Network+ Certification

Jay Smith
jay@newhorizonsgso.com

Sept 5-13, 2000
Breaks
1 - 6:45 - 7:00
2 - 8:15 - 8:30

1-800-755-EXAM to schedule exams

Exam is 65 questions, must get 82% to pass

The Network+ Certification says that you know the basics of networks and networking.

Websites that may help:
www.examnotes.com
www.mcseguide.com
www.examcorner.com
www.examdrill.com - exam simulation software for download.
www.examcram.com
www.comptia.org - Certifies Network+, Inet+, Server+, Linux+, etc
www.cramsession.com = www.brainbuzz.com

General Advice
Lesson 1: Intro Networking
Lesson 2: Networking Protocols
Lesson 3: Network Devices
Lesson 4: Connecting Your Network
Lesson 5: TCP/IP Architecture
Lesson 6: Internet Addressing
Lesson 7: Routing
Lesson 8: TCP/IP Utilities
Lesson 9: Internetworking Servers
Lesson 10: Name Resolution
Lesson 11: Address and Parameter Allocation for TCP/IP Hosts
Lesson 12: Remote Connectivity
Lesson 13: User Management
Lesson 14: Network Printing
Lesson 15: Data Protection
Lesson 16: Network Security Essentials
Lesson 17: Enterprise Network Security - Encryption and Firewalls
Lesson 18: Maintaining Your Network
Lesson 19: Troubleshooting the Network and Diagnostic Tools

General Advice

Flourescent lights cause power spikes in network wires
Consistant tape errors may indicate a problem with the tape drive. Clean it.
Floor heaters can cause voltage drops when they turn on.

Lesson 1: Intro Networking

Objectives:
- Define Networking
- Identify Servers, Networks, and Hosts
- Network Architechtures
- Network Topologies
- Network N.O.S.'s

4 Basic topologies:

F1: Bus
Advs:
Terminators tell packets to stop
If a computer is turned off, we're ok.
If a plug is off, we're screwed.
Simplest to set up
Cheapest topology

Disads:
Suseptible to bandwidth crunches at peak times
Serial christmas lights

---
F2: Star
Advandtages:
Network usually not affected if one line breaks
Expansion and reconfiguration are relatively simple

Disads:
If hub goes down, everyone's screwed.

---
F3: Ring
Advs:
All computers have equal access to data
performance is equal to all users during peak

Disads:
expansion or reconfig will screw you.

---
F4: Mesh
Adv:
redundant connections:

Disadv:
redundant connections are expensive.

5,4,3 Rule
5 Segments
4 Repeaters
3 Can be populated

-------------

Network Operating Systems

Exam will concentrate on Novell and NT/2000

An NOS manages resources on a network.
An NOS manages users, file and print services,
and network security.

NOS's:
Novell Netware
5.0+ Uses TCP/IP as default
4.x- Used IPX/SPX as default

WindowsNT

UNIX
Uses TCP/IP as default

Peer-to-Peer:
10 computers max, in general

Lesson Summary:

In this lesson, you learned the basics of networking. You learned about the original mainframe model, which evolved into the client server model. Today, many companies are using mainframes and the client/server model together in what is generally called Web-based networking, which allows networks to be even more distributed and decentralized. You also discovered the three basic networking categories -- peer-to-peer, server-based, and enterprise networks (a combination of peer-to-peer and server-based networks). You studied the basic network topologies: bus, star, ring, hybrid, and mesh. Finally, you received an overview of the major networking operating systems: Novell NetWare, Microsoft Windows NT, and UNIX.

Lesson 2: Networking Protocols

Objectives:
- OSI Model
- Packet Creation
- Application, Network, and Transport Layer Protocols
- Major Networking Protocols

OSI Model:
All People Seem To Need Data Processing

All Application Layer
People Presentation Layer
Seem Session
To Transport
Need Network
Data Data Link
Processing Physical

7 - Application Layer: User Interface layer
6 - Presentation Layer: Translates human into computer and vice-versa
5 - Session Layer: Establishes, manages, and terminates connections
(sessions) between cooperating applications.
4 - Transport Layer: Provides reliable, transparent transport between
end points (the source and destination hosts).
3 - Network Layer: Organizes data into datagrams, or packets.
Forwards and routes packets.
2 - Data link Layer: Prepares the information to be placed on the transmission media.
Has two sub-layers: LLC and MAC
1 - Physical Layer: Concerned with transmission of unstructured bit
streams over a physical link.

F5: How the layers communicate

Packet construction
Each layer adds its own header - instructions on how to re-build the packet on the receiving end.

Trailer contains error checking, such as CRC

Three Most important layers:
Application
Transport
Network

Application Layer Protocols:
*SMTP - Simple Mail Transfer Protocol - TCP/IP sub protocol responsible for
BOOTP - Bootstrap Protocol - TCP/IP sub protocol responsible for address configuration
*FTP - File Transfer Protocol - TCP/IP sub protocol responsible for transfering files
*HTTP - Hypertext Transfer Protocol - TCP/IP sub protocol responsible for transferring web pages
AFP - Appletalk Filing Protocol
*SNMP - Simple Network Management Protocol - TCP/IP sub protocol responsible for managing network devices
SMB - Server Message Block Protocol - Microsoft Specific
X.500 - an OSI directory protocol
NCP - Novell Core Protocol
NFS - allows file and printer sharing in a UNIX environment

Transport Layer Protocols:
*TCP - Transmission Control Protocol - TCP/IP sub protocol responsible for providing reliable delivery and management of sessions
*SPX - Sequenced Packet Exchange Protocol - Alternative to TCP, on Novell
(*)NWLink - the M$ implentation of IPX/SPX
ATP - Appletalk Transmission Protocol
*NetBEUI - A *non-routable* protocol, allows local computers to communicate

Network Protocols:
*IP - Internet Protocol - TCP/IP sub protocol responsible foraddressing hosts in anyt network running TCP/IP, including the Internet.
*IPX - Internetwork Packet Exchange - provides addressing services for the Novell IPX/SPX Suite.
*NWLink - The M$ Implementation of IPX/SPX
*NetBEUI - M$ non-routable protocol
*Ethernet - the most popular LAN protocol.

Major Networking Protocols:
TCP/IP
IPX/SPX
NetBEUI
AppleTalk

Connection-Oriented (stateful) and Connectionless (stateless)
TCP is connection-oriented
IP is connectionless
FTP is connection-oriented
HTTP is connectionless *on exam*
SMTP is connectionless, depending on what point in the process you're at.

Routable and non-routable protocols
Non-routable protocols use static routes that cannot be changed
Non: NetBEUI, NetBIOS
Routable: NWLink, IPX/SPX, TCP/IP

**TCP/IP is not tied to any one vendor, and therefore allows heterogenous networks to communicate efficiently.**

IPX/SPX is Novell's implementation of TCP/IP

TCP = SPX
IP = IPX

F6 shows IPX/SPX on the OSI model

NetBEUI - 10 or less computers, nothing faster, but it's non-routable.
usernames no longer than 15 characters.

Lesson 3: Network Devices

- LANs & WANs
- NAPs
- Backbones + Segments
- Identify different network devices
- Peripheral Ports
- Cabling

WAN is 2 or more LANS at different locations connected together.

3 NAPs: New York, Chicago, San Francisco

Backbone: Main communication line
Segment: branch of a network

NIC: Computer's interface to the network (Datalink Layer)
Cat 5 only goes 100 meters
Repeater: Almplifies signals on a network, allowing wider-area networks. (Physical Layer)
Hub: connects computers in a star-configured network (Physical Layer)
Active Hub: Hub with built-in repeater. (Physical Layer)
Bridge: Connects segments, but provides filtering to keep bandwidth spam low (Datalink Layer)
3 types of bridges:
- transparent - computers don't know it's there
- source routing - common to token-ring networks, computers know routes
- source routing transparent - transparent and source routing co-exist.
Router: connects remote networks (Network Layer)
Brouter: Combination of a bridge and a router. (Network and Datalink Layers)
Switch: Directs the flow of information from one node to another. Faster than routers/bridges/etc. Fast replacing previous HW..
multiple OSI layers
**Free's up bandwidth**
Gateway: Converts from one protocol to another, ie AppleTalk -> DECnet
(Multiple Layers)
CSU/DSU: Terminates physical connections
Patch Panel: a group of sockets mounted on a rack. Essentially a giant hub.
(Physical Layer)

---

Cabling "Transmission Media"

Twisted Pair

Category Desc
1 Used for voice, not data (UTP only)
2 4 pair, up to 4Mbps, used for token ring (UTP only)
3 4 pair, 10Mbps, used for ethernet
4 4 pair, 16Mbps, used for some token ring
5 4 pair, 100Mbps, Ethernet and Fast Ethernet
6 4 pair, 155Mbps, Fast Ethernet
7 4 pair, 1000Mbps, Gigabit Ethernet

10baseT = 10Mbps + Baseband transmission + Twisted Pair.

*100 meters max length*

Coax

10base2 - .25" diameter - 185 meters - Thinnet
10base5 - .5 " diameter - 500 meters - Thinknet

Fibre Optic

glass strands carrying light
1.2Km max length

Wireless media

- infrared
- laser
- Narrow-band radio
- spread-spectrum radio

Safe room conditions:

60-(98 or 102) degrees
50-70 percent humidity

Lesson 4 Connecting Your Network

Objectives:
Define the basic data transmission concepts
- Identify the IEEE 802 LAN Standards
- Describe the access methods, wiring standards, and devices used with the
IEEE 802 LAN technologies

Two types of data transmission: Syncronous and Asyncronous
Asyncronous: No clock
Syncronous: A clock is present to sync transmission

3 types of flow: simplex, half duplex, full duplex`
Simplex: Data can only travel one way.
Half-duplex: Data can travel both ways, but not simultaneously. (Ethernet)
Full Duplex: Data can travel both ways simultaneously.

Baseband:
A signal applied to the cable changes the voltage to indicate a 0 or 1.
Used in LANs
(Ethernet)

Broadband:

(Frame relay, ATM, T1, etc)

---

Logical topologies

Token Ring:
Token ring uses star topology, connected by an MAU. Inside MAU, there's a
logical ring network. This gives the benefits of a star, with the bandwidth
saves of a ring. When a packet comes in, it gets up on a 'token', which goes
around and tries each computer in order until it reaches the correct host.

IEEE LAN Standards

IEEE is an organization of professionals creates standards for computers
and communications.

F7: IEEE 802.2 = Defines the datalink layer by dividing it into two sub-layers,
the LLC and the MAC. All 802 standards use this base.

LLC: connection-oriented and connectionless XXXXXX
MAC: A unique address burned into the NIC. XXXXXX
MAC Address: 00.00.00.00.00.00 burned into the NIC
00.00.00 Manufacturer
00.00.00 Serial number

Ethernet/IEEE 803.3
XXXXXX
Defines cabling,
10baseT = CAT3
10base2 = Thinnet
10base5 = Thicknet

Access method = CSMA/CD
F8: Collisions

F9: 802.3u
Fast Ethernet
100baseT = CAT5

F10: 802.3ab
Gigabyte Ethernet
1000baseT = CAT7

---

802.5: Token Ring
Access method: Token Passing
Page L4-13

---

802.12: 100VG-AnyLAN
Access Method: Demand Priority.
Demand Priority prioritises LAN traffic, and directs it accordingly.

---

Apple LocalTalk
Access Method: CSMA/CA
Each packet has a message beforehand to reserve line for its packet.
Electronic equivalent of yelling "Fore!!"
Inefficient due to increased network traffic.

---

MAN: a LAN over a small city type area
F11 L4-16

---

IRQs
a number (0-16) that a device uses to get the processor's attention
*IRQ3 = COM2, COM4 (serial port)
*IRQ4 = COM1, COM3 (serial port)
two devices cannot use the same IRQ

I/O Addresses Transfers information between the CPU and the device.
base I/O port settings for a NIC are 300 to 30F, and 310 to 31F

Transceiver

DMA used to transfer data from memory to memory without bothering the CPU.

---

WANs

X.25
Insures error-free data delivery by checking data at many points along the route.

Fast packet switching
cuts down on congestion by doing error-checking at the end computers.

Frame Relay
Fast packet switching technology.
NO Error Checking.

ATM

T1 - DS-1
1.544 Mbps
24 channels at 64 Kbps each
European version is E-1

T2 - DS-2
4 T1's, 6.3 Mbps

T3 - DS-3
28 T1's, 44.736 Mbps

T4 - DS4
274.760 Mbps

---

ipconfig /all
NIC config info for WinNT

Lesson 5: TCP/IP Architecture

Objectives: Explain TCP/IP's importance in a heterogeneous environment.
- Define and describe the Internet architecture model.
- Identify the nature, purpose, and operation essentials of TCP/IP
- Define and describe various TCP/IP protocols
- Describe port numbers and their functions, including well-known
and registered port numbers.
- Find and download Request for Comments (RFC) documents.

TCP/IP and Interoperability

Vendor-independant.
OS-independant.
reduces need for Gateways (between protocols)

Internet Architecture
F12 L5-5
F12B L5-6

Network Access Layer
= Physical and Datalink from OSI
contains:
- OS device driver
- NIC
- physical connections

Internet Layer
= OSI Network Layer
responsible for host addressing. Protocols:
- IP
- ICMP
- IGMP
- ARP
- RARP

Transport Layer
= OSI transport layer
provides flow of data. Protocols:
- TCP - connection-oriented
- UDP - connectionless

Application layer
= OSI session, presentation, and application layers
Telnet
FTP
SMTP
SNMP

Requests for Comments (RFCs)
Published documents of interest to the Internet community.

Protocol States
Maturity levels:
- Experimental - Lab tests only
- Proposed - May be considered for standardisation
- Draft - Seriously considered. Beta test stage
- Standard
- - - - - -
- Historic - out of date
- Informational - informational

Internet Layer Protocols
F13 L5-9

L5-10
Internet Protocol/IP

Internet Control Message Protocol/ICMP
troubleshooting protocol of TCP/IP

Internet Group Management Protocol/IGMP
used for multicasting

Address Resolution Protocol/ARP
translates Internet address to physical addresses, such as a MAC address

Reverse Address Resolution Protocol/RARP
does the inverse of ARP

Transport Layer Protocols

Transport Control Protocol/TCP
connection-oriented

User Datagram Protocol/UDP
connectionless.. no gaurantees

Application Layer Protocols

HyperText Transfer Protocol/HTTP

File Transer Protocol/FTP
transfers files

Trivial File Transfer Protocol/TFTP
used for initializing diskless systems. Connectionless!

Telnet
terminal emulation protocol developed by ARPANET

Network News Transfer Protocol/NNTP
allows sites on the Internet to exchange news articles.

Gopher
older protocol for searching files

Simple Mail Transfer Protocol/SMTP
protocol for sending mail

Post Office Protocol/POP3
POP3 stores incoming email until users authenticate and download it.

Simple Network Management Protocol/SNMP
manages TCP/IP networks. A management tool.

Domain Name System/DNS
translates domain names to IP addresses and vice versa

Windows Internet Naming Service/WINS
M$ version of DNS for NT networks

Bootstrap Protocol/BOOTP
an alternative to RARP. provides a method for diskless terminals to
determine their IP address

Dynamic Host Configuration Protocol/DHCP
based on BOOTP, allows dynamic assignment of IP addresses, typically
on boot.

---

Port Numbers
The transport layer determines what service a packet is destined for by
examining it's port number.

Know these:
FTP = port 21
Telnet = port 23
SMTP = port 25
DNS = port 53
HTTP = port 80
POP3 = port 110

Ports 1 to 1023 are well-known and reserved
Ports 1024 to 65535 are reserved. Any processes can use these.

Lesson 6: Internet Addressing

Objectives:
- Explain IP addressing and the concept of uniqueness
- Define IP address classes currently used on the Internet
- Determine reserved IP addressing
- Explain the use of private addresses in intranet design.
- Determine the IP address class and whether the address is valid
- Determine default subnet masks and use the ANDing process.
- Calculate custom subnet masks and CIDR notation using supernetting
techniques
- Describe the function of proxy servers and IPv6
- Identify the normal configuration parameters for a workstation, including
IP address, subnet mask, default gateway, DHCP, host name, domain name,
DNS servers, WINS servers, and NetBIOS name.

IP Address 131.107.002.001
8 + 8 + 8 + 8 = 32 bits

To tranlate an IP address into binary:
128 64 32 16 08 04 02 01
continual subtraction:
131: 1 0 0 0 0 0 1 1 = 10000011
107: 0 1 1 0 1 0 1 1 = 01101011
002: 0 0 0 0 0 0 1 0 = 00000010
001: 0 0 0 0 0 0 0 1 = 00000001
IP = 10000011 01101011 00000010 00000001

Each IP Address represents a network and a host.

Classes

*Class A: first bit is 0
0.0.0.0 - 126.255.255.255
Huge Networks
First octet indicates network - 16,777,214 hosts

*Class B: First 2 bits 10
128.0.0.0 - 191.255.255.255
First two octets indicate network - 65,534 hosts

*Class C: First 2 bits 110
192.0.0.0 - 223.255.255.255
First three octets indicate network - 254 hosts

Class D: First 2 bits 1110
224.0.0.0 - 239.255.255.255
Multicasting

Class E: First 2 bits 11110
240.0.0.0 - 247.255.255.255

Rules for IP addresses:
1. A Class A address beginning with 127 cannot be used because it is reserved
for a loopback address.

2. Network or host addresses cannot be 255, the broadcast address.

3. Network and/or host IP address portions cannot be all zeros. These
represent network address.

4. No two computers on a network can have the same IP address.

---

ICANN has reserved 3 blocks for private Internets
**10.0.0.0 to 10.255.255.255**
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255

---

Subnetworks

Subnet masks
A = 255.0.0.0 (default)
B = 255.255.0.0 (default)
C = 255.255.255.0 (default)

Subnet masks serve 2 points:
- Distinguish the network and host portions of an IP address
- Specify whether a destination address is local or remote

---

Skip to L6-25

---

IP Address Conservation

Solutions:
Proxy Servers
CIDR
Internet Protocol version 6 (IPv6)

F14: Proxy Servers

Classless InterDomain Routing (CIDR)
to minimize the number of routing table entries
CIDR allocates multiple IP addresses so they can be summarized into
a smaller number of router table entries.

IPv6
uses 128 bit addresses instead of current 32 bit addresses.
Implementation between 2005 and 2015.

---

Normal TCP/IP configuration parameters

IP Address: xxx.xxx.xxx.xxx - unique address on the net
Subnet Mask: 255.255.255.0 - denotes the network scope
Default Gateway: xxx.xxx.xxx.1 - route out of the subnet
DHCP client: xxx.xxx.xxx.xxx - only if using DHCP

Lesson 7: Routing

Objectives:
- Explain the difference between direct and indirect routing, and determine whether a route is direct or indirect.
- Describe the routing process and explain the function of routing information tables.
Compare static routing and with dynamic routing, and manually configure a static routing table.
- Explain the difference between interior and exterior routing protocols, and identify routing protocols within eeach category.
- Compare and contrast the Routing Information Protocol (RIP) with Open Shortest Path First (OSPF), and describe the advantages and disadvantages of each.
- Compare and Contrast the Internetwork Packet eXchange (IPX), Netware Link Services Protocol (NLSP), IPX RIP/Service Advertising Protocol (SAP), and OSPF.
- Identify the Exterior Gateway Protocol (EGP) and the Border Gateway Protocol (BGPv4).
- Describe distance-vector, link-state, and path-vector protocols.
- Describe Classsless InterDomain Routing (CIDR).

Direct routing: When 2 computers on the same network need to communicate,
they do not need to involve a router.
Indirect routing: When a computer on a network needs to communicate with
a computer on a different network, it send the packet to a router, to
be routed to its destination.

Traceroute: trace the route from one computer to another.
NT usage: tracert

Routing Process
routing involves two key elements:
- The host must know which router to use. (default gateway)
- the router must know where to send the packet. It gets this from its
routing information table.

Static vs Dynamic Routing
Static routers contain routing information tables that must be built and
maintained manually.

A dynamic router communicates with oterh dynamic routers to calculate routes automatically using protocols such as RIP and OSPF.

The route command is used to manipulate network routing tables on WinNT.
NT usage: route [option]
options: print - display the routing table
add - add a route to the routing table
delete - deletes a route from the routing table

The ping command is used to test connectivity between source and destination
systems.
usage: ping [options] [host]

---

interior protocols used within an organization's network (RIP and OSPF)
exterior protocols used outside an organization's network (EGP and BGP)

Routing Information Protocol

RIP routers transmit their routing tables to neighboring RIP routers at
fixed *30 second intervals.* They then use these tables to determine
routes.
disads: network overhead, lengthy convergence time, count-to-infinity
problems.

To address count-to-infinity problems:
- Split horizon: Routers do not broadcast all destination networks to
neighboring routes.
- Poison reverse: Routers advertise unreachable to certain neighboring
routes.

XXXX Re-read L7-12

Open Shortest Path First

*designed to replace RIP and overcome many of its shortcomings.*
*routers only broadcast routing tables if they have changed*
Elimates the count-to-infinity problem.
Supports variable-length subnetting.
XXXX L7-13

Exterior Routing Protocols

EGP Exterior Gateway Protocol
older routing protocol, replaced by BGP

BGP Border Gateway Protocol
shortcomings:
Designed when there was a single backbone.
Set up with static routing tables that designate which routers can
exchange routing tables.

Lesson 8: TCP/IP Utilities

Objectives:
- Describe the protocol and services files, and explain their usefulness to
the network.
- Describe ICMP concepts and message types.
- Identify the functions of commands that can assist general network
troubleshooting.
- Identify the functions of commands that can assist name and address
troubleshooting.

Useful commands:
tracert
ipconfig /all

Services file contains port numbers for common services.
Protocol file contains the Internet protocols used on the network.

ICMP Internet Control Message Protocol
ICMP is the troubleshooting protocol of TCP/IP

see L8-8 ICMP Error Messages

---

General Network Commands

ping
tracert
ftp
telnet
netstat

Netstat: Displays the contects of various network-related data structures,
such as the state of sockets.

Name and Address Commands

*ipconfig - the WinNT command used to display the IP configuration (/all)
*winipcfg - the Win9x command used to display the IP configuration
*arp - resolves software addresses to hardware addresses. (caches 2 mins)
only works with direct routing (same subnet)
*nslookup - resolve domain names to IP addresses and vice versa
hostname - displays the current hostname as given for the system login prompt.
*nbtstat - "NetBIOS over TCP/IP" statistics

Lesson 9: Internetworking Servers

Objectives:
XXXX

File and print
HTTP
Proxy
Mail
Mailing list
Media
DNS
FTP
News
Certificate
Directory
Catalog
Transaction

- File servers serve files to computers
- print servers allow a network to share a few printers
- HTTP server/Web servers
has access to a set of documents that it may send to a client in response
to an appropriate request.
- ****Proxy server is an intermediary between a network host and other hosts
outside the network. Read L9-17
*Firewall
*Caching of Web Documents
*Filtering client transactions ie limiting access
*Transaction logging ie Watching your employees
Securing the host ie blocking certain incoming possible holes
Enhanced Administration

- Mail servers stores and forwards mail. Uses SMTP and POP3
- Mailing list servers use SMTP and LISTSERV L9-18
- Media servers ie streaming audio and video
- DNS servers translate domain names into IP addresses and vice versa
- FTP servers handle file transfers
- News servers store and serve news articles. Uses NNTP
- Certificate servers validate, or certify, keys.
- Directory servers allows a company to provide authenticated users with a
directory of names and network services, such as email lists, company
contracts, and address information.
- Catalog servers provide a single point of access to search for information.
ie search engines.
- Transaction servers are intended as client/server replacements for
Customer Information Control Systems (CICS) mainframe servers.

---

Lesson 10: Name Resolution

Objectives:
XXXX

HOSTS and LMHOSTS files

Until DNS was implemented, a single file called the HOSTS table was managed
and implemented by the Stanford Research Institute Network Information
Center (SRI-NIC).

DNS was invented in 1984 by Paul Mockapetris in response to the difficulty
of managing the hosts table.

See L10-8 TLD table

DNS Server Types - not on test

root
masteer
primary
secondary
caching and caching-only
forwarding
slave

DNS Records - not on test

IN
NS
SOA
A
CNAME
MX
PTR

---

Windows Internet Naming Service (WINS)
the M$ implementation of DNS

Differences from DNS:
- dynamic rather than static
- central management
- no hierarchy
- DNS does not process NetBIOS names
- WINS uses an LMHOSTS file. DNS uses a HOSTS file.

DNS and WINS can co-exist on a network. See L10-22

Lesson 11: Address and Parameter Allocation for TCP/IP Hosts

Objectives:
- Define the function and roles of the BOOTP server and client.
- Define the function and roles of the DHCP server and client.
- Compare and contrast RARP, BOOTP, and DHCP.
- Explain the difference between dynamic and manual address allocation.
- Install and configure a DHCP server and client.

BOOTP is used with TFTP (*TFTP is stateless*).

"Scope" is the pool of IP addresses that can be used for a DHCP client.

Routers, servers, etc. usually have static IP addresses.

*default lease life for DHCP is 72 hours*

if an IP address is manually set for a DHCP client, the DHCP server can
send the same IP address every time to that computer.

Lesson 12: Remote Connectivity

Objectives:
- Describe two remote connectivity solutions: remote access servers and VPNs.
- Identify the two types of remote connectivity.
- Describe remote access protocols, including PPP, SLIP, and PPTP.
- Compare analog dial-up connections with ISDN connections.
XXX

Types of Remote Connectivity

Remote control - the remote user can log in and use programs on a server.
ex. PCAnywhere.
Remote node - Extends the LAN, making it look as though the computer is
physically part of the same network.

Remote Access Servers - are network computers that provide remote users
with LAN access.

<***>
*PPP* - an encapsulation method for sending IP packets over a link.
Advs:
- Dynamic assignment of IP addresses
- Use of protocols other than TCP/IP
- Improved error detection and correction
- Increased data compression
- Easier authentication

SLIP - Serial Line Internet Protocol
SLIP is the predecessor to PPP

Disads:
- No error detection/correction
- No ability to dynamically assign IP addresses
- No data compression
- No automated authentication - usually uses a script

---

ISDN

still dialed, but much faster than POTS modems
BRI:
2 "B" - bearer - channels of 64Kbps each
1 "D" - delta - channel for control at 64k

PRI:
23 B channels, + 1 D channel

---

Remote Access Server software

Dial-up networking is the client side RAS. The rest is server side.

Modem configurations:
needs:
- unique IRQ
- I/O address
- maximum port speed

---
****
VPNs:

allows 2 private networks to communicate securely over a public network,
such as the Internet, using various protocols, such as PPTP. PPTP was
originally developed by Micro$oft.
NetBIOS/NetBEUI can be sent over a VPN, because to the computers, it looks
like the same network.

VPN packages include: Novell BorderManager, Microsoft PPTP, and the UNIX
ssh (Secure Shell).

Lesson 13: User Management

Objectives:
XXX

Authentication
3 ways to prove identity:
- What you know.
- What you have.
- Who you are.

What you know: Passwords, username, etc.
What you have: Keys, swipe cards, etc.
Who you are: Biometrics

Two different types of security models:

Peer level:
Does not require dedicated resources such as a file server.
- less secure for lack of central access control
- less control over file and resource management
- not scalable.. limited to about 10 users.

User level:

Centralized user accounts database - computers must be in the database to
access network resources
Local account databases - controls which users can access.
- increased security
- support for a larger number of users
- increased control over access to resources
- the ability to monitor access to resources through system logs.
- the ability to grow in response to an organization's needs

- Higher cost.

---

Creating User Accounts

login accounts - establishes an individual's identity;
tied to rights/permissions
attributes:
- username
- password
- group associations
- permissions
- additional options, such as login scripts and a home directory

Group associations

*WinNT includes a default "Administrator" group
*Novell includes a default "Admin" group
*UNIX includes a default "root" group

Permissions
- read - read from a file/folder/drive
- write - write to a file/folder/drive
- execute - run programs on a file/folder/drive
- print - print to printers on a system

---

Administrative Privileges

Good passwords:
- six characters long
- both uppercase and lowercase
- at least 1 number
- at least 1 symbol

Implementing a password policy
- plan the password policy - decide what's standard.
- write and publish the policy
- create a balanced policy - not too strict or leniant, but still simple

See L13-29 for Network Policies

SOPs are and written policy on which IT and management agree. Usually apply
to techies more than users.

Lesson 14: Network Printing

Objectives:
- Describe the components used in network printing, including print servers
and print queues.
- Discuss the flow of a print job from client to network printer.
- Set up and use a network printer.
- Configure a network printer.

In WinNT, a printer is the software driver required to act as an interface
between the print server and the print device.

UNC Path: \\student1\hp
\\computer\printername

Lesson 15: Data Protection

Objectives:
- Identify ways to establish a baseline of your system's status
- Explain RAID levels and their signifigance for fault tolerance,
including mirroring, duplexing, and stripping with and without parity.
- Discuss data protection devices and their features, including UPS and
removable media.
- Describe standard backup procedures, including the full, incremental,
differential and copy methods.
- Prepare for disaster recovery on a Windows NT system by creating a
boot disk and an emergency repair disk.

RAID 0: Disk Striping

A stripe set is a collection of physical drives that have been configures to
act as one logical set. RAID Level 0 causes each file to written to the
stripeset to be brokem into pieces, each of which is written to a different
disk. This is NOT FAULT TOLERANT

RAID Level 1: Disk Mirroring

2 hard drives are controlled by the same controller, and each write is
written to BOTH devices.

RAID Level 1: Disk Duplexing

Duplexing uses two drives AND two controllers, and writes the same thing
to both drives.

RAID Level 4: Disk Striping with large blocks

RAID Level 5: Disk Striping with parity

Uses at least 3 hard drives.
Disk striping with parity becomes fault-tolerant by building on the stripe
set discussed previously to include parity (for error checking calculations)
A portion of each write request is written to a seperate physical drive
in the stripe set. The parity information is never on the same drive as its
corresponding data.
RAID 5 IS FAULT TOLERANT

Tape Backup

UPS: Uninterruptable Power Supply

Folder replication: copying folders to other computers

Removable media: Floppies, ZIP disks, CD-ROMs, etc.

<***>
Backup methods for tape include:
Normal or Full - Backs up everything, and resets all archive bits
Incremental - only changed files are backed up, and it resets the archive bits
Differential - backs up changed files, but does not reset archive bit.
Copy - does a full backup, but does not reset the archive bits.

Lesson 16: Network Security Essentials

Objectives:
- Explain the need for network security and identify resources that need
security
- List the two major categories of security threats.
- Discuss two types of hackers and determine attack types.
- Describe a computer virus and explain how to protect your computer from
virus attacks.
- List key security standards.
- Explain the purpose of security organizations.
- Explain the audit process.

Security: the need to safeguard physical and informational assets.
Defense and protection.

Biggest threat is your own users.. unintentional threats.

Two types of threats:
- Accidental threats: innocent users who somehow behave in a way that
presents a threat.
- Intentional threats: these occur when a hacker attempts to discover,
penetrate, and control system resources.

Two types of hackers:
Casual - info seeker, thrill seeker.
Determined - wants to enter YOUR system specifically

Types of Attacks:
Spoofing - Hacker assumes one of your IP addresses
Man-in-the-Middle - packet sniffing
Denial of Service - host cannot perform because resources are tied up elsewhere.
Insider attacks - disgruntled workers
Front-door attacks - hacker gains access and imitates a legit user
Brute force - similar to front door, hacker uses every character possible
Trapdoor - commands that open holes
replay attacks - re-attacks, using set up from previous attacks.
Trojan horse - alledgedly legit programs that do unintential things.
Social engineering - Calling and asking, etc.

***Viruses:

types:
Macros - written for a program, like Outlook, Word, or Excel
Executables - attach to exe's
Boot sector - copies itself to boot section, running on boot
stealth - avoiding detection by re-direction HD requests
polymorphic - mutates itself.

Virus software:
Install ASAP
update virus definition files
check for patches and fixes *from web and disks*

Read L16-10 about Robert Morris

---
The Hacker Process

Stage 1: Discovery
Gather as much info as possible about the network/system
- Computer type and operating system configuration
- what services are running?
- what ports are open?
- what's the physical topology
- placement of services on a particular system

Stage 2: Penetration
Target the weakest link and try to break in
- System defaults/out of the box settings
- System bugs and network access

Stage 3: Control
Try to control the system
- Destroy evidence
- lock out administrators
- obtain additional accounts for future use

---
Auditing Phases
Testing your security

Status quo analysis
- How effective is the existing security?
- how would you improve security?
- What is the most frustrating aspect of the current security application?
- How often do you change passwords?
- Do you repeat passwords?
- Password replacement procs
- How would you break into your current system?

- Physical security
- Services discovery - do we need everything that we're running?

Risk Analysis - What's at risk? What are hackers going to hit?
Threat Analysis - How are hackers going to attack?

---

Securing a Server
- Change your system defaults
- determine permissions given to users and groups. Don't give extra permission
- ***TRAIN USERS***
- Begin Automated logging
- Establish a baseline of activity
- Combine operating system and Internet server policies.
- Change the system topology
- Establish a written policy of user guidelines

Lesson 17: Enterprise Network Security - Encryption and Firewalls

Objectives:
- Describe the three major types of encryption
- Describe the enterprise-level security protocols
- List and discuss the four major types of firewalls

Encryption not on test.

*A firewall is only effective if it is the only way in or out of a network.*

*Digital Certificate acts as a middleman between user and server and vouches
for the server.*

A Firewall is a computer placed between a trusted computer and an
untrusted computer.
Firewall functions
- packet filtering
- Serving as a circuit-level or application level gateway
- Detecting intrusions
- providing enhanced password authentication
- logging and reporting
- taking evasive action
- Permitting encrypted access

Packet filters inspect each packet for pre-defined content.
- source IP address
- destination IP
- TCP/UDP source port
- TCP/UDP destination port

Proxy servers

Circuit-level gateway acts as a gateway between the Internet and your internal
systems. Network OSI Layer.

Application-Level is same, but at the Application OSI layer.

Screened-host firewall (firewall + router)

***Demilitarized Zone***
See L17-33
Most secure firewall configuration.

Lesson 18: Maintaining Your Network

Objectives:
- Explain the importance of version control
- Describe the strategies for version control.
- Identify the appropriate times for verifying functionality when moving
or changing equipment.
- Determine how and when to apply patches and fixes to your system.
- Plan key areas of support for your network.

Version Control
- Upgrade programs
- upgrade operating systems
- remove outdated files
- resolving file conflicts and replacing overwritten files.

Moving or changing equipment
- Verifying functionality
- Verify all server functions ASAP
- Network equipment
- test before and after move

Patches and Fixes
- OS patches
- software patches

Supporting Your Network
- verbal assistance
- user education
- technical service
- *Prioritization*

Lesson 19: Troubleshooting the Network and Diagnostic Tools

Objectives:
- Analyze the scope of network problems.
- Formulate troubleshooting methods.
- Analyse common troubleshooting indicators
- Explain common troubleshooting tools and their uses.

Analyzing the scope of the problem
- How many machines or network segments are affected?
- Is the problem occurring on more than 1 machine?
- Does the problem affect an entire workgroup of machines or an entire
network segment?
- Is the entire LAN experiencing the same problem?
- Are WAN segments affected? If so, are all WAN segments affected, or
only some?
- How frequently does the problem occur?
- Can the problem be duplicated?

DETECT:
Discover the problem
Evaluate the scope of the problem
Track possible approaches to solving the problem
Execute an approach
*Check for problem resolution*
Transfer knowledge

Using Troubleshooting Indicators
- Indicator lights
- Error logs and messages
- Event Viewer
- Task Manager
- Performance Monitor

Troubleshooting tools
- *Crossover cables*
- *Hardware loopback devices*
- Tone generators and tone locators (fox and hound)
- Vendor resources
- *Protocol Analyzers*
- Monitoring network traffic to identify network trends
- Identifying network problems and sending alert messages
- Identifying specific problems, such as error messages generated by devices
- Testing network connections, devices, and cables.