CompTIA A+ 1101 Notes - my writeups, code, etc

#CompTIA #Certifications [Jason Dion Udemy](https://www.udemy.com/course/comptia-a-core-1/?couponCode=OF83024F)[Professor Messer](https://www.youtube.com/playlist?list=PLG49S3nxzAnnOmvg5UGVenB_qQgsh01uC)[Official Cert Guide](https://learn.comptia.org/app/the-official-comptia-a-core-1-student-guide-exams-220-1101#materials) [Quizlet](https://quizlet.com/950469983/comptia-a-1101-networ-ports-flash-cards/) [Crucial Exams](https://crucialexams.com/exams/comptia/a/220-1101/practice-tests-practice-questions) # Table of Contents: (Jason Dion) 1. [[CompTIA A+ 1101 Notes#Lesson 3 Motherboards|Motherboards]] 2. [[CompTIA A+ 1101 Notes#Lesson 6 BIOS/UEFI|BIOS/UEFI]] 3. [[CompTIA A+ 1101 Notes#Lesson 7 Storage Devices|Storage Devices]] 4. [[CompTIA A+ 1101 Notes#Lesson 8 Virtualization Concepts|Virtualization Concepts]] 5. [[CompTIA A+ 1101 Notes#Lesson 9 Cloud Computing|Cloud Computing]] 6. [[CompTIA A+ 1101 Notes#Lesson 10 Networking Basics|Networking Basics]] 7. [[CompTIA A+ 1101 Notes#Lesson 11 Wireless Networks|Wireless Networks]] 8. [[CompTIA A+ 1101 Notes#Lesson 12 Internet Connections|Internet Connections]] 9. [[CompTIA A+ 1101 Notes#Lesson 13 Network Configurations|Network Configurations]] 10. [[CompTIA A+ 1101 Notes#Lesson 14 Network Services|Network Services]] 11. [[CompTIA A+ 1101 Notes#Lessons 15 Mobile Devices|Mobile Devices]] 12. [[CompTIA A+ 1101 Notes#Lesson 16 Mobile Applications|Mobile Applications]] 13. [[CompTIA A+ 1101 Notes#Lesson 17 Laptop Hardware|Laptop Hardware]] 14. [[CompTIA A+ 1101 Notes#Lesson 18 Printers and MFDs|Printers and MFDs]] 15. [[CompTIA A+ 1101 Notes#Lesson 19 Printer Types|Printer Types]] # Table of Contents: (Official Cert Guide) 1. [[CompTIA A+ 1101 Notes#Lesson 4 Comparing Local Networking Hardware|Comparing Local Networking Hardware]] 2. [[CompTIA A+ 1101 Notes#Lesson 5 Configuring Network Addressing and Internet Connections|Configuring Network Addressing and Internet Connections]] ## Lesson 3: Motherboards - **Motherboard**: Printed circuit board that contains computer components and provides connectors - Central connectivity point that's used by different components - Four basic functions of a computer: - Input: Process of accepting data in a form that the computer can use (keyboard, mouse) - Output: Process of displaying the processed data or information (monitor, speaker) - Processing: Actions performed by the CPU when receiving information. This is usually done by the CPU or GPU - Storage: Process of saving or retaining digital data, temporarily or permanently (cache memory in the CPU or system memory known as RAM (random access memory)) - Temporary Storage: Non-persistent. Loses all data when power is turned off (CPU cache and RAM). Speed of **Volatile** Storage is **FAST** (measured is GHz) - Permanent Storage: Persistent. Data is saved even when power is loss (HDD, SSD). Speed of **Non-Volatile** Storage is **SLOW** (measured in MHz) - The data transferred across the motherboard measures the speed of data in MHz (megahertz) or GHz (gigahertz) - Different connections on a motherboard is going to operate at a different speed (represented by a multiplication factor of the main bus speed for that motherboard) - Form Factor of a motherboard describes its shape, layout and the type of case and power supply that could be used with that particular motherboard, as well as the number of adapter cards that can be installed within that motherboard - ATX (Advanced Technology eXtended) - Full-Size motherboard and measures 12" x 9.6" in size - Mini-ATX - Small than ATX, but contains the same features (11.2" x 8.2") - Micro-ATX (mATX) - Measures 9.6" x 9.6" - All the same features of ATX but only has 4 expansion card slots - Mini-ITX (Information Technology eXtended) - Designed as a replacement for the ATX but never produced - Measures 6.7" x 6.7" with only one expansion slot - Nano-ITX, Pico-ITX and Mobile-ITX - Don't have a designated shape - Built for embedded systems and portable devices - Central Processing Unit (CPU) - Brains of the computer - Used to execute program code - Performs basic operations on each and every instruction - Fetches the instruction, takes the next instruction in the sequence from the system memory or cache - The control unit or processor will decode each of those instructions and will either execute it or pass it on to a secondary unit - Once the processor is done doing the execution of that instruction, it will send the information back to the register, cache or memory so that it can be stored and used later on by the system - Processor's architecture will define the capabilities of said processor - x86 (IA-32): Developed by Intel with an 8-bit, 16-bit, and up to 32-bit instruction set - Can only support a maximum of 4 GB of RAM - Only 32 bits available for addressing - Can only run 32 -bit programs - x64: Supports 64-bit instruction set - Extends the x64 instruction set to be able to support 64-bit operations - AMD64 or Intel 64 - Can run both 64-bit and 32-bit programs - Advanced RISC Machine (ARM): Used for low-power devices (tablets and cell phones) - RISC (reduced instruction set computing) - Extended battery life - Produces less heat - ARM has a reduced instruction set compared to both x64 and x86 - Doesn't give you less capability - RISC systems use code to do tasks (rely more on code to do the same tasks) - CPU Socket Types - Intel and AMD are the main manufactures of CPU's. But they both rely on different socket types - Most motherboards are going to be using a ZIF (Zero Insertion Force) Mechanism. - Inserts the CPU without pressing down and giving no pressure. Helps to avoid breaking/bending any of the pins on the bottom of the processor - Intel: Land Grid Array (LGA) - Form factor that positions all pins to connect the CPU processor into the socket - AMD: Pin Grid Array (PGA) - Form factor where the processor has the pins and the socket has the holes - A single socket architecture on desktop motherboards can only support only physical processor - Servers and workstations could have more than one socket (multi-socket). Multiple CPUs or processors installed on the motherboard - Cannot upgrade the processor on a mobile device (smartphone, tablet or laptop). Usually soldered into place - Socket designs are always changing and are usually labeled with a name and number - Intel - LGA 2011 - LGA 1151 - LGA 2066 - AMD - AM2 - AM3 - AM4 - CPU Features - Simultaneous Multithreading (SMT)/ Hyper-Threading - Single stream of instructions is being sent by a software application to a processor - Multithreading allows the CPU to do different instructions at the same time - Manufacturers developed a way to allow software to run multiple parallel threads at the same time - reduces idle time - increases capability and allows more things to be done by the processor - Limitation is that it has to be allowed by the software - Symmetric Multiprocessing (SMP) - Traditional workstation and servers have multiple processors - The way workstation and servers did this because they had multiple processors (must be the same type and speed) - Not useful in desktops and laptops - Multi-core Processor - Single CPU with multiple processors inside - Multiple processors have multiple cores inside the CPU - Dual-Core Processor: Two CPUs inside a single chip - Quad-Core Processor: Four CPUs inside a single chip - Hexa-Core Processor: Six CPUs inside a single chip - Octa-Core Processor: Eight CPUs inside a single chip - Each of the processors inside the CPU can support hyperthreading (8-core processor has 16 threads) - Virtualization - ability to emulate hardware that doesn't exist - have to computer pretend that it's running multiple computer's inside of itself - Allows running multiple systems on a single physical host - Intel: (VT (virtualization technology)) - AMD: AMD-V - Both provide processor extensions to support virtualization (known as hardware assisted virtualization) - VMWare, VirtualBox and Parallels are used to create virtualized workstations using our own hardware. This computer only exists in the software - Can configure how much RAM, processing power and storage this computer has - Second level of virtualization hardware support: - Intel (Extended P age Table (EPT)) - AMD (Rapid Virtualization Indexing (RVI)) - Both of these are considered Second Level Address Translation (SLAT) features of software virtualization that are supported by the processor that allows better virtual memory management and increased performance - Motherboard Connectors - AM4 Socket meaning that the processor itself has the pins and that we have to line the pins into the socket - Mainboard Power Socket (2x12 connector) that connects to the power supply - CPU Power (8 pin connector) that connects to the power supply - Case Fan Power: Give power to fans - SATA ports: Will connect storage devices to the motherboard - CMOS Battery: Helps to retain our settings. Lasts about three years - Expansion Cards - PCI - 32-bit expansion card - Relatively slow in modern networks - PCI 32-bit cards support only a maximum bus speed of 33 MHz or 133 MBps - PCI-X - 64-bit expansion card (133 MHz) - PCI-X 2.0 - 266 MHz up to 533 MHz - PCI and PCI-X are used for networking and audio cards. Not great for graphics - AGP (Accelerated Graphics Port) - Used for video graphics cards - Came in different slots: 1x, 2x, 4x and 8x - Different slots had different amounts of power required - PCIe (PCI Express) - replaces PCI, PCI-X, and AGP - Comes in different size: x1, x4, x8 and x16 - x16 <- tells you how long the bus is and tells you how much data can be pushed at a given time - x1 is used for modems, network cards, wireless cards, input/output devices, and audio cards - x16 is used for graphics cards - Connects to the bus to get data to and from the motherboard for external devices - Uses a point-to-point serial connection - Each component that's connected to the slot is going to have direct access to the motherboard without having to share that bus with anybody else - PCIe bus is determined by the motherboard and its form factor - Could support something like 16, 24 or 32 PCIe lanes - PCIe x16 and PCIe x1 maximize the number of lanes used on a motherboard - Multiple versions of PCIe (1.0 to 5.0) - Increase in version, increase in the speed of transfer - All PCIe slots provide 25 watts of power - PCIe x16 card slots provides up to 75 watts of power - Smaller device could go into a larger slot (Up-plugging) - If you do this, it will downgrade its speed and only transmit information to that x1 device using that part of the slot - Larger device could go into small slot (Down-plugging) - If you do this, the card must support that capability, and must be able to fit into the slot. It will only work at the slower speed of the slot (x16 card into x1 slot, the slot will only work at x1 speeds) - Mini PCIe (Mini PCI Express) - used in laptops and small form factor devices - Standard PCIe card with smaller form factor - Mini PCIe cards are used inside of laptops, specifically for wireless networking - Expansion Card Types - Used to add functions or ports that are not supported by default as an integrated part of your motherboard - Video Card/Graphic Adapter - Gives quality signal for monitors - Usually connected through the PCIe x16 slot on your motherboard - Cards come with a GPU (Graphics Processing Unit) - A specialized processor designed to accelerate graphics rendering - Cards also come with High Speed Memory - Embeds the memory to give additional capability to offload from the system - On the outside of the card, there will be graphical ports - Installed outside of the card (Thunderbolt, DisplayPort and HDMI) - Video Capture Card - Takes video signals and processes them inside the computer - Used for recording footage and for security devices - TV Capture Card - Cables are plugged into a computer to get all cable TV channels - Sound/Audio Card - Gives better output through audio - NIC (Network Interface Card) - You will already have a RJ45 Port that supports 1 Gbps - To get a 10 Gbps connection, you need to install a network interface card into your PCIe x1 slot - Fiber card gives you the ability to move into the fiber optic world - ST / SC / MT-RJ Connector - Supports fiber card - Some motherboard don't support wireless networking so you can buy a USB that's going to provide wireless networking or get a dedicated expansion card that supports Wi-Fi (connect through PCIe x1) - Riser Card - Special type of expansion card on a motherboard - Allows you to horizontally mount your expansion cards ## Lesson 6: BIOS/UEFI **42. TPM and HSM** - Hardware Rot (Root of Trust) is the foundation of all secure operations of a computing system - Contains the keys used for cryptographic functions and enables a secure boot process - Cryptographic module embedded in a computer system that endorses trusted execution and attests to boot settings and metrics - Used to scan the boot metrics in the OS files to verify signatures and then use them to sign the report - Digital certificate that is embedded inside your chip as part of the firmware on your system - Trusted Platform Module (TPM) - Most commonly used hardware Root of Trust - Specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information - Each TPM processor is hard-coded with a unique and unchangeable key that's referred to as the endorsement key (EK) - System will use the use this key and the TPM to ensure that the system firmware, boot loader, and OS kernel have not been tampered with or modified by using multiple different functions performed by the module - TPM has a secured method of input and output - Within the TPM module, there is a cryptographic processor - SHA-1 hash generator - RSA key generator - random number generator - encryption and decryption signature engine - TPM has persistent memory - Endorsement key (EK) - Storage Root Key (SRK) - TPM has versatile memory - Platform Configuration Registers (PCR) - Attestation Identity Keys (AIK) - Storage Keys - TPM is a hardware RoT and gives you the ability to know that when your system is being booted, it's being done securely - It's attesting to the fact that the UEFI has not been modified or tampered with and can also be used to provide encryption for your storage devices (BitLocker <- storage devices) - TPM can be managed in Windows via tpm.msc console or through group policy - Hardware Security Module (HSM) - Appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats - Protects our systems using encryption pass - Contains a trusted and protected digital key that can be used with an encryption device - Has different form factors - PCIe card, rack mounted system, or IoT type system - Automated and cannot be compromised by human involvement **43. BIOS/UEFI Cooling Options** - BIOS and UEFI have the ability to configure fans - Quiet Mode - Reduces the fan speed and allows higher temperatures to occur - Balanced Mode - Normal settings on most computers by default - Cool Mode - Able to run the fans harder and faster to create more air flow - Overclocking the processor generates excess heat - Fanless Mode - Telling your motherboard you're not going to be turning the fans at all - Custom Mode - Allows you to go outside of the three pre-configured sets and create your own - The motherboard has built-in temperature sensors - Temperature is rising - Fans will speed up to get the heat dissipated out of the system - Temperature is lower than set point - Fans will turn off or slow down ## Lesson 7: Storage Devices **47. Hard Disk Drive (HDD)** - Hard Disk Drive (HDD) - Form of mass storage - Mass Storage - Non-volatile storage device that holds data when the system is powered down. Can have sizes in GBs or TBs. Categorized in two ways: Internal and External - Internal Device - Device that is placed inside the computer case or tower (hard disk drives, solid state devices, etc) - External Device - Device that is placed outside the computer case or tower and connected to an external port (external USB hard drive or an eSATA drive) - Three sizes: - 2.5", 3.5" and 5.25" drive - 2.5" and 3.5" are reserved for internal HDDs and SSDs - 5.25" is reserved for optical drives, backup tape drives, and floppy disc drives - Stores data on a metal or glass platter that is coded with a magnetic substance. - This substance is charged with different electrical currents to be able to store data on those by storing 1s and 0s on the magnetic substance. This is done on these platters - Platters are accessed using a read/write head which is moved by an actuator mechanism - Different seek time based on where the data is on the platter because the read/write head has to actually move to the location - Platter is logically divided into things known as tracks and sectors - Tracks are one circle going around the platter - Each track is going to be a different size based on the drive geometry that was created - Sectors are a chunk of the particular track - Each sector has a width of 512 bytes - Seeking or Retrieving Data - Movement of the actuator and the read/write head to read the data - Faster you spin a hard drive, the faster you can access the data that is stored in it - Speed that is measured in revolutions per minute (RPM) gives better drive performance - Four basic types of speeds of a hard drive - 5400 RPM - Slowest model (budget or low-end workstations and PCs) - 7200 RPM - Faster performance (modern computers) - 10,000 RPM - High-performance drives (gaming PCs) - 15,000 RPM - Highest RPM and highest cost, but provides excellent performance - Need to also consider its buffer size - Internal buffer or cache on a hard disc drive (8 MB to 256 MB) - Larger the buffer, the better the performance - Will be able to cache a lot of the data to increase your performance - SATA cable is used to connect a hard disk drive to your motherboard - 7-pin Data connector - L-shaped cable - 15-pin Power cable - L-shaped connector - 3 SATA versions: SATA 1, SATA 2 and SATA 3 - Each has different speeds for throughput - Small Computer System Interface (SCSI) - Supports either 7 or 15 devices in a daisy chain - Considered a slow speed interface **48. Solid State Drive (SSD)** - Solid State Drive (SSD) - Uses flash memory technology to implement persistent mass storage - Three main form factors: - 2.5", 1.8" and M.2 - 2.5" is used when replacing an HDD inside of a laptop or small desktop - 1.8" is used inside of small laptops - M.2 looks like a memory chip, small, sleek and light to use in a laptop - Older SSDs rely on SATA connectors (7+15 pin SATA) - 2.5" or 1.8" SSDs rely on SATA connections - mSATA - Allows the SSD to be used as an adapter card that can be plugged into a combined data and power port on the motherboard - SSDs are faster than SATA speeds - Non-Volatile Memory Express (NVMe) - A communication protocol used with the M.2 form factor to plug directly into the motherboard using the NVMe port - People will use both an SSD and HDD in the same system (SSD for main operating system and HDD as main storage) - Hybrid Drive - A mixture of both an SSD and HDD in one. Has both the actuator, read/write head, platter, and also an SSD embedded inside the device **49. RAID** - Redundant Array of Independent Disk (RAID) - Combination of multiple physical hard disks into a single logical hard disk drive that is recognized by the operating system - Different types of RAID - RAID 0 (Striping) - Two disks working together and each of them holds half of the data - ![[0_tv5m3e5J7QAGuSRx.png]] - Great for speed but provides no data redundancy. If one of these two disks fails, half of the data is lost, essentially meaning that the whole file is lost - Has no loss of space on the disks: Using two 800 MB hard disks and connect them together as a RAID 0, you will be going to get 1.5 gigabytes (1,600 megabytes of space) - RAID 1 (Mirroring and Redundancy) - Mirrored disk array. Two disks that have all the same data. Every single thing put on disk 0 is also put on disk 1 - ![[Untitled.png]] - Provides full redundancy. If one of the disks fails or goes away, the other disk will still have all the data - Loss of space on one of those disk: Using two 800 MB disks will no longer give you 1.5 GB (1,600 megabytes). You will only get 800 MB. Because your using one disk as a mirror copy of every single piece of data. - RAID 5 (Redundancy through Parity/Striping and Parity) - Uses a minimum of 3 disks but could use more - ![[Untitled-1.png]] - File A and I put half of it on disk 0 and disk 1 (A1 and A2) . Then I will do a calculation and the result of that calculation will be put on disk 2 (Ap). If you were to lose one of the disks, using the remaining amount of data on the other disk and the parity, I can recalculate the parity and make up the file that was lost - Using 3 drives, losing 33% of disk space for parity - Most common RAID used - RAID 6 (Striping with Dual Parity) - RAID 5+1 - Minimum of 4 disks - ![[what-is-raid-6.avif]] - Could lose two disks and keep operating - Double parity - RAID 10 (Mirroring + Striping) - RAID 1+0 - Two RAID 1s placed inside a RAID 0 configuration - Minimum of four disks and will lose half of disk space - ![[1_8qTKvJQTAfrAYEz2S9n6AQ.png]] - Good from a redundancy and speed and speed standpoint - RAIDs could either be Failure resistant, fault and disaster tolerant - Failure resistant - Protection against the loss of erased DATA (RAID 1/RAID 5) - RAID 1 - Mirroring and Redundancy - RAID 5 - Redundancy through parity - Both RAID 1 and RAID 5 have good redundancy because RAID 1 has mirroring so if you lose one disk, the data is still on that disk and RAID 5, if one drive is lost, the parity bit and the other half of data that's still there could be use to make up what was lost - Fault Tolerant - RAID can function even when a component fails (RAID 1, RAID 5 and RAID 6) - Disaster Tolerant - RAID with two independent zones with full data access (RAID 10) - In a RAID 10, I could lose either half of the array and one of those RAID 1's are going to still function - RAID's provide redundancy and high-availability **50. Removable Storage** - Any kind of storage device that can be moved from computer to computer without you having to open up the case and remove it from the inside - Hot-Swappable - Capable of being removed or replaced without disruption or powering off the device - USB - Thunderbolt - eSATA - These devices are safe to remove without losing the data - This feature gives the ability to add/remove additional storage - SATA does support hot-swapping only if you enable AHCI inside of your BIOS or UEFI - Advanced Host Controller Interface (AHCI) - Technical standard developed by Intel that allows hot-swappable capability with SATA devices - Not turned on by default because SATA was developed as an internal connector but eSATA was developed (external SATA) and so it's using the exact same cable and connector - eSATA has a pretty fast speed (comparable to USB 3.0) - Drive Enclosure - Takes an internal hard drive and put it in an enclosure - Memory Card formats: - SD (secure digital) - original SD cards had a maximum capacity of 2 GB - MiniSD - MicroSD - CompactFlash - Memory Stick - Proprietary protocol used on Sony devices - In order to read or write to a memory card, you need a memory card reader - Tape Drives - Legacy Removable device - Uses a magnetic tape and is placed into a reader - Floppy Drives - Legacy way of storing data - An external hard drive or SSD is the same type of device that is used inside of a system. The only difference is that they're placed inside of a drive enclosure that converts their data port into something that's usable as an external interface that's hot swappable **51. Optical Drives** - Three main varieties: - CD (Compact Disc) - Oldest form of optical drive that stores 74 to 80 minutes of music (650-700 MB) - Works by using a reader to be able to read information off the disc. The reader is based on a laser light. When you're using a CD, you are actually reading that using a longer wavelength using an infrared light - DVD (Digital Versatile Disc) - Stores 4.7 GB (Standard DVD) or 8.4 GB (Dual Layer DVD) - Using a red laser light to read the information, and it uses a medium wavelength - BD (Blu-Ray Disc) - Stores 25 GB (Standard BD) or 50 GB (Dual Layer BD) - Three different types: - Read-Only (ROM) - CD-ROM, DVD-ROM, or BD-ROM is a read only disc - Cannot write information to the disc - Write-Once (R) - Writing that cannot be erased (CD-R, DVD-R, DVD+R and BD-R) - Write-Many/Erasable (RW/RAM/RE) - CD-RW allows to write and erase the file to create a new one - DVD-RW (similar to the CD-RW Versions) /DVD+RW/DVD-RAM (are similar to the DVD-RW but have a different type of form factor) - Blu-Ray Disc (BD-RE) has write-many type of disc called erasable disc - Similar to CD-RW or DVD-RW - Optical drives are measured using the X-rating - CD (1x = 150 KB/s) - DVD (1x = 1.385 MB/s) - Blu-ray (1x = 4.5 MB/s) ## Lesson 8: Virtualization Concepts **54. Virtualization Concepts** - Virtualization - allows you to run multiple operating systems and application environments on a single piece of hardware - heart of cloud computing - creation of a virtual version of a computer by simulating the hardware functionality of a traditional computer within a virtualized environment **55. Virtualization** - Virtualization - Host computer installed with a hypervisor that can be used to install and manage multiple guest operating systems or virtual machines (VMs) - Type I (Bare Bones/Metal) - Piece of hardware that you install some sort of virtualization software on top of it and that will be known as a hypervisor - Bare Bones Hypervisor where it runs natively on the hardware - Runs directly on the host hardware and functions as the operating system - Hyper-V, XenServer, ESXi and vSphere ![[Pasted image 20240924080830.png]] - Type II - Operating system with a hypervisor running on top of that operating system - Runs within the normal operating system - Hardware running Windows Operating System as **Host OS** and on that hardware I could install a **Hypervisor** (VirtualBox, VMWare). In this hypervisor, I could then install an operating system - Hypervisor - used to manage the distribution of the physical resources of a server or host to those virtual machines (amount of processing, memory, and storage) - Two models used to provide virtualized application services - Server-based (Terminal services) - Server-based solution that runs the application on servers in a centralized location and the users access that application through a remote client protocol - Citrix XenApp - Client-based (Application streaming) - Client-based solution that allows an application to be packaged up and streamed directly to a user's PC - Creates a sandbox application computing environment that's isolated from the user's operating system - Microsoft App-V **56. Containerization** - Newer type of virtualization that's more focused on servers that end user - Operating system kernel is shared across multiple virtual machines, but the user space for each virtual machine is uniquely created - Containerization - Type of virtualization applied by a host operating system to provision an isolated execution environment for an application - Enforces resource segmentation and separation at the operating system level - Commonly used in Linux Servers (Docker, Parallels Virtuozzo and OpenVZ) - Hardware with a **Host OS** (usually Linux) and then a **Container Manager**. This **Container Manager** is going to be used to create different containers that contain different applications. All containers use the kernel of the **Host OS** (Linux). All containers are using the same host operating system files, so it takes a lot less resources when compared to pure virtualization - Uses a lot less storage and takes a lot less processing power - Each container can't talk to each other (isolated). To have them be able to talk to each other, you have to connect them through a virtual network - If the Host OS were to be compromised, all data on containers would be compromised because that one operating system is being used by all the containers - Set up virtual servers in the cloud with proper failover, redundancy, and elasticity - Hosting all VMs and the same type of hypervisor can also be exploited **57. Purposes of VMs** - Hypervisor - Manages the distribution of the physical resources of a server to the virtual machines - Type I (Bare Metal) - Faster and more efficient - Type II (Hosted) - Also have to make sure that the underlying operating system is properly secured and patched - Container-Based Virtualization (Containerization) - Each container relies on a common host OS as the base for each container - Almost exclusively used with Linux as the underlying operating system - Has less resources because it doesn't require its own copy of the OS for individual containers - Hyperconverged Infrastructure - Allows for the full integration of the storage, network, and servers without hardware changes. Instead relies on software and virtualization technology to perform all the integrations - Application Virtualization - Encapsulates (enclose) computer programs from the underlying OS on which they are executed - A fully virtualized application is not installed in a traditional sense - You can run legacy applications that were designed for an end of life operating system on top of a more modern operating system or cross platform software - Virtual Desktop Infrastructure (VDI) - Hosts desktop OSs within a virtualized environment hosted by a centralized server of server farm - Sandbox - An isolated environment for analyzing pieces of malware - Cross-Platform Virtualization - Allows for the testing and running of software applications for different operating systems - Emulation - Involves using a system that imitates another system while Virtualization is the virtual instance of a particular piece of hardware being created and user - A piece of software is translation the environment in real time to pretend that it is something else **58. Resource Requirements** - Four main areas that are focused when it comes to resource requirements 1. CPU and its virtualization extensions - Intel and AMD have their own version of virtualization technologies - Intel: VT-x - AMD: AMD-V - Not having virtualization enabled as a processor extension, performance will significantly decrease - Another Virtualization technology extensions (SLAT) - Second Level Address Translation (SLAT) - Improves the performance of virtual memory when running multiple virtual machines on a single physical host - Intel: Extended Page Table (EPT) - AMD: Rapid Virtualization Indexing (RVI) - Get a CPU that is multi core, supports hyper threading or multiple physical processors - ARM - Reduced instruction set and computer architecture in a computer processor 2. System Memory - Amount of physical memory installed on a physical server 3. Storage - Where are you going to store all these virtual machine images? 