palo Alto, CheckPoint, etc.
Make sure that you use anti-phishing tools such as McAfee, Sophos, etc.

Cyber Security Interview Questions for Experienced

11. How to know the difference between Black Hat, White Hat and Grey Hat Hackers?

Black Hat Hacker	White Hat Hacker	Grey Hat Hacker
Also referred to as a cracker, a black hat hacker accesses an unauthorized system to steal important data.	He is also known as an ethical hacker. His aim is only to strategically protect a computer network system by breaking into the system with the organization’s permission.	His responsibilities include both of white and black hat hacker. They hack the system without an organization’s permission.
He performs activities such as injecting viruses, malware and worms.	His purpose is to find loopholes in the computer network system. They perform penetration testing and vulnerability assessment.	They figure out the flaw in the security system in order to get it acknowledged by the owner for a small reward.

12. What is meant by port scanning?

It is an application designed to look out for open ports and all the other services available on a host network. It is mostly used by security administrators for exploiting vulnerabilities and by hackers for targeting online users.

The following are the most popular scanning techniques are as follows:

TCP connect
UDP
TCP half-open
Ping scan
stealth half-open – NULL, FIN, X-MAS

13. What is SQL injection? How to prevent it?

SQL injection or SQLi is categorized as a code injection attack. It manages to implement malicious SQL statements to control a database server present behind a web application. It is used by the cyber attackers to access, delete and modify unauthorized data.

You can prevent SQL injection attacks by following ways:

Make use of stored procedures
To include prepared statements
To update your system
To store database credentials encrypted and classified

14. What is meant by man-in-the-middle attack?

The man-in-the-middle attack is a type of eavesdropping attack which tries to make independent connections with the victim and mimics messages between them as if they are having a private conversation.

The main objective of this attack is to gain access to any company’s private information. For example, Lenovo computers were installed with pre-installed adware that made users vulnerable to MiTM attacks. This happened in 2015.

15. What is a salted hash?

Sometimes, when two users use the same password, it causes the formation of same password hashes. That password can easily be cracked using a dictionary or brute-force attack. A salted hash is implemented in such a case in order to avoid such attack.

It is therefore, used to join a random string called salt to the password before hashing.

Bottom Line:

This blog is the perfect free guide for anyone who is appearing for an interview for a cybersecurity role. This guide consists of Cyber Security interview questions and answers for beginners as well as Cyber Security interview questions for advanced candidates.

You can go through these important questions to ace in your next cybersecurity interview.

Happy studying!

What is File Transfer Protocol (FTP) In Networking?

January 21, 2023 by Aakriti

We have already learned about various protocols in the networking ecosystem that perform various functions. The File Transfer Protocol (FTP) is an important networking protocol that enables the communication and transfer of files between two computers.

This transfer occurs on the Internet which belongs to the Transmission Control Protocol/ Internet Protocol (TCP/IP) suite. The FTP protocol is active in the Application Layer of the TCP/IP protocols.

There are two important counterparts in a typical FTP transaction, the local host and the remote host. The local host is usually the computer of an end-user who either wants to transfer, upload or download a file from the server. The server is referred to as the remote host that allows the transfer, upload and download of the files. This transaction of files occurs only if the user has been granted access to do so!

As we have already learned about the Hyper Text Transfer Protocol (HTML) whose function is similar to the FTP protocol which is to transfer files in a hypertext form. These files could be audio, video, or image.

In this blog, we will learn about the key features of the FTP protocol followed by the working of the FTP protocol. We will also cover how to use this protocol.

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

Without any further delay, let us begin!

What is FTP?

The File Transfer Protocol (FTP) is a standard network protocol that is used to upload, download or transfer files from one computer to another. It allows expansive file transfer across various IP networks.

