Computer Networking Technology PDF

Summary

This document provides an introduction to computer networking technology. It covers topics such as possible jobs in networking, day one notes, common networking terms, and the OSI model. The document also touches upon important elements of network design and configuration in a SOHO setting.

Full Transcript

ITCTA:
======

Computer Networking Technology:

### Possible jobs:

1. Management of network infrastructure (such as servers)

2. Hosting networking servers

3. Maintenance of network infrastructure

4. Configuration of network infrastructure within other companies

5. Installation of network infrastructures

6. IT technician

7. Network administrator

8. Network security

DAY ONE NOTES:
--------------

\- The connection of two or more computers to one another in order to
share data and communicate with one another

\- media to transfer data such as wireless (frequency based), LAN, cloud
services, direct link via cable, etc

OSI model????

**WEEK 1:**

Notes 1.1:
----------

### Introduction to Computer Networks:

-Consists of two or more computers that are linked in order to share
resources, exchange files, or allow electronic communications

-may be linked through wired or wireless media

-a resource is anything that a person on one computer may want to access
on a different computer

### Computer Networks Today:

-Among all of the essentials for human existence, the need to interact
with other rank just below our need to sustain life

-Communication is also important to us as out reliance on air, water,
food and shelter

-The creation and interconnection of robust data networks has had a
profound impact on communication and has become the new platform on
which modern communications occur

-Networks are helping to create a world in which national borders,
geographic locations distances, and physical limitations become less
relevant

-Networks have changed the way people work, the way we learn, the way we
play, the way we communicate and the way we work

### Common Networking Terms:

**Node:** A single device such as a computer, server or printer that is
connected to a network. It might be called a station on a wireless
network, and it typically used by end users on a regular basis

**A Host:** is a node or another device such as a router that is
assigned a unique TCP/IP network address that enables it to communicate
with other hosts connected to the network

**Transmission:** is the process of transmitting data signals or the
progress of those data signals after having been transmitted

**Wireless (unbound or unguided) transmission:** media involve sending
data over the air using radio, microwave or infrared signals between
nodes

**Wired (bound or guided) transmission media:** Involve sending data
through a cable using light or electrical signals between nodes (between
computers)

**Transmission media:** The communication pathways that carry the data
signals between devices

**Internetwork device:** A device such as a switch or wireless access
point that connects nodes to each other and to the local network

**A network is broken up (segmented):** to cope with the restrictions
placed on the media by standards and to improve network performance and
security

**Segment:** A part of the network, a single length of cable, or more
technically, an electrical connection between devices that share a
communication pathway, such as cable between a computer and a switch

**Data communications:** The transfer of data using analogue or digital
signals

**Backbone:** The fast link that connects segments and shared devices on
a LAN. Also created between LANs, between WANs, and between networks and
the internet by internetwork devices

**Link:** An active connection created over media between devices

Notes 2.1:
----------

### Compare and Contrast OSI Model Layers AND Configuring SOHO Networks:

- Networks are built on common standards and models that describe how
devices and protocols interconnect

- OSI model breaks the data communication process into discrete
layers. Being able to identify the OSI layers and compare the
functions and protocols working at each layer will help you to
implement and troubleshoot networks

### Open Systems Interconnection Model (OSI model):

- The International Organization for Standardization (ISO) developed
Open Systems Interconnection (OSI) reference model to promote
understanding of how components in a network system work

- It does this by separating the function of hardware and software
components to seven discrete layers

- Each layer performs a different group of tasks required for network
communication

### Configure SOHO Networks:

- OSI model involves quite a lot of abstraction. As a practical
example, it is worth examining how a basic network implemented. Will
see the connection and configuration options for components within a
typical Small Office/Home Office (SOHO) router

- SOHO Routers Networks of different sizes are classified in different
ways. A network in a single location is often described as a local
area network (LAN). This definition encompasses many different sizes
of networks with widely varying functions and capabilities

- Includes both residential networks with a couple of computers, and
enterprise networks with hundreds of servers and thousands of
workstations

- SOHO is a category of LAN with a small number of computing hosts
that typically rely on a single integrated appliance for local and
internet connectivity

- Networks such as internet that are located in different geographic
regions but with shared links are called wide area networks (WANs)\\

- The intermediate system powering SOHO networks is usually described
as a SOHO router because one of its primary functions is to forward
traffic between LAN and WAN

