19003 Integrated Project - 2010 Revision
Transcript of 19003 Integrated Project - 2010 Revision
-
8/9/2019 19003 Integrated Project - 2010 Revision
1/23
19003 Certificate III in IT, NetworkAdministration
Semester 1, 2010
This project covers Modules:
ICAI3020A Install and Optimise Operating System Software
ICAI3101A Install and Manage Network Protocols
ICAS3024A Provide Basic System Administration
ICAS3032A Provide Network System Administration
ICAS3034A Determine and Action Network Problem
ICAS3120A Configure and Administer a Network OS
-
8/9/2019 19003 Integrated Project - 2010 Revision
2/23
You work for an IT consultancy firm DubboIT.com. You have been engaged toinstall and configure a network system for ABC Agricultural Products. There iscurrently no networking infrastructure in place.
This project has two parts:
1. Background theory complete the questions2. Practical project.
As you work through the practical project, you need to keep track of allnetwork related issues in a helpdesk database. This could be created usingAccess, Excel or a simple word processing document. Details to record wouldinclude date & time, what computer experienced the problem, the problem
itself and what you did to rectify. Details of any diagnostic tests undertakenshould also be recorded (e.g. IPCONFIG, TRACERT, PING).
The database needs to be handed in with your completed portfolio.
Project Submission
Project documentation cover page is to contain DubboIT.com logo and titledProject Documentation for ABC Agricultural Products.
Completed project is to be submitted in .PDF or .DOC format, via email toyour facilitator: [email protected]
Do not submit documentation in .DOCX or .ODT format.
Files may be archived using ZIP format, please do NOT use RAR. All pagesmust be numbered.
Copyright 2005-9 Dubbo TAFE, IT Section Page 1E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:42 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
3/23
Network Protocols.
1) Investigate the following protocols. Describe what they are used for
PROTOCOL PORTNUMBER(s)
DESCRIPTION
FTP
TFTP
TELNET
DNS
Reverse-DNS
DHCP
DHCP IPv6
SMTP
SNMP
NNTP
POP3
IMAP
FINGER
2) What is meant by a well-defined port?
3) Define the following terms in your OWN words:
Scope (DHCP)
C-Name (DNS)
Copyright 2005-9 Dubbo TAFE, IT Section Page 2E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:42 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
4/23
Alias (DNS)
A record (DNS)
AAAA record(DNS)
Router
Gateway
Hub
Switch
Socket
TCP/IP
Netbios
Appletalk
NAT
ICS
Copyright 2005-9 Dubbo TAFE, IT Section Page 3E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:42 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
5/23
4) What is the OSI Reference model?
5) What are the 7 layers of the OSI RM, and name 3 protocols at each level?
7
6
5
4
3
2
1
Copyright 2005-9 Dubbo TAFE, IT Section Page 4E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:42 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
6/23
6) At what layer would the following be, and why?:
Switch
Hub
router
7) What is the advantage of the OSI RM?
8) What is the DOD model? How many layers does it have, and what arethey?
9) In IPv4, TCP/IP has classes. Complete the following table:
Class Address Start Address Finish Used for
A 0.0.0.0 126.255.255.255 Public internet
B 128.0.0.0 191.255.255.255 Public internet
C 192.0.0.0 223.255.255.255 Public internet
D 224.0.0.0 239.255.255.255 Multicasting
E 240.0.0.0 255.255.255.255 Reserved
Copyright 2005-9 Dubbo TAFE, IT Section Page 5E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:42 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
7/23
10) Each IPv4 class has a private range as well.
Class Address Start Address Finish # Available IPs
A 10.0.0.0 10.255.255.255
LOOPBACK 127.0.0.0 127.255.255.255
B 172.16.0.0 172.31.0.0
C 192.168.0.0 192.168.255.255
D 224.0.0.0 224.?????
11)What is the difference between a public and a private IP address range?
12)Give two advantages of IPv6 over IPv4
13)How many bits in an IPv4 address?
14)How many bits in an IPv6 address?
Copyright 2005-9 Dubbo TAFE, IT Section Page 6E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
8/23
15)What are the two special addresses in IPv6?
