IS451exam2review

Card Set Information

Author:
tttran1
ID:
245139
Filename:
IS451exam2review
Updated:
2013-11-05 04:43:17
Tags:
IS451exam2review
Folders:

Description:
IS451exam2review
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user tttran1 on FreezingBlue Flashcards. What would you like to do?


  1. Concept of network mgmt
    • • Any complex system with many interacting components must be monitored, managed and controlled
    • • In the early 1980 networks expansion prompted the need for automated network management
    • • In general, network management is a service that employs a variety of tools, applications, and devices to assist human network managers in monitoring and maintaining networks.
  2. why is network mgmt necessary?
    • -Network management scenarios
    • • Detecting failure of an interface card in a device
    • • Host monitoring
    • • Traffic monitoring to optimize resource deployment
    • • Detecting rapid changes in routing tables
    • • Intrusion detection
  3. ISO FCAPS network mgmt model and its 5 conceptual areas
    • • Fault management – log, detect and respond to fault conditions in the network
    • • Configuration management – track devices and their h/w and s/w configs
    • • Accounting management - specify, log and control user access to network resources
    • • Performance management – quantify, measure, report, analyze and control performance of network components
    • • Security Management – control access to network resources according to some well-defined policy
  4. Name the different areas of network management.
    - Configuration, accounting, fault, security, and performance.
  5. What are the goals of performance management?
    - Measure and make available various aspects of network performance so that internetwork performance can be maintained at an acceptable level.
  6. What are the goals of configuration management?
    - Monitor network and system configuration information so that the effects on network operation of various versions of hardware and software elements can be tracked and managed.
  7. What are the goals of accounting management?
    - Measure network utilization parameters so that individual or group uses on the network can be regulated appropriately.
  8. What are the goals of fault management?
    - Detect, log, notify users of, and automatically fix network problems to keep the network running effectively.
  9. What are the goals of security management?
    - Control access to network resources according to local guidelines so that the network cannot be sabotaged and so that sensitive information cannot be accessed by those without appropriate authorization.
  10. network mgmt architecture (e.g. Managers, agents, protocol, MIBs)
    • Most network management architectures use the same basic structure and set of relationships. End stations (managed devices), such as computer systems and other network devices, run software that enables them to send alerts when they recognize problems (for example, when one or more user-determined thresholds are exceeded). Upon receiving these alerts, management entities are programmed to react by executing one, several, or a group of actions, including operator notification, event logging, system shutdown, and automatic attempts at system repair.
    • Management entities also can poll end stations to check the values of certain variables. Polling can be automatic or user-initiated, but agents in the managed devices respond to all polls. Agents are software modules that first compile information about the managed devices in which they reside, then store this information in a management database, and finally provide it (proactively or reactively) to management entities within network management systems (NMSs) via a network management protocol. Well-known network management protocols include the Simple Network Management Protocol (SNMP) and Common Management Information Protocol (CMIP). Management proxies are entities that provide management information on behalf of other entities.
  11. different version of SNMP
    • Since the inception SNMP, has gone through significant upgrades. However SNMP v1 and v2c are the most implemented versions of SNMP. Support to SNMP v3 has recently started catching up as it is more secured when compare to its older versions, but still it has not reached considerable market share.
    • SNMPv1: This is the first version of the protocol, which is defined in RFCs 1155 and 1157
    • SNMPv2c: This is the revised protocol, which includes enhancements of SNMPv1 in the areas of protocol packet types, transport mappings, MIB structure elements but using the existing SNMPv1 administration structure ("community based" and hence SNMPv2c).
    • SNMPv3: SNMPv3 defines the secure version of the SNMP. SNMPv3 also facilitates remote configuration of the SNMP entities.
    • Though each version had matured towards rich functionalities, additional emphasis was given to the security aspect on each upgrade. Here is a small clip on each editions security aspect.
