Network Technology Associate v2 - tombrett.ietombrett.ie/courses/CIW/Network Technology...

1

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved

Network Technology Associate v2.0


Lesson 1:Introduction to Networking


Lesson 1 Objectives

• Define telephony and convergence networking• Identify network topologies• Describe the OSI/RM and the packet-creation process• Define the nature and purpose of TCP/IP• Define LANs and WANs• Describe server-based and peer-to-peer networks• Describe a Network Operations Center (NOC)• Describe peer-to-peer and server-based networks• Distinguish between distributed architectures and

database models

2


Telephony and Convergence Networking

• PSTN – still an integral part of the Internet infrastructure because it furnishes most of the long-distance connections

• Voice over IP (VoIP) – voice transmissions are delivered in digital form as packets of data using an Internet connection and hardware or software installed on personal computers

• Unified communications enable voice to be converted into text, and vice versa– Unified communication seeks to eliminate the

latency to make communication more efficient• Presencing – the ability for devices to

automatically track and report your location and availability


Mainframes

• Mainframe (centralized) computing provided the first practical network solution

– Retrieving information from mainframes

– Mainframe liabilities

– The future of mainframes

– Mainframes and cloud computing / Software as a Service (SaaS)


Mainframe Networking Model

3


Client/Server Model

• Client/server model (distributed computing) divides processing tasks between the client and the server


Client/Server Model (cont'd)

• Client/server model databases and SQL

• Client/server advantages

• Two-tier, three-tier and n-tier computing


Network Operations Center (NOC)

• A specific location from which a network is managed, monitored and maintained

• Central point for network maintenance and troubleshooting

• Generally includes multiple, redundant network connections and redundant power supplies

• Many have dedicated phone lines from a separate provider and mobile phones to ensure communication in an emergency

4


Networking Categories

• Peer-to-peer

– Microsoft peer-to-peer

– P2P

– Centralized or decentralized

• Server-based

– UNIX/Linux

– Microsoft Windows Server


Network Topologies

• Bus

• Star

• Ring

• Hybrid

• Mesh


Network Operating Systems

• Operating systems that manage network resources

• Interoperability

• Microsoft Windows

• UNIX/Linux

5


OSI Reference Model

• Defined by the International Organization for Standardization (ISO) in 1983

• Gives developers universal concepts so they can develop and perfect protocols that can work with operating system and network products developed by other vendors

• Explains the framework used to connect heterogeneous systems

• Describes the process of packet creation (how the layers communicate)


OSI Model Layers


Packets

• Packets consist of:

– Header (OSI/RM layer information)

– Actual data

– Trailer (information that validates the packet)

• CRCTrailer

Data

Header

6


Packet Creation (Adding Headers)


OSI/RM Protocol Examples

• Application layer

– SMTP, DNS, FTP, HTTP, SMB, NFS

• Transport layer

– TCP

• Network layer

– IP

• Data link layer

– Ethernet, Token Ring


MajorNetworking Protocols

• Connection-oriented (stateful)

• Connectionless (stateless)

• Routable

• Non-routable

7


Transmission Control Protocol / Internet Protocol (TCP / IP)

• Transmission Control Protocol / Internet Protocol

• A collection of protocols

– TCP

– IP

– User Datagram Protocol (UDP)

• An open standard


Binding Protocols

• Binding protocols

– You must attach, or bind, protocols to your NIC

• Protocols and binding order


Local AreaNetworks (LANs)

• A group of computers connected within a confined geographic area

• Commonly used for intra-office communication

8


Wide AreaNetworks (WANs)

• A group of computers connected over an expansive geographic area


Internet Exchange Point (IXP)

• Internet backbones

• Segments


Lesson 1 Summary

Define telephony and convergence networking Identify network topologies Describe the OSI/RM and the packet-creation process Define the nature and purpose of TCP/IP Define LANs and WANs Describe server-based and peer-to-peer networks Describe a Network Operations Center (NOC) Describe peer-to-peer and server-based networks Distinguish between distributed architectures and

database models

9


Lesson 2:Networking Components

and Standards


Lesson 2 Objectives

• Identify common network components

• Identify transmission media and types

• Define wireless network technologies

• Describe IEEE LAN standards

• Describe T and E carriers

• Identify the requirements and benefits of virtualization


CommonNetwork Components

• Network Interface Cards (NICs)

• Hubs

• Bridges

• Routers

• Switches

• Channel Service Unit / Data Service Unit (CSU/DSU)

