Network v2 0 PowerPoint
Download
Report
Transcript Network v2 0 PowerPoint
Network Technology
Foundations
© 2009 Certification Partners, LLC
All Rights Reserved
Copyright © 2004 ProsoftTraining, All Rights Reserved.
Lesson 1:
Introduction to Networking
Copyright © 2004 ProsoftTraining, All Rights Reserved.
Lesson 1 Objectives
•
•
•
•
•
•
•
•
•
Define telephony and convergence networking
Discuss the evolution of networking
Define the client/server model
Describe a Network Operations Center (NOC)
Describe peer-to-peer and server-based
networks
Identify network topologies
Identify network operating systems
Describe the OSI/RM and the packet-creation
process
Define major network protocols
Lesson 1 Objectives
•
•
•
•
•
•
•
•
•
(cont'd)
Describe the basics of LANs, WANs and IXPs
Identify common network components
Identify transmission media and types
Define wireless network technologies
Describe IEEE LAN standards
Describe T and E carriers
Define SONET/SDH
Describe how to download files with BitTorrent
Identify the requirements and benefits of
virtualization
Telephony and
Convergence Networking
• PSTN – still an integral part of the Internet
infrastructure because it furnishes most of the
long-distance connections
• Voice over IP (VoIP) – voice transmissions are
delivered in digital form as packets of data
using Internet Protocol (IP)
• Unified communications enable voice to be
converted into text, and vice versa
• Presencing – the ability for devices to
automatically track and report your location
and availability
Mainframes
• Mainframe (centralized) computing provided
the first practical network solution
– Retrieving information from mainframes
– Mainframe liabilities
– The future of mainframes
– Mainframes and cloud computing /
Software as a Service (SaaS)
Mainframe
Networking Model
Mainframe
Terminal
Terminal
Terminal
Terminal
Client/Server Model
• Client/server model (distributed computing) divides
processing tasks between the client and the server
Client
Server
Client/Server Model
(cont'd)
• Client/server model databases and SQL
• Client/server advantages
• Two-tier, three-tier and n-tier computing
Two-Tier
Computing Architecture
Data
Data
Data
Data
Mainframe
Minicomputer
Three-Tier
Computing Architecture
First Tier
Second (Middle)
Tier
Third Tier
Database
PC
Server
N-Tier
Computing Architecture
Second
(Middle) Tier
First Tier
Third Tier
Database
PC
Server
Server
Server
Network Operations
Center (NOC)
• A specific location from which a network is
managed, monitored and maintained
• Central point for network maintenance and
troubleshooting
• Generally includes multiple, redundant
network connections and redundant power
supplies
• Many have dedicated phone lines from a
separate provider and mobile phones to
ensure communication in an emergency
Networking Categories
• Peer-to-peer
– Microsoft peer-to-peer
– P2P
– Centralized or decentralized
• Server-based
– UNIX/Linux
– Microsoft LAN manger
– Microsoft Windows 2003 Server/2008 Server
Network Topologies
•
•
•
•
•
Bus
Star
Ring
Hybrid
Mesh
Network Operating Systems
• Operating systems that manage network
resources
• Interoperability
• Microsoft Windows
• UNIX/Linux
OSI Reference Model
• Defined by the International Organization for
Standardization (ISO) in 1983
• Gives developers universal concepts so they
can develop and perfect protocols that can
work with operating system and network
products developed by other vendors
• Explains the framework used to connect
heterogeneous systems
• Describes the process of packet creation (how
the layers communicate)
OSI Model Layers
Packets
• Packets consist of:
– Header (OSI/RM
layer information)
– Actual data
– Trailer (information
that validates the
packet)
• CRC
Packet Creation
(Adding Headers)
OSI/RM Protocol Examples
• Application layer
– SMTP, POP3, IMAP, HTTP, SMB, NFS
• Transport layer
– TCP
• Network layer
– IP
• Data link layer
– Ethernet, Token Ring
Major
Networking Protocols
•
•
•
•
Connection-oriented (stateful)
Connectionless (stateless)
Routable
Non-routable
TCP/IP
• Transmission Control Protocol / Internet
Protocol
• A collection of protocols
– TCP
– IP
– User Datagram Protocol (UDP)
• An open standard
IPX/SPX
•
Consists of:
– Internetwork Packet Exchange (IPX)
– Sequenced Packet Exchange (SPX)
Binding Protocols
• Binding protocols
– You must attach, or bind, protocols to your
NIC
• Protocols and binding order
Local Area
Networks (LANs)
• A group of computers connected within a
confined geographic area
• Commonly used for intra-office
communication
Wide Area
Networks (WANs)
• A group of computers connected over
an expansive geographic area
Internet Exchange Point (IXP)
• Internet backbones
• Backbone Network
Service
• Segments
New York
Backbone
Atlanta
Boston
Chicago
Phoenix
Backbone
Seattle
San
Francisco
Common
Network Components
• Network Interface
Cards (NICs)
• Hubs
• Bridges
• Routers
• Switches
• Channel Service Unit
/ Data Service Unit
(CSU/DSU)
• Modems
• Firewalls
Transmission
Media
•
•
•
•
Twisted-pair cable
Coaxial cable
Fiber-optic cable
Wireless media
Wireless Network Technologies
• Wireless communications use spread spectrum
technologies
– OFDM
– DSSS
– FHSS
• Wireless networking modes
– Ad-hoc
– Infrastructure
• Wireless access point (AP)
• Wireless AP security features
– Wired Equivalent Privacy (WEP)
– MAC address filtering
Wireless Network Technologies
(cont'd)
•
•
•
•
Wireless management software
Suitability of a wireless LAN