4. Networking - Hypervisor that's operating on the host operating system is going to be creating a virtual network environment for all the other virtual machines to communicate through, but they will have to use a network interface card to go out into the internet to download files - Network Interface Card (NIC) teaming configuration allows multiple cards for higher speeds **59. Security Requirements** - VM Escape - Threat attempts to get out of an isolated VM and send commands to the underlying hypervisor - Should be difficult to accomplish - Easier to perform on a Type II hypervisor than a Type I hypervisor - Make sure everything is patched and up-to-date - VM -> hypervisor or Host OS - VM Hopping - Threat attempts to move from one VM to another on the same host - VM -> VM - Make sure everything is patched and up-to-date - Sandbox - Separates running processes and programs to mitigate system failures or software vulnerabilities - Sandbox Escape - Occurs when an attacker circumvents sandbox protections to gain access to the protected OS or other privileged processes - VM Sprawl - Uncontrolled deployment of virtual machines - Live Migration - Migrates the virtual machine from one host to another while it is running - Ensure that live migration only occurs on a trusted network or utilizes encryption - Data Remnants - Leftover pieces of data that may exist in the hard drive which are no longer needed - Encrypt virtual machine storage location and destroy encryption key ## Lesson 9: Cloud Computing **66. Virtual Desktop Infrastructure (VDI)** - Hosts desktop OSs within a virtualized environment hosted by a centralized server or server farm - Separates the personal computing environment from a user's physical computer - Will be able to access the virtual desktop through a thin client or web browser - All commands run on the virtual desktop will only be processed on the cloud server - The server is going to perform all the application processing and data storage - Users have limited local processing ability - If the server goes down, users can't do any work - 3 models for implementing virtual desktop infrastructures - Centralized Model - Hosts all the desktop instances on a single server or server farm - Hosted Model/Desktop as a Service (DAAS) - Maintained by a service provider and provided to the end user as a service - Amazon Workspaces, Citrix Xen Desktop - Remote Virtual Desktop Model - Copies the desktop image to a local machine prior to being used by the end user **67. Cloud Storage Services** - Cloud Storage Application - Amount of space on a cloud-based server as file storage - File Synchronization - Ability to synchronize from different devices using a single account - Content Delivery Network (CDN) - Network of servers that locates the nearest server to minimize delay or download time **68. Software Defined Network (SDN)** - Enables the network to be intelligently and centrally controlled, or programmed, using software applications - Take our physical networks and completely virtualize them or create a layer of abstraction between the physical devices and the logical architecture that they're going to represent - These networks can be changed automatically by the network itself using automation and orchestration - Application Layer - Focuses on the communication resource requests or information about the network as a whole - Control Layer - Uses the information from the applications and decides how to route a data packet on the network. Also decides how data should be prioritized, how it should be secured, and where it should be forwarded to - Infrastructure Layer - Contains the network devices that receive information about where to move the data - Management Plane - Used to monitor traffic conditions and the status of the network ## Lesson 10: Networking Basics **70. Networking Basics** - Networks make the connections between machines\ - Promise five minutes of downtime for the entire year (99.999% uptime) **71. Networking Hardware** - Network Interface Card (NIC) - Provides an ethernet connection to the network - Can be integrated into the motherboard, added as an expansion card or added as an external peripheral using a USB connection - ![[Pasted image 20240926224415.png]] - Going to be used to connect to the network and can be wired using a copper NIC (Cat 5 or above), or a wired fiber NIC (relies on a fiber optic cable) or a wireless NIC (connects to a wireless access point using radio-frequency waves in the Wi-Fi ranges $2.4 GHz - 5 GHz$ - Hub - Has a number of different ports between 4 and 48 ports. Allows up to 48 computers to all be connected to this hub - Each computer is connected to a single port - Older piece of networking technology - ![[4_port_netgear_ethernet_hub.jpg]] - Hub works by using a wired interface (wired copper connection rely on RJ45 connectors in each port) - ![[Pasted image 20240926224744.png]] - Can operate at 10 - 100 Mbs - All computers attached to the hub are going to be considered part of its collision domain - Hubs operate in broadcast mode - If two computers tried to talk at the same time, a collision would occur - If this were to occur, all network client devices would stop talking, pick a random number to count to, and then try retransmitting again. - This slows down the entire network connection - Every computer can see what's being sent over because they're all connected to the same hub - Hub will re-broadcast message out to every port it has - Network clients know which computer is being targeted to be spoken to is by using what's knows as a MAC address - MAC Address - Own address on the local area network - Switch - Smart hub that remembers the ports that are connected to them - Can have anywhere from 4 to 96 people connected to a single switch - ![[4100-mg-48p-front-top-switches-banner.avif]] - If I have a message for a specific MAC address, the switch is going to switch that information from the port that it received it on over to the port that receiver is sitting on. Only the intended receiver will get the message and not everyone connected to the switch - Also prevents any collisions from happening because only the receiver is getting the data - Can have multiple people talking at one time - Increased speed and security - Categorized in 2: 1. Unmanaged Switch - Performs its functions without requiring a configuration - Can just operate out of the box - Easy to setup 2. Managed Switch - Performs its functions with configuration - Used in larger networks - Could work out of the box until configured - Settings to be configured are: 1. Increased Security (enabling 802.1X) 2. MAC filtering 3. Configure things into virtual local area networks on the same switch - Wireless Access Point - Device that allows wireless devices to connect to a wired network - ![[B3-wac104_32_tcm148-140233.jpg]] - Media converter (converting the radio frequency signals that are going through the airwaves into that copper electrical signal going in through a Cat 5 or a Cat 6 cable connection into one of your switches) - Allows you to extend your wired network into the wireless realm - Router - Used to connect different networks together - Used to make intelligent forwarding decisions from one network to the next based on its logical address (IP Address) - Internet Protocol (IP) Address - Going to be either IPv4 or IPv6 or both - Most common is in your Small Office/Home Office (SoHo), when you're connecting your local area network and your computers out to the internet, which is going to connect to your Internet Service Provider (ISP) - ![[hq720.jpg]] - Firewall - In a SoHo, a firewall will be combined into the device your ISP gives you - Device that is configured with different rules known as access control lists, that provides us a way to scan and block traffic as it tries to enter or leave our network - ![[how-firewalls-work.png]] - Security guard that sits at the border of our network, and anything that's going to go in or out of your network goes through the firewall and can be inspected - Great for security - Unified Threat Management (UTM) contains firewall features - Contains spam guards and antivirus solutions that are combined into a single device - ![[utm-deployment-network.png]] - Patch Panel - Device that allows cable network jacks from a wall into a central area - Allows the cables running through your walls going from your network jacks to be able to be terminated into a single place on a punch-down block at the back of a panel. - ![[what-is-patch-panel-1614396935-ikjUhrEzpK.jpg]] - On the other side of the panel, we have pre-wired RJ45 ports that we can then connect with patch cables that are running Cat (5-8), and then connect those into our switch - Power Over Ethernet (PoE) - Supplies electrical power from a switch port over an ordinary data cable to a power device - Feature of some devices and switches - Using a single cable for both the data and power - Comes in 3 varieties: 1. 802.3af - Allows the least amount of power to be drawn (13W) 2. 802.3at (PoE+) - Allows power devices to draw up to 25W 3. 802.3bt (PoE++) - Used to supply power of up to 51W (Type 3) or 73W (Type 4) - To use PoE, you need these things: - Switch that supports PoE at one of the three levels - Proper cabling in place for support (Cat 6 or above) - Power device to use the data and power coming from the ethernet cable - If you don't have a PoE switch, but a device that require PoE, you can use a Power Injector - Power Injector - Plugs into a wall outlet to get power - You then connect the ethernet cable from your non-powered switch into this power injector, and then that injects the power onto that line - ![[pf-31d148d7--whentousepoeinjector_1200x.webp]] - Cable Modem - Device that translates coaxial cable signals into radio frequency waves - Going to act as a converter, taking the signal coming in off the coaxial cable, converting it into the electrical impulses that can then be sent out over a normal ethernet network - ![[DSC_0113.webp]] - Digital Subscriber Line (DSL Modem) - Device that translates coaxial cable signals into phone lines - ![[images.png]] - Optical Network Terminal (ONT) - Terminates fiber connection - When the fiber connection comes into that ONT, it will act as a media converter and translate that the light signals coming in off the fiber into electrical signals that can go out a copper unshielded twisted pair cable that goes into your router - ![[img1-2.jpg]] - Software Defined Networking (SDN) - Way of virtualizing the network hardware - All the networking hardware could be changed into cloud based equivalents that we can then interact with using software - ![[Pasted image 20240926232219.png]] **72. Network Types** - Personal Area Network (PAN) - Smallest type of wired or wireless network and covers the least amount of area - About 10 ft or less - Bluetooth and USB - Local Area Network (LAN) - Connects components within a limited distance - Up to a few hundred feet - Ethernet - IEEE (802.3) - Wi-Fi - IEEE (802.11) - Campus Area Network (CAN) - Connects LANs that are building-centric across a university, industrial park or business park - Up to a few miles - Metropolitan Area Network (MAN) - Connects scattered locations across a city or metro area - Smaller than a global wide area network - Up to about 25 miles - Wide Area Network (WAN) - Connects geographically disparate internal networks and consists of leased lines or VPNs - Worldwide coverage - Internet is a WAN - Don't have to always be public - ![[Pasted image 20240926233014.png]] - Wireless Local Area Network (WLAN) - A wireless distribution method for two or more devices that creates a local area network using wireless frequencies - Use a high frequency radio wave that include access points to your local area network, or even out to the internet - Storage Area Network (SAN) - Provisions access to a configurable pools of storage devices that can be used by application servers - Usually isolated from the main network in its own storage area network - Going to use specialized networking technologies such as iSCSI (Internet SCSI) and Fiber Channel (FC) - Small Office, Home Office (SoHo) LAN - Uses a centralized server or simply provides clients access to local devices like printers, file storage, or the Internet - Smaller scale networking **73. Internet of Things** - A global network of appliances and personal devices that have bene equipped with sensors, software, and network connectivity to report state and configuration data - Must ensure that these devices are have an interference issues with other wireless devices that may be operating. Must also ensure that they are properly secure and that the power being provided to these devices is provided (power over ethernet or a battery power supply) - Placing these systems on business networks goes against the best practices - These devices should be separated and segmented off from the business network - Segregation of IoT devices is critically important for the business network's security - When implementing an IP video system, you must consider the level of quality of service you want, it's bandwidth, and cost - Four categories of components: 1. Hub and control systems - used as a central point of communication for many automation and controlling of those IoT devices 2. Smart devices - IoT endpoints that are going to connect back to that central hub or control system to provide you with some kind of automation or function 3. Wearables - designed as accessories that can be worn (smart watches, bracelets and fitness trackers) 4. Sensors - used to measure lots of different things (temperature, sound, light etc.) **74. Twisted Pair Cabling** - Most popular local area network cabling technology that are used in networks today - Inside the cable, there are eight individually insulated wires that are inside the cable sheath. Each cable is twisted up into a pair (4 fours, two wires in each of those pairs) - ![[Pasted image 20240926234808.png]] - More twist you have within an inch of the cable, the better the protection that cable has from electromagnetic interference (EMI) - less twist, the cable becomes more susceptible to EMI - more interference, worse data transmission rate - Higher the category number for Cat, the higher the speed - Two types of twisted pair cabling: 1. Unshielded Twisted Pair (UTP) - ![[Pasted image 20240926235147.png]] - Cheaper cable - No metal being used in the part of the shielding, all plastic except for the thin copper wires - Medium of choice for most local area networks 2. Shielded Twisted Pair (STP) - ![[Pasted image 20240926235315.png]] - Each twisted pair inside that cable sheath is going to be wrapped with some metal foil and braided metallic shield wrapping around all four of those pairs - Shielding helps minimize EMI - Costs more - Both STP and UTP operate about the same - Both have the same distance limitations (300 feet) - Both use the same type of connectors to terminate them - Two connector types used with twisted pair cabling: 1. RJ45 - ![[Pasted image 20240926235551.png]] - most commonly used connector in our networks - plastic eight pin connector - used all the time in ethernet based networks 2. RJ11 - ![[Pasted image 20240926235658.png]] - Six pin connector - Only two of those pins are actually going to be used - One of these pins is going to be reserved of the ring and the other is going to be reserved for the signal inside of these phone systems - Used in phone systems - Registered Jack (RJ) - Carries voice or data which specifies the standards a device needs to meet in order to connect to the phone or data network - Bandwidth - The theoretical measure of how much data could be transferred from a source to its destination - Throughput - The actual measure of how much data is successfully transferred from a source to its destination - Ethernet Standard - A designation given to a particular category that provides the ability to understand the bandwidth and the cable type to be used - **For Cat ethernet standards, $XXX$Base tells you how the bandwidth of the cable. Anything greater than 1 Gbps, will be $XXX$GBASE-T** - Cat 5 (Fast Ethernet) - Standard: 100BASE-TX (twisted pair fast ethernet) - Bandwidth: 100 Mbps - Distance: 100 meters - Cat 5e (Gigabit Ethernet) - Standard: 1000BASE-T - Bandwidth: 1000 Mbps - Distance: 100 meters - Cat 6 - Standard: 1000BASE-T or 10GBASE-T - Bandwidth: 1000Mbps or 10 Gbps - Distance: 100 meters or 55 meters - Cat 6a - Standard: 10GBASE-T - Bandwidth: 10 Gbps - Distance: 100 meters - Cat 7 - Standard: 10GBASE-T - Bandwidth: 10 Gbps - Distance: 100 meters - Cat 8 - Standard: 40GBASE-T - Bandwidth: 40 Gbps - Distance: 30 meters - ![[Pasted image 20240927002842.png]] - Cat 6, 6a and 7 are 10 Gbps, Cat 5, Cat 6 are 1000 Mbps - Keep cable runs under 70 meters from the IDE to the office - Straight-Through Cable (Patch Cable) - Contains the exact same pinouts on both ends of the cable - ![[Pasted image 20240927003403.png]] - 568B Standard - Preferred when wiring jacks inside buildings - Color Scheme from Pins 1 - 8 (568B) 1. Orange White 2. Orange 3. Green White 4. Blue 5. Blue White 6. Green 7. Brown White 8. Brown - Used for all our interior wiring and for both ends of a straight through cable or walljack - If I wanted to connect a switch to another switch, I have to use a crossover cable - Crossover terminal is used to connect a terminal to a terminal or communication equipment to communication equipment - Computer to a laptop (Crossover) - Computer to a switch (Patch) - ![[Pasted image 20240927003740.png]] - Crossover Cable - Swaps the send and receive pins on the other end of the cable when the connector and its pinout are created - ![[Pasted image 20240927003823.png]] - Used for connection a workstation to a workstation or a switch to a switch - 568B on one end and switch pins one, two three, and six - Most switches have what is known as a MDIX - Medium Dependent Interface Crossover (MDIX) - An automated way to electronically simulate using a crossover cable even if you are using a straight through patch cable - Will switch the pinout electronically itself - If the switch doesn't support MDIX, use a crossover cable - ![[Pasted image 20240927004254.png]] - Direct Burial - A cable rating that specifies that a cable has a stronger sheathing and jacket and can withstand more extreme weather conditions - Plenum - A special coating put on a UTP or an STP cable that provides a fire-retardant chemical layer to the outer insulating jacket - Ceilings, walls, raised floors, or air ducts - Non-Plenum - Known as PVC and can be shielded or unshielded twisted pair of cables - 568B - Orange White - Orange - Green White - Blue - Blue White - Green - Brown - Brown White - 568A - Green White - Green - Orange White - Blue - Blue White - Orange - Brown - Brown White **75. Optical Cabling** - Fiber Optic Cable - Uses light from an LED or laser to transmit information through a thin glass fiber - Immune to electromagnetic interference - Light can go an extremely long distance without must signal lost. - 100 meters or miles - Greater usable range - Greater data capacity - Switches, routers, and end-user devices can become a limitation - Expensive - Difficult to work with - Single Mode Fiber (SMF) - Used for longer distances and has smaller core size which allows for only a single mode of travel for the light signal - SMF's core size is 8.3-10µ in diameter - Cables have a yellow sheath - Multimode Fiber (MMF) - Used for shorter distances and has a larger core size which allows for multiple modes of travel for the light signal - MMF's core size is 500-100µ in diameter - Up to 2 kilometers or less - Cables have an aqua blue or orange sheath - ![[Pasted image 20240927005632.png]] - Four different connector types: 1. Subscriber Connector (SC) - Popular because of the low cost, durable and easy to install - 'Stick and Click Connector' - ![[Pasted image 20240927005906.png]] - Stick it into the jack and hear a click 2. Straight Tip Connector (ST) - Relatively low cost and easy to use - Old type of fiber connectors - 'Stick and Twist Connector' - ![[Pasted image 20240927010057.png]] - Stick it into the jack and turn it half way to the right until it locks in place 3. Lucent Connector (LC) - newer and small version of the SC connector - does use a stick and click connection to the jack - 'Love Connector' - ![[Pasted image 20240927010225.png]] - Always going to find LC connector with its transmit and receive sides attached side by side, like lovers 4. Mechanical Transfer Registered Jack (MTRJ) - very popular and widely used because of its smaller form factor - both the transmit and receive terminated inside a single plastic connector - Often used on fiber switches connected to fiber patch distribution panels on one side, and the other side will convert it to SC, ST or LC - ![[Pasted image 20240927010549.png]] **76. Coaxial Cabling** - Also known as Coax - One of the oldest categories of copper media that is still used in networking today - Coaxial cables have a inner insulated conductor or center wire that's going to pass all of our data over it (known as the center core) - Metal shield that helps with any data transmission leakage coming from inside the cable outwards, and it provides protection from the outside in against EMI - ![[Pasted image 20240927010834.png]] - RG - 6 - commonly used by your local cable company to connect their service to your home - ![[Pasted image 20240927010911.png]] - RG-59 - carries composite video between two nearby devices or connect an outlet to a cable modem - ![[Pasted image 20240927011000.png]] - Two commonly used type of connectors: 1. F-Type - Most Coaxial cables will have an F-Type connector - Screw on type of connector - Commonly used in cable TV and cable modem for consumer applications - ![[Pasted image 20240927011130.png]] 2. Bayonet Neill-Concelman (BNC) Connector - Legacy connector - ![[Pasted image 20240927011235.png]] - Twinaxial Cable - Similar to coaxial cable but uses two inner conductors to carry the data instead of just one - Used for very short range, high-speed connections between devices - ![[Pasted image 20240927011407.png]] **77. Networking Tools** - Snip/Cutter - Used to cut a piece of cable off a larger spool or run of cable - ![[Pasted image 20240927011531.png]] - Cable Stripper - Used to strip off the end of the cable and prepare it for attachment to a connector - ![[Pasted image 20240927011615.png]] - Cable Crimper - Used to attach the connector to the end of the cable - ![[Pasted image 20240927011711.png]] - Cable Tester - Used to verify the continuity of each of the eight individual wires inside of a twisted pair cable - ![[Pasted image 20240927011822.png]] - Might want to use a multi-tester - will not just support ethernet cables using RJ-45, but it can also support BNC connectors for coaxial cables, IDE connectors for hard drives, PATA and SATA connectors, etc. - ![[Pasted image 20240927011934.png]] - Wire Mapping Tool - Works like a cable tester but specifically for twisted pair ethernet cables - ![[Pasted image 20240927012006.png]] - Will be able to diagnose any issues with that cable: - Open Pair - Occurs when one or more conductors in the pair are not connected on one of the pins at either end of the cable - Shorted Pair - Occurs when conductors of a wire pair are connected to each other at any location within the cable - Short Between the pairs - When the conductors of two wires in different pairs are connected at any location within the cable - Reverse Pair - Occurs when two wires in a single pair are connected to the opposite pins of that pair - Cross Pair - Occurs when both wires of one color pair are connected to the pins of a different color pair on the opposite end - Split Pair - Occurs when a wire from one pair is split away from the other and crosses over the wire into an adjacent pair - ![[Pasted image 20240927012422.png]] - Cable Certifier - Used to determine a cable's category of data throughput - ![[Pasted image 20240927012456.png]] - Will tell you the Cat Standard, how long it is, the frequency range being used - More expensive - Punch Down Block - Terminates the wires and strips off excess insulation and extra wires that are no longer needed - ![[Pasted image 20240927012650.png]] - Tone Generator/Toner Probe - Used to generate a tone on one end of the connection and use the probe to audibly detect the wire connected on the other side - Often called a fox and hound - ![[Pasted image 20240927012743.png]] - Loopback Adapter/Device - Facilitates the testing of simple networking issues - Tap - Connects directly to the cable infrastructure and splits or copies those packets for analysis, security, or general network management - Connect the tap in line to your network and it's going to create a duplicate cope of every frame, one going out the tap port where it's going to be collected and analyzed by your cybersecurity toolset and the other one out to your network so it can be processed by the equipment - Used heavily in cybersecurity - ![[Pasted image 20240927013103.png]] - Wireless Analyzer - Ensures proper coverage and prevents overlap between wireless access point coverage zones and channels ## Lesson 11: Wireless Networks **81. Wireless Networks** - Wi-Fi (IEEE 802.11) or cellular connection **82. Wireless Frequencies** - Spread Spectrum Wireless Transmission - Three main ways that we can do this: 1. Direct-Sequence Spread Spectrum (DSSS) - Modulates data over an entire range of frequencies using a series of signals known as chips - These chips are susceptible to electrical interference and environmental interference which will cause us to have slower bandwidth - Going to use the entire frequency of the spectrum to transmit signal - ![[Pasted image 20240927185837.png]] 2. Frequency-Hopping Spread Spectrum (FHSS) - Allows devices to hop between predetermined frequencies - Makes it harder to guess where the frequency actually is - Frequency hopping is used as a security measure in some networks, but will not be used in most commercial grade networks because it slows down our ability to use all the bandwidth and reduces the amount of spectrum that's available - ![[Pasted image 20240927190033.png]] - Increased security, but slower bandwidth 3. Orthogonal Frequency Division Multiplexing (OFDM) - Uses a slow modulation rate with simultaneous transmissions over 52 different data streams - Most common - Able to take a large piece of the spectrum and give us more bandwidth (higher data rates and at the same time resisting interference) - ![[Pasted image 20240927190325.png]] - 2.4 GHz and 5 GHz - Two different spectrums that are used by wireless networks today - 2.4 GHz band is actually 2.4 and 2.5 GHz - 5 GHz band is actually 5.75 to 5.875 GHz - Each band has specific frequencies/channels to avoid overlapping with other signals and causing interference - Channel - A virtual medium through which wireless networks can send and receive data - How data is transmitted over a wireless network - 'Virtual pipe' and very much like the physical cables used in wired networks - Using a portion of the wireless frequency that exists to create these channels and send data over these virtual pipes over the airwaves - Depending on the virtual band you are using, you are going to have more or less channels available - 2.4 GHz spectrum, there can be 11 or 14 channels - Difference is because of regulation; depending on where you are in the world, you will either have 11 channels or 14 channels - US (11 channels (2401-2473 MHz)) - Rest of the World (13 channels (2401-2483 MHz)) - Japan (14 channels (2401-2495 MHz)) - Each of these channels are 22 MHz wide - This will limit the amount of data that we can send at any given time - Only have 72 MHz of total frequency - Causes channels to overlap - Channels 1, 6 and 11 avoid overlapping frequencies in the 2.4 GHz band - These three channels are far apart from each other to prevent any kind of interference by giving you 22 MHz for each of those three channels - We can use 5.725-5.875 GHz to run our wireless networks in the 5 GHz band - 24 non-overlapping channels of 20 MHz each in the 5 GHz band - Channel Bonding - Allows for the creation of a wider channel by merging neighboring channels into one - 802.11ac -> allows for 80 and 160 MHz channels - Taking two 20 MHz channels to give us a 40 MHZ bonded channel - Increases the probability of interference, because you're reducing the number of non-overlapping channels - Increases network speeds but also risk more interference - Standard channel size for both 2.4 GHz and 5 GHz networks is 20 MHz **83. Wireless Standards** ### **MUST REMEMBER** | Standard | Band | Bandwidth | | ------------------ | ---------------- | ------------------------ | | 802.11a | 5 GHz | 54 Mbps | | 802.11b | 2.4 GHz | 11 Mbps | | 802.11g | 2.4 GHz | 54 Mbps | | 802.11n (Wi-Fi 4) | 2.4 and GHz | 150 Mbps/600 Mbps (MIMO) | | 802.11ac (Wi-Fi 5) | 5 GHz | 6.9 Gbps (MU-MIMO) | | 802.11ax (Wi-Fi 6) | 2.4, 5 and 6 GHZ | 9.6 Gbps (MU-MIMO) | - 802.11n standard, using the 5 GHz spectrum, it could reach speeds up to 600 Mbps by using a technology known as *MIMO* - Multiple-Input and Multiple-Output (MIMO) - Uses multiple antennas to send and receive data than it could with a single single antenna - Data was going to be split across multiple antennas and was received on the other end it was multiplexed back into a single data stream for processing - 802.11n access points would have multiple antennas, because the more antennas you had, the more data transfer they could support simultaneously - 802.11ac standard, to achieve higher speeds, they use a technology known as *MU-MIMO* - Multiple User Multiple Input Multiple Output (MU-MIMO) - Allows multiple users to access the wireless network and access point at the same time - Regular *MIMO* -> where a single user support it at one time and the access point switches between users to share the bandwidth across all the users. (1 person requesting services (fast network), but any more the network would slow down). Wireless network acts more like a hub - *MU-MIMO* -> acts more like a switch and helps avoid collisions and congestion - 802.11ax access points have both the 2.4 GHz and 5 GHz radios inside them, they're fully backwards compatible with all devices including 802.11a, b, g, n and ac - Radio Frequency Interference (RFI) - Occurs when there are similar frequencies to wireless networks in the area - As signal decreases in strength or interference increases, the signal-to-noise ratio worsens **84. Wireless Security** - Pre-Shared Key - Both the access point and the client use the same encryption key - ![[Pasted image 20240927193935.png]] - Scalability is a problem - It is not a good idea to use pre-shared keys in large environments - Three main methods of doing this: 1. Wired Equivalent Privacy (WEP) - Original 802.11 wireless security standard which is an insecure security protocol - Works by using a pre-shared key, and everyone key (key is static 40 bit), which is very small and easy to brute force - To make WEP more secure, the key was increased in size (64 bits up to 128 bits) which solved the key-length problem, but not the initialization vector - Uses 24-bit Initialization Vector (IV) (24 ones and zeros) sent in clear text and if you capture enough of these initialization vectors, you can actually crack the encryption key and backwards guess the pre-shared key 2. W-Fi Protected Access (WPA) - Replaced WEP and follows the Temporal Key Integrity Protocol (TKIP) - Uses 48-bit Initialization Vector (IV) instead of 24-bit (still considered pretty weak) - Added a new encryption type called Rivest Cipher 4 (RC4) (still considered weak) - Wanted to add integrity to your devices by making sure that nobody can conduct a man-in-the-middle attack and change the information. To do this, they used a thing call the Message Integrity Check - Message Integrity Check (MIC) - To confirm data was not modified in transit - Enterprise Mode - To authenticate users before exchanging keys 3. Wi-Fi Protected Access 2 (WPA2) - Created as part of IEEE 802.11i standard and requires stronger encryption and integrity checking through CCMP - Counter Mode with Cipher Blockchaining Message Authentication Code Protocol (CCMP) - Replaced old encryption mechanism of RC4 with Advanced Encryption Standard - Advanced Encryption Standard (AES) - To provide additional security by using a 128-bit key or higher - Gives you additional security of your data going over this wireless network - Has two different modes depending on the network going to be used: 1. Personal Mode - Pre shared key - Using it in a home or small office environment 2. Enterprise Mode - Centralized authentication - Using it in a large environment - Every user gets a single username and password unique to them | If asked about.... | Look for.... | | ------------------ | ----------------------------------- | | Open | No Security or Protection | | WEP | Initialization Vector (IV) | | WPA | TKIP and RCP (encryption mechanism) | | WPA 2 | CCMP and AES (encryption mechanism) | - Mac Address Filtering - Configures an access point with a listing of permitted MAC addresses (like an ACL) - Can permit or deny certain MAC addresses from connecting to the network - Disabling SSID Broadcast - Configures an access point not to broadcast the name of the wireless LAN - Server Set Identifier (SSID) - name of your wireless network - Name of network of the network won't be broadcasted out and show up in your available networks **85. Fixed Wireless** - Four different types of networks: 1. Wi-Fi (802.11) - Creates point to point connections from one building to another over a relatively short distance - Going to be using directional antennas and this will allow you to point the antennas at another building where there's a receiver to be able to collect that signal - Signal will be pointed only in a single direction. This will allow you to have higher speeds with less interference from other networks 2. Cellular - Uses a larger antenna and a larger hotspot powered by a power outlet within an office or home 3. Microwave - Creates point to point connection between two or more buildings that have longer distances - Microwave signals can travel further than a Wi-Fi based signal - A traditional microwave link can cover about 40 miles of distance 4. Satellite - A long range and fixed wireless solution that can go for miles - Going to have a ground station (fixed wireless asset) pointing up towards space to be able to locate that satellite out in orbit - Satellite can either be in low earth orbit or geosynchronous orbit - Low Earth Orbit - Requires more satellites to cover the entire planet but gives lower latency speeds (better performance) - Geosynchronous Orbit - One satellite can cover a large portion of the Earth - Higher latency and lower quality **86. NFC, RFID, IR and Bluetooth** - Near Field Communication (NFC) - Uses radio frequency to send electromagnetic charge containing the transaction data over a short distance - High gain antennas could pick up the radio frequency signals omitted by NFC devices from several feet away meaning that an attacker can ease drop on the communication from further away and go