- However, routing is actually just one of its functions. We can use
the OSI model to analyse each of these in turn

**PHYSICAL LAYER FUNCTIONS:**

- Staring at layer 1, the SOHO router provides the following physical
connections. A number of RJ-45 ports (typically four) to connect to
a local cabled network. These are typically labelled as the LAN
ports. Radi antennas are used to transmit and receive wireless
signals

- 

Notes 3.1:
----------

### Summarize Ethernet Standards:

- Ethernet dominates the wired LAN product market. Its popularity is
largely based on its ease of installation and upgradability

- Large and small networks use Ethernet technology to provide both
backbone and end-user services

- Due to the wide deployment of Ethernet today, you will undoubtedly
be required to manage and troubleshoot Ethernet networks

### Network Data Transmissions:

- All networks use electromagnetic radiation of one type or another.
Electromagnetic radiation means transmitting signals as electric
current, infrared light, or radio waves

- Electromagnetic radiation forms a carrier wave with a given
bandwidth or range of frequencies

- A signal is transmitted over the wave by modulation and encoding
schemes

- One example of encoding is transitioning between low and high
voltage states in an electrical circuit, making use of a
characteristic of the wave called amplitude

**Ethernet Standards:**

- Provides assurance that network cabling will meet the bandwidth
requirements of applications

- The standards specify the bit rate that should be achieved over
different types of media up to the supported distance limitations

**Media Access Control and Collision Domains:**

- Media Access Control (MAC) refers to the methods a network
technology uses to determine when nodes can communicate on shared
media and to deal with possible problems, such as two devices
attempting to communicate simultaneously

**100BASE-TX Fast Ethernet Standard:**

- The fast Ethernet standard uses the same CSMA/CD protocol as
10BASE-T but with higher frequency signalling and improved encoding
methods, raised the bit rate from 10 Mbps to 100 Mbps

- 100BASE-TX refers to fast ethernet working over Cat 5 twisted pair
copper cable with a maximum supported link length of 100 meters

**Gigabit Ethernet Standards:**

- Builds on the standards defined for Ethernet and Fast Ethernet to
implement rates of 1000 Mbps

- Over copper wire, Gigabit Ethernet is specified as 1000BASE-T,
working over Cat 5e or better

- Gigabit Ethernet does not support hubs, it is implemented only using
switches

Notes 4.1:
----------

Summarize Copper and Fibre Cabling Types:
-----------------------------------------

### Copper Cable Types:

**Unshielded Twisted Pair Cable Considerations:**

- Twisted pair is a type of copper cable that has been extensively
used for telephone systems and data networks

- One pair is insulated wires twisted together forms a balanced pair

- The pair carry the same signal but with different polarity, one wire
is positive, and the other is negative

- Allows the receiver to distinguish the signal from any noise more
strongly when the cable is completed

**Shielded and Screened Twisted Pair Cable Considerations:**

- Shielded cable is less susceptible to interference and crosstalk

- This type of cable is required for some Ethernet standards and may
also be a requirement in environments with high levels of
interference

- Shielded cable can be referred to generically as shielded twisted
pair (STP)

**Cat Cable Standards:**

- Twisted pair copper cabling uses Registered Jack (RJ) connectors for
the physical interface. There are many different types of RJ
connectors, identified by numbers

- Each conductor in a 4-pair data cable is color-coded. Each pair is
assigned a colour (Blue, Orange, Green or Brown)

- The first conductor in each pair has a predominantly white insulator
with strips of the colour, the second conductor has an insulator
with the solid colour

### Fibre Cabling Types:

**Fibre Optic Cable Considerations:**

- The electric signals carried over copper wire are subject to
interference and attenuation

- Fibre optic signalling uses pulses of infrared light, which are not
susceptible to interference, cannot easily be intercepted, and
suffer less attenuation

- Consequently, fibre optic cabling supports higher bandwidth over
longer cable runs (that can be measured in kilometres, rather than
meters)

**Fibre Optics Types:**

**Single Mode Fibre (SMF):** has a small core (8-10 microns) and a long
wavelength, near-infrared (1310 nm or 1550 nm) light signal, generated
by a laser

Single-mode Cables support data rates up to 100 Gbps and cable runs of
many kilometers, depending on the cable quality and optics

There are two grades of SMF cable, OS1 is designed for indoor use, while
OS2 is for outdoor deployment

