Network+

© 2001 ComputerPREP, Inc. All rights reserved.

Lesson 1: Overview of the Internet

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • • • • • •

Trace the evolution of the Internet Define TCP/IP and explain how it is used Describe the client/server model Describe push and pull technology List criteria for selecting an ISP Identify and describe Internet protocols Explain domain names and virtual domains Discuss the ICANN and the InterNIC Outline the current structure of the Internet

Evolution of the Internet

• • • • •

Advanced Research Projects Agency Advanced Research Projects Agency Network National Science Foundation The World Wide Web Hypertext Markup Language

How the Internet Works

• • •

TCP/IP

–

Routers

–

Packets IP addresses

–

IPv6 Internet Service Providers

Client/Server Model on the Internet

• • • • •

Client Server Network Bandwidth Pull and push technology

–

Channel Definition Format

Connecting to the Internet

• •

Popular ISPs Connection types

–

Dial-up

• •

SLIP PPP

–

Direct

•

LAN

• •

Cable DSL

• • • • • •

HTTP FTP E-mail

–

POP

–

SMTP

–

IMAP Telnet Newsgroups

–

NNTP Gopher Internet Protocols

Domain Name System

• • • •

Learning to read domains Domain name syntax FQDN Top-level domains

Typical Domain Name

The Business of Domain Names

• • • • •

ICANN Original domain name registration

–

.com

– –

.net

.org

InterNIC International domain name registration Virtual domain

Uniform Resource Locators

• • • •

Web page URL FTP URL Gopher URL E-mail and newsgroup URLs

Intranets and Extranets

• •

Intranets

–

Internal, or in-house, Web sites used by employees within a company Extranets

–

Web sites provided specifically for existing customers of a company

Summary

        

Trace the evolution of the Internet Define TCP/IP and explain how it is used Describe the client/server model Describe push and pull technology List criteria for selecting an ISP Identify and describe Internet protocols Explain domain names and virtual domains Discuss the ICANN and the InterNIC Outline the current structure of the Internet

Lesson 2: Introduction to Networking

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • •

Define "networking," and explain this concept's importance in today's data communications marketplace Relate internetworks to the concept of the corporate enterprise network Identify and describe the function of servers, workstations and hosts

Objectives (cont'd)

• • •

Identify network architectures, and provide at least two defining characteristics of each Describe the basic network topology characteristics Identify the major operating systems and their respective clients

Networking Evolution

• •

Client/server model versus large, centralized computer model Shift to Web-based, decentralized and more affordable networking

Mainframes

•

Mainframe (or centralized) computing provided the first practical networking solution

–

Centralized model used central servers (or mainframes) and remote terminals

Mainframe Model

Mainframe Terminal Terminal Terminal Terminal

Client/Server Model

Client Server

Client/Server Advantages

• • • •

Provides shared task processing Provides modular approach to computing Provides scalability Allows for greater user control over files

Web-based Networking

•

Advantages

–

Combines the power of mainframe computing with the scalability of the client/server model

–

Allows users to obtain information without specialized software

Networking Categories

• • •

Peer-to-peer networks Server-based networks Enterprise networks

Peer-to-Peer Network

Workstation Workstation Workstation Workstation

Server-based Network

Client Client Client Server

• • • • •

Bus Star Ring Hybrid Mesh Network Topologies

Bus Topology

Star Topology

Client Server

Ring Topology

Server Client

Star Bus Network Centralized Hub Bus Trunk

Server Client

Mesh Topology

Server Client

Network Operating Systems

• • •

Novell NetWare

–

NetWare clients Microsoft Windows NT and Windows 2000

–

Windows NT 4.0/2000 Server clients UNIX

–

UNIX clients

Summary



Define "networking," and explain this concept's importance in today's data communications marketplace



Relate internetworks to the concept of the corporate enterprise network



Identify and describe the function of servers, workstations and hosts

Summary (cont'd)



Identify network architectures, and provide at least two defining characteristics of each



Describe the basic network topology characteristics



Identify the major operating systems and their respective clients

Lesson 3: Networking Protocols

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Discuss the OSI/RM and its layers Explain packets and describe packet creation Differentiate between protocols at the network, transport and application layers of the OSI/RM Identify key internetworking protocols and explain the need for multiprotocol networks