unnoticed - Skim information from an NFC device by using an RFID skimmer. This device will collect all the NFC signals - Radio Frequency Identification (RFID) - A form of radio frequency transmission modified for use in authentication systems - Two components: tags and readers - Used in inventory tracking systems and authentication systems - Also used in enterprise authentication system (employee identification badge) - Danger that the signal coming from RFID tag could be captured by an attacker and then retransmitted - Infrared Data (IrDA) - Allows two devices to communication using line of sight communication in the infrared spectrum - A bit more secure than Bluetooth because it requires a line of sight - Has a very low data rate - Bluetooth - Creates a personal area network over 2.4 GHz to allow for wireless connectivity - Personal Area Network (PAN) is going to be created over the 2.4 GHz band and this allows for wireless connectivity between the peripheral and the device - Has some vulnerabilities: - Bluejacking - Sending unsolicited messages to a Bluetooth device - Devices should not be put in discoverable mode unless we're actively connecting to a new peripheral\ - Bluesnarfing - Making unauthorized access to a device via Bluetooth connection - Attacker tries to take data off a device using that Bluetooth connection - BlueBorn - Allows the attacker to gain complete control over a device without even being connected to the target device - Tethering - Sharing cellular data Internet connection from a smartphone to multiple other devices - Bluetooth connection between a phone and laptop - Wi-Fi hotspot - Direct USB connection between two devices - Only connect to trusted wireless networks ## Lesson 12: Internet Connections **88. Internet Connections** - Usually referred to as WAN (Wide Area Network) connections - Internet is just one type of WAN - To get an internet connection, you are going to enter a contract or service agreement with an ISP - Internet Service Provider (ISP) - Establishes high speed links between their network and clients and the greater internet at large - When you connect your internet service provider's connection to some kind of device in your offices (Optical Network Terminal), this device is called the gateway: the gateway between your network and your ISP. Connect your ISP's gateway to your own router, firewall, or gateway, and this devices will act as the go between for your network clients and the larger internet **89. Dial-up and DSL** - Plain Old Telephone Service (POTS) - Runs as a dial-up connection and is used on the public switched telephone network (PSTN) - Consists of all telephone carriers from around the world - Analog connections can be voiced or data converted from ones and zeroes - Dial-up modems have a maximum bandwidth of 53.3 kb/s - Legacy System - Old system that is still used in some critical functions - Integrated Services Digital Network (ISDN) - Supports multiple 64 Kbps channels - Older technology designed to carry voice, video, or data over B (bearer) channels - Digital Subscriber Line (DSL) - Three types of DSL: 1. Asymmetric DSL (ADSL) - Has different speeds of download and upload - Maximum Download Speed: 8 Mbps - Maximum Upload Speed: 1.544 Mbps - Maximizes the download and minimizes the uploads - Maximum Distance to DSLAM: 18,000 ft 2. Symmetric DSL (SDSL) - Has equal speeds of download and upload 3. Very High Bit-Rate DSL (VDSL) - Has high speeds of download and upload - Download Speed of 50 Mbps or more - Upload Speed of 10 Mbps or more - Big limitation was your distance from the DSLAM - Point of presence that's owned by the telephone company - Have to be within 4,000 feet from the DSLAM **90. Cable Connections** - Cable Modems - Uses a cable TV network that is made up of a hybrid fiber-coaxial (HFC) distribution network - Data-Over-Cable Service Interface Specifications (DOCSIS) - Specific frequency ranges used for upstream and downstream transmissions - Upstream: 5 MHz to 42 MHz - Downstream: 50 MHz to 860 MHz - Transmit and receive over cable television infrastructure **91. Fiber Connections** - Fiber To the Curb (FTTC) - Runs a fiber optic cable from an internet provider access point to a curb - Fiber To The Premises (FTTP) - Fiber optic that connects directly to a building and connects to an optical network terminal (ONT) - Optical Network Terminal (ONT) - Physical devices that convert optical signals to electrical signals - Fiber To The Node (FTTN) - Fiber To The Home (FTTH) **92. Cellular Connections** - G refers to the generation of cellular technology being used - device must have an embedded cellular modem to connect to a cellular network - 2G devices were the first to have SMS and text messaging as well as the ability to do international enrollment, conference calling, the use of the internet and introduce EDGE - Enhanced Data Rates for GSM Evolution - Brought our speeds up to about 1 Mbps for most modern 2G devices - Three different technologies you might find with 3G: 1. Wideband Code Division Multiple Access (WCDMA) - Used by the UMTS standard and could reach data speeds of up to 2 Mbps - Slowest of the 3G technologies 2. High Speed Packet Access (HSPA) - Reaches speeds of up to 14.4 Mbps and is sometimes referred to as 3.5G 3. High Speed Packet Access Evolution (HSPA+) - Reaches speeds of up to 50 Mbps and is sometimes referred to as 3.75G - 4G was first called 4G Long Term Evolution (LTE): Reach speeds of up to 100 Mbps - Improved version known as LTE Advanced (LTE-A): Reach speeds up to 1 Gbps | Technology | Frequency | Speed | | -------------- | ----------- | ------------------------------- | | 1G | 30 KHz | 2 Kbps | | 2G | 1800 MHz | 14.4-64 Kbps | | 3G | 1.6-2GHz | 144 Kbps to 2 Mbps | | 4G | 2-8GHz | 100 Mbps to 1 Gbps | | 5G (Low Band) | 600-850 MHz | 30-250 Mbps | | 5G (Mid Band) | 2.5-3.7 GHz | 100-900 Mbps | | 5G (High-Band) | 25-39 GHz | Extremely high speeds (in Gbps) | - The higher the G, the newer the standard, and the more increase the speeds are - Must remember that 5G comes in three different bands: Low, Mid and High, and as you go upwards in the bands, you get faster speeds, but decreased coverage area - 5G Mid-band frequency is the most commonly used **93. WISP Connections** [[Wireless Internet Service Provider]] - Microwave - Uses a beam of radio waves in the microwave frequency range to transmit information between two fixed locations - Frequencies in the range of 300 MHz to 300 GHz - Includes: 1. Ultra High Frequency (UHF) 2. Super High Frequency (SHF) 3. Extremely High Frequency (EHF) - Point to point connection between two places must have both antennas maintaining a line of sight - When microwave connections were first being sold to consumers, it was called WiMAX instead of Wi-Fi - WiMAX is IEEE 802.16 - Worldwide Interoperability for Microwave Access (WiMAX) - Good alternative for cellular or DSL service because it provides faster speeds - Requires an antenna to be installed **94. Satellite Connections** - Satellite - A method of using communication satellites located in space to connect a user to the Internet - Slow (not as fast as a fiber modem) - Expensive - High Latency ## Lesson 13: Network Configurations **96 Network Configurations** - Network devices and clients rely on a protocol known as TCP/IP in order to communicate with each other over the local area network or wide area network - Protocol - set of rules that allows network hosts to communicate data in structured format - Transmission Control Protocol / Internet Protocol (TCP/IP) - Constructed using four-layer model - Lowest layer of the model is the Link/Network Interface Layer - This layer is responsible for putting frames in the physical network's transmission media - This media could be a copper twisted pair/fiber optic cable or radio waves - In this layer, the data can only travel through the local area network (cannot travel over the Internet) - Using Ethernet of Wi-Fi - Internet Layer - Used to address packets and route them across a wide area network, such as the Internet in order to reach far away places - Watching video over the Internet, am using the Internet layer to find video servers, and those servers are going to send data back to you using your IP address to ensure that you received the video - Transport Layer - Shows how to send packets - Two types of transport methods of sending packets: 1. Transmission Control Protocol (TCP) - guaranteed connection-oriented method of sending packets from one device to another over the network - Slower than using UDP 2. User Datagram Protocol (UDP) - connectionless protocol, which has lower overhead, so it operates faster than TCP, but the delivery is not guaranteed like it was with TCP - Application Layer - Contains all the protocols that performs higher-lever functions - email, file transfers, encryption, etc | Transmission Control Protocol/Internet Protocol (TCP/IP) Model | | :-------------------------------------------------------------------------------------------------------------------------------------------------------: | | **Application Layer**: determines what to do with the data being sent | | **Transport Layer**: determines how we're going to send that data (either using TCP (guaranteed deliver method) or the faster delivery method of UDP)) | | **Internet Layer**: determines where the data is going to be sent when you're using IP addresses | | **Link/Network Interface Layer**: used to send data across the local area network | | | **97. IPv4** - Internet Protocol Version 4 - Extremely popular and is the most common type of IP addressing that's used - Examples of IPv4 address: 10.1.2.3 or 172.21.243.67 - Each IPv4 address is made up of four parts to form that address - Known as a **dotted-decimal notation** - Each individual part is called an octet because they each have a decimal number that's used to represent an eight-bit number - These can only have a value of 0 to 255 in each of those four positions - All four octets combined contain eight bits each for a total of 32 bits of total addressable space | 172 | 21 | 243 | 67 | **Each individual octet can have a value between 0 and 255** | | ----------------------- | ----------------------- | ----------------------- | ----------------------- | ------------------------------------------------------------ | | **1st. Octet (8 bits)** | **2nd. Octet (8 bits)** | **3rd. Octet (8 bits)** | **4th. Octet (8 bits)** | **All together equal 32 bits of addressable space** | | | **1st. Octet (8 bits)** | **2nd. Octet (8 bits)** | **3rd. Octet (8 bits)** | **4th. Octet (8 bits)** | | ---------------------- | ----------------------- | ----------------------- | ----------------------- | ----------------------- | | **Dotted-Decimmal** | 192 | 168 | 1 | 4 | | **Binary Digits** | 11000000 | 10101000 | 00000001 | 00000100 | | **Subnet Mask** | 255 | 255 | 255 | 0 | | **Subnet Mask Binary** | 11111111 | 11111111 | 11111111 | 00000000 | | | Network bits | Network Bits | Network Bits (Has a 1) | Host Portion (has a 0) | - One part of the IPv4 address is used to identify the network portion and the other part is going to be used to identify the host portion - 255.255.255.0 is known as a default class C subnet mask - If you see a one in the binary of that subnet mask, this means it's part of the network portion of the IP address - If you see a zero in the binary portion of the subnet mask, this means it's part of the host portion of the IP address - Because the 192.168.1 has a subnet mask of 255.255.255 and the subnet mask in binary is a 1, that means 192.168.1 is part of the network - Could do anything with 192.168.1.x and it would all be addressable by the same local network - This is the network that can contain up to 254 devices - If you had a device like 192.168.1.50, with a subnet mask of 255.255.255.0, the device is also on the same network as our 192.168.4 device and these two devices can communicate with each other using switch without using router - If you had a device like 192.168.0.100 with a subnet mask of 255.255.255.0, it would be on a different network, specifically the 192.168.0 network, so it cannot communicate with the 192.168.1.4 device without leaving the network and routing our traffic over to this new network (use of a router) - Because the .4 has a subnet mask of 0 and 0 in binary is 0, that means that .4 represents the host portion of the IPv4 address - Host could be a server, desktop, laptop, tablet, smartphone, or any other network device - IPv4 devices are broken up into classes or groupings of ranges that can be used for different purposes | Class | 1st Octet Value | Default Subnet Mask | Possible Hosts | | ----- | --------------- | :--------------------------------------------------------------: | -------------- | | A | 1-127 | 255 (Network).0(Host).0(Host).0(Host): 255.0.0.0 | 16.7 Million | | B | 128-191 | 255(Network).255(Network).0(Host).0(Host): 255.255.0.0 | 65,356 | | C | 192-223 | 255(Network).255(Network).255(Network).0(Host): 255.255.255.0 | 256 | | D | 224-239 | - | - | | E | 240-255 | - | 268 Million | - Each class has its own default subnet mask - To figure out the class of an IP address, you need to look at the first octet (first number in the address) - Class D address are reserved for multicasting or multicast routing - Multicast Address - A logical identifier for a group of hosts in a computer network - Doesn't have to align with a single host, but aligns with a group of hosts - Class E address are reserved for experimental purposes for research and development or study only - 192.168.1.4 with a subnet mask of 255.255.255.0 - 255.255.255.0 is the default subnet mask of a Class C network - 192.168.1.4 is a class C address (starts with 192) - Class C address with Class C default subnet mask. This would be a called a classful mask - Classful Mask - Default subnet mask for give class of IP addresses - Classes Inter-Domain Routing (CIDR) - Allows for borrowing some of the hosts bits and reassigning them to the network portion - Allows to cut down networks into smaller portions with less hosts - 255.255.255.0 subnet masks allows for 256 hosts, but what If I don't need 256 hosts? - Could break this down into four smaller networks ($256 / 4$ = $64$) - To do this, I would change the subnet mask to 255.255.255.192 - Borrowed two bits from the host and gave it to the network portion of the address - Regular Notation -> 192.168.1.4 and 255.255.255.0 - CIDR Notation -> 192.168.1.4/24 - Regular Notation -> 192.168.1.4 and 255.255.255.192 - CIDR Notation -> 192.168.1.4/26 (+2 borrowed bits from the host) | Class | 1st Octet Value | Default Subnet Mask | CIDR Notation | | ----- | --------------- | :--------------------------------------------------------------: | ------------- | | A | 1-127 | 255 (Network).0(Host).0(Host).0(Host): 255.0.0.0 | /8 | | B | 128-191 | 255(Network).255(Network).0(Host).0(Host): 255.255.0.0 | /16 | | C | 192-223 | 255(Network).255(Network).255(Network).0(Host): 255.255.255.0 | /24 | - Two different types of IPv4 addresses 1. Public (Routable) - Can be accessed over the Internet and is assigned to the network by an Internet service provider 2. Private (Non-Routable) - Can be used by anyone any time, but only within their own local area network - Private IP ranges include those that start with either 10, 172, or 192 - Private IP's are able to go out into the Internet by using Network Address Translation (NAT), which allows for the routing of private IPs through a public IP **IPv4 Private IP Address Range**: | Class | Starting Value | IP Range | Possible Hosts | | ----- | -------------- | --------------------------- | -------------- | | A | 10 | 10.0.0.0-10.255.255.255 | 16.7 Million | | B | 172.16-172.31 | 172.16.0.0-172.31.255.255 | 1.05 million | | C | 192.168 | 192.168.0.0-192.168.255.255 | 65,536 | - Specialized IPs - Loopback Address (127.0.0.1) - Creates a loopback to the host and is often used in troubleshooting and testing network protocols on a system - 127.x.x.x is a loopback address, but 127.0.0.1 is considered by default - Is the local host - Automatic Private IP Addresses (APIPA) - Used when a devices does not have a static IP address or cannot reach a DHCP server - Will always start with 169.254 - Ranges from 169.254.0.0 to 169.254.255.255 - If you see an IP address in this range, when you look at the IP of a network device, means that there is something wrong with the DHCP process and the device isn't getting a normal private IP from any of our class A, B or C ranges - When your workstation boots up, it's going to attempt to get its own IP address using dynamic IPs, using the DHCP protocol - This goes through a four step process known as DORA - **D** iscover - **O** ffer - **R** equest - **A** cknowledge - If something goes wrong with the DORA negotiation process with DHCP, the system simply can't get an address and your computer would eventually just crash - If the system can't get a DHCP assignment for a dynamic IP address, it will pick an IP from this special APIPA range - If a computer can't connect to the internet, check it's IP address and see if it's in the APIPA range, know it has a DHCP problem **98. Assigning IPv4 Addresses** - How do we tell our devices what addresses they're going to have? Two main methods to be used: 1. Static - Manually type the IP address for the host, its subnet mask, default gateway, and DNS server - Impractical on large enterprise networks 2. Dynamic - Dynamic allocation of IP addresses - Network's DHCP server will usually dynamically assign devices IP addresses - Four components of a fully configured client: 1. IP address 2. Subnet Mask 3. Default Gateway (IP of your router) 4. Server Address - DNS or WINS - Domain Name System (DNS) - Converts the domain names used by a website to the IP address of its server - Internet version of a phone book - Windows Internet Name Service (WINS) - Identifies NetBIOS systems on a TCP/IP network and converts those NetBIOS names to IP addresses - Like DNS but only works within a Windows domain environment - We can use four different methods to dynamically assign the critical addressing information for each client 1. Bootstrap Protocol (BOOTP) - oldest and least used of these four options - Dynamically assigns IP addresses and allows a workstation to load a copy of boot image to the network - Used a static database of IPs and MAC addresses - Whenever a client connected to the network to initiate the BOOTP process, it would find its MAC address inside its database and then send the proper IP address that matched it back to the requesting client as its assignment 2. Dynamic Host Control Protocol (DHCP) - Assigns an IP based on a assignable scope or addresses and provides the ability to configure other options - Could configure it to make it only hand out addresses that are from 192.168.100 - 192.168.1.200 (gives you 100 clients that could be automatically assigned) - Each IP is leased for a period of time and returns to the pool when the lease expires - IP Address Management manages the IPs being assigned and returned over time - Gives our clients all these variables that they need to communicate -> IP Address, Subnet Mask, default gateway, and DNS/WINS server - Modern implementation of BOOTP 3. APIPA - Used when a devices does not have a static IP address or cannot reach a DHCP server - Allows for the quick configuration of a LAN without the need for a DHCP server - APIPA-assigned devices cannot communicate outside the LAN or with non-APIPA devices 4. ZeroConfig - New technology that provides the same features as APIPA - Assign an IPv4 link-local address to a client - form of a non-routable (private) IP that's used on a local subnet, just like APIPA - Resolve computer names to IP address without the need for DNS by using mDNS (multicast domain name service) - Perform service discovery on a network - Apple: Bonjour - Windows: Link-Local Multicast Name Resolution (LLMNR) - Linux: SystemD **99. DHCP** - Dynamic Host Configuration Protocol (DHCP) - Provides an IP address to every machine on the network and eliminates configuration errors - Each device is automatically going to get assigned an IP from a scope - Scope - List of valid IP addresses available for assignment or lease to a client computer or endpoint device on a given subnet - If you have a scope of 254 IPs, when a device joins the network, the DHCP server automatically picks one of these unused IPs from the scope and then it gives that IP to that device to use - DHCP Reservation - Excludes some IP addresses from being handed to devices unless they meet a certain condition - Commonly used in large networks - When the device joins our network, its going to reach out to our DHCP server and it's going to do what's known as a discovery - **D**iscover - Said device needs to discover an IP address - **O**ffer - DHCP server offers IP address to device - **R**equest - device likes IP address and requests to take it - **A**cknowledge - acknowledge that the IP address is being used by the client by sending an acknowledgement - Default lease time of an IP address is going to be 24 hours, but for a corporate network it could be between 7 or 30 days - When a device gets a configuration from our DHCP server, it gets four key pieces of information -> IP Address, Subnet Mask, Default Gateway IP and DNS Server IP. Once the device has these four pieces of information, it could now go online and onto the Internet - IP addresses can also be statically assigned - If DHCP is not successful, the device will default to its alternate configuration that's set by the system administrator. By default, it's going to be set to use an APIPA address **100. DNS** - Domain Name System (DNS) - Helps network clients find a website using human-readable hostnames instead of numeric IP addresses - works by having the user's computer get told to go to a website and so it reaches out to a DNS server and says "what is this website", and the DNS server is going to then reply back and say the IP address of the web server. Then the client gets redirected to a web server using their router and their way in connection sing they know the right IP address - Most rely on ISP to run our own DNS servers. But if you're running your own website or large corporate network, you might also have your own DNS server inside your network - Converts names to numbers and numbers to names - Fully-Qualified Domain Name (FQDN) - Domain name under a top-level provider - Most common top level provides is .com - www.diontraining.com <- domain name is Dion Training, top level domain is .com and to be fully qualified, I have to add the www in front of it - redirected to a web server - Is set up as a hierarchy and occurs at five different levels | **DNS Hierachy** | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | **Root**: - highest level in the DNS hierarchy tree and the root nameserver is going to answer requests in the root zone - servers contain the global list of all the top level domains ( .com, .net, org, .mill, etc) | | **Top-Level Domain**: - broken into two categories 1. organizational hierarchies such as .com, .net, .org 2. geographical hierarchy such as .uk (United Kingdom), .fr (France), .it (Italy) | | **Second-Level Domain**: - these domains sit directly below the top level domain - diontraining.com is a second level domain under the .com top level domain - .com sits underneath the root domain | | **Subdomain**: - if i wanted to create a new server underneath my second level domain, I could this do this using a subdomain - www.diontraining.com (www subdomain) - support.diontraining.com (support subdomain) - mail.diontraining.com (mail subdomain) | | **Host** - refers to a specific machine/server | - Uniform Resource Locator (URL) - Contains the FQDN with the method of accessing information - www.diontraining.com <- FQDN, but this doesn't tell you how to access it - https://www.diontraining.com <- this become a URL because it tells you how to access diontraining.com's web server - Hyper Text Transfer Protocol Secure (HTTPS) -> securely - http://www.diontraining.com -> non-securely - ftp://ftp.diontraining.com - Different types of DNS records that exist in a DNS server. Inside your server, you're going to create different records that hold different types of information based on your use case | DNS Record | Description | Function | | ---------- | -------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | A | Address | Links a hostname to an IPv4 address - www.diontraining.com -> 45.79.184.180 (Class A IPv4 address) | | AAAA | Address | Links a hostname to an IPv6 address - www.diontraining.com -> 2400:cb00:2049:1::a29f:1804 | | CNAME | Canonical Name | Points a domain to another domain of subdomain - www.itil4exam is now merged into www.diontraining.com, and if someone were to input the itil4exam url, CNAME record was used to have it point directly to diontraining.com - Can only be used to point to another domain or subdomain, not to an IP address | | MX | Mail Exchange | Directs emails to a mail server - Going to be able to provide the priority for each of those records, which lets you indicate your preference for which server the email should try first. The lower the number you enter, the higher the priority mail1.diontraining.com 10 (attempt to use first because of it having a low priority (10)) mail2.diontraining.com 20 | | TXT | Text | Adds text into the DNS - in your txt records, you can put information such as SFP, DKIM or DMARC messages to be able to help verify your email services and block the transmission of spoofed or unwanted messages known as spam Sender Policy Framework (SPF): DNS record that identifies the host authorized to send mail for the domain. Only one allowed for each and every domain DomainKeys Identified Mail (DKIM): Provides the cryptographic authentication mechanism for mail using a public key published as an DNS record Domain-based Message Authentication, Reporting & Conformance (DMARC): Framework that is used for proper application of SPF and DKIM, utilizing a policy that's published as a DNS record | | NS | Nameserver | Indicates which DNS nameserver has the authority Nameserver: Type of DNS server that stores all the DNS records for a given domain | - Internal DNS - Allows cloud instances on the same network access each other using internal DNS names - External DNS - Records created around the domain names from a central authority and used on the public Internet - Time to Live (TTL) - Tell the DNS resolver how long to cache a query before requesting a new one - DNS Resolver/DNS Cache - Makes a local copy of every DNS entry it resolves when connecting to websites - Recursive Lookup - DNS server communications with several other DNS servers to hunt down the IP address and return to the client - Iterative Lookup - Each DNS server responds directly to the client with an address for another DNS server that may have the correct IP address **101. VLAN** - Virtual Local Area Network (VLAN) - Allows different logical networks to share the same physical hardware and provides added security and efficiency - Same switches but switch ports can be different in VLANs - ![[Pasted image 20240928220509.png]] - Can logically separate out the traffic into each of those virtual networks - VLAN Trunking - VLAN trunking protocol (802.1q) - Merge all that data onto a single cable, we call it a trunk - ![[Pasted image 20240928220747.png]] - To identify different VLANs that are going over this trunk is by using an electronic tag that is four bytes long (four byte identifier) - Four Byte Identifier - Tag Protocol Identifier (TPI) - Tag Control Identifier (TCI) - One VLAN that is left untagged will become your native VLAN (VLAN 0) **102. VPN** - Virtual Private Network (VPN) - Extends a private network across a private network and enables sending and receiving data across shared or public networks as if their computing devices were directly connected to the private network - Can be configured as site-to-site, client-to-site or clientless - Site-to-Site - Connect two offices together - Used to interconnect two sites and provide an inexpensive alternative to dedicated leased lines - ![[Pasted image 20240928221438.png]] - - Client-to-Site - Concerned with connecting a single remote user back to a corporate network - Sending data from a single host, like a laptop/cellphone/tablet and connect it back to our headquarters office - Client-to-router - Clientless - Used with web browsing - Creates a secure remote-access VPN tunnel using a web browser without requiring a software or hardware client - Secure Socket Layer (SSL) - Provides cryptography and reliability using the upper layers of the OSI model (Layers 5, 6 and 7) - Transport Layer Security (TLS) - Provides secure web browsing over HTTPS - Have to decide whether we're going to use full tunnel or split tunnel VPN configuration. Both can be used with either site-to-site or client-to-site models - Full Tunnel VPN - Routes and encrypts all network requests through the VPN connection back to the headquarters - Secure - Split Tunnel VPN - Routes and encrypts only the traffic bound for the headquarters over the VPN, and sends the rest of the traffic to the regular Internet - Performance **103. IPv6** - Internet Protocol 6 - 128 bit address - 340 undecillion addresses - IPv4 has limited address space - 32 bit address - 4.2 billion addresses - Address Exhaustion - Running out of network addresses in IPv4 - IPv5 was an experimental protocol but some of its concepts have been incorporated into IPv6 - Larger Address Space (128 bit address) - No Broadcasts (removing IPv4's broadcast data flow type) - No packet or datagram fragmentation (more secure) - Can coexist with IPv4 - Simplified header (only 5 fields) - ![[Pasted image 20240928222924.png]] - Dual Stack - Simultaneously run both the IPv4 and IPv6 protocols on the same network devices - Tunneling - Allows an existing IPv4 router to carry IPv6 traffic - An IPv6 address uses hexadecimal digits and allows the use of shorthand notation - Each hexadecimal digit is 4 bits - Segment is going to have 16 bits in it - Keep adding segments until we get up to 128 bits (eight segments) - 2018:0000:0000:0000:0000:000:4815:54ae -> could rewrite all as 2018:0:0:0:0:0:4815:54ae - 2018:0:0:0:0:0:4815:54ae -> could rewrite as 2018::4815:54ae - IPv4 uses dotted decimal notation (192.168.1.4) (four octets) - IPv6 is going to use colons between its numbers and it's gonna be written in hexadecimal (2018:0000:0000:0000:0000:000:4815:54ae) (eight segments) - Three different types of address being used 1. Unicast - Used to identify a single interface - Either globally-routed unicast addresses and link-local addresses - Globally routed - Similar to IPv4's unicast class A, B, and C address and begins with 2000-3999 - Link-Local/Local Use - Used like a private IP in IPv4 that can only be used on the local area network and begins with FE80 - Stateless Address Autoconfiguration (SLAAC) - Eliminates the need to obtain address or other configuration information from a central server - Extended Unique Identifier (EUI) - Allows a host to assign itself a unique 64-bit IPv6 interface identifier called EUI-64 - ![[Pasted image 20240928224403.png]] 2. Multicast - Used to identify a set of interfaces and begins with FF 3. Anycast - Used to identify a set of interfaces so that a packet can be sent to any member of a set - DHCPv6 Protocol - Allows DHCP to automatically assign addresses from a DHCPv6 server - Neighbor Discovery Protocol (NDP) - Used to determine the Layer 2 address that are on a given network **104. Ports and Protocols** - Port - Logical communication endpoint that exists on a computer or server - Inbound Port - Logical communication opening on a server that is listening for a connection from a client - Outbound Port - Logical communication opening created on a client in order to call out to a server that is listening for a connection - Ports can be any number between 0 and 65,535 - Well-Known ports - Ports 0 to 1023 are considered well-known and are assigned by the Internet Assigned Numbers Authority (IANA) - HTTPS - Port 443 - Telnet- Port 23 - Registered Ports - Ports 1024 to 49151 are considered registered and are usually assigned to proprietary protocols - Dynamic or Private Ports - Ports 49152 to 65335 can be used by any application without being registered with IANA - Commonly used for gaming, instant messaging, and chat | Protocol | Port Number | Usage | | -------------------------------------------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------- | | File Transfer Protocol (FTP) | 20, 21 | Provides insecure file transfers | | Secure Shell (SSH) | 22 | Provides secure remote control of another machine using a text-based environment | | [[Secure File Transfer Protocol (SFTP)]] | 22 | Provides secure file transfers | | Telnet | 23 | Provides insecure remote control of another machine using a text-based environment | | Simple Mail Transfer Protocol (SMTP) | 25 | Provides the ability to send emails over the network | | Domain Name Service (DNS) | 53 | Converts domain names to IP addresses, and