Domain 1.0 Media and Topologies1.1 Recognize the following logical or physical network topologies given a schematic diagram or description:

If computers are connected in a row, along a single cable this is called a bus topology, if they branch out from a single junction or hub this is known as a star topology. When computers are connected to a cable that forms a continuous loop this is called a ring topology.

Star/hierarchical

Star Hierarchical or cascading star

Computers in a star topology are connected by cables to a hub. In this topology management of the network is made much easier (such as adding and removing devices), because of the central point. However because it is centralized more cable is required.

Because most star topologies use twisted-pair cables, the initial installation of star networks is also easier.

If one computer fails the network will continue to function, but if a hub fails all computers connected to it will also be affected.

Star topologies are, or are becoming the topology of choice for networks.

Bus

In bus topologies, all computers are connected to a single cable or "trunk or backbone", by a transceiver either directly or by using a short drop cable. All ends of the cable must be terminated, that is plugged into a device such as a computer or terminator. Most bus topologies use coax cables.

The number of computers on a bus network will affect network performance, since only one computer at a time can send data, the more computers you have on the network the more computers there will be waiting send data. A line break at any point along the trunk cable will result in total network failure.

Computers on a bus only listen for data being sent they do not move data from one computer to the next, this is called passive topology.

Mesh

A Mesh topology Provides each device with a point-to-point connection to every other device in the network. These are most commonly used in WAN's, which connect networks over telecommunication links. Mesh topologies use routers to determine the best path.

Mesh networks provide redundancy, in the event of a link failure, meshed networks enable data to be routed through any other site connected to the network. Because each device has a point-to-point connection to every other device, mesh topologies are the most expensive and difficult to maintain.

Ring

In a ring topology network computers are connected by a single loop of cable, the data signals travel around the loop in one direction, passing through each computer. Ring topology is an active topology because each computer repeats (boosts) the signalbefore passing it on to the next computer.

One method of transmitting data around a ring is called token passing. The token is passed from computer to computer until it gets to a computer that has data to send.

If there is a line break, or if you are adding or removing a device anywhere in the ring this will bring down the network. In an effort to provide a solution to this problem, some network implementations (such as FDDI) support the use of a double-ring. If the primary ring breaks, or a device fails, the secondary ring can be used as a backup.

Wireless

A wireless network consists of wireless NICs and access points. NICs come in different models including PC Card, ISA, PCI, etc. Access points act as wireless hubsto link multiple wireless NICs into a single subnet. Access points also have at leastone fixed Ethernet port to allow the wireless network to be bridged to a traditional wired Ethernet network, such as the organization’s network infrastructure. Wireless and wired devices can coexist on the same network.

1.2 Specify the main features, including speed, access method, topology, and media of:

802.3 (Ethernet) Carrier Sense Multiple Access with Collision Detection (CSMA/CD) LANEthernet

A type of media access control. With CSMA/CD, a computer listens to the network to determine whether another computer is transmitting a data frame. If no other computeris transmitting, the computer can then send its data. While the computer is listeningfor a data signal, that would be the carrier sense part. Multiple access means, thereare multiple computers trying to access or send data on the network at the same time.Collision detection indicates that the computers are also listening for collisions, if two computers try to send data at the same time and a collision occurs, they must wait a random period of time before transmitting again.

Ethernet

Designation

Supported Media Maximum SegmentLength

TransferSpeed

Topology

10Base-5 Coaxial 500 m 10 Mbps Bus

10Base-2 Thin Coaxial (RG-58 A/U)

185 m 10 Mbps Bus

10Base-T Category 3 or above unshielded twisted-pair (UTP)

100 m 10 Mbps Star, using either simple repeater hubs or Ethernet switches

1Base-5 Category 3 UTP, or above

100 m 1 Mbps Star, using simple repeater hubs

10Broad-36 Coaxial (RG-58 A/U CATV type)

3600 m 10 Mbps Bus (often only point-to-point)

10Base-FL Fiber-optic - two strands of multimode 62.5/125 fiber

2000 m (full-duplex)

10 Mbps Star (often only point-to-point)

100Base-TX Category 5 UTP 100 m 100 Mbps Star, using either simple repeater hubs or Ethernet switches

100Base-FX Fiber-optic - two strands of multimode 62.5/125 fiber

412 meters (Half-Duplex)

2000 m (full-duplex)

100 Mbps

(200 Mb/s full-duplexmode)

Star (often only point-to-point)

1000Base-SX

Fiber-optic - two strands of multimode 62.5/125 fiber

260 m 1 Gbps Star, using buffered distributor hub (orpoint-to-point)

1000Base-LX

Fiber-optic - two strands of multimode 62.5/125 fiber or monomode fiber

440 m (multimode) 5000m (singlemode)

1 Gbps Star, using buffered distributor hub (orpoint-to-point)

1000Base-CX

Twinax, 150-Ohm-balanced, shielded, specialty cable

25 m 1 Gbps Star (or point-to-point)

1000Base-T Category 5 100 m 1 Gbps Star

802.5 (token ring)

The IEEE 802.5 Token Ring standards define services for the OSI physical layer and the MAC sublayer of the data link layer. Token Ring computers are situated on a continuous network loop. A Token Ring controls access to the network by passing a token, from one computer to the next. Before they can transmit data they must wait for a free token, thus token passing does not allow two or more computers to begin transmitting at the same time.

Token Ring

Media MACMethod

Signal Propagation Method Speed Topologies MaximumConnections

Twisted-pair (various

Token passing

Forwarded from device to device (or port to port on a hub) in a closed

4 Mbps16

RingStar-using Token Ring

255 nodes persegment

types) loop Mbps repeater hubs

802.11b (wireless)

802.11b is a wireless Ethernet technology operating at 11MB. 802.11b devices use Direct Sequence Spread Spectrum (DSSS) radio technology operating in the 2.4GHz frequency band.

An 802.11b wireless network consists of wireless NICs and access points. Access points act as wireless hubs to link multiple wireless NICs into a single subnet. Access points also have at least one fixed Ethernet port to allow the wireless network to be bridged to a traditional wired Ethernet network.. Wireless and wired devices can coexist on the same network.

802.11b devices can communicate across a maximum range of 50-300 feet from each other.

FDDI networking technologies

Fiber Distributed Data Interface, shares many of the same features as token ring, such as a token passing, and the continuous network loop configuration. But FDDI has better fault tolerance because of its use of a dual, counter-rotating ring that enables the ring to reconfigure itself in case of a link failure. FDDI also has higher transfer speeds, 100 Mbps for FDDI, compared to 4 - 16 Mbps for Token Ring.

Unlike Token Ring, which uses a star topology, FDDI uses a physical ring. Each devicein the ring attaches to the adjacent device using a two stranded fiber optic cable. Data travels in one direction on the outer strand and in the other direction on the inner strand. When all devices attached to the dual ring are functioning properly, data travels on only one ring. FDDI transmits data on the second ring only in the event of a link failure.

Media MACMethod

Signal Propagation Method Speed Topologies MaximumConnections

Fiber-optic

Token passing

Forwarded from device to device(or port to port on a hub) in aclosed loop

100 Mbps

Double ring Star

500 nodes

1.3 Specify the characteristics (e.g., speed, length, topology, cable type, etc.) of the following 802.3 (Ethernet) standards:

  Cable Type MaximumLength

Speed Topology

10Base-5 Coaxial 500 m 10 Mbps Bus

10Base-2 Thin Coaxial (RG-58A/U)

185 m 10 Mbps Bus

10Base-T Category 3 or aboveunshielded twisted-pair (UTP)

100 m 10 Mbps Star, using either simple repeater hubs or Ethernet switches

100Base-TX Category 5 UTP 100 m 100 Mbps Star, using either simple repeater hubs or Ethernet switches

100Base-FX Fiber-optic 412 meters (Half-Duplex)

2000 m (full-duplex)

100 Mbps

(200 Mb/s full-duplex mode)

Star (often only point-to-point)

1000Base-LX Fiber-optic 440 m (multimode) 5000 m (singlemode)

1 Gbps Star, using buffered distributor hub (or point-to-point)

1000Base-T Category 5 100 m 1 Gbps Star

1.4 Recognize the following media connectors and describe their uses:

RJ-11 Standard telephone cable connectors, usually have 4-6 wires.

RJ-45

RJ-45 connectors are used with 10-100BaseT cables. These resemble telephone RJ-11 connectors, but are larger and house 8 wireswhile RJ-11 house 4 or 6 wires. They are connected to the cable by crimping.

For an in-depth look at how these are connected to cables go here.

AUI

A thicknet network connection uses a 15 pin attachment unit interface (AUI) to connect the 15 pin DB 15 connector on the back of the network adapter card to an external transceiver (shown left). The transceiver for thicknet Ethernet includes avampire tap (shown on top of the transceiver) which pierces the thicknet cable to make the network connection. From the transceiver to the network card a drop cable is attached.

BNC

BNC connector for coaxial cables. These are either soldered, orcrimped to the end of the cable.

BNC T connector, which joins the network card to the network cable.

BNC barrel connector, used to connect two cables together. It is better to use one continuous length of cable, as theseconnectors weaken the signal strength.

