In subsequent chapters of this study guide, we will take a look at different security topologies or ways that networks can be set up with security in mind. Before we can do this, however, we must have a clear understanding of different networking devices and concepts. We will now very briefly describe different key networking components to help you understand how they are related to information security and the exam.
An IP address is a unique numeric identifier of a host machine within the scope of a TCP/IP network. Public IP addresses are unique and individual to each host in the world, while private IP addresses are often duplicated among different private networks. You can think of a public IP address as a sort of telephone number and the private IP address as a sort of extension system that operates “in-house.” All IP addresses are formed as four octets separated by a dot: for example, 192.168.1.1 is a commonly-used private IP address.
NAT, or Network Address Translation, is a service in which a gateway can allow multiple private hosts to operate under the guise of a single public IP address. One of the implications of NAT is that hosts “behind” the NAT are effectively “hidden” from the rest of the Internet, with the NAT acting as a sort of packet filtering firewall.
A router can forward packets of information based on the IP address of the header of the packet. Think of the header of the packet as a sort of shipping label for the packet in which the contents (the package) are contained. A router can quickly examine the shipping label and send it off to the appropriate destination.
A gateway serves as a sort of middle-man between two networks, usually the Internet and a private network. Many routers also serve as gateways, and many gateways have NAT functionality built into them.
The term “media” in networking refers to the physical medium of communication that the network utilizes. In many Ethernet networks CAT-5 cabling is employed. In high-speed applications, fiber optic media is used.
Applications and Ports
Applications, in the networking sense, refer to specific Application-layer services that hosts provide over specific ports, or gateways into the system. For example, a web server is an application server that provides web pages over the port TCP 80. OtherApplication servers include FTP, Telnet, SSH, and Media servers.
A firewall is a device that can selectively filter communications between two hosts. Although we have an entire article dedicated to firewalls, it never hurts to reinforce the concept of what a firewall is for your own extended understanding.
Hosts are connected to each other via a switch or a hub. The difference between a switch and a hub is that a hub forwards all packets to all connected hosts whereas a switch forwards packets only to selected recipients, increasing information confidentiality.
A DMZ host is basically a “catch-all” host for requests on non-configured ports. Through a DMZ host, undesirable network traffic can be sent to single safe host rather than any host that would be in danger from malicious traffic.
**Source by wikipedia**
To Become Certified For CompTIA Security+ Please Visit This Link ;