Objectives (cont'd)

• • • •

Compare, contrast and discuss the functions of network protocols Bind protocols to a NIC Identify the directory services for Windows NT, Windows 2000, UNIX and NetWare Explain the functions of X.500 and LDAP

• • • • • • •

Application Presentation Session Transport Network Data link Physical OSI/RM

OSI Model Layers

Packets

•

Consists of three elements

–

A header

– –

The actual data A trailer

Packet Structure

Application, Transport and Network Protocols

• • • • •

SMTP BOOTP FTP HTTP AFP Application-Layer Protocols

• • • • •

SNMP SMB X.500

NCP NFS

• • • • •

TCP SPX NWLink ATP NetBEUI Transport-Layer Protocols

• • • •

IP IPX NWLink DDP Network Protocols

• • •

NetBEUI X.25

Ethernet

Major Networking Protocols

• • • • • •

TCP/IP IPX/SPX NetBEUI AppleTalk DLC SNA

Stateful vs. Stateless

• •

Stateful

–

Connection-oriented Stateless

–

Connectionless

Choosing and Combining Protocols

• •

Combining protocols

–

Multiple protocols can increase maintenance and troubleshooting time for a network Binding protocols

–

Binding order determines which protocol the system will use to send information first

Directory Services

• • • • •

Windows NT/2000 UNIX Network Information Services Novell NDS X.500

LDAP

Summary



Discuss the OSI/RM and its layers



Explain packets and describe packet creation



Differentiate between protocols at the network, transport and application layers of the OSI/RM



Identify key internetworking protocols and explain the need for multiprotocol networks

Summary (cont'd)



Compare, contrast and discuss the functions of network protocols



Bind protocols to a NIC



Identify the directory services for Windows NT, Windows 2000, UNIX and NetWare



Explain the functions of X.500 and LDAP

Lesson 3: Network Devices

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Describe the basic attributes, purposes and functions of LANs and WANs Identify and describe the function of NAPs Compare and contrast backbones and segments Identify network devices such as NICs, repeaters, hubs, bridges, routers, brouters, switches, gateways, CSUs/DSUs and patch panels

Objectives (cont'd)

• • • •

Recognize and describe common peripheral ports Identify the differences among common cable and wireless types used in networking Describe the advantages and disadvantages of coaxial, Category 3, Category 5, fiber optic, UTP and STP cable Identify environmental factors that can affect network performance

Local Area Networks

Novell Server IPX/SPX Legacy Host SNA NT Server TCP/IP Router Hub Node

Wide Area Networks

Network Access Points New York

Atlanta Backbone

Chicago

Boston Phoenix Backbone

San Francisco

Seattle

Common Network Componentry

• • • • •

NICs Repeaters Hubs Bridges Routers

• • • • •

Brouters Switches Gateways CSUs/DSUs Patch panels

Networking Devices

Hub Switch Hub NIC card NIC card NIC card NIC card

Repeater

Repeater

Network Segment 1

Bridge

Bridge Network Segment 2

Router

Router

Network 1 Network 2

Gateway

Network running TCP/IP Gateway (Protocol Converter) Network running IPX/SPX

CSU/DSU

Telecom Network CSU/DSU Router Network

Patch Panel

Router Wall Jack CSU/DSU Internet or other WAN Patch Panel Wall Jack Patch Cord Hub Company President Accounting 1 Accounting 2

Common Peripheral Ports

• • • • • •

Serial ports Universal Serial Bus (USB) FireWire Parallel ports PS/2 connectors Small Computer System Interface (SCSI)

Transmission Media

• • • •

Twisted pair cable

–

RJ-45 connectors Coaxial cable

– – –

Thicknet Thinnet BNC connector Fiber optic cable Wireless media

Environmental Factors

• • •

Room conditions Placement of building contents and personal possessions Computer equipment

Summary



Describe the basic attributes, purposes and functions of LANs and WANs



Identify and describe the function of NAPs



Compare and contrast backbones and segments



Identify network devices such as NICs, repeaters, hubs, bridges, routers, brouters, switches, gateways, CSUs/DSUs and patch panels

Summary (cont'd)



Recognize and describe common peripheral ports



Identify the differences among common cable and wireless types used in networking