The following are the key features of the FTP protocol:

FTP is a standard Internet protocol that provides the sharing of files.
It transfers data with better control, quality, and reliability than HTML web services or email.
FTP uses a client-server model.
The FTP is most commonly used by Network Engineers in the process of upgrading an operating system of a network device.
The FTP protocol can also be used to download the newer version of iOS from a server and then reboot the device with the new iOS image.
FTP was standardized in 1971. This is even before the TCP/IP, therefore, FTP is a very old protocol.
The TCP ports used by FTP are 20 and 21.
There is no encryption in FTP similar to HTTP. Everything is sent in plain text including the username and password that is used for authentication.
FTPS (FTP over SSL/TLS) can be used for better security. Please note that the FTPS is an upgrade to FTP.
SSH File Transfer Protocol (SFTP) can also be used for greater security.
FTP does not only allow file transfers, but it also allows clients to look for file directories, add and remove directories, list files, etc.
The client sends FTP commands to the server to perform the above-mentioned functions.

How Does the FTP Work?

For the FTP protocol to work, the FTP client plays a very important role. It is a computer application that connects the user to remote servers using FTP protocol. The FTP client has the following three parts:

The user interface
Control process
Data transfer process

The server, on the other hand, has two major parts:

Control process
Data transfer process

For an FTP connection to be established, there are two unique communication channels:

Command channel:

This channel is responsible for initiating the instructions and response.

Data channel:

The data channel facilitates the distribution of the data.

The FTP uses two types of connections:

FTP Control Connection (TCP21):
It is established and used to send FTP commands and replies.
The client sends commands when it wants to perform an action, such as retrieving a file from the server, and then the server sends replies to acknowledge.
The actual data transfer does not occur using this FTP connection.
FTP Data Connection (TCP20):
When files and data are to be transferred, separate FTP data connections to TCP port 20 are established and terminated as required.

Now, all we need is an actual data connection to transfer the data. There are 2 different modes that can be used to establish an FTP data connection. These are:

Active Mode:
It is the default method of establishing FTP data connections.
In such a mode, the server initiates the TCP connection.
After the TCP connection is set up, the FTP data connection is established and the data can be exchanged.

Note: The FTP control connection is maintained throughout the whole process.

Passive Mode:
The client initiates the data connection in the FTP passive mode.
This is often the case when the client is behind a firewall which could block the incoming connection from the server.
The firewall permits the server’s replies but it would block the message if the server itself tries to TCP connection.

How to Use FTP?

There are mainly three approaches to how we can establish and use the FTP connection. These are:

Command-Line FTP:
This is the simplest method of establishing a TCP connection.
A command prompt is used.
This method is commonly used by Developers to transfer files.
Web browser:
We can also use a web browser to talk to the FTP server.
Sometimes, a user wants to access large directories on the server. This is where the web browser works the best.
However, this method is less reliable and slow.
FTP client:
This is the most popular method to use FTP.
It is easier to manage than the other methods.
It is also more powerful.
It gives more freedom than the FTP commands and web browser method.
It allows users to send large files.

Conclusion:

This marks the end of our FTP blog of CCNA course series. In this blog, we have learned what is FTP and how it works. Then, we also learned how to use the FTP connection. The bottom line is that the FTP is used to transfer files from one computer to another.

Stay tuned for learning more Protocols such as TFTP protocol in the CCNA series

Happy learning!

What is SSH (Secure Shell) In Networking? How Does It Work?

January 17, 2023January 17, 2023 by Aakriti

We have learned about many different network protocols that help us communicate with other network devices. We are able to share data among different network devices. Secure Shell or SSH is a protocol used to connect devices and configure them via the CLI.

One of the options is to connect a device and configure it through a console port. However, SSH allows you to connect to a device remotely without being directly connected to its console port.

Therefore, SSH is a network protocol that lets you configure network devices using remote access. Before we study SSH, you must know that the industry was using Telnet which is quite similar to SSH, however, it is less secure.

In this blog, you will learn what is SSH and what it is used for. You will also learn about the architecture of SSH as well as how it works. Let’s get started without any further ado!

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

What is Meant By SSH?