IP addresses to domain names | | Dynamic Host Configuration Protocol (DHCP) | 67, 68 | Automatically provides network parameters, such as assigned IP address, subnet mask, default gateway, and the DNS server | | Hypertext Transfer Protocol (HTTP) | 80 | Used for insecure web browsing | | Post Office Protocol Version Three (POP3) | 110 | Used for receiving incoming emails | | Network Basic Input/Output Systems (NetBIOS) | 137, 139 | Used for file or printer sharing in a Windows network | | Internet Mail Application Protocol (IMAP) | 143 | Newer method of retrieving incoming emails which improves upon the older POP3 | | Simple Network Management Protocol (SNMP) | 161, 162 | Used to collect data about network devices and monitor their status | | Lightweight Directory Access Protocol (LDAP) | 389 | Used to provide directory services to your network | | Hypertext Transfer Protocol - Secure (HTTPS) | 443 | Used as a secure and encrypted version of web browsing Either uses Secure Socket Layer (SSL) or Transport Layer Security (TSL) | | Server Message Block (SMB) | 445 | Used for Windows file and printer sharing services | | Remote Desktop Protocol (RDP) | 3389 | Provides graphical remote control of another client or server Provides a full graphical user interface | **105. TCP Versus UDP** - Transmission Control Protocol (TCP) - Connection oriented protocol which means it's a reliable way to transport segments across the network - Will ask for acknowledgement each and every time and if it doesn't get it, it's going to resend that piece of information - Two way protocol because I'm sending you information and verifying that you actually got it - ![[Pasted image 20240928231423.png]] - Client will send a syn (synchronization) packet over to the server - When the server gets that, it's going to send back a syn ack (synchronization acknowledgement to the client) - When the client gets that acknowledgement (ack), it's going to send back its own acknowledgement to the server - Syn -> Syn ack -> ack: referred to as a three way handshake - ![[Pasted image 20240928231630.png]] - User Datagram Protocol (UDP) - Unreliable and it transmits segments called datagrams - Good for audio and visual streaming - Connectionless (fire and forget method) - Just start sending out information and hopefully you're going to get it | TCP | UDP | | --------------------------------------------------- | --------------------------------------- | | Reliable (three-way handshake) | Not reliable | | Connection-oriented | Connectionless (fire and forget method) | | Segment retransmission and flow control (windowing) | No retransmission and no windowing | | With segmentation of sequencing | Without sequencing | | With acknowledgement | Without acknowledgment | | SSH, HTTP or HTTPS | Audio/Video Streaming, DHCP, and TFTP | ## Lesson 14: Network Services **108. File and Print Servers** Two main types of file and print servers: 1. [[Intranet]] 2. [[Internet]] [[File or Print Server]] [[Print Server]] **109. Web Servers** [[Web Server]] **110. Email Servers** - [[Email Servers]] **111. AAA Servers** - [[Authentication]] - [[Authorization]] - [[Accounting]] [[802.1x]] [[Remote Authentication Dial-In User Service (RADIUS)]] and [[Terminal Access Controller Access-Control System Plus (TACACS+)]] can both be utilized to conduct the authentication using the [[802.1x]] protocol | TACACS+ | RADIUS | | ---------------------------------------------------------------- | ----------------------------------------- | | Relies on TCP (slower) | Relies on UDP (faster) | | Separates authentication, authorization, and accouting processes | Combines authentication and authorization | | Supports all network protocols | Does not support all network protocols | | Exclusive to CISCO devices | Has cross-platform capability | Three roles required for an authentication to occur under [[802.1x]] 1. [[Supplicant]] 2. [[Authenticator]] 3. [[Authentication Server]] In the digital world, we have five methods of authentication 1. Something you know - [[Password]] or [[Username]] 2. Something you are - [[Fingerprint]] or [[Retina Scan]] 3. Something you have - [[Token]], Driver's License or Credit card 4. Something you do - Way you speak or sign your name 5. Somewhere you are - Location factor based on your [[GPS]] location [[Lightweight Directory Address Protocol (LDAP)]] - Windows created their own implementation - [[Active Directory (AD)]] [[Kerberos]] is focused on [[Authentication]] and [[Authorization]] When the user logs onto the [[Domain]], they first contact the [[Domain Controller]], which acts as the [[Key Distribution Center (KDC)]] If your client is authenticated properly, the [[Key Distribution Center (KDC)]] will issue them a [[Ticket Granting Ticket (TGT)]] and the [[Ticket Granting Ticket (TGT)]] is then provided to the domain controller anytime the user wants to access a resource, and then the domain controller can provide that user with a service ticket or session key to use. These tickets are presented to the resource, and the access is then granted because the resource always trusts the domain controllers provided tickets **112. Remote Access Servers** - Different methods will allow a client to access a server, or a network device remotely over your network - [[Telnet]] - [[Secure Shell (SSH)]] - [[Remote Desktop Protocol (RDP)]] - [[Virtual Network Computing (VNC)]] - [[Terminal Emulator (TTY)]] **113. Networking Monitoring Servers** - Monitoring - Trying to root out anything that doesn't appear quite right and this could be done manually or through an automated means - [[System Logging (Syslog)]] - [[Simple Network Management Protocol (SNMP)]] **114. Proxy Servers** - [[Proxy Server]] **115. Load Balancers** - [[Load Balancer]] **116. Unified Threat Management** - [[Access Control List (ACL)]] - [[Unified Threat Management (UTM)]] **117. ICS/SCADA** - [[Information Technology (IT)]] - [[Operational Technology (OT)]] **118. Embedded Systems** - [[Embedded System]] **119. Legacy Systems** - [[Legacy System]] - [[Proprietary System]] ## Lessons 15: Mobile Devices ___ **120. Mobile Devices** - [[Mobile Device]] - any device that makes it portable and easy to use - laptops, smartphones, tablets, and wearable technologies (smartwatches and smart glasses) **121. Mobile Display Types** - Mobile devices tend to use touch for input and use a touchscreen interface - 2 Main types of touchscreens 1. [[Capacitive]] 2. [[Multi-Touch]] - Different types of display types on a mobile device - [[Liquid Crystal Display (LCD)]] - [[Light Emitting Diode (LED)]] - [[Organic Light Emitting Diode (OLED)]] **122. Mobile Device Components** - Three main components that you should be aware of: - [[Digitizer]] - [[Accelerometer]] - [[Gyroscope]] **123. Mobile Device Accessories** - Different things that you could use either in, on, or with your mobile devices to be able to do additional things - [[Track Pads]] - [[Drawing Pads]] - [[Touch Pens]] - [[Microphones]] - [[Speakers]] - [[Headsets]] - [[Cameras]] - [[Webcams]] **124. Mobile Device Wireless Connectivity** - Includes these things: - [[Wi-Fi (Wireless Network)]] - [[Cellular]] - [[Hotspot]] - [[Bluetooth]] - [[Near-Field Communication (NFC)]] **125. Mobile Device Wired Connectivity** - Lots of different wired connections on a mobile device - [[Mobile Device|Mobile Devices]] such as a smartphone or tablet will usually only have external port on the device, but a laptop will include lots of different ports - Smartphone and tablets, only major division between them is the [[Operating System (OS)]] that's going to be used - [[iOS]] device - [[Android]] Device - Other cable we use power and data for smartphones and tablets is [[Micro B Connector]] and [[Mini B Connector]] - Other connector to be aware of [[Serial Cable]] **126. Port Replicators and Docking Stations** - These are mainly used on a laptop but some tablets and smartphones are starting to use these as well - [[Port Replicator]] - [[Docking Station]] ## Lesson 16: Mobile Applications --- **127. Mobile Applications** - [[Mobile Applications]] **128. Mobile Device Synchronization** - Two main [[Operating System (OS)|Operating Systems]] for [[Mobile Device|Mobile Devices]] - [[Android]] and [[iOS]] - Once your [[Mobile Applications]] are installed on a device, you need a way to synchronize the data that's being held by those applications across multiple devices - Easiest way to do this is to user a shared account across a cloud based network: - There are thee main providers in this area: - [[Microsoft]] - [[Microsoft 365]] - [[Google]] - [[Google Workspaces]] - [[Apple]] - [[iCloud]] **129. Data for Synchronization** - [[Mobile Device Synchronization]] - Mobile device data for synchronization: - [[Contacts]] - [[Calendar]] - [[Mail]] - [[Pictures]] - [[Music]] - [[Video]] - [[Documents]] - [[Mobile Applications]] - [[Passwords]] **130. Synchronization Methods** - Three main types: - [[Cloud-Based Synchronization]] - [[Computer Synchronization]] - [[Automobile Synchronization]] **131. MDM and MAM** - [[Mobile Device Management (MDM)]] - [[Mobile Application Management (MAM)]] - Both are part of a larger concept known as [[Enterprise Mobility Management (EMM)]] - Might also implement [[Data Loss Prevention]] - Some companies want to create [[Mobile Applications]] that are only available to their employees and to no one else. Apple implemented a system - [[Apple Business Manager (ABM)]] which allowed this. - Google has also done this -> [[Managed Google Play]] **132. [[Multifactor Authentication (MFA)]]** - There are five [[Authentication]] factors that can be used - [[Knowledge Factor]] - [[Possession Factor]] - [[Inherence Factor]] - [[Behavior Factor]] - [[Location Factor]] - All of these are [[Single Factor Authentication]] when used individually, but if two or more are used together, you get a [[Multi Factor Authentication]] - Most smartphones support [[Biometrics]] or [[Inherence Factor|Inherence Factors]] - Could also use an [[Authenticator]] **133. Location Services** - Allows your [[Mobile Device]] to understand where it is on the planet - Three basic types of location services that are found on mobile devices - [[Coarse Positioning]] - [[Global Positioning System (GPS)]] - [[Indoor Positioning System (IPS)]] - [[Geo Tracking]] - [[Geotagging]] **134. Mobile Email Configuration** - Various methods of configuring [[Email]] - [[Post Office Protocol (POP)|POP3]] - port 110 - [[Internet Mail Access Protocol (IMAP)]] - port 143 - [[Simple Mail Transfer Protocol (SMTP)]] - port 25 - These send mail in the clean (meaning without encryption), which is not the most secure way of doing things - For better security, you should always configure [[Secure Socket Layer (SSL)]] or [[Transport Layer Security (TLS)]] when connecting to the email servers - When it comes to receiving email (inbound mail), you're going to be using POP3 or IMAP, and if you're sending email (outbound mail), you'll use SMTP - Majors provides like [[Gmail]], [[Outlook]] or [[Yahoo]] use [[Auto Configuration]] - Small or medium-sized businesses user their own institutional email server and are usually not auto configured - These accounts will have to configured manually using POP3, IMAP or SMTP server address and the ports associated with them as well as using encryption (TLS or SSL) - When you're configuring a corporate email like this, you're going to be setting up four main things - Incoming Mail Server - [[Post Office Protocol (POP)]] or [[Internet Mail Access Protocol (IMAP)]] and what is the [[Fully Qualified Domain Name (FQDN)]] or [[Internet Protocol (IP) Address]] of that server - Outgoing Mail Server - [[Simple Mail Transfer Protocol (SMTP)]] server - Encryption - Whether or not to enable encryption - [[Transport Layer Security (TLS)]] or [[Secure Socket Layer (SSL)]] - Port - Servers will have different ports depending on whether they are encrypted or not ## Lesson 17: Laptop Hardware --- **137. Security Components** - [[Biometric Sensor]] - [[Near Field Scanner Communication Scanner (NFC Scanner)]] - [[Kensington Lock]] **140. Replacing the Keyboard** - Hard to do nowadays because most are soldered into place - When replacing the keyboard or touch pad, use one from the manufacturer - Replacing a single key could be done with a pair of tweezers to pull the keycap off and then replace it with a new keycap ## Lesson 18: Printers and MFDs --- **145. Unboxing and Setup** - [[Printer]] - Check the manufacturer's instructions before starting the process - During the unboxing, look for extra pieces, cables, documentation, or driver disks - The hot temperature causes condensation and moisture inside the printer - The location of the printer should be well-ventilated and convenient - Should have some sort of [[Print Queuing System]] and [[Print Authentication System]] **146. Printer Connectivity** - Three main types of printer connectivity - [[Universal Serial Bus (USB)]] - Windows has the ability to detect a printer using plug and play - [[Ethernet]] - [[Printer]] with this capability supports [[Dynamic Host Configuration Protocol (DHCP)]] - [[Wireless]] **147. Printer Drivers** - In an [[Operating System (OS)]] like Windows or Mac OS, a [[Printer]] is not actually a physical device - [[Printer Driver]] - Most print devices on Windows machines are going to default to [[XML Paper Specification (XPS)]] - Main competitor to an [[XML Paper Specification (XPS)]] file is a [[Portable Document (PDF)]] **148. Printer Configuration Settings** - When it comes to [[Printer]] preferences, there are four main configuration settings - [[Duplex]] - [[Orientation]] - [[Tray Setting]] - [[Quality]] **149. Sharing Print Devices** - Two ways you can share a [[Printer]] over a network - From a dedicated [[Print Server]] - [[Printer Share]] coming from an individual user's workstation - [[Print Spooler]] **150. Securing Print Devices** - This can be done either using either: - User [[Authentication]] - [[Audit Logs]] - [[Secured Prints]] - [[Badging]] **151. Scanning Services** - Another functionality of [[Printer|Printers]] or [[Multi-function Devices (MFDs)]] is the ability to do [[Scanning]] ## Lesson 19: Printer Types --- **153. Laser Printers** - [[Laser Printer]] - When it comes to creating a printout using a [[Laser Printer]] this is going to use an electrophotographic printing process known as the [[EP Printing Process]], which has seven basic steps - [[Processing]] - [[Charging]] - [[Exposing]] - [[Developing]] - [[Transferring]] - [[Fusing]] - [[Cleaning]] - Most laser printers support memory upgrading using a SODIMM module - Most laser printers have a duplexing assembly installed - Different ways that laser printers work in a color environment - [[Cyan, Magenta, Yellow and Black (CMYK)]] **154. Laser Printer Maintenance** - Turn off the [[Laser Printer]] and allow it to cool down before placing your hands inside of that machine - First type of maintenance action you're going to have is Loading Paper - Buy [[Laser Paper]] that is rated for the type of printer - Store the paper in a nice dry area that does not have high humidity or excessive dust - Second type of maintenance action you're going to have is [[Toner Cartridge]] replacement - Third type of maintenance action you're going to have is Use of [[Maintenance Kit]] - Next area of maintenance to be considered is [[Calibration]] - Final area of maintenance to be considered is cleaning the printer **155. Inkjet Printers** - [[Inkjet Printer]] - Has six main components - [[Ink Cartridges]] - [[Printhead]] - [[Roller]] - [[Feeder]] - [[Duplex Assembly]] - [[Carriage Belt]] - Only variation between inkjet models is whether or not they print on one direction or two - [[Unidirectional Printing]] - [[Bi-Directional Printing]] **156. Inkjet Printer Maintenance** - Loading the Paper - Cleaning the Heads - Replacing the Cartridges - Most [[Printer]] manufacturers include a sensor built into inkjet cartridges - Calibrating the system - [[Calibration]] - Clearing Paper jams **157. Thermal Printers** - [[Thermal Printer]] - [[Color Thermal Printer]] - Maintaining a Thermal printer - Replacing the paper - Cleaning the [[Heating Element]] - Use isopropyl alcohol with cotton swab to clean the [[Printhead]] - Removing debris **158. Impact Printers** - [[Impact Printers]] - Three main pieces of maintenance - Replacing the [[Ribbon]] - Replacing the [[Printhead]] - Replacing the paper **159. 3D Printers** - [[3D Printer]] - Process: - Going to take some kind of 3D image that's created on a computer using a 3D modeling program - Program is going to put it into what's called [[Slices]] - Using these slices, the printer is going to put down material and be able to build up the overall thing - Could be fed information using a [[Universal Serial Bus (USB)]] connection, [[Wi-Fi (Wireless Network)]] connection or saving it to an [[SD Card]] and then moving it to that printer - Depends on the printer and the model - Has five main elements: - [[Print Bed (Build Plate)]] - [[Bed (Build Surface)]] - [[Extruder]] - [[Gears, Motors, and Motion Control]] - [[Fans]] - Some rely on a liquid plastic resin or photopolymer to create objects and cure them using ultraviolet lasers ## Lesson 20: Troubleshooting Methodology --- **160. Troubleshooting Methodology** 1. Identify the Problem 2. Establish a Theory of Probable Cause 3. Test the Theory to Determine the Cause 4. Establish a Plan of action to resolve the problem and implement the solution 5. Verify full system functionality 6. Document the findings, actions and outcomes **161. Identify the Problem** - Step 1 - Includes gathering information from the user, identifying user changes, and if applicable, perform backups before making changes - Should also inquire about environmental/infrastructure changes - Really need to understand the issue that's actually occurring - Ask the user What Happened?, What was the Status Before you had this problem?, and What is the Statues after that? - Is there any changes to your system? - Is there anyone else in your area having the same issues? - How long has this been happening? - Has there been any changes to the system? - Have you tried to do anything to solve the problem? - Perform backups before doing anything to the system **162. Establish a Theory** - Step 2 - Question the obvious - Conducting external and internal research based on the problem being observed - Establish a Theory of [[Probable Cause]] - but we question which one is most likely - What is the most likely thing? - Question the obvious - Conducting internal and external research based on the symptoms we see - If you smell a [[Burning Smell]], it could mean that there are internal components that are damaged - Hearing a Clicking or Grinding Sound, it could mean that the hard drive is failing - If you hear no fan spinning, it could mean that there's a issue with power or there's a broken fan 1. Question the obvious 2. If you don't know, do external research on the [[Internet]] 3. Or do Internal research by doing an inspection of the system itself **163. Test the Theory** - Step 3 - Test the Theory to Determine the cause - Once the theory is confirmed, determine the next steps to resolve the problem - If the theory is not confirmed, reestablish a new theory or escalate - Four possible outcomes - Theory is confirmed and you're going to take the steps to fix it - Theory is not confirmed and you're going to have to come up with a new theory and be able to test that one - Lack skills or authority (you've identified the problem, but don't have the skills or authority to fix it) - Escalate when there is an issue - Unable to solve (you've come up with multiple theories and you're stuck) **164. Establish a Plan of Action** - Step 4 - Establish a plan of action to resolve the problem and implement the solution - Figure out how we are going to solve the underlying [[Probable Cause]] - 3 main things you can do as part of your plan of action 1. Repair 2. Replace 3. Workaround - Need to plan how any of these three things is going to be done - How Many Resources are going to be used - How much time does it take - How much is the cost - What will the impact be on the users and system **165. Verify System Functionality** - Step 5 - Verify full system functionality and if applicable, implement preventative measures - Make sure we actually solved the problem - Check the problem has been solved - Inspect the other components to ensure nothing else is damaged, broken, or disconnected - Check the disabled or uninstalled software - Check the logs and diagnostic tools to confirm everything is working the way they should **166. Documentation** - Step 6 - [[Documentation]] - documenting what was wrong, what was done about it, and what can be done to prevent it in the future - In some organizations, a trouble ticketing system is used to document help desk problems (tickets sent by users in the organization and their problems, and how they were solved) - The trouble ticketing system allows to do the trend analysis (common themes of problems that's found in the organization) - The trouble ticketing system can document the amount of work ## Lesson 21: Troubleshooting Hardware Issues --- **168. Power Issues** - As you troubleshoot issues with a computer, first thing we have to look at is it getting proper power - Six main causes of power issues 1. Power button is not connected properly to the motherboard - When pressed an electrical signal is being sent to the motherboard, so it has to be connected properly so that the motherboard could get that signal 2. Wall outlet is faulty - Not getting adequate power from your building into the computer. To test this, you're going to have to use a multimeter or voltmeter to test the power outlet. wall outlets will provide different amount of power from the outlet depending on where you are in the world. (110-120V/60Hz): US or Canada / (220-240V/50Hz): Europe or Asia 3. Power cable to the computer is faulty - Power outlet going to the computer from the wall outlet has become faulty over time. To test this, use a multimeter and run a resistance check across it. This has to be done three times 4. Power supply is faulty - Power supply takes high voltage AC from the wall outlet and converts in into low voltage DC and needs to provide three levels of voltage (12VDC, 5VDC and 3.3VDC). If the power supply is not providing these three voltages at a stable level, that means that the power supply is faulty 5. Power cables from the Power supply to components are faulty - When testing detachable power supply cables with a multimeter, check each pin on each side of the cable to verify full continuity 6. Incorrect voltage setting on power supply unit **169. POST Issues** - [[Power-On Self-Test (POST)]] - Checks things like - processor, memory, input devices and output devices - Audible indication that comes in a series of beeps - Each of these beeps indicate different things ![[Pasted image 20241003115246.png]] - These beep codes are specific to the motherboard's manufacturer - POST-Test expansion card identifies which components on the motherboard is faulty and needs to be replaced **170. Crash Screen** - [[Crash Screen]] - Called three different things depending on what [[Operating System (OS)]] you're using - Windows - [[Blue Screen of Death (BSOD)]] - Mac - [[Pinwheel of Death]] - Linux - [[Kernel Panic]] **171. Cooling Issues** - When the system is operating, all the components are generating heat that builds up a [[Thermal Load]] that has to be dissipated and if your cooling solution isn't working properly, your components will overheat and become damaged - When it comes to cooling, make sure that all cooling components are working - Steps to take if your system is overheating: - Shut down the system, and giving it a minute to cool down, it will dissipate the heat - Boot into the UEFI or BIOS which will allow you to use the different utilities to determine how what the current temperature is in your system and how fast your fans are spinning. You could also look at the temperature sensors inside of the system - A thermal issue causes intermittent shutdowns or continual rebooting **172. Physical Component Damage** - Here are the physical components that have a high likely hood of being damaged: - Chips - Resistors - Capacitors - Excessive exposure to thermal loads can cause permanent damage - Plugging or unplugging cables can cause wearing out, and pins getting bent or damaged - Rancid smell comes from a blown or burst [[Capacitor]] - When a capacitor starts emitting internal chemicals, it loses the ability to regulate electricity **173 Performance Issues** - Could be hardware related, software related or both - Need to know a baseline for a given system - Want to make sure that the system isn't overheating - Modern systems are able to protect against overheating - Could misconfigure the operating system or the application software itself - Increasing the page size in Windows or the swap space in Linux **174. Inaccurate System Date/Time** - From a hardware perspective, this is due to a battery failing on your motherboard - Motherboards have a battery to keep the [[Real-Time Clock (RTC)]] in sync - In modern systems, this battery is going to a lithium coin cell battery which takes the form factor of [[CR2032]] - Lasts between three to five years - Most modern operating systems set the date and time automatically - Moved from a [[Complementary Metal-Oxide-Semiconductor (CMOS)]] into [[Non-Volatile RAM (NVRAM)]] for being able to store BIOS and UEFI data **175. Smoke Test** - Test to make sure that everything is properly connected, and when we apply power to the system, everything is working at the basic level ## Lesson 22: Troubleshooting Storage Devices --- **177. Boot Issues** - Computer will look for a boot device after the [[Power-On Self-Test (POST)]] - This devices could be an internal storage drive (SSD/Hard Drive) or removable media ([[Universal Serial Bus (USB)]]) or over the network - If the computer cannot find a bootable device, an error will occur that will say bootable device not found - Go into BIOS/UEFI and look at the boot order - In what order the BIOS/UEFI will boot into what devices (could be changed) - Make sure that these devices are being recognized by the computer. If there not, could mean that the device isn't properly connected or the proper amount of power - If all of these are true, it could mean indicate a [[Boot Sector]] issue - Two ways to format a storage device and be able to provide the boot information - 1. [[Master Boot Record (MBR)]] - 2. [[GUID Partition Table (GPT)]] - Inability to find a bootable device indicates a problem with MBR or GPT - Bootable device not found, [[Operating System (OS)]] not found or Invalid drive specification - The UEFI and BIOS set a prioritized boot order based on their configurations - Incorrectly prioritizing certain devices over others could cause issues - Check if the internal storage device is working properly by looking, listening, and feeling - [[Light Emitting Diode (LED)]] activity light and powering on the system, this light will indicate drive activity (will blink any time data is sent to/or from that internal disc drive) **178. Storage Device Issues** - [[Hard Disk Drive (HDD)]] and [[Solid-State Device (SSD)]] - Both of these devices have their benefits and disadvantages - Clicking or grinding noises are signs of a hard disk drive mechanical problem - Clicking sound -> indicates a problem with the read/write head that's moving across the platter - Grinding sound -> read/write head is pushing down too far into the [[Platter]] and is scraping it - If the [[Light Emitting Diode (LED)]] is not blinking during read or write from the device, could indicate a problem with that device - If it's constantly blinking, means that there's a lot of reading and writing that's going on (occurs when there's not enough [[Random Access Memory (RAM)]] in your system) - Adding physical memory will stop the disk from being used as a swap or page file - If a disk is not seen by Windows in File Explorer, use disk management tools to se if the device is detected - If device is detected by BIOS/UEFI and not Windows, problem is with the operating system - Could have a read/write failure - Bad sectors/blocks on a storage device - [[Sectors]] for [[Hard Disk Drive (HDD)]] - Use disk utility to identify which sectors are bad and try to recover them - [[Blocks]] for [[Solid-State Device (SSD)]] - SSDs can identify bad blocks **179. Drive Performance Issues** - [[Self-Monitoring, Analysis, and Reporting Technology (SMART)]] is built into most hard drives - Will monitor the temperature of the drive, the drive's overall health, how fast it's spinning [[Hard Disk Drive (HDD)]], how many bad [[Blocks]] [[Solid-State Device (SSD)]] - By monitoring attributes of the drive, it will be able to notify the [[Operating System (OS)]] of any pending issues or problems that might exist in the future - Low [[Input-Output Operations Per Second (IOPS)]] can be an issue with the hardware or the software - File could become fragmented - Run a defragmentation tool; is able to put files back together and reduce read and write times - Deleting and rewriting causes fragmentation **180. Issues with RAIDS** - [[Redundant Array of Independent Disks (RAID)]] - Two different ways to have a RAID failure - Single disk failure - RAID 1 - Mirroring and Redundancy - If you use this RAID, you'll have two full copies of every single file across two drives, but if one of those drives fail, the other drive will still be able to work, but it will be in a degraded state due to only one drive working - [[Full RAID Failure]] - Could happen for several reasons - Failure of your RAID controller card (Hardware RAID) - Operating System has some kind of misconfiguration (Software RAID) - Multiple Drives Fail - When the RAID fails, restore from backup, reconfigure and rebuild using new disks - If a RAID loses a disk, it will continue to operate as normal but at a slower speed - Should replace that disk as soon as possible and use the RAID rebuild utility to rebuild the RAID - RAID 0 has no redundancy and if one of the two disks fail, the entire raid will fail ## Lesson 23: Troubleshooting Video Issues --- **182. Physical Cabling and Source Selection** - Cables will wear down over time - Physical Cables that Carry Digital Signals - HDMI - DisplayPort - Thunderbolt - DVI-D - DVI-I - when these cables fail, the signal will disappear - Physical Cables that Carry Analog Signals - VGA - DVI-A - cables could deteriorate or break over time, and when they do, you'll still get a display image, but it will look wrong - Several things that could be the issue - Broken Cable - Cables are not properly inserted - Check both ends of the cable are properly connected - Cheap Cable - Won't be able to fully support the specifications of said cable - Incorrect Data Source Selected - Choosing the correct input where your cable is connected - HDMI device issue - When using an HDMI connection and using a streaming service, the cable uses a content protecting system over that connection to be able to make sure that the TV and the device are authenticating to each other ([[High Bandwidth Digital Content Protection (HDCP)]]) - Upgrade the quality of the HDMI cable - HDMI, DisplayPort and Thunderbolt carry audio - If there's an issue with audio, could indicate a problem with the cable - VGA or DVI cables do not carry sound **183. Projector Issues** - [[Projector]] - Issues that may occur with projectors: - Dim Images - Issue with bulb reaching the end of life - No Images - Burned out bulb is when the projector bulb has no light and cannot send an image - Lifespan is rated in hours (500-2000 hours) - use gloves to protect the life of the bulb (oils in our hands can break down the bulb) - Cool down the project for 15 to 30 minutes before removing the bulb - Shut down or restart - Heat will affect the components in the projector - If the projector doesn't have a source input, it will shut down **184. Video Quality Issues** - [[Dim Images]] - fix using the brightness and color contrast controls - [[Fuzzy Images]] - 4K monitor, but sent signal of 1080p - [[Flashing Screens]] - check to make sure the cable is properly seated - [[Dead Pixels]] - no fix and have to replace the entire display - [[Burn-In]] - when it occurs, there's no fix and have to replace the entire display. To prevent, use an animated screensaver or turn off the display when there's inactivity - [[Incorrect Color Display]] ## Lesson 24: Troubleshooting Networks --- **186. Wired Connectivity Issues** - Physical Connection - Some kind of break in the connection - You can connect a network cable tester to the wall jack of your particular port and then to the patch panel on the other side - On the back of a [[Network Interface Card (NIC)]] there's going to be two or three lights on it - Indicates the Status, Activity and Speed of that connection - [[Link Light]] - if this is not lit up, means that there's a physical issue - [[Activity Light]] - if this is not light up, means that there is no data