Describe the advantages and disadvantages of coaxial, Category 3, Category 5, fiber optic, UTP and STP cable



Identify environmental factors that can affect network performance

Lesson 5: Connecting Your Network

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Define basic data transmission concepts Identify the IEEE 802 LAN standards Describe the access methods, wiring standards, and devices used with the IEEE 802 LAN technologies Define the length and speed of various types of networking media Describe when coaxial, Category 3 and 5, fiber optic, UTP and STP are appropriate

Objectives (cont'd)

• • • • •

Identify the characteristics of MAC addresses Describe the access methods, transmission media, and devices used with Apple LocalTalk and FDDI Demonstrate knowledge of how a NIC is configured Identify WAN protocols Define the T1 and T3 standards

Transmission Types

• • • • •

Asynchronous Synchronous Data transmission flow Baseband and broadband Logical and physical topologies

IEEE LAN Standards

• • • • • •

IEEE 802.2

Ethernet/IEEE 802.3

IEEE 802.3u

—fast ethernet IEEE 802.3z and 802.3ab

—gigabit ethernet IEEE 802.5

—token ring IEEE 802.12

—VG-AnyLAN

LAN Standards and the OSI/RM OSI/RM Layer

Data Link Layer Physical Layer Ethernet 802.3

802.3u

802.3z

802.3ab

LAN Standards

802.5

802.2

802.12

FDDI

LLC and MAC Sublayers Defined in IEEE 802.2

Data Link Layer Physical Layer Logical Link Control (LLC) Media Access Control (MAC)

MAC Address Components

00 – 80 – 5F – EA – C6 – 10

Vendor Code Interface Serial Number

Token Ring Network with MAU

Server Multistation Access Unit Client

Additional LAN Standards

• •

Apple LocalTalk Fiber Distributed Data Interface

FDDI Standard

Server Data Flow Data Flow Client

Configuring Your Network Interface Card

• •

Identifying the manufacturer and product name Determining the physical address

Interrupt Requests (IRQ), I/O Address, and DMA

• • • • •

IRQ lines I/O address Transceiver Direct Memory Access EPROM, EEPROM and flash memory

WAN Methods

• •

X.25

Fast packet switching

–

Frame relay

–

Asynchronous transfer mode

Frame-Relay Packet Switching

PVCs Corporation Ports

• • •

T1 T2 T3 T-Carrier Services

Summary



Define basic data transmission concepts



Identify the IEEE 802 LAN standards



Describe the access methods, wiring standards, and devices used with the IEEE 802 LAN technologies



Define the length and speed of various types of networking media



Describe when coaxial, Category 3 and 5, fiber optic, UTP and STP are appropriate

Summary (cont'd)



Identify the characteristics of MAC addresses



Describe the access methods, transmission media, and devices used with Apple LocalTalk and FDDI



Demonstrate knowledge of how a NIC is configured



Identify WAN protocols



Define the T1 and T3 standards

Lesson 6: TCP/IP Architecture

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • • •

Explain TCP/IP's importance in a heterogeneous environment Define and describe the Internet architecture model Identify the nature, purpose and operation essentials of TCP/IP Describe various TCP/IP protocols Describe port numbers and their functions Find and download RFC documents

The Internet Architecture Application Layer Transport Layer Internet Layer Network Access Layer

Requests for Comments

• • •

Protocol states Internet Standards Reference RFCs

• • • • • • • • •

HTTP FTP Telnet NNTP Gopher SMTP SNMP DNS RARP Internet Protocols

• • • • • • • • •

BOOTP DHCP TCP UDP ICMP ARP IP IGMP Media

IGMP De-multiplexing Telnet FTP TFTP SNMP TCP UDP ICMP IP RARP ARP ETHERNET

Port Numbers Port Number Range

1 to 1023 1024 to 65535

Description

Well-known (reserved) port numbers Registered port numbers

Summary

   

Explain TCP/IP's importance in a heterogeneous environment



Define and describe the Internet architecture model



Identify the nature, purpose and operation essentials of TCP/IP Describe various TCP/IP protocols Describe port numbers and their functions Find and download RFC documents

Lesson 7: Internet Addressing

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Explain IP addressing and the concept of uniqueness Define IP address classes used on the Internet Determine reserved IP addressing Explain the use of private addresses in intranet design Determine the IP address class and whether the address is valid

