DiscoverCyberCode AcademyCourse 10 - Network Security Fundamentals | Episode 1: Models, Security, Protocols, and IP Addressing
Course 10 - Network Security Fundamentals | Episode 1: Models, Security, Protocols, and IP Addressing

Course 10 - Network Security Fundamentals | Episode 1: Models, Security, Protocols, and IP Addressing

Update: 2025-11-22
Share

Description

In this lesson, you’ll learn about:
  • Networking communication frameworks, including the OSI and TCP/IP models
  • Identity and Access Management (IAM) and the AAA security model
  • Secure and insecure network protocols
  • IPv4 and IPv6 addressing fundamentals
I. Networking Models and Communication Frameworks OSI Model (Open Systems Interconnection) — 7 Layers A standardized reference model used globally to explain network communication. Data moves through the layers using encapsulation (adding headers/footers) and de-encapsulation (removing them). Each layer communicates only with its direct neighbors.
  • Layer 1 — Physical:
    Handles the transmission of bits over physical media (cables, radio waves).
    Devices: NICs, hubs, repeaters.
  • Layer 2 — Data Link:
    Responsible for LAN communication using MAC addresses (48-bit hex).
    Devices: Switches, bridges.
    Protocols: Ethernet, ARP (maps IP → MAC).
  • Layer 3 — Network:
    Handles routing and logical addressing.
    Protocols: IP, IPsec, ICMP.
    Devices: Routers.
  • Layer 4 — Transport:
    Handles data delivery using:
    • TCP: Reliable, connection-oriented
    • UDP: Fast, connectionless (e.g., VoIP)
      TLS/SSL also function here for secure data transfer.
  • Layers 5–7 — Session, Presentation, Application:
    • Session: Controls communication sessions (simplex, half-duplex, full-duplex).
    • Presentation: Formats data (JPEG, MP4, ASCII).
    • Application: Interfaces with the user (HTTP, FTP, email protocols).
TCP/IP Model — 4 Layers An older, more practical model used in real networks (ARPANET origin).
Layers: Application, Transport, Internet, Link. II. Security and Access Management (IAM & AAA) Identity and Access Management defines how users authenticate, what they can access, and how their actions are tracked. AAA Model
  • Authentication (A1):
    Proving identity, typically via passwords hashed with SHA or MD5 and compared to stored hashes.
  • Authorization (A2):
    Defines what actions or resources a user is allowed to access.
  • Accounting (A3):
    Logging and auditing user activity for accountability.
    Example: Windows event logs for login attempts.
Access Control Models
  • Discretionary Access Control (DAC):
    Users can manage permissions for their own resources (less strict).
  • Mandatory Access Control (MAC):
    Centralized, classification-based access rules (e.g., “Top Secret”).
III. Secure Network Protocols Older protocols often send credentials in plain text and must be avoided. Secure versions provide encryption and integrity.Insecure Protocol (Avoid)Secure Alternative (Use)ReasonHTTPHTTPS (TLS 1.2+)Plain text can be sniffed; TLS encrypts traffic. SSL is outdated.FTPSFTPSFTP uses SSH for secure file transfers.TelnetSSH v2SSH provides encrypted remote administration.POP3 / IMAPPOP3S / IMAPSSecures email retrieval.SNMP v1/v2SNMP v3Adds encryption for management traffic.

IV. IP Addressing: IPv4 and IPv6 IPv4
  • Introduced in 1983
  • Uses 32-bit dotted decimal notation (e.g., 192.168.1.1)
  • Address space nearly exhausted
Address Classes A, B, C for general use (D and E reserved). NAT (Network Address Translation) Used to conserve IPs by translating internal private IPs (RFC 1918 ranges) into a single public address:
  • 10.x.x.x
  • 172.16–31.x.x
  • 192.168.x.x
IPv6
  • Introduced in 1996
  • Uses 128-bit hexadecimal notation
  • Virtually unlimited address space → no need for NAT
Communication Modes
  • Unicast: One-to-one
  • Multicast: One-to-many
  • Anycast: One-to-nearest node among many
Adoption remains slow (~20% globally).

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
Comments 
loading
In Channel
Course 11 - Mobile Forensics Fundamentals | Episode 1: Legal Authority, Acquisition Procedures, and Examiner Responsibilities

Course 11 - Mobile Forensics Fundamentals | Episode 1: Legal Authority, Acquisition Procedures, and Examiner Responsibilities

2025-11-2912:55

Course 10 - Network Security Fundamentals | Episode 7: Implementing Defense in Depth, Data Integrity, and Zero Trust

Course 10 - Network Security Fundamentals | Episode 7: Implementing Defense in Depth, Data Integrity, and Zero Trust

2025-11-2812:10

Course 10 - Network Security Fundamentals | Episode 6: Attack Mitigation, Vulnerability Assessment, and Penetration Testing