SSH which is also known as Secure Shell or Secure Socket Shell is a network communication protocol. Here are the key feature of the Secure Shell:

The Secure Shell or SSH protocol was created in 1995 to replace a less secure protocol called Telnet.
The term “shell” in SSH refers to a computer program that provides an operating system’s services to a user. So, if you are accessing a CLI of a device, it is basically a shell. Earlier, this term referred to a program that processes Unix commands.
SSH allows encrypted communication between two network devices, therefore, it is very secure.
Therefore, with SSH, you can remotely access a computer over an insecure network such as the Internet.
SSH is mainly used by Network Administrators to manage systems and applications remotely. This allows them to log in to another computer and implement commands as well as move files over a network.
SSHv2 which is a major revision of SSHv1 was released in 2006.
Version 2 of SSH is much more secure than the first version, therefore, it can be used whenever possible.
If a device supports both version 1 and version 2, it is said to run version ‘1.99’. Please note that it is not a version of SSH, it simply means version 1 and version 2.
SSHv1 is not in use anymore because of its rudimentary/old designs.
In a nutshell, SSH provides security features such as encryption and authentication.
Telnet uses TCP Port 23. SSH uses TCP Port 22.

What is SSH Used For?

We have already covered the key features of SSH to know what it is used for. Let me highlight what an SSH is really used for in this section.

SSH is used by Network Administrators to manage apps and systems completely on a remote basis. More than 50% of the world’s servers, be they on-premise or cloud are managed by SSH!

It is used to secure, manage, configure, maintain and operate network servers, firewalls, routers, switches, and applications.

Therefore, there are three parameters included in SSH security:

Encryption
Authentication
Data integrity

You must remember that SSH is critically used to connect to a remote host in a terminal session.

How Does SSH Work?

The SSH protocol follows a client-server model. We have learned about it before as well. Just to refresh, the client-server model is a request-response model case where a server responds to the request of a host.

It connects a secure shell client application with the SSH server where the actual end session is executed.

SSH performs the following functions:

The client initiates the network connection by contacting the server.
It then sends the server a public key.
This public key is exchanged with the SSH server.
The SSH client and the SSH server then negotiate the parameters and open a secure channel.
A user login occurs to the server host operating system.

The SSH connects to the remote system by using the following demand:

ssh UserName@SSHserver.test.com

What is the Architecture of SSH Protocol?

SSH protocol consists of three layers that are well-separated from each other. The different layers of SSH are as follows:

Transport layer
User-authentication layer
Connection layer

Let’s go over all these layers one by one:

1. Transport Layer:

The transport layer is the highest layer of the TCP/IP protocol.
This layer handles initial key exchange, server authentication, encryption, compression, and data integrity.
It sends and receives plain text packets of up to 768 bytes.

2. User-Authentication Layer:

This layer is responsible for handling client authentication.
It also provides different authentication methods.
The different methods of authentication include:
- Password authentication
- Public key-based authentication
- Keyboard-interactive authentication/ OTP-based authentication
- Authentication by external methods (GSSAPI).

3. Connection Layer:

SSH service can be provided through various channels which are decided by the connection layer.
One SSH connection can host various channels at the same time.
Data could be sent in two directions by the connection layer at the same time.
There are different types of standard channels in the connection layer:
- Shell: It is used for terminal shells.
- Direct-tcpip: All the client-to-server connections use direct-tcpip.
- Forwarded-tcpip: all the server-to-client connections use forwarded-tcpip.

Through all these different layers, SSH can transfer different types of data such as:

Text
Data
Commands
Files

Bottom Line:

This marks the end of the SSH blog. In this blog, we have learned about the very important concepts of the Secure Shell protocol. This protocol is the better version of old protocols such as Telnet, etc.

We have learned the key features of SSH. Moving on, we understood the uses of SSH. Then we covered the working of the SSH protocol followed by the architecture of the protocol.

You can check out our previous blogs of CCNA course series to learn about different protocols used in networking.

Stay tuned for more blogs in our CCNA series.

Keep Learning!

What is Border Gateway Protocol (BGP) in Networking?

January 16, 2023 by Aakriti

Until now, we have learned about many different types of network protocols such as OSPF, RIP, EIGRP, etc. All of these were Interior Gateway protocols. In this blog, we are going to learn about the Border Gateway Protocol (BGP).

