HINF 345 Final

The flashcards below were created by user maylott on FreezingBlue Flashcards.

  1. What is the difference between Dedicated Server & Peer to Peer LANS?
    Dedicated Server Networks - Has one or more computers that are permanently assigned as network servers. These servers enable users to share files/printers. A dedicated server LAN can connect with almost any other network. In this kind of network, the OS is replaced with a network OS (Windows ---> LINUX). Dedicated Server Networks can have several types: Mail, Database, Web, File, Print.

    Peer to Peer (P2P) - All computers run network software that enables them to function both as clients and as servers. Authorized users can connect to any computer in the LAN that permits access and use its hard drivers and printer as though it were physically attached. In general, P2P LANs have less capability, support and limited number of comptuers.
  2. Discuss LAN components: Network Cables, Hubs, and Operating Systems
    • Network Cables - Each computer must be phsyically connected by network cable to other computers int he network. Most LANs are built with Twisted Pair (Unshielded [UTP], Shielded [STP]). Wireless LANS run on infrared/radio frequency.
    • Hubs And Switches - Serve two purposes: provide an easy way to connect cables, and act as repeaters.
    • Operating Systems - The software that controls the network. Every NOS provides two sets of software: one that runs the network servers, and one that runs on the network clients. NOS Server Software enables the file server, print server, or database server to operate. NOS client software running at the client compuers provides the datalink layer and network layer.
  3. What is topology? Discuss Basic Ethernet Topology.
    Topology is the basic geometric layout of the network - the way in which the computers on the network are interconnected.

    Logical Topology - how the network works conceptually

    Physical Topology - how the network is physically installed

    Bus Topology - Ethernet's logical topology, where all computers are connected to one half-duplex circuit running the length of the network. All frames from any computer flow intot he central cable (or bus) and through it to all computers on the LAN.
  4. Discuss MAC on a LAN.
    When several coputers share the same communication circuit, it is important to control their access to the media. Ethernet uses a contention based Media Access Control technique called "Carrier Sense Multiple Access with Collision Detection(CSMA/CD)". CSM/CD uses the concept: wait until the circuit is free, then transmit.

    Listening while transmitting is called "Collision Detection".
  5. Discuss the Types of Ethernet
    10Base-T - runs on very cheap twisted pair cable up to 100 meters. It is very inexpensive.

    100Base-T - has a maximum data range of 100 mbps, and uses UTP.

    1000Base-T - Uses Ethernet's traditional half-duplex approach, but most are configured to use full duplex. Each is also designed to run over fiber optic, but some may also use twisted pair.

    10/100 Ethernet - A hybrid that uses either 10Base-T or 100Base-T
  6. What is Switched Ethernet? Discuss its topology, MAC and performance benefits.
    Switched Ethernet is identical to traditional ethernet, except that a switch replaces the hub. In traditional shared ethernet, all devices share the same multipoint circuit and must take turns using it. When a frame is sent from one computer to another, it enters the hub, and the hub retransmits it to all computers attached to the hub.

    Topology - The hub is replaced with a switch called a workgroup switch because it is designed to support a small set of computers (16 to 24) in one LAN. It looks almost identical to hubs, but inside it is very different. A switch is an intelligent device with a small computer built in that is designed to manage a set of seperate point-to-point circuits. Each circuit connected to a switch is not shared with any other devices; only the switch and the attached computer use it. The physical topology looks essentially the same as Ethernet's: a star. On the inside, the logical topology is a set of seperate point to point circuits, also a star. The switch uses a forwarding table, similar to a routing table.

    - Eacjh of the circuits connected to the switch is a seperate point to point circuit connecting the switch to one compuer (or another network device), must share the circuit. MAC is done int he same manner as traditional ethernet: each computer listens before it transmits, and if no one is transmitting, it transmits. Unlike a hub, a switch is built so that it can simultaneously send/receive frames on ALL attached circuits.

