Android Mobile Application

mySDCE Amazing App

Welcome

Our mission is to provide ongoing learning opportunities, preparing diverse individuals for career advancement, a college education, or enriched lives through good health and personal fulfillment.

hsbanner

Web Business / Marketing

Learn Web Business & Marketing

Advanced Google For Businesses

  • Creating Google+ Business Page to help increase search engine visibility.
  • Using Google Webmaster Tools and Google Analytics to enhance the business with social media marketing to track, analyze, and increase site traffic.
  • Understanding the data.
  • Creating collaborative documents using Google Drive.
  • Creating Google Forms.
  • Shussmedia.com is equipped with Google Analytics to monitor/increase the traffic.

Engine Optimization for Businesses (SEO)

  • Learning how to rank high on search engine through Search Engine Optimization (SEO) and Search Engine Marketing (SEM) so the websites will rank higher in the Search Engine Results Page (SERP).
  • Setting up webmaster tools at Google and Bing to track conversions.
  • improving search engine ranking through Backlinks.

Page Layout

  • Using Adobe InDesign to design Page Layout: Paragraph Styles, Character Sytles, Swatches, Gradient, and etc.

Programming Languages Classes

Web | Responsive Development

Web Design w/WordPress (4.3.1)

Objective

  1. Using WordPress platform, the course is focused on creating the storefront: adding themes & content, eCommerce plugins, product inventory, billing, and shipping features.
  2. WordPress installation, backup management: duplicator & Akismet plugins.
  3. Set up a local server developement environment (WAMP or MAMP).
  4. Set up PayPal for collecting payments.
  5. How to update: update the plugins and modify the site: modify the .css files and themes.

Plugins Used

  1. eCommerce Plugins: WP ECommerce,
  2. To fix broken links Plugins: Redirection.
  3. Contact Form Plugins: Contact Form 7.
  4. Site Analytic Plugins: Yoast Google Analytics.
  5. Page Analytic Plugins: Yoast SEO.
  6. Site Sharing Plugins: Jackpact.
    This will allow you to share your sites with users around the world throught Facebook, Twitter, and etc.

Mobile | Web Developement

Android Apps Development (w/HTML5 Mobile Apps)

  • Using freely - available open sources: HTML5, CSS3, JavaScript, MySQL, JQuery Mobile, this course is about how to build Android Apps that can be ported to iOS and other platforms: browsers, Chrome, FirefoxOS, WebOS, Windows, WP8. Created apps can be installed, tested on devices and emulators.
  • Download, and install Android Studio.
  • Set up a basic app structure using Cordova/PhoneGap using Node.js command line.
  • Deploy the application to Real and Virtual Android Devices.
  • Use a jQuery Mobile Web App as the Android App's foundation.
  • Access smartphone features such as the Camera.
  • NoSQL/PouchDB Database is added to the project.
  • Complete the stand-alone Pouch Project.

How to create your Developer Certificate with Android Studio or a Keystore.

  1. Launch Android Studio. Close any open projects.
  2. Click Start a new Android Studio project. Select all defaults until you can click Finish.
  3. Wait until everything is initialized and indexed.
  4. Click Build menu, Generate Signed APK.
  5. Complete the following in the Generate Signed APK wizard dialog.
    1. In Key store path: do not fill anything in, and click Create new...
    2. Click the three dots (Browse). Select your Desktop and name your file lastname.jks. Click OK.
    3. Type a password, twice, to access the key store file.
    4. In alias, type your last name, or name of your development company (lowercase, no spaces).
    5. Type a password, twice, to access your key. Leave the Validity value as-is.
    6. Fill in our First and Last Name, Organizational Unit (a.k.a. job title [like Developer]), Oraganization (a.k.a Company), City, State, County Code (as two letters[US, for example]).
    7. Click OK. Back at the Generate Signed APK Wizard dialog, click Cancel.
    8. xit Android Studio.
    9. Now that you have your lastname.jks or APKKeyStore.jks file, store it IN A SAFE PLACE. You will need to use this in all your future apps. It validates you as the creator of your apps. Make a backup. Then, make a backup of the backup!

Build your app for Release with your new Developer Certificate (Key Store/A signed APK).

  1. In Node.js command prompt, in your app's folder, type codova build.
  2. Copy your key store (lastname.jks) or APKKeyStore.jks to your project folder: Into platforms - android
  3. In the android folder Right-click and create a New - Text Document. Rename it release-signing.properties.
  4. Right-click release-signing.properties and edit in Notepad++. Type:
    1. storeFile = lastname.jks (that you named in Step 7 above).
    2. keyAlias = lastname (that you named in Step 9 above).
  5. Save and close release-signing.properties
  6. In Node.js command prompt, in your app's folder, type cordova build android--release
  7. Wait for a pop-up to ask you your Key Store password; type it and continue.
  8. Wait for a pop-up to ask you your Key store password; type it and continue.
  9. Eventually you will see a BUILD SUCCESSFULLY message.
  10. Your final, signed, APK is in your project folder - platforms / android / build / outputs / apk and is named android-release.apk
  11. Move it to your Desktop and name it myapp1-release.apk (short name of your app #1).

Congratulations. You have a release-ready version of your app to distribute now!

Sep up Google Play Developer & Amazon Appstore Developer accounts.

Create store listings for their apps.

Publicize the app.

Stand-alone Pouch Project

Mobile | Web Developement

Native Android Development (w/Java & XML)

  1. Using freely - available open sources: Android Studio and XML this course teaches students how to build their own Android Apps that can be tested on devices and emulators.
  2. Find, download, and install Android Studio.
  3. Set up a basic app structure using Android Studio and XML.
  4. Deploy the application to Real and Virtual Android Devices.

Database

Intensive MySQL

Open Sources: MySQL, Windows Command Line/cmd, MySQL Server, MySQL Workbench, Heidi SQL

Why MSQL: Free, Scalable, Flexible, Well Supported, Ease of Implementation

  1. Performing an installation of MySQL, MySQL testbench, MySQL Connector, Heidi MySQL.
  2. Maintaining the MySQL platform.
  3. Creating, deleting and modifying a MySQL database.
  4. Performing data import and export.
  5. Supporting standard database compliance.
  6. Learning how to retrieve information from MySQL databases using the SQL language.
  7. Designing and implementing business rules to support integrity for MySQL databases.
  8. Crating basic reports: Microsoft Access & ODBC.

Triggers

Example

Functions

Example

Database

PouchDB

PouchDB is an open source, runs on web browser, uses JavaScript as a query language, which doesn't need a database server, and JSON to store and retrieve unstructured data.

JSON Practice 1

Retrieving JSON data using PouchDB

Social Media will be randomly output.

JSON Practice 2

How to add, delete, update, and display JSON data

JSON data is being manipulated through adding, deleting and updating.

Networking

Basic Network Configuration N+

Open Sources:

  1. CISCO Packet Tracer (6.2)

    Packet Tracer is a simulator software made by Cisco that simulates router, switch and other networking equipment. Students can learn how to configure routers and switches from command line. Packet Tracer provides visual drag and drop problem using virtual networking devices.

  2. Wireshark (2.0.4)

    Wireshark is a network protocol analyzer. It lets you see what's happening on your network at a microscopic level.

  3. These 2 come with the Packet Tracer however you might need to install WinPcap by the standalone installer, if you want to try the latest alpha/beta, or there might even be a new WinPcap release version available.

      The same with USBPcap, Wireshark installer will copy the USBPcap installer and call it so you get installation done all in one place.

    1. Windows Packet Capture (WinPcap)

      WinPcap is the Windows version of the libpcap library; it includes a driver to support capturing packets. Wireshark uses this library to capture live network data on Windows.

    2. USB Packet Capture

      USBPcap is an open-source USB sniffer for Windows. It is capable of capturing lossless raw video making.

  4. VM Ware virtualization

    Creates and troubleshoots network systems, and configure both software and hardware components into modern network systems

Chapter 1: An Introduction to Networking

Objective

  • Types of Applications and Protocols used on Networks
  • Distinguish between the client-server and peer-to-peer models used to control access to a network
  • 7 Layers OSI Models
  • Describe physical topologies
  • Describe the seven-step troubleshooting model for solving a networking problem

Applications

  • Email
  • Web (WWW)
  • File Transfer
  • Remote Terminal Access
  • Streaming Multimedia
  • Internet Telephony or Internet telephony service provider(ITSP)

Application Layer Protocols

  • SMTP or Simple Mail Transfer Protocol
  • HTTP or HyperText Transfer Protocol
  • FTP or File Transter Protocol
  • Telnet - SSH (Secure Socket Shell or Secure Shell)
  • Remote Desktop - Remote Desktop Protocol (RDP)
  • Remote applications
    • Windows-based applications: Citrix Systems' GoToMyPC, LogMeIn, Symantec pcAnywhere and RealVNC
    • Macintosh-based software: Apple Remote Desktop and Timbuktu

Peer-2-Peer or P2P Network Model

  • Each computer maintains its own resources: login account and it works only on that computer ->"No centralized control"
  • Computers, called nodes or hosts, form a logical group of computers and users may share resources or prevent access to resources
  • Advantage: Simple Configuration and less expensive compared to other network models
  • Disadvantage: Not scalable, neccessary secure and practical for large installations
  • peer-to-peer

Client-Server Model

  • client-server
  • There's a "central unit" called Server Unit
  • Resources are managed by NOS (Network Operating System) via a centralized directory database called AD (Active Directory)
  • User account called global account can be logged on from any computer in a domain and their access is controlled by entries in the centralized domain database called Active Directory Domain Service (AD AS)
  • Resources are not shared directly with each other
  • Server examples
    • Windows Server 2012 R2, Ubuntu Server, or Red Hat Linux
  • advantage relative to Peer-to-peer
    • Scalable
    • Multiple shared recources access centrally
    • User credential assigned from one place
    • Central problem monitoring, diagnostics, correction capabilities

Networking hardware and Physical topologies

  • network-hardware
  • Local area network (LAN) - usually contained in a small space such as an office or building
  • Switch - receives incoming data from one of its ports and redirects it to another port or multiple ports and Will send the data to its intended destination
  • Star topology - all devices connect to one central device (usually a switch)
  • Network interface card (NIC) - a network port used to attach a device to a network
  • router-topology
  • Router - a device that manages traffic between two or more networks and can help find the best path for traffic to get from one network to another
  • Routers can be used in small home networks to connect the home LAN to the Internet
  • Industrial-grade routers can have several network ports, one for each network it connects to
  • Difference between router and switch
    • Router is like a gateway between networks