Note: If you haven’t read the previous blog of our CCNA 200-301 series, I highly recommend you do so.

The Border Gateway Protocol (BGP) is an Exterior Gateway Protocol! To be precise, it is a Path-Vector Routing protocol. However, you must know that it is a dynamic routing protocol. Since it is a routing protocol, it is used to control how data flows from point A through points B and C and arrives at the destination point D.

As you are aware that the Internet is nothing but a bunch of networks together, BGP is the routing protocol that tells networks about another networks and where they reside.

BGP is referred to as an exterior gateway protocol because it is used to exchange routing information between two or more than two autonomous system numbers. To configure BGP, it is very important to have Autonomous Systems (ASs). We will learn about them in detail in this blog. We will also learn how BGP works in this blog.

Without any further ado, let us begin learning about Border Gateway Protocol (BGP)!

What is Meant By BGP in Networking?

- BGP is an exterior gateway routing protocol that uses path vector routing.
- It is a dynamic routing protocol.
- Its main function is to enable inter-AS routing. AS here stands for Autonomous Systems.
- BGP consists of a few elements, the most important being the Autonomous System Number (ASN).
- ASN is a unique number given to every single Internet Service Provider (ISP) so that they can be identified.
- The standard ASN is 50300.
- Therefore, when BGP pairings are established which is talking to other Internet Providers in order to exchange traffic, it is that number that identifies us around the world.
- Therefore, a BGP peering session is established.
- This session is established on a certain IP address.
- Currently, we use the BGP version 4.
- The whole purpose of BGP is not just to help networks talk to each other but is also, to better connectivity.
- There are two types of Autonomous Systems:
  - Public AS
  - Private AS

There are two types of BGP sessions:

- eBGP (Exterior BGP)
- iBGP (Interior BGP)

Let us look into these types of BGP sessions!

1. iBGP:

An iBGP works within an Autonomous System.
The administrative distance (AD) in iBGP is 200.

2. eBGP:

An eBGP works between different Autonomous Systems.
The Administrative Distance (AD) of BGP in this case is 20.

What are the Different Types of Autonomous Systems?

Since the BGP helps in routing between different autonomous systems, it is important to learn about different types of autonomous systems:

1. Stub AS:

There is only one connection to another AS in the Stub AS.
Data traffic cannot pass through a stub autonomous system.
The traffic can move within an autonomous system.
A stub is either a source or a sink.

2. Multi-Homed AS:

It has more than one connection to other Autonomous Systems.
Still, it is still one source or sink for data traffic.
There is no transient traffic.

3. Transit AS:

It is a multi-homed autonomous system that allows transit traffic.
For example, ISP (Internet Backbone) is a transit AS.

How Does the BGP Work?

Now that you know about autonomous systems, let us learn how BGP selects the best path! The concept behind BGP is the best path selection. You can imagine the similarity of BGP to Google Maps. You put in the destination and it knows your current location, then, it tells you the best path. The BGP works in the same way but for the Internet.

When a network router wants to connect to a network, it has to send data via the best path.
This is when the BGP considers all the different peering options the router has and it chooses the shortest path to the router.
The routing information is then communicated by each of the potential peers.
This information is stored within a Routing Information Base (RIB).
BGCP then receives this information, accesses it and chooses the best path.

What are the Different Types of Packets in BGP?

There are four different types of packets that are sent by the BGP:

Open
Update
Keep Alive
Notification

1. Open:

When one router wants to connect to another router and wants to create a neighborhood relation, it uses the open message.

2. Update:

It is used in two situations:
- It is used to withdraw a destination that has been previously advertised.
- It is also used to announce a route to a new destination.

3. Keep Alive:

Such a message is exchanged regularly.
It is used to tell other routers if they are alive or not.
For example, ‘Hello’ packets.

4. Notification:

It is sent by a router when there is an error condition.
It is also sent by the router when it wants to close a connection.

Bottom Line:

This marks the end of our BGP in networking blog. It is the only protocol that is an exterior gateway protocol. It is a kind of protocol that uses Autonomous Systems to build connections and send traffic.