    Performance Benefits
    - Dramatically improves network performance because each computer has its own dedicated point to point circuit, rather than one common shared multipoint circuit.
  7. Discuss Improving LAN performance, improving Server performance, improving circuit capacity and reducing network demand.
    • Improving LAN performance - To improve performance, you must locate the bottleneck, the part of the network that is restricting the data flow. Generally speaking, the bottleneck will lie in one of two places: network server or the network circuit.ters have difficulty sending requests to the network server, but the server lacks sufficient capacity to process all the requests it receives in a timely manner. If the network circuit, (connecting the LAN to the BN), the server can easily process all the client requests it receives, but the circuit lacks enough capacity to transmit all the reuests to the server. The bottleneck could also lie in the client computers themselves. The first step in improving performance is to identify where the bottleneck is occuring.

    • Improving Server performance - Improving server performance can be approached from two directions simultaneously: software and hardware. Replacing NOS with a faster one could improve performance. Hardware wise, purchasing a second server (or more) could improve performance
    • Improving circuit capacity - Increasing the volume of simultaneous messages the circuit can transmit from network clients to the servers. One obvious approach is to simply buy a bigger circuit. The other approach is to segment the network. If there is more traffic on a LAN then the network circuit and MAC can handle, the solution is to divide the LAN into several smaller segments. Breaking the network apart is called network segmentation.
    • Reducing network demand - Upgrading the server hardware and software, choosing a different LAN protocol, or segmenting the LAN are all strategies to increase network capacity. Performance also can be improved by attempting to reduce the demand on the network. Moving files to client computers, increasing the use of disk caching software on the client machines reducing the client's need to access disk files stored on the server are both solutions.
  8. Discuss WLAN Components: Network interface cards, acecss points, & radio frequencies
    Network interface cards - Each computer has a NIC, that is used to connect the computer into the WLAN. The NIC is a radio transciever in that it sends and receives radio signals through a short range, usually only about 100 meters.

    Acecss points - A central wireless AP is a radio transciever that plays the same role as a hub or switch in wired ethernet LANS. The AP also connects the WLAN into wired LANs, typically using 100Base-T. The AP acts as a repeater to ensure that all computers within range of the AP can hear the signals of all other computers.

    radio frequencies - WLANs use radio transmissions to send data between NIC and the AP. All radio transmissions are controlled by the government so that no two radio stations attempt to transmit in the same frequency range. The frequency range directly affects the data rates that can be transmitted. The larger the frequency range available (bandwith), the greater the capacity of the wireless circuit.
  9. Discuss WIFI topology, MAC, and types of WIFI (IEEE 802.11B, IEEE 802.11A, IEEE 802.11G)
    Wifi is the commercial name for a set of standards, developed by the IEEE standards group. A group of vendors selling 802.11 equipment trademarked the name WiFi to refer to 802.11.

    Topology - The logical and physical topologies of WiFi are the same as those of shared ethernet. They are a physical star and logical bus. There is a central AP to which all computers direct their transmissions (star), but the radio frequencies are shared (bus) so that all computers must take turns transmitting.

    MAC - Media access control in WiFi is Carrier Sense Multiple Access with Collison Avoidance (CSMA/CA), which is similar to contention based CSMA/CD approached used by traditional ethernet. With CSMA/CA, computers listen before they transmit and if no one else is transmitting, they proceed with transmission. Detecting collisions is more difficult in radio transmission, so WiFi attempts to avoid collisions to a greater extent. One method is: Distributed Coordination Function (DCF) - each frame is sent using stop and wait ARQ

    IEEE 802.11B - this standard provides moderate speed wireless networking int he 2.4 GHz range. It is a legacy technology, and no new products are being developed, but some firms still use it. It provides three channels for indoor use in the US. Each channel provides a maximum data range of 11Mbps. Only when there is significant interference, or the signal begins to weaken because the user is moving so far from the WLAn does the data range change in attempt to improve singal quality. The advantage of this standard is the frequency range, as it suffers less attenuation and thus the signal has greater range.

    IEEE 802.11A - This standard provides high speed wireless networking in the 5GHz range. It is a legacy technology, and no new products are being developed. It provides eight channels for indoor use int he US, and has fewer channels inother parts int he world. Each channel provides speeds of 54 MBps udner perfect conditions.