Objectives (cont'd)

• • • •

Determine default subnet masks and use the ANDing process Calculate custom subnet masks and CIDR notation using supernetting techniques Describe the function of proxy servers and the Internet Protocol version 6 Identify the normal configuration parameters for a workstation

Internet Addressing

• •

Internet addresses are divided into the following parts:

– –

Network Host Four fields separated by periods are a common notation for specifying addresses:

–

field1.field2.field3.field4

IP Address Fields

• •

Contain 8 bits per field Range from 0 to 255 decimal

field1 .

field2.field3.field4

1 = On 0 = Off 1 1 1 1 1 1 1 1 = 8 128 64 32 16 8 4 2 1 = 255

• • • • •

Class A Class B Class C Class D Class E Internet Address Classes

IP Addressing Rules

• • • •

Loopback address Broadcast addresses Network and special-case source addresses Reserved IP addressing

Subnetworks

• • •

Subnet masks ANDing Custom subnet masks

IP Address Conservation

• • •

Proxy servers CIDR Internet Protocol version 6

Normal TCP/IP Configuration Parameters

• •

Basic configurations Name resolution configurations

Summary



Explain IP addressing and the concept of uniqueness



Define IP address classes used on the Internet



Determine reserved IP addressing



Explain the use of private addresses in intranet design



Determine the IP address class and whether the address is valid

Summary (cont'd)



Determine default subnet masks and use the ANDing process



Calculate custom subnet masks and CIDR notation using supernetting techniques



Describe the function of proxy servers and the Internet Protocol version 6



Identify the normal configuration parameters for a workstation

Lesson 8: Routing

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Explain the difference between direct and indirect routing, and determine whether a route is direct or indirect Describe the routing process and explain the function of routing information tables Compare static routing with dynamic routing, and manually configure a static routing table Explain the difference between interior and exterior routing protocols

Objectives (cont'd)

• • • • •

Compare and contrast RIP with OSPF Compare and contrast IPX, NLSP, SAP and OSPF Identify the EGP and the BGPv4 Describe distance-vector, link-state, and path vector protocols Describe CIDR

Introduction to Routing

• •

Direct routing Indirect routing

–

The tracert command

Routing Process

•

Routing information tables are databases maintained by a router

Static vs. Dynamic Routing

• •

The route The ping command command

Routing and Packets

•

Routing does not change the original packet

–

Source and destination addresses (such as IP and IPX addresses) stay the same

Routing Protocols

• •

Interior routing protocols are used within an organization's network

–

Examples include RIP and OSPF Exterior routing protocols are used outside an organization's network

–

Examples include EGP and BGP

Routing Information Protocol

• • •

How RIP works Disadvantages of RIP SAP and RIP

Open Shortest Path First

• • •

Allows rapid convergence and reduces network traffic Eliminates the count-to-infinity problem Supports variable length subnetting

Exterior Gateway Protocol

•

A path-vector protocol (spans multiple autonomous systems)

–

Provides routing table information between the Internet's backbone routers, and between the backbone routers and the domain router(s) chosen by an organization to act as exterior gateways

Border Gateway Protocol

•

BGPv4

–

Supports the routing table aggregation procedures demanded by CIDR

Summary



Explain the difference between direct and indirect routing, and determine whether a route is direct or indirect



Describe the routing process and explain the function of routing information tables



Compare static routing with dynamic routing, and manually configure a static routing table



Explain the difference between interior and exterior routing protocols

Summary (cont'd)



Compare and contrast RIP with OSPF



Compare and contrast IPX, NLSP, SAP and OSPF



Identify the EGP and the BGPv4



Describe distance-vector, link-state, and path vector protocols



Describe CIDR

Lesson 9: TCP/IP Utilities

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Describe the protocol and services files, and explain their usefulness to the network Describe ICMP concepts and message types Identify the functions of commands that can assist general network troubleshooting Identify the functions of commands that can assist name and address troubleshooting

Useful Network Files

• •

The services file The protocol file

Internet Control Message Protocol

• •

Source-quench error messages Echo-request and echo-reply query messages

• • • • •

ping tracert netstat ftp telnet General Network Commands

Name and Address Commands

• • • • • •

ipconfig winipcfg arp nslookup hostname nbtstat

Resolving IP Addresses to Ethernet Addresses IP address (32-bit) Ethernet address (48-bit)