    • SNMP v1 Community–based security
    • SNMP v2c Community–based security
    • SNMP v2u User–based security
    • SNMP v2 Party–based security
    • SNMP v3 User–based security
  12. SMI- how are managed objects defined; how information is stored in MIB
    • • MIB (Management Information Base) – virtual information store for a collection of managed objects
    • • Describes structure of management data on managed device
    • • Each variable that describes some part of device configuration is identified by a unique OID (object ID)
    • • Vendors define MIB variables for their own use
    • • MIB II – standard MIB implemented by all managed objects
  13. Standard MIB required to be implemented by all devices
    MIB II
  14. What is used to define management information in MIBs?
    SMI
  15. what is ASN.1?
    a standard for describing data that is independent of machine-specific encoding.
  16. Why is ASN.1 necessary to defined managed objects?
    • SMI (Structure of management information)
    • • SMI is the language used to define the management information residing in a managed object – logically
    • • SMI states that each managed object should have a name, syntax and encoding
    • • SMI is a subset of ASN.1 - a standard for describing data that is independent of machine-specific encoding.
  17. How are managed objects named? (OID) Hierarchical nature of object orgs.
  18. What does OID identifies about a MID object? It's value, it's position in the MIB subtree, it's priority, or the number of its subnodes
    It's position in the MIB subtree
  19. Schema
    -directory blueprint that describes structure of information in the directory
  20. What transport does SNMP use and why?
    UDP Transport - lower overhead, cut down overhead, quick delivery
  21. Understand SNMP operations
    • • Get - is a request sent by the manager to the managed device. It is performed to retrieve one or more values from the managed device.
    • • Getnext - retreive a group of values; This operation is similar to the GET. The significant difference is that the GET NEXT operation retrieves the value of the next OID in the MIB tree.
    • • getbulk (SNMPv2 and SNMPv3) - retreive a section of a table; used to retrieve voluminous data from large MIB table.
    • • Set - change value or create a new row in the table; used by the managers to modify or assign the value of the Managed device.
    • • Getresponse -
    • • Trap - asynchronous operation; Unlike the above commands which are initiated from the SNMP Manager, TRAPS are initiated by the Agents. It is a signal to the SNMP Manager by the Agent on the occurrence of an event.
    • notification (SNMPv2 and SNMPv3)
    • inform (SNMPv2 and SNMPv3) operation - This command is similar to the TRAP initiated by the Agent, additionally INFORM includes confirmation from the SNMP manager on receiving the message.
    • report (SNMPv2 and SNMPv3) operation - allow SNMP engines to communicate with each other (mainly to report problems with processing SNMP messages).
  22. Get operation
    - is a request sent by the manager to the managed device. It is performed to retrieve one or more values from the managed device.
  23. Getnext operation
    - retreive a group of values; This operation is similar to the GET. The significant difference is that the GET NEXT operation retrieves the value of the next OID in the MIB tree.
  24. getbulk (SNMPv2 and SNMPv3) operation
    - retreive a section of a table; used to retrieve voluminous data from large MIB table.
  25. Set operation
    - change value or create a new row in the table; used by the managers to modify or assign the value of the Managed device.
  26. Getresponse -
  27. Trap operation
    - asynchronous operation; Unlike the above commands which are initiated from the SNMP Manager, TRAPS are initiated by the Agents. It is a signal to the SNMP Manager by the Agent on the occurrence of an event.
  28. notification (SNMPv2 and SNMPv3) operation
  29. inform (SNMPv2 and SNMPv3) operation
    - This command is similar to the TRAP initiated by the Agent, additionally INFORM includes confirmation from the SNMP manager on receiving the message.
  30. report (SNMPv2 and SNMPv3) operation
    - allow SNMP engines to communicate with each other (mainly to report problems with processing SNMP messages).
  31. SNMP command used to make changes in a router configuration? Get, get-next, set, trap
    set
  32. SNMP commands not originated by NMS? Get, get-next, set, or trap?
    Trap
  33. An SNMP _ is responsible for responding to polls from and sending traps to an SNMP? -Agent; manager -Manager; agent -NMS; protocol -Agent; MIB -NMS; Manager
    Agent; manager
  34. what is a directory?