**Multimode Fibre (MMF):** has a larger core (62.5 or 50 microns) and
shorter wavelength light (850 nm or 1300 nm) transmitted in multiple
waves of varying lengths

MMF uses less expensive optics and consequently is less expensive to
deploy than SMF

However, it does not support such high signalling speeds or long
distances as single mode and so is more suitable for LANs than WANs

**Fibre Optic Connector Types:**

- Straight Tip

- Mechanical Transfer Registered Jack

**Fibre Ethernet Standards:**

- Ethernet standards over fibre set out the use
of different cable types for 100 Mbps, 1 Gbps and 10 Gbps operation

**Finishing Type:**

The core of a fibre optic connector is a ceramic or plastic ferrule that
holds the glass strand and ensures continuous reception of the light
signals. The tip of the ferrule can be finished in one or three formats

- Physical Contact (PC)

- Ultra Physical Contact (UPC)

- Angled Physical Contact (APC)

Notes 5.1:
----------

### Ethernet Cabling:

The network industry has developed a standard model for deploying a
structured cabling system. The model is adaptable to both small and
large networks

How a distribution system can provision network access throughout a
building or site

### Structured Cabling System:

Wall Area:

Horizontal Cabling: is so-called because it
typically consists of the cabling for a single floor and so is made up
of cables run horizontally through wall ducts or ceiling spaces

### Cable Management:

Cable management techniques and tools ensure that cabling is reliable
and easy to maintain. Copper wiring is terminated using a distribution
frame or punch down block

**A punch-down block** comprises a large number of
insulation-displacement connection (IDC) terminals. Below are major
punch-down block and IDC formats:

- 66 block

- 110 block

- Bix and Krone Distribution Frames

- Patch Panel/Patch Bay

**Wiring Tools and Techniques:**

Some of the tools used in structured cabling:

- Electrician's scissors (snips)

- Cable stripper

- Punch-down tool

- Cable crimper

### Fibre Distribution Panels and Fusion Splicing:

- Permanent cables are run through conduit-to-wall ports at the client
access end and a fibre distribution panel at the switch end

- Fibre patch cables are used to complete the link from the wall port
to the NIC and from the patch panel to the switch port

- The fibre distribution panel is shown on the diagram below

### Transceivers:

- A transceiver is used when different cable types to convert from one
cable type to another for example from fibre to ethernet or vica
versa

- Gigabit Interface Converter (GBIC)

- Small Form Factor Pluggable (SFP)

- Quad Small Form Factor Pluggable (QSFP)

### Wavelength Division Multiplexing:

Means of using a strand of transmit and/or receive more than one channel
at a time

Can be classified into:

- Bidirectional Wavelength Division Multiplexing

- Coarse and Dense Wavelength Division Multiplexing

Week 3:
-------

### Notes 6.1:

### Deploying Ethernet Switching and Troubleshooting Networks:

### Deploying Network Devices:

- Most networks use intermediate systems to reduce cabling costs and
complexity

#### Physical Layer Devices:

1. **Repeater:** overcomes the distance limitation by boosting the
signal at some point along the cable run (works only at the physical
layer)

2. **Hub:** acts like a multiport repeater so that every port receives
transmissions sent from any other port (works only at the physical
layer)

3. **Media Converter:** used to transition from one cable type to
another, like VGA to HDMI connector (works only at the physical
layer)

- Single mode fibre to twisted pair fibre

- Multimode fibre to twisted pair

#### Data Link Layer Devices:

1. **Bridge:** works at the data link layer to establish separate
physical network segments while keeping all nodes in the same
logical network, this reduces the number of collisions caused by
having to many nodes contending for access

2. **Ethernet Layer 2 Switch:** performs the same sort of function as a
bridge, but in a more granular way and for many more ports that are
supported by bridges. Each switch port is a separate collision
domain

#### Network Interfaces:

- A network interface is the means by which a node is connected to the
media and exchanges data with other network hosts (example is a
Wi-Fi adapter)

**Network Interface Cards (NIC)-** Provides a network interface between
the transmission medium (like ethernet) and the node (A computer). Most
ethernet adapters are designed for use with copper cabling of
10/100/1000 operation, meaning that they support Gigabit Ethernet

Each Ethernet network interface port has a unique hardware address known
as the Media Access Control (MAC) address

