CCNA Cyber 210-255 SECOPS by UrduITacademy - Dailymotion

UrduITacademy

Organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOC’s) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity threats.The CCNA Cyber Ops certification prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers.

Transcript

00:00bismillahirrahmanirrahim assalamu alaikum welcome back

00:03and we have come to lecture number 1

00:07CCNA cyber op security fundamental lecture

00:11210-250 you know about the book

00:14we are reading this book if you buy the library

00:17210-250 and 210-255

00:20security fundamental and security operations

00:23we will cover both of them

00:25so lets start

00:27there is no catch up, TCPIP is fundamental

00:29before starting all this work

00:31let me give you a suggestion

00:33that you go to urdu it academy

00:37this is urdu it academy

00:39go to courses, cisco

00:41and this CCNA ICND 1

00:43i assume you have read all of this

00:45because this is very important for you to read

00:48without this i have no point

00:51to try to reinvent the wheel

00:55this is the best shot we have given

00:57everyone who works at the SOC

00:59should know about TCPIP

01:01this is protocol suite

01:03fundamental of IP packet

01:05OSI layer model

01:07application presentation session

01:09transport layer

01:11IP addresses

01:13169.254 IP addresses

01:15because one day

01:17you will be sitting in a SOC

01:19and you will be monitoring

01:21some security activity

01:23and you will see

01:25there is an IP address

01:27which is coming from 169.254

01:29and it is producing some traffic

01:31and your colleague

01:33will tell you

01:35this is a malicious IP address

01:37this is a strange behavior

01:39this is a Chinese IP address

01:41so you will be sitting there

01:43and will say this is a misconfiguration

01:45this is not security

01:47now when you will be talking

01:49with your legs crossed

01:51it means you know these things

01:53so you have to be on that level

01:55you should know about TCP3 way handshake

01:57you should know about UDP

01:59what is the difference between TCP and UDP

02:01I will give you a common example

02:03one day a guy will say

02:05you opened UDP port 23

02:07and I can't check

02:09I will tell you a common thing

02:11if you have

02:13I don't have a telnet port

02:15open

02:17if you want to see your access

02:19to a server

02:21so you will do

02:23telnet

02:25cisco.com

02:27space 80

02:29and you will see a blank screen

02:31you will say

02:33port 80 is open

02:35now what will happen

02:37he will say you opened port 80

02:39but I am doing telnet

02:41so port 80 is not opening

02:43this is a common troubleshooting

02:45if you want to use port 443

02:47you will type 443

02:49and it will show

02:51if 443 is open or not

02:53now

02:55what he was doing

02:57he said I did telnet

02:59and you said 443

03:01or 123 port is not opening

03:03I said telnet is a protocol of TCP

03:05and I opened port UDP

03:07so

03:09I didn't have to google

03:11you should know these basic things

03:13this is a networking 101

03:15type thing

03:17you should know

03:19ARP reverse

03:21DCP

03:23ICMP

03:25many people ask

03:27to confuse people

03:29tell me

03:31which port does ICMP work

03:33if I ask you this

03:35you will be confused

03:37which port does ICMP work

03:39ICMP is a different protocol

03:41it doesn't use TCP UDP

03:43ICMP uses ICMP protocol

03:45how to do packet delivery

03:47I have explained it in detail

03:49so

03:51let's start OSI layer model

03:53we know OSI layer model

03:55what are bridges

03:57switch hub and router

03:59if you don't know

04:01go back

04:03we know data

04:05and here

04:07we have segmentation

04:09here packets

04:11here frames

04:13what are segments

04:15what are packets

04:17application layer, presentation layer, session layer