    IEEE 802.11G - This standard provides high speed wireless networking in the 2.4 GHz range. It will soon be replaced by 802.11N, so it too will be a legacy technology. I tprovides three channels for indoor use in the US. This standard provides for more or fewer channels in other parts of the world. Each channel provides a maximum data range of 54Mbps in ideal conditions of 300 feet. It is also backward compatible.
  10. Discuss the best practice WLAN design
    Selecting wireless technology is usually simple: you pick the newest one, cost permitting. Wireless technologies may change as they go through the standards processes, so using a 'draft' is not a good idea. Many organizations today are installing traditional wired networks, but use WLANs as overlay networks. They build the usual switched ethernet networks as primary LAN, but also install WLANs so that the employees can easily move their laptops.

    Physical WLAN design - Designing the physical WLAN is more challenging than designing a traditional LAN because the potential for interference means that extra care must be taken in the placement of access points. The physical WLAN design begins with a site survey, which determines the feasibility of the desired coverage, the potential sources of interference, the current locations of the wired netowk, and the estimate of number of APs required. The design process begins with the architectural drawings of the building, which is naturally divided into two parts. After the initial design is complete, a site survey is done using a temporary AP and a computer or device that can actually measure the strength of the wireless signal.

    • WLAN Security -
    • Service Set Identifier (SSID) is a security applied to WLANS which requires all client computers wanting access to an AP to include this in all packets. It provides a very basic security but is very easy to break.
    • WEP- With Wired Equivalent Privacy, the AP requires the user to have a key in order to communicate with it. All data sent to and from the AP is encrypted so that it can only be understood by computers or devices that have the key. I
    • MAC Address Filtering- with this, the AP permits the owner to provide a list of MAC addresses. The AP only processes frames sent by computers whose MAC address is in the address list; if a computer with a MAC address not in the list sends a frame, the AP ignores it.
    • WPA - Wifi Protected Access is a newer, more secure type of security. WPA works in ways similar to WEP and EAP: every frame is encrypted using a key, and the key can be fixed in the AP like WEP or can be assigned dynamically as users login. The difference is that WPA key is longer and harder to break.
    • 802.11i- is the newest, most secure type of WLAN security. It uses EAP to obtain a master key, where the user logs into a login server to obtain the master key.
  11. Discuss improving WLAN device performance, circuit capacity, and reducing network demands.
    device performance - Using the fasted/newest technologies - Using 802.11a with 802.11n, the network will slow down to accomodate 802.11a, affecting all computers.

    circuit capacity - Upgrade to 802.11g/n. The faster speeds at greater range should enable computers to quickly see the improved performance. Reexamining exact placement of Aps, checking sources of interference near AP and trying different styles of antennas are all other solutions.

    reducing network demands - Never place a server in a WLAN because all messages get sent twice. Performance will be improved if the sever is located in the wired portion of the same LAN as the AP
  12. Discuss Backbone Network Compnents (Switches, Routers, Gateways)
    There are two basic components to a BN: the network cable and the hardware devices that connect other networks to the BN. The hardware can be computers or special purpose devices.

    • Switches - Most switches operate at the data link la yer. They connect two or more network segments that use the same data link and network protocol. They learn addresses by reading the source and destination addresses
    • Routers - Operate at the network layer and connect two or more network segments taht use the same or different data link protocols but the same network protocol. Routers are "TCP/IP gateways". They strip off the data link layer packet, process the network layer packet and forward only those messages that need to go to other networks on the basis of their network layer address.

    - operate at the network layer and use network layer addresses in processing messages. They are more complex than switches or routers because they are the interface between two or more dissimilar networks. They connect two or more networks that use the same or different data link and network protocols. They may connect the same or different cable They translate one network layer protocol into another, translate data link layer protocols and open sessions between application programs, thus overcoming hardware/software incompatibilities.
  13. Discuss Backbone Architecture Layers
    Access Layer - the technology used in the LANs attached to the BN (ie. ethernet, 100Base-T). Although the access layer is not part of the BN, the technologies used in the LANs can have major impacts on the design of the backbone.

    Distribution Layer - The part of the backbone that connects the LANs together. This part of the backbone contains TCP/IP gateways.

    Core Layer - The part of the backbone that connects the different BNs together, often from building to building. The core layer is technologies used in the campus network or the enterprise network. Some small organizations are not large enough to have a core layer; their backbone spans only the distribution layer
  14. Discuss Routed Backbones
    Routed backbones move packets along the backbone on the basis of their network layer address. There are a series of LANs connected to a switched backbone. Each backbone switch is connected to a router. Each router is connected to a core router. These routers break the network into seperate subnets. The LANs in one building are seperate s ubnet. Message traffic stays within each subnet unless it specifically needs to leave that subnet.