Attaching a wireless AP to a wired network
Next-generation (3G) wireless
Transmission Types
• Synchronous transmission
• Asynchronous transmission
• Data transmission flow
– Simplex
– Half duplex
– Full duplex
IEEE LAN Standards
•
•
•
•
•
•
•
IEEE 802.2
Ethernet/IEEE 802.3
IEEE 802.3u — Fast Ethernet
IEEE 802.3z and 802.3ab — Gigabit Ethernet
IEEE 802.3ae — 10-Gigabit Ethernet
IEEE 802.5 — Token Ring
IEEE 802.11 — Wireless Ethernet
T-Carrier System
T-Carrier
Data Transfer Rate
T1
1.544 Mbps
T2
6.312 Mbps
T3
44.736 Mbps
T4
274.176 Mbps
E-Carrier System
E-Carrier
Data Transfer Rate
E1
2.048 Mbps
E2
8.448 Mbps
E3
34.368 Mbps
E4
139.264 Mbps
E5
565.148 Mbps
SONET/SDH
• High-speed fiber-optic system
• Primarily used for network backbones, such
as the Internet backbone
• Transmissions carried out by optical carrier
(OC)
Downloading Files
with BitTorrent
• BitTorrent – a peer-to-peer (P2P) protocol that
you can use to download large files quickly
– Seeds
– Peers
– Torrent files
• When using BitTorrent, be careful not to illicitly
copy and distribute copyrighted material
Virtualization
• Virtualization allows you to run multiple virtual
operating systems and applications on a
single physical computer
– VMware
– Parallels
– VirtualBox
• Requirements for virtualization
• Benefits of virtualization
Lesson 1 Summary
Define telephony and convergence networking
Discuss the evolution of networking
Define the client/server model
Describe a Network Operations Center (NOC)
Describe peer-to-peer and server-based
networks
Identify network topologies
Identify network operating systems
Describe the OSI/RM and the packet-creation
process
Define major network protocols
Lesson 1 Summary
(cont'd)
Describe the basics of LANs, WANs and IXPs
Identify common network components
Identify transmission media and types
Define wireless network technologies
Describe IEEE LAN standards
Describe T and E carriers
Define SONET/SDH
Describe how to download files with BitTorrent
Identify the requirements and benefits of
virtualization
Lesson 2:
TCP/IP Suite and
Internet Addressing
Copyright © 2004 ProsoftTraining, All Rights Reserved.
Lesson 2 Objectives
• Define and describe the Internet architecture model and
various Internet protocols
• Describe the purpose of RFCs
• Explain the routing process
• Discuss routing protocols
• Describe port numbers and their functions
• Explain IP addressing, address classes, default subnet
masks, and the use of private IP addresses
• Define Internet Protocol version 6 (IPv6)
• Define the TCP/IP properties needed to configure a typical
workstation
• Describe various diagnostic tools for troubleshooting
TCP/IP networks
Internet Architecture
Application Layer
Transport Layer
Internet Layer
Network Access Layer
Requests for
Comments (RFCs)
• Maturity-level protocol states
– Experimental
– Proposed
– Draft
– Standard
• Additional protocol states
– Historic
– Informational
Internet Protocols
•
•
•
•
Network access layer
Internet layer
Transport layer
Application layer
Demultiplexing
Telnet
FTP
TFTP
TCP
SNMP
UDP
IGMP
ICMP
IP
RARP
ARP
ETHERNET
Introduction to Routing
•
•
•
•
•
Direct routing
Indirect routing
Routing process
Routing information tables
Static vs. dynamic routing
Routing Protocols
• Interior vs. exterior protocols
• Routing Information Protocol (RIP) and RIPv2
• Open Shortest Path First (OSPF)
Port Numbers
• Classifying port numbers
– Well-known port numbers
– Registered port numbers
– Dynamic port numbers
Internet Addressing
field1.
field2.field3.field4
Each field represents one byte of data
Subnet Mask
• Distinguishes the network and host portions
of an IP address
• Specifies whether a destination address is
local or remote
• Network portion of an Internet address can be
determined using the TCP/IP ANDing function
Internet Address Classes
• Class A
– 0.0.0.0 to 127.255.255.255
• Class B
– 128.0.0.0 to 191.255.255.255
• Class C
– 192.0.0.0 to 223.255.255.255
• Class D
– 224.0.0.0 to 239.255.255.255
• Class E
– 240.0.0.0 to 247.255.255.255
Default Subnet Masks
for IP Address Classes
Private IP Addresses
Internet Protocol
Version 6 (IPv6)
• Shortcomings of IPv4
– Limited address space
– Lack of security
– Speed problems
– Configuration problems
• Strengths of IPv6
– More efficient and requires less
administrative overhead than IPv4
– Provides a practically unlimited number of
IP addresses
– Less dependent on routers
System Configuration
and IP Addresses
•
•
•
•
•
Default gateway
Loopback address
Broadcast address
Network and special-case source addresses
Normal TCP/IP workstation configuration
Diagnostic Tools
for Internet Troubleshooting
•
•
•
•
•
•
•
•
ping
tracert and traceroute
route
netstat
ipconfig — Windows
ifconfig — UNIX/Linux
arp
Network analyzers
Troubleshooting Considerations
•
•
•
•
DNS name resolution
Hosts file configuration
Static vs. dynamic IP addressing
Default gateway and subnet mask
Lesson 2 Summary
Define and describe the Internet architecture model and
various Internet protocols
Describe the purpose of RFCs
Explain the routing process
Discuss routing protocols
Describe port numbers and their functions
Explain IP addressing, address classes, default subnet
masks, and the use of private IP addresses
Define Internet Protocol version 6 (IPv6)
Define the TCP/IP properties needed to configure a
typical workstation
Describe various diagnostic tools for troubleshooting
TCP/IP networks
Lesson 3:
Internetworking Servers
Copyright © 2004 ProsoftTraining, All Rights Reserved.