7 layers of OSI model

  • osi-model
  • 7. Application - Email
  • 6. Present - Encryption
  • 5. Session - SIP
  • 4. Transport - TCP/UDP
  • 3. Network - IP
  • 2. Data-Link - Ethernet, Wifi
  • 1. Physical - raw bits, light beams, streams
  • osi-layer-works

Chapter 2: How Computers Find Each Other On Networks

Objective

  • Describe how computers and other devices are addressed on a network
  • Explain how host names and domain names work
  • Identify how ports and sockets work at the OSI Transport layer
  • Demonstrate how IP addresses are assigned and formatted at the OSI Network layer
  • Use command-line tools to troubleshoot problems with network addresses

4 Addressing Methods

  • Application Layer FQDNs, Computer Names, Host Names
    • Example: www.shussmedia.com
      • Host Name = Computer Name: shussmedia
      • Domain Name: shussmedia.com
      • Domain Name Server: .com
      • FQDN: www.shussmedia.com
    • Example: www.shussmedia.wordpress.com
      • Host Name: wordpress.com
      • Computer Name: shussmedia
      • Domain Name: shussmedia.wordpress.com
      • Domain Name Server: .com
      • FQDN: www.shussmedia.wordpress.com
  • Transport Layer Port Numbers:
    • Transport layer protocols, such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP), specify a source and destination port number in their headers. A port number is a 16-bit unsigned integer, thus ranging from 0 to 65535
    • Example: 192.168.1.100:45678
  • Network Layer IP Address
    • IPv4 (32 bits): 192.168.1.100
    • Port Number: 45678
  • Data-Link Layer Physical Address/MAC (Media Access Control) Address
      Represents a MAC address of the Network Layer IP address of the device. Example:
    • IPv4 (32 bits): F002:2346:1234:6789
    • IPv6 (64 bits): 1234:4567:7890:0ABC:FABC:1234:1234:8976

MAC Address

  • mac-addr
  • 1st octets: Organizationally Unique Identifier or Block ID/Company ID/Manufacturer ID - assigned by IEEE
  • 2nd octets: Manufacturer's assigns NIC a Device ID
  • Example: F002:2346:1234:6789
    • Block ID/Company ID/Manufacturer ID: F002:2346
    • Manufacturer's assigns NIC a Device ID: 1234:6789

DNS (Domain Name System) is an Application layer client-server system of computers and databases made up of these elements:

  1. Namespace
    • is inverted tree hierarchy with a null node named "" at the top. The child nodes of the root node are the Top Level Domains (TLDs) - .com, .net, .org, .gov, .mil and the country code TLDs, including .jp, .uk, .us, .ca, and so forth.
    • Supports name-to-address and address-to-name
  2. Name Servers or DNS Clients to look up name
    • Used by email clients, web-brosers or utilities clients such as ping and tracert
  3. Name Resolvers - is the software to formulate the DNS query practically built into every internet-capable application
  • top-level-domain
  • dns
  • dns-1
  • >nslookup -- querying the Domain Name System (DNS) to obtain domain name or IP address mapping

How host names and domain names work

  • Example: www.microsoft.com
    • World Wide Web server: www
    • Top Level Domain (TLD): .com
    • 2nd Level Domain (2nd LD): microsoft
    • Domain Name: microsoft.com
    • Computer Name = Host Name: microsoft
    • An IP address cannot point directly to a Domain Name or microsoft.com in this case. It can however, point to a Domain Name Service (DNS) or DNS Root Servers or Namespace.

How IP addresses are assigned and formatted at OSI Network layer

  • ip-mapping
  • Dynamic:
    • IP addresses are assigned by DHCP
    • When IP addresses are not used, the addresses are returned to the pool for reuse
  • Static:
    • IP addresses are assigned by network administrator
    • IP addresses stay even when not being used

How ports and sockets work at OSI Transport layer

  • Example: 192.168.1.100:12345
  • Port = Endpoint = Socket: 12345

Use command lines to troubleshoot with network addresses

  • ping - to check the network connection
  • tracert - to trace the route of the packet
  • ipconfig - to check the TCP/IP configuration
    • ipconfig /all
    • ipconfig /release
    • ipconfig /renew

Chapter 3: How Data is transported over Networks

Objectives

  • Identify the functions of TCP/IP Protocols
  • Explain purposes and properties of IPv4 and IPv6 Routing Protocols
  • ICMP VS IGMP

How Data is transported

  • how-data-transported

Functions of TCP/IP Protocols

  • Communication protocol used for Internet and similar networks such as Internet and Extranet
  • Controls and manages the data transmission over the Internet
  • tcp-ip
  • IP - Internet Protocol TCP - Transmission Control Protocol
    IP is responsible for the logical addressing or obtain the address TCP guarantees transfer of that packet data on a particular address
    Specifies how and where data should be delivered is used to transfer packet data
    is an unreliable, connectionless protocol is reliable, connection protocol
    enables TCP/IP to internetwork is responsible for the logical addressing
    IP depends on TCP to ensure data packets are delivered to the right address TCP guarantees transfer of that packet data on a particular address.
    IP works on TCP/IP Internet Layer 2 or OSI Transmission Layer 3 TCP works on TCP/IP Transport Layer 3 or OSI Transmission Layer 4

TCP Three-Way Handshake

  • tcp-handshake
  • Three transmission sent before data transmission:
    • Step 1 - request for a connection (SYN)
    • Step 2 - response to the request (SYN/ACK)
    • Step 3 - connection established (ACK)
  • After the three initial messages, the payload or data is sent
  • Sequence numbers will be increased by the number of bits included in each received segment
  • tcp

UDP (User Data Protocol)

  • Works on transport Layer
  • Provides no error checking or sequencing thus more eficient than TCP
  • Useful for live audio or video transmissions over the Internet
  • A UDP header contains only four fields: Source port, Destination port, Length, and Checksum
    • Use of Checksum field in UDP is optional in IPv4, but required in IPv6
    • udp
  • is an unreliable, connectionless protocol

Purposes and Properties of IPv4 and IPv6

  • IPv4 and IPv6 are routing protocols/methods for routing devices
  • Since the original IP address scheme - IPv4 is running out of numbers, IPv6 - the next generation Internet Protocol (IP) address standard intended to supplement and eventually replace IPv4, the protocol most Internet services use today
  • Example:
  • ipv4-vs-ipv6
  • IPv4 (32bits decimal): 192.168.1.100
  • IPv6 (128bits hexadecimal): 0123:3456:0FAB:CDEF:ABCD:B23C:2345:CDCA
  • IPv4 IPv6
    Built-in multicasting: IPv4 was based on broadcast systems. So it needs to be enabled for multicasting. This is necessary for streaming multimedia applications. Instead of going through the additional steps to enable Built-in multicasting, IPv6 is built with the capability already in mind
    More efficient routing: IPv6 reduces the size of routing tables, which makes the processing of them more efficient.
    Larger packet size support: IPv6 can easily deliver larger multimedia object, voila your ability to stream Netflix’s captivating documentaries for hours on end.
    More costly

ICMP VS IGMP

  • ICMP IGMP
    Internet Control Message Protocol - is not a transport protocol that sends data between systems Internet Gateway Message Protocol
    Messages about routing information with IP datagrams or simple exchanges such as time-stamp or echo transactions Facilitate management of multicast groups between cooperating routers and switches
    Sends messages to the source IP address indicating that a gateway to the Internet that a router, service or host cannot be reached for packet delivery You really couldn't do multicast properly without some form of group membership thus IGMP is needed
    ICMP is not used regularly in end-user applications rather, it is used by network administrators to troubleshoot Internet connections in diagnostic utilities including ping and traceroute
    Both protocols are part of IP thus they operate within the sphere of IP

Employ multiple TCP/IP Utilities for Network Discovery and Troubleshooting

  • cmd > tracert shussmedia.com
    • @command line, type tracert to find out network problem. The TRACERT diagnostic utility determines the route to a destination by sending Internet Control Message Protocol (ICMP)
  • cmd > ping shussmedia.com
    • To test the network connection

Chapter 4: Structured Cabling & Network Elements

Objectives

  • Identify the best practices for managing networks and cabling equipment in commercial buildings and work areas
  • Explain issues related to managing power and the environment in which networking equipment operates
  • Describe characteristics of NIC and Ethernet interfaces
  • Troubleshoot network devices and create a network map to be used for network troubleshooting

Networks and Cabling in commercial buildings and work area

  • structured-cabling
  • TIA/EIA's joint 568 Commercial Building Wiring Standard aka Structured Cabling
  • Describe the best way to install the networking media to maximize the performance and minimize the upkeep
  • Based on hierarchical design and assumes a network is based on the star topology

Power & Environment in which networking equipment operate

  • Part of managing a network is managing power sources to account for outages and fluctuations
  • You also need to monitor and manage the environment that might affect sensitive network equipment
  • Power Flaws that can damage your equipment:
    • Surge - momentary increase in voltage due to lightning strikes, solar flares, or electrical problems
    • Noise - fluctuation in voltage levels caused by other devices on the network or EMI
    • Brownout - momentary decrease in voltage; also known as a sag
    • Blackout - complete power loss

NICs and Ethernet

  • Each workstation, server, printer, connectivity device, or other device on a network uses a NIC
  • On local networks, a NIC uses Ethernet standards for communication

Characteristics of NIC (Network Interface Card) & Ethernet Interfaces

  • The NIC contains a transceiver that transmits and receives data signals over network media
  • NICs belong to both the Physical and Data Link layer because they:
    • Issue data signals and assemble/disassemble data frames
    • Interpret physical addressing information
    • Perform routines that determine which node has the right to transmit data
    • Can also perform prioritization, network management, buffering, and traffic-filtering functions
  • Using UNIX or Linux, the ethtool utility allows you to view and change NIC settings
  • motherboard-with-two-nic-cards
  • A NIC interfaces with a computer’s motherboard by one of the following methods:
    • Integrated into the motherboard
    • Installed in an expansion slot on the motherboard
    • Installed as a peripheral device
    • pcle-nic
    • usb-nic
  • is a circuit board or card that is installed in a computer so that it can be connected to a network
  • Personal computers and workstations on a local area network (LAN) typically contain a NIC specifically designed for the LAN transmission technology