being sent/received - [[Speed Light]] - Cable Length - Maximum of 100 meters before you have issues with connectivity - If it is, you have to use a [[Repeater]] to increase the connectivity signal - Interference - with wired connections is coming from an external interference source (Power Lines, Fluorescent Lighting, Motor and Generator) that are located near your cables - Network cables near power lines use fiber optic connections - Immune to interference caused by things like power lines - [[Port Flapping]] - Caused by bad cabling, external interference, or a faulty network interface card on your client **187. Network Performance Issues** - [[Network Performance Issues]] - Mismatch in the duplex setting on either your [[Network Interface Card (NIC)]] or your switch port interface - [[Half Duplex]] - [[Full Duplex]] - Most NICs are set to auto negotiate when they first connect to a switch port - Will figure out if they will work in half or full duplex mode - Mismatch in the speed setting - Auto negotiation between NICs and Switches will also be about the speed the card will be working at - Network adapter drivers are out of date - Malware Infection - this infection is being used as part of [[Data Exfiltration]] - Break it down into three main groups: - Affecting a Single Client - Look for individual duplex settings, speed settings, network adapter drivers, and malware - Affecting a Segment of the Network - Look for the single switch settings - Affecting the Entire Network - Look for the router, gateway, or firewall **188. Wireless Connectivity Issues** - Intermittent Wireless Connectivity - Connected or disconnected network (going from an up to downstate and back again) - Signal Interference - Something causing signal issues - Other devices use the same frequency band as wireless devices which cause interference - To avoid interference on the 2.4 GHz band, use channels 1, 6 and 11 - Physical interference could occur as wireless data cannot be sent through certain building materials - Low Signal Strength - Measured using [[Received Signal Strength Indicator (RSSI)]] - If you have a low RSSI here are the things you can do: - Increase the power transmission of your wireless device - Increase the antenna size - Move closer to the source - Extremely weak signal will cause intermittent connectivity issues or speed decreases - Standards Mismatch - a, b, g, n, ac and ax - a, n, ac and ax: 5 GHz - b, g or n: 2.4 GHz - 2.4 GHz and 5 GHz spectrums are not compatible and if you have a radio that only supports 802.11g, it has to operate in 2.4 GHz mode, it will not be able to communicate in the 5 GHz band - Must consider what frequency is being used, what is the maximum speed of that frequency and what versions of wireless networking are being used **189. VoIP Issues** - [[Voice Over Internet Protocol (VoIP)]] - Two major quality issues that affect VoIP drastically - [[Latency]] - Keep latency under 50 to 100 ms for high quality call - When latency increases, it starts to have jitter - [[Jitter]] - To resolve these: - Increase network performance - Implement [[Quality of Service (QoS)]] - Allows the prioritization of voice traffic **190. Limited Connectivity Issues** - [[Limited Connectivity]] - Some Linux hosts and servers will instead set their IP address to 0.0.0.0 if they can't get a valid address from the [[Dynamic Host Configuration Protocol (DHCP)]] server - Three main things you need to check: - Affects one network client or many - VLAN is properly configured - Putting hosts into different subnetworks as a way of increasing security, but it could block DHCP traffic - DHCP server is offline - Has an invalid connection to the network - Run out of available IP's to lease - Increase the amount of leases inside of the [[DHCP Scope]] ## Lesson 25: Troubleshooting Mobile Devices --- **192. Mobile Power Issues** - Poor Battery Health - Overtime the health of the battery will deteriorate - Charging Issues - Not following a proper charging routine - As batteries age, the maximum charge they hold decreases - Slow Charge or Fast Charge - Fast Charge puts more strain on the battery - Swollen Batteries - Swollen battery means that there's a fault with the battery - Caused by overcharging **193. Mobile Hardware Issues** - Comes down to three main categories: - [[Overheating Damage]] - Liquid Damage - Dry off excess liquid - Power off the device - Disassemble the device - Clean the circuit boards and contacts - Replace the battery - Physical Port Damage - To fix the damaged port is to remove the port and replace it **194. Mobile Display Issues** - Four Main areas: - Broken screens - Multiple different layers inside the screen: glass, digitizer, screen and backlight - Dim images - Backlight issue - [[Digitizer]] issues - If you touch the screen and it's not responding, because of the digitizer - fail because of shock damage from dropping or liquid damage - [[Calibration]] issues **195. Mobile Connectivity Issues** - Consider the physical issues (RSSI) and software configuration issues - Make sure you're connected to the right SSID - Connect using the right password - Move closer to the [[Wireless Access Point]] - Put the higher gain antenna on - Operate 30 to 50 meters away from the wireless access point to maintain a good connection - Bluetooth - personal area network and works up to 10 meters - Bluetooth Enabled - Properly Paired - Adequate Batter - Right Range - The wireless NIC is properly connected to the antennas **196. Mobile Malware Infections** - Device becomes a victim to a type of malware - Ways to tell if your device has been infected with malware - Antivirus or anti-malware solution - Excessive power drain - Significant data transmission - Camera and microphone - Asking for additional permissions - If you find malware on a mobile device, take these steps: - Back up the data - Format the device and re-install the base operating system ## Lesson 26: Troubleshooting Print Devices --- **198. Printer Connectivity Issues** - Can take two different forms: - Locally connected printer <- not being detected by your operating system - Printer has an online or offline status - Printer is not being found - Not being detected on the network - Assign the printer a valid IP address, subnet mask, gateway, and DNS server - Use the right SSID and password to ensure the printer joins the correct network - To bring printer back online, turn off the printer, wait ten seconds, and power it on again - Called [[Power Cycling]] **199. Print Feed Issues** - Two main types you're going to come across: - [[Paper Jams]] - Check the printer for debris and paper tracks - [[Inkjet Printer]] and [[Impact Printers]] are easier to detect a jam - Paper feed issue is when the printer selects more than one piece of paper through the printer - Could be an issue with [[Pickup Rollers]] - Grinding Noise - Using Inkjet or Impact printer, could be an issue with the [[Carriage Belt]] - Using a [[Laser Printer]], could a problem with your [[Toner Cartridge]], [[Fuser Assembly]], or gears **200. Print Quality Issues** - Anything that leads to printout that's not expected - [[Faded Print]] - Happens when somebody set their software to use [[Draft Output Mode]] instead of [[Final Quality Output Mode]] - [[Blank Page]] - [[White Stripes]] - [[Black Stripes]] - [[Speckling]] - [[Vertical or Horizontal Lines]] - [[Toner]] doesn't fuse to the paper - [[Fuser Assembly]] is not putting adequate heat onto the toner, it will not melt onto the paper - Need to check the voltage of the fuser and get the proper input voltage - [[Double (Echo) Image]] - Incorrect [[Chroma]] Display - When the printer is using the wrong colors - [[Toner Cartridge]] was put into the wrong slot and the colors are going to come out backwards - Software or printer driver issue could be causing the incorrect color - [[Chroma]] is missing completely - Ink cartridge has dried out or [[Toner]] has run out - Use rubbing alcohol to clean the contacts between the printer and the cartridge - [[Inkjet Printer]] White Lines - Indicates that one of the jets inside of your [[Printhead]] is dirty and blocked and you need to run the cleaning cycle - Consistent white line indicates a blocked or clogged inkjet nozzle - [[Impact Printers]] Defects - Missing some dots inside of your image - Replace the [[Printhead]] and this will replace the dots inside of it - Printout seems to be [[Faded Print|Faded]] - Ink is running out on the [[Ribbon]] in which case you'll want to replace the ribbon - Or there's a gap between the print head and the paper and that gap is too much for the print head to be able to accommodate - Could be a problem with the [[Platen]] **Print Finishing Issues** - Incorrect page sizes - Default page sizes is different depending on where you live, so using paper from one part of the world and a printer from a different part of the world, there will be problems - Use the right paper size to print - Incorrect page orientations - Two different types of orientation - Portrait - 8.5x12 - Landscape - Word processor set portrait as the default - Slide presentation sets landscape as the default - Issues with stapling - Some Multifunction Devices will have additional finishing features like stapling built into them - Could have stapling jams - To solve, remove the staple cartridge and replace it - Issues with hole punching - Some Multifunction Devices will have features like hole punching built into them - Trying to hole punch over maximum limit at one time **202. Print Job Issues** - Four main issues: - [[Print Monitor]] - [[Print Queue]] - [[Print Spooler]] - Working with all three, we could get a print that doesn't look right - [[Garbled Print Job]] - [[Printer Driver]] # Lesson 4: Comparing Local Networking Hardware - A network type categorizes the area over which the parts of the network are managed - Local Area Network (LAN) - group of computers connected by cabling and one or more network switches that are all installed at a single geographical location - Might span a single floor in a building, a whole building, or multiple nearby buildings - Most cables LANs are based on the 802.3 Ethernet standards - These standards are maintained by the Institute of Electrical and Electronics Engineers (IEEE) - IEEE 802.3 standards are designated *x*BASE-*Y*: *x* is the nominal data rate and *Y* is the cable type - 100BASE-T: Fast Ethernet over copper twister cabling (Works at 100 Mbps) - 1000BASE-T: Gigabit Ethernet over copper twister pair cabling (Works at 1000 Mbps or 1 Gbps) - 10GBASE-T: copper cabling standard working at 10 Gbps - Copper cabling uses electrical signaling to communicated data - Other types of Ethernet work over fiber optic cabling, which uses pulses of light to communicate data - Wireless Local Area Network (WLAN) - uses radios and antennas for data transmission and reception - Based on the IEEE 802.11 series of standards - Better known by its brand name: Wi-Fi - Both Wi-Fi and Ethernet technologies complement one another are often used together as segments within the same local network - Wide Area Network (WAN) - spans multiple geographic locations - Example would be the Internet, which is a global network of networks - Company dedicated to facilitating access to the Internet from local networks is called an Internet Service Provider (ISP) - ISPs have their cabling and equipment leased to WANs to interconnect two or more LAN sites - Metropolitan Area Networks (MAN) - network type covering an area equivalent to a city or other municipality. - Could mean a company with multiple connected networks within the same metropolitan area - Larger than a LAN but smaller than a WAN - Small Office Home Office (SOHO) - business-oriented network possibly using a centralized server, in addition to client devices and printers, but often using a single networking appliance to provide LAN and Internet connectivity - This single networking appliance is referred to as a SOHO/Internet/Broadband router - ![[Pasted image 20240929191013.png]] - Internet services (program running on a computer that performs a useful activity) are placed in protected subnets, which represent a border between the private LAN and public Internet - Traffic to and from this zone is strictly filtered and monitored - Two basic roles for computers: 1. Server computer is dedicated to running network applications and hosting shared resources 2. Client computer allows end user to access the applications and resources to do work - These server computers are hosted in a separate area (server room) - Company with high server requirements might operate a datacenter, which is a whole site that is dedicated to provisioning server resources - Has dedicated networking, power, climate control, and physical access control features - Storage Area Network (SAN) - provisions (provides access) access to a configurable pool of storage devices that can be used by application servers - isolated from the main network - Only access by servers - Use connectivity technologies such as Fiber Channel and Internet SCSI (iSCSI) - Personal Area Network (PAN) - refers to using wireless connectivity to connect devices at a range of a few meters - used to share data between a PC and a mobile device and wearable technology devices (smart watches) **REVIEW ACTIVITY** 1. Wi-Fi 2. WAN 3. SAN - Networking hardware is the devices that allow computers to connect to a network over a certain type of network media and then forward data between computers - Network adapters, patch panels, and switches are used to implement local Ethernet networks - Ethernet communications are established by either electrical signaling over copper twisted pair cable or pulses of light transmitted over fiber optic cable - This physical connection to the cable is made using a transceiver port in the computer's network interface card (NIC) - All PC motherboards have a built-in 1000BASE-T compatible adapter (1 Gbps) - Could use a NIC adapter to support other types of Ethernet (fiber optic) - For the NIC to be able to process the electrical or light signals as digital data, the signals must be divided into regular units with a consistent format - Must also be a means for each node on the local network to address communications to other nodes - Ethernet provides a data link protocol to perform these framing and addressing functions - Each Ethernet NIC port has a unique hardware/physical address, called the media access control (MAC) address - Each frame of Ethernet data identifies the source MAC address and destination MAC address in fields in a header - MAC address consists of 48 binary digits (six bytes in size) - MAC address is represented as 12 digits of hexadecimal - Hex is a numbering system often used to represent network address of different types - Hex digit can be one of six teen values: 0-9 and then A-F - Each hex digit represents half a bit (four bits) - Must be written with colon or hyphen separators or none at all: 00:60:8c:12:3a:bc or 00608c123abc - Most types of office cabling, the computer is connected to a wall port and via cabling running through the walls, to a patch panel - These cables running through the walls are terminated to insulation displacement connector (IDC) punchdown blocks at the back of the panel - ![[Pasted image 20240929192606.png]] - On the other side of the panel are RJ45 ports. - A patch cord is used to connect a part on the patch panel to a port on an Ethernet switch. - ![[Pasted image 20240929192647.png]] - Hub - legacy networking device that was used to implement the 10BASE-T and 100BASE-T Ethernet cabling designs - Design referred to as a star topology because each end system is cable to a concentrator (the hub) - ![[Pasted image 20240929192753.png]] - Has a number of ports (between 4 and 48) and each computer is cabled to one port. - Repeats an incoming transmission from a computer attached to one port across all the other ports - All the computers seem to be attached to the same cable - All computers attached receives all the traffic sent by other connected devices (referred to as a collision domain) - When a lot of computers are in the same collision domain, performance is reduced as only one computer can send a frame at any one time - If two computers try to send at the same time, a collision occurs and they must wait for a random period before trying again. - The more computers, the more collisions - Computers struggle for a share of the media bandwidth and all communications are half duplex (send and receive, but not at the same time) - No hubs compatible with Gigabit Ethernet - Solution to the issue of collisions was first provided by inserting Ethernet bridges between hubs to break up collision domains - These Ethernet bridges were quickly refined into the Ethernet switch appliances - Ethernet switch provisions one port for each device that needs to connect to the network - Ethernet switch can decode each frame and identify the source and destination MAC addresses - can track which MAC source addresses are associated with each port - When it receives an incoming frame, the switch intelligently forwards it to the port that is a match for the destination MAC address - ![[Pasted image 20240929193417.png]] - Each switch port is a separate collision domain - Each computer has a full duplex (can send and receive simultaneously) connection to the network - Unmanaged switch performs its functions without requiring any sort of configuration - Unmanaged four-port switch embedded in most of the SOHO router/modems supplied by ISPs - Larger workplaces and corporate networks will require additional functionality in their switches, and switches designed for these larger LANs are managed switches - Will work as an unmanaged switch out-of-the-box, but could be configured - Workgroup switch will come with 24 or 48 access ports - These switches have uplink ports allowing them to be connected to other switches - ![[Pasted image 20240929193803.png]] - Enterprise might use modular switches - Provide a power supply and fast communications backplane to interconnect multiple switch units. - ![[Pasted image 20240929193848.png]] - To configured a managed switch, this can be done over the web or command line interface - Power over Ethernet (PoE) - means of supplying electrical power from a switch port over ordinary data cabling to a powered device (PD), such as voice or IP (VoIP) handset, camera, or wireless access point. - It has several standards: - 802.3af: allows for PD devices to draw 13 W - 802.3at (PoE+): allows for PD devices to draw up to about 25 W - 802.3bt (PoE++): allows for PD devices to draw up to about 51 W (Type 3) or 73 W (Type 4) of usable power - PoE Enabled Switch is referred to as end span power sourcing equipment (PSE) - device connected to a port on a PoE switch, switch goes through a detection phase to determine whether the device is PoE enabled - If so, it determines the device's power consumption and sets an appropriate supply voltage level - If no, it does not supply power over the port and, therefore, does not damage non-PoE devices - Powering these devices through a switch is more efficient than using a wall-socket AC adapter for each appliance - If the switch does not support PoE, a device called a power injector can be used - One port on the injector is connected to the switch port, and the other port is connected to the device - ![[61Qn7CYFg0L.jpg]] - Most popular type of network cable is of a copper wire construction called unshielded twisted pair (UTP) - Made up of four copper conductor wire pairs - Each pair of insulated conductors is twisted at a different rate from the other pairs, which reduces interference - The electrical signals sent over each pair are balanced meaning that each wire carries an equal but opposite signal to its pair - Electrical signaling method is only reliable over limited range - will suffer from attenuation (loses strength) over long ranges - Max length of 100 m - ![[Pasted image 20240929194854.png]] - Shielded Twisted Pair (STP) - provides extra protection against intereferece - Often used for 10G Ethernet and higher within datacenter networks because it is more reliable than UTP - This shielding may also be a requirement in environments with high levels of external interference - Several types of STP exists: 1. Screened cable has one thin outer foil shield around all pairs: Screened twisted pair (ScTP)/ foiled unshielded twister pair (F/UTP) and foiled twisted pair (FTP)![[images.jpg]] 2. Fully shielded cabling has a braided outer screen and foil-shielded pairs and is referred to as shielded/foiled twister pair (S/FTP). Variants with foil outer shield (F/FTP) 3. ![[ShieldedPatchcord2.jpg]] - Cat specification is particular twisted pair cable construction method rated for use with given Ethernet standards. - Higher the Cat specification cable is capable of higher data rates | Cat | Max Transfer Rate | Max Distance | Ethernet Standard Support | | --- | ------------------ | ------------ | ---------------------------------------------------------- | | 5 | 100 Mbps | 100 m | 100BASE-TX (Fast Ethernet) | | 5e | 1 Gbps | 100 m | 1000BASE-T (Gigabit Ethernet) | | 6 | 1 Gbps and 10 Gbps | 55 m | 1000BASE-T (Gigabit Ethernet) and 10GBASE-T (10G Ethernet) | | 6A | 10 Gbps | 100 m | 10GBASE-T (10G Ethernet) | - Cat specification is printed on the cable jacket along with the cable type (UTP or F/UTP) - Twisted pair cabling for Ethernet can be terminated using modular RJ45 connectors - ![[RJ45-Connectors-Single-Images.jpg]] - Referred to as 8P8C (eight-position/eight contact) - Each conductor in four pair Ethernet cable is color coded (pair is assigned a color) - ![[Pasted image 20240929200021.png]] - The TIA/EIA-568 standard defines two methods for terminating twisted pair (T568A and T568B) | Pins | T568A | T568B | | ---- | ------------ | ------------ | | 1 | Green White | Orange White | | 2 | Green | Orange | | 3 | Orange White | Green White | | 4 | Blue | Blue | | 5 | Blue White | Blue White | | 6 | Orange | Green | | 7 | Brown White | Brown White | | 8 | Brown | Brown | - Straight through Ethernet is wired with the same type of termination at both ends - Using a T568A at one end and T568B at the other creates a crossover cable - Twisted pair cable can also be used with RJ11 connectors - ![[RJ11-Connectors-Single-Images.jpg]] - Widely used in telephone systems - Two pair (4 pins) cable - To terminate a cable, a small section of the outer jacket must be removed to expose the wire pairs - Cable Stripper is designed to score the outer jacket just enough to allow it to be removed - ![[Pasted image 20240929200653.png]] - Punchdown tool - Used to fix each conductor into an IDC - First untwist the wire pairs and lay them in the color coded terminals in the IDC in the appropriate order (T568A or T568B) - ![[Pasted image 20240929200807.png]] - Crimper - Used to fix a jack to a patch cord (network cable terminated with RJ45 connectors) - ![[Pasted image 20240929200945.png]] - Once the cable has been terminated, you must test it to ensure that each wire makes good electrical contact and is in the correct pin position. - Cable Tester - pair of devices designed to attach to each end of a cable - Can be used to test a patch cord or connected via patch cords to a wall port and patch panel port to test the permanent link - tester energizes each wire in turn, with an LED indicating successful termination - If an LED does not activate, the wire is not conducing a signal either because the insulation is damaged or the wire isn't properly inserted into the plug or IDE - ![[Untitled.jpg]] - Toner probe is used to identify a cable from within a bunch - may be necessary when the cables have not been labeled properly - tone generator is connected to the cable using an RJ45 jack and applies a continuous audio signal on the cable - The probe is used to detect the signal and follow the cable over ceilings and through ducts or identify it from within the rest of the bundle - Loopback Plug - Used to test a NIC or switch port. - Network Tap - used to intercept the signals passing over a cable and send them to a packet or protocol analyzer - either powered or unpowered - passive test access point (TAP) - box with ports for incoming and outgoing networking cabling and an inductor or optical splitter that physical copes the signal from the cabling to a monitor port - the monitor port receives every frame - corrupt or not - and the copying is unaffected by load - active Tap - powered device that performs signal regeneration - Gigabit signaling over copper wire is too complex for a passive top to monitor, and some types of fiber links may be adversely affected by optical splitting - Plenum space is a void in a building designed to carry heating, ventilation and air conditioning (HVAC) systems - plenum cable must not emit large amounts of smoke when burned - general purpose (non-plenum) cabling uses PVC jackets and insulation - Plenum-rated cables uses treated PVC or fluorinated ethylene polymer (FEP) - less flexible - Outside Plant (OSP) is cable run on the external walls of a building. Cable is vulnerable to different types of weathering - Aerial cable is typically strung between two poles or anchors - Conduit can provide more protection for buried cable runs - Direct burial cable is laid and then covered in earth or cement - OSP type cables use special coatings to protect against UV and abrasion - Copper wire carries electrical signals, which are sensitive to interference and attenuation - Light pulses generated by lasers and LEDs are not susceptible to interference and suffer less from attenuation - Because of this, optical cabling can support much higher bandwidth links, measured in multiple gigabits or terabits per seconds, longer cable runs (measured in miles) - Optical cable consists of an ultra-fine core of glass to convey the light pulses - core is surrounded by glass or plastic cladding, which guides the light pulses along the core. - The cladding has a protective coating called the buffer - Fiber optic cable is contained in a protective jacket and terminated by a connector - ![[maxresdefault.jpg]] - Fiber optic cables fall into two broad categories: 1. Single Mode (SMF) - small core (8-10 microns) and is designed to carry a long wavelength infrared signal generated by a high power, highly coherent laser diode - data rates up to 10 Gbps or better - cable runs up to many kilometers 2. Multi-Mode Fiber (MMF) - larger core (62.5 or 50 microns) and is designed to carry a shorter wavelength infrared light - Less expensive to deploy - Does not support such high signaling speeds or long distance as single-mode and is more suitable for LANs than WANs - Core of a fiber optic connector is a ceramic or plastic ferrule that ensures continuous reception of the light signals. - Several form factors are available: - Straight Tip (ST) - used in mostly older multi-mode networks - ![[Pasted image 20240929203027.png]] - Subscriber Connector (SC) - simplex and duplex versions (just two connectors clipped together) - can be used for single or multi mode - ![[Pasted image 20240929203014.png]] - Lucent Connector (LC) - small form factor - similar to SC - higher port density - ![[Pasted image 20240929203003.png]] - Patch cords for fiber optic can come with the same connector on each end or a mix of connector - Coaxial (coax) cable - different type of copper cabling also carrying electrical signals - Twisted pair uses balancing to cancel out interference, coax uses two conductors that share the same axis. - Core signal conductor is enclosed by plastic insulation, and then a second wire mesh conductor servers as both shielding from EMI and as a ground - ![[Pasted image 20240929203315.png]] - Mostly used for CCTV installations and as a patch cable for Cable Access TV (CATV) and broadband cable modems - Wireless technologies can now achieve sufficient bandwidth to replace wired ports for many types of clients in a typical office - Wireless technologies use radio waves as transmission media - Radio systems use transmission and reception antennas tuned to a specific frequency for the transfer of signals - Most wireless LANs (WLANs) are based on the IEEE 802.11 standards (Wi-Fi) - Most Wi-Fi networks are configured in what is referred to as infrastructure mode - means that each client device (station) is configured to connect to the network via an access point (AP) - referred to as an infrastructure Basic Service Set (BSS) - MAC address of the Access Point's radio is used as the Basic Service Set Identifier (BSSID) - MAC address of an access point support a basic service area - An access point can establish a wireless-only network, but it can also work as a bridge to forward communications between the wireless stations and a wired network - wired network is referred to as the "distribution system" (DS) - The access point is joined to the network via a wall port and cabling to an Ethernet switch - enterprise network is likely to use Power over Ethernet (PoE) to power the AP over data cabling - ![[Pasted image 20240929210149.png]] - Every W-Fi device operates on a specific radio frequency range within an overall frequency band - Each frequency band is split into a series of smaller ranges referred to as channels - Two Main Frequency Bands used by the IEEE 802.11 standards: - 2.4 GHz standard - better at propagating through solid surfaces, giving it the longest signal range - does not support a high number of individual channels and is often congested with both other Wi-Fi networks and other types of wireless technology (Bluetooth) - Microwave ovens work at frequencies in the 2.4 GHz band - With this band, there is increased risk of interference and the maximum achievable data rates are typically lower than with 5 GHz - indoor range for Wi-Fi is 45 m - 14 channels, spaced at 5 MHz intervals (2,412 MHz up to 2,484 MHz) - interference is a real possibility unless widely space channels are chosen (1, 6 and 11) - Regulations permit the use of channels 1-11 only, while Europe, channels 1-13 are permitted and in Japan, all14 channels are permitted - ![[Pasted image 20240929211531.png]] - 5 GHz standard - less effective at penetrating solid surfaces and so does not support the maximum ranges achieved with 2.4 GHZ standards - supports more individual channels and suffers less from congestion and interference, meaning it supports higher data rates at shorter ranges - indoor range for Wi-Fi is 30 m - 23 non-overlapping channels, each of which is 20 MHz - Devices operating in this range must implement Dynamic Frequency Selection (DFS) to prevent Wi-Fi signals from interfering with nearby radar and satellite installations - Regulatory feature of wireless access points that prevents use of certain 5 GHz channels when in the range of a facility that uses radar - Exact use of channels can be subject to different regulation in different countries. - Regulatory impacts also include a limit on power output, constraining the range of Wi-Fi devices. - IEEE 802.11a standard - uses the 5 GHz frequency band only - maximum data rate of 54 Mbps - IEEE 802.11b standard - uses the 2.4 GHz frequency band only - nominal data rate of 11 Mbps - Because the spacing is only 5 MHz and Wi-Fi needs 20 MHz channel bandwidth, 802.11b channels overlap quite considerably - IEEE 802.11g standard - nominal data rate of 54 Mbps - uses the 2.4 GHz frequency band only - backwards support for legacy 802.11b devices - IEEE 802.11n - uses both the 2.4 GHz and 5 GHz frequency band - Each band is implemented by a separate radio - An access point or adapter that can support both 2.4 and 5 GHz operation is referred to as dual band - allows for two adjacent 20 MHz channels to be combined into a single 40 MHz - referred to as channel bonding. - practical option only in the 5 GHz - multiplexing (combining two or more channels into a single medium) signal streams from 2-3 separate antennas - referred to as multiple input multiple output (MIMO) - Use of multiple reception and transmission antennas to boost wireless bandwidth via spatial multiplexing and to boost range and signal reliability via spatial diversity - antenna configuration is represent as 1x1, 2x2 or 3x3, which indicates the number of transmit and receive antennas available to the radio - nominal rate of 72 Mbps per stream of 150 Mbps per stream for a MHz bonded channel - 802.11n access points are marketed using Nxxx designations, where xxx is the nominal bandwidth - N600 2x2 access point can allocate a bonded channel two streams for data of 300 Mbps (if done on both 2.4 and 5 GHz, bandwidth could be described as 600 Mbps) - Designated as Wi-Fi 4 - A dual band access point can use its 2.4 GHZ radio to support clients on legacy standards (802.11g/n) - A tri-band access point has one 2.4 GHz radio and two 5 GHz radios - In basic 802.11 operation modes, bandwidth is shared between all stations - An access point can communicate with only one station at a time, and multiple station requests go into a queue - Meaning that Wi-Fi networks experience the same sort of contention issues as legacy Ethernet hubs - Problem is partially addressed using Multiuser