ST / SC

Fiber network segments always require two fiber cables: one for transmitting data, and one for receiving. Each end of a fiber cable is fitted with a plug that can be inserted into a network adapter, hub, or switch. In the North America, most cables use a square SC connector that slides and locks into place when inserted into a node or connected to another fiber cable, Europeans use a round ST connector instead.

Both connectors offer the same features as far as distance and reliability, Connectors of different types can communicate with the use of adapters or couplers, but it is best to choose one type of connector and stick with it over your entire network.

Round ST connector used with fiber optic cabling.

Square SC connector, used with fiber optic cabling.

Twisted-pair

Twisted-pair cabling comes in two basic types shielded and unshielded. Unshielded twisted-pair cable (UTP) is the most widely used in medium size LAN's. UTP is easy towork with and inexpensive. Shielded twisted-pair (STP) cable protects signals from cross signaling that can result from other, nearby cables. STP offers higher data transmission speeds, and larger networks.

Networks that use twisted-pair cabling include Token Ring, Ethernet, and Fast Ethernet networks.

1.6 Describe the purpose, features, and functions of the following network components:

Hubs

Stackable hubs Small hub

A Hub is a component that provides a common connection point for computers, printers,and other network devices in a star topology network, allowing them to be managed from a central location. Also, hubs allow you to connect and disconnect an individualcomputer/device without disrupting the network. Hubs operate at the physical layer ofthe OSI Model.

There are two basic types of hubs, passive and active.

Passive hubs simply provide a junction point, to send the data signal on to other devices on the network.

Active Hubs, regenerate and retransmit the data signal, because they repeat the signal they can, increase the diameter of the network. In an Ethernet hub the signal is regenerated to all devices at the same time, while a Token Ring hub will only regenerate the signal to the next to the next device in line. You can tell if a hub is active because it requires electricity.

Active hubs act like repeaters are sometimes called multiport repeaters.

Switches

Switches are a special type of hub that offers an additional layer of intelligence tobasic, physical-layer, repeater hubs. A switch must be able to read the MAC address of each frame it receives. This information allows switches to repeat incoming data frames only to the computer or computers to which a frame is addressed. This speeds up the network and reduces congestion.

Switches operate at both the physical layer and the data link layer of the OSI Model.

Bridges

A bridge is used to join two network segments together, it allows computers on eithersegment to access resources on the other. They can also be used to divide large networks into smaller segments. Bridges have all the features of repeaters, but can have more nodes, and since the network is divided, there is fewer computers competingfor resources on each segment thus improving network performance.

Bridges can also connect networks that run at different speeds, different topologies,or different protocols. But they cannot, join an Ethernet segment with a Token Ring segment, because these use different networking standards.

Bridges operate at both the Physical Layer and the MAC sublayer of the Data Link layer. Bridges read the MAC header of each frame to determine on which side of the bridge the destination device is located, the bridge then repeats the transmission tothe segment where the device is located.

Routers

A device used to connect networks of different types, such as those using different topologies and protocols. They can operate at the first three layers of the OSI Model. This means they can switch and route packets across multiple networks. Routersdetermine the best path for sending data.

You can use routers, to segment a large network, and to connect local area segments to a single network backbone that uses a different physical layer and data link layerstandard. They can also be used to connect LAN's to a WAN's.

Brouters

A Device is a combination bridge, and router in one device. Brouters are more cost effective as both the bridge and router are combined together

Gateways

A gateway is a device used to connect networks using different protocols. Gateways operate at the network layer of the OSI model.

In order to communicate with a host on another network, an IP host must be configuredwith a route to the destination network. If a configuration route is not found, the host uses the gateway (default IP router) to transmit the traffic to the destination host. The default t gateway is where the IP sends packets that are destined for remote networks. If no default gateway is specified, communication is limited to the local network.

Gateways receive data from a network using one type of protocol stack removes that protocol stack and repackages it with the protocol stack that the other network can use.

CSU/DSU’s

A CSU/DSU is a device that combines the functionality of a channel service unit (CSU)and a data service unit (DSU). These devices are used to connect a LAN to a WAN, and they take care of all the translation required to convert a data stream between thesetwo methods of communication.

A DSU provides all the handshaking and error correction required to maintain a connection across a wide area link, similar to a modem. The DSU will accept a serial data stream from a device on the LAN and translate this into a useable data stream for the digital WAN network. It will also take care of converting any inbound data streams from the WAN back to a serial communication.

A CSU is similar to a DSU except it does not have the ability to provide handshaking or error correction. It is strictly an interface between the LAN and the WAN and relies on some other device to provide handshaking and error correction.

Network interface cards/ISDN adapters/system area network cards

Network Interface Card, or NIC is a hardware card installed in a computer so it can communicate on a network. The network adapter provides one or more ports for the network cable to connect to, and it transmits and receives data onto the network cable.

Every networked computer must also have a network adapter driver, which controls the network adapter. Each network adapter driver is configured to run with a certain typeof network adapter.

A networked computer must also have one or more protocol drivers (sometimes called a transport protocol or just a protocol). The protocol driver works between the upper-level network software and the network adapter to package data to be sent on the network.

In most cases, for two computers to communicate on a network, they must use identicalprotocols. Sometimes, a computer is configured to use multiple protocols. In this case, two computers need only one protocol in common to communicate. For example, a computer running File and Printer Sharing for Microsoft Networks that uses both NetBEUI and TCP/IP can communicate with computers using only NetBEUI or only TCP/IP.

ISDN

Integrated Services Digital Network adapters can be used to send voice, data, audio, or video over standard telephone cabling. ISDN adapters must be connected directly toa digital telephone network. ISDN adapters are not actually modems, since they neither modulate nor demodulate the digital ISDN signal.

Like standard modems, ISDN adapters are available both as internal devices that connect directly to a computer's expansion bus and as external devices that connect to one of a computer's serial or parallel ports. ISDN can provide data throughput rates from 56 Kbps to 1.544 Mbps (using a T1 carrier service).

ISDN hardware requires a NT (network termination) device, which converts network datasignals into the signaling protocols used by ISDN. Some times, the NT interface is included, or integrated, with ISDN adapters and ISDN-compatible routers. In other cases, an NT device separate from the adapter or router must be implemented.

ISDN works at the physical, data link, network, and transport layers of the OSI Model.

Wireless access points

A wireless access point broadcasts and receives signals to and from the surrounding computers and passes back and forth between the wireless computers and the cabled network.

Access points act as wireless hubs to link multiple wireless NICs into a single subnet. Access points also have at least one fixed Ethernet port to allow the wireless network to be bridged to a traditional wired Ethernet network.

Modems

A modem is a device that makes it possible for computers to communicate over telephone lines. The word modem comes from Modulate and Demodulate. Because standard telephone lines use analog signals, and computers digital signals, a sending modem must modulate its digital signals into analog signals. The computers modem on the receiving end must then demodulate the analog signals into digital signals.

Modems can be external, connected to the computers serial port by an RS-232 cable or internal in one of the computers expansion slots. Modems connect to the phone line using standard telephone RJ-11 connectors.

Domain 2: Protocols and Standards 2.1 Given an example identify a MAC address.

Every device on the network must have a unique MAC address to ensure proper receivingand transmission of data. The MAC address is a device's actual physical address, which is usually designated by the manufacturer of the device

Medium Access Control sublayer Operations The purpose of the MAC sublayer is to determine when each frame should be passed on to the physical layer to be transmittedas a data signal over the network. The MAC sublayer governs which devices have permission to transmit data over the network and when. There are four basic methods for controlling access to the network, polling, contention, token passing, and switching.

2.2 Identify the seven layers of the OSI model and describe their functions.

The Open Systems Interconnection (OSI) Reference Model is a modular framework for developing standards that are based on a division of network operations into seven, sets of network services.

Data travels from the sending computer down through all the layers to the physical layer where the data is put onto the network cabling, and then sent to the physical layer of the receiving computer where the process reverses and the data travels up through the layers to the application layer of the receiving computer.

Layer Description Devices Protocols

Application

Gives user applications accessto network. This layer represents the services, that directly support the user applications such as software for file transfers, database access, and e-mail.

GatewaySNMP, SMTP, FTP, TELNET, HTTP, NCP, SMB, AppleTalk

Presentation

Encodes and converts user information into binary data. Provides protocol conversion, encryption, and compression.

Gateway and redirectors NCP, AFP, TDI

Session

Opens manages, and closes conversations between two computers. It performs name recognition and the functions such as security, needed to allow two applications to communicate over the network, also provides error handling.

Gateway NetBIOS

Transport

Sequences data packets, and requests retransmission of missing packets. It also repackages messages for more efficient transmission over the network.

Gateway NetBEUI, TCP, SPX, NWlink

Network

Routes data packets across network segments. Translates logical addresses and names into physical addresses.

Router, Brouter IP, IPX, NWlink, NetBEUI

Data LinkTransmits frames of data from computer to computer on the same network segment.

Switch, Bridge, and Brouter None

PhysicalDefines cabling and connections. Transmits data over the physical media.

Repeaters, Hubs,Transceivers, Amplifiers

None

2.3 Differentiate between the following network protocols in terms of routing, addressing schemes, interoperability, and naming conventions:

TCP/IP

Transmission Control Protocol, A connection based Internet protocol responsible for breaking data into packets, which the IP protocol sends over the network. IP is located at the TCP/IP Internet layer which corresponds to the network layer of the OSI Model. IP is responsible for routing packets by their IP address.

