Logical IT Networking

Task 1:

1. Understand logical networking.

1.1 Analyze the nature and features of a logical network

You know computer networks can appear intricate if

you're not well versed in how they operate. There's a
plethora of jargon and ideas floating around.. Once
you delve into it the fundamental concept is rather
simple.

In essence a logical network serves as the platform

that enables all our devices – such, as smartphones,
Figure 1: https://shorturl.at/tCSZ8
laptops, smart TVs – to communicate and access the
internet even when they are not physically close to each other. As mentioned by Intelligence Quest
(2020 August 20) in their article on Understanding Computer Networking; Physical vs Logical
Addressing networking it involves the structure encompassing network services like IP addressing,
routing protocols, network security and access control.

It's the same to a highway system where data packets travel. Each device is assigned its address
similar to a street address. Moreover there exist rules and guidelines (routing protocols) that assist
in determining the paths for data transfer between different addresses. This virtual layer stands
distinct from the cables and wires interconnecting everything. This differentiation is crucial as it
allows us to utilize technologies such, as WiFi of having cables sprawled all over our living spaces.

The clever network fools the devices into believing they are, beside each other when they are
located in separate rooms or buildings. Other technologies also build upon this concept. For
example VPNs enhance security by routing your internet traffic through servers before connecting
to the web. This safeguards your activities when using WiFi away from home. VPNs are also
utilized by businesses to enable employees to access work networks.

1
 Logical IT Networking
1.2 Explore the variances in network structures

Artificial networks have become a cornerstone of machine learning exploration due to their capacity
to comprehend data patterns. However there are differences in network designs that influence
modeling capability, computational efficiency and suitability for tasks. This paper delves into the
analysis and comparison of three used network structures; Central neural networks (CNNs)
Recurrent neural networks (RNNs) and Transformer networks. By investigating their features we
aim to offer valuable insights into the pros and cons of each approach for practitioners when
choosing a network for their specific use case.

Following their resurgence fueled by advancements in computing capabilities and extensive

datasets artificial neural networks have achieved performance surpassing human ability across
various fields, like image recognition, natural language understanding and decision making tasks.
However there have been advancements, in the fields architecture resulting in a variety of network
designs tailored to needs. In this study we delve into the analysis of three styles; CNNs, RNNs and
transformers.

CNNs

CNNs leverage spatial. Shared weights to process grid data efficiently particularly images. The
convolution operation is central to their functionality, where learnable filters extract features from
input patches. CNNs excel in tasks related to vision and language that require spatial structure
understanding but may struggle with capturing long term dependencies in data.

RNNs

RNNs incorporate feedback connections enabling them to model data with varying lengths. An
Elman RNN is a form where the hidden state feeds back into itself. However traditional RNNs face
challenges in capturing long range dependencies due to issues like the vanishing gradient problem.
Advanced versions such as LSTMs and GRUs tackle this problem through gating mechanisms.
RNNs shine in tasks involving ordered sequences like language modeling and translation.

2
 Logical IT Networking

Transformers

In contrast to models transformers forgo recurrence. Solely rely on attention mechanisms to

establish relationships between different positions within a sequence. This approach allows for
enhanced processing capabilities. Has resulted in significant advancements, in natural language
processing. Self attention enables a token to interact with all others regardless of distance allowing
for the modeling of long range dependencies. Transformers have gained adoption in language
applications due, to their real world performance.

What is the OSI network model? List the 7 layers in correct order and define the functionality
of the each layer (1.3)

Analyzing the functionality of each layer in an OSI network model is crucial for understanding how
communication systems are structured and standardized. The OSI model divides a communication
system into seven layers with roles and functions. This analysis aims to help in designing and
implementing networking systems and applications by elucidating the significance of each layer as
per the OSI model specification. Since its inception in 1984 by the International Organization for
Standardization (ISO) the OSI model has been a framework, in networking.

The network operation is structured into seven layers, including data link, network, transport,
session, presentation and application. Each layer has defined protocols that govern how they
interact and exchange data with one another. While newer networking models, like TCP/IP may not
strictly follow the OSI model its layered approach continues to be influential.

Physical Layer;

At the layer the focus is on transmitting and receiving raw bit streams through mediums like twisted
pair cables, optical fibers or wireless channels. This layer sets the standards for the electrical and
procedural aspects required to establish maintain and terminate connections. Key tasks involve bit
encoding, multiplexing and defining interface connectivity standards.