Ethernet Frames

  • ethernet
  • ethernet-description
  • Ethernet is an OSI Layer 2 standard that:
    • Is flexible
    • Capable of running on a variety of network media
    • Offers excellent throughput at a reasonable cost
  • Ethernet II is the current Ethernet standard

NAS (Network Attached Storage)

  • nas
  • a specialized storage device or group of storage devices that provides centralized fault tolerant data storage for a network
  • Contains its own file system optimized for saving and serving files
  • Reads and writes from its disk significantly faster than other types of servers
  • Can be easily expanded without interrupting service
  • A NAS device cannot communicate directly with clients
    • Clients go through a file server, which communicates with the NAS device

SANs (Storage Area Networks)

  • san
  • a specialized storage device or group of storage devices that provides centralized fault tolerant data storage for a network
  • A SAN is a network of storage devices that communicate directly with each other and with other networks
    • Uses a type of architecture that is similar to mesh topology, which is very fault-tolerant
  • SANS use one of two types of Transport layer protocols:
    • Fibre Channel - (FC)
    • Internet Small Computer Systems Interface - (iSCSI)
  • A SAN can be installed in a location separate from the LAN it serves
    • A very high fault tolerance
    • Massive storage capabilities
    • Fast data access
  • SANs are best suited to environments with huge quantities of data that must always be quickly available

Methods of transmission:

  • Full- duplex or Duplex - signals are free to travel in both directions over a medium simultaneously
  • Half-Duplex - signals may travel in both directions over a medium but in only one direction at a time
  • Simplex or one-way or unidirectional- signals may travel in only one direction
  • Many network devices allow you to specify whether the device should use half- or full-duplex
    • Modern NICs use full-duplex by default

Building and Maintaining Network Documentation

  • To adequately manage a network, record the following:
    • Network diagrams
    • Physical topology
    • Access methods
    • Protocols
    • Devices
    • Operating systems
    • Applications
    • Configurations
  • network-diagram
  • wiring-schematic
  • Network diagrams provide broad snapshots of a network’s physical or logical topology
    • Useful for planning where to insert a new switch or determining how a particular router, gateway, or firewall interact
  • Wiring schematic - a graphical representation of a network’s wired infrastructure
    • In detailed form, it shows every wire necessary to interconnect network devices

Network Devices and Network Map for Network Troubleshooting

  • To troubleshoot NIC problems, use a loopback plug, Device Manager in Windows, or ethtool in Linux or UNIX, NIC diagnostics software, and command-line utilities
  • Network maps may show physical layout, logical topology, IP address reserves, names of major network devices, and types of transmission media
  • Several programs are available to assist in detecting, identifying, and monitoring the devices on your network

Chapter 5: Network Cabling

Objective

  • Explain basic data transmission concepts, including signaling, data modulation, multiplexing, bandwidth, baseband, and broadband
  • Describe the physical characteristics and Ethernet standards of coaxial cable, STP, UTP, and fiber-optic media
  • Compare the benefits and limitations of different networking media
  • Explore the connectors, converters, and couplers for each cabling type
  • Examine common cable problems and differentiate between various tools for troubleshooting those problems

Signaling

  • is an electric current or electromagnetic field used to convey data from one place to another. The simplest form of signal is a direct current (DC) that is switched on and off; this is the principle by which the early telegraph worked. More complex signals consist of an alternating-current (AC) or electromagnetic carrier that contains one or more data streams.
      Types of Signals
    1. Analog Signaling, ie. AM Radio, Signals go in and out of the phone, - 4 Properties
      • Amplitude
      • Frequency
      • Wavelength
      • Phase
    2. Digital Signaling, ie. FM Radio, on-off Switch, US phone network

Data Modulation

  • Makes analog suitable for carrying data over communication path
    1. Data Modulation - Technology modifying analog to digital signals
    2. Data Demodulation - Technology modifying digital to analog
  • Modem: Your modem allows your computer to communicate with other computers by converting digital communications into analog format, so they can travel through the public phone network.

Multiplexing

  • Multiple signals travel simultaneously over 1 single medium or channel.
Types of Multiplexing Description
TDM - Time Division Multiplexing Divides a channel over time intervals
Statistical Multiplexing Assigns slots to nodes according to priority, need
FDM - Frequency Division Multiplexing Unique Frequency for each communications subchannel
  • Cell Phone
  • DSL Internet Access
WDM - Wavelength Division Multiplexing 1 fiber optic connection. Carries multiple light signals simultaneousl
  • CWDM - Corse Wavelength Division Multiplexing
  • DWDM - Dense Wavelength Division Multiplexing

Bandwidth

  • Maximum amount of data that can travel through a channel. Can be measured in bits or bytes per sec. May also in Hertz
  • Throughput/Payload - Data that can actually travel successfully
  • Both are measured in #bits/sec or bps

2 techniques can be used to transmit the encoded signals over cable:

  • Baseband transmission - Uses digital signals over a single frequency : Ethernet, TV, Radio. Also uses repeaters.
  • Broadband transmission - Uses analog signals over a range of frequencies
    • Muliple transmission over a single media: ATM(Asynchronous Transfer Mode)
    • Broadband systems use amplifiers to regenerate analog signals at their original strength

3 Types of data or information Transmission

  • Simplex - The most basic form of data or information transmission. ie., TV, Radio. Data is sent in one direction only, from sender to receiver.
  • Half-duplex - Data is sent in both directions, but in only one direction at a time. ie., walkie-talkie,
  • Full-duplex - The most efficient method of transmitting data. ie., Telephone

3 Types of cables

Twisted pair Cable Coaxial Cable Fiber Optic
  • ie., telephone wire
  • Easy installation
  • Inexpensive
  • Span significant distance before requiring repeater
  • Accommodates several topologies
  • The twist reduces crosstalk & interference between wire pairs thus better conduction
  • Wire Standard Spefication: TIA/EIA 568 (UTP)
  • Most Twisted Pair Types:
    1. Category (cat) 3, 5, 5e, 6, 6a, 7
    2. CAT 5e or higher are used in modern LANs
  • Flexible and easy to install; relatively good resistance to electronic interference but shorter distance and more expensive than UTP and unsecure
  • At one time, coaxial cable was the most widely used network cabling. There were a couple of reasons for coaxial cable's wide usage: it was relatively inexpensive, and it was light, flexible, and easy to work with.
  • This wire core can be either solid or stranded. If the core is solid, it is usually copper.
  • Surrounding the core is a dielectric insulating layer that separates it from the wire mesh. The braided wire mesh acts as a ground and protects the core from electrical noise and crosstalk(unwanted signals in a communication channel (as in a telephone, radio, or computer) caused by transference of energy from another circuit (as by leakage or coupling) ).
  • More Resistance to Crosstalk (signal overflow from an adjacent wire)
  • More resistant to interference and attenuation (the loss of signal strength that begins to occur as the signal travels farther along a copper cable) than twisted-pair cabling
  • Fiber-optic cables use light to carry digital signals. Fast transmission but expensive.
  • Cladding:
    1. Layers of glass or plastic surrounding fibers
    2. Different density from glass or fiber in strands
    3. Allows fiber to bend
    4. Reflects light back to core
  • Provides the greatest protection from noise and intrusion
  • Transmission rate of 100 Mbps
  • Cable length of 150-40,000 meters
  • Not affected by electrical interference/EMI
  • Supports voice, video, and data
  • Provides the most secure media
  • Most expensive cable
  • Not very flexible; difficult to work with
  • Commonly used in backbones (A central conduit designed to transfer network traffic at high speeds consisting routers or/switches connected by fiber optic or ethernet cables) between buildings and Token Ring networks
  • Specifications for fiber include the IEEE’s 10BaseFL (Ethernet) and
    1. SMF - Singlemode Fiber
    2. MMF - Multimode Fiber
  • Fiber Connectors and Couplers
    1. SMF Connectors, ie. LC
    2. MMF Connectors, ie. MT-RJ
    3. Both LC and MT-RJ are the latest technology of Fiber-optic
  • Fiber-Optic Converters and Modular Interfaces
    1. GBIC
    2. SFP
        2 Types of SFP
      1. XFP -
      2. SFP+ -
    3. Loopback adapter -
  • Common Fiber Cable Problems
    1. Fiber Type Mismatch
    2. Wavelenght Mismatch
    3. Dirty Connectors

2 Types of Twisted pair cable

  1. STP - Shielded Twisted Pair - Shielding helps protect the data from any sort of electromagnetic interference from an outside source. This could alter or weaken the signal traveling through the copper in the cable. More noise resistance.
  2. UTP - Unshielded Twisted Pair : Ethernet cable - Most flexible; cheapest cable but Shortest usable cable length; susceptible to electrical interference; unsecure; generally not good for use between buildings. Crosstalk is more common in UTP than in coaxial cable

Comparing STP and UTP: It's a tie

  1. UTP Less expensive
  2. STP harder to install
  3. UTP seems to be everywhere. But STP quite popular in Europe
  4. STP and UTP can travel at the same rates
  5. STP more noise resistance
  6. Both use Jack 45
  7. Maximum segment for both is 100 meters

Cable Pinouts / UTP

  1. TIA/EIA specifies 2 methods of inserting wires in RJ-45 plugs
    1. TIA/EIA 568A
    2. TIA/EIA 568B
  2. NO functional difference between the 2 models
  3. Straight-through Cable - Terminates RJ-45 at both end identically
  4. Cross over - Transmit and receive wires on one end reversed
  5. Roll over

    All wires r reversed

    Terminations are mirror image of each other

    Yoast cables or Cisco console cables

    Used to connect computer to console port of a router

Ethernet Standards for Twisted Pair Cabling / (Unshield)

    Standard
  1. 10Base-T
  2. 100Base-T/Fast Ethernet
  3. 1000Base-T
  4. 1000Base-TX
  5. 10GBase-T
    Max Transmission Speed (Mbps)
  1. 10
  2. 100
  3. 1000
  4. 1000
  5. 10 * 100 = 1000
    Max Distance/segment (m)
  1. 100
  2. 100
  3. 100
  4. 100
  5. 100
    Physical Media
  1. cat 3 or better
  2. cat 5 or better
  3. cat 5 or better, 5e preferred
  4. cat 6