    • A directory service is the collection of software, hardware, processes, policies, and administrative procedures involved in making the information in your directory available to the users of your directory.
    • It’s a hierarchical database that stores information in an object-oriented, rather than a tabular form, as an RDBMS does. The difference in the architecture is in the type of services that a directory provides.
  35. Directory as a database comparison
    • Directory is a specialized database
    • • Directories typically have a higher read-to-write ratio than databases.
    • • Directories are typically more easily extended
    • • Directories are usually more widely distributed
    • • Directories are often replicated on a higher scale
    • • Directories usually have very different performance characteristics
    • • Support for standards is important in directories, less so in databases.
  36. Directory Services replication
    • -it allows directory database to be distributed
    • -it supports directory access load-balancing
    • -it supports directory fault-tolerance
  37. Type of access is the most common in the Directory Services? Read, write, update, delete
    read
  38. X.500 directory architecture
    • The X.500 Directory is developed for storing information about objects, such as organizations, persons, distribution lists, groups, certification authorities, etc. The information stored about an object is identity information and other information associated with the object, e.g. its postal address.
    • • Implemented as a distributed database
    • • All network entities are implemented as objects with attributes
    • • Schema defines the directory “blueprint”
  39. Client-server (DUA, DSA)
    • DUA - Directory User Agent
    • DSA - Directory System Agent
    • - Directory Access Protocol (DAP): make full use of Abstract Syntax Notation One (ASN.1), while uses are more simple ASN.1 approach combined textual formats. DAP has also more security functions than LDAP.
    • - Directory User Agent (DUA): A component that represents the accessing user and interfaces to one of the DSAs in an X.500 directory
    • - Directory System Agent (DSA): A component that maintains and communicates directory information is called a Directory System Agent; most support LDAP access
  40. Protocol used for directory access
    DAP
  41. What is a directory client
    DUA
  42. What holds the data repository
    DSA
  43. Protocols: DAP, DSP
    • DAP - Directory Access Protocol
    • DSP - Directory Server Protocol
  44. Directory naming conventions: DN, RDN
    • DN (distinguished name)- Each object is identified by it’s distinguished name (DN) that’s unique in the directory (e.g. cn=ChocCookie ,ou=recipes, dc=foobar, dc=com; Printer1.is.umbc.edu; dglazer.umbc.edu)
    • RDN - Each object has RDN – simple object name that is unique within a tree level (e.g. Printer1, dglazer)
    • Distinguished Names (DN) and Relative Distinguished Names (RDN) are naming conventions in X.500. RDN is comprised of one or more (attribute type, attribute value) pairs and is unique within a tree level (i.e. Printer1, dglazer). Typically, only a single (attribute type, attribute value) pair is for an RDN. The reason for the added complexity is for an odd case of two John Does, and being able to distinguish between the two. DN identifies objects unique in the directory (i.e. cn=ChocCookie, ou=recipes, dc=foobar, dc=com; Printer1.is.umbc.edu)
  45. RDN
    • Relative Distinguished Names
    • Each object has RDN – simple object name that is unique within a tree level (e.g. Printer1, dglazer)
    • -is comprised of one or more (attribute type, attribute value) pairs and is unique within a tree level (i.e. Printer1, dglazer).
    • -Typically, only a single (attribute type, attribute value) pair is for an RDN.
    • -The reason for the added complexity is for an odd case of two John Does, and being able to distinguish between the two.
  46. DN
    • Distinguished Names
    • Each object is identified by it’s distinguished name (DN) that’s unique in the directory (e.g. cn=ChocCookie ,ou=recipes, dc=foobar, dc=com; Printer1.is.umbc.edu; dglazer.umbc.edu)
    • identifies objects unique in the directory (i.e. cn=ChocCookie, ou=recipes, dc=foobar, dc=com; Printer1.is.umbc.edu)
  47. An attribute
    Each piece of information that describes some aspect of a directory entry
  48. what is LDAP?