• Modems

• Firewalls

10


TransmissionMedia

• Twisted-pair cable

• Coaxial cable

• Fiber-optic cable

• Wireless technologies


Wireless Network Technologies

• Wireless communications use spread spectrum technologies

– OFDM

– DSSS

– MIMO

• Wireless networking modes

– Ad-hoc

– Infrastructure

• Wireless access point (AP)

• Wireless AP security features

– Wired Equivalent Privacy (WEP)

– Wi-Fi Protected Access 2 (WPA2)

– MAC address filtering


Wireless Network Technologies (cont'd)

• Wireless management software

• Suitability of a wireless LAN

11


Transmission Types

• Synchronous transmission

• Asynchronous transmission

• Data transmission flow

– Simplex

– Half duplex

– Full duplex


IEEE LAN Standards

• IEEE 802.2

• Ethernet/IEEE 802.3

• IEEE 802.3u — Fast Ethernet

• IEEE 802.3z and 802.3ab — Gigabit Ethernet

• IEEE 802.3ae — 10-Gigabit Ethernet

• IEEE 802.5 — Token Ring

• IEEE 802.11 — Wireless Ethernet


T-Carrier System

T-Carrier

Data Transfer Rate

T1 1.544 MbpsT2 6.312 MbpsT3 44.736 MbpsT4 274.176 MbpsT5 400.352 Mbps

12


E-Carrier System

E-Carrier Data Transfer RateE1 2.048 MbpsE2 8.448 MbpsE3 34.368 MbpsE4 139.264 MbpsE5 565.148 Mbps


Virtualization

• Virtualization allows you to run multiple virtual operating systems and applications on a single physical computer

– VMware

– Parallels

– VirtualBox

• Requirements for virtualization

• Benefits of virtualization


Lesson 2 Summary

Identify common network components

Identify transmission media and types

Define wireless network technologies

Describe IEEE LAN standards

Describe T and E carriers

Identify the requirements and benefits of virtualization

13


Lesson 3:Connecting to the Internet


Lesson 3 Objectives

• Identify mobile devices and operating systems

• Define the nature and purpose of TCP/IP

• Explain the routing process

• Discuss routing protocols

• Describe port numbers and their functions

• Compare and contrast IPv4 and IPv6

• Explain IP addressing, subnet masks, subnet prefix length, and the use of public and private IP addresses

• Define the TCP/IP properties needed to configure a typical workstation

• Describe various diagnostic tools for troubleshooting TCP/IP networks


Mobile Computing

• Using technology while “on the go”

– Smartphones

– Tablets

– Netbooks

– Portable media players

14


Mobile Devices and Cloud Computing

• Mobile devices are the perfect clients for cloud computing

• Mobile devices, peripherals and memory

• Mobile device advantages


Configuring a Wireless Network

1. Plug in the wireless AP

2. Configure the wireless AP's SSID, encryption level and shared key

3. Insert the wireless NIC into the computer

4. Choose a networking protocol and configure the protocol for each client

5. Configure each computer's wireless NIC to use the wireless AP

6. Troubleshoot the connection

7. Configure additional security features

8. Plug the wireless AP into a wired network (optional)


Fourth-Generation (4G) Wireless

• Dedicated to mobile devices

– 4G mobile hotspot

– Bluetooth

15


TCP/IP

• All devices that connect to the Internet use TCP/IP

– Allows computers to communicate

– Internet addresses


Internet Architecture

Application Layer

Transport Layer

Internet Layer

Network Access Layer


Internet Protocols

• Network access layer

• Internet layer

• Transport layer

• Application layer

16


Demultiplexing

ETHERNET

RARP

IP

ARP

IGMP

TCP

ICMP

Telnet FTP

UDP

TFTP SNMP


Introduction to Routing

• Direct routing

• Indirect routing

• Routing process

• Routing information tables

• Static vs. dynamic routing


Routing Protocols

• Interior vs. exterior protocols

• Routing Information Protocol (RIP) and RIPv2

• Open Shortest Path First (OSPF)

17


Port Numbers

• 16-bit integer value that identifies a communication channel to a specific user process

– FTP = Port 21

– HTTP = Port 80

– DNS = Port 53

– SMTP = Port 25


Internet Protocol Version 4 (IPv4)

• Was the primary Internet address system until advent of IPv6

• IPv4 addresses are now depleted

• Subnet mask

– Distinguishes the network and host portions of an IPv4 address

– Specifies whether a destination address is local or remote



field1.field2.field3.field4

Each field represents one byte of data

18



• Shortcomings of IPv4– Limited address space– Lack of security– Speed problems– Configuration problems