In this blog, we have learned how the BGP works and what are the different autonomous states in a BGP connection. At last, we have also learned about the different types of packets sent by routers in a BGP connection.

This marks the end of our routing protocols. You can learn other routing protocols such as OSPF, EIGRP, RIP, etc. in the full CCNA course series.

Stay tuned for more blogs in our CCNA series.

Happy studying!

What is EIGRP in Networking?

January 12, 2023 by Aakriti

Known as the Enhanced Interior Gateway Routing Protocol (EIGRP), it is a hybrid routing protocol. In this blog, we will learn about the EIGRP protocol and how it works.

In the Previous blog, we learned about the Routing Information protocol (RIP), a distance-vector interior gateway protocol. I definitely recommend you go through that blog before Jumping to this blog.

Here, we are about to learn about the EIGRP protocol and how it works. we will know how EIGRP chooses the best route to send the packets. After that, we will also learn about the different packet types that the EIGRP uses for the management of the sessions. At last, we will learn a few benefits of the EIGRP.

Without any further ado, let us begin learning about EIGRP in networking in detail!

What is Meant By EIGRP?

You will find out that many things about EIGRP are similar to RIP. Let us begin learning about some key features of EIGRP:

The term EIGRP is an acronym that stands for Enhanced Interior Gateway Routing Protocol.
It is an improved version of the older Interior Gateway Routing Protocol (IGRP).
EIGRP was previously a Cisco-owned protocol. However, Cisco has now made it an open-standard protocol. Therefore, any vendor can use it now on their equipment!
EIGRP is considered an ‘advanced’ or ‘hybrid’ distance vector routing protocol.
It improves many basic operations of RIP which is its fellow distance vector routing protocol.
It is way faster than RIP in reacting to the changes needed in the network.
It does not have a hop count limit of 15 like RIP. Therefore, it supports very large networks.
It sends messages using the multicast address 224.0.0.10.
EIGRP can be deployed on both IPv4 and IPv6 Internet Protocol networks. It can also be deployed on networks such as Novell Internetwork Packet Exchange.
EIGRP is the only Interior Gateway Protocol (IGP) that can perform unequal-cost-load-balancing. It performs equal-cost-load-balancing (ECMP) load balancing over 4 paths like RIP by default.
EIGRP can even load balance on the basis of the proportion of their bandwidth. Therefore, more traffic will be sent over to the paths with lower metric as they are faster.
Less traffic will be sent to the paths with higher metric as they are slower.

EIGRP is a wonderful protocol. However, it is mostly used in Cisco devices, therefore, it is not as widely used as OSPF.

How Does The EIGRP Choose The Best Path?

Unlike other routing protocols, EIGRP uses four major metrics to choose the best path to transmit the packets. These metrics are:

Bandwidth
Delay
Load, and
Reliability

The default metric used by EIGRP is bandwidth and delay.

EIGRP uses the following table for route discovery:

Neighbor table
Topology table
Route table
Successors
Feasible successors

Now, let’s see how this table works step-by-step.

1. Neighbor Table:

The neighbor table is used to store the condition of the directly connected neighbors.
This means that whether the directly connected router is active or non-active, the neighbor table is going to store the information anyway.

For example, if two routers are connected to each other directly, both routers are going to send the ‘Hello’ packets to each other after every 5 seconds. These two routers consider each other alive as long as this exchange of packets continues.

If the router is not able to receive the hello packet in 5 seconds, it realizes that the link is down and forwards this information to another connected router. In such a way, all the routers are updated about the link failure of a particular router in the network.

2. Topology Table:

This table is used to store the advertisements of the destinations by the neighbors.
The advertisement includes:
- The destination address
- The neighbor that is linked to the destination
- The metrics used by the neighbor to the destination

For example, if three routers are connected to each other in a linear form and the first router wants to reach the third router, it is not going to receive any advertisement from the third router. In fact, it will receive an advertisement from the second router.

This is because the second router knows the best route to reach the third router and the first router knows the best route to reach the second router. This is how all the routers are configured with EIGRP to calculate and update the router to their routing table.