Lesson 3 Objectives
• Identify and describe the functions and features of
various internetworking servers
• Describe how each type of internetworking server
uses TCP/IP suite protocols
• Describe access-security features of an HTTP server
• Define MIME, and explain how MIME types are used
by HTTP and mail servers
• Define instant messaging (IM)
• Describe the functions of DNS
• Identify industry-standard Internet servers
• Discuss the uses and benefits of a Content
Management System (CMS)
Overview of
Internetworking Servers
•
•
•
•
•
•
•
File
Print
HTTP
Proxy
Mail
Mailing list
Media
•
•
•
•
•
•
•
DNS
FTP
News
Certificate
Directory
Fax
Transaction
File and Print Servers
• File servers — network servers that store data
files and programs that can be shared by
network users
• Print servers — network servers that allow
multiple users to send print jobs to the same
physical printer
• Line Printer/Line Printer Daemon (LPR/LPD) —
printing protocol in UNIX that allows users to
submit print jobs to network printers
HTTP Server Essentials
• The Web — a collection of computer systems
running the HTTP service
• Web server — has access to HTML documents that
are returned to a client in response to a request
HTTP Server Essentials
(cont'd)
• HTTP Servers and MIME
– Multipurpose Internet Mail Extensions
(MIME) — allow HTTP and e-mail
attachments to identify the files they must
use
– MIME types — identify the contents of a file
so browsers can display the contents
properly
HTTP Server Essentials
(cont'd)
• Additional HTTP server considerations:
– HTTP servers work with a variety of
operating systems
– Permissions — restrict or allow access to
system resources
• Operating system permissions usually
override HTTP server permissions
– Access control — specifies who has access
to system resources
HTTP Server Essentials
(cont'd)
• Additional HTTP server considerations:
– Aliases (or virtual directories)
• Flexible mapping of URL path names to
file names
– Logging — a log of requests handled by the
server
• Access data
• Referrer data
• Error data
HTTP Server Essentials
(cont'd)
• Additional HTTP server considerations:
– Monitor server and network bandwidth use
• Helps maintain consistent performance
• Helps to identify bottlenecks
• Helps to create a baseline against which
future network activity can be compared
HTTP Server Essentials
(cont'd)
• Common Web servers
– Apache server
– Microsoft Internet Information Services (IIS)
– Sun Java System Web Server
• Server-side technologies
– JavaServer Pages (JSP)
– Active Server Pages (ASP) and .NET
– PHP Hypertext Preprocessor (PHP)
• Open Database Connectivity (ODBC)
Database Servers
• Database — a file that stores information in a
series of tables and columns
• Relational database — a database consisting
of two or more tables related by a common
field
• Database server — a server that presents
relational databases and makes it possible for
remote individuals to access the data
• All database servers use SQL to create,
maintain and query databases
Proxy Servers
• Proxy server — an intermediary between a
network host and other hosts outside the
network
• Proxy servers:
– Provide enhanced security
– Manage TCP/IP addresses
– Speed Internet access by caching Web
documents
– Replace network IP address with another,
contingent address
Mail Servers
• Mail servers store/forward e-mail messages
using several protocols:
– SMTP — used to send messages
– POP3 — used to store and forward
messages (forces a user to download
messages before managing them)
– IMAP — used to store and forward
messages (allows a user to browse and
manage messages remotely)
• MIME is used to transmit files with e-mail
Instant Messaging (IM)
• Instant messaging runs on a mail server
• Use IM to:
– Type and view messages sent to one or
more recipients
– View the responses immediately
• IMs can be sent only to contacts who are
currently online
Mailing List Servers
• A mailing list server forwards an e-mail
message to every member on a distribution
list
• Mailing List Manager (MLM) — the interface
that allows you to configure a mailing list
server
• Public vs. private mailing lists
• Examples of public mailing lists:
– LISTSERV
– Majordomo
Mailing List Servers
(cont'd)
Media Servers
• A media server provides streaming audio and
video over a network
• Uses UDP ports and buffers to achieve the
effect of a real-time connection
– UDP is a connectionless protocol
– Buffer — cache of memory that stores
frequently used data to allow for faster
access times
DNS Servers
• DNS — mechanism used on the Internet to
translate host computer names into IP
addresses
– www.CIW-certified.com = http://74.206.104.14
• Hosts file — file referenced locally by
applications and commands for name-toaddress resolution
DNS Servers
(cont'd)
• DNS hierarchy
– Root-level domain — the top of the
hierarchy that contains entries for each toplevel domain
– Top-level domain — consists of categories
found at the end of domain names
– Second-level domain — includes the
businesses and institutions that register
their domain names with the top-level
domains
DNS Servers
(cont'd)