Explore the Connectors, Converters, and Couplers for each Cabling Type

    Copper Connectors and Couplers
  • Connectors are pieces of hardware that connect the wire to the network device
  • Media Converters - Enables networks or segments running on different media to interconnect and exchange signals
  • Couplers - Passes data through a homogeneous connection without any modification

PoE (Power Over Ethernet)

  1. PoE - IEEE 802.3af specifies a method for suppply electrical power over twisted-pair Ethernet Connections
  2. 15.4 Watts for standard PoE devices
  3. 25.5 Watts for newer PoE+ devices (802.3at standard)
  4. PoE Standard has 2 types of devices
    1. PSE - Power Sourcing Equipement
    2. PD - Powered Devices

Transmission Flaws

  • Noise
      Type of Noise
    1. EMI - ie., Radio Frequency Interference
    2. Crosstalk
  • Attenuation - Loss of signal's strength as it travels far away from the source
  • Latency - Delay in transmission sent and received
    • Cause network transmission errors
    • Cause: Cable length or intervening connectivity device
  • Amplifier - Increases the voltage or strength of Analog signals
  • Repeater - Regenerates Digital signals in their original form

Examine Common Cable Problems and differentiate between various tools for troubleshooting those problems

  • Tone Generator
  • Tone Locator
  • Used to determine where wire pair terminates
  • Multimeter
    1. Checks for the presence of noise
    2. tests for the open or short circuit
  • Cable Continuity Testers/Cable Testers - used to test UTP, STP wired pair correctly
  • Copper based Cable Tester
  • Fiber-optic Continuity Testers - Check if Pulses reach other end
  • Cable performance Tester, line tester or certifier
  • TDR
  • OTDRs
  • OPM - Optical Power Meter

Chapter 6: Wireless Networking

    Objective

  1. Characteristics of wireless Transmission
  2. Characteristics of WLAN 802.11 Ethernet
  3. Install and Configure wireless Access Points and their clients
  4. Wireless Security Concerns
  5. Common Wireless Network Problems

Characteristics of Wireless Transmission

  1. Networks transmit through air via RF/Radio Frequency waves
  2. Wired and Wireless Share many similarities
    1. Use of Layer 3 or higher Protocols
  3. Nature of the air makes Wirelss Transmission differ from wired Transmission

Wireless Spectrum

  1. is Continuun of electromanetic waves used for data/voice communication
    1. Arrange from lowest to highest
    2. Span 9KHz and 300GHz
  2. FCC oversees United States frequencies
  3. ITU oversees International frequencies
    1. Air signals propogates across the border

Antennas

  1. Radiation Pattern
  2. Unidirectional antenna
  3. Omidirectional antenna

Signal Propagation

  1. LOS/Line Of Sight
  2. Multipath Signals

Signal Degradation

  1. Fading
  2. Attenuation
  3. Noise

Frequencies Range

  1. 2.4GHz
  2. 5GHz

Wireless Pan

Contains a few personal devices

  1. Infared light Used to connect peripherals devices such as printers
    1. Line Of Sight/LOS ie. Garage door
    2. Diffuse Mode

      - Devices have to be the same room

      - Need adapers

  2. Bluetooth ie. Speakers, Printers

      - Uses Radio Frequencies in the band of 2.4GHz - 2.485GHz

      - Hop between those frequencies called Frequency Hoppy

      - Devices have to be paired before before they can connect

      - Bluejacking - a connection used to send unsolicitated data

      - Bluesnarfing - a connection used to download data w/o permission

  3. NFS - Near Field Communication

    A form of radio communication that transfers data wirelessly over short distance

    • Signal can be transferred 1 way by an NFC tag or SMart tag

      - An employee needs access to secure area

    • The NFC tag collects power from smartphone or other device by magnetic induction

Wifi WLAN

  1. Ad Hoc - Use Wireless NICs. No intervening connectivity device
  2. Infrastructure WLAN - Stations communicates with APs/accesss points. Access points requires sufficient power & need strategic placement
  3. Mesh WLAN - May contain more than 1 AP and provide more fault-tolerant network to clients

802.11 WLAN Standards

- Most popular developed by IEEE's 802.11 committee.

- Notable standard: 802.11b, 802.11a, 802.11g, 802.11n, 802.11ac

- Use half-plex signaling

- Standards vary @Physical Layer

- 802.11n and later modify frames to be used at MAC sublayer

  1. 802.11b 2.4GHz
  2. 802.11a 5GHz
  3. 802.11g 2.4GHz
  4. 802.11n 2.4GHz-5GHz
  5. 802.11ac 5GHz

Access Method

  1. CSMA/CA
  2. RTS/CTS

Association

  1. SSID
  2. BSS
  3. ESS

IEEE 802.11 Frames

  1. Type of overhead required to manage access to an 802.11 network
    • ACKs, probes, beacons
  2. 802.11 specifies MAC sublayer (Data-Link)
  3. Multiple Frame Type Groups
    1. Mangement: association and reassociation
    2. Control: medium access and data delivery
      • ACKs and RTS/CTS frames
    3. Data: carry data sent between stations
  4. 802.11 data frame overhead
    • 4 address Fields
      • Source Addr
      • Transmitter Addr
      • Receiver Addr
      • Destination Addr
    • Sequence Control Field
      • How large packet fragmented
    • Frame Control Field
  5. Wifi differ in modulation methods, frequency usage and range

Wireless Innovations

  1. MIMO - Multiple Input-Multiple Output - multiple Access point antennas may issue signals to >=1 receivers
    • Increases network's throughput
    • Increases Access point's range
  2. MU MIMO - Multiuser MIMO
    • Newer Technology than MIMO
    • Reduces congestion thus faster data transmission
    • Allow multiple antennas to service multiple clients simultaneously
    • WAVE2 802.11ac products
  3. Channel Bonding - 2 Adjacent 20-MHz channels bonded to make 40-MHz channel
  4. Frame Aggregation
    • Combine multiple Frames into 1 large Frame
    • Reduce Overhead
    • 2 Techniques
    1. Aggregated Mac Service Data Unit (A-MSDU)
    2. Aggregated Mac Protocol Data Unit (A-MPDU)
  5. Maximum throughput
  6. 802.11n throughput: 65-500 Mbps
    • 802.11ac network's throuput 561 Mbps/client
  7. To ensure fastest data rates on 802.11n LAN
    • Use 802.11n compatable devices
    • 802.11ac can be implemented with both 802.11n & 802.11ac devices

Implementing a WAN

  1. How to design a small WAN
  2. How to install and configure Access Pionts & clients

Determining the Design

  1. Must belong the same ESS and eSSID
  2. Enterprise-wide WLAN

Configuring wireless Connectivity Devices

  1. Each AP comes w an installation guide on CD-ROM or DVD
  2. Variable set during installation
    • Admin Password
    • SSID
    • DHCP
    • SSID is broadcasting
    • Security Option

Configuring Wireless Client

  1. Configuring varies from 1 client to another
  2. As long as AP broadcasting its SSID
  3. On broading
  4. Off broading

802.11 wireless Network Security

  1. 802.11 Standard Security
  2. Authentication
  3. MAC Filtering
    • Prevents the AP from authenticating any device whose MAC address is not listed
  4. Encryption

WPA/WPA2 (Wifi-protected)

  1. WPA
    • Dynamically assign each transmission its own key
  2. WPA2
    • Replacement for WPA
    • A stronger encryption protocol
  3. Most secure communication is made possible by combining RADIUS Server with WPA/WPA2
    • Known as WPA Enterprise or WPA2-Enterprise

Security Threats to the wireless networks

  1. War Driving
  2. War Chalking
  3. Evil Twin
  4. WPA attacks
  5. WPS attacks

Troubleshooting Wireless LANs

  1. Cable Continuity & Performance Testers will tell nothing about wireless connections, stations,or APs on the network
  2. You need tools run on wireless protocols and contain wireless NICs

Wireless Network Tools

2 Types of software tools:

  1. Wireless Analyzer
  2. Spectrum Analyzer

Avoiding pitfalls

Wireless Configuration pitfalls to avoid:

  1. SSID Mismatch
  2. Incorrect Encryption
  3. Incorrect Antenna Replacement
  4. Incorrect or Overlapping channels or frequencies
  5. Mismatched Standards
  6. Insterference
  7. Simultaneous wired and wireless connections
  8. Problems with firmware updates

Chapter 7: Cloud Computing and Remote Access

Objective

  1. Identify the features and benefits of Cloud Computing
  2. How to remotely connect to a network
  3. Discuss VPNs and the protocols they rely on
  4. Methods of encryption: IPsec, SSL/TLS, SFTP, and SSH that can secure data in storage and transit
  5. RADIUS, TACACS, EAP, AND kerboros function
  6. Connectivity and Security problems encountered with remote connections

Cloud Computing

Deployment Models

  1. Public Cloud - VPN over public lines
  2. Private Cloud - VPN over a private company
  3. Community Cloud - VPN over at least 2 shared private organizations or more
  4. Hybrid Cloud - Any combo of service models into 1 single deployment.

Remote Access

Terminal Emulation or Remote Virtual Computing

  • Remote Virtual Computing
  • How to remotely connect to a network
  • Command line software: Telnet or SSH (secured)
  • GUI based software:
    • Remote Desktop for Windows
    • join.me - like Netmeeting
    • VNC
    • Team Viewer

Encryption Techniques

  • Encryption
  • Method of Encryption: Hashes: MD5, SHA
    1. MD5 - 128 bits - Primary Weakness is Propensity to collisions
    2. SHA - 160 bits - Resistance to collisions
      • SHA 2 supports a viriety of Hash sizes: SHA-256, SHA-512
      • SHA 3 is the latest version
  • 2 Wifi Security Encryptions
    1. TKIP - Temporal Key Integrity Protocol - similar to WEP encryption and now Obsolete
    2. AES - Advanced Encryption Standard - more secure Protocol now introduced w/WPA2 - weaknesses would be brute-force attacks (prevented by using a strong passphrase) and security weaknesses in other aspects of WPA2.