3
 Logical IT Networking
Data Link Layer;

In charge of delivering frames between nodes within a single network hop is the data link layer. It
ensures delivery through error control and flow control mechanisms. Nodes are identified using
medium access control addresses. Common protocols in use include Ethernet for area networks
(LANs) and Point to Point Protocol for area networks (WANs).

Network Layer;

Responsible for routing packets of varying lengths between hosts, on both remote networks is the
network layer.

The system utilizes addressing, such as IP addresses to route packets to their intended destinations.
Key operations include determining the path breaking down and reassembling packets and
facilitating inter networking.

Transport Layer

The transport layer offers end, to end communication services for applications by creating
connections between process endpoints. It manages segmentation/reliability, flow control and error
correction. TCP and UDP are the transport protocols with TCP ensuring connection oriented
reliability.

Defining IP Addresses and Subnet Masks Correctly

IP addresses and subnet masks are core concepts in computer networking that enable devices to be
identified and addressed on IP networks. This paper presents definitions of IP addresses and subnet
masks in accordance with Request for Comments (RFC) specifications. A solid grasp of these
concepts is vital, for implementing network segmentation routing and other IP based
communication functionalities.

In the world of networking the Internet Protocol (IP) stands as a protocol, within the Internet
protocol suite. It plays a role in providing addresses to devices and facilitating interconnection by
assigning each device an IP address. However solely relying on IP addresses is not enough for
delineating subnetworks. Subnet masks enable the partitioning of IP networks, into broadcast
domains. It is essential to apply IP addresses and subnet masks for network design and management
purposes.

4
 Logical IT Networking
IP Address

An IP address is a numerical label assigned to each device (host or network interface) participating
in an IP network. It is a 32-bit number organized as a series of four 8-bit octets written in dotted
decimal notation with values between 0-255 per octet (e.g., 192.168.1.1). IP addresses serve two
principal functions: host identification for end-to-end communication, and logical network
identification for routing purposes.

Subnet Mask

A subnet mask is a 32-bit number used to delineate the network versus host portions of an IP
address [4]. It is also expressed in dotted decimal form with ones indicating the network portion and
zeros the host portion. When logically ANDed with an IP address, the subnet mask extracts the
network identifier. For instance, a mask of 255.255.255.0 applied to 192.168.1.25 yields
192.168.1.0 – identifying the Class C network. Correctly applying subnet masks is essential for IP
address allocation and routing.

5
 Logical IT Networking

Task 2

2. Understand the components and interfaces between different logical networking attributes
2.1 Analyse the rules of network protocols and
communications

For networked devices and applications to

interconnect and exchange information seamlessly,
standards-based rules and conventions must be
followed for formatting and transmitting data across
network layers. This paper analyzes the key rules
and specifications that define proper protocol
operations and communications as laid out in official
Figure 2: https://shorturl.at/eCOS0
Request for Comments (RFC) documents.
Understanding these rules is paramount for developing interoperable systems and troubleshooting
network issues. According to EdX Lithan. (2018, July 12). Interpreting a network diagram A logical
network contains edge junctions and turn elements.Standards bodies like the Internet Engineering
Task Force (IETF) establish protocol specifications through a process of open review and consensus
building. The resulting RFCs serve as contractual obligations for protocol designers to ensure
compatibility. Non-compliance can disrupt communications or cause unintended behaviors. This
work examines the fundamental rules governing protocols in the OSI model and TCP/IP stack.

Media Access Rules

At the data link layer, media access control (MAC) protocols like Ethernet define rules for nodes to
share physical connections. Carrier sense multiple access with collision detection (CSMA/CD)
prevents transmission collisions through listening first and backing off on busy networks. Specified
frame formats and addressing provide synchronization.

Addressing and Encapsulation

Each layer adds header fields to packets as they propagate down the stack. IP rules mandate
source/destination addressing along with type of service and time to live fields. TCP/UDP port
numbers further identify applications. Proper header encapsulation and interpretation is critical for
routing.

6
 Logical IT Networking
Connection Management

Rules for establishing, maintaining, and terminating connections between endpoints are specified at
transport layers. TCP enforces three-way handshakes, acknowledgments and retransmissions to
ensure ordered, reliable data streams. UDP simply provides best-effort datagram transport.

Application Syntax
Syntax rules govern the representation and structuring of application payloads. Protocols like HTTP,
SMTP, and FTP define request/response message formats to enable request-response interactions.
Non-conforming syntax can cause misinterpretation.

Adherence to protocol standards ensures interoperability across systems. This work analyzed the
fundamental rules that networking devices must follow to successfully communicate at each OSI
layer. Understanding these rules is key to developing compliant implementations and diagnosing
protocol issues.