• DNS components
– Name server — server that supports nameto-address translation and runs the DNS
service
– Name resolver — software that uses the
services of one or more DNS servers to
resolve an unknown request
• DNS records — entries in DNS database that
provide additional routing and resolution
information
DNS Servers
• DSN server types
– Root
– Primary
– Secondary
– Caching-only
– Forwarding
(cont'd)
DNS Servers
.(root)
Domain name space
ie
se
(cont'd)
com
mx
net
ch
xyz
user1
iso
ftp
user2
www
DNS Servers
(cont'd)
• nslookup
– Used to query Internet domain name
servers to learn name-to-IP-address
mappings
– Example of nslookup one-time command:
• nslookup www.CIW-certified.com
– Used interactively by typing:
• nslookup
FTP Servers
• File Transfer Protocol (FTP) allows the transfer
of large files between file servers in real time
• Files of 2 MB or greater should be transferred
by means of FTP
• Sending files by means of FTP is faster than
with e-mail and HTTP
News Servers
• A news server uses Network News Transfer
Protocol (NNTP)
• Written text output
• Multi-person input
• Allows users to post information any time
• Can be used to create secure newsgroups by
enabling user-specific password protection or
through an SSL session
Certificate Servers
• A certificate server validates, or certifies,
encryption keys
• Keys — strings of text generated from
encryption algorithms that allow you to secure
communications for a company or group of
users
Directory Servers
• Identify all resources on a network, then make them
available to authenticated users
• Enable a company to reuse information in its directory
• Reduce/eliminate re-entry of user information for
applications that require it
• Help administrators manage applications and users
• Help users locate other users or e-mail addresses
• Locate and manage all company accounts
• Allow users inside and outside the network to use the
service
• Maintain a single database of e-mail contacts
Directory Servers
(cont'd)
• Directory server protocols
– X.500 — used to manage user and resource
directories
– X.500 offers:
• Scalability
• Synchronization
• Replication
– Lightweight Directory Access Protocol
(LDAP) — a TCP/IP suite protocol that
allows communication on both intranets
and the Internet
Fax and
Transaction Servers
• Fax servers
– Provide a centrally located fax system
– Consist of a bank of fax/modems
• Transaction servers
– Guarantee that all required databases are
updated when a transaction takes place
Choosing Web Server Products
• Apache Web server
– Used by almost half of all Web sites
– Supports UNIX and Windows
– Available free of charge
• Microsoft IIS
– Includes HTTP, FTP, NNTP, SMTP, certificate, ASP,
index (catalog) and transaction services
– Allows you to use a remote server to store and
retrieve files
Choosing Web Server Products
(cont'd)
• Sun Java System Web Servers
– Support many platforms, including Sun
Solaris, Windows, Linux, AIX and HP-UX
– Support JavaServer Pages (JSP)
technology and Java servlets
– Can use Java to connect to databases
– Can implement other server-side scripting
applications
Choosing Web Server Products
(cont'd)
• Java software and Web servers
– Java servlet — Java code that is compiled
and runs solely on Web servers
– Servlets allow:
• Chaining
• Connections to databases
• Near-universal support on systems
Content Management System
(CMS)
• CMS – allows you to easily create, store and
track all documents and information produced
by an organization
• Benefits
– Centralized management of content
– Ability to reuse content
– Increased collaboration
Content Management System
(CMS) (cont'd)
• Common CMS Services
– Role management
– Permission management
– Content publication
– Content editing
– Version control
– Indexing and searching
– Caching and replication
– Simplified backup
– Syndication
Content Management System
(CMS) (cont'd)
• CMS as a workflow management tool
– Helps managers and executives ensure that
users properly submit and manage content
• CMS requirements analysis
– Number of users
– Projected server load
– Storage capacity
Content Management System
(CMS) (cont'd)
• Managing a CMS
– Workflow management
– Content acquisition
– Standard tagging
– Taxonomic and social tagging
– Template creation and management
– Localization
– Personalization and portals
Content Management System
(CMS) (cont'd)
CMS and the content life cycle
Content Management System
(CMS) (cont'd)
• CMS security concerns
• Types of CMS
– Web CMS
– Enterprise CMS
• CMS vendors and products
Lesson 3 Summary
Identify and describe the functions and features of
various internetworking servers
Describe how each type of internetworking server
uses TCP/IP suite protocols
Describe access-security features of an HTTP
server
Define MIME, and explain how MIME types are
used by HTTP and mail servers
Define instant messaging (IM)
Describe the functions of DNS
Identify industry-standard Internet servers
Discuss the uses and benefits of a Content
Management System (CMS)
Lesson 4:
Hardware and
Operating System Maintenance
Copyright © 2004 ProsoftTraining, All Rights Reserved.