Authentication Protocols

Troubleshooting Cloud Computing & Remote Access

  1. Choose a secure password
  2. Network admin should:
    • Choose difficult password
    • Change them frequently
    • Keep them confidential
  3. When troubleshooting problems with remote connections, be sure to check configurations on the server handling AAA services

Misconfigurations

  1. Common issues:
    • Mistyped username or/and password
    • Improperly activate and inactivate user account
    • Misconfigured firewalls
    • Incompatible encryption or authentication settings
    • Network connection failure
    • Failed handshake
  2. Make sure server's date & time corrrect
  3. User roles must be properly defined
  4. Server logs for Configuration issues or client access
  5. Use ping or tracert to narrow down the connection problems

Chapter 8: Network Risk Management

Objective

  1. Assess network Management needs and vulnerabilities
  2. Risks Associated with Hardware, Software, Internet Access & People
  3. Effective Security Policy
  4. Appropriate security measures and devices when designing the networks
  5. Prevent & Respond to malware infections

Security Assessment

  • Should be done by a private company to avoid a bias
  • Posture Assessment should be done annually
  • A thorough examination of each aspect of the network to determine how it might be compromisedi

Security Risks

  • Hacker - Individual who gains unauthorized access to systems
  • Vulnerabilites - Weakness of a system, process, or architecture
  • Exploit - Weakness of a system, process, or architecture
  • Zero Day Attack - Taking advantage of undiscovered software vulnerability

Risks associated w/people

  • Half of all security breaches - Human errors, ignorance, omissions
  • Social Engineering - the art of manipulating people so they give up confidential information such as - password
  • Phishing - Pose as someone needing information
  • Take advantage of human error - Easy to circumvent network security

Risks Associated w/Hardware & Transmission

  • Physical, Data Link, and Network layer security risks - Requires Technical Knowledge
  • Risks inherent in network hardware and design
    • Transmission Intercept - Jamming
    • RF Emission - by the leakage of signals of the equivment
    • Eavesdropping - via leased public lines
  • Sniffing
  • Port accessed via port scanner
  • Private Address available to outside
  • Router Attack
  • ARP tables might be altered
  • Computers hosting sensitive data - May coexist on same subnet as public computers
  • Insecure passwords

Risks Associated w/Software & Protocols

  • Transport, Session, Presentation, & Application layers
  • Networking protocols and software risks
    • TCP/IP Security Flaws
    • Banner Grabbing Attack
    • Session hijack Attack - Man-in-the-middle (MitM) attack
    • Invalid trust relationships
      • DHCP Snooping
      • Dynamic ARP Inspection (DAI)
    • NOS back doors, security flaws
    • Buffer overflow
    • NOS allows server operators to exit to command prompt
    • Administrators default security options
    • Intercepting transactions between applications

Risks Associated w/Internet Access

  • Users access internet through remote access to an Internet service provider (ISP)
  • Remote access - server allows users to gain access to files and print services on the LAN from a remote location. For example, a user who dials into a network from home using an analog modem or an ISDN connection will dial into a remote access server. Virtual Private Networking (VPN) has replaced this traditional physical connection between the remote client and the server by creating a secure tunnel using IPsec over a public network (e.g., the Internet).
  • Common Internet-related security issues
    • Improperly configured firewall --> outsiders obtain IP addresses - IP Spoofing
    • Denial-of-service (DoS) attack - Hacker issues flood of broadcast ping messages w/an attempt to make a machine or network resource unavailable to its intended users. DoS attacks often target sites or services hosted on high-profile web servers such as banks, credit card payment gateways. Motives of revenge, blackmail or activism can be behind other attacks

      4 Types of DoS attack

      1. DDoS - Distributed DDoS - Attack being taken by attack source is more than one, often thousands of, unique IP addresses or zombies/botnet to several resources of the system flooding the system w/higher bandwidth --> depleting the resources.
        • To drive the application owner to raise the elasticity levels in order to handle the increased application traffic, in order to cause financial losses or force them to become less competitive
        • Buffer Overflow - Consume all available memory or CPU time: SSH - Application Layer 7
        • Fork Bomb/rabbit virus or wabbit - Application Layer 7 - Consume all available memory or CPU time (by saturating the operating system's process table) thus forking. Continually replicates itself to deplete available system resources, slowing down or crashing the system due to resource starvation.
        • A banana attack - Using a router to change the destination address of a frame directing the attacked computer to its own IP addr --> prevent a computer from outside contact
      2. DRDoS - Distributed Reflector DDoS - Attack bounced off of uninfected computers, called reflectors, before being directed at target
      3. PDoS - Permanent DDoS - Physical attack on a device that attempts to alter management interfaces beyond repair
      4. UDoS - Unintentional DDoS - Called a friendly attack because it is not done with malicious intent

Security Policy Goals

  • Prevent unauthorized user access
  • Protect unauthorized sensitive data access
  • Prevent accidental & intentional hardware and software damage
  • Create secure environment
  • Ensure authorized users have appropriate resource access
  • Strategy
    • Form committee - Involve as many decision makers as possible
    • Understand risks
      • Conduct posture assessment
      • Rate severity and likelihood of each threat
    • Assign person responsible for addressing threats

Security in Network Design - NOS Security - (Network Operating System) Security - Network Admin

  • Restrict user authorization the Access to server files and directories
  • Group users according to security levels

Logon Restrictions

  • Additional restrictions to strengthen security
    • Time of day
    • Total time logged on
    • Unsuccessful logon attempts
  • Secure passwords - A security technique that can be enforced by a network admin through the NOS

NAC - Network Access Control

  • Employs a set of rules called network policies - Which determine the level and type of access granted to a device when it joins a network
  • Authenticates and authorizes devices - By verifying that the device complies with predefined security benchmarks
  • An agent can be installed on the device before it can be authenticated
  • Two types of agents
    • Nonpersistent/dissolvable agent - Remains on the device long enough to verify compliance and complete authentication and then uninstalls
    • Persistent - Permanently installed on a device
    • Devices that do not meet compliance requirements can be placed in a quarantine network - separate from sensitive network resources

ACL Access Control Lists/Access list - a standard IP access ordered list of "statements" using a source address and wildcard that can deny or permit packets

  • used by Routers
  • Router's main function
    • Examine packets
    • Exam Source Destination based on network addresssing info
  • ACLs used by Routers to forward or decline packets to and from the networks router protects
  • Each router interface must be assigned a separate ACL, which includes inbound and outbound traffic
  • The "access-list" command is used to assign a "statement" to an already-installed ACL
  • ACLs do affect router performance - The more statements or tests a router must scan the more time it takes a router to act

Intrustions Detection and Prevention (IDS and IPS)

  • IDS: A device or software application that monitors a network or systems for malicious activity or policy violations.
  • Any detected activity or violation is reported either to an administrator or collected centrally using a security information and event management (SIEM) system
  • A SIEM combines outputs from multiple sources, and uses alarm filtering techniques to distinguish malicious activity from false alarms.
  • IPS: firewalls
    • Most rules are "deny" rules: "block this known security problem." When a packet shows up at the IPS, the IPS looks through its rule list from top to bottom for some reason to drop the packet

Firewalls

  • Specialized device or computer installed with specialized software - A network security device that grants or rejects network access to traffic flows between an untrusted zone (e.g., the Internet) and a trusted zone (e.g., a private or corporate network).
  • Sit inline between two networks and control the traffic going through them
  • Firewall location
  • Packet-filtering firewall
  • Firewall default configuration
    • Blocks most common security threats
    • Network administrators often customize settings
  • Common packet-filtering firewall criteria
    • Source and destination IP addresses and Port#
    • Transmissions using UDP or ICMP protocols
  • Optional firewall functions
    • Encryption
    • User authentication
    • Centralized management
    • Content-filtering based on data contained in packets
    • Logging, auditing capabilities
    • Protect internal LAN’s address identity
    • Monitor packets according to existing traffic streams (stateful firewall)
  • Unified Threat Management (UTM) - Strategy that combines multiple layers of security appliances and technologies into a single safety net
  • Next Generation Firewalls (NGFW)
  • UTMs let us have both security services (blocking security threats, allowing known good traffic) into a single device
  • Most common cause of firewall failure is firewall misconfiguration

Proxy Servers - Application Layer 7

  • Proxy Service: Software application on a network host
    • Network host running proxy service
    • Acts as an intermediary between external and internal networks
    • Screens all incoming and outgoing traffic
    • Appears an internal network server to the outside world, but is a filtering device for internal LAN

SIEM - Security Information Event Management

  • SIEM systems can be configured to evaluate all log data - Looking for significant events that require attention from the IT staff
  • Determined by the amount of storage space needed for the amount of data generated
  • Network administrators can fine-tune a SIEM’s configuration rules for the specific needs - Which event should trigger responses

Scanning Tools

  • Used during posture assessment (Security Assessment) to duplicate hacker's method
  • Tools:
    • NMAP (Network Mapper)
      • Software to scan large networks
      • to discover hosts and services thus creating a "map" on a network
    • Nessus - Perform more sophisticated than NMAP

Honeypots & Honeynets

  • Honeypot
    • Decoy system that is purposefully vulnerable
    • Designed to fool hackers and gain information about their behavior
  • Honeynet
    • Honeypot Network
  • Decoy System
    • Called lures, can provide unique information about hacking behavior

Malware Types & Characteristics

Malware TypeCharacteristics/Propagation MethodLocation Found
Virus
  • Macro viruses Take the form of macro - Excel
  • Boot sector virus - Position code in boot sector of hard disk
a virus is spread by human action people will unknowingly continue the spread of a computer virus by sharing infecting files or sending emails with viruses as attachments in the email Attached itself to executable files - Excel
Worms Similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. Can replicate itself on system, does not require human action to spread.
  • Polymorphism - Change characteristics every time they transfer to new system
  • Time dependence
    • Can remain dormant and harmless until date arrives
    • Logic bombs: programs designed to start when certain conditions met
A worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line. Spread through IRC (Internet Relay Chat)
Trojan horses
  • Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.
  • Disguises itself as somthing useful which actually harms your system
  • Propagate themselves via network protocols, commands, messaging programs, and data links
  • Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source.
Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source.
Bots/ZombiesBuffer Overflow SSH layer, Application Layer 7 - IP Spoofing