IP is a connectionless protocol. which means, IP does not establish a connection between source and destination before transmitting data, thus packet delivery is not guaranteed by IP. Instead, this must be provided by TCP. TCP is a connection based protocol and, is designed to guarantee delivery by monitoring the connection between source and destination before data is transmitted. TCP places packets in sequential order and requires acknowledgment from the receiving node that they arrived properly before any new data is sent.

IPX/SPX

Internetwork Packet Exchange/Sequenced Packet Exchange developed by Novell and is used primarily on networks that use the Novell NetWare network operating system. The IPX and SPX protocols provide services similar to those offered by IP and TCP. Like IP, IPX is a connectionless network layer protocol. SPX runs on top of IPX at the transport layer and, like TCP, provides connection oriented, guaranteed delivery.

IPX nodes do not have to be configured with a unique node identifier; instead, they copy the MAC address of the network interface card into the IPX node address field. The IPX header contains information about which transport layer protocol receives a particular packet. With IPX, this information is contained in the destination socket field. Servers have pre specified destination socket numbers, so workstations always know what value to use to send information to the server. In contrast, these workstations assign source socket numbers dynamically for their own protocols outsidethe server socket number's range.

IPX routing protocols require each logical network to have a different network numberin order to forward IPX packets correctly. But, unlike IP, with IPX only servers and routers must be configured with a network number. New network stations first use dynamic Routing Information Protocol (RIP) routing packets to learn network topography and configuration from servers and routers and then configure themselves accordingly.

Because IPX is a connectionless protocol, NetWare servers are unable to tell if a station's connection to the server is currently active. To avoid reserving resources for inactive users, the NetWare server sends a watchdog packet to a client after a predetermined length of inactivity. The packet asks if the client is still connected and, if the client does not respond, the server terminates the connection.

SPX is connection oriented and, thus, does not require the use of watchdog packets. However, network devices will keep an SPX session open by sending keep alive packets to verify the connection.

NetBEUI

NetBIOS Enhanced User Interface was designed as a small, efficient protocol for use in department-sized LANs of 20-200 computers that do not need to be routed to other subnets. NetBEUI is used almost exclusively on small, non-routed networks.

As an extension of NetBIOS, NetBEUI is not routable, therefore networks supporting NetBEUI must be connected with bridges, rather than routers, like NetBIOS, the NetBEUI interface must be adapted to routable protocols like TCP/IP for communicationover WANs.

AppleTalk

AppleTalk is a LAN architecture built into all Apple Macintosh computers. While AppleTalk is a proprietary network, many companies now market AppleTalk based products, including Novell and Microsoft. Similarly, designed to be link layer independent, AppleTalk supports Apple's LocalTalk cabling scheme, but also runs over

Ethernet (EtherTalk), Token Ring (TokenTalk), and Fiber Distributed Data Interface, or FDDI (FDDITalk).

AppleTalk node addresses are assigned dynamically to ensure minimal network administration overhead. When a node running AppleTalk starts up, it generates a random network layer protocol address and then sends out a broadcast to determine whether that particular address is already in use. If it is, the node with the conflicting address responds and the broadcasting node selects a new address and repeats the inquiry process.

2.4 Identify the OSI layers at which the following network components operate:

hubs, switches, bridges, routers, and network interface cards

Layer Devices

Application Gateway and redirectors

Presentation Gateway

Session Gateway

Transport Gateway

Network Router, Brouter

Data Link NIC's, Switch, Bridge, and Brouter

Physical NIC's, Repeaters, Hubs, Transceivers, Amplifiers

2.5 Define the purpose and function of the following protocols within TCP/IP:

IP

Internet Protocol is the standard for data packet delivery over the Internet. IP is anetwork layer protocol that provides network addressing for identifying senders and receivers. IP also defines how data packets can be routed across the network to theirdestinations.

Routers forward each packet across the Internet based on its destination IP address. Each device attached to the Internet or any IP network must have a unique IP address.

TCP

Transmission Control Protocol, A connection-based Internet protocol responsible for breaking data into packets, which the IP protocol sends over the network. This protocol provides a reliable, sequenced communication stream for network communication.

UDP

User Datagram Protocol runs on top of IP and is used as an alternative to TCP. UDP does not, however, provide any error checking for guaranteeing packet delivery. Because UDP is not as complex as TCP, it is also faster. It is often used for broadcast messages and for streaming audio and video. UDP is a connectionless transport protocol.

FTP

File Transfer Protocol, is used for exchanging files in a TCP/IP environment and is implemented at the application layer of the OSI model.

TFTP

Trivial File Transfer Protocol is a file transfer protocol that transfers files to and from a remote computer running the TFTP service. TFTP was designed with less functions than FTP.

SMTP

Simple Mail Transfer Protocol, is used to transfer messages between two remote computers. It is used on the Internet, and is part of the TCP/IP protocol stack.

HTTP

Hypertext Transfer Protocol is the underlying protocol for the World Wide Web. HTTP defines how all resources on the web are transferred and what action web servers and browsers should take in response to commands.

HTTP is a "stateless" protocol, meaning each command is executed independently, without any knowledge of the commands that came before it.

HTTPS

The secure hypertext transfer protocol is a communications protocol designed to transfer encrypted information between computers over the World Wide Web. HTTPS is HTTP using a Secure Socket Layer (SSL). A secure socket layer is an encryption protocol invoked on a Web server that uses HTTPS. Most implementations of the HTTPS protocol involve online purchasing or the exchange of private information. Accessing a secure server often requires some sort of registration, login, or purchase. The successful use of the HTTPS protocol requires a secure server to handle the request.

POP3/IMAP4

Post Office Protocol, used to retrieve e-mail from a mail server. Most e-mail applications use the POP protocol, although some use the newer IMAP (Internet MessageAccess Protocol).

This older POP2 requires SMTP to send messages. While POP3, can be used with or without SMTP.

Telnet

Short for Telecommunication Network, a virtual terminal protocol allowing a user logged on to one TCP/IP host to access other hosts on the network.

ICMP

Internet Control Message Protocol is a maintenance protocol in the TCP/IP suite, required in every TCP/IP implementation, that allows two nodes on an IP network to share IP status and error information. ICMP is used by the ping utility to determine the readability of a remote system.

ARP

Address Resolution Protocol, is a TCP/IP protocol used to convert an IP address into a physical address, such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address.

NTP

The Network Time Protocol is used to synchronize the time of a computer client or server to another server or reference time source, such as a radio or satellite receiver or modem. It provides accuracy's typically within a millisecond on LANs and up to a few tens of milliseconds on WANs.

2.6 Define the function of common TCP and UDP ports.

All upper layer applications that use TCP or UDP have a port number that identifies the application. This enables the port number to identify the type of service that one TCP system is requesting from another.

Some commonly used ports

Port Number Service80 HTTP21 FTP110 POP325 SMTP23 Telnet

2.7 Given a network implementation scenario, select the appropriate network service (e.g., DHCP/bootp, DNS, NAT/ICS, WINS, and SNMP).

DHCP/bootp

Dynamic Host Configuration Protocol is a server service. When a DHCP server is configured on a network , clients that support DHCP can request TCP/IP configuration information from the server. This makes makes configuration of TCP/IP much easier on the client computer.

For example the following can be automatically obtained:

The IP address The subnet mask Default Gateway

All these setting are automatically binded to the network card of the client computer. It is possible for DHCP to assign a different IP address to a client each time the machine logs on to the network.

A DHCP/BOOTP relay agent is hardware or software that passes DHCP/BOOTP packets from one subnet to another subnet. If the routers that connect the subnet are RFC 1542 compliant routers, the DHCP/BOOTP relay agent can provide IP addresses to clients in multiple subnets. If the router cannot function as a relay agent, each subnet that has DHCP clients requires its own DHCP Server.

DNS

Domain Name System enables short alphabetical names to be assigned to IP addresses todescribe where a computer is located. For example instead of trying to remember an IPaddress composed of numbers, such as 198.46.8.34 you could with DNS type HTTP://www.microsoft.com.

NAT

Network Address Translation is a process that lets an entire network connect to a PPPserver and appear as a single IP address, thus helping to conceal IP addresses from external hackers and to alleviate address space shortage.

WINS

While DNS resolves host names to IP addresses, WINS resolves NetBIOS names to IP addresses. Windows Internet Name Service provides a dynamic database of IP address toNetBIOS name resolution mappings.

WINS, determines the IP address associated with a particular network computer. This is called name resolution. WINS supports network client and server computers running Windows.

WINS uses a distributed database that is automatically updated with the names of computers currently available and the IP address assigned to each one.

DNS is an alternative for name resolution suitable for network computers with fixed IP addresses.

SNMP

Simple Network Management Protocol, is a TCP/IP protocol for monitoring networks and network components. SNMP uses small utility programs called agents to monitor behavior and traffic on the network, in order to gather statistical data.

These agents can be loaded onto managed devices such as hubs, NIC's, servers, routers, and bridges. The gathered data is stored in a MIB (management information base).

To collect the information in a usable form, a management program console polls theseagents and downloads the information from their MIB's, which then can be displayed asgraphs, charts and sent to a database program to be analyzed.