Lesson 4 Objectives
• Identify the characteristics of motherboards
• Identify common IRQ, I/O address and DMA
settings
• Identify SATA and SCSI traits
• Identify NICs and common peripheral ports
• Identify the characteristics of CDs, DVDs and
Blu-ray Discs
• Identify the characteristics of TV tuner cards,
HDMI connections and mobile computing
devices
Lesson 4 Objectives
(cont'd)
• Describe the importance of obtaining proper
software licensing
• Identify how to partition disks and prepare
logical drives
• Describe the characteristics of file system types
• Describe the uses of file system management
tools
• Identify and suggest corrective measures for
operating system boot problems and
application failures
• Identify methods to remotely manage and
troubleshoot workstations
Basic Hardware
and System Maintenance
• Fix hardware problems by ensuring:
– Components are plugged in
– Components are turned on
– Components are connected properly in
order to operate (such as connecting the
keyboard to the computer)
• Periodically clean hardware components
• Establish a preventive maintenance plan
Motherboard
• Main circuit board in a computer
• Must be securely fastened to system chassis
• Should never touch anything metal, except
through proper connections
• Most motherboard components are soldered
on and no longer replaceable
• If components fail (except for memory and the
microprocessor), the entire motherboard
needs to be replaced
IRQs, I/O Addresses and DMA
• Interrupt requests (IRQs) — hardware lines
used to identify when a device wants to
communicate with the processor
– Example: When a printer has finished
printing, it sends an interrupt signal to the
computer so the computer can decide what
to process next
• Input/output (I/O) address — memory location
that allows the system processor and system
devices to communicate
• Direct memory access (DMA) — allows a
device to access system memory directly,
bypassing the processor
Electronic Communication
• Binary numbering
– Converting decimal values into binary
– Bytes and bits
• Hexadecimal numbering
– Converting from hexadecimal into binary
and decimal
– Converting from binary into hexadecimal
• ASCII
Communication Basics
Serial communication
Communication Basics
(cont'd)
Parallel
communication
Mass Storage
Device Interfaces
• To communicate with a motherboard, mass
storage devices need to be connected to the
motherboard through an interface
• Two most common interfaces are:
– SATA
– SCSI
Serial ATA (SATA)
• SATA is currently the de facto standard for PCbased drives
• SATA devices are connected using a cable that
somewhat resembles a small Category 5
Ethernet cable
Small Computer
System Interface (SCSI)
• With SCSI, multiple devices can be connected
to a single controller in a daisy chain
configuration
• You can attach as many as 127 internal or
external SCSI devices to a single controller
• SCSI devices include hard disk drives,
printers, scanners and tape drives
• SCSI daisy chain must be terminated at both
ends and only at the ends
Network Interface Card (NIC)
• Each network device must have a NIC (or network
adapter card)
• The network adapter makes the physical
connection between the device and the network
cabling
• The network adapter converts the data from the
computer into a format appropriate for
transmission over the network
• Transceiver — the network adapter component
that handles data transmission
Common Peripheral Ports
Common Peripheral Ports
(cont'd)
• PS/2-style ports are for the mouse and
keyboard
• Serial ports
– Communicate using serial asynchronous
communication
– Are used for serial communication devices
• Parallel ports
– Communicate using parallel
communication
– Are used for parallel communication
devices
Common Peripheral Ports
(cont'd)
• USB ports
– Support asynchronous and isochronous
transmissions for data transfer
– Communicate using serial communication
– Support as many as 127 peripheral devices
in a daisy chain configuration
• FireWire (IEEE 1394)
– A high-speed serial interface to which you
can daisy chain as many as 63 peripheral
devices
– Good for devices that need to transfer large
amounts of data
Power Requirements
• Electricity is measured according to different
standards in North America and Europe
• Computing and networking equipment is also
manufactured to different standards
• When traveling from North America to Europe,
you will need:
– A special plug adapter
– A power inverter
Compact Disc—Read-Only
Memory (CD-ROM)
• CD-ROM — an optical storage device from
which data can be read only
• CD-ROM drives use common mass storage
interfaces
• Writable CD devices allow you to create, or
"burn," your own data and audio CDs
– CD-R (CD-recordable) — write data once
– CD-RW (CD-rewritable) — write data
multiple times
Digital Video Disc (DVD)
• DVD — optical storage device from which data can
be read only
• DVDs are similar to CD-ROMs but have higher
storage capacity
– Initial DVD standard provided 4.7 GB of storage
capacity
– Current DVD standards support dual-layer discs
with a storage capacity of 8.5 GB
– Double-sided disc standard supports 9.4 GB
when writing to one side or 17 GB total when
writing to both sides
Blu-Ray Discs (BDs)
• High-definition optical disc storage medium
that is designed to be the successor to DVDs
• Single-layer Blu-ray Discs can hold up to 25
GB of data
• Dual-layer Blu-ray Discs can hold up to 50 GB
of data
• BD-R — a write-once format
• BD-RE — a rewritable format
Optical Disc Drive
Maintenance
• Keep the drives closed when they are not in
use, and check all media for foreign matter
before inserting into the drive
• Optical discs should be handled only by the
edges
• Avoid scratching the disc surface
• Never directly touch or try to manually clean
the laser
• Brush away and vacuum accumulated dust
• Manually eject a stuck disc by inserting a wire
into the small hole on the face of the drive,
then pressing hard until the disc is ejected
TV Tuner Card
• Enables television signals to be viewed on a
computer monitor
• Four kinds of TV tuner cards:
– Analog TV tuners
– Digital TV tuners
– Hybrid tuner
– Combo tuner
High-Definition Multimedia
Interface (HDMI) Connections
• Transmit high-definition digital video and highresolution digital audio data
• Consist of 19 wires wrapped in a single cable
• Carry bandwidth of up to 5 Gbps
• Preserve the source digital signal by
eliminating the digital-to-analog-to-digital
conversion
• Should not run longer than 15 feet (5 meters)
to prevent signal degradation
Mobile Computing
• A person's ability to use technology while "on the go"
• Common devices and associated technologies:
– PDAs
– Bluetooth
– Smartphones
• iPhone
• BlackBerry
– Portable media players
• iPod and iPod Touch
• Zune
– Memory Sticks
– Secure Digital (SD) cards
– Google Android
Netbooks
• A more compact, Web-oriented version of the
standard laptop PC
• Relies on the cloud-computing model in which
the Internet is used for remote access to Web
applications
• Relies on wireless network connections
• Does not use a traditional hard disk; uses a
solid-state drive or a Secure Digital (SD) card
instead
• Easy to use and maintain