    The primary advantage of a routed backbone is that it clearly segments each part of the network connected to the backbone. Each segment has its own subnet address that can be managed by a different network manager.

    There are two primary disadvantages to routed backbones. First, the routers in the network impose time delays. Routing takes more time than switching, so routed networks can sometimes be slower. Second, routers are more expensive an require more management than switches.
  15. Discuss Virtual LANs
    VLANs are a new type of LAN-BN architecture made possible b y intelligent, high - speed switches. VLANs are networks in which computers are assigned to LAN segments b y software rather than by hardware. They provide the same capability via software sot hat the network manager does not have to unplug and replug physical cables to move computers from one segment to another. They are faster and provide greater opportunities to manage the flow of traffic on the LAN and BN.

    A single switch VLAN, are connected into the one switch and assigned by software into different VLANs. The network manager uses special software to assign the dozens or even hundreds of computers attached to the switch to different VLAN segments.

    Benefits - Can put computers in different buildings into the same subnet, ability to manage the flow of traffic on the LAN and backbone very precisely, and it makes it much simpler to manage the broadcast traffic that has the potential to reduce performance and allocate resources to different types of traffic.

    *** They provide faster performance than the other backbone architectures
  16. Discuss the best practice backbone
    The most effective architecture for the distribution layer in terms of cost an dperformance is a switched backbone because it provides the best performance and the lowest cost. Most organizations are now implementing VLANs, especially those which have departments spread over multiple buildings, but VLANs add considerable cost and complexity to the network.

    Best practice architecture = switched backbone or VLAN

    Backbone technology = gigait ethernet

    To provide good reliability, some organizations may provide redundant switches
  17. Discuss improving backbone performance: improving computer and device performance, improving circuit capacity and reducing network demand
    improving computer and device performance - Faster routing prtocols or devices, ensuring that BNs have sufficient memory is one way to improve performance.

    improving circuit capacity- Increasing circuit capacity, adding additional circuits are two ways to improve circuit capacity.

    reducing network demand - one way to reduce demand is to restrict applications that use a lot of network capacity, such as videoconferencing.
  18. Discuss Circuit Switched Netowkrs, their basic architecture and plain old telephone services.
    Circuit switched networks are the oldest and simplest approach to MAN and WAN circuits. These services operate over the public switched telephone network (PSTN), that is, the telephone networks operated by the common carriers such as AT&T.

    Basic Architecture - Circuit switched services use a cloud architecture. The users lease connection points (ie. telephone lines), into the common carrier's network, which is called the cloud. A computer dials the telephone number of the destination computer and establishes a temporary circuit between the two computers. The computers exchange data and when the task is complete, the circuit is disconnected.

    Plain Old Telephone Service - (POTS) is the name for Dialup services. To use POTS, you need to lease a circuit into the network and install special equipment (ie. modem) to enable your computer to talk to PSTN. To transfer data to/from another computer, you instruct the modem to dial the other computers number. POTS may use different circuit paths between two computers each time a number is dialed.
  19. What is ISDN?
    Integrated Services Digital Network combines voice, video and data over the same digital circuit. To use ISDN, users first need to lease connection points in the PSTN, which are telephone lines just like POTS. Next, they must have special equipment to connect their computers or networks. Users need an ISDN network terminator that functions much like a hu, and a NIC, ina ll computers attached to the NT 1/N2. In most cases, the ISDN service appears identical to the regular dialed telephone service, with the exception that usually (but not always) each device is connected to a unique Service Profile Identifier (SPID).
  20. Discuss Dedicated Circuit Networks: basic architecture, T carrier services, and Synchronous Optical Network
    There are 3 main problems with POTS and ISDN: each connection goes through the telephone on a different circuit, all which vary in quality, data transmission rates are generally low, and you pay per use.