MIMO (MU-MIMO) - Use of spatial multiplexing to allow a wireless access point to support multiple client stations simultaneously - Allows the access point to use its multiple antennas to send data to up to four clients simultaneously - 802.11ac - Wi-Fi 5 - uses the 5 GHz frequency band only - allows up eight streams (only supports 4x4 streams) - Single stream over an 80 MHz channel has a nominal rate of 433 Mbps - Allows wide 80 and 160 MHz bonded channels - Wi-Fi access points are marketed using AC values, such as AC5300 - 5300: 100 Mbps over 40 MHz channel with 2x2 streams on the 2.4 GHZ | 2,166 Mbps over an 80 MHz bonded channel with 4x4 streams on the first 5 GHz radio | 2,166 Mbps on the second 5 GHz radio - 802.11ax - Wi-Fi 6 - improves the per-stream data rate over an 80 MHz channel to 600 Mbps - Wi-Fi access points are marketed using AX values, such as AX66000 - Works in both the 2.4 GHz and 5 GHz band - Wi-Fi 6e standard adds support for a new 6 GHz frequency band - 6 GHz frequency band has less range but more frequency space - Can support up to eight clients, which gives it better performance in congested areas - Adds support for uplink MU-MIMO, which allows MU-MIMO capable clients to send data to the access points simultaneously - Introduces another technology to improve simultaneous connectivity called orthogonal frequency division multiple access (OFDMA) - Feature of Wi-Fi 6 allowing an access point to serve multiple client stations simultaneously - Can work alongside MU-MIMO to improve client density - Clients identify an infrastructure WLAN through the network name of service set identifier (SSID) on the access point - Can e up to 32 bytes in length - When configuring an access point, you need to choose whether to use the same or different network name for both frequency bands - If you use the same, the access point and client device will use a probe to select the band with the strongest signal - If you configure separate names, the user can choose which network and band to use - For each frequency band, you need to select operation mode, which determines compatibility with older standards and support for legacy client devices - For each frequency band, you need to configure the channel number and whether to use channel bonding - If there are multiple access points whose ranges overlap, they should be configured to use nonoverlapping channels to avoid interference - Wi-Fi Analyzer - Device or software that can report characteristics of a WLAN such as signal strength and channel utilization - Will record statistics for the access point that the client is currently associated with and detect any other access points in the vicinity - Wireless strength is measured in decibel (dB) units - Unit for representing the power of network signaling - Signal strength is represented as the ratio of measurement to 1 milliwatt (mw), where 1 mw is equal to 0 dBm - Because 0 dBm is 1 mw, a negative value for dBM represents a fraction of a mw, here -30 dBm is equal to 0.001 mw - Wi-Fi devices are all constrained by regulations governing spectrum use and output only small amounts of power - dBm values closer to zero represents better performance. - value around -65 dBM -> good signal - value over -80 dBm -> likely to suffer packet loss or be dropped - Comparative strength of the data signal to the background noise is called the signal to noise ratio (SNR) - Measurement of wireless signal level in relation to any background noise - Noise is also measure in dBM, but here values closer to zerr are less welcome, as they represent higher noise levels - signal is -65 dBm and noise is -90 dBm, SNR is the difference between the two values in dB (25 dB) - Long Range Fixed Wireless - Ground-based microwave transmission that supports long distances over precisely aligned directional antennas. These products can either make privileged use of license frequency bands or use of public unlicensed radio-frequency spectrum - Licensed means that the network operator purchases the exclusive right to use a frequency band within a given geographical area from the regulator - Unlicensed spectrum means the operator uses a public frequency band, such as 900 MHz, 2.4 GHz and 5 GHz - Anyone can use these frequencies meaning that interference is a risk - Each antenna is pointed directly at each other and can transmit signals at ranges of up to about 30 miles as long as they are not unobstructed by physical objects - Wireless signal's power has three main components - Transmit power is the basic strength of the radio, measured in dBm - Antenna gain is the amount that a signal is boosted by directionality-focusing a signal in a single direction rather than spreading it over a wide area. Gain is measured in decibels isotropic (dBi) - Unit for representing the increase in power gained by the directional design of a wireless antenna - Effective isotropic radiated power (EIRP) is the sum of transmit power and gain, expressed in dBm - Lower frequencies that propagate farther have stricter power limits than higher frequencies - Other types of wireless technology are used to implement personal area networking (PAN) - Bluetooth - used to connect peripheral devices to PCs and mobiles and to share data between two systems - uses radio communications and supports speeds of up to 3 Mbps - range of over 100 feet though signal strength will be weak at this distance - Bluetooth devices can use a pairing procedure to authenticate and exchange data securely - Bluetooth Low Energy (BLE) - variant of the standard - designed for small battery powered devices that transmit small amount of data infrequently - Radio Frequency ID (RFID) - means of identifying and tracking objects using specially encoded tags - When the RFID reader scans a tag, the tag responds with the information programmed into it - tag can either be an unpowered, passive device that only responds when scanned at close range. embedded in stickers and labels to track parcels and equipment - powered, active device with a range of 100 m - Also used to implement some type of access badge to operate electronic locks - Near Field Communications (NFC) - peer to peer version of RFID - NFC device can work as both tag and reader to exchange information with other NFC devices - works at up to two inches at data ranges of (106 to 424 kbps) - used for contactless payment readers, security ID tags, and shop shelf-edge labels for stock control ## Lesson 5: Configuring Network Addressing and Internet Connections - Network cabling, wireless radios, and devices such as switches and access points are used to implement local networks at the hardware level - The full functionality of networking is only realized when local networks join wide area networks, such as the Internet - This requires modem devices and radio antennas that can communicate over the cabling and wireless media types used by ISPs - Also requires technologies that can identify each network and forward data between them - This network addressing and forwarding function is performed by router devices and the Internet Protocol (IP) - Internet is a global network of networks - The core of the Internet consists of high bandwidth fiber optic links connecting Internet exchange points (IXPs) - These trunk links and IXPs are mostly created by telecommunications companies - Internet Service Providers establish high-speed links between their networks, using transit and peering arrangements to carry traffic to and from parts of the Internet they do not own - Customers connect to the Internet via an ISP's network - Connection to the ISPs network uses its nearest point of presence (PoP), such as a local telephone exchange - Internet connection type is the media, hardware, and protocols used to link the local network at a domestic residence or small office to the ISP's point of presence - WAN interface is point-to-point - only two devices connected to the media - the connection to a WAN interface is made by a type of digital modem - ![[Pasted image 20240930095145.png]] - Ethernet connections are made using NICs and switches - Modem establishes the physical connection to the WAN interface - When interconnecting networks, there must be a means of identifying each network and forwarding data between them - function is performed by a router that implements the Internet Protocol (IP) - ![[Pasted image 20240930095323.png]] - Many internet connection types make use of the national and global telecommunications network referred to as the public switched telephone network (PSTN) - fiber optic, but at its edge, it is still often composed of legacy two pair copper cabling - low grade copper wire segment is referred to as the plain old telephone system (POTS) - Digital Subscriber Line (DSL) - Carrier technology to implement broadband Internet access for subscribers by transferring data over voice-grade telephone lines - uses the higher frequencies available in these copper telephone lines as a communications channel - Use of advanced modulation and echo cancelling techniques enable high bandwidth and full duplex transmissions - Various flavors of DSL: - Asymmetrical DSL (ADSL) - provides a fast downlink but slow uplink - Symmetry versions of DSL - offer the same uplink and downlink speeds - used in businesses and for branch office links - Customer network is connected to the telephone cabling via a DSL modem - modem might be provisioned as a separate device or be embedded as a function of a SOHO router - RJ11 WAN port on the modem connects to the phone point, while the RJ45 interface connects the modem to the router - ![[Pasted image 20240930095919.png]] - filter (splitter) must be installed on each phone socket to separate voice and data signals - ![[Pasted image 20240930095953.png]] - Cable Internet connection is usually available as part of a cable access TV (CATV) service - CATV network is often described as hybrid fiber coax (HFC) - combines a fiber optic core network with coaxial cable links to customer premises equipment - can be described as broadband cable or just as cable - Supports downlink speeds of up to 38 Mbps and uplink of 27 Mbps - Cable modem is interfaced to the local router via an RJ455 port and with the access provider's network by a short segment of coax terminated using threaded F-Type connectors - ![[Untitled 1.jpg]] - Coax links all the premises in a street with a cable modem termination system (CMTS), which forward data traffic via the fiber backbone to the ISP's point of presence and from there to the Internet - ![[Pasted image 20240930100506.png]] - ![[Pasted image 20240930100434.png]] - Fiber optic links are referred to by the umbrella term fiber to the X (FTTx) - Fiber to the Curb (FTTC) - retains some sort of copper wiring to the customer premises while extending the fiber link from the point of presence to communications cabinet servicing multiple subscribers - Service providers with their roots in telephone networks use very high-speed DSL (VDSL) to support FTTC - achieves higher bit rates than other DSL types at the expense of range - Allows for both symmetry and asymmetric modes - 300 m, asymmetric link supports 52 Mbps downstream and 6 Mbps upstream - symmetric link supports 26 Mbps in both directions - ![[What-is-Fiber-to-the-Curb-FTTC-2-1024x768.webp]] - Fiber to the Premises (FTTP) - means that the service provider's fiber optic cable is run all the way to the customer's building. - full fiber connection type is implemented as a passive optical network (PON) - In a PON, a single fiber cable is run from the point of presence to an optical network line terminal (OLT) located in a street cabinet - From the OLT, spitters direct each subscriber's traffic over a shorter length of fiber to an optical network terminal (ONT) installed at the customer's premises - An ONT converts the optical signal to an electrical one - ONT is connected to the customer's router using an RJ45 copper wire patch cord - ![[Pasted image 20240930101216.png]] - ![[FttP.png]] - A satellite based microwave radio system provides far bigger areas of coverage than can be achieved using other technologies - transfer rates are 2 or 6 Mbps up and 30 Mbps down - Satellites placed in high geostationary orbit has increased latency - Signal must travel over a thousand miles more than terrestrial connections - Introducing a delay of many times what might be expected over a land link - ISP installs a very small aperture terminal (VSAT) satellite dish antenna at the customer's premises and aligns it with orbital satellite - antenna is connected via coaxial cabling to a Digital Video Broadcast Satellite (DVB-S) modem - ![[newtec-mdm2500-ip-satellite-modem.jpg]] - A different type of service uses as array of satellites positioned in low Earth Orbit (LEO) - LEO satellites support better bandwidth (70-100 Mbps) and are lower latency - Drawback is that the satellites move relative to the surface of the Earth. The premises antenna must be provisioned with a motor so that it can periodically realign with the array - Wireless Internet Service Provider (WISP) - ISP offering Internet access over ground-based Line of Sight (LoS) microwave transmitters - uses ground-based long range fixed access wireless technology - WISP installs and maintains a directional antenna to work as a bridge between the customer's network and the service provider. - Might use Wi-Fi type networking or proprietary equipment and licensed/unlicensed frequency bands - lower latency than satellite - disadvantage is that the actual unobstructed line of sight between the two antennas can be difficult to maintain - If the providers use unlicensed frequencies, there are risks of interference from other wireless networks and devices - 2.4 GHz and 5 GHz frequency bands used by Wi-Fi have limited range, while fixed wireless internet requires a large dish antenna - Cellular radio wireless networking facilitates communications over much large distances using mobile devices - Also used by IoT devices - Cellular digital communication standards are described as belonging to a particular generation - 3G - 3G cellular radio makes a connection to the closest base station - area served by each base station is referred to as a "cell" - effective range of up to 5 miles, through could be obstructed - Works in the 850 and 1,900 MHz frequency bands - two competing formats established in different markets - Global System for Mobile Communication (GSM) allows subscribers to use a removable subscribed identity module (SIM) card to use an an unlocked handset with their chosen provider - Code Division Multiple Access (CDMA) the handset is directly managed by the provider and there is no removable SIM card - 4G - Long Term Evolution (LTE) is a series of converged 4G standards support by both the GSM and CDMA network provides - LTE devices must have a SIM card issued by the network provider installed - 5G - uses different spectrum bands from low (sub-6 GHz) to medium/high (20-60 GHz) - low bands have greater range and penetrating power - high bands (millimeter wave mmWave) requires close range and cannot penetrate walls or windows - Massive Multiple Input Multiple Output (MIMO) - 5G involves installing many smaller antennas to form an array that can take advantage of multipath and beamforming - Both 4G and 5G can be used a fixed wireless broadband solution for home and businesses and to support IoT networks - Ethernet switches and Wi-Fi access points forward frames using MAC addresses - Network segment is where host can send frames to one another using their MAC addresses - Digital Modems, ONTs and cellular radios transmit data over DSL, cable, fiber, satellite, and cellular links to connect a local network or device to an ISP - Point-to-point link and does not require unique interface addressing - These network segments use different media types and have no physical or logical means of communicating with one another - When you want to connect a local network to the Internet, you need to use a protocol that can distinguish between the private LAN and public WAN and an intermediate system with interfaces in both networks. - The protocol used to implement this is the Internet Protocol (IP), and the intermediate system is a router - Where a switch forwards frames using MAC (hardware) addresses, a router forwards packets around an internetwork using IP addresses - A MAC address only identifies a hardware port - An IP address contains the identity of both the network and a single host within that network - Several types of routers and different uses for them - SOHO router often simply routes between its local network interface and its WAN/Internet interface - Enterprise network is likely to use different router models to perform different routing tasks - LAN router divides a single physical network into multiple logical subnetworks - Each logical network becomes a separate broadcast domain and having too many hosts in the same broadcast domain reduces performance - ![[What_are_Broadcast_Domains.png]] - WAN or border router forwards traffic to and from the Internet or over a private WAN link. This type of router has an Ethernet interface for the local network and a digital modem interface for the WAN - You need to control which computers are allowed to connect to them and which types of traffic you will accept - The role of filtering allowed and denied hosts and protocols is performed by a network firewall - Firewall - Software or hardware device that protects a network segment or individual host by filtering packets to an access control lists - configured with rules, referred to as a network access control list (ACL) - Each entry in the ACL lists source and/or destination network addresses and protocol types and whether to allow or block traffic that matches the rule - Can be implemented as a standalone appliance which can perform deeper analysis of application protocol data and use more sophisticated rules to determine what traffic is allowed - Often implemented as a unified threat management appliance (UTM) - Transmission Control Protocol/Internet Protocol (TCP/IP) suite is used to perform logical addressing and data forwarding functions on most networks - Protocol is a set of rules that allow networked host to communicate data in a structed format - TCP/IP - Network protocol suite used to implement the Internet and most WANs and LANs - Protocols operating at lower layers are said to encapsulate data from higher protocols - Each protocol adds its own header fields to data it is transporting from an upper layer protocol - Uses a model with four distinct layers | TCP and IP/Model | | | ---------------------- | ---------------------------------------------------------------------------------- | | Application | DHCP DNS FTP HTTP/HTTPS SMB SMTP IMAP POP3 SSH RPD Telnet LDAP SNMP Syslog | | Transport | TCP or UDP | | Internet | IP | | Link/Network Interface | Ethernet Wi-Fi | - The link layer is responsible for putting frames onto the physical network - does not contain TCP/IP protocols as such - Different local networking products can be used (Ethernet or Wi-Fi) - WAN interfaces (DSL and cable modems) also work at the Link Layer - Communications only take place only on a local network segment and not between different networks - On an Ethernet or Wi-Fi segment, data at the link layer is packed in a unit called a frame and node interfaces are identified by a MAC address\ - Internet Protocol (IP) - provides packet addressing and routing within a network of networks - PC, laptop, mobile device, or server can communicate on an IP network is generically referred to as an end system - For data to be sent from one IP network to another, it must be forwarded by an intermedia system (a router) - When IP is being used with a physical data/link specification (Ethernet or Wi-Fi), there must be a mechanism to deliver messages from IP at the internet layer to host interfaces addressed at the Link Layer - function is performed by the Address Resolution Protocol (ARP), which allows a host to query which MAC address is associated with an IP address - IP provides best effort delivery that is unreliable and connectionless. A packet might be lost, delivered out of sequence, duplicated, or delayed - Transport Layer - determines how each host manages multiple connections for different application layer protocols at the same time - implemented by one of two protocols: - Transmission Control Protocol (TCP) guarantees connection-oriented forwarding of packets. TCP can identify and recover from lost or out-of-order packets, mitigating the inherent unreliability of IP. Used by most TCP/IP application protocols as failing to receive a packet or processing it incorrectly can cause serious data errors - User Datagram Protocol (UDP) provides unreliable connectionless forwarding. Faster and comes with less of a transmission overheard because it does not need to send extra information to establish reliable connections. Used in time-sensitive applications, such as speech and video, where a few missing or out-of-order packets can be tolerated. - Application Protocol - contains protocols that perform some high-level functions, rather than simply addressing hosts and transporting dat. - Numerous applications protocols in the TCP/IP suite - Used to configure and manage network hosts and to operate devices, such as the web and email - Each application protocol uses a TCP or UDP port to allow a client to connect to a server - Core protocol in TCP/IP is the Internet protocol, which provides network and host addressing and packet forwarding between networks. - IP packet adds some headers to whatever transport/application layer data it is carrying in its payload. - Two of the most important header fields are the source and destination IP address fields - Two versions of IP: IPv4 and IPv6 - IPv4 address is 32 bits long: ![[Pasted image 20240930111259.png]] - 32 bits can be arranged into four groups of eight bits (one byte) known as octets: ![[Pasted image 20240930111315.png]] - Used in dotted decimal notation; separated using a period - ![[Pasted image 20240930111352.png]] - If all of the bits in an octet are set to 1, the number obtain is 255 (maximum possible value) - IPv4 address may be any value between 0.0.0.0 and 255.255.255.255 - Some addresses are not permitted or are reserved for special use - IPv4 address provides two pieces of information encoded within the same value - The network number (network ID) is common to all hosts on the same IP network - The host number (host ID) identifies a host within a particular IP network - These two components within a single IP address are distinguished by combining the address with a network prefix - number that identifies the network portion of an IP address - helps decide if an IP address is on the same network or needs to be send elsewhere - A prefix is a 32 bit value with a given number of contiguous bits all set to 1 - prefix with 24 bits is the following: ![[Pasted image 20240930111722.png]] - can be written in slash notation in the form /24 - Prefix can also be expressed in dotted decimal notation as a subnet mask: 255.255.255.0 - Number of bits applied to an IP address to mask the network ID from the host/interface ID portion - ![[Pasted image 20240930111918.png]] - 192.168.0.0/24 -> IP network - 192.168.0.1/255.255.255.0 -> host address on that IP network - When a host attempts to send a packet via IPv4, the protocol compares the source and destination IP address in the packet against the sending host's subnet mask - If the masked portions of the source and destination IP addresses match, then the destination interface is assumed to be on the same IP network or subnet - ![[Pasted image 20240930112448.png]] - Host will determine that the destination IPv4 address is on the same IP network (192.168.0.0/24) and try to deliver that packet locally - On Ethernet, the host would use the address resolution protocol (ARP) to identify the MAC address associated with the destination IP address - If the masked portion does not match, the host assumes the packet must be routed to another IP network - ![[Pasted image 20240930112628.png]] - Source host 192.168.0.100 identifies that the destination IPv4 address is on a different IP network (192.168.1.0/24) - Because of this it forwards the packet to a router rather than trying to deliver it locally. - Most hosts are configured with a default gateway parameter - IP configuration parameter that identifies the address of a router on the local subnet that the host can use to contact other networks - IP address of a router interface that the host can use to forward packets to other networks - Must be in the same IP network as the host - To communicate on the Internet, a host must be configured with a unique public IP address - Public addresses are allocated to customer networks by ISPs - IPv4 address scheme defines certain ranges as reserved for private addressing, often called RFC 1918 addresses - Hosts with IP addresses from these ranges are not allowed to route traffic over the public Internet - Use of these addresses is confined to private LANs - Three private address range: - Class A private address range: 10.0.0.0 to 10.255.255.255 - Class B private address range: 172.16.0.0 to 172.31.255.255 - Class C private address range: 192.168.0.0 to 192.168.255.255 - Address classes (A, B and C) derive from the earliest form of IP - Subnet masks that align precisely with octet boundaries mirror this functionality | Class | Dotted Decimal Mask | Network Prefix | | ----- | ------------------- | -------------- | | A | 255.0.0.0 | /8 | | B | 255.255.0.0 | /16 | | C | 255.255.255.0 | /24 | - As a host configured with a private address cannot access the Internet directly, some mechanism must be used to allow it to forward packets - Internet access can be facilitated for hosts using private addressing scheme in two ways - Through a router configured with a single or block of valid public addresses. Router uses Network Address Translation (NAT) to convert between private and public addresses - Routing mechanism that conceals internal addressing schemes from the public Internet by translating between a single public address on the external side of a router and private, non-routable addresses internally - Through a proxy server that fulfills requests for Internet resources on behalf of clients - Each host must be configured with an IP address and subnet mask at a minimum to communicate on an IPv4 network. - Several other parameters must be configured for a host to make full use of a modern network on the Internet - IPv4 address and subnet mask can be set manually in a static configuration - Two other parameters are typically configured to make the host fully functional - Default gateway parameter is the IPv4 address of a router (192.168.0.1). IP address to which packets destined for a remote network should be sent by default. - Domain Name System (DNS) server IPv4 address. These server provides resolution of host and domain names to their IP addresses and are essential for locating resources on the Internet. Most local networks also use DNS for name resolution. Typically, the primary DNS server address would be configured as the same as the gateway address. - Using static addressing requires an administrator to visit each computer to manually enter the configuration information for that host. - If the host is moved to a different IP network or subnet, the administrator must manually reconfigure it. - Administration must keep track of which IP addresses have been allocated to avoid issuing duplicates - Static addresses are typically only assigned to systems with a dedicated functionality, such as router interfaces or application servers that need to use a fixed IP address - A host can receive its IP address, subnet mask, default gateway, and DNS server addresses from a dynamic host configuration protocol (DHCP) server - Protocol used to automatically assign IP addressing information to hosts that have not been configured manually - Hosts have a failover mechanism for when the IP configuration specifies use of a DHCP server but the host cannot contact one. In this scenario, the computers selects an address at random from the range (169.254.0.1 to 169.254.255.254) - Called Automatic Private IP Addressing (APIPA) - Mechanism for Windows hosts configured to obtain an address automatically that cannot contact a DHCP server to revert to using an address the range 169.254.x.y (called link local address) - When a host is using an APIPA address, it can communicate with other hosts on the same network that are using APIPA, but cannot reach other networks or communicate with hosts that have managed to obtain a valid DHCP lease - Some may just leave IP unconfigured or use the IP address 0.0.0.0 to indicate that the IPv4 address of the interface is not known - Router has multiple interfaces - SOHO router has a public digital modem interface to connect to the ISP and a private Ethernet interface on the LAN - Both must be configured with an IP address and subnet mask - LAN interface is the address used by hosts as the default gateway parameter. - router's public interface IP address is determined by the ISP - must be an address from a valid public range such as 2030.0113.1 - Pool of available IPv4 public addresses is not very large - IP version 6 (IPv6) is intended to replace IPv4 completely. - IPv6 address is a 128-bit number and can express exponentially more address values that the 32-bit number used in IPv4 - IPv6 addresses are written in hexadecimal notation. - One hex digit can represent a four-bit binary value (a nibble) - To express 128-bit IPv6 address in hex, the binary address is divided into eight double-byte (16-bit) values delimited by colons: ![[Pasted image 20240930115127.png]] - To shorten how this is written and typed in configuration dialogs, where a double byte contains leading zeros, they can be ignored. One contiguous series of zeroes can be replaced by a double colon place marker: ![[Pasted image 20240930115242.png]] - Leading zeroes (0db8 and 0abc) are now (db8 and abc) and the two hex's with just 0's are gone and replace with double colons - IPv6 address is divided into two main parts: - First 64 bits are used as a network ID, while the second 64 bits designate a specific interface - ![[Pasted image 20240930115408.png]] - No need for subnet mask - Network addresses are written using prefix notation, where /nn is the length of the routing prefix in bits - 64-bit network ID, the length of any given network prefix is used to determine whether two addresses belong to the same IP network - In IPv4, hosts generally have a single IP address per interface - IPv6 interfaces are more likely to be configured with multiple addresses. Two main types - Global address is one that is unique on the Internet (public addresses in IPv4). Global address start with a 2 or 3 - Link-local addresses are used on local segment to communicate with neighbor hosts. In hex notation, link local addresses start with fe80:: - Most hosts obtain a global and link local address via the local router - Process is referred to as StateLess Address Auto Configuration (SLAAC) - Do not need to be configured with a default gateway - IPv6 uses a protocol called Neighbor Discovery (ND) - ND is used to implement SLAAC, allows a host to discover a router, and performs the interface address querying functions performed by ARP in IPv4 - Most hosts and routers can operate both IPv4 and IPv6 at the same time - referred to as dual stack - host will default to attempting to establishing an IPv6 connection and fall back to IPv4 if the destination host does not support IPv6 - Network hardware and addressing/forwarding protocols establish basic connectivity - Link Layer -> Ethernet allows hosts to send one another frames of data using MAC address - These frames would typically be transporting IP packets - Internet Layer -> IP provides addressing and routing functionality for a network of networks - Transport Layer -> identifies each type of network application and does this by assigning each application a port number between 0 and 65535 - data addressed to the HTTP web browsing application can be identified as port 80 - data requesting an email transmission service can be identifies as port 25 - ![[Pasted image 20240930124351.png]] - Each hosts assigns two port numbers - Client: the destination port number is mapped to the service the client is requesting - also assigns a random source port number that the server uses as the destination port for its replies and its application port number as its source port - [[Transmission Control Protocol (TCP)]] and [[User Datagram Protocol (UDP)]] implement the port assignment function - Server Ports are assigned by the Internet Assigned Numbers Authority (IANA) | Port | TCP/UDP | Protocol | | | | | | ---- | ------- | ------------------------------------------------- | --- | ------- | ------- | -------------------------------- | | 20 | TCP | [[File Transfer Protocol (FTP)]] | | | | | | 21 | TCP | [[File Transfer Protocol (FTP)]] | | | | | | 22 | TCP | [[Secure Shell (SSH)]] | | | | | | 23 | TCP | [[Telnet]] | | | | | | 