Software Licensing
• When you purchase software, you are purchasing
the right to use the software under certain
restrictions
• These restrictions are outlined in the license
agreement
• When you load software, the license agreement
typically displays during the installation process
• You must indicate that you have read and
understood the agreement before the installation
procedure will allow you to continue
Software Licensing
(cont'd)
• Apart from legal consequences, using
unlicensed software can also mean:
– No documentation
– No warranties
– No technical product support
– Greater exposure to software viruses,
corrupt discs or otherwise defective
software
– Ineligibility for software upgrades
Partitions and
Logical Drives
• When installing an operating system on a new
computer or after recovering from a hard disk
failure, prepare the hard disk for use by:
– Partitioning the hard disk
– Creating logical drives
– Formatting logical drives
Disk Partitioning
• Partition disks to
divide total
storage space
• Primary partition
— the system’s
boot drive, used
for system startup
• Extended partition
— the remaining
drive space after
you create the
primary partition
Logical Disk Drives
• A disk partition must
be assigned a logical
drive identifier
• A primary partition is
treated as a single
logical drive
• An extended partition
can be divided into
multiple logical drives
(Drives D and E in
figure)
Logical Drive Format
• Low-level format
– Prepares the hard disk before disk partitions
can be defined
– Primarily the responsibility of the hard disk
manufacturer
• High-level format
– Logical drive formatting that prepares the drive
for use by the operating system
– Creates the file system root directory and the
files used to track disk space use
File System Types
• Primary partitions and logical drives must be
formatted so the operating system can use
them
• Formatting creates the file system by adding
information about how files should be stored
on the drive to organize and manage disk
storage
• File system types include:
– FAT32 and NTFS (Windows)
– Ext3/4 and ReiserFS/4 (Linux)
File and
Directory Permissions
• NTFS allows you to set permission bits on
system resources
• In NTFS, you can protect files so that only
certain users or groups of users can read
them
• Concerns
– If permissions are applied improperly, users
may take security for granted
– Improperly set permissions can disrupt an
operating system
Convert Utility
• Information about the files on an NTFS volume
and their attributes is stored in the master file
table (MFT)
• Convert utility — used to convert a partition or
logical drive from FAT32 to NTFS
convert drive /FS:NTFS [/v]
Disk Defragmenter Utility
• As files are created and deleted, a partition
can become severely fragmented
• Fragmented files are no longer located in
contiguous clusters
• You can use the Disk Defragmenter utility to
defragment hard disks and put files back
together in a contiguous format
Chkdsk Utility
• You can use the Chkdsk utility in Windows to:
– Create and display a status report for a disk
based on its file system
– List and correct errors on the disk
– Display the status of the disk in the current
drive
Disk Cleanup Utility
Use the Disk Cleanup utility to recover the disk
space used by:
– Temporary files
– Unused applications
– Files in the Recycle Bin
– Files you downloaded as part of Web pages
– Files created when Chkdsk attempted to
recover lost file fragments
Backup and
Restore Utilities
• Keep a current backup of all data files to
ensure that data can be recovered if a hard
drive fails
• When you back up data, you store copies of
folders and files to a source other than your
computer's hard disk
• You restore data when you need to access the
backed up data
Troubleshooting Software
• Software troubleshooting refers to anything
other than problems caused by system
hardware
• Software problems can be caused by:
– Bugs
– Corrupted files
– Incompatibilities
– Virus infections
Operating System
Boot Problems
• Error: No operating system
– Bad or missing command interpreter
– Missing ntldr (Windows)
– Kernel not available (Linux)
– Operating system files missing
– Hard disk or controller failure
Blue Screen
of Death (BSOD)
• Blue screen that indicates that a critical
operating system failure has occurred during
startup
• To troubleshoot:
– Restart the system in Safe mode and use
the Last Known Good Configuration option
– Reinstall the operating system
– Attempt to diagnose the problem by
parsing the dump file
System Lockup
• Lockup causes:
– Applications that are incompatible with the
operating system or with a hardware
component
– IRQ conflicts
– Related problems that you may be able to
find in the system log file
• Power down your system by manually
pressing and holding down the power key for
five seconds
Application Failures
• Application failure causes:
– Low system RAM
– Current logon environment crashes
– Improper permissions
– Improper system resolution or color levels
• View the system log
– Windows Event Viewer
– Linux/UNIX "messages"
Application Failures
(cont'd)
• Windows protection error causes:
– Device drivers that may not be written
specifically for your operating system
– Applications or utilities that attempt to
bypass the operating system and directly
access local system hardware
• Application installation and loading failures:
– Application will not load into memory
– Application can cause an illegal operation,
resulting in the blue screen of death
– Application may not install at all
Remote Management
and Troubleshooting
• Telnet — TCP/IP command that establishes a
remote connection with a server
• SSH — protocol and command interface that
can gain secure access to a remote computer
• VNC — program that controls a remote
computer
– VNC consists of two components:
• A server that listens to a specific port
• The viewer, which shows the remote
system’s logon environment
Remote Management
and Troubleshooting (cont'd)
• Remote Desktop — Windows service used to
gain access to a Windows session that is
running on another computer
– Allows multiple users to have active
sessions on a single computer
– Allows you to switch from one user to
another on the same computer
• Remote Assistance — Windows service used
to seek help from a remote user
Lesson 4 Summary
Identify the characteristics of motherboards
Identify common IRQ, I/O address and DMA
settings
Identify SATA and SCSI traits
Identify NICs and common peripheral ports
Identify the characteristics of CDs, DVDs and
Blu-ray Discs
Identify the characteristics of TV tuner cards,
HDMI connections and mobile computing
devices
Lesson 4 Summary
(cont'd)
Describe the importance of obtaining proper
software licensing
Identify how to partition disks and prepare
logical drives
Describe the characteristics of file system
types
Describe the uses of file system management
tools
Identify and suggest corrective measures for
operating system boot problems and
application failures
Identify methods to remotely manage and
troubleshoot workstations
Lesson 5:
Network Security and
Personal Privacy Protection
Copyright © 2004 ProsoftTraining, All Rights Reserved.
