1-10

Download Report

Transcript 1-10 

BIOS
(Basic Input Output Service)
 Contains system data used by the ROM BIOS service
routines.
 Serves as a standardized communication interface
between the computer’s hardware and the operating
system.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
1
BIOS
 Is a small ROM chip on the PC’s motherboard.
 A basic software program containing all BIOS
functions is permanently stored in the ROM.
 This software functions as a basic operating
system.
 Is responsible for starting the PC.
 This hardware integrated with software is also
referred to as firmware.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
2
Flow Chart of BIOS Functions
Turn on Computer
Pass through POST Error Free
YE
S
Plug’n’Play
N
O
Output to Monitor
Pass through POST Error Free
Test Boot Drive
Bootable media found
N
O
Pass through POST Error Free
NO
YE
S
Pass through POST Error Free
Load boot program
Start operating system
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
3
POST
(Power On Self Test)
 Takes place right after you power on.
 Contains diagnostic routines for
initializing the hardware and peripherals
the video card, the main memory, the processor, the
keyboard, etc.
Checking their functions
 Error message on screen if an error is detected. If
monitor cannot be detected, the beep codes are
output by the system loud speaker.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
4
Plug and Play
 Bios next looks for additional BIOS memory chips –
might be on a Plug and Play card such as video card
or a SCSI controller.
If present, they run their routines and supplement or replace
some functions of the system BIOS.
 If components no longer match the data stored in the
CMOS (i.e. hardware change), message appreas on
screen to update.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
5
Plug and Play
 After all hardware components have been found and
checked, Plug and Play goes to work.
 Interrupts and DMA channels of the plug-in cards in
the ISA and PCI buses are queried and distributed.
 Onboard hardware, located on motherboard and in its
ISA/PCI slots, are configured for operation.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
6
Bootstrap Loader
 BIOS next accesses the first sector of the hard drive,
alos termed the boot sector, and starts the “bootstrap
loader”
A small program that knows the file structure of the storage
medium and can call the operating system’s start routine.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
7
Operating System Kernel
 Next, the operating system kernel is read into main
memory and control of the hardware passes onto the
operating system.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
8
An Interpreter
 In old operating systems (DOS 6.2), the BIOS acts as a
mediator (or interface) between the hardware and the
software.
 New operating systems, circumvent the BIOS and
communicate directly with the hardware through the
appropriate drivers.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
9
BIOS Updating
 The BIOS is manufactured on FLASH technology. It is
easily updated.
 Previous versions of BIOS were developed on ROM,
EPROM,and EEPROM chips.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
10
DOS
(Disk Operating System) Fundamentals
 Consisted of two parts
The BIOS itself is one part of the operating system.
The other part consists of the operating system program files.
Program files consist of
Utilities
A kernel that is loaded into the main memory when the
computer boots.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
11
Microsoft Kernels
 Kernel of a Microsoft operating system consists
of
Msdos.sys
Io.sys
 MSDOS.sys controls the keyboard input and
the screen output.
 IO.sys communicates with the BIOS and
contains the actual program code of the
operating system and a process control for the
hardware.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
12
BIOS Data Area, at Segment 0040h
HEX OFFSET
0000 - 0007
0008 - 000F
0010 - 0011
0012
0013 - 0014
0015 - 0016
0017 -0018
0019
001A - 001B
001C - 001D
001E - 003D
003E - 0048
0049
004A - 004B
004C - 004D
004E - 004F
0050 - 005F
0060
0061
0062
0063 - 0064
0065
0066
0067 - 006B
006C - 0070
Presentation_ID
Description
Port addresses, COM1 - COM4
Port addresses, LPT1 - LPT4
Installed hardware list
initialization flag
memory size, in Kbytes
Memory in I/O channel
keyboard status flags
alternate key entry storage
Keyboard buffer pointer (head)
keyboard buffer pointer (tail)
Keyboard typeahead buffer
Diskette data area
Current video mode
Number of screen columns
Regen buffer length, in bytes
Regen buffer starting offset
Cursor positions, video pages 1 -8
Cursor end line
Cursor start line
Currently displayed video page number
Active display base address
CRT mode register
Register for color graphics adapter
Cassette data area
Timer data area
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
13
Characteristics of an Operating System
 Multi-user – Two or more users have individual accounts that
allow them to work with programs and peripheral devices at the
same time.