Summary



Describe the protocol and services files, and explain their usefulness to the network



Describe ICMP concepts and message types



Identify the functions of commands that can assist general network troubleshooting



Identify the functions of commands that can assist name and address troubleshooting

Lesson 10: Internetworking Servers

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • •

List the essential functions of internetworking servers Identify and describe the functions and features of file and print, HTTP, proxy, mail, mailing list, media, DNS, FTP, news, certificate, directory, catalog and transaction servers Describe how each Internetworking server type uses different TCP/IP protocols

Objectives (cont'd)

• • • • •

Describe the term daemon and identify the function of the Internet-related daemons named, inetd and telnetd Define server selection criteria Identify specific business needs and choose the server that meets those needs Describe benefits and drawbacks of specific servers Differentiate between server suites

Internetworking Servers

• • • • • • •

File and print HTTP Proxy Mail Mailing list Media DNS

• • • • • •

FTP News Certificate Directory Catalog Transaction

The Internet Daemon:

inetd

• • •

smtp: the SMTP daemon tftd: the Trivial File Transport daemon telnetd: the Telnet daemon

Choosing the Ideal Server

•

Typical Internet server functions include:

–

Generating company recognition

– – – – –

Processing orders Processing payments Providing service and support Creating long-distance communities Ensuring security

Determining Company Needs and Abilities

• • •

Internet versus intranet solutions Which server type does the company need?

Proprietary elements

Product Advantages and Disadvantages

• • • •

Product support Product testing Simplicity of use Scalability

Popular Server Products

• • • • •

Apache Web server Microsoft Internet Information Server Lotus Domino series Netscape servers Novell Web Server

Summary



List the essential functions of internetworking servers



Identify and describe the functions and features of file and print, HTTP, proxy, mail, mailing list, media, DNS, FTP, news, certificate, directory, catalog and transaction servers



Describe how each Internetworking server type uses different TCP/IP protocols

Summary (cont'd)



Describe the term daemon and identify the function of the Internet-related daemons named, inetd and telnetd

 

Define server selection criteria Identify specific business needs and choose the server that meets those needs



Describe benefits and drawbacks of specific servers



Differentiate between server suites

Lesson 11: Name Resolution

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • • • •

Identify the purpose of name resolution Define and configure hosts files Explain DNS and its evolution Define the DNS architecture Identify DNS records and list record types Install a DNS server and client Explain the function of WINS and the purpose of the lmhosts file

Hosts File

•

A simple text file that is referenced locally by applications and commands for name-to-address resolution

Domain Name System

• •

DNS hierarchy

–

Root-level domain

– –

Top-level domain Second-level domain DNS components

–

Name server

–

Name resolver

DNS Server Types

• • • •

Root server Master server Primary server Secondary server

• • •

Caching and caching only server Forwarding server Slave server

DNS Records

•

Common DNS records include:

–

Internet (IN)

– – –

Name Server (NS) Start of Authority (SOA) Address (A)

– – –

Canonical Name (CNAME) Mail Exchanger (MX) Pointer (PTR)

Berkeley Internet Name Domain

• •

The most common implementation of DNS A public domain software that can be implemented on most versions of UNIX

Windows Internet Naming Service

• •

The lmhosts file WINS and DNS

Summary



Identify the purpose of name resolution



Define and configure hosts files



Explain DNS and its evolution



Define the DNS architecture

 

Identify DNS records and list record types Install a DNS server and client



Explain the function of WINS and the purpose of the lmhosts file

Lesson 12: Address and Parameter Allocation for TCP/IP Hosts

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Define the function and roles of the BOOTP server and client Define the function and roles of the DHCP server and client Compare and contrast RARP, BOOTP and DHCP Explain the difference between dynamic and manual address allocation Install and configure a DHCP server and client

BOOTstrap Protocol

•

A client/server program that can return information such as IP addresses, subnet masks, default gateway addresses, and name server addresses

Dynamic Host Configuration Protocol

• •

Offers finite address leases, allowing network addresses to be reused Offers additional configuration options