    • "Lightweight Directory Access Protocol"
    • It was originally designed to provide access to X.500 databases; however it is now more common to find LDAP servers in a standalone capacity. LDAP has become the defacto standard for internet directory services
    • LDAP operations are divided into 3 areas: Authentication, Interrogation, Update
    • -LDAP is an open network protocol standard designed to provide access to distributed directories.
    • -LDAP provides a mechanism for querying and modifying information that resides in a directory information tree (DIT).
    • -LDAP is just a protocol that defines the method by which directory data is accessed.
    • -Necessarily, it also defines and describes how data is represented in the directory service (the Data Model).
    • -Finally, it defines how data is loaded (imported) into and saved (exported) from a directory service (using LDIF).
  49. How does LDAP relate/compare to X.500?
    • • LDAP was originally developed as an alternative to X.500 DAP protocol
    • • It was designed to use TCP/IP instead of OSI protocol stack (“lighter protocol”).
    • • LDAP evolved into a complete directory service
    • • LDAP’s architecture and naming structure are based on X.500 standard
    • • Although today’s version of DAP also runs over TCP/IP, LDAP remains the popular option for connection to a Directory.
  50. LDAP protocol operations
    • • Authentication: Open, bind and unbind; allows the client to prove its identity to the DSA.
    • • Interrogation: Search, compare; provides a method for the client to interrogate the directory information tree.
    • • Update: Add, Modify, Delete; defines a mechanism for the client to add or modify information in the directory information tree.
  51. common directory products
    • (Microsoft Active Directory;
    • Novell eDirectory;
    • Apple Open Directory;
    • Sun Java System Directory Server;
    • Apache Directory Server;
    • Oracle Internet Directory)
  52. What is RAID?
    • Redundant Array of Inexpensive (Independent) Disks
    • • Consolidate multiple physical disks into a logical grouping
    • • Designed for fault tolerance and performance improvement
    • • Can be implemented in H/W or S/W
    • • Several RAID levels exist
  53. What are RAID levels?
    • • RAID 0 – Striping (min 2 disks)
    • • RAID 1 – Mirrored Volumes (min 2 disks) aka duplexing
    • • RAID 2 – Bit-level striping with parity distributed to one or more disks
    • • RAID 3 – Byte-level striping with dedicated parity disk
    • • RAID 4 – Block-level striping with dedicated parity disk
    • • RAID 5 – Block-level striping with distributed parity (min 3 disks)
    • • RAID 6 – Block-level striping with distributed double parity (similar but with extension of RAID 5, min 4 disks)
  54. RAID level 0 (how are they built, how is the data stored and accessed, what type of fault-tolerance is provided).
    • RAID 0 – Striping
    • RAID Level 0 requires a minimum of 2 drives to implement
    • Characteristics and Advantages
    • ○ RAID 0 implements a striped disk array, the data is broken down into blocks and each block is written to a separate disk drive
    • ○ I/O performance is greatly improved by spreading the I/O load across many channels and drives
    • ○ Best performance is achieved when data is striped across multiple controllers with only one drive per controller
    • ○ No parity calculation overhead is involved
    • ○ Very simple design
    • ○ Easy to implement
    • Disadvantages
    • ○ Not a "True" RAID because it is NOT fault-tolerant
    • ○ The failure of just one drive will result in all data in an array being lost
    • ○ Should never be used in mission critical environments
  55. RAID level 1 (how are they built, how is the data stored and accessed, what type of fault-tolerance is provided).
    • RAID 1 – Mirrored Volumes aka duplexing (duplicating volumes)
    • For Highest performance, the controller must be able to perform two concurrent separate Reads per mirrored pair or two duplicate Writes per mirrored pair.