16) What does the %13 indicate in the following IPv6 address?fe80::3005:2467:88f3:872e%13
17)Define the following IPv6 address types:
Identified By Description
Link Local Unicast
Site-local unicast
Unique-local unicast
Global unicast
Multicast
Anycast
18) Complete the table, identify what each component is, and the number ofbits of each component:
Typical IPv6 Address
fe80:0000:0000: 0000: 8d85:c351:f336:ab8a
bits bits bits
Answers to the following two questions can be found at:
Security Information for IPv6http://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=true
IPv6 address autoconfigurationhttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=true
Copyright 2005-9 Dubbo TAFE, IT Section Page 7E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
http://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=true -
8/9/2019 19003 Integrated Project - 2010 Revision
9/23
19)What is auto-configuration in IPv6 and what possible security issue doesthis present?
20)What is the difference between IPv6 Stateful and IPv6 Stateless auto-configuration?
21)What is DNS forwarding?
Copyright 2005-9 Dubbo TAFE, IT Section Page 8E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
10/23
22)What is the difference between a primary and a secondary DNS server?
23)What is the weakness of the primary/secondary DNS model and how is theAD Integrated model a possibly better solution?
24)What commands do the following:a. Renew a IPv4 DHCP address?
b. Display your MAC address?
c. Flush the DNS cache?
d. Release a IPv4 DHCP address?
25)What is the purpose of an operating system?
Copyright 2005-9 Dubbo TAFE, IT Section Page 9E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
11/23
26)Define the following terms:real-time systembatch systemmulti-tasking
27) Once you have installed a computer system for a client, what should youdo (and how often) to ensure the system meets their requirements?
Copyright 2005-9 Dubbo TAFE, IT Section Page 10E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
12/23
Copyright 2005-9 Dubbo TAFE, IT Section Page 11E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
13/23
Practical Project
Task DateCompleted
DateAssessed
1. Create a network plan (assuming the localroom) of how you will set up the network forthe above organization. Attach supportingdocumentation which shows which protocolsyou will be using and why. If your protocolinvolves address ranges, you need tochoose an address range and justify yourchoice.
2. Obtain specifications for the version ofWindows Server you are using and ensurethe computer you intend to install Server onmeets those requirements. Attach a copy ofthe specifications to your portfolio.
3. Investigate licensing methods of Windows. Ifeach person were to have a computerrunning XP Professional, how many CALswould be required to make the computer set-up legal? Your portfolio needs to include abrief summary of the different licensingmethods of Windows (per server or peruser).
4. Install Windows 2003 Server.
Partition instructions:* Allow room for bitlocker (1.5 gig)* You need 3 partitions of approximate equalsize for your data.
Whilst Windows is installing, locate 3different sites on the Internet which detailvulnerabilities in Windows and/or Linux, andsummarise in your words how these
vulnerabilities work.5. [Optional] Install Windows recovery console.
What command is used to do this?
6. Install Active Directory. Your domain name isto be based on your name (e.g. renee.local).
Create an OU called computers, with 2 childOUs, Desktop PCs and Laptops.
Create an OU for company employees.
Copyright 2005-9 Dubbo TAFE, IT Section Page 12E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
14/23
Task DateCompleted
DateAssessed
7. Install loopback adaptor. Configure yournetworks as follows:
Internal:192.168.10.200+your computer number
External:192.168.100+your computer number.0
8. Install Virtual PC on your server, and installWindows XP as a virtual machine. ConfigureVPC to use lookback adaptor.
9. Configure DHCP. Ensure XP gets validaddresses and has proper functionality.
10. [optional] Configure DNS protocol for yourdomain for www and for www2. Setup 2 IISwebsites to use these domains.
11. Join XP to the domain. Move the computeraccount to the correct place in AD.
12. Install administration tools and GPMC onyour XP workstation. Create a console andsave to desktop.
13. Create a group policy and use GPMC toimport WSUS settings from our domain
controller (wilab1-dc).
What do you type to force windows toupdate immediately?
