STUDY GUIDE - Final Exam ITN 100.docx
Document Details
Uploaded by Deleted User
Full Transcript
STUDY GUIDE\ ***[All Sections of the backbone network. Functions of each section:]*** **1. Access Layer** - **Purpose**: Connects end devices like computers, printers, and other peripherals to the network. - **Function**: Provides users access to the network, typically found within LA...
STUDY GUIDE\ ***[All Sections of the backbone network. Functions of each section:]*** **1. Access Layer** - **Purpose**: Connects end devices like computers, printers, and other peripherals to the network. - **Function**: Provides users access to the network, typically found within LANs connected to the backbone. **2. Distribution Layer** - **Purpose**: Aggregates data from the access layer and connects to the core layer. - **Function**: Acts as an intermediary layer that helps manage traffic flow, ensuring that data packets move efficiently and securely between the access and core layers. **3. Core Layer** - **Purpose**: The backbone's main layer, often connecting multiple distribution layers across large networks or buildings. - **Function**: Provides high-speed data transmission across long distances, acting as the "core" pathway for network traffic. This layer ensures minimal latency and maximum data throughput. ***[All Sections of Wide Area Network. Three major WAN service types:]*** **Sections of a Wide Area Network (WAN)** 1. **Customer Premises Equipment (CPE)**: - **Purpose**: Equipment owned by the user located on the user's site. - **Function**: Connects to the WAN provider's network and typically includes routers, modems, and other network devices. 2. **Access Links**: - **Purpose**: Provide connectivity between the CPE and the WAN provider's central office. - **Function**: Transfers data from the customer's equipment to the WAN provider's network, acting as a bridge to the broader WAN network. 3. **Network Core**: - **Purpose**: The main infrastructure of the WAN that spans large distances. - **Function**: Manages long-distance data transmission between multiple access points, ensuring connectivity across cities, countries, or even continents. **Three Major WAN Service Types** 1. **Dedicated-Circuit Networks**: - Provides private, point-to-point connections, often leased and dedicated to a single customer. - **Advantages**: High security, reliable, consistent speeds. - **Examples**: T1, T3 lines, and leased fiber connections. 2. **Packet-Switched Networks**: - Allows data to be broken into packets and shared over a public or private network infrastructure. - **Advantages**: Cost-effective and flexible. - **Examples**: Frame Relay, MPLS, and Ethernet WAN services. 3. **Virtual Private Networks (VPNs)**: - Uses the public internet to provide a secure, encrypted connection as if on a private network. - **Advantages**: Low cost, available over any internet connection. - **Examples**: VPN services using IPsec or SSL encryption methods. ***[Compare different typologies (advantages and disadvantages):]*** **1. Bus Topology** - **Description**: All devices are connected to a single central cable, known as the \"bus.\" - **Advantages**: - Cost-effective and easy to set up for small networks. - Requires less cable than other topologies. - **Disadvantages**: - Performance decreases as more devices are added. - A break in the main cable can bring down the entire network. - Limited to smaller networks due to signal degradation over distance. **2. Star Topology** - **Description**: All devices connect to a central hub or switch. - **Advantages**: - Easy to set up and manage; if one device fails, it doesn't affect the others. - Simple to add or remove devices. - Centralized management through the hub or switch. - **Disadvantages**: - If the central hub or switch fails, the entire network goes down. - Can be more expensive due to the cost of the central hub and additional cabling. **3. Ring Topology** - **Description**: Each device is connected to two other devices, forming a closed loop. - **Advantages**: - Data travels in one direction, reducing collisions. - Good for networks with predictable traffic patterns. - **Disadvantages**: - If one device or connection fails, it can disrupt the entire network. - More difficult to troubleshoot and expand compared to star topology. **4. Mesh Topology** - **Description**: Each device is connected to multiple other devices. - **Advantages**: - Very reliable; even if one connection fails, there are multiple other paths for data to travel. - High redundancy, making it suitable for critical applications. - **Disadvantages**: - Expensive and complex to set up due to extensive cabling. - Harder to manage and maintain with a large number of connections. **5. Hybrid Topology** - **Description**: Combines elements of multiple topologies (e.g., star-bus, star-ring). - **Advantages**: - Flexible and scalable; can adapt