Course 10 - Network Security Fundamentals | Episode 6: Attack Mitigation, Vulnerability Assessment, and Penetration Testing

2025-11-2712:30

Course 10 - Network Security Fundamentals | Episode 5: Protecting and Hardening Network Endpoints: Concepts, Strategies, and Management

Course 10 - Network Security Fundamentals | Episode 5: Protecting and Hardening Network Endpoints: Concepts, Strategies, and Management

2025-11-2612:35

Course 10 - Network Security Fundamentals | Episode 4: VPNs, Tunneling, and Secure Remote Access Technologies

Course 10 - Network Security Fundamentals | Episode 4: VPNs, Tunneling, and Secure Remote Access Technologies

2025-11-2509:36

Course 10 - Network Security Fundamentals | Episode 3: Firewalls and Intrusion Detection/Prevention Systems (IDS/IPS)

Course 10 - Network Security Fundamentals | Episode 3: Firewalls and Intrusion Detection/Prevention Systems (IDS/IPS)

2025-11-2411:43

Course 10 - Network Security Fundamentals | Episode 2: Securing Wireless and Mobile Networks: Standards, Threats, and Best Practices

Course 10 - Network Security Fundamentals | Episode 2: Securing Wireless and Mobile Networks: Standards, Threats, and Best Practices

2025-11-2313:04

Course 10 - Network Security Fundamentals | Episode 1: Models, Security, Protocols, and IP Addressing

Course 10 - Network Security Fundamentals | Episode 1: Models, Security, Protocols, and IP Addressing

2025-11-2210:25

Course 9 - Internet of Things Security | Episode 3: IOT Security: Challenges, Vulnerabilities, and Real-World Cyber-Physical Attacks

Course 9 - Internet of Things Security | Episode 3: IOT Security: Challenges, Vulnerabilities, and Real-World Cyber-Physical Attacks

2025-11-2110:46

Course 9 - Internet of Things Security | Episode 2: UK Legislation, Data Privacy (GDPR), and Liability for Drones and Autonomous Vehicles

Course 9 - Internet of Things Security | Episode 2: UK Legislation, Data Privacy (GDPR), and Liability for Drones and Autonomous Vehicles

2025-11-2013:35

Course 9 - Internet of Things Security | Episode 1: Introduction to the IOT: Components, Architectures, Use Cases, and Security

Course 9 - Internet of Things Security | Episode 1: Introduction to the IOT: Components, Architectures, Use Cases, and Security

2025-11-1912:13

Course 8 - Penetration Testing OSINT Gathering with Recon-ng | Episode 4: Recon-ng Results: Comprehensive Reporting Formats and Strategic

Course 8 - Penetration Testing OSINT Gathering with Recon-ng | Episode 4: Recon-ng Results: Comprehensive Reporting Formats and Strategic

2025-11-1809:04

Course 8 - Penetration Testing OSINT Gathering with Recon-ng | Episode 3: Harvesting Data, Optimizing Contacts, Geolocation

Course 8 - Penetration Testing OSINT Gathering with Recon-ng | Episode 3: Harvesting Data, Optimizing Contacts, Geolocation

2025-11-1711:49

Course 8 - Penetration Testing OSINT Gathering with Recon-ng | Episode 2: Modules, Data Flow, Naming Structure, API Keys

Course 8 - Penetration Testing OSINT Gathering with Recon-ng | Episode 2: Modules, Data Flow, Naming Structure, API Keys

2025-11-1610:40

Course 8 - Penetration Testing OSINT Gathering with Recon-ng | Episode 1: Recon-ng Installation, Shell Exploration and Data Management

Course 8 - Penetration Testing OSINT Gathering with Recon-ng | Episode 1: Recon-ng Installation, Shell Exploration and Data Management

2025-11-1509:05

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 8: Phase 8: Collaboration, Maturity Models, and Strategic Planning

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 8: Phase 8: Collaboration, Maturity Models, and Strategic Planning

2025-11-1412:40

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 7: Incident Management, Operational Defense, and Continuous Security

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 7: Incident Management, Operational Defense, and Continuous Security

2025-11-1412:14

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 6: Secure Validation: A Comprehensive Look at Security Testing Methodolog

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 6: Secure Validation: A Comprehensive Look at Security Testing Methodolog

2025-11-1411:16

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 5: Hardening, DevSecOps Integration, Container Security and WAF

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 5: Hardening, DevSecOps Integration, Container Security and WAF

2025-11-1414:53

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 4: Integrating Secure Coding, Code Review, and Application Security Testi

Course 7 - Secure SDLC (Software Development Life Cycle) | Episode 4: Integrating Secure Coding, Code Review, and Application Security Testi

2025-11-1410:48

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
1.0x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Course 10 - Network Security Fundamentals | Episode 1: Models, Security, Protocols, and IP Addressing

Course 10 - Network Security Fundamentals | Episode 1: Models, Security, Protocols, and IP Addressing

CyberCode Academy