2.8 Identify IP addresses (IPv4 IPv6) and their default subnet masks.

IP is a 32-bit number comprised of a host number and a network prefix, both of which are used to uniquely identify each node within a network. A shortage of available IP addresses has prompted the creation of an addressing scheme known as Classless Inter-Domain Routing (CIDR). Among other capabilities, CIDR allows one IP address to designate many unique IP addresses within a network. In addition, the current versionof the IP address, IPv4, is being upgraded to IPv6. The latter uses a 128-bit address, allowing for 2128 total IP addresses, as opposed to IPv4's 232.

IPv4 A, B, and C classes of IP addresses and their default subnet mask numbers

To accommodate different size networks, IP defines several address classes. Classes A, B, and C are used for host addressing, and the only difference between the classesis the length of the NET_ID subfield:

Class A - addresses are intended for very large networks and can address up to 16,777,216 (224) hosts per network. The first digit of a Class A addresses will be a number between 1 and 126, the network ID start bit is 0 and default subnet mask is 255.0.0.0

Class B - addresses are intended for moderate sized networks and can address up to 65,536 (216) hosts per network. The first digit of a Class B address will be a numberbetween 128 and 191, the network ID start bit is 10 and the default subnet mask is 255. 255.0.0

Class C - intended for small networks and can address only up to 254 (28-2) hosts pernetwork. The first digit of a Class C address will be a number between 192 and 223, the network ID start bit is 110 and their default subnet mask is 255. 255. 255.0

2.9 Identify the purposes of subnetting and default gateways.

Default Gateways

A gateway is a device used to connect networks using different protocols. Gateways operate at the network layer of the OSI model.

In order to communicate with a host on another network, an IP host must be configuredwith a route to the destination network. If a configuration route is not found, the

host uses the gateway to transmit the traffic to the destination host. The default gateway is where the IP sends packets that are destined for remote networks. If no default gateway is specified, communication is limited to the local network.

Gateways receive data from a network using one type of protocol stack removes that protocol stack and repackages it with the protocol stack that the other network can use.

Subnetworks

A subnet mask is used to mask a portion of the IP address, so that TCP/IP can tell the difference between the network ID and the host ID. TCP/IP uses the subnet mask todetermine whether the destination is on a local or remote network.

2.10 Identify the basic characteristics (e.g., speed, capacity, media) of the following WAN technologies:

Packet switching vs. circuit switching

WAN technologies use either circuit switching or packet switching as a connection method.

With circuit switching, data travels over a fixed path that is established at the beginning of the connection and remains open until the connection is terminated. A telephone call is an example of a circuit switched link. When you dial a number the telecommunication provider, establishes an open circuit between your phone and the phone of the person you are calling. No other calls can be placed over this circuit until you hang up.

Packet switching offers more efficient use of a telecommunication provider's network bandwidth. With packet switching, the switching mechanisms on the network route each data packet from switch to switch individually over the network using the best-available path. Any one physical link in a packet-switched network can carry packets from many different senders and for many different destinations. In a circuit switched connection the bandwidth is dedicated to one sender and receiver only.

ISDN

Integrated Services Digital Network adapters can be used to send voice, data, audio, or video over standard telephone cabling. ISDN adapters must be connected directly toa digital telephone network. ISDN adapters are not actually modems, since they neither modulate nor demodulate the digital ISDN signal.

Like standard modems, ISDN adapters are available both as internal devices that connect directly to a computer's expansion bus and as external devices that connect to one of a computer's serial or parallel ports. ISDN can provide data throughput rates from 56 Kbps to 1.544 Mbps using a T1 service.

ISDN hardware requires a NT (network termination) device, which converts network datasignals into the signaling protocols used by ISDN. Some times, the NT interface is

included, or integrated, with ISDN adapters and ISDN-compatible routers. In other cases, an NT device separate from the adapter or router must be implemented.

ISDN works at the physical, data link, network, and transport layers of the OSI Model.

FDDI

Fiber Distributed Data Interface, shares many of the same features as token ring, such as a token passing, and the continuous network loop configuration. But FDDI has better fault tolerance because of its use of a dual, counter-rotating ring that enables the ring to reconfigure itself in case of a link failure. FDDI also has higher transfer speeds, 100 Mbps for FDDI, compared to 4 - 16 Mbps for Token Ring.

Unlike Token Ring, which uses a star topology, FDDI uses a physical ring. Each devicein the ring attaches to the adjacent device using a two stranded fiber optic cable. Data travels in one direction on the outer strand and in the other direction on the inner strand. When all devices attached to the dual ring are functioning properly, data travels on only one ring. FDDI transmits data on the second ring only in the event of a link failure.

Media MACMethod

Signal Propagation Method Speed Topologies MaximumConnections

Fiber-optic

Token passing

Forwarded from device to device(or port to port on a hub) in aclosed loop

100 Mbps

Double ring Star

500 nodes

ATM

To transmit data Asynchronous Transfer Mode uses fixed sized packets of 53 bytes longcalled cells and provides data transfer rates from 25 Mbps to 2400 Mbps. ATM can be used with twisted pair and fiber optic cabling.

By using standard sized cells, ATM can provide constant, high-speed data streams thataudio, video, and imaging applications require.

Frame Relay

Frame Relay is a WAN technology connection speeds range from 56 Kbps to 1.544 Mbps using a T1 carrier service, and speeds up to 45 Mbps using a T3 carrier service. Frame relay is a packet switched networking protocol.

To connect two or more LANs using Frame Relay, a company must lease one dedicated access line to the Frame Relay network for each LAN. Frame Relay access lines often use a T1/ E1 line.

Sonet/SDH

Synchronous Optical Network, is a standard for optical telecommunications transport. It was formulated by the ECSA for ANSI, which sets industry standards in the United States for telecommunications and other industries. The comprehensive SONET/synchronous digital hierarchy (SDH) standard is expected to provide the transport infrastructure for worldwide telecommunications for at least the next two or three decades.

T1/E1

A 1.544 Mbps point to point dedicated, digital circuit provided by the telephone companies. T1 lines are widely used for private networks as well as interconnections between an organizations LAN and the telco.

A T1 line uses two pairs of wire one to transmit, and one to receive. and time division multiplexing (TDM) to interleave 24 64-Kbps voice or data channels. The standard T1 frame is 193 bits long, which holds 24 8-bit voice samples and one synchronization bit with 8,000 frames transmitted per second. T1 is not restricted todigital voice or to 64 Kbps data streams. Channels may be combined and the total 1.544 Mbps capacity can be broken up as required.

T3/E3

A T3 line is a super high-speed connection capable of transmitting data at a rate of 45 Mbps. A T3 line represents a bandwidth equal to about 672 regular voice-grade telephone lines, which is wide enough to transmit real time video, and very large databases over a busy network. A T3 line is typically installed as a major networkingartery for large corporations, universities with high-volume network traffic and for the backbones of the major Internet service providers.

OC

Optical Carrier, designations are used to specify the speed of fiber optic networks that conforms to the SONET standard.

Level Speed

OC-1 51.85 Mbps

OC-3 155.52 Mbps

OC-12 622.08 Mbps

OC-24 1.244 Gbps

OC-48 2.488 Gbps

2.11 Define the function of the following remote access protocols and services:

RAS

Remote Access Service A service that provides remote networking for telecommuters, mobile workers, and system administrators who monitor and manage servers at multiple branch offices. Users with RAS can dial in to remotely access their networks for services such as file and printer sharing, electronic mail, scheduling, and SQL database access.

PPP

Point to point Protocol facilitates Internet connections over serial lines, includingmodem connections. PPP software requires only a destination address usually a phone number for modem connections and a user login in order to negotiate a complete configuration for each session.

VPN

Virtual private network A remote LAN that can be accessed through the Internet by using PPTP

2.12 Identify the following security protocols and describe their purpose and function:

IPsec

IP Security, is a set of protocols used to support secure exchange of packets at the IP layer.

IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only the data portion of each packet, but leaves the header untouched. The more secure Tunnel mode encrypts both the header and the data portion.

For IPsec to work, the sending and receiving devices must share a public key. This isaccomplished through a protocol known as Internet Security Association and Key Management Protocol/Oakley, which allows the receiver to obtain a public key and authenticate the sender using digital certificates.

L2TP

Layer Two Tunneling Protocol is an extension to the PPP protocol that enables ISPs tooperate Virtual Private Networks. L2TP combines the best features of two other tunneling protocols: PPTP from Microsoft and L2F from Cisco Systems.

PPTP

PPTP is a networking technology that supports multiprotocol virtual private networks,enabling remote users to access networks securely across the Internet by dialing intoan ISP or by connecting directly to the Internet.

SSL

Secure Sockets Layer is a protocol that supplies secure data communication through data encryption and decryption. SSL enables communications privacy over networks by using a combination of public key, and bulk data encryption.

Kerberos

An authentication system, Kerberos is designed to enable two parties to exchange private information across an open network. It works by assigning a unique key, called a ticket, to each user that logs on to the network. The ticket is then embedded in messages to identify the sender of the message.

2.13 Define the purpose and function of Voice Over IP.

VoIP is the ability to make telephone calls and send faxes over IP based data networks with a suitable quality of service (QoS) and superior cost/benefit.