**Ethernet Frame Format:**

- Ethernet encapsulates the payload from higher layer protocols within
a protocol data unit (PDU)

- The basic format of an Ethernet frame and Ethernet headers is shown
in the following figure

**Protocol Analysers and Packet Sniffers:**

- **Protocol Analyser:** used form the inspection of traffic received
by a host or passing over a network link

- **Packet Sniffer:** used to capture frames moving over the network
medium (for example Wireshark)

### Notes 7.1:

#### Network Troubleshooting Methodology:

- A troubleshooting model provides tried and tested guidelines on
which to base your techniques and approach to solving network
problems and contains 7 steps

1. **Identify the Problem:**

- Gather information

- Duplicate the problem if possible

- Question users

- Identify symptoms

- Determine if anything has changed

- Approach multiple problems individually

2. **Establish a Theory of Probable Cause:**

- Question the obvious

- Consider multiple approaches

- Top-to-Bottom/Bottom-to-Top OSI model

- Divide and Conquer

3. **Test the Theory to Determine Cause:**

- Once theory is confirmed, determine next steps to resolve problem

- If theory is not confirmed, reestablish new theory or escalate

4. **Establish a plan of action to resolve the problem and identify
potential effects**

5. **Implement the solution or escalate as necessary**

6. **Verify full system functionality, and if applicable, implement
preventative measures**

7. **Document findings, actions and outcomes**

### Notes 8.1:

#### Troubleshooting common cable connectivity problems:

- Applying a layer-by-layer approach to network troubleshooting can
greatly assist with isolating symptoms and causes

#### Specifications and Limitations:

- When troubleshooting a link, compare expected performance with
actual performance

- To do this, you must understand how to assess and distinguish
**speed, throughput, and distance specifications and limitations**

- **Speed:** The expected performance of a link that has been properly
installed to operate at 10 Mbps, 100 Mbps, 1 Gbps, or better

- **Throughput:** An average data transfer rate achieved over a period
of time excluding encoding schemes, errors and other losses incurred
at the physical and data link layers

- **Attenuation:** Is the loss of signal strength, expressed in
decibels (dB). dB expresses the ratio between two measurements, in
this case, signal strength at origin and signal strength at
destination

- **Noise:** Is anything that gets transmitted within or close to the
channel that isn't the intended signal

A **cable tester** reports detailed info on the physical and electrical
properties of the cable, it can test and report on cable conditions,
crosstalk, attenuation, noise and other characteristics of a cable run

**Attenuation and Interference Issues:**

- If a cable link is too long, decibel loss may mean that the link
experiences problems with high error rates and retransmissions
(frame or packet loss) which results in reduced speeds and possibly
loss of connectivity

- Another issue to look out for is **Electromagnetic Interference
(EMI)**

**Crosstalk** usually indicates a problem with bad wiring, a bad
connector, or improper termination

**Patch cord Form factor types:**

- Straight Through

- Crossover

**Rollover Cable/Console Cable:**

- A Console cable is used to connect a PC, or laptop to the command
line terminal of a switch or router

**Power over Ethernet:**

- Cat 3 or better is required to support PoE, while PoE+ must be Cat
5e or better. Drawing power down the cable generates more heat

**Fiber Optic Cable Testing Tools:**

1. Optical time domain reflectometer (OTDR)\\

2. Optical spectrum analyser (OSA)

Week 4:
-------

### IP Addressing Schemes:

### Notes 10.1:

#### IP Addressing:

- Addressing techniques function at the OSI model's Data Link, Network
Transport, and Application level to allow one host or node to locate
another on a network

- **Data Link Layer MAC Address:** Every NIC has a unique MAC address.
A 48-bit MAC address is six hex digits separated by colons, like
00:60:8C:00:54:99. MAC addresses let LAN node communicate

- **Network Layer IP Address:** An IP address is issues to practically
every network interface, or node connection. If a computer's IP
address is public on the internet, it may be found. Browsers save
and retrieve IP addresses. A Network Layer IP address is used for
routing

**Two IP addresses exist:**

1. IPv4 addresses: contain 32 bits and are expressed as four decimal
octets, each binary octet has 8 bits

2. IPv6 addresses: contain 128 bits and are represented as eight
hexadecimal blocks

#### Ports and Sockets:

- A port is a number that is allocated to a process that may receive
data, such as an application or a service.