DHCP Initialization Process

Discover Offer Request Acknowledgment

DHCP client DHCP server

DHCP Implementation

•

Two common types of DHCP address allocation:

–

Dynamic allocation

–

Manual allocation (client reservation)

Summary



Define the function and roles of the BOOTP server and client



Define the function and roles of the DHCP server and client



Compare and contrast RARP, BOOTP and DHCP



Explain the difference between dynamic and manual address allocation



Install and configure a DHCP server and client

Lesson 13: Remote Connectivity

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • • •

Describe two remote connectivity solutions: remote access servers and VPNs Identify the two remote connectivity types Describe remote access protocols Compare analog dial-up connections with ISDN connections Determine modem configuration parameters Install and configure the RAS server

Types of Remote Connectivity

• •

Remote control Remote node

Remote Access Servers

•

Remote access server solutions include:

–

Remote access server software

– – –

Two or more modems Phone line or ISDN line Remote computer

Typical Remote Connectivity Solution

Remote computer Modem Modem Hub Remote Access Server Network Server Network Server

• •

PPP SLIP Dial-up Protocols

Common Methods for Accessing an RAS

• •

Plain Old Telephone Service (POTS) ISDN

–

Basic Rate Interface (BRI)

–

Primary Rate Interface (PRI)

Remote Access Server Software

• • • • • • • •

Microsoft RAS and dial-up networking Modem configurations Installing the service Port usage Protocols Installing dial-up networking Logging on using dial-up networking Troubleshooting RAS sessions

Virtual Private Networks

• •

PPTP Accessing a VPN

Summary



Describe two remote connectivity solutions: remote access servers and VPNs

  

Identify the two remote connectivity types Describe remote access protocols Compare analog dial-up connections with ISDN connections

 

Determine modem configuration parameters Install and configure the RAS server

Lesson 14: User Management

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Define authentication Explain the share and user-level access security models Identify the purpose and function of logon accounts, groups and passwords Create a network password policy using standard practices and procedures

Objectives (cont'd)

• • • •

Discuss permissions issues Describe the relation between permissions and user profiles Use administrative utilities for specific networks and operating systems Identify the permissions needed to add, delete or modify user accounts

Authentication

•

You can prove your identity by:

–

What you know

– –

What you have Who you are

Security Models and Authentication Peer-level Access

text

User-level Access

Peer-level Access

• •

Advantages

–

Less expensive and easier to implement than networks that enforce user-level access Drawbacks

–

Less secure

–

Less control over file and resource management

–

Not as scalable

Peer-to-Peer Network Security Model Athena Aphrodite Hermes Printer Apollo Ares

User-level Access

•

Advantages

–

Increased security

– – –

Support for a larger number of users Increased control over access to resources Ability to monitor access to resources through system logs

–

Ability to grow in response to an organization's needs

User-based Network Athena Aphrodite Hermes Printer A Apollo Ares User Accounts Database Printer B

Creating User Accounts

• • • •

Logon accounts User name Password Group associations

James Stanger Patrick Lane Jill McKenna Creating User Names stangerj lanep mckennaj User Accounts Database

Placing Global Group into Local Group Local group

Global group

Serv er Laser prin ter

Permissions

•

Can be either local or share-based

–

Local permissions grant or deny access to users who are logged on locally

–

Share-level permissions apply only across a network

User Accounts Database and User Permissions Print Print Write Read Write Print Us e r Accounts Databas e Server Print Server Printer

• • • •

Read Write Execute Print Universal Permissions

Windows 2000, UNIX and Novell Permissions

• • •

Windows 2000 access permissions UNIX permissions Novell rights

Additional Logon Account Terms

• • •

Logon scripts Home directories Local and roaming profiles

Standard Password Practices

• • •

Qualities of a strong password Implementing a password policy Password file placement

Network Security Policies

• • • • • • •

Password aging Password length Password history Account lockout Share creation User creation Local logging

Standard Operating Procedures

• •

All written policies on which IT and management agree Usually apply to IT employees rather than to users

Summary



Define authentication



Explain the share and user-level access security models



Identify the purpose and function of login accounts, groups and passwords



Create a network password policy using standard practices and procedures

Summary (cont'd)