• Strengths of IPv6– More efficient and requires less administrative

overhead than IPv4– Provides a practically unlimited number of IP

addresses– Less dependent on routers



• 128-bit address, colon notation

– 2E22:4F00:000E:00D0:A267:97FF:FE6B:FE34

• Subnet prefix length

• World IPv6 launch


Configuring TCP/IP

• Default gateway

• Loopback address

• Private addresses and unique local addresses

• Normal TCP/IP workstation configuration

19


Diagnostic Toolsfor Internet Troubleshooting

• ping

• tracert and traceroute

• route

• netstat

• ipconfig — Windows

• ifconfig — UNIX/Linux

• arp

• Network analyzers


Troubleshooting Considerations

• DNS name resolution

• Hosts file configuration

• Static vs. dynamic IP addressing

• Default gateway and subnet mask


Lesson 3 Summary

Identify mobile devices and operating systems

Define the nature and purpose of TCP/IP

Explain the routing process

Discuss routing protocols

Describe port numbers and their functions

Compare and contrast IPv4 and IPv6

Explain IP addressing, subnet masks, subnet prefix length, and the use of public and private IP addresses

Define the TCP/IP properties needed to configure a typical workstation

Describe various diagnostic tools for troubleshooting TCP/IP networks

20


Lesson 4:Internet Services


Lesson 4 Objectives

• Identify and describe the functions and features of various Internet servers

• Identify the functions and features of Internet-based services

• Identify industry-standard Internet servers• Explain the advantages and disadvantages of cloud-based

services• Discuss the uses and benefits of a Content Management

System (CMS)


Cloud Services

• Service provider runs services from remote data center

• Advantages– Elimination of equipment, purchasing and

maintenance

– Cost savings

– Industry job growth

• Disadvantages– Security

– Expectations

– Failures

21


Cloud Services (cont’d)

• Three flavors of cloud computing– Software as a Service (SaaS)

– Platform as a Service (PaaS)

– Infrastructure as a Service (IaaS)


Internet Servers

• File

• Print

• HTTP

• Proxy

• Mail

• Mailing list

• Social networking

• DNS

• FTP

• Instant messaging

• Certificate

• Directory

• Fax

• Transaction


File and Print Servers

• File servers — network servers that store data files and programs that can be shared by network users

• Print servers — network servers that allow multiple users to send print jobs to the same physical printer

• Line Printer/Line Printer Daemon (LPR/LPD) —printing protocol in UNIX that allows users to submit print jobs to network printers

22


HTTP Servers

• The Web — a collection of computer systems running the HTTP service

• Web server — has access to HTML documents that are returned to a client in response to a request

• Common Web servers

– Apache server

– Microsoft Internet Information Services (IIS)

– Nginx


Database Servers

• Database — a file that stores information in a series of tables and columns

• Relational database — a database consisting of two or more tables related by a common field

• Database server — a server that presents relational databases and makes it possible for remote individuals to access the data

• All database servers use SQL to create, maintain and query databases


Social Networking

• LAMP (Linux, Apache, MySQL, PHP):

– Linux — operating system

– Apache — Web server

– MySQL — relational database management system

– PHP —object-oriented scripting language (Perl or Python can also be used)

23


Proxy Servers

• Proxy server — an intermediary between a network host and other hosts outside the network

• Proxy servers:

– Provide enhanced security

– Manage TCP/IP addresses

– Speed Internet access by caching Web documents

– Replace network IP address with another, contingent address


Mail Servers

• Mail servers store/forward e-mail messages using several protocols:

– SMTP — used to send messages

– POP3 — used to store and forward messages (forces a user to download messages before managing them)

– IMAP — used to store and forward messages (allows a user to browse and manage messages remotely)

• MIME is used to transmit files with e-mail


Instant Messaging (IM)

• Instant messaging runs on a typical server installation

• Use IM to:

– Type and view messages sent to one or more recipients

– View the responses immediately

• IMs can be sent only to contacts who are currently online

24


Mailing List Servers

• A mailing list server forwards an e-mail message to every member on a distribution list

• Mailing List Manager (MLM) — the interface that allows you to configure a mailing list server

• Public vs. private mailing lists

• Examples of public mailing lists:

– LISTSERV

– Majordomo


Mailing List Servers (cont'd)


DNS Servers

• DNS — mechanism used on the Internet to translate host computer names into IP addresses

– www.CIWcertified.com = http://72.44.192.233

• Hosts file — file referenced locally by applications and commands for name-to-address resolution

25


DNS Servers (cont'd)