    • basic architecture - circuits are leased from common carriers, and all connections are point to point. The carrier installs the circuit connections at two end points of the circuit and makes the connection between them. The circuits still run through the common carrier's cloud, but the network behaves as if you have your own phsyical circuits running from one point to another. Dedicated circuits have a flat fee per month, and the user has unlimited use of the circuit. There are three basic architectures:
    • 1.Ring - connects all computers ina closed loop with each computer linked to the next
    • 2.Star -connects all computers to one central computer that routes messages to appropriate computers
    • 3. Mesh - Full = every computer is connected to every other computer. Partial = many but not all are connected.

    • T carrier services - the most commonly used form of dedicated circuit services in North America tody. As with all dedicated circuit services, you lease a dedicated circuit from one building in one city to another building in the same or different city. Costs are a fixed amount per month, regardless of how much or how little trafic flows through the circuit. Types include:
    • 1.T1 Circuit - provides a data rate of 1.544 MBps. They can be used to transmit data but are often are used to transmit both data and voice.
    • 2.T2 Circuit - transmits data at a rate of 6.312MBps, and is an inverse multiplexed bundle of four T1 circuits.
    • 3.Fractional T1- offers portions of 1.544 MBps T1 circuit, for a fraction of its full cost.

    Synchronous Optical Network (SONET) -
    The American standard (ANSI) for high speed dedicated circuit services. SONET transmission speeds begin on the OC1 level of 51.84 Mbps. Each succeeding rate in the sonet fiber hierarchy is defined as a multiple of OC-1
  21. Discuss Virtual Private Networks (VPN): Basic Architecture & VPN Types
    A VPN provides the equivalent of private packet-switched network over the public internet. It involves establishing a series of PVCs that run over the Internet sot hat the network acts like a set of dedicated circuits over a private packet network.

    Basic Architecture
    - First, you lease an internet connection at whatever access rate and technology you choose for each location you want to connect. The VPN gateway at the sender takes the outgoing packet and encapsulates it with a protocol that is used to move it through the tunnel to the VPN gateway on the other side. The VPN gateway at the receiver strips off the VPN packet and delivers the packet to the destination network. The VPN is transparent to the users and the ISP and Internet as a whole.

    Primary advantages of VPNs are low cost & flexibility.

    Primary disadvantages: traffic on the internet is unpredictable, and because data travels on the internet, security is always a concern.

    • VPN Types - There are three common types in use:
    • 1.Internet VPN- provides virtual circuits between organization offices over the internet. Each location has a VPN gateway that connects the location to another location through the internet
    • 2.Extranet VPN - The same as an intenert VPN except the VPN connects several different organizations over the internet
    • 3. Access VPN - enables emplyees to access an organization's network from a remote location.
  22. Discuss the basic architecture of Packet Switched Networks
    Packet switched networks are quite different. For both circuit switched and dedicated networks, a circuit was established between two communicating computers. This circuit provided a guaranteed data transmission capability that w as available for use by only those two computers. In packet switched networks, multiple connections exist simultaneously between computers over the same physical circuit, just like LANs and BNs.

    Basic Architecture - the user buys a connection into the common carrier cloud. The user pays a fixed fee for the connection, and is charged for the number of packets transmitted. The user's connection into the network is a packet assembly/disassembly device (PAD), which can be owned and operated by the customer or by the common carrier. The PAD converts the sender's data into the network layer and data link layer packets.

    One of the key advantages of packet switched services is that different locations can have different connection speeds. They enable packets from seperate messages with different destinations to be interleaved for transmission., unlike switched circuits and edicated circuits.
  23. Discuss the best practice MAN/WAN: Improving device performance, improving circuit capacity, reducing network demand
    Dveloping best practice recommendations for MAN and WAN design is more difficult than for LANs and backbones because the network designer is buying services from different companies rather than buying products.

    Improving device performance
    - In some cases, the key bottleneck is the devices that provide access to the circuits (ie routers). One way to improve network performance is to upgrade the devices and computers that connects backbones to the WAN. Most devices are rated for their speed in converting input packets to output packets. Another strategy is examining the routing protocol, either static or dynamic. Dynamic routing will increase performance in the network

    Improving circuit capacity
    - Add a circuit switched or packet switched service that is used only when demand exceeds circuit capacity. Before installing new circuits, monitor the existing ones to ensure they are operating properly

    Reducing network demand -
    Require network impact statement for all new application software developed or purchased by the organization, or use data compression techniques for all data in the network, or shift network usage from peak or high cost times to lower demand or lower cost times.
  24. Discuss how the internet works: Basic Architecture, Connecting to an ISP and the internet today
    The interent is a network of networks - a set of seperate and distinct networks operated by various national and stae governement agenecies.