to different needs and network sizes. - Can leverage the strengths of each topology type. - **Disadvantages**: - Complex to design and manage. - Can be costly, depending on the combinations used. These topologies are chosen based on the network\'s specific needs, including size, budget, reliability, and ease of maintenance. ***[\ Differences among, Gateway, Router, Switch, and L3 Switch:]*** Here's a breakdown of the differences among **Gateway, Router, Switch, and L3 Switch**: **1. Gateway** - **Function**: Connects different networks that use different protocols (e.g., connects a LAN to the Internet). - **Layer**: Operates at multiple layers (often at the application layer for protocol translation). - **Role**: Translates data between incompatible networks (e.g., converting from TCP/IP to AppleTalk). - **Example**: Often used in enterprise environments to connect two distinct network types. **2. Router** - **Function**: Forwards data packets between different networks based on IP addresses. - **Layer**: Operates at the Network Layer (Layer 3) of the OSI model. - **Role**: Directs traffic, determines the best route for data packets across interconnected networks (like LANs and WANs). - **Example**: Home router connects your home network to your Internet Service Provider (ISP). **3. Switch** - **Function**: Connects devices within a single network, forwarding data based on MAC addresses. - **Layer**: Operates at the Data Link Layer (Layer 2) of the OSI model. - **Role**: Transmits data within a LAN, sending packets only to the specific device intended rather than the entire network. - **Example**: Used in office LANs to connect computers, printers, and other devices locally. **4. Layer 3 (L3) Switch** - **Function**: Combines features of both routers and switches, capable of routing and switching within a network. - **Layer**: Operates at both the Data Link Layer (Layer 2) and Network Layer (Layer 3). - **Role**: Routes traffic within a LAN or between VLANs (Virtual LANs) without needing a traditional router, making it ideal for large LANs with high-speed inter-VLAN routing. - **Example**: Used in complex networks where multiple VLANs are needed for segmentation and security. In summary: - **Gateway** translates across different network protocols. - **Router** forwards data between networks using IP addresses. - **Switch** connects devices within a LAN based on MAC addresses. - **L3 Switch** can switch at Layer 2 and route at Layer 3, providing faster internal routing for larger networks with VLANs. ***[\ DSL and the network type we use DSL:]*** **DSL (Digital Subscriber Line)** is a type of high-speed Internet connection that uses existing telephone lines to transmit data. It is commonly offered by telecom providers and is ideal for residential and small business use. Here are some key points: **What is DSL?** - **Definition**: DSL is a broadband technology that provides high-speed Internet access over standard copper telephone lines. - **Channels**: It splits the line into different channels for voice, downstream, and upstream data, allowing simultaneous Internet and phone service without interference. - **Types of DSL**: - **ADSL (Asymmetric DSL)**: Provides higher download speeds than upload speeds, making it suitable for typical Internet usage (e.g., browsing, streaming). - **VDSL (Very-high-bitrate DSL)**: A faster version of DSL, often used in areas with fiber optic connections up to the neighborhood node. **Network Type Where DSL is Used** - **Point-to-Point Network**: DSL connections are typically point-to-point, providing a direct connection from the user's premises to the DSL provider's central office. - **Use Case**: Commonly used in home and small business networks where dedicated high-speed access is needed. - **Limitations**: DSL speeds decrease with distance from the provider\'s central office, making it best suited for users within a few miles of the DSL source. In summary, DSL is a reliable, point-to-point broadband connection for areas served by telephone providers, commonly used for residential and small business Internet needs where dedicated lines are available. ***[\ Essentials of network security. Primary Goals in Network Security:]*** **Essentials of Network Security** 1. **Access Control**: Ensuring only authorized users and devices can access the network. 2. **Firewalls and Intrusion Prevention**: Blocking unauthorized traffic and identifying potential threats. 3. **Encryption**: Securing data in transit to prevent unauthorized access. 4. **Antivirus and Malware Protection**: Protecting against malicious software that can compromise network integrity. 5. **Regular Updates and Patches**: Keeping systems secure by fixing known vulnerabilities. **Primary Goals in Network Security** 1. **Confidentiality**: Ensuring data is accessible only to those authorized to view it. 2. **Integrity**: Protecting data from being altered or corrupted. 3. **Availability**: Making sure that network resources are available to authorized users when needed (often referred to as the CIA Triad). ***[\ Functions of Network Operating System:]*** **Functions of a Network Operating System (NOS)** 1. **File and Resource Sharing**: Allows multiple users to access shared files, printers, and resources over the network. 2. **User Management**: Manages user accounts and permissions to control who can access different parts of the network. 3. **Security and Access Control**: Implements security measures, such as authentication and access restrictions, to protect network resources. 4. **Data Backup and Recovery**: Facilitates regular data backups and offers recovery options to prevent data loss. 5. **Network Monitoring and Diagnostics**: Provides tools for monitoring network performance, detecting issues, and diagnosing network problems. 6. **Communication Services**: Supports communication protocols and services, like email and messaging, across the network. ***[\ Functions of repeaters and amplifiers in the networks:]*** **Functions of Repeaters and Amplifiers** - **Repeaters**: - **Function**: Extend the range of a network by regenerating and retransmitting signals. - **Use Case**: Used in long-distance data transmission to counteract signal degradation over distances, especially in wired networks like Ethernet. - **Amplifiers**: - **Function**: Boost the strength of a signal without necessarily regenerating it. - **Use Case**: Commonly used in analog networks (like older radio networks) to increase signal strength but also amplify any noise present in the signal. ***[\ LAN and its all components :]*** **Local Area Network (LAN)** A LAN is a network that connects devices within a limited area, such as a home, office, or building. **Key Components of a LAN:** 1. **Clients**: Devices (e.g., computers, smartphones) that access and use network resources. 2. **Servers**: Systems that provide resources, data, and services to clients (e.g., file servers, email servers). 3. **Network Interface Cards (NICs)**: Hardware in each device that enables network connectivity. 4. **Network Cables**: Physical cables (e.g., Ethernet) used to connect devices in a wired LAN. 5. **Switches**: Devices that connect multiple devices within a LAN, forwarding data to its specific destination. 6. **Routers**: Connects the LAN to external networks, such as the Internet. 7. **Wireless Access Points (WAPs)**: Enable wireless connectivity for devices within the LAN. 8. **Network Operating System (NOS)**: Software that manages network resources and user permissions, enabling communication among devices. ***[\ The difference between the Internet, and dedicated networks:]*** **Difference Between the Internet and Dedicated Networks** 1. **Internet**: - **Type**: Public network. - **Access**: Accessible to anyone with an internet connection. - **Security**: Generally less secure; requires additional security measures, like VPNs and firewalls, to protect data. - **Usage**: Commonly used for general browsing, email, and cloud services that are available to the public. 2. **Dedicated Networks**: - **Type**: Private network. - **Access**: Restricted to specific users or organizations, not publicly accessible. - **Security**: Offers a higher level of security as access is controlled and limited to authorized users. - **Usage**: Used for sensitive applications, secure business communication, and data transfers within or between specific locations of an organization. ***[\ Types of security threats. And, the counter-measures against the security threats:]*** **Types of Security Threats** 1. **Malware (Malicious Software)**: - Includes viruses, worms, trojans, ransomware, and spyware. - **Counter-measures**: Use antivirus software, conduct regular scans, and avoid downloading suspicious files. 2. **Phishing**: - Fraudulent attempts to obtain sensitive information by pretending to be a trustworthy entity. - **Counter-measures**: Educate users, use email filters, and verify suspicious messages. 3. **Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks**: - Overloads the network or server, making it unavailable to users. - **Counter-measures**: Implement firewalls, use traffic filtering, and have an incident response plan. 4. **Man-in-the-Middle (MitM) Attacks**: - Attackers intercept communications between two parties to steal or alter data. - **Counter-measures**: Use encryption (e.g., SSL/TLS) and secure VPN connections. 5. **Insider Threats**: - Risks from employees or contractors with access to sensitive information. - **Counter-measures**: Limit access based on roles, monitor user activity, and implement strong security policies. 6. **Password Attacks**: - Includes brute force attacks, dictionary attacks, and credential stuffing. - **Counter-measures**: Use strong passwords, implement multi-factor authentication (MFA), and encourage regular password changes. ***[\ What "Disk Mirroring" is? And, where and how you can use it?:]*** **What is Disk Mirroring?** - **Definition**: Disk mirroring is a data replication technique where identical copies of data are written to two or more drives simultaneously. This setup is also known as RAID 1 (Redundant Array of Independent Disks, Level 1). - **Purpose**: It ensures data redundancy and improves data reliability since a copy of the data is available on another disk if one disk fails. **Where and How to Use Disk Mirroring** - **Where**: Disk mirroring is used in environments that require high data availability, such as databases, financial systems, or any critical applications where data loss is unacceptable. - **How**: It's implemented by setting up RAID 1 on a server or a storage system, where two disks are configured to store identical copies of data. If one disk fails, the system continues to operate using the data on the other disk, ensuring no downtime. ***[\ What is Encryption? When & why it is needed? Type of Encryption methods:]*** The modules did not contain specific details on \"Encryption.\" Here's a summary based on common encryption principles: **What is Encryption?** - **Definition**: Encryption is the process of converting readable data (plaintext) into an unreadable format (ciphertext) to protect its confidentiality. Only authorized users with the decryption key can convert it back to readable form. **When and Why Encryption is Needed** - **When**: Encryption is used whenever sensitive data is stored or transmitted, especially over networks. - **Why**: It ensures data confidentiality, protects against unauthorized access, and secures information in case of data breaches. **Types of Encryption Methods** 1. **Symmetric Encryption**: - Uses a single key for both encryption and decryption. - **Example**: AES (Advanced Encryption Standard). - **Use Case**: Faster encryption, suitable for securing large amounts of data when both sender and receiver can share the key securely. 2. **Asymmetric Encryption**: - Uses a public key for encryption and a private key for decryption. - **Example**: RSA (Rivest-Shamir-Adleman). - **Use Case**: Ideal for secure data exchange over the Internet where sharing a private key isn't feasible. 3. **Hashing**: - Converts data into a fixed-size hash value, which is not meant to be decrypted. - **Example**: SHA-256. - **Use Case**: Verifying data integrity, commonly used in password storage. ***[\ What is VLAN and its requirements?:]*** **What is a VLAN?** - **Definition**: A VLAN (Virtual Local Area Network) is a logical segmentation of a physical network that allows devices on different LAN segments to communicate as if they were on the same physical network. - **Purpose**: VLANs improve network performance, security, and manageability by isolating network traffic based on logical grouping, rather than physical location. **Requirements for VLAN Setup** 1. **VLAN-Capable Switch**: Switches must support VLAN functionality (often Layer 2 or Layer 3 switches). 2. **Configuration Interface**: Access to network management tools or command-line interface (CLI) to define VLANs and assign ports. 3. **Tagged and Untagged Ports**: - **Tagged Ports**: Used to carry traffic for multiple VLANs between switches (often referred to as \"trunk ports\"). - **Untagged Ports**: Assigned to specific VLANs, connecting directly to end devices. 4. **VLAN IDs**: Unique identifiers to differentiate VLANs within the network. ***[\ What is VPN and its requirements?:]*** The modules did not include specific details on \"VPN and its requirements.\" Here's a summary based on standard VPN knowledge: **What is a VPN?** - **Definition**: A VPN (Virtual Private Network) creates a secure, encrypted connection over a less secure network, such as the Internet, allowing remote users to access private networks as if they were physically present. - **Purpose**: VPNs protect data privacy and ensure secure access to network resources, often used by businesses for remote work and secure communications. **Requirements for Setting Up a VPN** 1. **VPN Server**: A central server that manages VPN connections, which can be located in the company's data center or hosted by a third-party provider. 2. **VPN Client Software**: Installed on devices (e.g., computers, smartphones) to connect to the VPN server. Examples include OpenVPN and built-in clients in operating systems. 3. **Encryption Protocols**: - Common protocols include IPsec (Internet Protocol Security) and SSL/TLS, which secure the data transmitted over the VPN. 4. **Authentication**: Ensures only authorized users can access the VPN, often using methods like passwords, digital certificates, or multi-factor authentication (MFA). 5. **Network Access Control**: Policies defining which network resources users can access over the VPN.