Anti-Malware Software

  • Effective malware protection requires:
  • Malware leaves evidence - Some detectable only via anti-malware software
    • Unexplained file size increases
    • Significant, unexplained system performance decline
    • Significant, unexpected system memory loss
    • Periodic, unexpected rebooting
  • Malware often discovered after damage done
  • Look for anti-malware software that perform the following functions:
    • Signature scanning - Compares file’s content with known malware signatures
    • Integrity checking - Compares current file characteristics against archived version
    • Monitoring unexpected file changes
    • Receive regular updates from central network console
    • Consistently report valid instances of malware
  • Key: deciding where to install software
    • Host-based
    • Server-based
    • Network-based
    • Cloud-based

Anti-Malware Policies

  • Rules for using anti-malware software
  • Rules for installing programs, sharing files, using external disks
  • Measures should be designed to protect network from damage and downtime (Period where computers not responding)

Chapter 9: Unified Communication & Network Performance Management

Objective

  1. Learn concepts of network management
  2. Utilize system and event logs to evaluate, monitor, and manage network performance
  3. Learn how Unified communications, including voice and video transmissions, affect network performance
  4. Explain 3 common quality of service techniques
  5. Troubleshoot network availability issues and evaluate network redundancy measures

Fundamentals of Network Management

  • Network management - Refers to the broad subject of managing computer networks. There exists a wide variety of software and hardware products that help network system admins manage a network. Network management covers a wide area, including:
    • Security
    • Performance
    • Reliability

Baseline Measurements

  • Baseline
    • Report of network’s current operation state
  • Example baseline measurements
    • Network backbone utilization rate
    • # of Users logged on per day or per hour

Policies, Procedures, and Regulations

  • State and federal regulations
  • CALEA (Communications Assistance for Law Enforcement Act)
  • HIPAA (Health Insurance Portability and Accountability Act)
  • PCI DSS (Payment Card Industry Data Security Standard)

Monitoring and Managing Network Traffic

  • Assess network’s status on an ongoing basis
  • Performance management
  • Fault management

SNMP Logs

  • SNMP (Simple Network Management Protocol)
    • It is used for collecting information from, and configuring, network devices, such as servers, printers, hubs, switches, and routers on an Internet Protocol (IP) network
    • Part of TCP/IP suite
    • SNMPv3: most secure version of the protocol
    • SNMPv2: still widely used
    • SNMPv1: original version; rarely used today
  • smnp-log

System and Event Logs

  • Event log
    • Windows-based computer log containing monitored device information
  • Event Viewer application
    • Application to view log information in Windows

Traffic Analysis

  • Network monitor
    • Process of reviewing, analyzing and managing network traffic for any abnormality or process that can affect network performance, availability and/or security
  • Interface monitor
    • Collects and analyzes performance, traffic, and bandwidth data for network interfaces. It is used to detect, diagnose, and resolve network performance issues at a specific interface between a server or/client and the network
  • Difference between Network VS Interface Monitors
    • Network monitor can monitor traffic that a single device encounters
    • Interface monitor can monitor traffic patterns throughout a particular network
  •    traffic-analysis
  • All network monitoring tools can perform the following functions
    • Set the NIC to run in promiscuous mode to pass all traffic to the monitoring software
    • Continuously monitor network traffic on a segment
    • Capture network data transmitted on a segment
    • Capture frames sent to or from a specific node
    • Generate statistics about network activity
  • Some can also perform the following functions
    • Establish a baseline, including performance, utilization rate, and so on
    • Track utilization of network resources and device resources and report it in graphs or charts
    • Trigger alarms for certain preconfigured conditions
    • Identify usage anomalies: top talkers or top listeners
  • Monitoring tools identify the following
    • Runts - A packet that is too small
    • Giants
    • Jabber - An error in which a faulty device (usually a NIC ) continuously transmits corrupted or meaningless data onto a network. This may halt the entire network from transmitting data b/c other devices will perceive the network as busy.
    • Ghosts
      • A ghost site is a Web site that is no longer maintained but that remains available for viewing
      • On the Web's live chat medium, the Internet Relay Chat (IRC), a ghost is a vacated user session that the server believes is still active.
    • Packet loss
    • Discarded packets
    • Interface resets
  • Alerts might be transmitted by email or text
    • Called SMS (Short Message Service)
  • Some of the technologies that incorporate network traffic monitoring include
    • Firewalls
    • Intrusion detection and prevention systems/IDS & IPS
    • Network monitoring, managing and performance software: Packet Sniffer
    • Anti-virus/Anti-malware software

Traffic Management

  • Traffic shaping (packet shaping)
  • Techniques
  • Prioritization
  • Based on these characteristics
    • Protocol
    • IP addr
    • User group
    • DiffServ (Differentiated Services) flag in an IP packet
    • VLAN tag in Data Link layer frame
    • Service or application

DiffServ (Differentiated Service)

  • Classifies & manages network traffic filtering or queue assignments and helps to provide QoS for modern Internet networks by using 6-bit field in an IP header for the classification of packets.
  • 2 forwarding types
    • EF (Expedited Forwarding)
      • Data stream assigned minimum departure rate
      • Circumvent delays
    • AF (Assured Forwarding)
      • Data streams assigned different router resource levels
      • Prioritizes data handling
      • No guarantee of on time, in sequence packet arrival

Caching

  • Local storage of frequently needed files for quick access
  • Web caching
    • Most common caching type, highly customizable
    • Web pages stored locally - on host or network, and then delivered to requesters
  • ISP cache engine
    • Network device devoted to storage, frequently requested file delivery
    • Saves money; lowers WAN traffic

Unified Communications Technologies

  • A user can
    • Access the Web
    • Send/receive faxes, email, voice mail, instant messages, or telephone calls
    • Participate in videoconference calls
  • PSTN (Public Switched Telephone Network)
  • Switching
    • Circuit-switched networks
    • Packet-switched networks
      • Does not waste bandwidth by holding a connection open until a message reaches its destination

VoIP Applications and Interfaces

  • VoIP (Voice over IP) VoIP telephony - A set of hardware & software used to manage the delivery of voice information in digital form/discrete packets rather than by using the traditional circuit-committed protocols of PSTN over IP networks - Internet
  • In addition to IP - VoIP uses the real-time protocol (RTP) to help ensure that packets get delivered in a timely way
  • Data connection types
    • T-carriers, ISDN, DSL, broadband cable, satellite connections, WiFi, WiMAX, HSPA+, LTE, cellular telephone networks
  • Reasons for implementing VoIP
    • Major Advantage: Avoids the tolls charged by ordinary telephone service thus Lower voice call cost by ordinary telephone service
    • Centralize voice and data network management
  • Voice and data configurations

Video over IP Applications and Interfaces

  • Videoconferencing (video teleconferencing or VTC) - IP based video systems are always connected to the packet-switched network. This constant connectivity allows these systems to be remotely controlled and managed from a central, remote location.
  • To conduct a conference between two or more participants at different sites by using computer networks to transmit audio and video data. For example, a point-to-point (two-person) video conferencing system works much like a video telephone
  • Cisco Systems estimate: By 2018, over 79% of Internet traffic will be video traffic

Streaming Video

  • Simplest among video-over-IP applications
  • Video-on-demand (VoD)
    • Files stored on video streaming server
    • Viewer chooses video when convenient using web browser
    • Popular
  • Live streaming video - From source directly to user

Videoconferencing

  • Unidirectional video-over-IP services
  • Full-duplex connections
  • Real time
  • Benefits
    • Replace face-to-face business meetings
    • Allow collaboration
    • Cost savings, convenience
  • System requirements
    • Computer workstation w/cameras, microphones, software
    • Video terminal or video phone
  • Video bridge
    • Manages multiple audiovisual sessions
    • depend on signaling protocols

      Signaling Protocols

      • Set up, manage client sessions
      • Perform several other functions

Protocols Used

  • H.323

    • A standard approved by the International Telecommunication Union (ITU) to promote compatibility in videoconference transmissions over IP networks as a way to provide consistency in audio, video and data packet transmissions in the event that a local area network (LAN) did not provide guaranteed service quality (QoS).
    • Supports voice, video-over-IP services
    • Supports Point-to-point and multi-point conferences
    • Terms
      • H.323 terminal
      • H.323 gateway
      • H.323 gatekeeper
      • H.323 zone
      • MCU (multipoint control unit)
    • Ex: GnuGK and NetMeeting
  • SIP (Session Initiation Protocol)

    • Performs similar functions as H.323 but w/limited capabilities - Ex: no caller ID
    • Application layer signaling, multiservice control protocol, packet-based networks
    • Modeled on HTTP
    • Reuse existing TCP/IP protocols
      • Session management, enhanced services
    • Network components
      • User agent
      • User agent Client
      • User agent Server
      • Registrar Server
      • Proxy Server
      • Redirect server
    • sip
  • SIP and H.323

    • Regulate call signaling, control for VoIP or video-over-IP clients and servers
    • Do not account for communication between media gateways
    • Both the Session Initiation Protocol (SIP) and H.323 use RTP
  • Advantages of SIP over H.323
    • Simplicity
    • More flexible
    • Fewer instructions to control call
    • Consumes fewer processing resources

MGCP (Media Gateway Control Protocol) and Megaco/H.248

  • MGCP and Megaco/H.248 are the Media Gateway Control Protocols defined by the IETF and ITU-T for use in distributed switching environments
  • Megaco and H.248 are equivalent names for the same protocol, developed jointly between the IETF and the ITU-T; Megaco is the IETF name and H.248 is the ITU-T name
  • Accepts PSTN lines
  • Converts analog signals into VoIP format
  • Translates between different signaling protocols
  • Used on multi-service networks supporting many media gateways
  • Operate with H.323 or SIP
  • MGC (media gateway controller)/Call Agents or SoftSwitches
    • Computer managing multiple media gateways
    • Signaling logic is located here
    • Facilitates exchange of call signaling information
    • Advantageous on large VoIP networks
    •   mgc
  • Media Gateways (MGs): Media logic is located here

Transport Protocols

  • Protocols set to deliver Voice or VDO payload
  • Transport layer protocols
    • TCP: connection oriented protocol
      • Delivery guarantees
    • UDP: connectionless protocol
      • For Real time
      • Delivery not guarantee

RTP (Real-time Transport Protocol)

  • Operates at Application layer
  • Used in VoIP telephony
  • Relies on UDP at the Transport layer
  • Assigns packet timestamp
  • No mechanism to detect success

RTCP (Real-time Transport Control Protocol)

  • A sister protocol of RTP
  • Packets transmitted periodically
  • It partners with RTP in the delivery and packaging of multimedia data, but does not transport any media data itself
  • Provides out-of-band statistics and control information for an RTP session
  • RTP and RTCP
    • Cannot correct transmission flaws
    • Provide information about packet order, loss, delay
  • Primary function of RTCP
    • Provide feefback on the Quality of service (QoS): the numbers of lost packets, round-trip time, and jitter by periodically sending statistics information to participants in a streaming multimedia session so that the sources can adjust their data rates accordingly.