Discuss permissions issues



Describe the relation between permissions and user profiles



Use administrative utilities for specific networks and operating systems



Identify the permissions needed to add, delete or modify user accounts

Lesson 15: Network Printing

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Describe the components used in network printing, including print servers and print queues Discuss the flow of a print job from client to network printer Set up and use a network printer Configure a network printer

Overview of Network Printing

•

Network printing requires the following components

–

Print servers

–

Print queues

Network Printing

•

Windows 2000 introduces specific terminology for network printing, including:

–

Printer

–

Print server

–

Print device

Flow of a Print Task

Workstation Workstation Laptop Ethernet Printer Server Network Printer

Configuring a Network Printer

• • • •

Client configuration Using forms Separator pages Printing pools

Printing Pool Model

Printer Printer Server Computer

Printer Administration

• •

Document control Printer control

Summary



Describe the components used in network printing, including print servers and print queues



Discuss the flow of a print job from client to network printer



Set up and use a network printer



Configure a network printer

Lesson 16: Data Protection

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Identify ways to establish a baseline of your system's status Explain RAID levels and their significance for fault tolerance Discuss data protection devices Describe standard backup measures Prepare for disaster recovery on a Windows 2000 system by creating a boot disk and an emergency repair disk

Establishing a Baseline

•

Documenting your system's current status should include:

–

Physical drives and their configurations

–

Partitions or logical drives and their configurations

–

Volumes or volume sets and their configurations

Fault Tolerance

•

Two primary types of drive fault tolerance

–

RAID

–

Tape backup

Disk Striping

Disk 1 Disk 2 File 1 File 2 File 3 Disk 3

Disk Mirroring

Disk 1 File 1 File 2 File 3 Disk 2

Disk Striping with Large Blocks

Disk 1 Disk 2 File 1 File 2 File 3 Parity Disk 3

Disk Striping with Parity

Disk 1 Disk 2 File 1 File 2 File 3 Parity Disk 3

Other Types of Data Protection

• • •

Uninterruptible Power Supply Folder replication Removable media

Planning a Backup Strategy

• • • •

Determine which files to back up Choose local or network backup types Select a backup method Plan and practice restore procedures

Disaster Recovery

• • •

Windows 2000 boot disk Emergency Repair Disk Last Known Good Configuration option

Summary



Identify ways to establish a baseline of your system's status



Explain RAID levels and their significance for fault tolerance



Discuss data protection devices



Describe standard backup measures



Prepare for disaster recovery on a Windows 2000 system by creating a boot disk and an emergency repair disk

Lesson 17: Network Security Essentials

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Explain the need for network security and identify resources that need security List the two major categories of security threats Discuss two types of hackers and determine attack types Describe a computer virus and explain how to protect your computer from virus attacks

Objectives (cont'd)

• • •

List key security standards Explain the purpose of security organizations Explain the audit process

Defining Security

•

A means to reduce, to the greatest extent possible, the vulnerability of data and resources

Defining Assets

• • • •

Local resources Network resources Server resources Database and information resources

Security Threats

• •

Accidental threats Intentional threats

–

Hackers

• •

Casual attackers Determined attackers

Types of Attacks

• • • •

Spoofing (masquerade) attacks Man-in-the-middle (hijacking) attacks Denial-of-service attacks Insider attacks

• • • • • •

Front-door-attacks Brute-force attacks Trapdoor attacks Replay attacks Trojan horse attacks Social engineering attacks

• • • • •

Macros Executables Boot sector Stealth Polymorphic Viruses

The Robert Morris Internet Worm

•

An example of several attack methods, including:

–

Bug-based attack

–

Denial-of-service attack

The Hacker Process

• • •

Stage 1: Discovery Stage 2: Penetration Stage 3: Control

Defeating Attacks

•

OSI/RM security services include:

–

Authentication

– – – –

Access control Data confidentiality Data integrity Nonrepudiation

Security Standards

• – – – – –

Trusted Computer System Evaluation Criteria security levels

– –

D C1 C2 B1 B2 B3 A1

Key Security Organizations

• • •

CERT CSRC at the NIST CIAC at the DOE

Auditing Phases

• • •

Status quo analysis Risk analysis Threat analysis

Securing a Server

• • • • • • • •

Change your system defaults Determine user and group permissions Train users to use certificates, encryption and passwords Begin automated logging Establish a baseline of activity Combine OS and Internet server policies Change the system topology Establish a written policy