• DNS hierarchy

– Root-level domain — the top of the hierarchy that contains entries for each top-level domain

– Top-level domain — consists of categories found at the end of domain names

– Second-level domain — includes the businesses and institutions that register their domain names with the top-level domains



• DNS components

– Name server — server that supports name-to-address translation and runs the DNS service

– Name resolver — software that uses the services of one or more DNS servers to resolve an unknown request

• DNS records — entries in DNS database that provide additional routing and resolution information



• DNS server types

– Root

– Primary

– Secondary

– Caching-only

– Forwarding

26



Domain name space

.(root)

se com mx

user1

xyz

net chie

ftp

iso

user2 www



• nslookup

– Used to query Internet domain name servers to learn name-to-IP-address mappings

– Example of nslookup one-time command:

• nslookup www.CIWcertified.com

– Used interactively by typing:

• nslookup


FTP Servers

• File Transfer Protocol (FTP) allows the transfer of large files between file servers in real time

• Files of 2 MB or greater should be transferred by means of FTP

• Sending files by means of FTP is faster than with e-mail and HTTP

27


Certificate Servers

• A certificate server validates, or certifies, encryption keys

• Keys — strings of text generated from encryption algorithms that allow you to secure communications for a company or group of users


Directory Servers

• Identify all resources on a network, then make them available to authenticated users

• Enable a company to reuse information in its directory

• Reduce/eliminate re-entry of user information for applications that require it

• Help administrators manage applications and users

• Help users locate other users or e-mail addresses

• Locate and manage all company accounts

• Allow users inside and outside the network to use the service

• Maintain a single database of e-mail contacts


Fax and Transaction Servers

• Fax servers

– Provide a centrally located fax system

– Consist of a bank of fax/modems

• Transaction servers

– Guarantee that all required databases are updated when a transaction takes place

28


Choosing Web Server Products

• Apache Web server

– Used by almost two-thirds of all Web sites

– Supports UNIX and Windows

– Available free of charge

• Microsoft IIS

– Includes HTTP, FTP, NNTP, SMTP, certificate, ASP, index (catalog) and transaction services

– Allows you to use a remote server to store and retrieve files


Choosing Web Server Products (cont'd)

• Sun Java System Web Servers

– Support many platforms, including Sun Solaris, Windows, Linux, AIX and HP-UX

– Support JavaServer Pages (JSP) technology and Java servlets

– Can use Java to connect to databases

– Can implement other server-side scripting applications


Choosing Web Server Products (cont'd)

• Java software and Web servers

– Java servlet — Java code that is compiled and runs solely on Web servers

– Servlets allow:

• Chaining

• Connections to databases

• Near-universal support on systems

29


Content Management System (CMS)

• CMS – allows you to easily create, store and track all documents and information produced by an organization

• Benefits

– Centralized management of content

– Ability to reuse content

– Increased collaboration


Content Management System (CMS) (cont'd)

• Common CMS Services– Role management– Permission management– Content publication– Content editing– Version control– Indexing and searching– Caching and replication– Simplified backup– Syndication



• CMS as a workflow management tool

– Helps managers and executives ensure that users properly submit and manage content

• CMS requirements analysis

– Number of users

– Projected server load

– Storage capacity

30



• Managing a CMS

– Workflow management

– Content acquisition

– Standard tagging

– Taxonomic and social tagging

– Template creation and management

– Localization

– Personalization and portals



CMS and the content life cycle



• CMS security concerns

• Types of CMS

– Web CMS

– Enterprise CMS

• CMS vendors and products

31


Lesson 4 Summary

Identify and describe the functions and features of various Internet servers

Identify the functions and features of Internet-based services

Identify industry-standard Internet servers Explain the advantages and disadvantages of cloud-based

services Discuss the uses and benefits of a Content Management

System (CMS)


Lesson 5:Hardware and Device Connectivity


Lesson 5 Objectives

• Identify the functions of motherboards, storage devices and optical discs

• Connect common peripherals

• Describe the importance of obtaining proper software licensing

• Identify how to partition disks and prepare logical drives

• Describe the characteristics of file system types

32


Lesson 5 Objectives (cont'd)

• Describe the uses of file system management tools• Identify and suggest corrective measures for

operating system boot problems and application failures

• Identify methods to remotely manage and troubleshoot workstations

• Back up and restore files


Motherboard

• Main circuit board in a computer

• Must be securely fastened to system chassis

• Should never touch anything metal, except through proper connections

• Most motherboard components are soldered on and no longer replaceable

• If components fail (except for memory and the microprocessor), the entire motherboard needs to be replaced