Domain 3 Network Implementation3.1 Describe the basic capabilities (i.e., client support, interoperability, authentication, file and print services, application support, and security) of the following server operating systems:

UNIX/Linux

Interoperability

Open source software such as SAMBA is used to provide Windows users with Server Message Block (SMB) file sharing.

Authentication

Centralized login authentication

File and Print Services

Network File System (NFS) is a distributed file system that allows users to access files and directories located on remote computers and treat those files and directories as if they were local.

LPR/LPD is the primary UNIX printing protocol used to submit jobs to the printer. TheLPR component initiates commands such as "print waiting jobs," "receive job," and "send queue state," and the LPD component in the print server responds to them.

Security

With most Unix operating systems, the network services can be individually controlledto increase security.

Netware

Client Support

NetWare 5 comes with Novell Client software for three client platforms: DOS and Windows 3.1x, Windows 95/98, and Windows NT.

Interoperability

You can set the Novell Clients for Windows 95/98 and Windows NT to work with one of three network protocol options: IP only, IP and IPX, or IPX only.

Authentication

Centralized login authentication

File and Print Services

File Services NetWare offers two choices of mutually compatible file services: NovellStorage Services (NSS) and the traditional NetWare File System. Both kinds of file services let you store, organize, manage, access, and retrieve data on the network.

NSS gathers all unpartitioned free space that exists on all the hard drives connectedto your server, together with any unused space in NetWare volumes, and places it intoa storage pool. You create NSS volumes from this storage pool during server installation or later through NWCONFIG.

Novell Distributed Print Services (NDPS) is the default and preferred print system inNetWare. NDPS supports IP-based as well as IPX-based printing.

Security

Novell has support for a public key infrastructure built into NetWare 5 using a public certificate, developed by RSA Security.

Windows 2000

Client Support

Windows 3.x, Windows 95, Windows 98, and Windows NT Workstation 4.0.

Interoperability

Windows 2000 Server supports UNIX, Novell NetWare, Windows NT Server 4.0, and Macintosh.

Authentication

Successful user authentication in a Windows 2000 computing environment consists of two separate processes: interactive logon, which confirms the user's identification to either a domain account or a local computer, and network authentication, which confirms the user's identification to any network service that the user attempts to access.

Types of authentication that Windows 2000 supports are:

Kerberos V5 is used with either a password or a smart card for interactive logon. It is also the default method of network authentication for services.TheKerberos V5 protocol verifies both the identity of the user and network services.

Secure Socket Layer/Transport Layer Security (SSL/TLS) authentication, is used when a user attempts to access a secure Web server.

File and Print Services

You can add and maintain printers in Windows 2000 using the print administration wizard, and you can add file shares using Active Directory management tools. Windows 2000 also offers Distributed File Services, which let you combine files on more than one server into a single share.

Security

User-level security protects shared network resources by requiring that a security provider authenticate a user’s request to access resources. The domain controller , grants access to the shared resource by verifying that the user name and password arethe same as those on the user account list stored on the network security provider. Because the security provider maintains a network-wide list of user accounts and passwords, each client computer does not have to store a list of accounts.

Share-level security protects shared network resources on the computer with individually assigned passwords. For example, you can assign a password to a folder or a locally attached printer. If other users want to access it, they need to type inthe appropriate password. If you do not assign a password to a shared resource, everyuser with access to the network can access that resource.

See also Encrypting File System

AppleShare

Client Support

TCP/IP file sharing with Macintosh clients using Network File System (NFS), and File Transfer Apple File Protocol 3.0.

Interoperability

Windows Server Message Block (SMB) file sharing.

File and Print Services

File Services:

Apple Filing Protocol (AFP) over TCP/IP and AppleTalk

Server Message Block (SMB) over TCP/IP

File Transfer Protocol (FTP) overTCP/IP

Print Services:

PAP (AppleTalk)

LPR/LPD

Application Support

HTTP Mail (SMTP, POP, IMAP and Authenticated Post Office Protocol APOP)

Mac CGI

Mac OS X Server

Client Support

TCP/IP file sharing with Macintosh clients using Network File System (NFS), and File Transfer Apple File Protocol 3.0.

Interoperability

Mac OS X Server uses the Open Source SAMBA to provide Windows users with Server Message Block (SMB) file sharing. Network File System (NFS) lets you make folders available to UNIX and Linux users.

Authentication

Kerberos support for centralized login authentication.

File and Print Services

Mac OS X Server provides support for native Macintosh, Windows, UNIX, and Linux file sharing. Protocols supportedinclude:

Apple file services (AFP 3.0) from any AppleShare client over TCP/IP

Windows (SMB/CIFS) file sharing using Samba

Network File System (NFS) for UNIX and Linux file access

Internet (FTP)

Built-in print services can spool files to anyPostScript-capable printer over TCP/IP, AppleTalk, or USB. Macintosh customers can usethe LPR support in Print Center or the DesktopPrinter utility to connect to a shared printer. Windows users can use their native SMB/CIFS protocol to connect to a shared printer. Print services for OS X Server

Macintosh and UNIX (LPR/LPD)

Windows (SMB/CIFS)

Application Support

Apache web server WebObjects 5 Deployment WebDAV MySQL JavaServer Pages Mac CGI

Caching web proxy

QuickTime Streaming Server Mail (SMTP, POP, IMAP) SSL PHP Java Servlets

Perl

Security

Multiple-user architecture and user-level access privileges. Secure Sockets Layer (SSL) support provides encrypted and authenticated

client/server communications. Secure Shell (SSH) provides encryption and authentication for secure remote

administration.

Kerberos support for centralized login authentication.

3.2 Describe the basic capabilities, (i.e., client connectivity, local security mechanisms, and authentication) of the following client operating systems:

See 3.1 above

3.3 Describe the main characteristics of VLANs.

A Virtual LAN is a group of devices on one or more LANs that are configured using management software so that they can communicate as if they were attached to the sameLAN segment, when in fact they are located on a number of different segments. BecauseVLANs are based on logical instead of physical connections, they are more flexible.

For a computer to communicate with devices on different LAN segments other than the segment it is located on, requires the use of a router. And as networks expand, more routers are needed to separate users into broadcast and collision domains, and provide connectivity to other LANs. Since routers add latency, this can result in thedelay of data transfer over the network.

Switches are used in VLANs to create the same division of the network into separate broadcast domains, but without the latency problems of a router.

Advantages to using VLANs:

Switched networks increase performance, by reducing the size of collision domains. Users can be grouped into logical networks which will increase performance by limiting broadcast traffic to users performing similar functions or within individualworkgroups. Less traffic needs to be routed, causing the latency added by routers to be reduced.

VLANs provide an easier way to modify logical groups in changing environments. VLANs make large networks more manageable by allowing centralized configuration of devices located in physically different locations.

Software configurations can be made across machines with the consolidation of a department’s resources into a single subnet. IP addresses, subnet masks, and local network protocols will be more consistent across the entire VLAN.

VLANs provide independence from the physical topology of the network by allowing physically diverse workgroups to be logically connected within a single broadcast domain.

A switched network delivers frames only to the intended recipients, and broadcast frames only to other members of the VLAN. This allows the network administrator to segment users requiring access to sensitive information into separate VLANs from the rest of the general user community regardless of physical location, thus enhancing security.

3.4 Describe the main characteristics of network-attached storage.

RAID

Redundant Array of Inexpensive (or Independent) Disks. A RAID array is a collection of drives which collectively act as a single storage system, which can tolerate the failure of a drive without losing data, and which can operate independently of each other.

Level 0 referred to as striping, is not redundant. Data is split across drives, resulting in higher data throughput. Since no redundant information is stored, performance is very good, but the failure of any disk in the array results in all data loss.

Level 1 referred to as mirroring with 2 hard drives. It provides redundancy by duplicating all data from one drive on another drive. Performance is better than a single drive, but if either drive fails, no data is lost. This is a good entry-level redundant system, since only two drives are required.

Level 2, which uses Hamming error correction codes, is intended for use with drives which do not have built-in error detection. All SCSI drives support built-in error detection, so this level is not needed if using SCSI drives.

Level 3 stripes data at a byte level across several drives, with parity stored on onedrive. It is otherwise similar to level 4. Byte-level striping requires hardware support for efficient use.

Level 4 stripes data at a block level across several drives, with parity stored on one drive. The parity information allows recovery from the failure of any single drive. Performance is very good for reads. Writes, however, require that parity data be updated each time. This slows small random writes, in particular, though large writes or sequential writes are fairly fast.

Level 5 striping with distributed parity. Similar to level 4, but distributes parity among the drives. No single disk is devoted to parity. This can speed small writes inmultiprocessing systems. Because parity data must be distributed on each drive duringreads, the performance for reads tends to be considerably lower than a level 4 array.

3.5 Explain when to implement fault tolerance and disaster recovery.

Fault tolerance is the ability of a system to continue functioning when part of the system fails. Normally, fault tolerance is used in describing disk subsystems, but itcan also apply to other parts of the system or the entire system. Fully fault-tolerant systems use redundant disk controllers and power supplies as well as fault-tolerant disk subsystems. You can also use an uninterruptible power supply (UPS) to safeguard against local power failure.

Although the data is always available in a fault-tolerant system, you still need to make backups that are stored offsite to protect the data against disasters such as a fire.