- An IP address is used to locate a computer, while a port is used to
locate a process running on that machine

- TCP and UDP ports guarantee that data is sent to the proper process
among the many that are operating on the computer

- When comparing network addressing to the postal service's addressing
system, and comparing a host's IP address to the address of a
building, a port is analogous to an apartment number inside that
building

- A socket is made up of a host's IP address and a process's TCP or
UDP port, separated by a colon. TCP 23 is the standard port for the
Telnet service

#### Troubleshooting Address Problems:

- **Troubleshooting Tools:** Command-line tools are an excellent
method to peek "under the hood". Ping, ipconfig (windows), ifconfig
(Linux), lookup, and dig are some of the most useful utilities
(Linux)

1. **Ping:** Packet Internet Groper is used to ensure that TCP/IP is
installed, bound to the NIC, appropriately configured, and talking
with the network

- The ping software begins by sending an echo request to another
computer, which is just a request for a response. The second
computer then answers to the request with an echo reply

- The echo request and echo reply employ ICMP (Internet Control
Message Protocol), a lightweight protocol intended to transport
error messages and network information

2. **Ipconfig:** On a Windows machine, the ipconfig command displays
current TCP/IP addressing and domain name information. You may also
adjust some of these parameters using ipconfig

#### Subnet Masks:

- The relative sizes of the network and host portions determine how
many networks and hosts per network an addressing scheme can support

- The conventional addressing technique has IP addresses with two
hierarchical levels, namely the network ID and host ID

- Subnet addressing has three hierarchical levels: a network ID,
subnet ID and host ID as shown on the diagram below

- To create logical subnets, bits from the host portion of the IP
address must be allocated must be allocated as a subnetwork address,
rather than part of the host ID

##### Addressing:

#### Layer 2 vs Layer 3 Addressing and Forwarding:

- When designing or supporting an IP network, it is important to
understand how the logical addressing scheme of network, subnet, and
host IDs at the network layer maps to forwarding at the data link
layer

- Forwarding at layer 3 is referred to as routing, while forwarding at
layer 2 is described as switching

**IPv4 Default Gateways:**

When two hosts attempt to communicate via IPv4, the protocol compares
the source and destination address in each packet against the subnet
mask

- If the destination IPv4 address is on the same IP network and tries
to deliver the packet locally

- If the masked portion does not match, as in following figure, IP
assumes the packet must be routed to another IP network

**(IP network = a group of computers connected via their IP
addresses)**

**Address Resolution Protocol (ARP) --** used to resolve IP addresses to
a hardware address

#### Addressing Methods:

Addressing a message refers deciding to which destination a source needs
to communicate with

The relevant addressing methods are:

1. Multicast addressing

2. Unicast addressing

3. Broadcast addressing

4. Anycast addressing

### Notes 11.1:

### Configuring IP networks and Subnets:

Organisations with large networks need to divide those networks up into
smaller segments to improve performance and security

A network segment is represented at the Network layer by a subnet

#### Virtual LANs and Subnets:

**VLANs:**

Refers to group of computing devices that are connected to the same
network but are not physically near each other

Allows for more efficient use of network resources and can be helpful to
improve the performance of computer networks

Using VLANs means that different groups of computers on the same cabling
and attached to the same switches can appear to be in separate LAN
segments

Each VLAN is a separate broadcast domain

**A Classful Addressing:**

Classful addressing allocates a network ID based
on the first octet of the IP address. Classful addressing is illustrated
on the diagram below

Is also important because it established some IP address ranges that
cannot be used for ordinary host addressing or for addressing over the
Internet

A **Public IP** address is one that can establish a connection with
other public IP networks and hosts over the internet

**Private IP addresses** can be drawn from one of the pools of addresses
defined in RFC 1918 as non-routable over the internet

#### IPv4 Address Scheme Design:

The following factors must be considered when planning an IPv4 network
addressing scheme:

1. The number of IP networks and subnetworks required

2. The number of hosts per subnet that must be supported

3. The network ID must be from a valid public or a private range (not
from the loopback, link local reserved range, multicast range, or
reserved/experimental range, for instance)

4. The network and/or host IDs cannot be all 1s in binary- this is
reserved for broadcasts

5. The network and/or host ID cannot be all 0s in binary; 0 means "this
network"

6. Each host ID must be unique on the IP network or subnet

7. The network ID must be unique on the internet (if you are using a
public addressing scheme) or on your internal system of
internetworks (If you are using a private addressing scheme)

Week 5:
-------

### Config and Troubleshooting IP networks and Routing Concepts:

### Notes 13.1:

#### Config and Troubleshooting IP networks and Routing Concepts:

Command line tools help you get information about how your systems are
configured and how data is transferred over an IP network

When used for troubleshooting, these utilities can provide information
about communication issues and their causes

#### Use Appropriate Tools to Test IP Configuration:

**Ipconfig:**

- Ifconfig and ipconfig are used in Linux environments

- **ARP Cache Utility**

**Internet Control Message Protocol (ICMP) and Ping:**

ICMP is used to report errors and send messages about the delivery of a
packet. ICMP messages are generated under error conditions in most types
of unicast traffic, but not for broadcast or multicast packets2

- The ping utility sends a configurable number and size of ICMP
requests packets to a destination host

- **Ping** is implemented on both Windows and Linux hosts. Ping can be
used to perform a basic connectivity test that is not dependent on
the target host running any higher-level applications or services

#### Troubleshoot IP Networks:

- When troubleshooting networks, it is advisable to eliminate physical
hardware failure and Data Link layer issues first before diagnosing
a Network layer issues and above

**The following are some of the issues to look out at when
troubleshooting networks:**

- Power Failures

- Hardware Failure Issues

**Interface Status Issues:**

If you can isolate the issue to a single host and then rule out cable
and transceiver issues at the physical layer, remember data link
configuration might not be working. Use the LED status indicators and
switch's command line utility to check the interface status

Interface status commands will also report whether any collisions are
being generated by the switches

Other issues include IP config issues as a result of Incorrect IP
address, Incorrect Subnet Mask, DNS issues, duplicate IP and MAC Address
issues and Multicast Flooding issues

#### Routing Concepts:

The process of selecting a path across one or more networks. The
principles of routing can apply to any type of network, from telephone
networks to public transportation

#### Compare and Contrast Routing Concepts:

**Routing Table:** Is a table or database that stores the location of
routers based on their IP addresses. This table acts as an address map
to various networks, and is usually stored in the RAM of most routers or
forwarding devices

The following are the parameters found in a routing table:

- **Protocol** **=** Source of the route

- **Destination** **=** Routes can be defined to specific hosts but
are more generally directed to network IDs. Most specific
destination prefix (the longest mask) will be selected as the
forwarding path if there is more than one match

- **Interface** **=** The local interface to use to forward a packet
along the chosen route. This might be represented as the IP address
of the interface or as a layer 2 interface ID

- **Gateway/next hop =** The IP address of the next router along the
path to the destination

Week 6: Organizational and Physical Security Concepts
-----------------------------------------------------

### Notes 16.1:

### Explaining Organizational and Physical Security Concepts:

- The cabling, switches, routers, security appliances, servers, and
clients that make up a local network must all be located within a
company premise.

- Managing the company premises so that the network is highly
available and secure involves creating policies and best practices,
supported by documentation

### Security Polices:

Establishes a duty for each employee to ensure that confidentiality,
integrity and availability of any data assets or processing systems that
they use as part of their job.

This overall security policy will be supplemented by numerous
operational policies to govern specific areas of activity or
configuration

Human Resources (HR) is the department given the task of recruiting and
managing the organizations most valuable and critical resource: people.

One function of HR is to communicate security policies to employees,
including any updates to the policies

HR department conducts onboarding and off boarding of employees

IT POLICIES INCLUDE:

1. Password Policy

2. Acceptable Use Policies

3. BYOD Policy

4. Remote Access Policy

5. Data Loss Prevention Policy

#### Common Agreements:

Used between a company and its employees and between companies to
enforce performance and security objectives. These include:

1. Service Level Agreement (SLA)

2. Non-Disclosure Agreement (NDA)

3. Memorandum of Understanding

### IT Documentation and Policies:

#### Operating Plans and Procedures:

Running an efficient network is not just about installing cabling and
network devices. The administration of the network in terms of
documentation and management is a critical task

These procedures include:

1. Configuration Management

2. Change Management

3. Standard Operating Procedures

#### System Life Cycle Plans and Procedures:

It is important for an organization to have a register of its tangible
and intangible assets. In terms of network management, assets include
network appliances (routers, switches, threat management devices, access
points), servers, workstations, and passive network infrastructure
(cabling and cross-connects)

The asset register include:

1. Audit reports

2. Assessment Reports

3. Physical Network Diagrams

4. Logical Network Diagrams

5. Rack Diagrams

#### Security Response Plans and Procedures:

Security response plans and procedures provides guidelines on what to do
when certain types of events occur. These plans attempt to anticipate
events so that impacts can be minimized.

These Plans include:

1. Incident Response Plan

2. Business Continuity Plan

3. Disaster Recovery Plan

### Physical Security Methods:

These are methods that prevents an intruder from gaining unauthorized
access, if they work effectively.

Where an area is controlled by being enclosed by walls or fencing,
access is channelled through defined points of entry, such as doors and
gates.

These include:

1. Access Control Hardware

2. Smart Lockers

3. Locking Cabinets

4. CCTVs

5. Assets tags

6. Alarm and tamper detection

### Internet of Things:

- A term used to describe the global network of personal devices, home
appliances, home control systems, vehicles, and other items that
have been equipped with sensors, software, and network connectivity.

Devices include:

1. Consumer-grade Smart Devices

2. Physical Access Control Systems and Smart Buildings

#### Industrial Control Systems/Supervisory Control and Data Acquisition:

Internet of Things and other embedded systems are used within many
sectors of industry, including energy generation and distribution,
mining and refining raw materials, fabrication and manufacturing, and
logistics (moving and delivering components and goods)

**Cellular Networks:**

A cellular network for IoT enables long-distance communication over the
same system that supports mobile smartphones

**Z-Wave:** a wireless communications protocol used primarily for home
automation. The **Z-Wave** alliance operates a certification program for
devices and software

**Zigbee:** similar use to **Z-Wave** and is an open-source competitor
technology to it. The **Zigbee** alliance operates certification
programs for its various technologies and standards

**Placement and Security:**

Placement issues for embedded and IoT systems are best considered by
dividing them into three principles groups:

1. Consumer-grade Devices

2. Smart Building Technology

3. Industrial Systems

### Disaster Recovery Concepts: (DR)

DR is an organization's ability to restore access and functionality to
IT infrastructure after a disaster event, whether natural or caused by
human action (or error)

IT DR refers to a combination of policies, tools and processes used to
recover or continue operations of critical IT infrastructure, software,
and systems after a natural or human-made disaster

**High Availability:**

Availability is the percentage of time that the system is online,
measured over a certain period, typically one year. The corollary of
availability is downtime; that is, the percentage or amount of time
during which the system is unavailable

High availability is a characteristic of a system that can guarantee a
certain level of availability

**Fault Tolerance:**

Refers to the system's ability to continue operating despite failures or
malfunctions. A fault is usually defined as an event that causes a
service to become unavailable

**Redundancy:**

Is a communications pathway that has additional links to connect all
nodes in the case one link goes down

Network redundancy provides a network strategy and multiple fallback
plans in case a network failure occurs to keep services up and valuable
data flowing through the network. Redundant networks are synonymous with
a reliable network that will greatly benefit the customers

**Recovery Sites:**

Is another location that can provide the same (or similar) level of
service. A disaster or systems failure at one site will cause services
to the alternate processing site

*Other important issues to consider include:*

1. *Heating, Ventilation and Air Conditioning*

2. *Power Management*

3. *Network Device Backup Management*

Week 7: Network Attacks, Cloud Computing and Virtualization
-----------------------------------------------------------

### Network Attacks:

- A network can be attacked by many kinds of intruders or adversaries
for many different reasons. The goals of most types of adversaries
will be to steal information from the network to misuse network
service, or to compromise the availability of the network

- Insider threat-type attacks may be launched with privileged access
to the network, while external threats must find some way of
accessing the network, perhaps by installing malware on a host
system

### Types of Attacks:

1. Foot Printing or Fingerprinting Attacks

2. Spoofing Attacks

3. Denial of Service Attacks (DoS or DDoS)

4. MAC Spoofing and IP Spoofing

5. ARP Spoofing

6. Rogue DHCP

7. DNS Poisoning Attacks

8. VLAN Hopping Attacks

9. Rogue Access Points

10. Evil Twins

11. DE authentication Attacks

12. Distributed DoS Attacks and Botnets

13. Viruses and Worms

14. Potentially unwanted programs (PUPs)/Potentially unwanted
applications (PUAs)

15. Trojan

16. Password Attacks

17. Phishing Attacks

18. Shoulder Surfing

19. Tailgating and Piggybacking

### Network Hardening Techniques:

**Network Hardening:**

Refers to the processes that minimize security gaps within a
cybersecurity infrastructure. Network hardening standards help guide the
processes used in optimizing network security across your organization's
cybersecurity infrastructure