    Basic Architecture -
    The internet is a hierarchical in structure. At the top there are large national Internet Service Providers (ISP), such as AT & T, and Telus. These national ISPs come together and exchange data at network access points. There are regional and national NAPs, and metropolital area exchanges (MAE) are smaller versions of NAPs and typically link a set of regional ISPs.

    • Connecting to an ISP - Each of the ISPs is responsible for running its own network that forms part of the Internet. ISPs make money by charging customers to connect to their part of the internet. Local ISPs charge individuals for broadband or dial up access whereas national and regional ISPs charge larger organizations for higher speed access. Each ISP has one or more point of preference (POP). POP is simply a place at which the ISP provides services to its customers.
    • the internet today - Backbone circuits of the major US national ISPs operate at SONET. Most of the largest national ISPs (cable & wireless, Sprint), plan to convert their principal backbones to OC-192. As traffic increases, ISPs can add more faster and faster circuits relatively easy, but where circuits come together at NAPs and MAEs, bottlenecks are becoming more common
  25. Discuss Internet Access Technologies: DSL and Cable Modems
    • DSL- Digital Subscriber Line (DSL) is a family of point to point technologies designed to provide high speed data transmission over traditional telephone lines. DSL uses the existing logical loop cable but places different equipment on the customer premises (home/office) and in the telephone company office. A line splitter is used to seperate the traditional voice telephone transmission from the data transmission. The line splitter directs the telephone signals into the normal telephone system so tha tif the DSL equipment fails, voice communication is unaffected.
    • ADSL - Aysmmetric DSL uses frequency divison multiplexing to create three seperate channels over one logical loop circuit. One channel is the traditional voice/telephone circuit. A second channel is relatively high speed simplex data channel

    Cable Modems
    - Cable modem sare digital services offered by cable television companies. The architecture is similar to DSL, but DSL is point to point where cable uses shared multipoint circuits. Each user must compete with other users for the available capacity.
  26. Why do networks need security?
    What are some types of security threats?
    Describe network controls.
    Why do networks need security? - The losses related to security failures are huge (average is 350,000), the losses assocaited with loss of consumer confidence, distribution of application systems, etc. Protecting customer privacy and risk of identity theft also drives the need for increased security.

    • What are some types of security threats? - There are three goals associated with providing security: confidentiality, integrity (data has not been altered), and availability. Ensuring business continuity means insuring availability with some aspects of integrity. There are three main threats to this:
    • 1.Disruptions - the loss of network service
    • 2.Destruction - a virus may destroy files
    • 3.Disasters(natural/man made) - destroy host computers or large sections of the network
    • 4.Intrusion- primarily to confidentiality but also to integrity. It means when external attackers gain access to organizational data files and reseources from accross the internet

    Describe network controls. - controls are software, hardware, rules or procedures that reduce or eliminate threats to network security. Controls prevent, detect and correct whatever might happen to the organization. Preventative controls mitigate or stop a person from acting or an event from occuring. Detective controls reveal or discover unwanted events. Corrective controls remedy an unwanted event or an intrusion. Either computer program sor humans verify and check data to correct errors or fix security breaches.
  27. Discuss building a risk assessment: Control spreadsheet, identification and documentation of controls, evaluation of network security
    • Control spreadsheet - To be sure that data communication network and microcomputer workstations have the necessary controls and that these controls offer adequate protection, it is best to build a control spreadsheet. Threats to the network are listed across the top, assets down the side. The center of the spreadsheet incorporates all the controls that are currently in the network.
    • Assets are something of value that can be either hardware or software, data or applications. A mission-critical application is an information system that is critical to the survival of hte organization.
    • Threats -any potential adverse occurrence that ca do harm, interrupt the systems using the network, or cause a monetary loss to the organization.

    identification and documentation of controls - Once specific assets and threats have been identified, you can begin working on the network controls, which mitigate or stop threats or project assets. An example is "disastor recovery plan", "not below ground level" etc.