Summary



Explain the need for network security and identify resources that need security



List the two major categories of security threats



Discuss two types of hackers and determine attack types



Describe a computer virus and explain how to protect your computer from virus attacks

Summary (cont'd)



List key security standards



Explain the purpose of security organizations



Explain the audit process

Lesson 18: Enterprise Network Security— Encryption and Firewalls

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • •

Describe the three major types of encryption Describe enterprise-level security protocols List and discuss the four major types of firewalls

The Internet: An Open Network

•

Networking is a cumulative practice: One technology builds on another

Encryption

• • •

Symmetric-key encryption Asymmetric-key encryption One-way encryption (hash encryption)

Symmetric-Key Encryption

Public-Key Encryption

Network-level Protocols and Encryption

• • • •

VPNs Kerberos Password generators and OTPs SSL

Creating an SSL Session: The Server-Side View

•

Certificate types:

–

Certificate Authority (CA)

– – –

Server Personal Software publisher

Firewalls

• • • • • • •

Filter packets Serve as a circuit-level or application-level gateway Detect intrusions Provide enhanced password authentication Log and report Take evasive action Permit encrypted access (with a VPN)

Packet Filters

•

Devices that inspect each packet for predefined content

Proxy Servers

• •

Circuit-level gateways Application-level gateways

Network Address Translation

• • •

Masquerading NAT considerations NAT and vendor terminology

Firewall Topology

•

Four common firewall implementations

–

Packet filter

– – –

Single-homed bastion host Dual-homed bastion host Screened subnet

Summary



Describe the three major types of encryption



Describe enterprise-level security protocols



List and discuss the four major types of firewalls

Lesson 19: Maintaining Your Network

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Explain the importance of version control Describe the strategies for version control Identify the appropriate times for verifying functionality when moving or changing equipment Determine how and when to apply patches and fixes to your system Plan the key areas of support for your network

Version Control

• • • •

Upgrading programs Upgrading operating systems Removing outdated files Resolving file conflicts and replacing overwritten files

Moving or Changing Equipment

•

Verifying functionality

–

Servers

–

Network equipment

Patches and Fixes

• • •

Microsoft service packs Novell support packs Red Hat Linux errata

Supporting Your Network

•

User support

–

In-person assistance

– – –

User education Technical service Prioritization

Summary



Explain the importance of version control



Describe the strategies for version control



Identify the appropriate times for verifying functionality when moving or changing equipment



Determine how and when to apply patches and fixes to your system



Plan the key areas of support for your network

Lesson 20: Troubleshooting the Network and Diagnostic Tools

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Analyze the scope of network problems Formulate troubleshooting methods Analyze common troubleshooting indicators Explain common troubleshooting tools and their uses

Analyzing the Scope of the Problem

• • •

How many machines or network segments are affected?

How frequently does the problem occur?

Can the problem be duplicated?

Applying Troubleshooting Methods

•

DETECT

–

D: Discover the problem

– –

E: T: Evaluate the scope of the problem Track possible approaches to solving the problem

– – –

E: C: T: Execute an approach Check for problem resolution Transfer knowledge

Troubleshooting Name Resolution

• •

Domain Name System Windows Internet Naming Service

Using Troubleshooting Indicators

• • • • •

Indicator lights Error logs and messages Event Viewer Task Manager Performance monitor

Using Troubleshooting Tools

• • • • •

Crossover cables Hardware loopback devices Tone generators and tone locators Vendor resources Protocol analyzers

Summary



Analyze the scope of network problems



Formulate troubleshooting methods



Analyze common troubleshooting indicators



Explain common troubleshooting tools and their uses

Network+



Overview of the Internet



Introduction to Networking



Networking Protocols



Network Devices

 

Connecting Your Network TCP/IP Architecture



Internet Addressing



Routing

Network+ (cont'd)



TCP/IP Utilities



Internetworking Servers



Name Resolution



Address and Parameter Allocation for TCP/IP Hosts



Remote Connectivity



User Management

Network+ (cont'd)



Network Printing



Data Protection



Network Security Essentials



Enterprise Network Security — Encryption and Firewalls



Maintaining Your Network



Troubleshooting the Network and Diagnostic Tools