IRQs, I/O Addresses and DMA

• Interrupt requests (IRQs) — hardware lines used to identify when a device wants to communicate with the processor– Example: When a printer has finished printing,

it sends an interrupt signal to the computer so the computer can decide what to process next

• Input/output (I/O) address — memory location that allows the system processor and system devices to communicate

• Direct memory access (DMA) — allows a device to access system memory directly, bypassing the processor

33


Electronic Communication

• Binary numbering

– Converting decimal values into binary

– Bytes and bits

• Hexadecimal numbering

– Converting from hexadecimal into binary and decimal

– Converting from binary into hexadecimal

• ASCII


Communication Basics

Serial communication


Communication Basics (cont'd)

Parallel communication

34


Storage Devices

• To communicate with a motherboard, mass storage devices need to be connected to the motherboard through an interface

• Four most common interfaces are:

– SATA / eSATA

– SCSI

– USB

– Memory card reader


Serial ATA (SATA)

• SATA is currently the de facto standard for PC-based drives

• SATA devices are connected using a cable that can transfer 3 Gbps (SATA version 1) or 6 Gbps (SATA version 2)


Small Computer System Interface (SCSI)

• With SCSI, multiple devices can be connected to a single controller in a daisy chain configuration

• You can attach as many as 127 internal or external SCSI devices to a single controller

• SCSI daisy chain must be terminated at both ends and only at the ends

35


Universal Serial Bus (USB)

• Many external hard drives connect to computers using a USB connection

• USB flash drives are replacing DVD/CD drives

USB flash drive


Memory Card Reader

• Used to read and write data on memory cards (e.g., Secure Digital (SD) cards and Memory Sticks)

• Do not store information

Internal multi-card reader


Memory Card Reader (cont’d)

• Secure Digital (SD) cards

• MiniSD and microSD cards

• CompactFlash

36


Network Interface Card (NIC)

• Each network device must have a NIC (or network adapter card)

• The network adapter makes the physical connection between the device and the network cabling

• The network adapter converts the data from the computer into a format appropriate for transmission over the network

• Transceiver — the network adapter component that handles data transmission


Optical Discs

• CDs

• DVDs

• Blu-ray Discs (BDs)


Compact Disc—Read-Only Memory (CD-ROM)

• CD-ROM — an optical storage device from which data can be read only

• CD-ROM drives use common mass storage interfaces

• Writable CD devices allow you to create, or "burn," your own data and audio CDs

– CD-R (CD-recordable) — write data once

– CD-RW (CD-rewritable) — write data multiple times

37


Digital Video Disc (DVD)

• DVD — optical storage device from which data can be read only

• DVDs are similar to CD-ROMs but have higher storage capacity– Initial DVD standard provided 4.7 GB of storage

capacity– Current DVD standards support dual-layer discs

with a storage capacity of 8.5 GB– Double-sided disc standard supports 9.4 GB when

writing to one side or 17 GB total when writing to both sides


Blu-Ray Discs (BDs)

• High-definition optical disc storage medium that is designed to be the successor to DVDs

• Single-layer Blu-ray Discs can hold up to 25 GB of data

• Dual-layer Blu-ray Discs can hold up to 50 GB of data

• BD-R — a write-once format

• BD-RE — a rewritable format


Optical Disc Drive Maintenance

• Keep the drives closed when they are not in use, and check all media for foreign matter before inserting into the drive

• Optical discs should be handled only by the edges• Avoid scratching the disc surface • Never directly touch or try to manually clean the

laser • Brush away and vacuum accumulated dust • Manually eject a stuck disc by inserting a wire into

the small hole on the face of the drive, then pressing hard until the disc is ejected

38


Device Connectivity

• Peripheral ports

• PS/2-style connectors

• Traditional serial ports and parallel ports have been replaced almost entirely by USB ports

• Standard port use

• Troubleshooting port and cabling problems


HDMI and DVI Connections

• Transmit high-definition digital video and high-resolution digital audio data

• Consist of 19 wires wrapped in a single cable

• Carry bandwidth of up to 5 Gbps

• Preserve the source digital signal by eliminating the digital-to-analog-to-digital conversion

• Should not run longer than 15 feet (5 meters) to prevent signal degradation


System Management

• Obtaining proper operating system and software licensing

• Identifying common file systems

• Using common file system management tools

• Using utilities to perform maintenance and recover from application failures

• Troubleshooting software, including identifying common boot problems

• Identifying ways to remotely manage and troubleshoot workstations

39


Software Licensing

• When you purchase software, you are purchasing the right to use the software under certain restrictions