14. Create home data folders for users on the D:drive. Each division of the business requiresa folder for their division. Securitypermissions MUST be configured so thatautomatic folder creation with the correctpermissions occurs when adding users.
15. Create an account creation form on which
requests for user accounts are recorded.The appropriate manager of each divisionmust sign off each form. You need to recordthe type of access granted (which groups,which OUs, etc). For audit purposes it isrequired that you record the date on whichthe account was actually created and bywhom. It is beneficial that you record theinitial password, generated by yourself, onthis form as well.
16. Create appropriate security groups
Copyright 2005-9 Dubbo TAFE, IT Section Page 13E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
15/23
Task DateCompleted
DateAssessed
17. Requests have come in for the followingusers:payroll jim, james
accounting monte, karenresearch jack, renee, jennymanufacturing ron, dave, stephen, amySales Kerrie, lizWeb Design Troy, JamesB
Fill in the appropriate formsCreate accounts (create template usersfirst) and place in appropriate groups.
Completed copies of ALL user account
creation forms need to be submitted in yourportfolio (scanned images).
18. Check home folders on the D: drive toensure each user can only access his/herown folder.
19. Ensure each group can only access theirown folders
20. Document file system structure andpermissions for your system (e.g. where isIIS located? Where is SYSVOL located?
Where are the active directory databasefiles? Where are user home and groupfolders?)
21. Configure Windows auditing for the grouphome folders. Access can be verified byreviewing log files.
22. Create a software registry, auditing astandard classroom computer hard disk. Youregistry needs to be thorough, and includedetails of license number and location. If anyillegal software is found, it needs to be
reported to your supervisor.23. Download and configure a software audit
program (e.g AuditWizard, EzAudit). Theprogram needs to be configured to run in anetwork login script. Both your server and atleast 1 workstation attached to your networkneed to be audited.
Your portfolio needs to include:
details on how you created the loginscript
A brief description of what the program
Copyright 2005-9 Dubbo TAFE, IT Section Page 14E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
16/23
Task DateCompleted
DateAssessed
does and how it works (in your ownwords)
A screen shot of AuditWizard showing
several computers having been audited
Once completed, update Q20 (document thefile systems) to accommodate fileconfiguration for AuditWizard.
24. If the organization has any existing policiesor procedures for computer usage, theseneed to be examined. If not, createappropriate policies and/or procedures for:
Virus Management
Backup and Restore
Desktop lockdown (e.g. company logo
on background, screensaver, mp3/wmaCD ripping, etc)
Password security
User management, detailing what to do
when a user leaves a company. Is theaccount disabled or deleted? Whatproblems might exist if EFS is being
used? Network use policy e.g. downloading
from the Internet, taking floppy diskshome, installing software, viewingusers emails.
Copies of above policies &/or proceduresneed to be included in your portfolio. If nopolicies exist, write some.
Where possible, use operating systemtools to enforce the above policies.
25. Create a log-on banner which advises usersthat use of the system is subject to thecomputer usage policy.
26. Identify and implement methods of enforcingdesktop settings (company logo on desktop).
27. Run a password audit tool (e.g. LCP504en,LC5, ophcrack, Pro-active PasswordAuditor) to check password strengths. Your
portfolio should include screen shots of this.
Copyright 2005-9 Dubbo TAFE, IT Section Page 15E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
17/23
Task DateCompleted
DateAssessed
28. Create a backup schedule for your network.Also provide details of media rotationschemes.
29. Create a backup log register, which detailswhen back-ups were done, what was backedup, who did the backup and the ID of thetape or disk or DVD containing the backup.
30. Create a restore log register. This detailswhen a restore is made, who requested it,why it was necessary, what was needed tobe restore and who restored it.
31. Use MS-BACKUP to create a system statebackup. Create a complete system back-up.(Use MS BACKUP, Acronis true-image, orGhost to backup the C: drive to the E:).
For a more challenging experience, useDriveImage XML and create a Bart PE bootdisk for recovery purposes.
Once you have worked out the procedure,document it, including screen shots.