    evaluation of network security - establish priorities, interpretation, reviewing controls to each threat and network component. The assessment can be done by a network manager or team of experts.
  28. Discuss Continuity Planning:
    Preventing Destruction and disaster
    • Using redundant hardware
    • Preventing natural disaster - Avoide disaster by storing critical data in different places, avoid floods, etc.
    • Preventing Threat
    • Preventing Viruses - install antivirus software
    • Preventing Denial of Service Attacks - when an attacker attempts to disrupt the network by floding it with messages so that the network cannot process messages from normal useres. To prevent this, you can configure the main router that connects your network to the Internet to verify that the source address of all incoming messages is in a valid address range for that connection. Or, you can confivure the main router to limit the number of incoming packets. Or you could use a special purpose security device, called a traffic anomaly detector. This device monitors normal traffic patterns and learns to perform traffic analysis.
  29. Discuss Disaster Recovery plans and Disaster Recovery Outsourcing
    Disaster Recovery plans - address various levels of response to a number of possible disasters, and should provide for a complete or partial recovery of all data, application software and network components. It hould include staff assessments/responsibilities, name people inn charge, assignments, processes, etc.

    Disaster Recovery Outsourcing - most large organizations have two level disastor recovery plans. When they build networks they build enough capacity and have enough spare equipment to recover minor disaster such as loss of major server, etc. Many large firms outsource their disaster recovery efforts by hiring disaster recovery firms that provide a wide range of services.
  30. Discuss preventing intrusion:
    1. Securing the Network Perimeter
    2. Securing the Interior
    3. Authenticating Users
    4. Encryption
    Intrusion is the second main type of security problem and the one that tends to receive the most attention. There are hackers, crackers (cause harm), etc.

    • 1. Securing the Network Perimeter - stopping external intruders at the perimeter of the network, so they cannot reach the servers inside. There are three basic access points into most networks: the internet, LANS and WLANs, and dial up access. A firewall is commonly used to secure an organization's internet connection. A firewall is a router or special purpose device that examines packets flowing into and out of the network and restricts acess to teh organization's network. Th enetwork is designed so that a firewall is placed on every network connection between the organization and the internet. There are several types:
    • 1.Packet Level Firewalls - examines the source and destination address of every network packet
    • 2.Application Level Firewall - a more expensive and complicated to install and manage, because it examines the contents of the application layer packet and searches for known attacks
    • 3.Network Address Translation Firewalls - (NAT) is the process of converting between one set of public IP addresses that are viewable from the Internet and a second set of private IP addresses that are hidden from people outside the organization. NAT is transparent and no computer knows it is happening

    • 2. Securing the Interior
    • 3. Authenticating Users - A way to ensure that only authorized users are permited into the network and into specific resources in the interior of the network. The basis of user authentication is the user profile for each user's account. Each user profile specifies what data and network resources she/he can view. User profiles can limit hte allowable login da ys, time of day, physical location, login attempts, etc.
    • 4. Encryption - the disguising of information by the use of mathematical rules known as algorithms. Cryptography is the more general and proper term. Encryption is the process of disguising information.
    • Single Key Encryption - has two parts: the algorythm and the key, which personalizes the algorithm by making the transformation of data unique.
    • Public Key Encryption- asymetric encryption, where there are two keys. One key is used to encrypt the message and one key is used to decrypt the message.
  31. Discuss social engineering (detecting intrusion & correcting intrusion)
    Te most common way for attackers to break into a system is through social engineering, which refers to breaking security simply by asking. ie. phoning unsuspecting users

    • detecting intrusion - Intrusion prevention systems (IPS) are designed to detect an intrusion and take action to stop it, there are type types: network based and host based. Network based involves putting a sensor on key network circuits that monitors all network packets and reports intrusions. Host based is a software package installed on a host or server. THere are two techniques that us IPS:
    • 1.Misuse detection - compares monitored activities with signatures of known attacks.
    • 2.Anomaly detection- works well in stable networks by comparing monitored activities with the normal set of activities

    correcting intrusion - the first step is identifying how the intruder gained unauthorized access and prevent others from breaking in the same way. Some organizations will simply choose to close the door on the attacker and fix the problem. A new area, comoputer foresnsics, has recently opened up. It is the use of computer analysis techniques to gather evidence for criminal and/or civil trials.
  32. Discuss organizing the network management function:
    1. The shift to LANS and the internet
    2. Integrating LANs, WANs and the internet
    3. Integrating Voice and Data Communication
    1. The shift to LANS and the internet - There has been an explosion in the use of microcomputer based networks. The future network management lies in the successful management of multiple clients and servers communicating over LANs BNs and the internet.