3.6 Given a remote connectivity scenario, select the appropriate communication approach, protocol, and settings to apply.

IP

Determine whether the remote access server will use DHCP or a static IP address pool to obtain addresses for dial-up clients. If you use a static IP address pool, determine whether the pool will be ranges of addresses that are a subset of addressesfrom the IP network to which the server is attached or a separate subnet. If the static IP address pool address ranges represent a different subnet, ensure that routes to the address ranges exist in the routers of your intranet so that traffic toconnected remote access clients is forwarded to the remote access server.

IPX

Internetwork Packet Exchange (IPX) is the traditional Novell communications protocol that sends data packets to requested destinations (such as workstations or servers).

An IPX network address is a hexadecimal number, one to eight digits (1 to FFFFFFFE), that identifies a specific network cable segment. IPX network segments can process more than one frame type. Each frame type that is used on the network is treated as alogical network segment and requires its own IPX address—even though each frame type is using the same network board and physical cable segment.

PPP

Point-to-Point Protocol, is a set of industry-standard framing and authentication protocols that enable remote access solutions to function in a multivendor network. It is recommended that you use PPP because of its flexibility and its role as an industry standard as well as for future flexibility with client and server hardware and software.

PPP support enables computers to dial in to remote networks through any server that complies with the PPP standard. PPP also enables remote access clients to use any combination of IPX, TCP/IP, NetBEUI, and AppleTalk. Remote access clients running Windows NT and Windows 2000, Windows 98, and Windows 95 can use any combination of TCP/IP, IPX, and NetBEUI and programs written to the Windows Sockets, NetBIOS, or IPXinterface. Microsoft remote access clients do not support the use of the AppleTalk protocol over a remote access connection.

PPP standards are defined in Requests for Comments (RFCs), which are published by theInternet Engineering Task Force and other working groups.

PPP connection sequence

When you connect to a remote computer, PPP negotiation accomplishes the following:

Framing rules are established between the remote computer and server. This allows continued communication (frame transfer) to occur.

The remote access server then authenticates the remote user by using the PPP authentication protocols (MS-CHAP, EAP, CHAP, SPAP, PAP). The protocols that are invoked depend on the security configurations of the remote client and server.

Once authenticated, if callback is enabled, the remote access server hangs up and calls the remote access client.

The Network Control Protocols (NCPs) enable and configure the remote client forthe desired LAN protocols.

PPTP Point-to-Point Tunneling Protocol is networking technology that supports multiprotocol virtual private networks (VPNs), enabling remote users to access corporate networks securely across the Internet. Unlike the Point-to-Point Protocol (PPP), which is designed to support a dial-up network connection to the Internet, PPTP does not rely upon a dial-up connection. It can be used to provide secure, tunneled end-to-end Internet connections through other remote access technologies, such as Internet access provided through DSL.

Authentication

Microsoft dial-up networking clients typically use MS-CHAP authentication. Non-Microsoft dial-up networking clients use CHAP, SPAP, and PAP authentication.

CHAP Challenge Handshake Authentication Protocol is a challenge-response authentication protocol that uses the industry-standard Message Digest 5 (MD5) hashing scheme to encrypt the response. CHAP is used by various vendors of network access servers and clients.

MS-CHAP Microsoft Challenge Handshake Authentication Protocol. MS-CHAP is a nonreversible, encrypted password authentication protocol. The challenge handshake process works as follows:

The remote access server or the IAS server sends a challenge to the remote access client that consists of a session identifier and an arbitrary challenge string.

The remote access client sends a response that contains the user name and a nonreversible encryption of the challenge string, the session identifier, and the password.

The authenticator checks the response and, if valid, the user's credentials areauthenticated.

PAP Password Authentication Protocol uses plaintext passwords and is the least sophisticated authentication protocol. It is typically negotiated if the remote access client and remote access server cannot negotiate a more secure form of validation.

SPAP Shiva Password Authentication Protocol is a reversible encryption mechanism employed by Shiva. This form of authentication is more secure than plaintext but lesssecure than CHAP or MS-CHAP.

3.7 Identify the purpose and benefits of using a firewall/proxy.

Firewall

A firewall is used to prevent unauthorized access to or from a network. They are frequently used to prevent unauthorized users from accessing private networks

connected to the Internet, especially intranets. All messages entering or leaving theintranet pass through the firewall, which examines each message and blocks those thatdo not meet the specified security criteria.

Firewall techniques:

Packet filter looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules.

Application gateway applies security mechanisms to specific applications, such as FTP and Telnet servers.

Circuit-level gateway applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between thehosts without further checking.

Proxy

Is a server that sits between a client application, such as a web browser, and a realserver.When a client program makes a request, the proxy server responds by translating the request and passing it to the Internet. When a computer on the Internet responds, the proxy server passes that response back to the client program on the computer that made the request. The proxy server computer has two network interfaces: one connected to the LAN and one connected to the Internet.

The primary security features of Proxy Server are:

It blocks inbound connections. LAN clients can initiate connections to Internet servers, but Internet clients

cannot initiate connections to LAN servers. It can restrict outbound connections.

3.8 Given a scenario, predict the effects of a particular security implementation on network performance.

Encryption

Windows 2000

The Encrypting File System (EFS) provides the core file encryption technology used tostore encrypted files on NTFS file system volumes. Once you encrypt a file or folder,you work with the encrypted file or folder just as you do with any other files and folders. Encryption is transparent to the user that encrypted the file. This means that you do not have to decrypt the encrypted file before you can use it. You can open and change the file as you normally do. However, an intruder who tries to accessyour encrypted files or folders will be prevented from doing so. An intruder receivesan access denied message if the intruder tries to open, copy, move, or rename your encrypted file or folder.

You encrypt or decrypt a folder or file by setting the encryption property for folders and files just as you set any other attribute such as read-only, compressed, or hidden. If you encrypt a folder, all files and subfolders created in the encryptedfolder are automatically encrypted. It is recommended that you encrypt at the folder level.

You can also encrypt or decrypt a file or folder using the command-line function cipher. For more information about the cipher command, type cipher /? at a command prompt.

Main points about EFS

Only files and folders on NTFS volumes can be encrypted.

You cannot encrypt files or folders that are compressed. First you must uncompress the file or folder, then you can encrypt it. On a compressed volume, uncompress folders you want to encrypt.

You cannot share encrypted files.

Encrypted files can become decrypted if you copy or move the file to a volume that isnot an NTFS volume.

Use cutting and pasting to move files into an encrypted folder. If you use a drag-and-drop operation to move the files, they will not automatically be encrypted in thenew folder.

System files cannot be encrypted.

Encrypting a folder or file does not protect against deletion. Anyone with delete permission can delete encrypted folders or files.

3.9 Given a network installation scenario, select the appropriate NIC and configuration settings.

full/half duplex

Half duplex refers to the transmission of data in just one direction at a time. Full duplex refers to the transmission of data in two directions simultaneously. Most NICscontain a setting that lets you select between half-duplex and full-duplex modes.

Speeds

Make sure the NIC is the right speed for the network, if it is 100Base-TX then use a NIC capable of 100 Mbps.

Domain 4 Network Support 4.1 Given a troubleshooting scenario, select the appropriate TCP/IP utility from among the following:

tracert

Tracert Utility runs at a Command prompt. It can trace a path from you to an URL or IP address. It does this by sending an ICMP echo packet, to the named host. This willshow how many hops the packets have to travel and how long it takes.

Syntax for tracert :

-d Do not resolve addresses to hostnames. -h Maximum number of hops to search for target. -j Loose source route along host-list. -w Change time-out value.

ping

Is command, which forwards a packet to a URL over the Internet or within an Intranet.This verifies that TCP/IP is configured correctly and that a connection can be made.

The basic ping command syntax is "ping hostname".

Ping 127.0.0.1 This is the loopback address and verifies that the computer that you are pinging from can communicate via TCP/IP with its own ethernet adapter.

arp

Address Resolution Protocol, a TCP/IP protocol used to convert an IP address into a physical address (called a DLC address), such as an Ethernet address. A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address.

There is also Reverse ARP (RARP) which can be used by a host to discover its IP address. In this case, the host broadcasts its physical address and a RARP server replies with the host's IP address.

ARP Syntax:

-a or arp -g Both of these commands do the same thing. They display the contents of your current arp cache.

-s (IP address hardware address) This commands a static entry to the arp cache. -d (IP address) Removes and entry from the arp cache.

netstat

Display protocol information and connection status and provides useful information regarding traffic flow.

Syntax:

netstat -i lists statistics for each interface. netstat -s provides a full listing of several counters. netstat -rs provides routing table statistics. netstat -an reports all open ports.

nbstat

Checks NETBIOS connections and update LMHOSTS cache.

Syntax:

-a Lists the remote machine's name table given its name -A Lists the remote machine's name table given its IP address. -c Shows the Netbios cache, including the IP addresses -n Lists local NetBIOS names. -R Reloads the Netbios name cache from the lmhosts file.

ipconfig

Allows you to view TCP/IP settings and configuration.

winipcfg

This utility allows users or adminstrators to see the current IP address and other useful information about your network configuration.

You can reset one or more IP addresses. The Release or Renew buttons allow you to release or renew one IP address. If you want to release or renew all IP addresses click Release All or Renew All.

When one of these buttons is clicked, a new IP address is obtained from either the DHCP service or from the computer assigning itself an automatic private IP address.

To use the winipcfg utility

1. Click Start, and then click Run and type winipcfg 2. Click More Info. 3. To see the addresses of the DNS servers the computer is configured to use,

click the ellipsis (...) button to the right of DNS Servers. 4. To see address information for your network adapter(s), select an adapter from

the list in Ethernet Adapter Information.

nslookup

Nslookup (Name Server lookup) is a UNIX shell command to query Internet domain name servers.

For example if you did an nslookup on studynotes.net these are some of the results you could obtain.

Query Hostname Real Hostname IP Address

Nameserver NS2.TERA-BYTE.COM ns2.tera-byte.com 216.234.161.12

Nameserver NS1.TERA-BYTE.COM raptor.tera-byte.com 216.234.161.11

Nameserver NS3.TERA-BYTE.COM ns3.tera-byte.com 204.209.56.2

Mailserver studynotes.net (pref = 5) studynotes.net 216.194.69.204

Webserver www.studynotes.net studynotes.net 216.194.69.204

FTP server ftp.studynotes.net studynotes.net 216.194.69.204

Definitions

Nameserver: These are the servers that the internet uses to find out more aboutthe domain. Usually they are an ISP's computer.

Mailserver: Where email is sent to. Webserver: The domains website. FTPserver: FTP is file transfer protocol, this server is where files may be

stored. Hostname: The name of the host as given by the domain. Real Hostname: This is hostname that you get by reverse resolving the IP

address, may be different to the given hostname. IP Address: Unique four numbered identifier that is obtained by resolving the

hostname.

4.2 Given a troubleshooting scenario involving a small office/home office network failure (e.g., xDSL, cable, home satellite, wireless, POTS) identify the cause of the failure.

Example:

Mary works in an small office where there are 4 computers in a peer to peer configuration running Windows 98 se. She would like to access the Internet through the modem which is attached to Bob's computer.

How would you set this up so Mary and the other users in her office could connect to the Internet through Bob's modem?

Solution: Install Internet Connection Sharing

Problem: Internet Connection Sharing is installed but Mary still can not connect through Bob's modem.

1. Under LAN and Internet sharing settings is enable Internet connection sharing enabled ?

2. The Internet Connection Sharing wizard will set the IP address of the Connection Sharing computer (Bob's) to 192.168.0.1. are the other computers on the network set statically to an IP address in the range from 192.168.0.2 to 192.168.0.253. ?

3. Is TCP/IP installed properly on all computers ?

As you can see this is just one of many possible scenarios, this is why we need your help.

4.3 Given a troubleshooting scenario involving a remote connectivity problem (e.g., authentication failure, protocol configuration, and physical connectivity) identify the cause of the problem.

4.4 Given a security scenario identify the requirements for an acceptable password.

4.5 Given a network installation scenario configure the appropriate computer/host name and user name.

4.6 Given a network installation scenario, including specific parameters, configure aworkstation to connect to the following servers:

UNIX/Linux

Netware

Windows

Macintosh

4.7 Given a network installation task select the appropriate networking tool to apply(e.g., wire crimper, media tester/certifier, punch down tool, tone generator, opticaltester, etc.).

4.8 Given network maintenance scenario determine whether the visual indicators are indicating a problem with the network.

4.9 Given a network maintenance scenario, including output from a diagnostic utility (e.g. tracert, ping, ipconfig, etc), identifies the utility and interpret the output.

4.10 Given a network maintenance scenario predict the effects of modifying, adding, or removing network components on network resources and users.

4.11 Given a network problem scenario select an appropriate course of action based ona general troubleshooting strategy. This strategy includes the following steps 1) establish symptoms 2) identify the affected area 3) establish what has changed 4)

select the most probably cause 5) implement a solution 6) test the result 7) recognize the potential effects of the solution 8) document the solution

4.12 Given a troubleshooting scenario involving a network with a particular physical topology (i.e., bus, star/hierarchical, mesh, ring, wireless) and including a networkdiagram, identify the network are effected and the cause of the problem.

4.13 Given a network troubleshooting scenario involving a client connectivity problemidentify the problem:

Incorrect protocol

Client software

Authentication configuration

Insufficient rights/permissions

4.14 Given a network troubleshooting scenario involving a wiring/infrastructure problem, identify the cause of the problem:

Bad media

Interference

Network hardware

Fill-in Question

Domain 01If computers are connected in a row, along a single cable this is called a bus topology, if they branch out from a single junction or hubthis is known as a star topology. When computers are connected to a cable that forms a continuous loop this is called a ring topology.

Mesh networks provide redundancy, in the event of a link failure.

Ring topology is an active topology because each computer repeats (boosts) the signal before passing it on to the next computer.

The IEEE 802.5 Token Ring standards define services for the OSI physical layer and the MAC sublayer of the data link layer.

Fiber Distributed Data Interface, shares many of the same features as token ring networks.

FDDI has better fault tolerance because of its use of a dual, counter-rotating ring that enables the ring to reconfigure itself in case of a link failure.

RJ-45 connectors are used with 10-100BaseT cables. These resemble telephone RJ-11 connectors, but are larger and house 8 wires.

The transceiver for thicknet Ethernet includes a vampire tap which pierces the thicknet cable to make the network connection.

A BNC barrel connector can be used to connect two lengths of cables together. But It is better to use one continuous length of cable, as these connectors weaken the signal strength.

Twisted-pair cabling comes in two basic types shielded and unshielded.

A Hub is a component that provides a common connection point for computers, printers, and other network devices in a star topology network.

There are two basic types of hubs, passive and active.

Active Hubs regenerate and retransmit the data signal.

A bridge is used to join two network segments together, it allows computers on either segment to access resources on the other. They can also be used to divide large networks into smaller segments.

Brouters are a combination bridge, and router in one device.

In order to communicate with a host on another network, an IP host mustbe configured with a route to the destination network. If a configuration route is not found, the host uses the gateway to transmitthe traffic to the destination host.

ISDN adapters must be connected directly to a digital telephone network.Domain 2SNMP, SMTP, FTP, TELNET, HTTP, NCP, SMB, and Appletalk are protocols that operate at the OSI application layer.

The presentation layer encodes and converts user information into binary data, also provides protocol conversion, encryption, and compression.

The session layer opens manages, and closes conversations between two computers. It performs name recognition and the functions such as security, needed to allow two applications to communicate over the network, also provides error handling.

The network layer routes data packets across network segments. Translates logical addresses and names into physical addresses.

IP is the standard for data packet delivery over the Internet.

UDP runs on top of IP and is used as an alternative to TCP.

SMTP is used to transfer mail messages between two remote computers. Itis used on the Internet, and is part of the TCP/IP protocol stack.

HTTPS is http using a Secure Socket Layer (SSL).

The first digit of a Class C address will be a number between 192 and 223, the network ID start bit is 110 and their default subnet mask is 255. 255. 255.0

Most e-mail applications use the POP3 protocol, although some use the newer IMAP.

Telnet is short for Telecommunication Network, a virtual terminal protocol allowing a user logged on to one TCP/IP host to access other hosts on the network.

Dynamic Host Configuration Protocol is a server service. When a DHCP server is configured on a network, clients that support DHCP can request TCP/IP configuration information from the server.

Domain Name System enables short alphabetical names to be assigned to IP addresses to describe where a computer is located.

The first digit of a Class B addresses will be a number between 128 and191, the network ID start bit is 10 and the default subnet mask is 255.255.0.0

If the routers that connect subnets are RFC 1542 compliant routers, theDHCP/BOOTP relay agent can provide IP addresses to clients in multiple subnets.

While DNS resolves host names to IP addresses, WINS resolves NetBIOS names to IP addresses.

SNMP uses small utility programs called agents to monitor behavior and traffic on the network, in order to gather statistical data.

The first digit of a Class A addresses will be a number between 1 and 126, the network ID start bit is 0 and default subnet mask is 255.0.0.0

A Gateway is a device used to connect networks using different protocols.

A Subnet mask is used to mask a portion of the IP address, so that TCP/IP can tell the difference between the network ID and the host ID.

WAN technologies use either circuit switching or packet switching as a connection method.

Packet switching offers more efficient use of a telecommunication provider's network bandwidth.

With circuit switching, data travels over a fixed path that is established at the beginning of the connection and remains open until the connection is terminated.

ISDN adapters must be connected directly to a digital telephone network.

ISDN hardware requires a NT device, which converts network data signalsinto the signaling protocols used by ISDN.

FDDI, shares many of the same features as token ring, such as a token passing, and the continuous network loop configuration, but has better fault tolerance

ATM uses fixed sized packets of 53 bytes long called cells and providesdata transfer rates from 25 Mbps to 2400 Mbps.

Optical Carrier (OC), designations are used to specify the speed of fiber optic networks that conforms to the SONET standard.

An authentication system, Kerberos is designed to enable two parties toexchange private information across an open network. It works by assigning a unique key, called a ticket, to each user that logs on to the network.

Domain 3Successful user authentication in a Windows 2000 computing environment consists of two separate processes: interactive logon, which confirms the user's identification to either a domain account or a local computer, and network authentication, which confirms the user's identification to any network service that the user attempts to access.

Windows 2000 offers Distributed File Services, which let you combine files on more than one server into a single share.

User level security protects shared network resources by requiring thata security provider authenticate a user’s request to access resources.

Share level security protects shared network resources on the computer with individually assigned passwords.

Secure Sockets layer (SSL) support provides encrypted and authenticatedclient/server communications.

Secure shell (SSH) provides encryption and authentication for secure remote administration.

Half duplex refers to the transmission of data in just one direction ata time. Full duplex refers to the transmission of data in two directions simultaneously.

In win 2000 system files cannot be encrypted.

In win 2000 you cannot share encrypted files.

Only files and folders on NTFS volumes can be encrypted.

File Services NetWare offers two choices of mutually compatible file services: Novell Storage Services (NSS) and the traditional NetWare File System. Both kinds of file services let you store, organize, manage, access, and retrieve data on the network.

Novell Distributed Print Services (NDPS) is the default and preferred print system in NetWare. NDPS supports IP-based as well as IP-based printing.

A V LAN is a group of devices on one or more LANs that are configured using management software so that they can communicate as if they were attached to the same LAN segment, when in fact they are located on a number of different segments.

For a computer to communicate with devices on different LAN segments other than the segment it is located on, requires the use of a router.

Switched networks increase performance, by reducing the size of collision domains. Users can be grouped into logical networks which will increase performance by limiting broadcast traffic to users performing similar functions or within individual workgroups.

A RAID array is a collection of drives which collectively act as a single storage system, which can tolerate the failure of a drive without losing data, and which can operate independently of each other.

Level 0 referred to as striping, is not redundant. Data is split acrossdrives, resulting in higher data throughput. Since no redundant information is stored, performance is very good, but the failure of anydisk in the array results in all data loss.

Level 5 striping with distributed parity, Distributes parity among the drives. No single disk is devoted to parity. This can speed small writes in multiprocessing systems.

Fully fault-tolerant systems use redundant disk controllers and power supplies as well as fault-tolerant disk subsystems.

Internetwork Packet Exchange (IPX) is the traditional Novell communications protocol that sends data packets to requested destinations

PPTP stands for Point to Point Tunneling Protocol

Microsoft dial-up networking clients typically use MS CHAP authentication.

Kerberos is designed to enable two parties to exchange private information across an open network. It works by assigning a unique key,called a ticket, to each user that logs on to the network. The ticket is then embedded in messages to identify the sender of the message.

Question1) IP, and IPX operate at what layer?

a) Presentationb) Applicationc) Sessiond) Transporte) Networkf) Data Link

2) What is, or is becoming the topology of choice for networks ?a) Busb) Starc) Hierarchicald) Mesh

3) If computers are connected along a single cable this is called what type of topology ?a) Starb) Busc) Hierarchicald) Mesh

4) 1000Base-T is not a Category 5 cable.a) Trueb) False

5) Mesh topologies are the least expensive and are easier to maintain.a) True b) False

6) RJ-45 connectors are used with ?a) Coaxb) Fiber-opticc) 1000Base-LX d) 10BASE-T

7) A repeater works at the physical and network layers.a) True b) False

8) In a star topology, if a hub fails all computers connected to it will also be affected.

a) True b) False

9) What type of topology is this ?

a) Meshb) Starc) Hierarchicald) Bus

10) Fiber networks use what kind of connectors ?a) SCb) BNCc) RJ-45d) RJ-11

11) SC and ST connectors offer the same features as far as distance and reliability.a) True b) False

12) Which layer do Repeaters, Hubs, Transceivers, and Amplifiers operate ?a) Applicationb) Sessionc) Transportd) Network e) Data Link f) Physical

13) What layer handles data frames between the Network and Physical layers?a) Presentationb) Session c) Transportd) Networke) Data Link

f) Physical

14) The number of computers on a bus network will NOT affect network performance.a) True b) False

15) A line break at any point along the trunk cable in a Bus network will result in total network failure.a) True b) False

16) DNS, FTP, SNMP, SMTP, and TELNET are all protocols that use what layer?a) Applicationb) Sessionc) Transportd) Networke) Data Linkf) Physical

17) What topology provides each device with a point-to-point connection to every other device in the network ?a) Starb) Busc) Meshd) Hierarchical

18) What OSI layer encodes and converts user information into binary data. Provides protocol conversion, encryption, and compression?a) Applicationb) Presentationc) Sessiond) Transporte) Network f) Data Link

19) In a basic Ring topology, if there is a line break, or if you are adding or removing a device anywhere in the ring this will bring down the network.a) True b) False

20) This layer represents the services, that directly support the userapplications such as software for file transfers, database access, and e-mail.a) Applicationb) Session c) Transportd) Networke) Data Linkf) Physical

21) RJ-45 connectors resemble telephone RJ-11 connectors, but are larger and house 12 wires.a) True b) False

22) 10Base-2 is also reffered too as ?a) Thicknetb) Thinnetc) unshielded twisted-paird) Category 3

23) Defines cabling and connections.a) Presentation b) Sessionc) Transportd) Network e) Data Link f) Physical

24) Ring topology is an?a) active topologyb) static topologyc) passive topologyd) dynamic topology

25) This is an ?

a) BNC barrel connectorb) SC connectorc) ST connectord) RJ-45 connector

26) A BNC connector is for ?a) Coaxialb) Fiber-optic c) Category 5d) 10Base-T

27) Ethernet is also known as?a) 802.5b) 803.2c) 802.11bd) 802.3

28) If one computer fails in a star topology the network will continueto function.a) True b) False

29) The maximum segment length of 10Base-5 is ?a) 500 mb) 100 mc) 2000 md) 187 m

30) This is an ?

a) RJ-45 connectorb) SC connectorc) ST connector d) BNC connector

31) Ethernet uses the Carrier Sense Multiple Access with Collision Detection access method.

a) True b) False

32) Token Ring networks usually use coax cables.a) True b) False

33) The maximum transfer speed of 10Base-5 is ?a) 100 Mbpsb) 2 Mbpsc) 1 Gbpsd) 10 Mbps

34) TCP, and SPX operate at what layer ?a) Presentationb) Session c) Transportd) Network e) Data Link f) Physical

35) Standard telephone cable connectors, usually have 4-6 wires.a) True b) False

36) The maximum segment length of 100Base-FX at half duplex is?a) 200 metersb) 500 metersc) 1000 metersd) 2000 meters

37) What type of topology is this ?

a) Meshb) Starc) Hierarchicald) Bus

38) STP cable protects signals from cross signaling that can result from other, nearby cables.a) True b) False

39) Token Ring standards define services for the OSI, MAC sublayer of the data link layer, and what other layer ?a) Applicationb) Sessionc) Physicald) Network

40) Wireless Ethernet.a) 802.5b) 803.2c) 802.11bd) 802.3

41) OSI layer that defines cables, NIC cards? a) Presentationb) Sessionc) Applicationd) Physicale) Networkf) Transport

42) Fiber Distributed Data Interface, shares many of the same featuresas?

a) Ethernetb) Token ringsc) Wireless Ethernet

43) A NIC works at the Data Link layer.a) True b) False

44) The Data Link layer is really two separate layers what are they ?a) Frame Access Control and Logical Link Controlb) Logical Link Control and Media Access Controlc) Link Control and Access Controld) Data Link Control and Network Access Control

45) A BNC barrel connector is used to connect two cables together, andincrease the signal strength.a) Trueb) False

46) Computers on a bus only listen for data being sent they do not move data from one computer to the next, this is called ?a) Active topologyb) passive topologyc) static topologyd) dynamic topology

47) A Bridge, and Switch work at what layer ?a) Applicationb) Presentationc) Sessiond) Network e) Data Linkf) Physical

48) SC and ST connectors can be used in the same network with the use of adapters or couplers.a) True b) False

49) Opens manages, and closes conversations between two computers, also performs name recognition and functions such as security, this describes what layer ?a) Application

b) Presentationc) Sessiond) Transporte) Network f) Data Link

50) Most Bus networks use what kind of cables ?a) unshielded twisted-pairb) 10Base-Tc) 100Base-TXd) coax

51) 1000Base-SX is a Fiber-optic cable.a) True b) False

52) This is an?

a) T connectorb) SC connector c) ST connector d) RJ-45 connector

53) What OSI layer manages who can transmit data at a certain time andfor how long?a) Applicationb) Presentationc) Sessiond) Transporte) Network f) Data Link

54) Redirectors operate at what layer?a) Applicationb) Presentationc) Transportd) Network e) Data Link f) Physical

55) A Gateway works at the Application, Presentation, Session, and Transport layers.a) True b) False

56) Since most star topologies use twisted-pair cables, this makes theinitial installation of star networks easier. a) True b) False

57) NetBEUI operates at both the Network and Transport.a) True b) False

58) What OSI layer translates logical network address and names to their physical address?a) Applicationb) Presentationc) Sessiond) Transporte) Networkf) Data Link

59) What type of topology is this?

a) Meshb) Starc) Hierarchicald) Bus

60) Which RAID level is disk mirroring associated with ?a) RAID0b) RAID1c) RAID2d) RAID3e) RAID4

f) RAID5

61) How does a server recognize the requested TCP/IP service of an IP-Packet ?a) MAC Addressb) Port numberc) Destination addressd) Source addresse) IP Address