3. Routing Table:

This table is used to store all the possible routes to reach the destination.
This is the main function of the routing table.

4. Successors:

The successor is the path with the best metric.
This means that the successor is the best available route in the routing table to reach the destination and the router chooses this route first.

5. Feasible Successors:

It is considered a backup route.
If the path distance is less than the original path to reach the destination, it is considered feasible.
When the successor path is invalid or inactive, it becomes the first choice.
It is the second fastest available route to reach the destination.

The algorithm which determines the most efficient and reasonable routes to reachable destinations is the Diffusing Update Algorithm (DUAL). This is decided on the basis of the distance and whether the destination path is loop-free.

What Packages are Used By EIGRP?

EIGRP uses 5 packages to pass messages and allow the management of the sessions. These are:

HELLO packets
QUERY packets
REPLY packets
REQUEST packets
UPDATE packets

What are the Benefits of EIGRP?

The EIGRP protocol has the following benefits:

It has a faster convergence.
There is no need to update the routing tables by hand.
It has a low network resource usage as it only sends HELLO packets when the network is stable.
It either uses unequal-cost-load-balancing or equal-cost multipath balancing to use links more efficiently.
It is loop-free therefore, it improves video and voice quality.

Conclusion

EIGRP is the new-age Interior Gateway Protocol (IGP) that has a faster convergence. Its highlighting feature is the unequal-cost-load-balancing that in return, reduces CPU usage.

However, EIGRP is more of a Cisco proprietary even though some of its features are open-standard. OSPF is considered over EIGRP!

Stay tuned for learning more Protocols such as BGP in the CCNA series

Happy learning!

What is Routing Information Protocol (RIP) In Networking?

January 10, 2023January 10, 2023 by Aakriti

Since we are learning about the various networking protocols, it is time to learn about the RIP Protocol in Networking (Routing Information Protocol).

In the previous blog, we learned about the Open Shortest Path First (OSPF) protocol. I definitely recommend you go through that blog before jumping to this blog.

In this blog we are learning about the Routing Information Protocol (RIP) which is also an Interior Gateway Protocol (IGP), however, it is not a Link-State Protocol. It is a Distance-Vector Protocol.

We will learn in detail why it is called a distance vector routing protocol in the later part of this blog. So, we will cover what is Routing Information Protocol (RIP). Then we will learn how this protocol works and after that, we will learn about the advantages and disadvantages of the RIP protocol in Networking.

What is Meant By The Routing Information Protocol (RIP)?

The Routing Information Protocol (RIP) is an open-standard protocol. It is not a Cisco proprietary protocol!
It can be specified as a classful routing protocol.
It is a distance-vector interior gateway protocol. Therefore it uses ‘routing-by-rumor’ logic to learn or share routes.
This name is given so because the router does not know the network beyond its neighbors. It is only aware of the information that its neighbors tell the router about it.
The distance vector protocols operate by sending the following to their neighbors that are connected directly:
- Their known destination networks.
- Their metric (distance/cost) to reach their known destination networks.
Distance vector routing protocols are older than Link-State routing protocols.
In the link-state routing protocols, the router develops a complete picture of the network.
The RIP protocol is called a ‘distance vector’ because it is only aware of the distance (metric) and the direction/next-hop router (vector) of each route.
One router = one hop. For example, a 10-gigabit connection is equal to one hop. So is the 10-megabit connection.
The maximum hop count is 15. This means that RIP cannot be used for very large networks.
The number of maximum routers is 16.
The lower the metric, the better it is!

It exchanges the whole of the routing table after every 30 seconds.

What are the Different Versions of RIP in Networking?

There are three versions of the RIP in Networking. These are:

RIPv1
RIPv2
RIPng (RIP Next Generation)

RIPv1:

Version 1 of the RIP is a very old protocol.
This version is not recommended to use while using the RIP.
It only advertises classful addresses such as Class A, Class B and Class C.
Therefore, it does not support VLSM and CIDR.
When RIPv1 advertises a network to a neighbor, it does not even include subnet mask information in advertisements.
It is suitable for IPv4.
The messages of version 1 are broadcasted to the IP address 255.255.255.255.
Since IPv4 address classes are no longer in use, they are replaced with CIDR and VLSM.