    • 2. Integrating LANs, WANs and the internet - The key to integrating them into one overall organization network is for all managers to recognize that they no longer have the power they once had. No longer can network managers make independant decision without considering their impacts on ot - her parts of the organization's network. There must be a single overall communications and networking goal that best meets the needs of the entire organization
    • .
    • 3. Integrating Voice and Data Communication - Traditionally voice and video are managed seperately; but today changing communicatio technologies are causing enormous pressures to combine the functions. The pressures include: cost of maintaining seperate facilities, low effiency and productivity of hte organization's employees.
  33. Discuss Configuration Management:
    1. Configuring the network and client computers
    2. Documenting the Configuration
    • 1. Configuring the network and client computers - managing user accounts (creating, deleting users, making groups and profiles), updating software on client computers attached to the network. Desktop managemnt or Electronic software distribution (ESD) enables network managers to install software on client computers over the network without having to physically touch the computer. This reduces costs and it automatically produces and maintains accurate documentation. However, ESD increases costs.
    • 2. Documenting the Configuration - This includes information about hte network hardware, software, user and application profiles, and network documentation. Documentation should include the type of device, serial number, vendor, date of purchase, warranty information, repair history, telephone number for repairs and any additional info/comments
  34. Discuss Performance and Fault Management:
    1. Network Monitoring
    2. Failure Control Function
    3. Performance and Failure Statistics
    4. Improving Performance
    Performance management means ensuring the network is operating as efficientlly as possible whereas fault management means preventing, detecting and correcting faults in the network circuits, hardware, and software.

    • 1. Network Monitoring- This includes collecting operational statistics from the network devices, and sending messages to the network manager's computer. In large networks, this becomes more important. Network problems can have serious business consequences. These networks often have a dedicated network operations center (NOC) that is responsible for monitoring and fixing problems. The parameters monitored by a network management system fall into two distinct categories: phsycial network statistics and logical network information.
    • Physical network parameters includes monitoring the operation of the network's modems, multiplexers, circuits, etc.
    • Logical network parameters- include performance measurement systems that keep track of user response times, the volume of traffic on a specific circuit, the destination, etc

    • 2. Failure Control Function - failure control requires developing a central control philosophy for problem reporting, whether the problems are first identified by the NOC or by users calling them to the NOC or a help desk. Whether problem reporting is done by the NOC or the help desk, the organization should maintain a central telephone number for network users to call. Most network managers today are installing managed devices that perform their functions (routing/switching) and also record data on the messages they process.
    • Trouble Tickets are reports that are produced by software packages that record fault information
    • Problem tracking allows the network manager to determine who is responsible for correcting any outstanding problems
    • Problem Statistics are important because they are a control device for hte network managers as well as for vendors. With this information, a manager can see how well the network is meeting the needs of the users. The stats can also be used to determine whether vendors are meeting their contractual maintenance commitments.

    3. Performance and Failure Statistics - There are many different types of failure and recovery statistics that can be collected. One important statistic is availability, the percentage of time the network is available to users. It is calculated as the number of hours per month the network is available divided by the total number of hours per month (24 X 30 = 720). The downtime includes times when the network is unavailable because of faults and routine maintenace and network upgrades. Read more on page 486!!!

    4. Improving Performance
  35. Discuss End User Support:
    1. Resolving problems
    2. Providing end user training
    Providing end user support means solving whatever problems users encouter while using the network.

    1. Resolving problems
    - Problems with user equipment ususally stem from three major sources: failed hardware devices, lack of user knowledge, and software.

    2. Providing end user training - end user training is an ongoing responsibility of the network manager. Training is a key part in the implementation of new networks or network components. Training is usually conducted through in class, one on one instruction and online self paced courses.
Card Set:
HINF 345 Final
2011-08-02 02:20:43

Show Answers: