Transcript Document

Network+

© 2001 ComputerPREP, Inc. All rights reserved.

Lesson 1: Overview of the Internet

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • • • • • •

Trace the evolution of the Internet Define TCP/IP and explain how it is used Describe the client/server model Describe push and pull technology List criteria for selecting an ISP Identify and describe Internet protocols Explain domain names and virtual domains Discuss the ICANN and the InterNIC Outline the current structure of the Internet

Evolution of the Internet

• • • • •

Advanced Research Projects Agency Advanced Research Projects Agency Network National Science Foundation The World Wide Web Hypertext Markup Language

How the Internet Works

• • •

TCP/IP

Routers

Packets IP addresses

IPv6 Internet Service Providers

Client/Server Model on the Internet

• • • • •

Client Server Network Bandwidth Pull and push technology

Channel Definition Format

Connecting to the Internet

• •

Popular ISPs Connection types

Dial-up

• •

SLIP PPP

Direct

LAN

• •

Cable DSL

• • • • • •

HTTP FTP E-mail

POP

SMTP

IMAP Telnet Newsgroups

NNTP Gopher Internet Protocols

Domain Name System

• • • •

Learning to read domains Domain name syntax FQDN Top-level domains

Typical Domain Name

The Business of Domain Names

• • • • •

ICANN Original domain name registration

.com

– –

.net

.org

InterNIC International domain name registration Virtual domain

Uniform Resource Locators

• • • •

Web page URL FTP URL Gopher URL E-mail and newsgroup URLs

Intranets and Extranets

• •

Intranets

Internal, or in-house, Web sites used by employees within a company Extranets

Web sites provided specifically for existing customers of a company

Summary

        

Trace the evolution of the Internet Define TCP/IP and explain how it is used Describe the client/server model Describe push and pull technology List criteria for selecting an ISP Identify and describe Internet protocols Explain domain names and virtual domains Discuss the ICANN and the InterNIC Outline the current structure of the Internet

Lesson 2: Introduction to Networking

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • •

Define "networking," and explain this concept's importance in today's data communications marketplace Relate internetworks to the concept of the corporate enterprise network Identify and describe the function of servers, workstations and hosts

Objectives (cont'd)

• • •

Identify network architectures, and provide at least two defining characteristics of each Describe the basic network topology characteristics Identify the major operating systems and their respective clients

Networking Evolution

• •

Client/server model versus large, centralized computer model Shift to Web-based, decentralized and more affordable networking

Mainframes

Mainframe (or centralized) computing provided the first practical networking solution

Centralized model used central servers (or mainframes) and remote terminals

Mainframe Model

Mainframe Terminal Terminal Terminal Terminal

Client/Server Model

Client Server

Client/Server Advantages

• • • •

Provides shared task processing Provides modular approach to computing Provides scalability Allows for greater user control over files

Web-based Networking

Advantages

Combines the power of mainframe computing with the scalability of the client/server model

Allows users to obtain information without specialized software

Networking Categories

• • •

Peer-to-peer networks Server-based networks Enterprise networks

Peer-to-Peer Network

Workstation Workstation Workstation Workstation

Server-based Network

Client Client Client Server

• • • • •

Bus Star Ring Hybrid Mesh Network Topologies

Bus Topology

Star Topology

Client Server

Ring Topology

Server Client

Star Bus Network Centralized Hub Bus Trunk

Server Client

Mesh Topology

Server Client

Network Operating Systems

• • •

Novell NetWare

NetWare clients Microsoft Windows NT and Windows 2000

Windows NT 4.0/2000 Server clients UNIX

UNIX clients

Summary

Define "networking," and explain this concept's importance in today's data communications marketplace

Relate internetworks to the concept of the corporate enterprise network

Identify and describe the function of servers, workstations and hosts

Summary (cont'd)

Identify network architectures, and provide at least two defining characteristics of each

Describe the basic network topology characteristics

Identify the major operating systems and their respective clients

Lesson 3: Networking Protocols

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Discuss the OSI/RM and its layers Explain packets and describe packet creation Differentiate between protocols at the network, transport and application layers of the OSI/RM Identify key internetworking protocols and explain the need for multiprotocol networks

Objectives (cont'd)

• • • •

Compare, contrast and discuss the functions of network protocols Bind protocols to a NIC Identify the directory services for Windows NT, Windows 2000, UNIX and NetWare Explain the functions of X.500 and LDAP

• • • • • • •

Application Presentation Session Transport Network Data link Physical OSI/RM

OSI Model Layers

Packets

Consists of three elements

A header

– –

The actual data A trailer

Packet Structure

Application, Transport and Network Protocols

• • • • •

SMTP BOOTP FTP HTTP AFP Application-Layer Protocols

• • • • •

SNMP SMB X.500

NCP NFS

• • • • •

TCP SPX NWLink ATP NetBEUI Transport-Layer Protocols

• • • •

IP IPX NWLink DDP Network Protocols

• • •

NetBEUI X.25

Ethernet

Major Networking Protocols

• • • • • •

TCP/IP IPX/SPX NetBEUI AppleTalk DLC SNA

Stateful vs. Stateless

• •

Stateful

Connection-oriented Stateless

Connectionless

Choosing and Combining Protocols

• •

Combining protocols

Multiple protocols can increase maintenance and troubleshooting time for a network Binding protocols

Binding order determines which protocol the system will use to send information first

Directory Services

• • • • •

Windows NT/2000 UNIX Network Information Services Novell NDS X.500

LDAP

Summary

Discuss the OSI/RM and its layers

Explain packets and describe packet creation

Differentiate between protocols at the network, transport and application layers of the OSI/RM

Identify key internetworking protocols and explain the need for multiprotocol networks

Summary (cont'd)

Compare, contrast and discuss the functions of network protocols

Bind protocols to a NIC

Identify the directory services for Windows NT, Windows 2000, UNIX and NetWare

Explain the functions of X.500 and LDAP

Lesson 3: Network Devices

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Describe the basic attributes, purposes and functions of LANs and WANs Identify and describe the function of NAPs Compare and contrast backbones and segments Identify network devices such as NICs, repeaters, hubs, bridges, routers, brouters, switches, gateways, CSUs/DSUs and patch panels

Objectives (cont'd)

• • • •

Recognize and describe common peripheral ports Identify the differences among common cable and wireless types used in networking Describe the advantages and disadvantages of coaxial, Category 3, Category 5, fiber optic, UTP and STP cable Identify environmental factors that can affect network performance

Local Area Networks

Novell Server IPX/SPX Legacy Host SNA NT Server TCP/IP Router Hub Node

Wide Area Networks

Network Access Points New York

Atlanta Backbone

Chicago

Boston Phoenix Backbone

San Francisco

Seattle

Common Network Componentry

• • • • •

NICs Repeaters Hubs Bridges Routers

• • • • •

Brouters Switches Gateways CSUs/DSUs Patch panels

Networking Devices

Hub Switch Hub NIC card NIC card NIC card NIC card

Repeater

Repeater

Network Segment 1

Bridge

Bridge Network Segment 2

Router

Router

Network 1 Network 2

Gateway

Network running TCP/IP Gateway (Protocol Converter) Network running IPX/SPX

CSU/DSU

Telecom Network CSU/DSU Router Network

Patch Panel

Router Wall Jack CSU/DSU Internet or other WAN Patch Panel Wall Jack Patch Cord Hub Company President Accounting 1 Accounting 2

Common Peripheral Ports

• • • • • •

Serial ports Universal Serial Bus (USB) FireWire Parallel ports PS/2 connectors Small Computer System Interface (SCSI)

Transmission Media

• • • •

Twisted pair cable

RJ-45 connectors Coaxial cable

– – –

Thicknet Thinnet BNC connector Fiber optic cable Wireless media

Environmental Factors

• • •

Room conditions Placement of building contents and personal possessions Computer equipment

Summary

Describe the basic attributes, purposes and functions of LANs and WANs

Identify and describe the function of NAPs

Compare and contrast backbones and segments

Identify network devices such as NICs, repeaters, hubs, bridges, routers, brouters, switches, gateways, CSUs/DSUs and patch panels

Summary (cont'd)

Recognize and describe common peripheral ports

Identify the differences among common cable and wireless types used in networking

Describe the advantages and disadvantages of coaxial, Category 3, Category 5, fiber optic, UTP and STP cable

Identify environmental factors that can affect network performance

Lesson 5: Connecting Your Network

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Define basic data transmission concepts Identify the IEEE 802 LAN standards Describe the access methods, wiring standards, and devices used with the IEEE 802 LAN technologies Define the length and speed of various types of networking media Describe when coaxial, Category 3 and 5, fiber optic, UTP and STP are appropriate

Objectives (cont'd)

• • • • •

Identify the characteristics of MAC addresses Describe the access methods, transmission media, and devices used with Apple LocalTalk and FDDI Demonstrate knowledge of how a NIC is configured Identify WAN protocols Define the T1 and T3 standards

Transmission Types

• • • • •

Asynchronous Synchronous Data transmission flow Baseband and broadband Logical and physical topologies

IEEE LAN Standards

• • • • • •

IEEE 802.2

Ethernet/IEEE 802.3

IEEE 802.3u

—fast ethernet IEEE 802.3z and 802.3ab

—gigabit ethernet IEEE 802.5

—token ring IEEE 802.12

—VG-AnyLAN

LAN Standards and the OSI/RM OSI/RM Layer

Data Link Layer Physical Layer Ethernet 802.3

802.3u

802.3z

802.3ab

LAN Standards

802.5

802.2

802.12

FDDI

LLC and MAC Sublayers Defined in IEEE 802.2

Data Link Layer Physical Layer Logical Link Control (LLC) Media Access Control (MAC)

MAC Address Components

00 – 80 – 5F – EA – C6 – 10

Vendor Code Interface Serial Number

Token Ring Network with MAU

Server Multistation Access Unit Client

Additional LAN Standards

• •

Apple LocalTalk Fiber Distributed Data Interface

FDDI Standard

Server Data Flow Data Flow Client

Configuring Your Network Interface Card

• •

Identifying the manufacturer and product name Determining the physical address

Interrupt Requests (IRQ), I/O Address, and DMA

• • • • •

IRQ lines I/O address Transceiver Direct Memory Access EPROM, EEPROM and flash memory

WAN Methods

• •

X.25

Fast packet switching

Frame relay

Asynchronous transfer mode

Frame-Relay Packet Switching

PVCs Corporation Ports

• • •

T1 T2 T3 T-Carrier Services

Summary

Define basic data transmission concepts

Identify the IEEE 802 LAN standards

Describe the access methods, wiring standards, and devices used with the IEEE 802 LAN technologies

Define the length and speed of various types of networking media

Describe when coaxial, Category 3 and 5, fiber optic, UTP and STP are appropriate

Summary (cont'd)

Identify the characteristics of MAC addresses

Describe the access methods, transmission media, and devices used with Apple LocalTalk and FDDI

Demonstrate knowledge of how a NIC is configured

Identify WAN protocols

Define the T1 and T3 standards

Lesson 6: TCP/IP Architecture

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • • •

Explain TCP/IP's importance in a heterogeneous environment Define and describe the Internet architecture model Identify the nature, purpose and operation essentials of TCP/IP Describe various TCP/IP protocols Describe port numbers and their functions Find and download RFC documents

The Internet Architecture Application Layer Transport Layer Internet Layer Network Access Layer

Requests for Comments

• • •

Protocol states Internet Standards Reference RFCs

• • • • • • • • •

HTTP FTP Telnet NNTP Gopher SMTP SNMP DNS RARP Internet Protocols

• • • • • • • • •

BOOTP DHCP TCP UDP ICMP ARP IP IGMP Media

IGMP De-multiplexing Telnet FTP TFTP SNMP TCP UDP ICMP IP RARP ARP ETHERNET

Port Numbers Port Number Range

1 to 1023 1024 to 65535

Description

Well-known (reserved) port numbers Registered port numbers

Summary

   

Explain TCP/IP's importance in a heterogeneous environment

Define and describe the Internet architecture model

Identify the nature, purpose and operation essentials of TCP/IP Describe various TCP/IP protocols Describe port numbers and their functions Find and download RFC documents

Lesson 7: Internet Addressing

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Explain IP addressing and the concept of uniqueness Define IP address classes used on the Internet Determine reserved IP addressing Explain the use of private addresses in intranet design Determine the IP address class and whether the address is valid

Objectives (cont'd)

• • • •

Determine default subnet masks and use the ANDing process Calculate custom subnet masks and CIDR notation using supernetting techniques Describe the function of proxy servers and the Internet Protocol version 6 Identify the normal configuration parameters for a workstation

Internet Addressing

• •

Internet addresses are divided into the following parts:

– –

Network Host Four fields separated by periods are a common notation for specifying addresses:

field1.field2.field3.field4

IP Address Fields

• •

Contain 8 bits per field Range from 0 to 255 decimal

field1 .

field2.field3.field4

1 = On 0 = Off 1 1 1 1 1 1 1 1 = 8 128 64 32 16 8 4 2 1 = 255

• • • • •

Class A Class B Class C Class D Class E Internet Address Classes

IP Addressing Rules

• • • •

Loopback address Broadcast addresses Network and special-case source addresses Reserved IP addressing

Subnetworks

• • •

Subnet masks ANDing Custom subnet masks

IP Address Conservation

• • •

Proxy servers CIDR Internet Protocol version 6

Normal TCP/IP Configuration Parameters

• •

Basic configurations Name resolution configurations

Summary

Explain IP addressing and the concept of uniqueness

Define IP address classes used on the Internet

Determine reserved IP addressing

Explain the use of private addresses in intranet design

Determine the IP address class and whether the address is valid

Summary (cont'd)

Determine default subnet masks and use the ANDing process

Calculate custom subnet masks and CIDR notation using supernetting techniques

Describe the function of proxy servers and the Internet Protocol version 6

Identify the normal configuration parameters for a workstation

Lesson 8: Routing

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Explain the difference between direct and indirect routing, and determine whether a route is direct or indirect Describe the routing process and explain the function of routing information tables Compare static routing with dynamic routing, and manually configure a static routing table Explain the difference between interior and exterior routing protocols

Objectives (cont'd)

• • • • •

Compare and contrast RIP with OSPF Compare and contrast IPX, NLSP, SAP and OSPF Identify the EGP and the BGPv4 Describe distance-vector, link-state, and path vector protocols Describe CIDR

Introduction to Routing

• •

Direct routing Indirect routing

The tracert command

Routing Process

Routing information tables are databases maintained by a router

Static vs. Dynamic Routing

• •

The route The ping command command

Routing and Packets

Routing does not change the original packet

Source and destination addresses (such as IP and IPX addresses) stay the same

Routing Protocols

• •

Interior routing protocols are used within an organization's network

Examples include RIP and OSPF Exterior routing protocols are used outside an organization's network

Examples include EGP and BGP

Routing Information Protocol

• • •

How RIP works Disadvantages of RIP SAP and RIP

Open Shortest Path First

• • •

Allows rapid convergence and reduces network traffic Eliminates the count-to-infinity problem Supports variable length subnetting

Exterior Gateway Protocol

A path-vector protocol (spans multiple autonomous systems)

Provides routing table information between the Internet's backbone routers, and between the backbone routers and the domain router(s) chosen by an organization to act as exterior gateways

Border Gateway Protocol

BGPv4

Supports the routing table aggregation procedures demanded by CIDR

Summary

Explain the difference between direct and indirect routing, and determine whether a route is direct or indirect

Describe the routing process and explain the function of routing information tables

Compare static routing with dynamic routing, and manually configure a static routing table

Explain the difference between interior and exterior routing protocols

Summary (cont'd)

Compare and contrast RIP with OSPF

Compare and contrast IPX, NLSP, SAP and OSPF

Identify the EGP and the BGPv4

Describe distance-vector, link-state, and path vector protocols

Describe CIDR

Lesson 9: TCP/IP Utilities

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Describe the protocol and services files, and explain their usefulness to the network Describe ICMP concepts and message types Identify the functions of commands that can assist general network troubleshooting Identify the functions of commands that can assist name and address troubleshooting

Useful Network Files

• •

The services file The protocol file

Internet Control Message Protocol

• •

Source-quench error messages Echo-request and echo-reply query messages

• • • • •

ping tracert netstat ftp telnet General Network Commands

Name and Address Commands

• • • • • •

ipconfig winipcfg arp nslookup hostname nbtstat

Resolving IP Addresses to Ethernet Addresses IP address (32-bit) Ethernet address (48-bit)

Summary

Describe the protocol and services files, and explain their usefulness to the network

Describe ICMP concepts and message types

Identify the functions of commands that can assist general network troubleshooting

Identify the functions of commands that can assist name and address troubleshooting

Lesson 10: Internetworking Servers

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • •

List the essential functions of internetworking servers Identify and describe the functions and features of file and print, HTTP, proxy, mail, mailing list, media, DNS, FTP, news, certificate, directory, catalog and transaction servers Describe how each Internetworking server type uses different TCP/IP protocols

Objectives (cont'd)

• • • • •

Describe the term daemon and identify the function of the Internet-related daemons named, inetd and telnetd Define server selection criteria Identify specific business needs and choose the server that meets those needs Describe benefits and drawbacks of specific servers Differentiate between server suites

Internetworking Servers

• • • • • • •

File and print HTTP Proxy Mail Mailing list Media DNS

• • • • • •

FTP News Certificate Directory Catalog Transaction

The Internet Daemon:

inetd

• • •

smtp: the SMTP daemon tftd: the Trivial File Transport daemon telnetd: the Telnet daemon

Choosing the Ideal Server

Typical Internet server functions include:

Generating company recognition

– – – – –

Processing orders Processing payments Providing service and support Creating long-distance communities Ensuring security

Determining Company Needs and Abilities

• • •

Internet versus intranet solutions Which server type does the company need?

Proprietary elements

Product Advantages and Disadvantages

• • • •

Product support Product testing Simplicity of use Scalability

Popular Server Products

• • • • •

Apache Web server Microsoft Internet Information Server Lotus Domino series Netscape servers Novell Web Server

Summary

List the essential functions of internetworking servers

Identify and describe the functions and features of file and print, HTTP, proxy, mail, mailing list, media, DNS, FTP, news, certificate, directory, catalog and transaction servers

Describe how each Internetworking server type uses different TCP/IP protocols

Summary (cont'd)

Describe the term daemon and identify the function of the Internet-related daemons named, inetd and telnetd

 

Define server selection criteria Identify specific business needs and choose the server that meets those needs

Describe benefits and drawbacks of specific servers

Differentiate between server suites

Lesson 11: Name Resolution

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • • • •

Identify the purpose of name resolution Define and configure hosts files Explain DNS and its evolution Define the DNS architecture Identify DNS records and list record types Install a DNS server and client Explain the function of WINS and the purpose of the lmhosts file

Hosts File

A simple text file that is referenced locally by applications and commands for name-to-address resolution

Domain Name System

• •

DNS hierarchy

Root-level domain

– –

Top-level domain Second-level domain DNS components

Name server

Name resolver

DNS Server Types

• • • •

Root server Master server Primary server Secondary server

• • •

Caching and caching only server Forwarding server Slave server

DNS Records

Common DNS records include:

Internet (IN)

– – –

Name Server (NS) Start of Authority (SOA) Address (A)

– – –

Canonical Name (CNAME) Mail Exchanger (MX) Pointer (PTR)

Berkeley Internet Name Domain

• •

The most common implementation of DNS A public domain software that can be implemented on most versions of UNIX

Windows Internet Naming Service

• •

The lmhosts file WINS and DNS

Summary

Identify the purpose of name resolution

Define and configure hosts files

Explain DNS and its evolution

Define the DNS architecture

 

Identify DNS records and list record types Install a DNS server and client

Explain the function of WINS and the purpose of the lmhosts file

Lesson 12: Address and Parameter Allocation for TCP/IP Hosts

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Define the function and roles of the BOOTP server and client Define the function and roles of the DHCP server and client Compare and contrast RARP, BOOTP and DHCP Explain the difference between dynamic and manual address allocation Install and configure a DHCP server and client

BOOTstrap Protocol

A client/server program that can return information such as IP addresses, subnet masks, default gateway addresses, and name server addresses

Dynamic Host Configuration Protocol

• •

Offers finite address leases, allowing network addresses to be reused Offers additional configuration options

DHCP Initialization Process

Discover Offer Request Acknowledgment

DHCP client DHCP server

DHCP Implementation

Two common types of DHCP address allocation:

Dynamic allocation

Manual allocation (client reservation)

Summary

Define the function and roles of the BOOTP server and client

Define the function and roles of the DHCP server and client

Compare and contrast RARP, BOOTP and DHCP

Explain the difference between dynamic and manual address allocation

Install and configure a DHCP server and client

Lesson 13: Remote Connectivity

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • • •

Describe two remote connectivity solutions: remote access servers and VPNs Identify the two remote connectivity types Describe remote access protocols Compare analog dial-up connections with ISDN connections Determine modem configuration parameters Install and configure the RAS server

Types of Remote Connectivity

• •

Remote control Remote node

Remote Access Servers

Remote access server solutions include:

Remote access server software

– – –

Two or more modems Phone line or ISDN line Remote computer

Typical Remote Connectivity Solution

Remote computer Modem Modem Hub Remote Access Server Network Server Network Server

• •

PPP SLIP Dial-up Protocols

Common Methods for Accessing an RAS

• •

Plain Old Telephone Service (POTS) ISDN

Basic Rate Interface (BRI)

Primary Rate Interface (PRI)

Remote Access Server Software

• • • • • • • •

Microsoft RAS and dial-up networking Modem configurations Installing the service Port usage Protocols Installing dial-up networking Logging on using dial-up networking Troubleshooting RAS sessions

Virtual Private Networks

• •

PPTP Accessing a VPN

Summary

Describe two remote connectivity solutions: remote access servers and VPNs

  

Identify the two remote connectivity types Describe remote access protocols Compare analog dial-up connections with ISDN connections

 

Determine modem configuration parameters Install and configure the RAS server

Lesson 14: User Management

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Define authentication Explain the share and user-level access security models Identify the purpose and function of logon accounts, groups and passwords Create a network password policy using standard practices and procedures

Objectives (cont'd)

• • • •

Discuss permissions issues Describe the relation between permissions and user profiles Use administrative utilities for specific networks and operating systems Identify the permissions needed to add, delete or modify user accounts

Authentication

You can prove your identity by:

What you know

– –

What you have Who you are

Security Models and Authentication Peer-level Access

text

User-level Access

Peer-level Access

• •

Advantages

Less expensive and easier to implement than networks that enforce user-level access Drawbacks

Less secure

Less control over file and resource management

Not as scalable

Peer-to-Peer Network Security Model Athena Aphrodite Hermes Printer Apollo Ares

User-level Access

Advantages

Increased security

– – –

Support for a larger number of users Increased control over access to resources Ability to monitor access to resources through system logs

Ability to grow in response to an organization's needs

User-based Network Athena Aphrodite Hermes Printer A Apollo Ares User Accounts Database Printer B

Creating User Accounts

• • • •

Logon accounts User name Password Group associations

James Stanger Patrick Lane Jill McKenna Creating User Names stangerj lanep mckennaj User Accounts Database

Placing Global Group into Local Group Local group

Global group

Serv er Laser prin ter

Permissions

Can be either local or share-based

Local permissions grant or deny access to users who are logged on locally

Share-level permissions apply only across a network

User Accounts Database and User Permissions Print Print Write Read Write Print Us e r Accounts Databas e Server Print Server Printer

• • • •

Read Write Execute Print Universal Permissions

Windows 2000, UNIX and Novell Permissions

• • •

Windows 2000 access permissions UNIX permissions Novell rights

Additional Logon Account Terms

• • •

Logon scripts Home directories Local and roaming profiles

Standard Password Practices

• • •

Qualities of a strong password Implementing a password policy Password file placement

Network Security Policies

• • • • • • •

Password aging Password length Password history Account lockout Share creation User creation Local logging

Standard Operating Procedures

• •

All written policies on which IT and management agree Usually apply to IT employees rather than to users

Summary

Define authentication

Explain the share and user-level access security models

Identify the purpose and function of login accounts, groups and passwords

Create a network password policy using standard practices and procedures

Summary (cont'd)

Discuss permissions issues

Describe the relation between permissions and user profiles

Use administrative utilities for specific networks and operating systems

Identify the permissions needed to add, delete or modify user accounts

Lesson 15: Network Printing

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Describe the components used in network printing, including print servers and print queues Discuss the flow of a print job from client to network printer Set up and use a network printer Configure a network printer

Overview of Network Printing

Network printing requires the following components

Print servers

Print queues

Network Printing

Windows 2000 introduces specific terminology for network printing, including:

Printer

Print server

Print device

Flow of a Print Task

Workstation Workstation Laptop Ethernet Printer Server Network Printer

Configuring a Network Printer

• • • •

Client configuration Using forms Separator pages Printing pools

Printing Pool Model

Printer Printer Server Computer

Printer Administration

• •

Document control Printer control

Summary

Describe the components used in network printing, including print servers and print queues

Discuss the flow of a print job from client to network printer

Set up and use a network printer

Configure a network printer

Lesson 16: Data Protection

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Identify ways to establish a baseline of your system's status Explain RAID levels and their significance for fault tolerance Discuss data protection devices Describe standard backup measures Prepare for disaster recovery on a Windows 2000 system by creating a boot disk and an emergency repair disk

Establishing a Baseline

Documenting your system's current status should include:

Physical drives and their configurations

Partitions or logical drives and their configurations

Volumes or volume sets and their configurations

Fault Tolerance

Two primary types of drive fault tolerance

RAID

Tape backup

Disk Striping

Disk 1 Disk 2 File 1 File 2 File 3 Disk 3

Disk Mirroring

Disk 1 File 1 File 2 File 3 Disk 2

Disk Striping with Large Blocks

Disk 1 Disk 2 File 1 File 2 File 3 Parity Disk 3

Disk Striping with Parity

Disk 1 Disk 2 File 1 File 2 File 3 Parity Disk 3

Other Types of Data Protection

• • •

Uninterruptible Power Supply Folder replication Removable media

Planning a Backup Strategy

• • • •

Determine which files to back up Choose local or network backup types Select a backup method Plan and practice restore procedures

Disaster Recovery

• • •

Windows 2000 boot disk Emergency Repair Disk Last Known Good Configuration option

Summary

Identify ways to establish a baseline of your system's status

Explain RAID levels and their significance for fault tolerance

Discuss data protection devices

Describe standard backup measures

Prepare for disaster recovery on a Windows 2000 system by creating a boot disk and an emergency repair disk

Lesson 17: Network Security Essentials

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Explain the need for network security and identify resources that need security List the two major categories of security threats Discuss two types of hackers and determine attack types Describe a computer virus and explain how to protect your computer from virus attacks

Objectives (cont'd)

• • •

List key security standards Explain the purpose of security organizations Explain the audit process

Defining Security

A means to reduce, to the greatest extent possible, the vulnerability of data and resources

Defining Assets

• • • •

Local resources Network resources Server resources Database and information resources

Security Threats

• •

Accidental threats Intentional threats

Hackers

• •

Casual attackers Determined attackers

Types of Attacks

• • • •

Spoofing (masquerade) attacks Man-in-the-middle (hijacking) attacks Denial-of-service attacks Insider attacks

• • • • • •

Front-door-attacks Brute-force attacks Trapdoor attacks Replay attacks Trojan horse attacks Social engineering attacks

• • • • •

Macros Executables Boot sector Stealth Polymorphic Viruses

The Robert Morris Internet Worm

An example of several attack methods, including:

Bug-based attack

Denial-of-service attack

The Hacker Process

• • •

Stage 1: Discovery Stage 2: Penetration Stage 3: Control

Defeating Attacks

OSI/RM security services include:

Authentication

– – – –

Access control Data confidentiality Data integrity Nonrepudiation

Security Standards

• – – – – –

Trusted Computer System Evaluation Criteria security levels

– –

D C1 C2 B1 B2 B3 A1

Key Security Organizations

• • •

CERT CSRC at the NIST CIAC at the DOE

Auditing Phases

• • •

Status quo analysis Risk analysis Threat analysis

Securing a Server

• • • • • • • •

Change your system defaults Determine user and group permissions Train users to use certificates, encryption and passwords Begin automated logging Establish a baseline of activity Combine OS and Internet server policies Change the system topology Establish a written policy

Summary

Explain the need for network security and identify resources that need security

List the two major categories of security threats

Discuss two types of hackers and determine attack types

Describe a computer virus and explain how to protect your computer from virus attacks

Summary (cont'd)

List key security standards

Explain the purpose of security organizations

Explain the audit process

Lesson 18: Enterprise Network Security— Encryption and Firewalls

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • •

Describe the three major types of encryption Describe enterprise-level security protocols List and discuss the four major types of firewalls

The Internet: An Open Network

Networking is a cumulative practice: One technology builds on another

Encryption

• • •

Symmetric-key encryption Asymmetric-key encryption One-way encryption (hash encryption)

Symmetric-Key Encryption

Public-Key Encryption

Network-level Protocols and Encryption

• • • •

VPNs Kerberos Password generators and OTPs SSL

Creating an SSL Session: The Server-Side View

Certificate types:

Certificate Authority (CA)

– – –

Server Personal Software publisher

Firewalls

• • • • • • •

Filter packets Serve as a circuit-level or application-level gateway Detect intrusions Provide enhanced password authentication Log and report Take evasive action Permit encrypted access (with a VPN)

Packet Filters

Devices that inspect each packet for predefined content

Proxy Servers

• •

Circuit-level gateways Application-level gateways

Network Address Translation

• • •

Masquerading NAT considerations NAT and vendor terminology

Firewall Topology

Four common firewall implementations

Packet filter

– – –

Single-homed bastion host Dual-homed bastion host Screened subnet

Summary

Describe the three major types of encryption

Describe enterprise-level security protocols

List and discuss the four major types of firewalls

Lesson 19: Maintaining Your Network

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • • •

Explain the importance of version control Describe the strategies for version control Identify the appropriate times for verifying functionality when moving or changing equipment Determine how and when to apply patches and fixes to your system Plan the key areas of support for your network

Version Control

• • • •

Upgrading programs Upgrading operating systems Removing outdated files Resolving file conflicts and replacing overwritten files

Moving or Changing Equipment

Verifying functionality

Servers

Network equipment

Patches and Fixes

• • •

Microsoft service packs Novell support packs Red Hat Linux errata

Supporting Your Network

User support

In-person assistance

– – –

User education Technical service Prioritization

Summary

Explain the importance of version control

Describe the strategies for version control

Identify the appropriate times for verifying functionality when moving or changing equipment

Determine how and when to apply patches and fixes to your system

Plan the key areas of support for your network

Lesson 20: Troubleshooting the Network and Diagnostic Tools

© 2001 ComputerPREP, Inc. All rights reserved.

Objectives

• • • •

Analyze the scope of network problems Formulate troubleshooting methods Analyze common troubleshooting indicators Explain common troubleshooting tools and their uses

Analyzing the Scope of the Problem

• • •

How many machines or network segments are affected?

How frequently does the problem occur?

Can the problem be duplicated?

Applying Troubleshooting Methods

DETECT

D: Discover the problem

– –

E: T: Evaluate the scope of the problem Track possible approaches to solving the problem

– – –

E: C: T: Execute an approach Check for problem resolution Transfer knowledge

Troubleshooting Name Resolution

• •

Domain Name System Windows Internet Naming Service

Using Troubleshooting Indicators

• • • • •

Indicator lights Error logs and messages Event Viewer Task Manager Performance monitor

Using Troubleshooting Tools

• • • • •

Crossover cables Hardware loopback devices Tone generators and tone locators Vendor resources Protocol analyzers

Summary

Analyze the scope of network problems

Formulate troubleshooting methods

Analyze common troubleshooting indicators

Explain common troubleshooting tools and their uses

Network+

Overview of the Internet

Introduction to Networking

Networking Protocols

Network Devices

 

Connecting Your Network TCP/IP Architecture

Internet Addressing

Routing

Network+ (cont'd)

TCP/IP Utilities

Internetworking Servers

Name Resolution

Address and Parameter Allocation for TCP/IP Hosts

Remote Connectivity

User Management

Network+ (cont'd)

Network Printing

Data Protection

Network Security Essentials

Enterprise Network Security — Encryption and Firewalls

Maintaining Your Network

Troubleshooting the Network and Diagnostic Tools