• These restrictions are outlined in the license agreement

• When you load software, the license agreement typically displays during the installation process

• You must indicate that you have read and understood the agreement before the installation procedure will allow you to continue


Software Licensing (cont'd)

• Apart from legal consequences, using unlicensed software can also mean:

– No documentation

– No warranties

– No technical product support

– Greater exposure to software viruses, corrupt discs or otherwise defective software

– Ineligibility for software upgrades


Partitions and Logical Drives

• When installing an operating system on a new computer or after recovering from a hard disk failure, prepare the hard disk for use by:

– Partitioning the hard disk

– Creating logical drives

– Formatting logical drives

40


Disk Partitioning

• Partition disks to divide total storage space

• Primary partition —the system’s boot drive, used for system startup

• Extended partition — the remaining drive space after you create the primary partition


Logical Disk Drives

• A disk partition must be assigned a logical drive identifier

• A primary partition is treated as a single logical drive

• An extended partition can be divided into multiple logical drives (Drives D and E in figure)


Logical Drive Format

• Low-level format

– Prepares the hard disk before disk partitions can be defined

– Primarily the responsibility of the hard disk manufacturer

• High-level format

– Logical drive formatting that prepares the drive for use by the operating system

– Creates the file system root directory and the files used to track disk space use

41


File Systems

• Primary partitions and logical drives must be formatted so the operating system can use them

• Formatting creates the file system by adding information about how files should be stored on the drive to organize and manage disk storage

• File system types include:

– FAT32 and NTFS (Windows)

– Ext and Reiser (Linux)


File and Directory Permissions

• NTFS allows you to set permission bits on system resources

• In NTFS, you can protect files so that only certain users or groups of users can read them

• Concerns

– If permissions are applied improperly, users may take security for granted

– Improperly set permissions can disrupt an operating system


Convert Utility

• Information about the files on an NTFS volume and their attributes is stored in the master file table (MFT)

• Convert utility — used to convert a partition or logical drive from FAT32 to NTFS

convert drive /FS:NTFS [/v]

42


Preventive Maintenance

• Preventive maintenance — Avoid component failures by maintaining them properly at all times

• Planned maintenance — Schedule preventive maintenance tasks to occur at regular intervals

• Device cleaning

– Remove accumulated dust


Disk Defragmenter Utility

• As files are created and deleted, a partition can become severely fragmented

• Fragmented files are no longer located in contiguous clusters

• You can use the Disk Defragmenter utility to defragment hard disks and put files back together in a contiguous format


Chkdsk Utility

• You can use the Chkdsk utility in Windows to:

– Create and display a status report for a disk based on its file system

– List and correct errors on the disk

– Display the status of the disk in the current drive

43


Disk Cleanup Utility

• Use the Disk Cleanup utility to recover the disk space used by:

– Temporary files

– Unused applications

– Files in the Recycle Bin

– Files you downloaded as part of Web pages

– Files created when Chkdsk attempted to recover lost file fragments


Backup and Restore Utilities

• Keep a current backup of all data files to ensure that data can be recovered if a hard drive fails

• When you back up data, you store copies of folders and files to a source other than your computer's hard disk

• You restore data when you need to access the backed up data


Uninterruptible Power Supply (UPS)

• Allows your computer to keep running for at least a short time when the primary power source is lost

• Uses a battery to maintain power during an outage

• You must choose which computers to protect with UPS

44


Software Troubleshooting

• Software troubleshooting refers to anything other than problems caused by system hardware

• Software problems can be caused by:

– Bugs

– Corrupted files

– Incompatibilities

– Virus infections


Operating System Boot Problems

• Error: No operating system

– Bad or missing command interpreter

– Missing ntldr (Windows)

– Kernel not available (Linux)

– Operating system files missing

– Hard disk or controller failure


Blue Screen of Death (BSOD)

• Blue screen that indicates that a critical operating system failure has occurred during startup

• To troubleshoot:

– Restart the system in Safe mode and use the Last Known Good Configuration option

– Reinstall the operating system

– Attempt to diagnose the problem by parsing the dump file

45


System Lockup

• Lockup causes:

– Applications that are incompatible with the operating system or with a hardware component

– IRQ conflicts

– Related problems that you may be able to find in the system log file

• Power down your system by manually pressing and holding down the power key for five seconds


Application Failures

• Application failure causes:

– Low system RAM

– Current logon environment crashes

– Improper permissions

– Improper system resolution or color levels

• View the system log

– Windows Event Viewer

– Linux/UNIX "messages"