    • RAID Level 1 requires a minimum of 2 drives to implement
    • Characteristics & Advantages
    • ○ One Write or two Reads possible per mirrored pair
    • ○ Twice the Read transaction rate of single disks, same Write transaction rate as single disks
    • ○ 100% redundancy of data means no rebuild is necessary in case of a disk failure, just a copy to the replacement disk
    • ○ Transfer rate per block is equal to that of a single disk
    • ○ Under certain circumstances, RAID 1 can sustain multiple simultaneous drive failures
    • ○ Simplest RAID storage subsystem design
    • Disadvantages
    • ○ Highest disk overhead of all RAID types (100%) - inefficient
    • ○ Typically the RAID function is done by system software, loading the CPU/Server and possibly degrading throughput at high activity levels. Hardware implementation is strongly recommended
    • ○ May not support hot swap of failed disk when implemented in "software"
  56. RAID level 5 (how are they built, how is the data stored and accessed, what type of fault-tolerance is provided).
    • RAID 5 – Block-level striping with distributed parity
    • Each entire data block is written on a data disk; parity for blocks in the same rank is generated on Writes, recorded in a distributed location and checked on Reads.
    • RAID Level 5 requires a minimum of 3 drives to implement
    • Characteristics & Advantages
    • ○ Highest Read data transaction rate
    • ○ Medium Write data transaction rate
    • ○ Low ratio of ECC (Parity) disks to data disks means high efficiency
    • ○ Good aggregate transfer rate
    • Disadvantages
    • ○ Disk failure has a medium impact on throughput
    • ○ Most complex controller design
    • ○ Difficult to rebuild in the event of a disk failure (as compared to RAID level 1)
    • ○ Individual block data transfer rate same as single disk
  57. Know the difference between HW and SW RAID implementations.
    • Hardware RAID
    • • Volume Management performed by RAID controller
    • • Parity computation performed by the RAID controller – decreases server overhead
    • • Dedicated cache memory improves server performance
    • • Hardware RAID is implemented through the server hardware
    • ○ Independent of the operating system
    • • Advantages over software RAID:
    • ○ Faster read and write response
    • ○ The ability to place boot and system files on different RAID levels
    • ○ The ability to ‘‘hot-swap’’ a failed disk
    • ○ More setup options to retrieve damaged data
    • Software RAID
    • • Performed by the server O/S
    • • Parity computation performed by the server – increased overhead
    • • RAID performance depends on the server performance and CPU load
    • • For simple environments with lower performance and availability requirements
    • • Software RAID implements fault tolerance through the server’s operating system
  58. Hardware RAID
    • • Volume Management performed by RAID controller
    • • Parity computation performed by the RAID controller – decreases server overhead
    • • Dedicated cache memory improves server performance
    • • Hardware RAID is implemented through the server hardware
    • ○ Independent of the operating system
    • • Advantages over software RAID:
    • ○ Faster read and write response
    • ○ The ability to place boot and system files on different RAID levels
    • ○ The ability to ‘‘hot-swap’’ a failed disk
    • ○ More setup options to retrieve damaged data
  59. Software RAID
    • • Performed by the server O/S
    • • Parity computation performed by the server – increased overhead
    • • RAID performance depends on the server performance and CPU load
    • • For simple environments with lower performance and availability requirements
    • • Software RAID implements fault tolerance through the server’s operating system
  60. Network Storage options:
    • Direct attached storage (DAS)
    • Network attached storage (NAS)
    • Storage Area Networks (SAN)
  61. Direct attached storage (DAS)
    Where storage device is locally attach to the server and share within the server itself, it uses it own file system to block by block retrieve data from the storage device but then through the use of NFS, by sharing that data over the network, client can connect to the file server and request using file-level access using the network, possibly request a file
  62. Network attached storage (NAS)
    Have NAS device, think of it as a combo of storage with network interface and only within file system so specialized file server which optimize for data storage access and have its own network interface
  63. Storage Area Networks (SAN)
    A network of server and storage devices that provide block level access and allow your storage device to be share between multiple servers
  64. Fibre Channel vs iSCSI
    • Fibre Channel- a protocol
    • • Traditional SANs used Fibre Channel protocol and storage technology to connect SAN at gigabit speeds
    • • SCSI commands transmitted over FCP
    • • Expensive
    • • Requires dedicated network equipment/architecture
    • -purpose is to take SCSI command and encapsulate them and transmit over a network
    • -infrastructure or architecture to the fabric the type of network connection and devices where server and storage can be interconnected
    • iSCSI (internet small computer system interface)
    • SCSI- interface that allow multiple devices to connect to a computer; a set of standards for physically connecting and transferring data between computers and peripheral devices.