MPLS (Multiprotocol Label Switching)

  • A type of data-carrying technique that directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table. MPLS allows most packets to be forwarded at Layer 2 (the switching level) rather than having to be passed up to Layer 3 (the routing level).
  • Modifies data streams at Network layer
  • Replaces IP datagram header with label
  • Considers network congestion
  • Very fast forwarding
  • Destination IP address compared to routing tables

CoS (Class of Service)

  • Refers to techniques performed at Layer 2 on Ethernet frames
  • Used to route Ethernet traffic between VLANs - Addressed to a specific VLAN
  • Priority code point (PCP) Scheme: 3 bit field within an Ethernet frame header when using a 802.1 network
  • This field specifies a priority value between 0 and 7 with 0 being the lowest priority and 7 the highest

QoS (Quality of Service) Assurance

  • QoS measures network service performance
    • High QoS: uninterrupted, accurate, faithful reproduction
  • Service quality now comparable to PSTN, cable TV
  • Preventing delays, disorder, distortion
    • Requires more dedicated bandwidth
    • Requires techniques ensuring high QoS
  • VoIP, video over IP transmission difficulty
    • Caused by connection’s inconsistent QoS
  • 4 parameters are used to describe quality of service
    • End-to-end latency refers to the total transit time for packets in a data stream to arrive at the remote endpoint. The upper bound for latency for H.323 voice and video packets should not be more than 125-150 milliseconds. The average packet size for video packets is usually large (800-1500 bytes) while audio packet sizes are generally small (480 bytes or less). This means that the average latency for an audio packet may be less than that for a video packet as intervening routers/switches typically prioritize smaller over larger packets when encountering network congestion.
    • In stream latency Relative latencies encountered between the audio and video data streams. It is based on how the relative average transit time for the given streams, at any given point, vary from each other
    • Jitter or variability of delay This refers to the variability of latencies for packets within a given data stream and should not exceed 20 - 50 milliseconds for an uninterrupted video conference, and an increase in jitter caused by an underpowered network connection can cause 'skipping' or 'freezing' of a picture, resulting in noticeable disruption
    • Packet loss - Acceptable rates of packet loss range from 0.1 to 2 per cent, otherwise picture loss and audio drop outs result.

Troubleshooting Network Integrity and Availability

  • Integrity - Assurance that a network’s programs, data, services, devices, and connections have not been altered
  • Availability - How consistently and reliably a file or system can be accessed
  • Uptime - The time that hardware, an IT system or device is successfully operational measured in percentage
  • Downtime - Opposite from Uptime - Time that service is not operational
  •  uptime

Fault Tolerance

  • Capacity for system to continue performing - Despite unexpected hardware, software malfunction
  • Fault
  • Fault-tolerant system goal
  • Failure
  • Failure

Devices and Interfaces

  • Enables communication between devices that use different protocols by supplying a common transmission protocol, which may be used instead of the devices' own protocols, or may be used to convert the specific device protocol to the common one.
  • Ex: NIC (Network Interface Card)

Data Backup

  • Backing up data is sometimes confused with archiving data. A backup is a secondary copy of data used for data protection whereas, an archive is the primary data, which is moved to a less-expensive type of media (such as tape) for long-term, low-cost storage.
  • 2 Purpooses of Data Backup
    • Recover data after its loss
    • Recover data from an earlier time
  • Plan what type of backup will be done - Data repository models/ destination designated for data storage
    • Full - Is the most basic and complete type. This type of backup makes a copy of all data to another set of media, which can be tape, disk or a DVD or CD
    • Incremental
      • Copying only the data that has changed since the last backup operation of any type. The modified time stamp on files is used and compared to the time stamp of the last backup.
      • The benefit
        • They copy a smaller amount of data than a full. Thus, these operations will complete faster, and require less media to store the backup
        • And, it can be done as many times as possible
    • Differential backup
      • Similar to an incremental the first time it is performed that is it will copy all data changed from the previous backup.
      • However, each time it is run afterwards, it will continue to copy all data changed since the previous full backup.
      • Thus, resulting in more data and time backup - more than Incremental but less than Full Backup
  • Develop a backup schedule
  • Establish a regular schedule of verification

Chapter 10: Network Segmentation and Virtualization

Objective

  1. Describe methods of network design unique to TCP/IP networks, including subnetting, CIDR, and supernetting
  2. Explain virtualization and identify characteristics of virtual network components
  3. Describe techniques for incorporating virtual components in VLANs
  4. Explain the advanced features of a switch and understand popular switching techniques, including VLAN management
  5. Identify methods of combining VM and VLAN technologies

Segmentation and Subnetting

  1. Segmentation
  2. Accomplish the following
    • Enhance security
    • Improve performance
    • Simplify troubleshooting

How a Computer Uses a Subnet Mask

  • IPv4 address is divided into two parts
    • Network ID
    • Host ID
    • ipv4-1

      Classes A, B and C are used for regular unicast addresses; each has a different dividing point between the Network ID and Host ID. Classes D and E are used for multicast addresses and not divided in this manner

    • Subnet Masks are used so devices can determine which part of an IP address is network ID and which part is the host ID

      class A: 0.0.0.0.0 - 127.255.255.255 0.0.0.0 [0]0000000.00000000.00000000.00000000 ^ 127.255.255.255 [0]1111111.11111111.11111111.11111111 ^ most significant bit = 0

      class B: 128.0.0.0 - 191.255.255.255 128.0.0.0 [10]000000.00000000.00000000.00000000 ^ 191.255.255.255 [10]111111.11111111.11111111.11111111 ^ most significant bits = 10

      class C: 192.0.0.0 - 223.255.255.255 192.0.0.0 [110]00000.00000000.00000000.00000000 223.255.255.255 [110]11111.11111111.11111111.1111111 ^ most significant bits = 110

      • ipv4

        In this figure: Network ID is 8 bits of 227, which is class C and Host ID is 24 bits of 82.157.177

    • ex-of-ipv4-subnet-masks

      Network Addr = IP Addr AND Subnet Mask = 192.168.123.0

      Broadcast Addr = Network Addr OR Inverted Subnet Mask (Wild Card) = 192.168.123.255

    • Network Classes
      • A, B and C. We don't deal with classes D & E in this class.
    • ex-of-ipv4-subnet-masks

CIDR (Classless Interdomain Routing)

  • CIDR
    • Provides additional ways of arranging network and host information in an IP address
    • Takes the network ID or a host’s IP address and follows it with a forward slash (/), followed by the number of bits used for the network ID
  • 192.168.89.127/24
    • 24 represents the number of 1s in the subnet mask and the number of bits in the network ID
    • Known as a CIDR block

Why Subnets?

  • To better manage network traffic, segment the network so that each floor contains one LAN, or broadcast domain
  • Example: A business has grown from 20-30 computers to having a few hundred computers on three floors
    • There is only a single LAN or broadcast domain
    • One router serves as the default gateway for the entire network
  • One subnet for the entire building/all floors
  • subnetting-diag
  • A seperate subnet for each floor
  • subnetting-diag

Subnet Mask Tables

  • Class A, Class B, and Class C networks
  • Class B subnet Masks
  • subnetting-diag
  • Class C subnet Masks
  • subnetting-diag
  • Example of Class C Subnetting Diagram
  • subnetting-diag
  • Class C Subnetting Diagram
  • subnetting-diag

Supernetting

  • Supernetting
    • Combine contiguous networks that all use the same CIDR block into one supernet
  • Also called classless routing or IP address segmentation
  • Supernetting is helpful for two reasons
    • Reduce the number of routing table entries by combining several entries
    • Allow a company to create a single network made up of more than one Class C license
  • supernetting

Subnetting in IPv6

  • Each ISP can offer customers an entire IPv6 subnet
  • First four blocks serve as the network prefix or routing prefix
  • Interfaces that share a network prefix belong to the same subnet
  • The slash notation is called the prefix mask
  • Example: 2608:FE10::/32
    • Includes all subnets whose prefixes begin with 2608:FE10
    • ipv6
    • ipv6-1

Virtualization

  • Emulation of a computer, operating system environment, or application:
  • Virtual machines (VMs)
    • Virtual workstations
    • Virtual servers
  • Can be configured to use different types of:
    • CPU
    • Storage drive
    • NIC
  • Host
    • Physical Computer
  • Guest
    • Each virtual machine
  • Hypervisor
    • Software that allows you to define and manage virtual machines (also known as a virtual machine manager)
  • vm-elements
  • Advantages of virtualization
    • Efficient use of resources
    • Cost & Energy Savings
    • Fault & Threat isolation
    • Simple backups, recovery, and replication
  • DisAdvantages of virtualization
    • Compromised performance
    • Increased Complexity
    • Increased licensing costs
    • Single point of failure
  • VMware - managing virtual workstations on a single host
    • Microsoft’s Hyper-V
    • KVM (Kernel-based Virtual Machine)
    • Oracle’s VirtualBox
    • Citrix’s XenAPP
  • Virtual network - Virtual machines on a physical server
  • Virtual Network Components
    • Virtual switch - 2 types of Ports on Virtual Switch
      • Access Port - Used for connecting a single mode
      • Trunk Port - Managing traffic among multiple VLANs
    • Bridge
    • Host-Only Adapter
    • Ethernet Adapter
    • NAT
    • DHCP Server
  • Most networks combine: physical & virtual elements
  • Virtual Appliances and Virtual Network Services
  • VRRP (Virtual Router Redundancy Protocol) and HSRP (Hot Standby Routing Protocol)
    • Enable two or more routers on a LAN to work together
  • SDN - Software Defined Networking
  • VLANs and Trunking
    • Reasons for using VLANs
      • Separating groups of users who need Special Security or Network Functions
      • Isolating connections with Heavy or Unpredictable Traffic Patterns
      • Identifying groups of devices whose Data w/Priority Handing
      • Containing groups of devices rely on legacy protocols incompatible with the majority of the network’s traffic
      • Separating a large network into smaller subnets
    • Trunk
      • A single physical connection between Switches + Logical VLANs through which can transmit and receive data
      • vlans-trunking
    • Cisco’s VTP (VLAN trunking protocol)
      • The most popular protocol for exchanging VLAN information over trunks
      • Allows changes to VLAN database on one switch, called "the stack master", to be communicated to all other switches in the network
    • vlans-trunking-0