Lesson 5 Objectives
• Define security
• Describe computer viruses and worms
• Identify various network attacks and ways to defeat
them
• Describe authentication principles
• Explain the three major types of encryption
• Describe firewalls, common firewall topologies and
security zones
• Describe the function of a VPN
• Describe security audit principles
• Describe the function of a UPS
• Discuss Internet-related personal privacy issues
• Discuss Internet-based challenges against which
users should be protected
Defining Security
• Security — a set of procedures designed to
protect transmitted and stored information, as
well as network resources
• Security administrators must determine which
people can take appropriate actions on
specific items at the appropriate time
Viruses and Worms
• Virus — code that causes damage to systems
• Virus types
– Macro/script
– File infecting
– Boot sector
– Stealth
– Polymorphic
– Retro
• Worm — similar to virus but automatically
replicates
Overview of
Network Attack Types
•
•
•
•
•
Spoofing
Man in the middle
DOS
Distributed DOS
Brute force
•
•
•
•
•
Dictionary
Back door
Buffer overflow
Trojan
Social
engineering
To avoid attacks:
• Install stable updates
• Use encryption
• Be suspicious of information
requests
• Remain informed
Defeating Attacks
• OSI/RM security services
– Authentication
– Access control
– Data confidentiality
– Data integrity
– Non-repudiation
• Updates
Authentication
• Three authentication methods
– What you know
– What you have
– Who you are
• Passwords
– Strong passwords
– Age passwords appropriately
• Account lockout — disables accounts after a given
number of invalid passwords have been entered
• Account reset — enables you to choose whether
accounts reset automatically after a given interval
Authentication
(cont'd)
• Managing passwords
– Use password manager software to help
store and manage your passwords
– Example: KeePass
• Password generators
– Algorithms that receive input from a
random or pseudo-random number
generator and then automatically generate
a password
Digital Certificates
•
•
•
•
•
Provide authoritative identification
Verify the sender's identity
Use the X.509 standard
Are used for non-repudiation
Contain digital signatures
– Certificate authority (CA)
Public Key Infrastructure (PKI)
• PKI CA servers:
– Are repositories for managing digital
certificates
– Enable the secure creation and
management of digital certificates
– Provide the ability to revoke an invalid key
• If you need a certificate for a server, use PKI
Encryption
• The primary means to ensure privacy across
the enterprise
• Symmetric-key encryption
– One key to encrypt and decrypt
– All parties must know and trust one another
• Symmetric algorithms
– DES
– Triple DES
– AES
Encryption
(cont'd)
• Asymmetric-key encryption
– Uses a key pair (one public, one private)
– Used to create a digital signature
• Asymmetric algorithms
– RSA
– DSA
Encryption
(cont'd)
• Hash encryption
– Uses a hash table that contains a hash
function
– Used for information that will not be
decrypted or read
• Hash algorithms
– MD2, MD4 and MD5
– SHA
Encryption
(cont'd)
• Pretty Good Privacy (PGP) — uses a
combination of the three encryption types
• GNU Privacy Guard (GPG) — the open-source
version of PGP
• PGP and GPG:
– Use symmetric-key encryption to scramble
the original message you want to send
– Use asymmetric-key encryption to encrypt
only the symmetric key you just used
– Use hash encryption to "sign" the message
and ensure that no one can tamper with it
Firewalls
• A firewall is a secure computer system placed
between a trusted network and an untrusted
one, such as the Internet
– The most common location for a firewall is
between a corporate LAN and the Internet
• Allows users from a protected network to
access a public network while simultaneously
making the protected company's products and
services available to the public
Internal and
Personal Firewalls
• Internal firewall — resides inside your
company's internal network
– Internal firewalls can:
• Protect sensitive systems
• Isolate networks that still need Internet
connectivity but which use software that
may cause problems with other company
resources
• Personal firewall — offers protection for an
individual system
Packet Filtering
• Packet filter — inspects each packet for
predefined content
• Packet filters filter data based on the following
fields in the packet:
– Source IP address
– Destination IP address
– TCP/UDP source port
– TCP/UDP destination port
Proxy Servers
• A proxy server replaces the network IP
address with a single IP address
• Provides the following services:
– Hiding of network resources
– Logging
– Caching
• Application-level gateway — a proxy between
the Internet and your internal system at the
application level
• Most firewalls are combinations of packet
filtering and application-level gateways
Network Address
Translation (NAT)
• The practice of hiding internal IP addresses
from the external network
• Two ways to provide NAT
– Configure masquerading on a packetfiltering firewall
– Use a proxy server to conduct requests on
behalf of internal hosts
Accessing
Internet Services
• If Internet access is required and a network is
located behind a proxy server or firewall, you
may have problems accessing Internet
services that use ports other than common
ports
• To avoid these problems:
– Make sure the network has access to all
Internet-related protocols used by the
company
– Make sure that the IP addresses assigned
to the computers in your network have
permission to access the Internet
Troubleshooting
Access Through Firewalls
• Firewalls can cause a bottleneck
• Firewalls may not allow home-based account
access to the corporate e-mail server
• To troubleshoot firewall problems:
– Verify that you are using the correct IP address
and subnet mask
– Check your default gateway and verify that the
computer can communicate with systems on
the same subnet
– Verify DNS resolution
– Try to use multiple protocols on the Internet
Firewall Topologies
• Common firewall implementations
– Packet filter
– Dual-homed bastion host
– Triple-homed bastion host
– Screened subnet (back-to-back firewalls)
• Bastion host — a computer that houses
various firewall components and services, and
is connected to a public network
Packet Filter Topology
Dual-Homed Bastion Host
Triple-Homed Bastion Host
Screened Subnet
Security Zones
• Demilitarized zone (DMZ) — a mini-network that
resides between a company's internal network and
the external network
• Intranet — a security zone available only to
authorized organization employees
• Extranet — a private network that allows selected
access to outsiders only after they provide
authentication information
• Virtual LAN (VLAN) — a logical grouping of hosts,
generally not implemented by a firewall
Virtual Private Network (VPN)
• A technique that allows secure
communication across long distances, usually
for a company extranet
• In a VPN, the Internet is often the corporate
network backbone
• Appropriate for any organization requiring
secure external access to internal resources
• All VPNs are tunneling protocols — encryption
occurs at the source and decryption occurs at
the destination
Virtual Private Network (VPN)
(cont'd)
• VPN protocols
– Point-to-Point Tunneling Protocol (PPTP) —
works only with IP protocols
– Layer 2 Tunneling Protocol (L2TP) — works
with non-IP protocols
– IP Security (IPsec) — more flexible than
PPTP or L2TP because you can specify
different authentication methods
Remote Access Server (RAS)
• Requires the use of dial-up modems to dial up,
connect and log on to RAS
• Offers security through a callback feature
– A user logs on to RAS
– The user is disconnected
– RAS calls the user back to ensure the call
was made from an authorized computer
Security Audit
• Review of the state of the network
• Auditing process:
– Conduct a status quo analysis
– Conduct a risk analysis
– Make recommendations based on findings
Uninterruptible
Power Supply (UPS)
• Device that allows a computer to keep running
temporarily when the primary power source is
lost
• Can be configured to:
– Shut down entire systems automatically
– Shut down only certain components
automatically
– Place components into minimal power use
mode until the system is shut down
manually
Personal Privacy
and the Internet
• Internet privacy – the ability to control what
information you reveal about yourself over the
Internet and to whom (or what) you reveal it
• Anonymizing tools – Internet components and
application features that make the user's
Internet activity untraceable
– Browser privacy mode features
– Proxy servers
– VPN servers
– Anonymizer Web sites
Internet Privacy
• Browser privacy mode – no cache or history
of your browsing sessions are kept
• Browsers with privacy mode features
– Mozilla Firefox
– Microsoft Internet Explorer (InPrivate)
– Google Chrome (Incognito)
– Apple Safari (Private Browsing)
• Use Web sites that provide anonymizer
services to thwart tracebacks, hide your
online identity and bypass proxy servers
Ethics of
Anonymous Browsing
• Anonymous browsing hides your identity
– You can use anonymous browsing to
minimize risk if you engage in online
behavior that may be potentially dangerous
• People can also engage in anonymous
browsing for unethical or illegal purposes
– Anonymous browsing allows a person to
browse the Web without leaving behind any
incriminating evidence
Internet Fraud
• Scams or other deceptive practices committed
via the Internet, usually for the purpose of
monetary gain or identity theft
– Auction and retail scams
– Business opportunity scams
– Investment scams
– Credit card scams
– Purchase scams
– Money transfer scams
– Dating scams
Identity Theft
• Fraud committed in your name by someone
else who has illicitly gained access to your
personal information
• Methods used by identity thieves
– Dumpster diving
– Skimming
– Phishing
– Address changing
– Stealing
Phishing, Pharming
and Anti-Phishing Software
• Phishing – a form of social engineering that
attempts to gather personal and financial
information from unsuspecting victims by
sending e-mail and luring the user to a
legitimate-looking site, then requesting
passwords, accounts numbers, etc.
• Pharming – the act of installing malicious
code on personal computers or servers that
redirects Internet traffic from a legitimate Web
site to an identical-looking bogus Web site
• Anti-phishing software – program designed to
identify phishing content contained in Web
sites and e-mail messages
Personal Protection
and the Internet
• Online stalking
– Occurs when a person ("stalker") stealthily
pursues, harasses and/or preys upon another
person using online venues such as e-mail,
chat rooms and social networking sites
• Cyberbullying
– The willful harm inflicted on others through the
use of information and communication
technologies
• Internet addiction
– Many users spend so much time involved with
online games, social networking, blogging,
instant messaging and so forth that they are
missing out on real-world experiences
Lesson 5 Summary
Define security
Describe computer viruses and worms
Identify various network attacks and ways to defeat
them
Describe authentication principles
Explain the three major types of encryption
Describe firewalls, common firewall topologies and
security zones
Describe the function of a VPN
Describe security audit principles
Describe the function of a UPS
Discuss Internet-related personal privacy issues
Discuss Internet-based challenges against which
users should be protected
Network Technology Foundations
Introduction to Networking
TCP/IP Suite and Internet Addressing
Internetworking Servers
Hardware and Operating System Maintenance
Network Security and Personal Privacy
Protection