Ensure you know the difference between the
following backup types: Differential
Complete
Incremental
32. Call your facilitator now to corrupt your C:drive, thereby necessitating a systemrestore. Once you have perfected theprocedure, document it using step-by-stepinstructions and screen shots if necessary.
33. Infect your computer with viruses. (askteacher for disk). Research each virus,
providing BRIEF details, in your OWNwords, on what it damages, how it spreadsand how to control it. Include references toany websites used.
34. Follow removal instructions to clean yoursystem.
35. Install Norton Anti-Virus corporate edition onyour computer. Configure it to deploysoftware and updates to workstations on thenetwork.
36. Prepare a disaster recovery plan for yournetwork. You dont need to go into a lot of
Copyright 2005-9 Dubbo TAFE, IT Section Page 16E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
http://www.runtime.org/dixml.htmhttp://www.runtime.org/dixml.htm -
8/9/2019 19003 Integrated Project - 2010 Revision
18/23
-
8/9/2019 19003 Integrated Project - 2010 Revision
19/23
Task DateCompleted
DateAssessed
system. A balanced conclusion is expected.
Copyright 2005-9 Dubbo TAFE, IT Section Page 18E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
20/23
Linux Presentation Choices:
Users and Groups (how to add, how they differ from windows, thepasswd file)
Samba (What is it, history, configuration and usage)
Integrating Linux and Windows
WINE and Virtualisation EXT2/EXT3/Reiser FS/NFS
Updating your Linux
What is Linux?
Microsoft Windows Services for UNIX, Interix (SUA), Cygwin(What are they, how to install and usage)
SELinux, Linux Firewall and IPTables
Telnet, SSH, and Tunelling X through SSH
The portfolio to be handed in needs to include:
Assessment cover sheet
Network map
Server portfolio:* hardware configuration* software configuration* any settings in Group Policy required to enforce corporate policy(RSOP and/or GPMC will be useful for this).
Completed and signed off account creation forms
Network timing baselines
Disaster Recovery Plan
Helpdesk database printout listed all network problems encountered
Backup schedule and logs
Restore schedule and logs
Screenshots of password audit tool
Computer virus research
Details of Windows licensing (per server/per seat)
Windows system requirements for the version of Server you haveinstalled.
Comparison of Windows Vs. Linux
Copyright 2005-9 Dubbo TAFE, IT Section Page 19E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
21/23
Marking Grid Name: _____________
1 Network Map
2 Slipstream Windows
3 Install Server, AD, Service Packs.
Locate 3 security sites
Install recovery console
4 Create folders to be shared for eachgroup
5 Create security groups
6 Group folder permissions
7 Account Creation Form
8 and 9 Create user accounts
Use template account for copying.
User folders created using permissionsas recommended by Microsoft
10 Audit access to folders
11 CALs
12 Software Registry
13 Audit Wizard installed.
Network logon script created and testedfunctional.
Workstations showable in AuditWizard.
14 Policies/Procedures
15 Creation of log-on banner
16 Enforce desktop settings
17 Password audit tool
18 Backup register
Copyright 2005-9 Dubbo TAFE, IT Section Page 20E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:43 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
22/23
19 Restore log register
20 Complete system backup
21 Complete system restore
22 Infect with virus
23 Virus removal
24 Install NAV corporate
25 Disaster recovery plan
26 Automatic enforcement of policies
27 Benchmarking Windows
28 Install and configure Linux
Create 5 Users
29 Install Windows based X-Server/Tunnelinto Linux
30 Compare Linux Vs. Windows
Install Software to Network Computers
1 Identify and obtain required software
2 Obtain hardware requirements for software
3 Create MSI for office
Office is slipstreamed
4 Download/Configure firefox as MSI
5 Install Dreamweaver
6 Project/Visio installation
7 RIS/MSI comparison pros and cons
8 One on One instruction
Copyright 2005-9 Dubbo TAFE, IT Section Page 21E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:42 a3/p3
-
8/9/2019 19003 Integrated Project - 2010 Revision
23/23
Copyright 2005-9 Dubbo TAFE, IT Section Page 22