TCP/IP Model and Common Ports
Review the OSI and TCP/IP models, well-known port numbers, and how understanding normal traffic helps you spot anomalies.
The OSI Model: Seven Layers
The OSI (Open Systems Interconnection) model divides network communication into seven layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application. Each layer serves a distinct purpose and communicates only with the layers directly above and below it. Security controls can be applied at any layer, so understanding the model helps you identify where a given attack or defense operates. The mnemonic Please Do Not Throw Sausage Pizza Away helps you recall the layers from bottom to top.
TCP/IP Model vs OSI Model
The TCP/IP model (also called the DoD model) condenses the OSI layers into four: Network Access (OSI layers 1-2), Internet (OSI layer 3), Transport (OSI layer 4), and Application (OSI layers 5-7). Most real-world networking and security analysis uses TCP/IP terminology. Understanding the mapping between both models is essential for Security+ because exam questions may reference either one when describing where an attack or control operates.
# OSI to TCP/IP layer mapping:
# Application (OSI 5,6,7) -> Application (TCP/IP)
# Transport (OSI 4) -> Transport (TCP/IP)
# Network (OSI 3) -> Internet (TCP/IP)
# Data Link, Physical (OSI 1,2) -> Network Access (TCP/IP)All lessons in this course
- TCP/IP Model and Common Ports
- Firewalls: Packet Filtering vs Next-Gen
- Network Segmentation and VLANs
- Common Network Attacks: DoS, Spoofing, and MITM