04:19transport layer, headers

04:21network layer

04:23IP header, data link layer

04:25frames, MAC addresses

04:27physical layer

04:29we know all these things

04:314 layer TCP IP model

04:33ISO layer model

04:35is of 7 layers

04:374 layer TCP IP model

04:39also

04:414 layer TCP IP model

04:43TCP IP stack

04:45or

04:47DOD model

04:49Department of Defense

04:511974 protocol of packets

04:53network

04:55in 1982

04:57TCP IP DOD

04:59Department of Defense

05:01to connect all devices

05:03ARPANET

05:05switch towards TCP

05:07NCP

05:09legacy protocol

05:13history layers

05:15in 1960

05:17ARPANET

05:19DARPA

05:21internet

05:23published in 1984

05:25OSI

05:277 layer model

05:29in 1983

05:31ARPANET

05:33TCP

05:35OSI

05:374 layer TCP IP

05:397 layer OSI

05:41map

05:43TCP IP stack

05:45OSI

05:47TCP IP application

05:49OSI model

05:51application

05:53presentation

05:55SMTP services

05:57HTTP

05:59application

06:01TCP IP

06:03application transport

06:05physical layer

06:07ATIP

06:13ATIP

06:15ATIP

06:17ATIP

06:19ATIP

06:21ATIP

06:23ATIP

06:25ATIP

06:27ATIP

06:29ATIP

06:31ATIP

06:33UDP

06:35UDP

06:37TCP port 80

06:39TCP header

06:41TCP encapsulation

06:43IP

06:45IP address

06:47IP address

06:49Ethernet

06:51Ethernet

06:53Ethernet

06:55Ethernet

06:57Ethernet

06:59Ethernet

07:01so 1,2,3,4 these are the 4 layers

07:05this is the encapsulation

07:08when it reached the receiving end

07:10it first removed Ethernet header

07:12then IP header

07:13then TCP header

07:14then HTTP post request

07:15and sent it to the server

07:17and the web services running behind it

07:19it processed it and did whatever needed to be done

07:21ok

07:22tell me one very interesting thing

07:24I think I haven't taught this

07:26one person asked me in an interview

07:28that the communication between a server and a client

07:34tell it in as much detail as you can

07:37I told OSI layer model and everything

07:40but what I was lacking at that time

07:42was that when you are pulling data from HTTP

07:46rendering it and showing it in your browser

07:49it would have been better if you told that detail too

07:52well, I didn't get that job

07:54anyway

07:55after that we go to the IP protocol

07:58this is the IP protocol

07:59the TCP we were talking about

08:01this is the IP protocol

08:03we are talking about the inter-network layer

08:05we are not reading the TCP header

08:07we are reading the IP header

08:08I have explained it in detail

08:09layer 3 of OSI model

08:11ok

08:12connectionless protocol

08:13where is the connectionless protocol

08:15ok

08:16don't worry about the sequencing

08:17addressing network and host IP addresses

08:19network ID, host ID

08:21this is the IP protocol

08:22that's why connectionless is written

08:25ignore it

08:26so this is your entire header

08:27ok

08:28what is the purpose of teaching this

08:29because this is the IPv4 header

08:31after this we have to see IPv6

08:33ok

08:34so this is the version

08:350 to 4

08:36what version of IP version 4

08:38you are using

08:39IP header length

08:40this is the IP header

08:41this is a bit out of sync

08:42ok

08:43this is the version

08:44ok

08:45this is the IP header length

08:46minimum of 20 bytes

08:47ok

08:48type of service

08:498 bits are used in this

08:50for quality of services

08:51DSCP takes 6 bits

08:53ok

08:542 for congestion notification

08:55if there is congestion in the network

08:56ok

08:57entire length of packet

08:58ok

08:59this is 65,535 bytes

09:01of entire header

09:03that's why there are so many bits

09:04which can be presented

09:05ok

09:0616 to 31

09:07how many will be there

09:0816 will be there

09:09and then

09:10these 3 fields are used

09:11for the fragmentation of packet

09:12and identifying them

09:13and using them