RIPv2:

It is not classful like version 1.
It supports both CIDR and VLSM.
It includes subnet mask information in its route advertisements to support it.
For example, a /30 network will be advertised as /30.
It supports IPv4.
The messages are multicast to the IP address 224.0.0.9.

Note: Broadcast messages are delivered to all the devices in a local network. On the other hand, multicast messages are only sent to those devices that have joined the specific multicast group.

RIPng:

It is a next-generation RIP.
It is used in IPv6.

How Does the RIP Work?

To understand how RIP works, we will consider two types of networks.

In the first example, there are eight routers connected to a network where router 1 wants to send data to router 3. If the network is configured with RIP, it will choose the route with the least hop count. In other words, it will choose the shortest path.

In this network, we have three possible routes to deliver the data from R1 to R4:

Route 1:

It has 3 hop count. The data travels from R1 to R2 to R3 to R4.

Route 2:

It has 2 hop count. The packet travels from R1 to R5 to R4.

Route 3:

It has 4 hop count. The data travels from R1 to R6 to R7 to R8 to R4.

Therefore, the shortest path is router 2 as it has 2 hop counts only!

Let us consider another example!

In this example, router R1 wants to send information to router R4. If the network is configured with RIP, it will choose the route with the least hop count.

In this scenario, there are 2 possible pathways to send data from R1 to R4:

Route 1:

It has a hop count of 3. The data travels from R1 to R2 to R3 to R4.

Router 2:

It has a hop count of 3 as well. The data travels from R1 to R5 to R6 to R4.

In such a case when the hop count is the same for all of the routes, the router will send the packets through both route 1 and route 2 at the same time. In such a way, it manages the load balancing in the network. In such a way, the data will reach the destination faster.

What are the Advantages of the RIP Protocol in
Networking ?

The following are the advantages of the RIP in Networking:

RIP is easy to configure.
There is no complexity in this protocol.
It uses less storage or CPU.
It uses load balancing.
It does not have any loops.

What are the Disadvantages of the RIP Protocol in Networking?

Here are a few disadvantages of the RIP in Networking:

RIP only works on the basis of the hop count matrix. Therefore, if there is a better route available with more bandwidth, RIP does not choose that specific route.
RIP always supports equal-cost load balancing.
It broadcasts the updates to all of the network and therefore, it creates a lot of traffic.
Bandwidth usage is very heavy as it broadcasts its update every 30 seconds.
RIP only supports a maximum hop count of 15.
It can only configure 16 routers.
If any link goes down, RIP takes a long time to choose an alternate route. Therefore, it has slow convergence.
RIP has the highest Administrative Distance of 120 which is not as reliable as other router protocols.

Bottom Line:

The Routing Information Protocol or RIP in CCNA is an interior-gateway distance vector routing protocol. To summarize, we have learned about the working of the RIP in Networking and we have also looked into the advantages and disadvantages of the RIP protocol in Networking.

In the upcoming blogs, we will understand EIGRP in detail.

Stay tuned for learning more protocols such as BGP, EIGRP in the CCNA series

Happy learning!

What is Open Shortest Path First (OSPF) in Networking?

January 9, 2023January 9, 2023 by Aakriti

There are many routing protocols in the networking domain that define a set of rules on how data should be transmitted. Open Shortest Path First (OSPF) is one such dynamic routing protocol. It is called a dynamic protocol as it is able to dynamically exchange routing information between the routers that are the nearest neighbors.

In this blog, we will learn what the OSPF protocol is and how it works. We will also learn about the different states of the OSPF protocol. In the end, we will also discuss the advantages and disadvantages of the protocol.

In the previous blog , we learned about the types of FHRPs in detail. I definitely recommend you go through that blog before jumping to this blog.

Let us now start learning about the OSPF protocol!

What is the OSPF Protocol?

Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) that has an algorithm type of Link-State.