2.2 Analyse the differences within the physical layer.

The physical layer is the lowest layer in the OSI model, defining the mechanical and electrical
specifications for transmitting raw bits over a communication channel. However, there exist various
implementations of the physical layer across different network types. This section analyzes the key
differences in physical layer technologies, focusing on transmission medium, signaling method,
topology, and maximum transmission distances. Understanding these differences is important for
selecting the appropriate physical layer solution based on network requirements.

The physical layer transports the encoded bit stream generated at the data link layer using some
transmission medium. However, the specifications for signal generation, cable characteristics, and
topology constraints vary significantly depending on the networking environment. This work
examines physical layer implementations for copper cable, fiber optic, wireless LAN, and wide area
network technologies.

Copper Cable Technologies

Twisted-pair cabling is commonly used for local area networks (LANs). Unshielded twisted pair
(UTP) uses simple base-band signaling over copper, with categories 5e/6/7 enabling gigabit speeds
up to 100 meters. Screened STP cable provides better noise immunity for longer runs. However,
copper is susceptible to electromagnetic interference.

7
 Logical IT Networking
Fiber Optic Technologies

Fiber optic cable transmits pulses of light rather than electrical signals. It uses either multimode or
single-mode fiber, with the latter capable of transmission distances over 10 kilometers using
vertical-cavity surface-emitting lasers (VCSELs). Wavelength-division multiplexing further
increases bandwidth density in the fiber. However, fiber is more expensive and requires specialized
connectors.

Wireless LAN Technologies

Wireless LANs transmit radio frequency signals rather than using physical cables. Technologies like
802.11ac operate in the 2.4/5GHz bands using orthogonal frequency-division multiplexing (OFDM)
to achieve gigabit speeds over short ranges. Beamforming and multiple-input multiple-output
(MIMO) antennas help overcome interference and path loss limitations.

Wide Area Technologies

Metropolitan and wide area networks rely on technologies like Ethernet over fiber, DSL, cable
modem, microwave radio, and cellular (3G/4G/5G) to connect remote sites over distances of
kilometers to worldwide. Each has unique bandwidth, cost, reliability and mobility trade offs for
different deployment scenarios.

2.3 Analyze the requirements of WAN and LAN topologies and a data link protocol

Local area networks (LANs) and wide area networks (WANs) utilize different topologies to connect
devices over varying physical extents. Additionally, a data link protocol is needed to reliably
transport frames across network links. This paper analyzes and compares common LAN and WAN
topologies in terms of scalability, fault tolerance and cost. It also examines the key requirements for
an effective data link protocol. Understanding these network characteristics aids in system design
and protocol selection.

8
 Logical IT Networking
LANs interconnect devices within a localized physical region like a building, whereas WANs span
greater distances between cities or globally. Topology choices impact network performance,
management and availability. At the data link layer, protocols ensure reliable point-to-point and
point-to-multipoint frame delivery. This work examines Ethernet, token ring, hub-and-spoke and
mesh topologies as well as data link protocol necessities.

LAN Topologies

Ethernet utilizes bus, star or hybrid topologies for scalable connectivity within a campus or
building. It features self-forming plug-and-play with no single point of failure. Token ring provided
alternative ring-based connectivity, though less widely used now. Data link protocols for LANs
must support high throughput, deterministic latency and plug-and-play.

WAN Topologies

WANs commonly leverage hub-and-spoke or partial mesh designs to aggregate traffic at centralized
nodes over distances. This concentrates traffic but risks disruption if the hub fails. Mesh topologies
offer redundancy with multiple paths between nodes, improving fault tolerance at higher cost. WAN
data link protocols require efficient bandwidth utilization and reliability over unpredictable links.

Data Link Protocol Requirements

Key requirements for the data link layer include error detection/correction, flow/congestion control,
medium access control, and frame format standardization. Protocols like Ethernet, PPP and HDLC
are widely used with features like collision detection, sequencing and handshaking to reliably
transport frames across network segments.

The above section analyzed LAN and WAN topology characteristics as well as data link protocol
necessities. Understanding these network aspects aids in selecting optimal designs based on
performance, reliability, scalability and economic needs. Future work involves examining newer
converged LAN/WAN technologies.

9
 Logical IT Networking
2.4 Analyze the differences within the network layer and transport layer

The network and transport layers are two key components of the OSI reference model that facilitate
host-to-host communication in computer networks. However, there are fundamental differences in
their scope and functionality. This paper analyzes and compares the network and transport layers in
terms of addressing schemes, routing techniques, quality of service support, and end-to-end
reliability mechanisms. Understanding the distinct roles of these layers is important for effective
protocol design and application development.

The network layer handles logical addressing, inter networking, and routing of variable length data
packets, while the transport layer establishes end-to-end connections between application processes
separated across network boundaries. Though closely related, their responsibilities are logically
separate per OSI principles. This work examines how they differ in key operational aspects.

Addressing Schemes

The network layer uses logical IP addresses to identify source and destination hosts independently
of their physical location. In contrast, transport addresses such as TCP/UDP port numbers further
de-multiplex incoming packets to specific applications. This separation of addressing domains
allows flexibility.

Routing Techniques

Network layer protocols like IP use algorithms and routing tables to determine optimal paths
through interconnecting networks. Transport protocols do not participate directly in routing
decisions. They rely on the underlying network for delivery.

Quality of Service

The network layer supports differentiated services and traffic prioritization through mechanisms
like IP precedence, type of service, and differentiated services code points. Transport is unaware of
the network path qualities.

10
 Logical IT Networking
Reliability
Network packets may be lost, duplicated or delivered out of order. Transport protocols compensate
by establishing end-to-end reliability and ensuring proper sequencing and error checking not
provided at network layer.

2.5 Establish network design considerations.

Effective network design requires considering various technical, operational and business factors to
develop a solution that meets organizational needs. This paper analyzes important network design
considerations, including topology selection, capacity planning, performance bench marking,
scalability, availability, manageability, and total cost of ownership. A systematic evaluation of these
factors enables architects to craft networks that satisfy current demands while positioning for future
growth. Designing networks is a multifaceted process that balances technical requirements with
operational and financial constraints. The International Organization for Standardization (ISO)
defines network design as "the activity of defining or selecting technologies, topologies,
components and protocols to implement enterprise or service provider networking solutions. This
work examines core aspects to address during planning.

Topology Selection

Topology choices such as bus, ring, star or mesh impact scalability, resiliency, manageability and
cost. Performance benchmarks for different topologies aid selection. Designs must consider
expansion needs.

Capacity Planning

Forecasting bandwidth utilization over the life cycle avoids over- or under-provisioning. Factors
include concurrent users, applications, throughput thresholds and headroom for growth.
Virtualization assists dynamic scaling.

Performance Benchmarks

Testing establishes throughput, latency and availability baselines. Benchmarks validate topology
suitability and capacity plans against service level objectives. They identify bottlenecks to optimize.

11
 Logical IT Networking
Scalability & Modularity

Modular, hierarchical designs accommodate unpredictable growth through incremental expansion.

Scalability avoids costly rip-and-replace upgrades by future-proofing from inception.

Availability & Resiliency

Designs ensure continuity through redundancy, fail-over and disaster recovery. Downtime costs
justify high availability architectures.

Manageability
Centralized management, standardized configurations, documentation and troubleshooting simplify
operations. Automation lowers costs and speeds changes.

Total Cost of Ownership

Life cycle expenses for acquisition, implementation, support and retirement determine affordability.
Optimization balances quality and affordability.

3.Understand the security requirements of a logical network.

3.1 Analyse the security requirements of a network

Securing networks from Cyber threats is a

critical yet challenging task. A comprehensive
security program requires addressing
vulnerabilities across people, processes, and
technologies. This paper analyzes key
requirements for establishing a robust network
security posture, including authentication,
authorization, confidentiality, integrity,
availability, activity monitoring, security
policies, vulnerability management, and
security awareness training. Adhering to these
requirements helps safeguard systems and data
from unauthorized access and manipulation. According to Anand Seetharam. (2019, January 15).
Network Security Basics It includes both hardware and software technologies.

12
 Logical IT Networking
Network security aims to prevent and detect unauthorized access, modification, misuse, destruction,
or interference of computing and networking resources. The Central Intelligence Agency (CIA)
triad of confidentiality, integrity, and availability forms the basis of any security strategy. However,
a holistic approach spanning technical, operational, and human factors is needed.

Authentication
Verifying the identity of users, devices, and services is fundamental, requiring strong authentication
mechanisms such as passwords, certificates, and multi-factor authentication.

Authorization
Granting access to only authorized resources based on validated credentials prevents privilege
escalation attacks. Least privilege and separation of duties models are effective.

Confidentiality
Protecting sensitive data from unauthorized disclosure involves encryption of communications and
storage using robust algorithms.

Integrity
Ensuring data and systems remain unaltered through detection and prevention of unauthorized
modifications.

Availability
Denial-of-service attacks aim to disrupt services. Redundancy, fail-over, and incident response
capabilities uphold continuous access.

Activity Monitoring

Logging, alerting, and auditing of user and system behavior enable forensic investigation and
detection of anomalous activities.

Policies
Security policies and standards provide governance through clear communication of requirements
and responsibilities.

Vulnerability Management

Proactive identification and patching of software and system weaknesses reduces exposure to
exploits.

13
 Logical IT Networking
Awareness Training

Educating users cultivates a security-conscious culture resistant to social engineering attacks.

3.2 Identify the threats to a network.

Network security aims to prevent unauthorized access, use, modification, or denial of network
resources. However, a wide array of threats exist that can compromise systems and data. This paper
identifies and analyzes common network security threats according to the MITRE Adversarial
Tactics, Techniques, and Common Knowledge (ATT&CK) framework. Understanding threat
vectors is crucial for developing comprehensive defenses, monitoring strategies, and incident
response plans.

As digital connectivity increases, so do malicious attempts to infiltrate systems for financial or

political gain. Threat agents include individual hackers, organized crime syndicates, and state-
sponsored groups. The ATT&CK knowledge base categorizes threats into delivery, execution,
persistence, privilege escalation, defense evasion, credential access, discovery, lateral movement,
collection, and exfiltration. This work examines examples within each category.

Delivery Vectors

Malicious files and links delivered via email attachments, websites, or removable media introduce
threats. Social engineering tricks users into clicking these unknowingly.

Execution
Once delivered, threats execute payloads like malware down loaders, droppers and living off the
land binaries to establish footholds.

Persistence
Backdoors, bootkit rootkits, services/scheduled tasks ensure access post-compromise through auto-
start techniques.

Privilege Escalation

Vulnerability exploits and misconfigurations elevate normal user rights for broader access.

14
 Logical IT Networking
Defense Evasion

Anti-virus bypass, hidden files, and encrypted network traffic help threats evade detection.

Credential Access
Key logging, password dumping, password spraying rapidly tests credentials for valid accounts.

Discovery
Port scanning, leveraging open shares/services, and credential cracking map internal resources.

Lateral Movement
Remote Desktop Protocol, Pass-the-Hash, and native operating system tools spread laterally.

Collection
Data like credentials, emails, and documents containing PII/IP are harvested.

Exfiltration
Ex filtrated data is transferred outside the network via email, file sharing or encrypted channels.

3.3 Develop security protocols for a logical network that respond to the threats identified

• Implement multi-factor authentication for all network access to strengthen credential

security against theft. Leverage standards like FIDO2 to improve usability.

• Segregate networks into security zones and apply least privilege access controls between
them. Limit lateral movement potential through micro-segmentation.

• Harden all systems by changing default credentials, applying patches/updates promptly, and
disabling unnecessary services/ports. Conduct configuration audits regularly.

• Deploy endpoint detection and response solutions to monitor for suspicious behaviors tied to
the identified threat categories. Behavioral analytics aids early detection.

• Use network access control with posture checking to block unpatched or non-compliant
devices. Integrate with existing directory services.

• Enable firewalls, intrusion prevention, and web filtering at network perimeters. Continuous
monitoring and dynamic blacklisting updates block known C2 domains.

15
 Logical IT Networking
• Encrypt network traffic both within the organization and for remote access using TLS 1.3
and strong ciphers. Perfect forward secrecy prevents past capture replay.

• Back up critical data daily to an air-gapped system with immutable write-once-read-many

storage. Test regular restores from backups.

• Implement a deception strategy using honeypots/honey nets and decoy documents/shares.

Behavioral monitoring detects unauthorized access.

• Conduct regular vulnerability assessments, penetration tests and red teaming. Prioritize
remediating vulnerabilities attackers are likely to exploit based on known tactics.

• Implement security awareness training and phishing simulations. Train users to identify
social engineering attempts early.

16
 Logical IT Networking
Image source:

https://shorturl.at/tCSZ8
https://shorturl.at/eCOS0
https://shorturl.at/ouyRX

References:
EdX Lithan. (2018, July 12). Interpreting a network diagram [Video]. YouTube.
https://www.youtube.com/watch?v=16WSYHcLVGE
Intelligence Quest. (2020, August 20). Understanding Computer Networking: Physical vs Logical
Addressing Part 1 [Video]. YouTube. https://www.youtube.com/watch?v=AZLtOQ-NQJM
Anand Seetharam. (2019, January 15). Network Security Basics [Video]. YouTube.
https://www.youtube.com/watch?v=RkPs8Jl9TKk

17
Logical IT Networking

18
Logical IT Networking

19
Logical IT Networking

20
Logical IT Networking

21