Application Failures (cont'd)

• Windows protection error causes:– Device drivers that may not be written

specifically for your operating system– Applications or utilities that attempt to bypass

the operating system and directly access local system hardware

• Application installation and loading failures:– Application will not load into memory– Application can cause an illegal operation,

resulting in the blue screen of death– Application may not install at all

46


Lesson 5 Summary

Identify the functions of motherboards, storage devices and optical discs

Connect common peripherals

Describe the importance of obtaining proper software licensing

Identify how to partition disks and prepare logical drives

Describe the characteristics of file system types


Lesson 5 Summary (cont'd)

Describe the uses of file system management tools Identify and suggest corrective measures for

operating system boot problems and application failures

Identify methods to remotely manage and troubleshoot workstations

Back up and restore files


Lesson 6:Network and Cloud Security Risks

47


Lesson 6 Objectives

• Identify various network attacks and ways to defeat them• Describe authentication principles • Explain the three major types of encryption • Describe security zones• Describe the function of a VPN• Describe security audit principles• Discuss mobile device management (MDM)• Identify BYOD policies• Identify security threats to cloud-based networks• Identify ways to avoid anti-social activity (e.g., online stalking,

cyberbullying)


Defining Security

• Security — a set of procedures designed to protect transmitted and stored information, as well as network resources

• Security administrators must determine which people can take appropriate actions on specific items at the appropriate time


Bring Your Own Device (BYOD)

• 70 percent of employees bring personal mobile devices to work

• BYOD policies limit vulnerabilities

– Acceptable Use

– Scope of Control

– Device Scope

– Enforcement

– Support

48


Bring Your Own Device (BYOD) (cont’d)

• Mobile device management (MDM) tools

– AirWatch

– Microsoft

– MobileIron

– Zenprise


Cloud Security Threats

• Multi-tenancy risks

• Ignorance

• Hypervisor vulnerabilities

• DDoS attacks

• Insider Threats


Cloud Disaster Recovery

• Plan for failure

• Do not get locked into a contract

• Review your SLA

• Create redundancy

• Continuous data protection (CDP) — saves every change made to computer data

49


Malware

• Virus — code that causes damage to systems

• Virus types

– Macro/script

– File infecting

– Boot sector

– Stealth

– Polymorphic

– Retro

• Worm — similar to virus but automatically replicates


Overview of Network Attack Types

• Spoofing

• Man in the middle

• DOS

• Distributed DOS

• Brute force

• Dictionary• Back door• Buffer overflow• Trojan• Social engineering

To avoid attacks:

• Install stable updates

• Use encryption

• Be suspicious of information requests

• Remain informed


Phishing, Pharming and Anti-Phishing Software

• Phishing – a form of social engineering that attempts to gather personal and financial information from unsuspecting victims by sending e-mail and luring the user to a legitimate-looking site, then requesting passwords, accounts numbers, etc.

• Pharming – the act of installing malicious code on personal computers or servers that redirects Internet traffic from a legitimate Web site to an identical-looking bogus Web site

• Anti-phishing software – program designed to identify phishing content contained in Web sites and e-mail messages

50


Defeating Network Attacks

• OSI/RM security services

– Authentication

– Access control

– Data confidentiality

– Data integrity

– Non-repudiation

• Updates


Authentication

• Three authentication methods

– What you know

– What you have

– Who you are

• Passwords

– Strong passwords

– Age passwords appropriately

• Account lockout — disables accounts after a given number of invalid passwords have been entered

• Account reset — enables you to choose whether accounts reset automatically after a given interval


Authentication (cont'd)

• Managing passwords

– Use password manager software to help store and manage your passwords

– Example: KeePass

• Password generators

– Algorithms that receive input from a random or pseudo-random number generator and then automatically generate a password

51


Digital Certificates

• Provide authoritative identification

• Verify the sender's identity

• Use the X.509 standard

• Are used for non-repudiation

• Contain digital signatures

– Certificate authority (CA)


Public Key Infrastructure (PKI)

• PKI CA servers:

– Are repositories for managing digital certificates

– Enable the secure creation and management of digital certificates

– Provide the ability to revoke an invalid key

• If you need a certificate for a server, use PKI


Encryption

• The primary means to ensure privacy across the enterprise

• Symmetric-key encryption

– One key to encrypt and decrypt

– All parties must know and trust one another

• Symmetric algorithms

– DES

– Triple DES

– AES

52


Encryption (cont'd)

• Asymmetric-key encryption

– Uses a key pair (one public, one private)

– Used to create a digital signature

• Asymmetric algorithms

– RSA

– DSA


Encryption (cont'd)

• Hash encryption

– Uses a hash table that contains a hash function

– Used for information that will not be decrypted or read

• Hash algorithms

– SHA


Encryption (cont'd)

• Pretty Good Privacy (PGP) — uses a combination of the three encryption types

• GNU Privacy Guard (GPG) — the open-source version of PGP

• PGP and GPG:

– Use symmetric-key encryption to scramble the original message you want to send

– Use asymmetric-key encryption to encrypt only the symmetric key you just used

– Use hash encryption to "sign" the message and ensure that no one can tamper with it

53


Firewalls

• A firewall is a secure computer system placed between a trusted network and an untrusted one, such as the Internet

– The most common location for a firewall is between a corporate LAN and the Internet

• Allows users from a protected network to access a public network while simultaneously making the protected company's products and services available to the public


Internal and Personal Firewalls

• Internal firewall — resides inside your company's internal network

– Internal firewalls can:

• Protect sensitive systems

• Isolate networks that still need Internet connectivity but which use software that may cause problems with other company resources

• Personal firewall — offers protection for an individual system


Packet Filtering

• Packet filter — inspects each packet for predefined content

• Packet filters filter data based on the following fields in the packet:

– Source IP address

– Destination IP address

– TCP/UDP source port

– TCP/UDP destination port

54


Proxy Servers

• A proxy server replaces the network IP address with a single IP address

• Provides the following services:

– Hiding of network resources

– Logging

– Caching

• Application-level gateway — a proxy between the Internet and your internal system at the application level

• Most firewalls are combinations of packet filtering and application-level gateways


Network Address Translation (NAT)

• The practice of hiding internal IP addresses from the external network

• Two ways to provide NAT

– Configure masquerading on a packet-filtering firewall

– Use a proxy server to conduct requests on behalf of internal hosts


Accessing Internet Services

• If Internet access is required and a network is located behind a proxy server or firewall, you may have problems accessing Internet services that use ports other than common ports

• To avoid these problems:– Make sure the network has access to all

Internet-related protocols used by the company– Make sure that the IP addresses assigned to

the computers in your network have permission to access the Internet

55


Security Zones

• Demilitarized zone (DMZ) — a mini-network that resides between a company's internal network and the external network

• Intranet — a security zone available only to authorized organization employees

• Extranet — a private network that allows selected access to outsiders only after they provide authentication information

• Virtual LAN (VLAN) — a logical grouping of hosts, generally not implemented by a firewall


Virtual Private Network (VPN)

• A technique that allows secure communication across long distances, usually for a company extranet

• In a VPN, the Internet is often the corporate network backbone

• Appropriate for any organization requiring secure external access to internal resources

• All VPNs are tunneling protocols — encryption occurs at the source and decryption occurs at the destination


Virtual Private Network (VPN) (cont'd)

• VPN protocols

– Point-to-Point Tunneling Protocol (PPTP)

– Layer 2 Tunneling Protocol (L2TP)

– IP Security (IPsec)

56


Security Audit

• Review of the state of the network

• Auditing process:

– Conduct a status quo analysis

– Conduct a risk analysis

– Make recommendations based on findings


Other Security Threats

• Internet fraud

• Identity theft

• Online stalking

• Cyberbullying


Internet Fraud

• Scams or other deceptive practices committed via the Internet, usually for the purpose of monetary gain or identity theft

– Auction and retail scams

– Business opportunity scams

– Investment scams

– Credit card scams

– Purchase scams

– Money transfer scams

– Dating scams

57


Identity Theft

• Fraud committed in your name by someone else who has illicitly gained access to your personal information

• Methods used by identity thieves

– Dumpster diving

– Skimming

– Phishing

– Address changing

– Stealing


Lesson 6 Summary

Identify various network attacks and ways to defeat them Describe authentication principles Explain the three major types of encryption Describe security zones Describe the function of a VPN Describe security audit principles Discuss mobile device management (MDM) Identify BYOD policies Identify security threats to cloud-based networks Identify ways to avoid anti-social activity (e.g., online stalking,

cyberbullying)


Network Technology Associate v2.0

Introduction to Networking

Networking Components and Standards

Connecting to the Internet

Internet Services

Hardware and Device Connectivity

Network and Cloud Security Risks

Network Technology Associate v2 - tombrett.ietombrett.ie/courses/CIW/Network Technology...

Documents

Transcript of Network Technology Associate v2 - tombrett.ietombrett.ie/courses/CIW/Network Technology...