      To allow different VLANs to exchange data, You need to connect VLANs with a router or Layer 3 switch

Chapter 11: WAN

Objective

  1. Explain different WAN topologies, including their advantages and disadvantages
  2. Identify variety uses of WANs
  3. Compare the characteristics of WAN technologie, switching type, throughput, media, security, and reliability
  4. Describe several WAN transmission and Connection methods
  5. Describe wireless WAN technologies: 802.16 (WiMAX), HSPA+, LTE, and satellite communications
  6. Common Problems with WAN connections and Ways to prevent Internet Connection Problems

Differences between LAN and WAN

  • bus-topology-wan

WAN Services

WANs can be built using less costly circuit switching or packet switching methods. Network protocols including TCP/IP deliver transport and addressing functions. Protocols including Packet over SONET/SDH, MPLS, ATM and Frame Relay are often used by service providers to deliver the links that are used in WANs. X.25 was an important early WAN protocol, and is often considered to be the "grandfather" of Frame Relay as many of the underlying protocols and functions of X.25 are still in use today (with upgrades) by Frame Relay.

WAN services that are used to connect two networks through a WAN.

Service Description
Networks Protocols
PSTN
    DSL:
  • Transmits digital signal over telephone lines
  • Directly competes with T-1 and broadband cable
  • Best suited for WAN local loop
  • Most of its two-way or duplex bandwidth is devoted to the downstream direction, sending data to the user
Plain Switched Telephone Network = POTS/Plain Old Telephone Service
  • xDSL: ADSL, G.Lite, HDSL, SDSL, VDSL, SHDSL
  • Asymmetrical Symmetrical
    Downstream throughput higher than upstream throughput Equal capacity for upstream, downstream data
    Best use: video conferencing, web surfing
    ADSL, G.Lite HDSL, SDSL, SHDSL
    North America Mainly in Europe
    1. Frame Relay Obselete now - Connectionless
    2. ISDN
    • Integrated Service Digital Network
    • Standardized multiplexing protocols that transfer multiple digital bit streams synchronously over optical fiber using lasers or highly coherent light from light-emitting diodes (LEDs).
    2 Rates
    • Basic Rate - PSTN
    • Primary Rate - T1
      • TDM/Time Division Multiplexing - Packet Switching includes long-distance telephone service over a T1 wire line
      • GSM (Global System for Mobile Communications)
      • STDM: Statistical TDM represents an improvement over standard TDM. (Next node can send packets if one mode is not available) is used in packet-switching networks for LAN and Internet communications
      • Note: FDM (Frequency Division Multiplexing) each signal is assigned its own frequency range (or channel) within a larger frequency band: FM Radio, Cable TV
    3. MPLS
    • Multiprotocol Label Switching Protocol
    • Suports: DSL, Frame Relay, T1/E1, and ATM,
    • A protocol for speeding up and shaping network traffic flows
    • MPLS allows most packets to be forwarded at Layer 2 (the switching level) rather than having to be passed up to Layer 3 (the routing level)
    • Each packet gets labeled on entry into the service provider's network by the ingress router
    • Connection-oriented protocol
    • Supports: variable-length frames
    4. ATM
    • Asynchronous Transfer Mode
    • Operates at the data link layer (Layer 2 in the OSI model) over either fiber or twisted-pair cable
    • ATM utilizes no routing. Hardware devices known as ATM switches establish point-to-point connections between endpoints and data flows directly from source to destination.
    • Uses Packet Swtiching w/a fixed length
    • Connection-Oriented
    • Carrying time-sensitive data: voice and video.
    5. SONET/SDH
    • Synchronous Transfer Mode Protocol
    • Synchronous Digital Hierarchy - International version
    • Transport Protocol that Most PSTN networks use within the long-distance portion of the PSTN network
    • OC-Carriers

    WAN Media Facts

    Carrier Speed (Kbps) Description
    POTS 56
    • Plain Old Telephone Service or PSTN - dedicated circuit switching
    • A modern digital phone (such as a cordless phone) that is not a VoIP phone
    • Uses "Time Division Multiplexing" (TDM) which uses "packet Switching" where data being broken down and moved in pieces across a network
    • One Twised pair STP copper telephone lines
    • A privately owned PSTN network is called a "Private Branch Exchange" (PBX)
    • Note: VoIP - making a local (circuit switched) call from the nearest (packet switching) server. This is why Voice over Internet Protocol minutes are so much cheaper than PSTN minutes
    • T1
    • T3
    • 1.54
    • 44.74
    • T1 lines run over 2-pairs of UTP cabling, although they can also run over other media such as coaxial, fiber-optic, and satellite. T3 lines use fiber-optic cable.
    • A T1 line has 24 channels @64 Kbps/each. A T3 line has 672 channels @64 Kbps/each.
    • A T1/T3 connection requires a Channel Service Unit (CSU) and a Data Service Unit (DSU). (A DSU reads and writes synchronous digital signals, and a CSU manages the digital channel.)
    • To connect routers over their CSU/DSU interfaces, use a T1 crossover cable.
    • T3 is also known as a Digital Signal 3 (DS3).
    • OC-1
    • OC-3
    • OC-12
    • OC-24
    • OC-48
    • OC-192, 256, 768
    • 51.84
    • 155.52
    • 622.08
    • 1244.16
    • 2488.32
    • 10 Gbps, 13.27 Gbps, 39.2 Gbps
    • Optical carrier specifications define the types and throughput of fiber optic cabling used in SONET (Synchronous Optical Network).
    • Each OC level is a multiple of the Base Rate (OC-1). To get the 622.08 Mbps throughput rating of OC-12, multiply the 51.84 Mbps Base Rate by 12.
    • Optical carriers use the following types of Wavelength Division Multiplexing (WDM) to increase capacity of communication over fiber optic cabling:
      • Coarse Wavelength Division Multiplexing (CWDM) (used in 10GBase-LX4 Ethernet networks)
      • Dense Wavelength Division Multiplexing (DWDM) (used in fiber optic backbones and long distance data transmission, with speeds up to 400Gbps)
    Note: E1, E3, J1, & J3 are used in Europe & Japan. Very Similar to T-Carrier

    WAN Network Topologies

    • wan-network-topologies
    Type Description
    Bus Topology WAN
    • bus-topology-wan
    • Each site connects serially to two sites maximum
    • Each site depends on every other site to transmit and receive traffic
    • Different locations connected to another through point-to-point links
    • Best Use: Small WAN, dedicated circuits
    • Drawback: Not scalable
    Ring
    • bus-topology-wan
    • Connects locations rather than local nodes
    • Relies on redundant rings: Data Rerouted upon site failure
    • Best use: 5 locations max
    • Drawback:Difficult, expensive
    Star
    • star-topology-wan
    • Single site acts as a central connection point
    • Separate data routes between any two sites
    • Advantages
      • Single connection failure affects one location
      • Shorter data paths between any two sites
      • Expansion: simple, less costly
      • Drawback: Central point failure affects entire site
    Mesh
    • mesh-topology-wan
    • Data travels directly from origin to destination
    • Most fault-tolerant WAN type
    • Full Mesh: Every WAN site directly connected to every other site
      • Drawback: Cost
    • Patial Mesh: Every WAN site directly connected to every other site
      • Less Costly
    Tiered
    • bus-topology-wan
    • Sites connected in Star or Ring formations
    • Interconnection points are organized into layers, which form hierarchical groupings
    • Advantages: Allows many variations, practicality

    Chapter 12: Industrial & Enterprise Networking

    Objective

    1. Identify significant components of an industrial control system or SCADA system
    2. Inventory and manage network assets and identify significant business documents
    3. Create and follow appropriate change management procedures for major and minor network changes
    4. Identify physical security controls to limit or monitor access to secure areas
    5. Describe the components of a reliable disaster recovery plan and a defensible incident response plan

    Industrial Network Component

    1. SCADA
    2. RTU
    3. PLC
    4. Communication channels
    5. HMIs Human-Machine Interfaces
    6. Software & ICS Servers
      1. I/O Servers
      2. Central Server, MTU (Master Terminal Unit) or SCADA
      3. Historian

    ICS controls the physical system

    1. Open loop
      • Predetermined Expectations, events and past history
    2. Closed loop
      • Real time decision
      • DCS: Distributed Control System

    Securing an ICS/SCADA Network

    • Inventory all connections to your ICS/SCADA network
    • Segment
    • Deploy a DMZ between Corporate network and ICS network
    • Deploy Redundancy for Fault Tolerant. Have a backup connected to RTU
    • Keep current all documentation needed for configuration managment
    • Implement role-based access (RBAC) to the system

    Business Documents

    • RFP
    • MOU
    • SOW
    • SLA
    • MLA

    Change Management

    • Software Changes
      • Patches
      • Upgrades or Updates
      • Rollbacks

    Physical Security Controls

    • To guard against information
    • Degausser: to erase classified/sensitive data using a magnetic hard drive eraser
      • 1st path: 0
      • 2nd path: 1
      • 3rd path: random character
      • Windows uses cipher command to remove data. @the command prompt type:
      • >cipher /w:directory

    Disaster Recovery Planning

    • Account for worse-case scenarios
    • Identity disaster recovery team or Red Team
    • Provide contingency plans for restoring and replacing

    Disaster Recovery Contingencies

    • Cold site
    • Warm site
    • Hot site

    Forensics

    • Data Collected might be presented in a court of law
    • A Response Policy should detail the followong steps
    • A Report
    • Members of Response Team
      • Dispatcher
      • Manager
      • Technical Support Specialist
      • Pubic Relations Specialist

    Credit: Figures Cengage Learning

    About

    continue-Education

    San Diego Continuing Education is committed to providing the best content to every student.

    My Class List

    Save Your Classes