    • • Allows SAN utilize TCP/IP for block-level data transfer
    • • Transport for SCSI commands
    • • Existing networks (routers/switches) can be utilized – no need for special equipment
    • • With current network technologies supporting gigabit speeds, comparable to FC in speed
    • • NAS-SAN Integration
    • -go over TCP/IP network, an alternative that allow you to connect to your storage device using block-level over typical IP network not over Fibre Channel network
  65. Fibre Channel
    • Fibre Channel- a protocol
    • • Traditional SANs used Fibre Channel protocol and storage technology to connect SAN at gigabit speeds
    • • SCSI commands transmitted over FCP
    • • Expensive
    • • Requires dedicated network equipment/architecture
    • -purpose is to take SCSI command and encapsulate them and transmit over a network
    • -infrastructure or architecture to the fabric the type of network connection and devices where server and storage can be interconnected
  66. iSCSI (internet small computer system interface)
    • SCSI- interface that allow multiple devices to connect to a computer; a set of standards for physically connecting and transferring data between computers and peripheral devices.
    • • Allows SAN utilize TCP/IP for block-level data transfer
    • • Transport for SCSI commands
    • • Existing networks (routers/switches) can be utilized – no need for special equipment
    • • With current network technologies supporting gigabit speeds, comparable to FC in speed
    • • NAS-SAN Integration
    • -go over TCP/IP network, an alternative that allow you to connect to your storage device using block-level over typical IP network not over Fibre Channel network
  67. Understand the difference between file-level and block-level access.
    • • Block-level access: write/read blocks; master/slave relationship
    • • File-level access: using file names; client/server relationship
  68. Block-level access:
    • -write/read blocks;
    • -master/slave relationship
    • -So the filing system sends commands to "slave" storage to write data to certain blocks and retrieve it from certain blocks.
    • -This is what is commonly called block-level storage. In my new book I talk about this as storing.
    • -Storing functions are based on master/slave relationships, not client server.
  69. File-level access:
    • -using file names;
    • -client/server relationship
    • -It is also possible for systems to request data using the user-level data representation interfaces (File level storage).
    • -This is done by the client using the data's filename, its directory location, URL, or whatever.
    • -This is a client/server model of communicating.
    • -The server in this case receives the filing request and then looks up the data storage locations where the data is stored and retrieves it using storing level functions (block level storage).
    • -The server does not send the file to the client as blocks, but as bytes of the file.
    • -File level protocols do not have the capability of understanding block commands.
    • -Likewise, block protocols cannot convey file access requests and responses.
  70. Understand where the file system is located for each network storage option (SAN, DAS, NAS).
    • SAN- file system in server
    • DAS- file system in server
    • NAS- file system in NAS device
  71. Network (Distributed) File Systems (SMB, CIFS, NFS, AFS)
    -Client/server based application that allows clients to access and process data stored on the server as if it were on their own computer
  72. what is a network file system? (NFS)
    • Network protocol- that allows a server to share directories and files with clients over a network. With NFS, users and programs can access files on remote systems as if they were stored locally
    • -client/server application that lets a computer user view and optionally store and update file on a remote computer as though they were on the user's own computer.
    • NFS benefits:
    • -data that would otherwise be duplicated on each client can be kept in a single location and accessed by clients on the network
    • -user home directories can be stored in one location and accessed by their owners over the network
    • -removable media storage devices can be used by other machines on the network. This reduces the number of devices throughout the network and provides a centralized location to manage their security.
  73. At what OSI or TCP/IP model layer do they (Network (Distributed) File Systems (SMB, CIFS, NFS, AFS)) function?
    Layer 7 application layer
  74. What are some common network file systems?
    • • SMB/CIFS; Samba (Windows-based systems)
    • • NFS (Unix-based)
    • • AFS (Unix)
    • • AFP (MAC)
    • • NCP (Netware)

What would you like to do?

Home > Flashcards > Print Preview