This is how a link-state protocol functions:

When we use a link-state routing protocol, every router creates a ‘connectivity map’ of the network.
To make this happen, each router advertises information about its interfaces (connected networks) to its neighbors. These advertisements are passed along to other routers until all the other routers in the network develop the same map of the network.
Therefore, it is very important to note that each of the routers then uses this same map to calculate the best routers for each destination.
Since more information is shared, link-state protocols use more resources on the router.
The link-state routers react faster to the changes in the network than the distance vector routers.

Now, let us understand the OSPF in detail:

If we expand the term OSPF, it is Open Shortest Path First.
It uses the Shortest Path First algorithm which is also called Dijkstra’s algorithm. This algorithm is named after the name of a Dutch computer scientist.
There are three versions of OSPF:
- OSPFv1: This is the first version of OSPF created in the year 1989. It is no longer in use.
- OSPFv2: This is the second version of OSPF created in 1998. It is used in IPv4. This version is important for CCNA 200-301.
- OSPFv3: This is the latest version of OSPF created in the year 2008. This version is used for IPv6 and as well as for IPv4.
The routers store information about networks in Link State Advertisements (LSAs) which are organized in a structure called the Link State Database (LSDB).
Routers flood the LSAs until all the routers in the OSPF area develop the same map of the network (LSDB).
This flooding is similar to switches when they receive a broadcast frame or an unknown unicast frame.
In OSPF, flooding means that they send the LSAs to all of their OSPF neighbors.

How OSPF Works?

The basic functioning of OSPF is carried out through LSA Flooding. As we know by now, the OSPF chooses the shortest path for the routers. The main process involves the sharing of LSAs and determining the best route to each destination.

This is how OSPF works in three main steps:

The first step is to become neighbors with other routers connected to the same segment.
Then the routers exchange the Link State Advertisements (LSAs) with neighbor routers.
After that, each router independently calculates the best routes to each destination. Then it inserts all of these into the routing table.

What are the Different States of OSPF?

The network devices that use the OSPF protocol undergo certain states. The various states of OSPF are as follows:

Down:

No “Hello” packets are received on the interface in the down state. The downstate means that the OSPF adjacency process has not begun yet.

INIT:

The “Hello” packets are received from other routers in the INIT state.

2WAY:

In this state, a bidirectional connection is formed. Both routers receive “Hello” packets from other routers.

Exstart:

In this state, the exchange of NULL DBD takes place. Similar to the First Hop Redundant Protocol (FHRP), the election of the master and slave router occurs. The router with the higher router ID becomes the master while the router with the lower router ID becomes the slave. This decides which router sends the DBD first.

Exchange:

The actual DBDs are exchanged in this state.

Loading:

The Link State Advertisements (LSAs) along with LSUs and LSRs are exchanged in this state.

Full:

All the information is synced in this state. It is only after the Full state that the OSPF routing begins!

Therefore, there are a total of seven states of OSPF that the routers undergo before the actual OSPF routing begins.

What are the Advantages of OSPF?

The following are the major advantages of the OSPF protocol:

OSPF can be configured on both IPv4 and IPv6 versions of IPs.
It can carry out load balancing.
It uses the SPF algorithm to present a loop-free technology.
It is not Cisco proprietary. It can run on many routers.
It is a classless protocol.
It has unlimited hop counts.
It works very fast.

What are the Disadvantages of OSPF?

The following are the disadvantages of the OSPF protocol:

It needs extra storage. Therefore, it means that it needs an extra CPU process to run the SPF algorithm.
It needs more RAM to save adjacency topology.
It is very complex. Therefore, it’s very difficult to troubleshoot.

Bottom Line:

This marks the end of the OSPF blog. So far, we have learned what the OSPF protocol is and why it is called a Link-State Protocol. We have also understood the working of the protocol.

Then, we learned the different states the routers undergo before the actual OSPF process begins. At last, we looked over the advantages and disadvantages of the OSPF protocol.

Stay tuned for learning more protocols such as BGP, EIGRP, and RIP in the CCNA series

Happy studying.