**Device and Service Hardening:**

Also referred to as secure configuration. Some of the policies that will
make up a secure configuration involve the following:

1. Change default passwords/credentials

2. Enforce password complexity/length requirements

3. Configure role-based access

4. Disable unneeded network services

5. Disable unsecure protocols

### Endpoint Security and Switchport Protection:

Endpoint Security is a set of security procedures and technologies
designed to restrict network access at a device level. Endpoint Security
is designed not to replace perimeter security but to supplement it,
creating defence in depth

Measures include:

1. Disable Unneeded Switch Ports

2. MAC Filtering and Dynamic ARP Inspection

3. DHCP Snooping

4. Neighbour Discovery Inspection and Router Advertisement Guard

5. Port Security/IEEE 802.1X Port-Based Network Access Control

**Wireless Security:**

Following features can be enabled to provision secure wireless network
access:

1. Preshared keys (PSKs)

2. Extensible Authentication Protocol

3. Captive Portal

4. MAC filtering

5. Geofencing

6. Antenna placement and power levels

7. Wireless client isolation

8. Guest network isolation

Other network security considerations include:

1. IoT Access Considerations

2. Patch and Firmware Management

### Cloud Concepts and Virtualization:

- Is on-demand access, via the internet, to computing resources --
applications, servers (physical and virtual), data storage,
development tools, networking capabilities, and more -- hosted at a
remote location managed by a could services provider (or CSP)

### Cloud Concepts:

- From the consumer point of view, cloud computing is a service that
provides on-demand resources -- server instance, file storage,
databases, or applications (over a network), typically the internet

- **Lower IT costs:** Cloud lets you offload some or most of the costs
and effort of purchasing, installing, configuring, and managing your
own on-premises infrastructure

- **Improve agility and time-to-value:** with cloud, organization can
start using enterprise applications in minutes, instead of waiting
weeks or months for IT to respond to a request, purchase and
configure supporting hardware, and install software. Cloud also lets
you empower certain users-specifically developers and data
scientists -- to help themselves to software and support
infrastructure

- **Scale more easily and cost-effectively:** provides elasticity, can
scale capacity up and down in response to spikes or dips in traffic,
can also take advantage of your cloud provider's global network to
spread your applications closer to users around the world

- **Elasticity:** refers to the system's ability to handle changes on
demand in real time

**Cloud Deployment Models:**

- Public (or multitenant)

- Hosted private

- Private

- Community

- Hybrid

**Cloud Service Models:**

Referred to as Something/Anything/Everything as a service (XaaS), some
of the most common models are infrastructure, software, platforms, and
desktops

The following are the service models:

1. Infrastructure as a Service (IaaS)

2. Software as a Service (SaaS)

3. Platform as a Service (PaaS)

4. Desktop as a Service (DaaS)

### Virtualization and Storage Area Network Technologies:

Virtualization is the process of running a virtual instance of a
computer system in a layer abstracted from the actual hardware. Most
commonly, it refers to running multiple operating systems on a computer
system simultaneously

A virtual machine is the emulated equivalent of a computer system that
runs on top of another system

A hypervisor is a program for creating and running virtual machines.
Hypervisors have traditionally been split into two classes:

**Types of Hypervisors:**

1. Type one, or "bare metal" hypervisors that run guest virtual
machines directly on a system's hardware, essentially behaving as an
operating system.

2. Type two, or "hosted" hypervisors behave more
like traditional applications that can be started and stopped like a
normal program

A **Virtual Network Interface Card (vNIC)** represents the configuration
of a VM connected to a network. A VM can be configured to have multiple
vNICs, within the VM, the virtual NIC (vNIC) will look exactly like an
ordinary network adapter and will be configurable in the same way

A storage area network (SAN) provisions access to storage devices at
block level. Each read or write operation addresses the actual location
of data on the media (Block I/O). A SAN is isolated from the main
network. It is only accessed by servers, not by the client PCs and
laptops. SAN clients are servers running databases or applications that
require access to shared storage