 Multitasking – The computer is capable of operating multiple
applications at the same time.
 Multiprocessing – The operating system can support two or
more CPUs.
 Multithreading – A program can be broken into smaller parts
that are loaded as needed by the operating system. Multithreading
allows individual programs to be multitasked.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
14
Basic Function of an Operating System
 All computers rely on an operating system (OS) to
provide the interface for interaction between users,
applications, and hardware.
 The operating system boots the computer and
manages the file system.
 The operating system has four main roles:
• Control hardware access
• Manage files and folders
• Provide user interface
• Manage applications
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
15
Processor Architecture
 32-bit Windows Operating System and x86 Processor
Architecture
• Capable of addressing 4 GB of RAM
• x86 uses a Complex Instruction Set Computer (CISC)
• x86 processors use fewer registers than x64 processors
 64-bit Windows Operating System and x64 Processor
Architecture
• Capable of addressing 128+ GB of RAM
• Enhanced performance for memory management
• Additional security features
• x64 architecture is backward compatible with x86
• Process much more complex instructions at a much higher rate
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
16
Startup Modes
Pressing the F8 key during the boot process opens the
Windows Advanced Startup Options menu, which allows
you to select how to boot Windows.
 Safe Mode – Starts Windows but only loads drivers for basic
components, such as the keyboard and display.
 Safe Mode with Networking Support – Starts Windows
identically to Safe Mode and also loads the drivers for network
components.
 Safe Mode with Command Prompt – Starts Windows and loads
the command prompt instead of the GUI interface.
 Last Known Good Configuration – Enables a user to load the
configurations settings of Windows that was used the last time that
Windows successfully started. It does this by accessing a copy of
the registry that is created for this purpose.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
17
The Windows Registry Files
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
18
Virtualization
 Host machine uses its system resources to host a
virtual machine.
 Hosting a virtual machine allows users to access the
functionality and resources provided by an OS that is
not on the local PC.
 Provides access to applications, file-sharing services,
and other productivity tools.
 Users can further increases the functionality of their
system by running multiple virtual machines.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
19
Virtualization
 The software that creates and manages a virtual
machine on a host machine is called the hypervisor,
or Virtual Machine Manager (VMM).
• Allocates the physical system resources, such as CPU, RAM,
and hard drive, to each virtual machine as needed.
 Windows Virtual PC is the virtualization platform for
Windows 7
• Allows you to partition system resources for a Window OS
among virtual machines .
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
20
Types of Backups
Description
Clear
marker
Normal
Selected files and folders
Yes
Copy
Selected files and folders
No
Differential
Selected files and folders that
changed since the last backup
No
Incremental
Selected files and folders that
changed since the last backup
Yes
Daily
Selected files and folders that
changed during the day
No
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
21
What is RAID?
 Stands for Redundant Array of Independent Disks.
 It’s a technology that enables greater levels of performance,
reliability and/or large volumes when dealing with data.
 How?? By concurrent use of two or more ‘hard disk drives’.
 How Exactly?? Mirroring, Stripping (of data) and Error correction
techniques combined with multiple disk arrays give you the reliability
and performance.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
22
RAID flavors
 Commonly used ones:
1. RAID 0
2. RAID 1
3. RAID 5
4. RAID 10
 Other types used…but rarely: RAID 2,3,4,6,50……
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
23
RAID 0
a. It splits data among two or more disks.
b. Provides good performance.
c. Lack of data redundancy means there is
no fail over support with this
configuration.
d. In the diagram to the right, the odd
blocks are written to disk 0 and the even
blocks to disk 1 such that A1, A2, A3,
A4, … would be the order of blocks read
if read sequentially from the beginning.
e. Used in read only NFS systems and
gaming systems.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
24
RAID 1
•RAID1 is ‘data mirroring’.
•Two copies of the data are held on
two physical disks, and the data is
always identical.
• Twice as many disks are required to
store the same data when compared
to RAID 0.
•Array continues to operate so long
as at least one drive is functioning.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
25
RAID 5
• RAID 5 is an ideal combination
of good performance, good fault
tolerance and high capacity and
storage efficiency.
• An arrangement of parity and
CRC to help rebuilding drive data
in case of disk failures.
• “Distributed Parity” is the key
word here.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
26
RAID 10
a. Combines RAID 1 and RAID
0.
b. Which means having the
pleasure of both - good
performance and good failover
handling.
c. Also called ‘Nested RAID’.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
27
What’s happening present
day?
RAID 6:
a. It is seen as the best way to
guarantee data integrity as it
uses double parity.
b. Lesser MTBF compared to
RAID5.
c. It has a drawback though of
longer write time.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
28
Types of Networks
 LAN (Local Area Network): A group of interconnected
computers under one administrative control group that
governs the security and access control policies that
are in force on the network.
 WLAN (Wireless Local Area Network): A group of
wireless devices that connect to access points within a
specified area. Access points are typically connected to
the network using copper cabling.
 PAN (Personal Area Network): Network that connects
devices, such as mice, keyboards, printers,
smartphones, and tablets within the range of an
individual person. PANs are most often connected with
Bluetooth technology.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
29
Types of Networks
 MAN (Metropolitan Area Network): Network that
spans across a large campus or a city. Consisting of
various buildings interconnected through wireless or
fiber optic backbones.
 WAN (Wide Area Network): Connections of multiple
smaller networks such as LANs that are in
geographically separated locations. The most common
example of a WAN is the Internet.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
30
Types of Networks (Continued)
 Peer-to-peer networks: Devices which are connected
directly to each other without any additional networking
devices between them. Each device has equivalent
capabilities and responsibilities.
 Client/server networks: In a client/server model, the
client requests information or services from the server.
The server provides the requested information or service
to the client.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
31
Bandwidth and Latency
 Bandwidth is the amount of data that can be transmitted within a fixed
time period.
 Bandwidth is measured in bits per second and is usually denoted by the
following:
•bps - bits per second
•Kbps - kilobits per second
•Mbps - megabits per second
•Gbps - gigabits per second
 Latency is the amount of time it takes data to travel from source to
destination.

Data is transmitted in one of three modes:
• Simplex (Unidirectional transmission) is a single, one-way transmission.
• Half-duplex allows data to flow in one direction at a time.
• Full-duplex allows data to flow in both directions at the same time.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
32
IP Addressing - IPV4
 An IP address is a unique number that is used to identify a network device
and is represented as a 32-bit binary number, divided into four octets
(groups of eight bits):
•Example: 10111110.01100100.00000101.00110110
 An IP address is also represented in a dotted decimal format.
•Example: 190.100.5.54
 When a host is configured with an IP address, it is entered as a dotted
decimal number, such as 192.168.1.5. This IP address must be unique on
a network to ensure data can be sent/received.
 IP Classes
• Class A: Large networks, implemented by large companies and some countries
• Class B: Medium-sized networks, implemented by universities
• Class C: Small networks, implemented by ISP for customer subscriptions
• Class D: Special use for multicasting
• Class E: Used for experimental testing
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
33
IP Addressing – IPV4
 Private Addresses - IETF reserved some Internet
address space for private networks.
 Private networks have no connection to public
networks.
 Private network addresses are not routed across the
Internet.
 Class A - 10.0.0.0 to 10.255.255.255
 Class B - 172.16.0.0 to 172.31.255.255
 Class C - 192.168.0.0 to 192.168.255.255
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
34
Subnet Masks
 The subnet mask is used to indicate the network and the
host portion of an IP address.
 The default subnet masks for three classes of IP
addresses.
•
255.0.0.0 - Class A, which indicates that the first octet of the IPv4
address is the network portion.
• 255.255.0.0 - Class B, which indicates that the first two octets of
the IPv4 address is the network portion.
• 255.255.255.0 - Class C, which indicates that the first three octets
of the IPv4 address is the network portion.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
35
IP Addressing – IPV6
 IPv6 address - 128 bits or 32 hexadecimal values.
32 hexadecimal values are further subdivided into eight fields of
four hexadecimal values separated by colons.
 IPv6 address has a three-part hierarchy
• Global prefix, also called a site prefix, is the first three blocks of
the address.
• Subnet ID includes the fourth block of the address.
• Interface ID includes the last four blocks of the address.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
36
Dynamic Host Configuration Protocol
(DHCP)
 DHCP automatically
provides computers with an
IP address.
 The DHCP server can
assign these to hosts:
•IP address
•Subnet mask
•Default gateway
•Domain Name System (DNS)
server address
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
37
Internet Control Message Protocol (ICMP)
 Internet Control Message Protocol (ICMP) is used by
devices on a network to send control and error messages to
computers and servers.
 PING (Packet Internet Groper) is a simple command line
utility used to test connections between computers.
•Used to determine whether a specific IP address is accessible.
•Used with either the hostname or the IP address.
•Works by sending an ICMP echo request to a destination computer.
•Receiving device sends back an ICMP echo reply message.
 Four ICMP echo requests (pings) are sent to the destination
computer to determine the reliability and reachability of the
destination computer.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
38
Internet Protocols
 A protocol is a set of rules. Internet protocols govern
communication within and between computers on a network.
 Many protocols consist of a suite (or group) of protocols stacked in
layers.
• Devices and computers connected to the Internet use a protocol suite
called TCP/IP to communicate with each other.
 The main functions of protocols:
•Identifying errors
•Compressing data
•Deciding how data is to be sent
•Addressing data
•Deciding how to announce sent and received data
•The information is transmitted most often via two protocols, TCP
and UDP.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
39
TCP and UDP Protocols and Ports
 A port is a numeric identifier used to keep track of
specific conversations. Every message that a host
sends contains both a source and destination port.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
40
Physical Network Components
A Modem is an electronic device that connects to the
Internet via an ISP.
 A modem converts digital data to analog signals for
transmission over a phone line.
 Internal modems plug into an expansion slot on the
motherboard.
 External modems connect to a computer through the
serial and USB ports.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
41
Network Devices
 Hub
• Extend the range of a signal by receiving then regenerating it and
sending it out all other ports.
• Allow for collisions on the network segment and are often not a good
solution.
• Also called concentrators because they serve as a central connection
point for a LAN.
 Bridges and Switches
• A bridge has the intelligence to determine if an incoming frame is to be
sent to a different segment, or dropped. A bridge has two ports.
• A switch (multiport bridge) has several ports and refers to a
table of MAC addresses to determine which port to use to forward the
frame.
• Power over Ethernet (PoE)
• PoE switch transfers small amounts of DC current over Ethernet
cable, along with data, to power PoE devices such as Wi-Fi access
points.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
42
Network Devices (Continued)
 Routers
• Devices that connect entire networks to each other. They use IP
addresses to forward packets to other networks.
• A router can be a computer with special network software installed
or can be a device built by network equipment manufacturers.
• Routers contain tables of IP addresses along with optimal routes to
other networks.
 Wireless Access Points (WAP)
• Provide network access to wireless devices such as laptops and
PDAs.
• Use radio waves to communicate with radios in computers, PDAs,
and other wireless access points.
• Have limited range of coverage.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
43
Network Devices
 VoIP phones - carry telephone calls over the data
networks and Internet.
 Hardware firewalls - use various techniques for
determining what is permitted or denied access to a
network segment.
 Internet appliance – web TV, game consoles, Blu-ray
players etc.
 Purchasing Authentic Networking Devices Computer and network problems can be related to
counterfeit components.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
44
LAN Physical Topologies
 A physical topology defines the way in which computers,
printers, and other devices are connected to a network.
 Bus
• Each computer connects to a common cable The ends of the cable
have a terminator installed to prevent signal reflections and network
errors.
• Only one computer can transmit data at a time or frames will collide
and be destroyed.
 Ring
• Hosts are connected in a physical ring or circle.
• A special frame, a token, travels around the ring, stopping at each
host to allow data transmission.
• There are two types of ring topologies:
•Single-ring and Dual-ring
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
45
The TCP/IP Reference Model
 Frame of reference used to develop the Internet's protocols.
 Consists of layers that perform functions necessary to
prepare data for transmission over a network.
Description
Provides network services to user
Application applications
Transport
Provides end-to-end management of data
and divides data into segments
Internet
Provides connectivity between hosts in the
network. IP addressing and routing here.
Network
Access
Where Mac addressing and physical
components exist
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Protocols
HTTP, HTML, Telnet,
FTP, SMTP, DNS
TCP, UDP
IP, ICMP, RIP, ARP
Cisco Confidential
46
The OSI Model
 The OSI model is an industry standard framework that is
used to divide network communications into seven
layers.
 Although other models exist, most network vendors
today build their products using this framework.
 A protocol stack is a system that implements protocol
behavior using a series of layers.
• Protocol stacks can be implemented either in hardware or
software, or in a combination of both.
• Typically, only the lower layers are implemented in hardware,
and the higher layers are implemented in software.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
47
The OSI Model
Layer
Description
Application
7
Responsible for network services to applications
Presentation
6
Transforms data formats to provide a standard interface
for the Application layer
Session
5
Establishes, manages and terminates the connections
between the local and remote application
Transport
4
Provides reliable transport and flow control across a
network
Network
3
Responsible for logical addressing and the domain of
routing
Data Link
2
Provides physical addressing and media access
procedures
Physical
1
Defines all the electrical and physical specifications for
devices
Remember the OSI layers with this mnemonic:
"Please Do Not Throw Sausage Pizza Away"
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
48
Compare OSI and TCP/IP Models
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
49
Virtual Private Network (VPN)
 A Virtual
Private Network
(VPN) is a
private network
that uses a
public network,
like the Internet,
to connect
remote sites or
users together
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
50
Mobile Devices
 A mobile device is any device that is hand-held, light, and typically
uses a touchscreen for input.
 Mobile devices use an operating system to run applications (apps),
games, and play movies and music
 Examples are - Android devices, such as the Samsung Galaxy
tablet and Galaxy Nexus smartphone, and the Apple iPad and
iPhone.
 Many mobile device components, operating systems, and software
are proprietary so It is important to become familiar with as many
different mobile devices as possible.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
51
Touchscreens
 Most mobile devices use touchscreens to allow users to
physically interact with the screen and type on a virtual
keyboard.
 Two types of touchscreens:
• Capacitive - Consists of a glass screen coated with a conductor.
Touching the screen interrupts the electrical field of the screen.
This change is how the touch processor calculates location.
• Resistive - Consists of transparent layers of material capable of
conducting electricity. Pressure causes the layers to touch and
interrupt the electricity. This is how the touch processor calculates
location.
 Multi-touch - the ability to recognize when two or more
points of contact are made on the screen.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
52
Android versus iOS
 Android
• Developed by Google in 2008.
• Open source- public can change, copy, or redistribute the code
without paying royalty fees to the software developer.
 iOS
• Released by Apple in 2007.
• Closed source -source code is not released to the public.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
53
Application and Content Sources
 Some apps can be downloaded free and others must be
purchased. Free apps are often loaded with advertisements to
help pay for development costs.
 It is important to install apps only from trusted sources.
 Two main methods for installing content on mobile devices:
Push and Pull
• When user runs Google Play app or the Apple App Store app
content that is downloaded is Pulled from a server to their device.
• When user purchases app on their laptop or desktop and then it is
Pushed to their android or iOS device.
 Note: Read the list of permissions carefully and do not install
apps that request permission to access items and features
that it should not need.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
54
Common Mobile Device Features
 Screen Orientation - Portrait and landscape
• Auto rotation-Content is automatically rotated to the position of the
device, either landscape or portrait.
 Screen Calibration -Adjusting the brightness of the screen
 Global Positioning System (GPS) –A GPS radio receiver uses at
least four satellites to calculate position. Uses in mobile devices:
• Navigation - A mapping app that provides turn-by-turn directions
• Geocaching - App that shows the location of geocaches - hidden
containers around the world.
• Geotagging - Embeds location information into a digital object, like a
photograph or a video, to record where it was taken.
• Device tracking - Locates the device on a map if it is lost or stolen.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
55
Introduction to Email
 Information needed to set up an email account:
• Display name, email address, protocol used by incoming mail server,
incoming and outgoing server names, username, account password.
 Protocols used in email:
• Post Office Protocol Version 3 (POP3) retrieves email from remote
server, does not leave copy of email on server.
• Internet Message Access Protocol (IMAP) allows local email clients to
retrieve email from a server, leaves original email on server.
• Simple Mail Transfer Protocol (SMTP) is a simple, text-based protocol
that transmits emails.
• Multipurpose Internet Mail Extensions (MIME) is normally used in
conjunction with SMTP to extend the email format to include pictures
and word processor documents.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
56
Data Synchronization
 Data synchronization is the exchange of data between
two or more devices, while maintaining consistent data
on those devices.
 Types of data that are typically synchronized:
• Contacts
• Music
• Email
• Apps
• Calendar entries
• Video
• Pictures
Presentation_ID
• Browser links and settings
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
57
Wired Printer Connection Types
 To access a printer, a computer must have a
compatible interface with it. The following are
common interface types:
•Serial
•Parallel
•Small Computer System Interface (SCSI)
•Universal Serial Bus (USB)
•Firewire
•Ethernet
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
58
Inkjet Printers
 Use ink-filled cartridges that spray ink
onto a page through tiny holes, or
nozzles. The ink is sprayed in a
pattern on the page.
 Two types of inkjet nozzles:
• Thermal
• Piezoelectric
 They produce high quality prints, are
easy to use, and are less expensive
than laser printers. However, the
nozzles are prone to clogging and the
ink is wet after printing.
 A feeding mechanism draws paper in
and the paper passes by the print
head where ink is sprayed onto it.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
59
Laser Printers
 A laser printer is a high-quality, fast printer that
uses a laser beam to create an image. It uses the
following process:
1. Processing
2. Charging
3. Exposing
4. Developing
5. Transferring
6. Fusing
7. Cleaning
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
60
Impact Printers
 Impact printers have print heads
that strike an inked ribbon, causing
characters to be imprinted on the
paper
 There are two types:
• Daisy-wheel
• Dot-matrix
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
61
Print Servers
 A print server has three functions:
1. Provide client access
2. Administrate print jobs
3. Provide feedback to the users
 There are three kinds of print servers:
1. Network print server devices
2. Dedicated PC print servers
3. Computer-shared printers
 Windows allows computer users to share their printers with
other users on the network. There are two steps:
1. Configure the computer attached to the printer to share the printer
with other network users.
2. Configure a user's computers to recognize the shared printer and
print to it.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
62
The Importance of Security
 Private information,
company secrets, financial
data, computer equipment,
and items of national
security are placed at risk if
proper security procedures
are not followed.
 A technician’s primary
responsibilities include data
and network security.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
63
Security Threats
Potential threats to computer security:
 Internal threats
•Employees can cause a malicious threat or an accidental threat.
 External threats
• Outside users can attack in an unstructured or structured way.
Types of attacks to computer security:
 Physical
•Theft, damage, or destruction to computer equipment.
 Data
•Removal, corruption, denial of access, unauthorized access, or theft
of information.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
64
Adware, Spyware and Phishing
Malicious software (malware) is any software designed
to damage or to disrupt a system:
 Adware - software program that displays advertising on
your computer, often displayed in a pop-up window.
 Spyware - distributed without user intervention or
knowledge, monitors activity on the computer.
 Phishing - attacker pretends to represent a legitimate
organization and asks for verification of victims
information such as password or username.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
65
Viruses, Worms, Trojans, and Rootkits
 Virus is a software code that is deliberately created by an
attacker. Viruses may collect sensitive information or may
alter or destroy information.
 A worm is a self-replicating program that uses the network
to duplicate its code to the hosts on the network. At a
minimum, worms consume bandwidth in a network.
 A Trojan is malicious software that is disguised as a
legitimate program. It is named for its method of getting past
computer defenses by pretending to be something useful.
 Anti-virus software is designed to detect, disable, and
remove viruses, worms, and Trojan horses before they infect
a computer.
 A Rootkit is a malicious program that gains full access to a
computer system. Often, a direct attack on a system using a
known vulnerability or password.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
66
Web Security
Tools that make web pages powerful can make computers vulnerable:
 Active X - Controls interactivity on web pages.
 Java - Allows applets to run within a browser.
 Java Script - Interacts with HTML source code to allow interactive web sites.
 Adobe Flash - used to create interactive media (animation, video and games)
for the web.
 Microsoft Silverlight -used to create rich, interactive media for the web,
similar to flash.
Most browsers have settings to help prevent these attacks, for example:
 ActiveX filtering
 Pop-up Blockers
 SmartScreen Filter (Internet Explorer)
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
67
InPrivate Browsing
 InPrivate browsing prevents the web browser from
storing the following information:
• Usernames
• Passwords
• Cookies
• Browsing history
• Temporary Internet files
• Form data
 The browser stores temporary files and cookies but the information
is deleted when InPrivate session is ended.
 To start InPrivate Browsing in Windows 7:
• Right-Click Internet Explorer > Start InPrivate Browsing
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
68
Spam
 Spam is unsolicited email
that can be used to send
harmful links or deceptive
content.
 Popups are windows that
automatically open and
are designed to capture
your attention and lead
you to advertising sites.
Use anti-virus software, options in e-mail software, popup
blockers, and common indications of spam to combat
these.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
69
TCP/IP Attacks
TCP/IP suite controls communication on the Internet. Can be
manipulated to prevents users from accessing normal services.
• Denial of Service (DoS) - sending enough requests to overload a
resource or even stopping its operation.
• Distributed DoS (DDoS) - an attack launched from many computers,
called zombies or botnets.
• SYN Flood - randomly opens TCP ports at the source of the attack
and ties up the computer with a large amount of false SYN requests.
• Spoofing - uses a forged IP or MAC address to impersonate a trusted
computer.
• Man-in-the-Middle - intercepting communications between computers
to steal information transiting through the network.
• Replay - data transmissions are intercepted and recorded by an
attacker, then replayed to gain access.
• DNS Poisoning - changing DNS records to point to imposter servers.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
70
Social Engineering
 A social engineer is a person who is able
to gain access to equipment or a network
by tricking people into providing the
necessary access information.
 To protect against social engineering:
• Never give out a password.
• Always ask for the ID of the unknown person.
• Restrict access of visitors.
• Escort all visitors.
• Never post your password.
• Lock your computer when you leave your desk.
• Do not let anyone follow you through a door that
requires an access card.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
71
Hard Drive Disposal and Recycling
 Erase all hard drives, then use a third-party data wiping tool
to fully erase all data.
 Degaussing disrupts or eliminates the magnetic field on a
hard drive that allow for the storage of data. A degaussing
tool is very expensive and not practical for most users.
 The only way to fully ensure that data cannot be recovered
from a hard drive is to carefully shatter the platters with a
hammer and safely dispose of the pieces.
 To destroy software media (floppy disks and CDs), use
a shredding machine designed for shredding these materials.
 Hard Drive Recycling - Hard drives that do not contain
sensitive data can be reformatted and used in other
computers.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
72
Security Policy

A security policy should
describe how a company
addresses security issues

Questions to answer in writing
a local security policy:
• What assets require protection?
• What are the possible threats?
• What should be done in the event
of a security breach?
• What training will be in place to
educate the end users?
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
73
File and Folder Permissions
 Permission levels are configured to limit individual or group user
access to specific data.
 NTFS – File system that uses journals which are special areas
where file changes are recorded before changes are made.
• Can log access by user, date, and time.
• Has encryption capability.
 FAT 32 - no encryption or journaling
 Principle of Least Privilege - only allow users access to the
resources they need.
 Restricting User Permissions-. If an individual or a group is
denied permissions to a network share, this denial overrides any
other permissions given.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
74
Protecting Data
The value of physical equipment is often far less than the value of
the data it contains. To protect data, there are several methods of
security protection that can be implemented.
Presentation_ID

Software Firewall

Smartcard Security

Biometric Security

Data backups

Data encryption
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
75
Data Encryption
 Encryption - data is transformed using a complicated
algorithm to make it unreadable.
 Encrypting File System (EFS) is a Windows feature that
can encrypt data.
 BitLocker can encrypt the entire hard drive volume
included in Windows 7 and Windows Vista Ultimate and
Enterprise editions.
 Trusted Platform Module (TPM) is a specialized chip
installed on the motherboard to be used for hardware and
software authentication.
• TPM stores information specific to the host system, such as
encryption keys, digital certificates, and passwords.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
76
Mac Address Filtering
 MAC address filtering is a technique used to deploy
device-level security on a wireless LAN.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
77
Wireless Security Modes
 Wired Equivalent Privacy (WEP) – The first
generation security standard for wireless. Attackers
quickly discovered that WEP encryption was easy to
break.
 Wi-Fi Protected Access (WPA) An improved version
of WEP, uses much stronger encryption.
 Wi-Fi Protected Access 2 (WPA2) WPA2 supports
robust encryption, providing government-grade
security.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
78
Firewalls
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
79
Data Backup
 Windows backups can be done manually or scheduled
to takes place automatically.
 To start the Windows 7 Backup Files wizard for the first
time, use the following path:
Start> All Programs > Maintenance >Backup and Restore
>Set up backup
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
80
Configuring Firewall Types
 A Firewall selectively denies traffic to a computer or
network segment.
 Restrictive security policy - A firewall that opens only
the required ports. Any packet not explicitly permitted is
denied.
 Configuring the Windows 7 or Windows Vista firewall
can be completed in two ways:
• Automatically - The user is prompted to Keep Blocking,
Unblock, or Ask Me Later for unsolicited requests.
• Manage Security Settings – the user adds the program or
ports that are required for the applications in use on the
network.
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
81
Cloud Architecture
82
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
82
Cloud Service Models
Software as a
Service (SaaS)
Platform as a
Service (PaaS)
Infrastructure as a
Service (IaaS)
SalesForce CRM
LotusLive
Google
App
Engine
Adopted from: Effectively and Securely Using the Cloud Computing Paradigm by peter Mell, Tim
Grance
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
83
Cisco Confidential
83
Different Cloud Computing
Layers
Application Service
(SaaS)
MS Live/ExchangeLabs, IBM,
Google Apps; Salesforce.com
Quicken Online, Zoho, Cisco
Application Platform
Google App Engine, Mosso,
Force.com, Engine Yard,
Facebook, Heroku, AWS
Server Platform
3Tera, EC2, SliceHost,
GoGrid, RightScale, Linode
Storage Platform
Amazon S3, Dell, Apple, ...
84
Presentation_ID
© 2008 Cisco Systems, Inc. All rights reserved.
Cisco Confidential
84