09:14to resamble

09:15identification

09:16assembly

09:17disassembly

09:18whatever it is

09:19flag

09:20you know

09:21fragment

09:22ok

09:23header

09:24check

09:25source

09:26IP

09:27destination

09:28option

09:29I remember

09:30I discussed in the

09:31previous lecture

09:32that

09:33whenever

09:34someone is

09:35telling you

09:36this

09:37then

09:38he tells

09:39version

09:40blah blah

09:41source

09:42IP

09:43destination

09:44IP

09:45option

09:46padding

09:47ok

09:48all the stories

09:49are lost

09:50I have told

09:51routing

09:52decision

09:53minus 1

09:54increment

09:5529

09:56ok

09:57what is the reason

09:58not to create

09:59loop

10:00in the network

10:01ok

10:02if there is a packet

10:03which is roaming

10:04in the network

10:05for no reason

10:06when it is

10:07on the

10:08counter of 0

10:09then

10:10the router

10:11will discard it

10:12if it is

10:13coming with

10:140 value

10:15or

10:16with 0 value

10:17the way

10:18it reaches

10:19the router

10:20ok

10:21hackers

10:22use

10:23this

10:24kind of

10:25packets

10:26ok

10:27after that

10:28comes

10:29what IP

10:30ok

10:31this

10:32is a

10:33mistake

10:34which

10:35IP

10:36header

10:37field

10:38help

10:39preventing

10:40the

10:41loops

10:42TTL

10:43packet

10:44prevents

10:45loop

10:46routing

10:47loops

10:48value

10:49ok

10:50A

10:51class

10:52127

10:53RFC

10:541918

10:55private

10:56IP

10:57address

10:58A

10:59class

11:00B

11:01class

11:02C

11:03RFC

11:041918

11:05separate

11:06IP

11:07ranges

11:08class

11:09A

11:10class

11:11B

11:12class

11:13C

11:14class

11:15D

11:16class

11:17E

11:19class

11:20C

11:21class

11:22B

11:23class

11:24D

11:25class

11:26E

11:27which

11:28is

11:46reserved

11:47network addresses all 0s in the host portion, broadcast addresses all 1s in the host portion,

11:54directly broadcast address 10.255.255.255, local broadcast address never broadcast outside

12:00its local segment, local loopback address 127, RFC 3947, APIPA automatic private IP

12:08addressing, 169.254.0.0, I cannot get to my DSCP server, what IP address my PC will get,

12:23standard question, answer C, public and private IP addresses, IANA, IANA under ISOC, Internet

12:34Society, Afrikanik, APNIC, ARIN, Latin America, RIPE, IPv4, RFC1918, 10, 172, 192, these are

13:01private IP addresses, you do not browse on the internet with these IP addresses, you

13:06should have a net in front of these IP addresses which is a public IP address, I have discussed

13:11this in detail in ICND1, I think it is defined according to the plate of the car.

13:18In IPv4, there are 4.3 billion addresses, IPv6, watch the lecture, in IPv6, I would

13:28like to say that your header information has been simplified, identification flag, fragmentation,

13:35header checksum, all these things have been removed because path fragmentation lies with

13:41the host, it is the host's responsibility to send these things, host discovers the path

13:47MQ before it sends the packet, and which fragment size to use, all these things are not put

13:54in the header, and the fields that have been added, and the name that has been kept is the

14:01version number, source address, destination address, and the new field that has been added

14:06is the flow label, flow label possibly can be used for the QoS purpose, and IPv6 in short

14:13has been simplified, now you can see in the IPv6 header there are 8 fields, IPv6 has 16

14:28hexadecimal fields, watch the CCNA lecture, this is the unicast address, multicast address,

14:33loopback address, unspecified networks go towards the default route, and this is the

14:39way to define the unicast route,

15:09Allah Hafiz

CCNA Cyber Ops SECFND 210-250 Lecture 1 (TCP-IP fundamentals)

Category

Transcript

CCNA Cyber 210-255 SECOPS

Recommended