25 | TCP | [[Simple Mail Transfer Protocol (SMTP)]] | | | | | | 53 | TCP/UDP | [[Domain Name System (DNS)]] | | | | | | 67 | UDP | [[Dynamic Host Configuration Protocol (DHCP)]] | | | | | | 68 | UDP | [[DHCP Client]] | | | | | | 80 | TCP | [[HyperText Transfer Protocol (HTTP)]] | | | | | | 110 | TCP | [[Post Office Protocol (POP)]] | | 137-139 | UDP/TCP | [[NetBIOS over TCP IP Protocol]] | | 143 | TCP | [[Internet Mail Access Protocol (IMAP)]] | | | | | | 161 | UDP | [[Simple Network Management Protocol (SNMP)]] | | | | | | 162 | UDP | [[SNMP trap operation]] | | | | | | 389 | TCP | [[Lightweight Directory Address Protocol (LDAP)]] | | | | | | 443 | TCP | [[HyperText Transfer Protocol Secure (HTTPS)]] | | | | | | 445 | TCP | [[Server Message Block (SMB)]] | | | | | | 3389 | TCP | [[Remote Desktop Protocol (RDP)]] | | | | | [Quizlet](https://quizlet.com/950469983/comptia-a-1101-networ-ports-flash-cards/) [[Dynamic Host Configuration Protocol (DHCP)]] and [[Domain Name System (DNS)]] are commonly deployed to provide an autoconfiguration mechanism and simpler name-based addressing of network hosts and resources When an interface is assigned a static configuration manually, the installer may make a mistake with the address information-perhaps duplicating an existing [[Internet Protocol (IP) Address]] or entering the wrong [[Subnet]] or the configuration of the network may change, requiring the host to be manually configured with a net static address To avoid these problems, a [[Dynamic Host Configuration Protocol (DHCP)]] can be used to allocate an appropriate IP address and subnet mask (plus other settings) to any host that connects to the network [[DHCP Scope]] Host is configured to use DHCP by specifying in its TCP/IP configuration that it should automatically obtain an IP address When a DHCP client initializes, it broadcasts a DHCPDISCOVER packet to find a DHCP server - All communications are sent using UDP, with the server listening on port 67 ([[Dynamic Host Configuration Protocol (DHCP)]]) and the client listening on port 68 ([[DHCP Client]]) ![[Pasted image 20240930133429.png]] If it has an IP address available, the DHCP server will respond with DHCPOFFER packet, which contains the address and other configuration information ([[Default Gateway]] and [[Domain Name System (DNS)]] server addresses). Client may choose to accept the offer using a DHCP request packet that is also broadcasted onto the network If the offer is still available, the server will respond with a DHCPACK packet; the client broadcasts an [[Address Resolution Protocol (ARP)]] message to check that the address is unused - if so, it will start to use the address and options; if not, it declines and requests a new one The IP address is leased by the server for a limited period only. A client can attempt to renew or rebind the the lease before it expires. Cannot be renewed, the client must release the IP address and start the discovery process again [[DHCP Lease]] Option to have IP address for certain network infrastructure known is to configure the DHCP server to reserve a particular IP address for each device ([[DHCP Reservation]]) [[Host Name]] is typically assigned to each host. This is configured when the OS is installed Host name can be combined with a domain name and suffix to avoid the possibility of duplicate hosts names on the Internet. Referred to as [[Fully Qualified Domain Name (FQDN)]] - example: nut.widget.example [[Fully Qualified Domain Name (FQDN)]] are assigned using [[Domain Name System (DNS)]] To resolve a host name to a FQDN to an IP address, the client must obtain an appropriate record from a DNS server: ![[Pasted image 20240930135133.png]] [[Domain Name System (DNS)]] server IP addresses configured on a client machine are used to resolve the client's queries for hosts and domains across the Internet DNS server responsible for managing a zone will contain numerous [[DNS Resource Records]]. These records allow the name server to resolve queries for names and services hosted in the domain into IP addresses. Hosts connected on the same managed switch are in the same broadcast domain. In larger networks, having many hosts in the same broadcast domain reduces performance, so to mitigate this, the ports can be divided into groups using a feature of managed switches call [[Virtual Local Area Network (VLAN)]] [[Virtual Private Network (VPN)]] enables host to connect to the LAN without being physically installed at the site ## Lesson 6: Supporting Network Services Machine hosting the disk or printer is the [[Server]] and the server disk configured to allow clients to access it over the network is a [[Fileshare]]. The machines accessing those resources are the clients A [[File Server]] could be implemented using TCP/IP protocols, such as [[File Transfer Protocol (FTP)]] [[Server Message Block (SMB)]] is the application protocol underpinning file and printer sharing on Windows Networks In early Windows networks, instead of using TCP/IP, [[NetBIOS over TCP IP Protocol]] was used. Allowed computers to address one another by name and establish sessions for other protocols [[File Transfer Protocol (FTP)]] allows a client to upload and download files from a network server. Often used to upload files to websites [[Web Server]] Resources on the Internet are accessed using an addressing scheme known as a [[Uniform Resource Locator (URL)]] A [[Web Server]] is leased from an ISP Due to HTTP sending unencrypted data, [[Transport Layer Security (TLS)]] was developed When [[Transport Layer Security (TLS)|TLS]] is used with an HTTP application, it is referred to as [[HyperText Transfer Protocol Secure (HTTPS)|HTTPS]] To implement HTTPS, it is done when the web server is installed with a digital [[Digital Certificate|certificate]] that is issued by some trusted [[Certificate Authority (CA)|certificate authority]] The [[Digital Certificate]] uses encrypted data to prove the identity of the server to the client The system uses a public/private encryption key pair, where the private key is a secret known only to the server, while the public key is given to the clients HTTPS URL's will start with https:// and sessions will show a padlock icon in the address bar to indicate that the server's certificate is trusted There are two types of mail servers and protocols used to process [[Email]]: mail transfer and mailbox access protocols ![[Pasted image 20241001132228.png]] Internet [[Email]] Addresses follow the mail-to [[Uniform Resource Locator (URL)]] scheme. - Comprises of two parts 1. username (local part) and the [[Domain Name]], separated by an @ symbol [[Simple Mail Transfer Protocol (SMTP)]] specifies how email is delivered from one mail to another [[Simple Mail Transfer Protocol (SMTP)|SMTP]] server of the sender discovers the IP address of the recipient SMTP server by using the [[Domain Name]] part of the recipient's email address [[Simple Mail Transfer Protocol (SMTP)|SMTP]] servers for the domain are registered in [[Domain Name System (DNS)|DNS]] using [[Mail Exchange (MX)]] and host (A/AAAA) records [[Simple Mail Transfer Protocol (SMTP)|SMTP]] is used only to deliver mail to server hosts that are permanently available. When an email is received by an [[Simple Mail Transfer Protocol (SMTP)|SMTP server]], it delivers the message to a [[Mailbox Server]] [[Post Office Protocol (POP)]] is an early example of a [[Mailbox Access Protocol]]. [[Post Office Protocol (POP)]] is often referred to as POP3 because the active version of the protocol is version 3 A [[Post Office Protocol (POP)]] client (Microsoft Outlook) will establish a connection to [[Post Office Protocol (POP)]] server on port 110. The user is authenticated (username and password) and the contents of the mailbox are downloaded for processing on the local PC With POP3, the messages are typically deleted from the mailbox server when they are downloaded [[Internet Mail Access Protocol (IMAP)]] addresses some of the limitations of [[Post Office Protocol (POP)]] - It is a mail retrieval protocol, but it's mailbox management features lack [[Post Office Protocol (POP)]] - Supports permanent connections to the server and connecting multiple clients to the same mailbox simultaneously - Allows a client to manage the mailbox on the server and create multiple mailboxes [[DHCP]] allows a network client to request an IP configuration, and [[DNS]] allows it to request resources using plain names. Most networks must also authentication and authorize clients before allowing them to connect to [[Fileshare]]s and Mail servers Network resources can be recorded as objects within a [[Directory]] [[Lightweight Directory Address Protocol (LDAP)]] is a TCP/IP protocol used to query and update an X.500 [[Directory]] [[AAA Server]] Uses the following components: - [[Supplicant]] - [[Network Access Server (NAS)]] - [[AAA Server]] With [[AAA Server]], the network access appliances do not have to store any authentication credentials [[AAA Server]] is often implemented using a protocol called [[Remote Authentication Dial-In User Service (RADIUS)]] A [[Remote Terminal Server]] allows a host to accept connections to its command shell or graphical desktop from across the network [[Terminal Emulator (TTY)]] is any kind of software that replicates this terminal input/output function [[Secure Shell (SSH)]] principal means of obtaining secure remote access to UNIX and Linux servers and to most types of network appliances (switches, routers and firewalls) - Can be used for [[Secure File Transfer Protocol (SFTP)]] and to achieve many other network configurations [[Telnet]] is both a protocol and terminal emulation software tool that transmits shell commands and output between a client and a remote host [[Remote Desktop Protocol (RDP)]] is Microsoft's protocol for operating remote GUI connections to a Windows machine [[Simple Network Management Protocol (SNMP)]]is a framework for management and monitoring network devices. Consists of a management system and [[Agents]] - [[Agents]] are a process running on a switch, router, server, or other [[Simple Network Management Protocol (SNMP)]] compatible device - Maintains a database called a Management Information Base (MIB), which holds statistics relating to the activity of the device - Example would be is the number of frames handled by a [[Switch]] [[System Logging (Syslog)]] is an example of a protocol and supporting software that facilitates log collection - Also provides an open format for event data - [[System Logging (Syslog)]] message comprises a PRI code, a header containing a timestamp and host name, and a message part Many enterprise networks also use some soft of [[Network Address Translation (NAT)]], but anther option is to deploy a [[Proxy Server]] - It takes a whole [[HyperText Transfer Protocol (HTTP)]] request from a client, checks it, then forwards it to the destination server on the Internet and when the reply comes back, it checks it and then shuttles it back to the LAN computer - Can either operate as a transparent service (client requires not special configuration) or as nontransparent (where the client must be configured with the IP address and service port) - Can act as a content filter to block access to sites and can restrict overall time limits [[Firewall]] allow of block traffic based on a network access control list specifying source and destination IP addresses and application ports [[Intrusion Detection Systems (IDS)]] are programmed with scripts that can identity known malicious traffic patterns [[Intrusion Prevention System (IPS)]] can additionally take some action to block the source of the malicious packets [[Antivirus]] solutions scan files being transferred over the network to detect any matches for known [[Malware]] signatures in binary data Spam Gateways use [[Sender Policy Framework (SPF)]], [[DomainKeys Identified Mail (DKIM)]] and [[Domain-Based Message Authentication, Reporting, and Conference (DMARC)]] to verify the authenticity of mail servers and are configured with filters that can identify spoofed, misleading, malicious, or otherwise unwanted messages Content filters are used to block outgoing access to unauthorized websites and servers [[Loss Prevention (DLP)]] systems scan outgoing traffic for information that is marked as confidential or personal. This system can verify whether the transfer is authorized and block if it is not [[Unified Threat Management (UTM)]] appliance is one that enforces a variety of security policies and controls, combining the work of multiple security functions [[Load Balancer]] can be deployed to distribute client requests across server nodes in a farm or pool [[Legacy System]] is one that is no longer directly supported by its vendor. A product that is no longer supported is referred to as [[End of Life (EOL)]] If a network is still hosting/using a legacy system, it's because it's either too expensive or complex to move a modern platform - represent severe risks in security [[Embedded System]] is an electronic device that is designed to perform a specific, dedicated function [[Supervisory Control and Data Acquisition (SCADA)]] system takes the place of a control server in large-scale, multiple-site ICSs [[Internet of Things (IoT)]] is used to describe the global network of wearable technology, home appliances, home control systems, vehicles, and other items that have been equipped with sensors, software, and network connectivity - [[Internet of Things (IoT)]] smart device network will use the following types of components: 1. Hub/control system - facilitates wireless networking 2. [[Smart Devices]] - devices capable of compute, storage and network functions A wireless adapter will reduce the connection speed if the [[Received Signal Strength Indicator (RSSI)]] is not at a minimum required level [[Latency]] is the time it takes for a signal to reach the recipient, measured in milliseconds (ms) [[Jitter]] is the amount of variation in delay over time and is measured by sampling the elapsed time between packets arriving ## Multifunction Devices --- - Output device that's commonly abbreviated as MFD - These devices can perform many different functions - Printing - Scanning - Faxing - Network connectivity - Phone line connectivity - Print from the Web - These can be large devices - Make sure you have enough room and make sure they stay out of walkways - Installed in a certain area that must have the proper power, networking and accessibility - To use the device, you need to have the proper driver installed on your operating system so that it knows how to print, fax, scan or perform any other functions - Get the right operating system drivers - Use the right version of the print driver (32 bit vs 64 bit) - Most printers will be able to communicate with your systems using one of two different languages - Printer Command Language (PCL) - Created by Hewlett Packard - Commonly used across the industry - PostScript - Created by Adobe Systems - Popular with high end printers - Make sure the drivers match the printer - PCL printer - PCL driver - PostScript printer - PostScript driver - Wired Device Sharing - USB type B - Most common connector - USB type B on the printer and Type A on the computer - Ethernet - Could connect to a printer with a wireless connection - Bluetooth - 802.11 Infrastructure Mode - Many devices using an access point - 802.11 Ad hoc mode - No access point - Direct link between wireless devices - Printer share - Printer is connected to a computer - The computer shares the printer - Computer needs to be running - If the computer is turned off, everyone loses access to the printer - Print Server - Prints directly to the printer - jobs are queued to the printer - Jobs are managed on the printer - Web-based front end - Client utility - Configuration Settings - Duplex - Save Paper - Prints on both sides of the page without manually flipping over the paper - Not all prints can do this - Orientation - Portrait vs Landscape - The paper doesn't rotate - The printer compensates - Tray Settings - Printers have multiple trays - Plain paper, letterhead, etc - Choose the correct tray in the print dialog - Quality - Resolution - Color, greyscale - Color saving - Printer Security - User authentication - Everyone can print - Set rights and permissions - Printing vs managing the printer - Badging - Authenticate when using the printer - Your job doesn't print until you use your employee badge - Quick and easy - Printer Security - Audit Logs - Allows you to see who printed from the printer, how many pages were printed and what type of print was used - Cost management - Security monitoring - Event Viewer / System Events - May be built into the printer or print server - Secured Prints - Printer must support secure printing - Define a passcode - Use the passcode at the printer - Flatbed Scanner - Different form factors - All in one multifunction device - Standalone flat bed - Scanner allows the multifunction device to read the information that's on the page and then save that information as a digital file - May include an automatic document feeder - multiple pages - Network Scan Devices - Scan to email - Scans are sent to your inbox - Large scans can fill up your mailbox - Scan to folder - Using SMB (Server Message Block) - Send to a Microsoft share - Scan to cloud - Cloud storage account - Google Drive, Dropbox, etc ## Laser Printers --- Laser Printer - Combines a laser, high voltage, charged ions, powered ink, heat and pressure to create output on a printed page - Very high quality and fast printing speeds - Very complex - Many moving parts - Requires on printer memory - Messy on the inside - Imaging Drum - Image that ultimately is printed on this sheet of paper starts with the imaging drum - Image is drawn onto a photosensitive drum - Painted with a laser - Laser writes or paints exactly what it would like to have appear on the piece of paper - Drum is responsible for taking that image, picking up some toner, transferring that toner to the paper where eventually it will be fused and presented as the final output - Picks up toner - Transfers toner to the paper - Can be separate from the toner cartridge - Or combined - Fuser Assembly - Heat and pressure - Melt plastic toner powder - Permanently bond toner to paper - Once the toner is transferred from the imaging drum to the paper, it still needs to be permanently affixed to the page - Transfer Belt and Rollers - Color Laser Printers - Cyan, Yellow, Magenta, Black - Take toner from those individual colors and combine them all into a single page is through the use of a transfer belt and roller - Four separate toner cartridges - Image is transferred from all cartridges to the single belt - And then to a single transfer roller - Pickup Rollers - Pickup paper - Should be a single page at a time - Problems if no paper is picked up or multiple sheets are picked - Should be periodically cleaned or replaced - Separation Pad - Works in conjunction with the pickup rollers to be able to just pull the top page off - Pull just the top sheet from the paper tray - Not multiple sheets - Small and inexpensive - Easy to clean or replace - Duplexing Assembly - Printers usually print on a single side - Not both sides simultaneously - Printing on both sides of the page when it finally presents you with the output - Printing on both sides is a two step process - Print side one, print side two - You need mechanisms to "flip" the page - Automatically - Can be built-in to the printer - Or available as an add on - ![[Pasted image 20241003232910.png]] - Printer does not begin printing until the entire page is rendered in memory, and at that point the processing phase transfers over to the charging phase - During the charging phase, a corona wire or charge roller is used to provide a negative charge to the photosensitive drum. Clears the drum and prepares it for the image that will be provided by the laser - Laser begins writing the image to the photosensitive drum. Since the charging phase created a negative charge, the laser is creating a positive charge everywhere it touches that photosensitive drum - Toner that's in a toner cartridge that is also negatively charged, the same charge as the blank slate. Negatively charge toner will stick to the positively charged sections that were exposed by the laser effectively causing the toner to stick to the photosensitive drum - Transferring of that toner from the photosensitive drum to the paper that is going through the printer itself. When that paper comes out of the other side, the toner is now part of the paper - Toner is not permanently affixed to the paper yet. Heat and pressure needs to be applied. Paper passes through the fuser which is going to melt the toner, and it will now be permanently attached to the paper - Step 1: Processing - Build the entire page in memory - Step 2: Charging - Prepare the drum with a negative electrostatic charge - Step 3: Exposing - Write the image with the laser - Step 4: Developing - Add negatively charged toner to the imaging drum - Step 5: Transferring - Move the toner from the drum to the paper - Step 6: Fusing - Heat and pressure ## Laser Printer Maintenance --- Replacing the Toner Cartridge - Look for the messages - Low doesn't mean empty - Contains toner and sometimes the imaging drum - The toner can also contain the OPC drum - Organic Photoconductor Drum - Sensitive to light; keep it in the bag - Power down the printer - Safety first - Remove packing strips from the new drum - Replace it with the old Laser Printer Maintenance Kit - Laser Printer wears out - All those moving parts - Heat and pressure - Standard maintenance kits - Replacement feed rollers, new fuser unit, etc - When to perform maintenance? - Check the printer's page counter - Power down and replace the components - Fuser units are HOT - Reset the page counter when you're done Laser Printer Calibration - Different toner cartridges print with different densities - Some dark, some light - Laser printer calibration can adjust the density - Makes it look perfect - Can be automated or a manual process - Every printer is different - Check the printer manual Laser Printer Cleaning - Laser Printers are dirty - All that toner and paper dust - Check the manufacturer's recommendations - Water, isopropyl alcohol (IPA) - Don't use harsh chemicals - Outside - Damp cloth - Inside - Wipe Away - Don't use a normal vacuum cleaner or compressed air - Wash toner from skin with cold water - Clean rollers with IPA ## Inkjet Printers --- Inkjet (Ink-Dispersion) Printer - Relatively inexpensive technology - Quiet - High resolution - Expensive ink - Proprietary - Eventually fades - Clogs easily Ink Cartridge - Places drops of ink onto a page - Pulled from a set of cartridges - CMYK - Cyan, Magenta, Yellow, Key (Black) Print Head - Some consumer printers integrate the print head into the ink cartridge - Change the cartridge, get a new print head - Others separate the ink cartridges from the print head Feed Rollers - Pick up and feed paper through the printer - Must be clean and not worn - Duplexing - Prints on both sides of the paper - Included with some printers Carriage and Belt - Ink cartridges are moved over the p aper - Carriage may include its own print head - Belt moves the carriage back and forth - Another moving part Inkjet Printer Calibration - Align nozzles to the paper - Lines should be crisp - Colors should align - Printer includes a calibration option - May need to make minor adjustments ## Inkjet Printer Maintenance --- Cleaning Print Heads - Small droplets of ink - And small holes in a print head - Clogged heads is a big issue - many printers automatically clean every day - output has streaks of sections of missing color - Cleaning process can be started manually - Only takes a few minutes - Some print heads/cartridges can be removed - Manually cleaning may help Replacing inkjet cartridges - Usually separate colors - Cyan, Magenta, Yellow, and Key (CMYK) - Some cartridges will combine these - Takes seconds to replace - Takes a few minutes to calibrate and prepare the cartridge - Recycle the empty cartridge - All plastic Inkjet Printer Calibration - Align nozzles to the paper - Lines should be crisp - Colors should not overlap - Printer includes a calibration option - May need to make minor adjustments Clearing Jams - Lots of turns and twists - A jam is inevitable - Remove tray paper - Any loose paper - Remove paper from the path - Firm pressure, don't rip - Check for any scraps of paper - Remove all loose paper ## Thermal Printers --- Thermal Printer - White Paper - Turns black when heated - No ink - Very quiet - Almost silent - Paper is sensitive to light and heat - And clear tape Feed assembly - Pull paper through the printer - Relatively small paper path - Holds the paper in place with friction Heating Element - Full-length heating element - No moving print head - To be able to create the output on a thermal printer, you need a heating element Thermal paper - Paper Covered with a chemical - Thermochromic paper / thermal paper - Changes color when heated - Cash registers, credit card terminals - And quiet areas - Looks like normal paper - Feels a bit different ## Thermal Printer Maintenance --- Thermal Paper Replacement - Relatively inexpensive - But impossible to substitute - Different sizes - Not like laser printer paper - Keep a list - Actual replacement process is easy - Simple Paper feed - Small device Cleaning the heating element - Liquid cleaner - Isopropyl alcohol (IPA) - Get a cleaning pen - Check manufacturer's recommendations - Swab Gently - Usually small areas Removing Debris - Relatively small amount - Paper bits and dust - No toner - Blow out the printer - Take it outside - Wipe it out - Damp cloth - Avoid using a vacuum - Unless it's designed for computers - Resists static buildup/discharge Paper sensitivity to heat - Heat is used to create the output on the thermal paper - More heat will darken the entire page - Avoid hot areas - Car dashboard - Radiator - Hair dryers - Receipt will also fade over time - Don't use as archival media ## Impact Printers --- Dot Matrix (Impact) Printers - Print head with small matrix of pins - Presses against a ribbon to make a mark on paper - Good for carbon/multiple copies - Low cost per page - Noisy - Poor graphics - Relatively uses cases Dot Matrix Printer Head - Moves back and forth - Pins hit ribbon and paper Printer Ribbon - Fabric - One long ribbon - Never ending circle - Easy to replace - Once single unit - Proprietary Size - Specific to printer model Tractor Feed - Continuous Paper feed - Perforations between pages - Paper pulled through with holes on the side of the paper - Instead of using friction - Holes have to line up perfectly - Tractor paper can be perforated to remove holes ## Impact Printer Maintenance --- Printer Ribbon Replacement - Single Ribbon - Self Contained - One long circle - Replace when ink becomes too light - ink is eventually consumed - Designed to be modular - Replace in less than a minute Print Head replacement - Takes a lot of abuse - Directly hits the ribbon and paper - Gets hot - Watch your fingers - Another modular part - Look for a release lever or bar - Replace with the ribbon for the best effect - The output should look perfect - Replacing Paper - Not as easy as a laser printer - Paper must feed perfectly into lines - Tractor feed - Forms must be positioned correctly - Text needs to fit a predestined space - Paper must feed without constraint - Make sure nothing is in the way ## 3D Printers --- 3D printers - "Print" in three dimensions - Create a 3D item based on an electronic model - Additive manufacturing - Build in layers to create the object - No machining process required - Rapid prototyping - Design and create relatively quick and inexpensively - Deploy designs anywhere in the world - Or into space Filament Printing - Fused Deposition Modeling (FDM) - Melts filament to print 3D objects - This is probably the printing type you've seen - Print a layer, move up, print another layer - Watch the printer create the object - Good all-around printer - Larger print bed than resin printers - Easy to manage filament - Minimum of mess - Fewer disposal issues Resin Printing - Stereolithography (SLA) 3D Printing - Smooth and finely detailed 3D prints - Resin is hardened using a light source - Ultraviolet light or laser - Layers are added to the bottom - Entire print hangs from the build platform - Resin must be handled properly - Wear protective gear - Take unused resin to your local hazardous materials disposal The print bed - A flat adhesive surface - The foundation of a 3D print - Everything builds on that first layer - Needs to be level and clean - Print "stick" to the bed - Filament printing - The print bed is the printing surface - Many different print bed options - Resin printing - The bed is the location where the resin is hardened by the UV light ## Wireless Network Standards --- Wireless Standards - Wireless networking (802.11) - Managed by the IEE LAN/MAN Standards Committee (IEEE 802) - Many updates over time - Check with IEEE for the latest - The Wi-Fi trademark - Wi-Fi alliance handles interoperability testing 802.11a - One of the original 802.11 wireless standards - October 1999 - Operates in the 5 GHz range - Or other frequencies with special licensing - 54 Mbps - Smaller range than 802.11b - Higher frequency is absorbed by objects in the way - Not commonly seen today 802.11b - Also an original 802.11 standard - October 1999 - Operates in the 2.4 GHz range - 11 Mbps - Better range than 802.11a - Less absorption problems - More frequency conflict - Baby monitors, cordless phones, microwave ovens, Bluetooth - Not commonly seen today 802.11g - An upgrade to 802.11b - June 2003 - Operates in the 2.4 GHz range - 54 Mbps - Similar to 802.11a - Backwards-compatible with 802.11b - Same 2.4 GHz frequency conflict problems as 802.11b 802.11n (Wi-Fi 4) - The update to 802.11g, 802.11b, and 802.11a - October 2009 - Operates at 5 GHz and/or 2.4 GHz - 40 MHz channel widths - 600 Mbps - 40 MHz mode and 4 antennas - 802.11n uses MIMO - Multiple input multiple output - Multiple transmit and receive antennas - Devices can transfer much more information simultaneously between the end station and the access point 802.11ac (Wi-Fi 5) - Approved in January 2014 - Significant improvements over 802.11n - Operates in the 5 GHz band - Less crowded, more frequencies (up to 160 MHz channel bandwidth) - Increased channel bonding - Larger bandwidth usage - More data that can be transferred over that wireless network simultaneously - Denser signaling modulation - Faster data transfers - Eight MU-MIMO downlink streams - Twice as many streams as 802.11n - Multiple users can be communicating over multiple input and multiple output simultaneously - Nearly 7 Gbps 802.11ax (Wi-Fi 6) - Approved in February 2021 - The successor to 802.11ac/Wi-Fi 5 - Operates at 5 GHz and/or 2.4 GHz - 20, 40, 80 and 160 MHz channel widths - 1.2 Gbps per channel - A relatively small increase in throughput - Eight bi-directional MU-MIMO Streams - Orthogonal Frequency-Division Multiple Access (OFDMA) - Works similar to cellular communication - Improves high-density installations Long-Range Fixed Wireless - Wireless access point in a house with the stock antennas - You might get a range of 40 to 50 meters - Try connecting two buildings located miles from each other - Fixed directional antennas and increased signal strength - Outdoors - Minimal signal absorption or bounce - Directional antennas - Focused, point-to-point connection - Wireless regulations are complex - Refer to your country's regulatory agency - Frequency use - Unlicensed 2.4 GHz or 5 GHz frequencies - Additional frequencies may be available - Additional licensing may be required - Signal strength - Indoor and outdoor power is usually regulated - Outdoor antenna installation is not trivial - Get an expert, be safe RFID (Radio-Frequency Identification) - It's everywhere - Access badges - Inventory/Assembly line tracking - Pet/Animal Identification - Anything that needs to be tracked - Radar technology - Radio energy transmitted to the tag - RF powers the tag, ID is transmitted back - Bidirectional communication - Some tag formats can be active/powered NFC (Near Field Communication) - Two-way wireless communication - Builds on RFID, which is mostly one-way - Payment systems - Major credit cards - Online Wallets - Bootstrap for other wireless - NFC helps with Bluetooth pairing - Access token, identity "card" - Short range with encryption support ## Wireless Network Technologies --- 802.11 technologies - Frequency - 2.4 GHz or 5 GHz - And sometimes both - Channels - Group of frequencies, numbered by the IEEE - Non-overlapping channels would be ideal - Regulations - Most countries have regulations to manage frequency use - Spectrum use, power output, interference requirements, etc Band Selection and Bandwidth ![[Pasted image 20241004211259.png]] ![[Pasted image 20241004211324.png]] ![[Pasted image 20241004211346.png]] - Could change the channel size (channel bonding) - More data can be sent and received Bluetooth - Remove the wires - Headsets - Speakers - Keyboards/Mice - Uses the 2.4 GHz range - Unlicensed ISM (Industrial, Scientific and Medical) band - Same as 802.11 - Short-range - Most consumer devices operate to about 10 meters - Industrial Bluetooth devices can communicate over 100 meters ## Introduction to IP --- A series of moving vans - Efficiently move large amounts of data - Use a shipping truck - The network topology is the road - Ethernet, DSL, cable system - The truck is the Internet Protocol (IP) - We've designed the roads for this truck - The boxes hold your data - Boxes of TCP and UDP - Inside the boxes are more things - Application information - Encapsulation process that allows use to move all kinds of data across the network IP - Internet Protocol - Client on one side and the server on the other - Client is going to send information to this server - Information is going to be inside a ethernet packet (ethernet payload) - Have a header at the beginning of the frame (ethernet header) - Have a trailer at the end of the frame (ethernet trailer) - In the ethernet payload, there's going to an IP header and IP payload within that particular part of the frame - In the IP Payload, there could be TCP data with a TCP header and TCP payload - And TCP payload will have different types of data - Inside IP -> TCP -> HTTP Data - ![[Pasted image 20241005204033.png]] TCP and UDP - Transported inside of IP - Encapsulated by the IP protocol - Two ways to move data from place to place - Different features for different applications - TCP for some applications and UDP for others - Operating at the transport layer of the OSI model - The transport layer - Multiplexing - Use many different applications at the same time - TCP and UDP TCP - Transmission Control Protocol - Connection Oriented - A formal connection setup and close - Reliable delivery - Recovery from errors - Can manage out of order messages or retransmissions - Flow control - The receiver can manage how much data is sent UDP - User datagram protocol - Connectionless - No formal open or close to the connection - Unreliable delivery - No error recovery - No reordering of data or retransmissions - No flow control - Sender determines the amount of data transmitted Why would you ever use UDP - Real time communication - There's no way to stop and resend the data - Time doesn't stop for your network - Connectionless protocols - DHCP (Dynamic Host Configuration Protocol) - TFTP (Trivial File Transfer Protocol) - The data might not get through - The application keeps track and decides what to do - It might not do anything Communication using TCP - Connection oriented protocols prefer a return receipt - HTTPS (Hypertext transfer protocol secure) - SSH (secure shell) - The application doesn't worry about out of order frames or missing data - TCP handles all the communication overhead - The application has one job Speedy delivery - The IP Delivery truck delivers from one (IP) address to another (IP) address - Every house has an address, every computer has an IP address - Boxes arrive at the house / IP address - Where do the boxes go? - Each box has a room name - Port is written on the outside of the box - Drop the box into the right room - Determines what application on the server is going to receive this data Lots of ports - IPv4 sockets - Server IP address, protocol, server application port number - Client IP address, protocol, client port number - Non-ephemeral ports - permanent port numbers - Ports 0 through 1023 - Usually on a server or service - Ephemeral ports - temporary port numbers - Ports 1,024 through 65,535 - Determined in real time by the client Port numbers - TCP and UDP ports can be any number between 0 and 65,535 - Most servers (services) use non-ephemeral (not temporary) port numbers - This isn't always the case - It's just a number - Port numbers are for communication, not security - Service port numbers need to be well known - TCP port numbers are not the same as UDP port numbers Ports on the network - Web server - TCP/80 - VoIP server - UDP/5004 - Email Server - TCP/143 - ![[Pasted image 20241005205916.png]] - ![[Pasted image 20241005205934.png]] - ## Common Network Ports --- Port Numbers - Services have port numbers that they use so that other devices can communicate and use those services - Well known port number - Client and server need to match - Important for firewall rules - Port based security FTP - File Transfer Protocol - TCP/20 (active mode data), TCP/21 (control) - transfers files between systems - Authenticates with a username and password - Some systems use a generic/anonymous login - Full featured functionality - List, add, delete, etc SSH - Secure Shell - Connect to a remote device through a terminal or command line front end - Encrypted communication link - TCP/22 - Looks and acts the same as Telnet Telnet - Telnet - Telecommunication Network - TCP/23 - Another way to connect to a remote device using a text-based/console front end - Login to devices remotely - Console access - Data is sent in the clear communication/not encrypted - Not the best choice for production systems SMTP - Simple Mail Transfer Protocol - Server to server email transfer - TCP/25 - Also used to send mail from a device to a mail server - Commonly configured on mobile devices and email - Other protocols are used for clients to receive email - IMAP, POP3 DNS - Domain Name System - Converts names to IP address - UDP/53 - www.professormesser.com = 162.159.246.164 - Resolves IP address from the fully qualified domain name - These are very critical resources - Usually multiple DNS servers are in production DHCP - Dynamic Host Configuration Protocol - Automated configuration of IP address, subnet mask and other options - UDP/67, UDP/68 - Requires a DHCP server - Server, appliance, integrated into a SOHO router, etc - Dynamic / pooled - IP addresses are assigned in real-time from a pool - Each system is given a lease and must renew at set intervals - DHCP reservation - Addresses are assigned by MAC address in the DHCP server - Managed addresses from one location HTTP and HTTPS - Hypertext Transfer Protocol - TCP/80 - Communication in the browser - And by other applications - In the clear or encrypted - Supported by nearly all web servers and clients - HTTP - Web server communication - TCP/80 - HTTPS - Web server communication with encryption - TCP/443 POP3/IMAP - Receive emails from an email server - Authenticate and transfer - POP3 - Post Office Protocol Version 3 - TCP/110 - Basic mail transfer functionality - IMAP4 - Internet Message Access Protocol v4 - TCP/143 - Includes management of email inbox from multiple clients SMB - Server Message Block - Many operating systems have their own method of transferring files and information between devices using that operating system - Protocol used by Microsoft Windows - File sharing, printer sharing - Also called CIFS (Common Internet File System) - Uses a number of different protocols to be able to communicate - Using NetBIOS over TCP/IP (Network Basic Input/Output System) - Used with older Windows machines - UDP/137 - NetBIOS name services (nbname) - TCP/139 - NetBIOS session service (nbsession) - Direct over tcp/445 (NetBIOS-less) - Direct SMB communication over TCP without the NetBIOS transport SNMP - Simple Network Management Protocol - Gather statistics from network devices - Allows a network management device to query these infrastructure devices for performance details and receive those metrics in return - Could also configure the infrastructure device to monitor for certain metrics, and if it exceeds any of those metrics, it can an alert to the management station. Alerts are referred to as traps - Queries: udp/161 - Traps: udp/162 - v1 - The original - Structed tables - In the clear (non-encrypted) - v2 - a good step ahead - Data type enhancements - Bulk transfers - Still in the clear (non-encrypted) - v3 - a secure standard - Message intergrity - Authentication - Encryption LDAP - Lightweight Directory Access Protocol - TCP/389 - Protocol used to query these directories - Store and retrieve information in a network directory - Commonly used in Microsoft Active Directory RDP - Remote Desktop Protocol - Share a desktop from a remote location over tcp/3389 - Remote desktop services on many Windows versions - Can connect to an entire desktop or just an application - Clients for Windows, macOS, Linux, Unix, iPhone, Android, and others ## Network Devices --- Network Devices - Many different devices and components - All have different roles - Some of these functions are combined together - Wireless router/switch/firewall - Compart different devices - Understand when they should be used Routers - Routes traffic between IP subnets - Makes forwarding decisions based on IP addresses - Routers inside of switches sometimes called layer 3 switches - Often connects diverse network types - LAN, WAN, copper, fiber Switches - Bridging done in hardware - Application specific integrated circuit (ASIC) - Forwards traffic based on data link (MAC) address - Many ports and features - The core of an enterprise network - May provide Power over Ethernet (PoE) - Multilayer Switch - Includes routing functionality Unmanaged Switches - Very few configuration options - Plug and play - Fixed configuration - No VLANs - Very little integration with other devices - No management protocols - Low prince point - Simple is less expensive Managed Switches - VLAN support - Interconnect with other switches via 802.1Q - Traffic prioritization - Voice traffic gets a higher priority - Redundancy support - Spanning Tree Protocol (STP) - Port mirroring - Capture packets - External Management - Simple Network Management Protocol (SNMP) Access Point - Not a wireless router - A wireless router is a router and an access point in a single device - Provides connectivity to the local area network - Provides a link between the wireless network and the wired network - An access point is a bridge - Extends the wired network onto the wireless network - Makes forwarding decisions based on MAC address Cable infrastructure - Combination of punch down blocks and RJ 45 connectors - Runs from desks are made once - Permanently punched down to patch panel - Patch panel to switch can be easily changed - No special tools - Use existing cables Firewalls - Filters traffic by port number - OSI Layer 4 (TCP/UDP) - Some firewalls can filter based on the application - Can encrypt traffic into/out of the network - Protect your traffic between sites - Can proxy traffic - A common security technique - Most firewalls can be layer 3 devices (routers) - Usually sits on the ingress/egress of the network Power over Ethernet (PoE) - Power provided on an Ethernet cabl - One wire for both network and electricity - Phones, cameras, wireless access points - Useful in difficult to power areas - Power provided at the switch - Built-in - Endspans - In-line power injector - Midspans PoE Switch - Power over Ethernet - Commonly marked on the switch or interfaces PoE, PoE+, PoE++ - PoE: IEEE 802.3af-2003 - The original PoE specification - Now part of the 802.3 standard - 15.3 watts DC, 350 mA max current - PoE+ : IEEE 802.3at-2009 - Now also part of the 802.3 standard - 25.5 watts DC power, 600 mA max current - PoE++: IEEE 802.3bt-2018 - 51 W (Type 3), 600 mA max current - 71.3 W (Type 4), 960 mA max current - PoE with 10GBASE-T Hub - Multi-port repeater - Traffic going in one port is repeated to every other port - Everything is half duplex - Becomes less efficient as network traffic increases - 10 - 100 mbps - Difficult to find today Cable Modem - Broadband - Transmission across multiple frequencies - Different traffic types - Data on the cable network - DOCSIS (Data Over Cable Service Interface Specification) - High Speed networking - Speeds up to 1 Gbps are available - Multiple services - Data, voice, video DSL Modem - ADSL (Asymmetric Digital Subscriber Line) - Uses telephone lines - Download speed is faster than the upload speed (asymmetric) - 10,000 ft limitation from the central office (CO) - 52 Mbps downstream, 16 Mbps upstream are common - Faster speeds may be possible if closer to the CO ONT - Optical Network Terminal - Fiber to the premises - Connect the ISP fiber network to the copper network - Demarcation point (demarc) in the data center - Terminal box on the side of the building - Line of responsibilyt - One side of the box is the ISP - Other side of the box is your network Network Interface Card (NIC) - The fundamental network device - Every device on the network has a NIC - Computers, servers, printers, routers, switches, phones, tablets, cameras, etc - Specific to the network type - Ethernet, WAN, wireless, etc - Often built-in to the motherboard - Or added as an expansion card - Many options - Single port, multi-port, copper, fiber ## Software Defined Networking --- SDN (Software Defined Networking) - Networking devices have different functional planes of operation - Data, control, and management planes - Split the functions into separate logical units - Extend the functionality and management of a single device - Perfectly built for the cloud - Infrastructure Layer / Data Plane - Process the network frames and packets - Forwarding, trunking, encrypting, NAT - Control layer / Control plane - Manages the actions of the data plane - Routing tables, sessions tables, NAT tables - Dynamic routing protocol updates - Application layer / management plane - Configure and manage the device - SSH, browser, API Extend the physical architecture - ![[Pasted image 20241005222414.png]] SDN Data flows - ![[Pasted image 20241005222510.png]] ## Network Services --- DNS Server - Domain Name System - Converts names to IP addresses - And vice versa - Distributed naming system - the load is balance across many different servers - Usually managed by the ISP or enterprise IT department - A critical resource DHCP server - Dynamic Host Configuration Protocol - Automatic IP address configuration - Very common service - Available on most home routers - Enterprise DHCP will be redundant - Usually running on central servers File Server - Centralized storage of documents, spreadsheets, videos, pictures and any other files - A fileshare - Standard system of file management - SMB (Server Message Block), Apple Filing Protocol (AFP), etc - The front end hides the protocol - Copy, delete, rename, etc. Print Server - Connect a printer to the network - Provide printing services for all network devices - May be software in a computer - Computer is connected to the printer - May be built in to the printer - Network adapter and software - Uses standard printing protocols - SMB (Server Message Block) - IPP (Internet Printing Protocol) - LDP (Line Printer Daemon) Mail Server - Store your incoming mail - Send your outgoing mail - Usually managed by the ISP or the enterprise IP department - A complex set of requirements - Usually one of the most important services - 24 x 7 support Syslog - Standard for message logging - Diverse systems, consolidated log - Usually a central logging receiver - Integrated into the SIEM - You're going to need a lot of disk space - No, more. More than that Web Server - Responds to browser requests - Using standard web browsing protocols - HTTP/HTTPS - Pages are built with HTML, HTML5 - Web pages are stored on the server - Downloaded to the browser - Static pages or built dynamically in real time Authentication Server - Login authentication to resources - Centralized management - Almost always an enterprise service - Not required on a home network - Usually a set of redundant servers - Always available - Extremely important service Spam - Unsolicited messages - Email, forums, etc - Various content - Commercial advertising - Non-commercial proselytizing - Phishing attempts - Significant technology issue - Security concerns, resource utilization, storage costs, managing the spam Spam Gateway - Unsolicited email - Stop it at the gateway before it reaches the user - On site or cloud based All in one security appliance - Next generation firewall, Unified Threat Management (UTM) / Web security gateway - URL Filter / Content inspection - Malware inspection - Spam filter - CSU/DSU - Router, switch - Firewall - Bandwidth shaper Load Balancers - Distribute the load - Multiple servers - Invisible to the end user - Large scale implementations - Web server farms, database farms - Fault tolerance - Server outages have no effect - Very fast convergence Load Balancer Features - Configurable load - Manage across servers - TCP offload - Protocol overhead - SSL Offload - Encryption / Decryption - Caching - Fast Response - Prioritization - QoS - Content Switching - Application centric balancing Proxy Server - An intermediate server - Client makes the request to the proxy - The proxy performs the actual request - The proxy provides results back to the client - Useful features - Access control, caching, URL filtering, content scanning SCADA / ICS - Supervisory Control and Data Acquisition System - Large scale, multi site Industrial Control Systems (ICS) - PC manages equipment - Power generation, refining, manufacturing equipment - Facilities, industrial, energy, logistics - Distributed control systems - Real time information - System control - Requires extensive segmentation - No access from the outside Legacy and Embedded Systems - Legacy systems - Another expression for "really old" - May also be "really important" - Learning old things can just be as important as learning new things - Embedded systems - Purpose Built device - Not usual to have direct access to the operating system - Alarm system, door security, time card system IoT (Internet of Things) devices - Appliances - Refrigerators - Smart devices - Smart speakers respond to voice commands - Air control - Thermostats, temperature control - Access - Smart doorbells - May require a segmented network - Limit any security breaches ## IPv4 and IPv6 --- IP addressing - IPv4 is the primary protocol for everything we do - Included in almost all configurations - IPv6 is now part of all major operating systems - And the backbone of our Internet infrastructure IPv4 addresses - Internet Protocol version 4 - OSI Layer 3 addresses - ![[Pasted image 20241005225531.png]] - Since one byte is 8 bits, the maximum decimal value for each byte is 255 IPv6 addresses - Internet Protocol v6 - 128 bit address - 340 undecillion addresses - ![[Pasted image 20241005225910.png]] - DNS is very important - First 64 bits is generally the network prefix (/64) - Last 64 bits is then the host network address Networking with IPv4 - IP address, e.g., 192.168.1.165 - Every device needs a unique IP address - Subnet mask, e.g. 255.255.255.0 - Used by the local device to determine what subnet it's on - The subnet mask isn't (usually) transmitted across the network - You'll ask for the subnet mask all the time - What's the subnet mask of this network? - Default gateway, e.g., 192.168.1.1 - The router that allows you to communicate outside of your local subnet - The default gateway must be an IP address on the local subnet DNS Servers - We remember names - professormessor.com, google.com, youtube.com - Internet routers don't know names - Routers only know IP addresses - Something has to translate between names and IP addresses - Domain Name Services - You configure two DNS servers in your IP configuration - That's how important it is ## Assigning IP Addresses --- DHCP - IPv4 address configuration used to be manual - IP address, subnet mask, gateway, DNS servers, NTP servers, etc - October 1993 - The bootstrap protocol - BOOTP - BOOTP didn't automatically define everything - Some manual configurations were still required - BOOTP also didn't know when an IP address might be available again - Dynamic Host Configuration Protocol (DHCP) - Initially released in 1997, updated through the years - Provides automatic address / IP configuration for almost all devices DHCP process - DORA - A four step process - Discover - Find a DHCP server - Offer - Get an offer - Request - Lock in the offer - Acknowledge - DHCP server confirmation Step 1: Discover - Client sends a broadcast out to the network to UDP port 67 (DHCP) Step 2: Offer - Send their offers back to the client Step 3: Request - Client will send another broadcast over UDP port 67 which contains a request to take the offer that was originally sent Step 4: Acknowledge - Server sends a message back to the client workstation confirming that the request from the previous phase has been acknowledged Turning Dynamic into Static - DHCP assigns an IP address from the first available from a large pool of addresses - Your IP address will occasionally change - You may not want your IP address to change - Server, printer, or personal preference - Could configure to have the exact same IP address every time the device starts up - Disable DHCP on the device - Configure the IP address information manually - Requires additional administration - Better: Configure an IP reservation on the DHCP server - Associate a specific MAC address with an IP address Avoid Manual configurations - No DHCP server reservation - You configure the IP address manually - Difficult to change later - You must visit the device again - A DHCP reservation is preferable - Change the IP address from the DHCP server Automatic Private IP addressing (APIPA) - A link local address - No forwarding by routers - IETF has reserved 169.254.0.0 through 169.254.255.255 - First and last 256 addresses are reserved - Functional block of 169.254.1.0 through 169.254.254.255 - Automatically assigned - Uses Address Resolution Protocol (ARP) to confirm the address isn't currently in use - protocol or procedure that connects an ever-changing Internet Protocol address to a fixed physical machine address ## DNS Configuration --- Domain Name System - Translates human-readable names into computer-readable IP addresses - You only need to remember www.ProfessorMessor.com - Hierarchical - Follow the path - Distributed Database - Many DNS Serers - 13 root server clusters (Over 1,000 actual servers) - Hundreds of generic top-level domains (gTLDs) - .com, ,org, .net, etc - Over 275 country code top-level domain (ccTLDs) - .us, .ca, .uk, etc The DNS hierarchy - ![[Pasted image 20241005233141.png]] DNS lookup - ![[Pasted image 20241005233223.png]] - ![[Pasted image 20241005233244.png]] DNS records - Resource Records (RR) - The database records of the domain name services - Over 30 record types - IP addresses, certificates, host alias names, etc. - These are important and critical configurations - Make sure to check your settings, backup, and test DNS configuration - ![[Pasted image 20241005233448.png]] - ![[Pasted image 20241005233524.png]] Address Records (A) (AAAA) - IP Address of a Fully Qualified Domain Name - Defines the IP address of a host - This is the most popular query - A records are for IPv4 addresses - Modify the A record to change the host name to IP address resolution - AAAA records are for IPv6 addresses - The same DNS server, different records - ![[Pasted image 20241005233704.png]] A Record - ![[Pasted image 20241005233746.png]] - Time to Live (TTL) -> in a DNS server is specifying how long an end station will remember this match between fully qualified domain name and IP address - 15 minute TTL means that a device will make the request to a DNS server and store or cache that information for 15 minutes - After 15 minutes, that information is removed from the cache, and if this device needs to communicate back to the www server, it will need to request again, the IP address for that particular record AAAA record - ![[Pasted image 20241005234032.png]] Mail Exchange Record (MX) - Determines the host name for the mail server - This isn't an IP address; it's a name - ![[Pasted image 20241005234107.png]] Text Records (TXT) - Human readable text information - Useful public information - Was originally designed for informal information - Can be used for verification purposes - If you have access to the DNS, then you must be the administrator of the domain name - Commonly used for email security - External email servers validate information from your DNS Viewing TXT records with dig\ - ![[Pasted image 20241005234405.png]] Viewing TXT records with nslookup - ![[Pasted image 20241005234442.png]] Sender Policy Framework (SPF) - SPF Protocol - A list of all the servers authorized to send emails for this domain - Prevent mail spoofing - Mail servers perform a check to see if incoming mail really did come from an authorized host - ![[Pasted image 20241005234606.png]] Adding an SPF TXT record - ![[Pasted image 20241005234709.png]] Domain Keys Identified Mail (DKIM) - Digitally sign a domain's outgoing mail - Validated by mail servers, not usually seen by the end user - The public key is in the DKIM TXT record - ![[Pasted image 20241005234803.png]] DMARC - Domain-Based Message Authentication, Reporting, and Conformance (DMARC) - Prevent unauthorized email use (spoofing) - An extension of SPF and DKIM - You decide what external email servers should do with the emails that don't validate through SPF or DKIM - That policy is written into a DMARC TXT record - Accept all, send to spam, or reject the email - Compliance reports can be send to the email administrator - ![[Pasted image 20241005235237.png]] ## DHCP Configuration --- Scope properties - IP address range - And excluded addresses - Subnet Mask - Lease Duration - Other scope options - DNS Server - Default Gateway - VOIP servers DHCP pools - Grouping of IP addresses - Each subnet has its own scope - 192.168.1.0/24 - 192.168.2.0/24 - 192.168.3.0/24 - A scope is generally a single contiguous pool of IP addresses - DHCP exceptions can be made inside of the scope SOHO DHCP Server - ![[Pasted image 20241005235636.png]] DHCP address assignment - Dynamic assignment - DHCP server has a big pool of addresses to give out - Addresses are reclaimed after a lease period - Automatic assignment - Similar to dynamic allocation - DHCP server keeps a list of past assignments - You'll always get the same IP address DHCP address allocation - Address reservation - Administratively configured - Table of MAC addresses - Each MAC address has a matching IP address - Other names - Static DHCP assignment - Static DHCP - Static Assignment - IP Reservation Address Reservation - ![[Pasted image 20241006000325.png]] DHCP leases - Leasing your address - It's only temporary - But it can seem permanent - Allocation - Assigned a lease time by the DHCP server - Administratively configured - Reallocation - Reboot your computer - Confirms the lease - Workstation can also manually release the IP address - Moving to another subnet DHCP renewal - T1 Timer - Check in with the lending DHCP server to renew the IP address - 50% of the least time (by default) - T2 Timer - If the original DHCP server is down, try rebinding with an DHCP server - 87.5% of the lease time The DHCP lease process - ![[Pasted image 20241006000850.png]] - ## VLANs and VPNs --- LANS - Local Area Network - A group of devices in the same broadcast domain - ![[Pasted image 20241006002817.png]] Virtual LANs - Single switch, single power source for that switch and a single configuration and simply logically associate certain interfaces on that switch to the red network and logically associate other interfaces on that switch to the blue network - ![[Pasted image 20241006003028.png]] - Switch itself would provide the separation between the red and blue network and these devices still would not be able to communicate directly with each other - Virtual Local Area Networks - A group of devices in the same broadcast domain - Separated logically instead of physically Configuring VLANs - Local Area Networks - A group of devices in the same broadcast domain - ![[Pasted image 20241006003226.png]] VPNs - Virtual Private Networks - Encrypted (private) data traversing a public network - Concentrator - Encryption/Decryption access devices - Often integrated into a firewall - Many development options - Specialized cryptographic hardware - Software based options available - Used with client software - Sometimes built into the OS Client to site VPN - On demand access from a remote device - Software connects to a VPN concentrator - Some software can be configured as always on - ![[Pasted image 20241006003537.png]] - An encrypted tunnel is created between the client and the VPN concentrator, and now everything the client sends will be encrypted ## Internet Connection Types --- Many different ways to connect to the Internet Satellite Networking - Communication to a satellite - Non-terrestrial communication - High cost relative to terrestrial networking - 50 Mbps down, 3 Mbps up are common - Remote sites, difficult to network sites - High latency - 250 ms up, 250 ms down - Starlink advertises 40 ms and is working on 20 ms - High frequencies - 2 GHz - Line of sight, rain fade Fiber - High speed data communication - Frequencies of light - Higher installation cost than copper - Equipment is more costly - More difficult to repair - Communicate over long distances - Large installation in the WAN core - Supports very high data rates - SONET, wavelength division multiplexing - Fiber is slowly approaching the premises - Business and home use Cable Broadband - Broadband - Brings an internet connection into your home or business using the same cable that you would use for cable television - Transmission across multiple frequencies - Different traffic types - Data on the cable network - DOCSIS (Data Over Cable Service Interface Specification) - High speed networking - 50 Mbps through 1 Gbps are common - Multiple services - Data, voice, video DSL - ADSL (Asymmetric Digital Subscriber Line) - Uses telephone lines - Download speed is faster than upload speed (asymmetric) - 200 Mbps downstream - 20 Mbps upstream are common - 10000 ft limitation from the central office (CO) - Faster speeds may be possible if closer to the CO\ Cellular Networks - Mobile Devices - Cell phones - Separate land into cells - Antenna coverages a cell with certain frequencies - Tethering - Turn your phone into a wireless router - Mobile hotspot - Standalone devices - Use your phone for other things WISP - Wireless Internet Service Provider - Sending information to local ground stations that are in our geographical area for that IPS - Terrestrial internet access using wireless - Connect rural or remote locations - Internet access for everyone - Many different deployment technologies - Meshed 802.11 - 5 G Home internet - Proprietary wireless - Needs an outdoor antenna - Speeds can range from 10 to 1000 Mbps ## Network Types --- LAN - Local Area Network - Local is relative - A building or group of buildings - High speed connectivity - Ethernet and 802.11 wireless - Andy slower and it isn't "local" WAN - Wide Area Network - Spanning the globe - Generally connects LANs across a distance - And generally much slower than the LAN - Many different WAN technologies - Point to point serial, MPLS, etc - Terrestrial and non terrestrial PAN - Personal Area Network - Your own private network - Bluetooth, IR, NFC - Automobile - Audio output - Integrate with phone - Mobile phone - Wireless headset - Health - Workout telemetry, daily reports MAN - Metropolitan Area Network - A network in your city - Largen than a LAN, often smaller than a WAN - Historically MAN - specific topologies - Metro Ethernet - Common to see government ownership - They own the right of way SAN - Storage Area Network (SAN) - Looks and feels like a local storage device - Block level access - Very efficient reading and writing - Requires a lot of bandwidth - May use an isolated network and high speed network technologies WLAN - Wireless LAN - 802.11 technologies - Mobility - Within a building - in a limited geographical area - Expand coverage with additional access points - Downtown area - Large campus ## Network Tools --- Cable Crimpers - Pinch the connector onto a wire - Coaxial, twisted pair, fiber - Connect the modular connector to the Ethernet cable - The final step of the process - Metal prongs are pushed through the insulation - The plug is also permanently pressed onto the cable sheath Crimping best practices - Get a good crimper - And a good pair of electrician's scissors / cable snips - And a good wire stripper - Make sure you use the correct modular connectors - Differences between wire types Wi-Fi Analyzer - Wireless networks are incredibly easy to monitor - Everyone "hears" everything - Purpose built hardware or mobile device add-on - Specializes in 802.11 analysis - Identify errors and interference - Validate antenna location and installation Tone Generator - Toner probe - Where does that wire go? - Follow the tone - Tone Generator - Puts an analog sound on the wire - Inductive Probe - Doesn't need to touch the copper - Hear through a small speaker Using the toner generator and probe - Easy wire tracing - Even in complex environments - Connect the tone generator to the wire - Modular Jack - Coax - Punch down connectors - Use the probe to locate the sound - The two tone sound is easy to find Punch down tool - Punch a wire into a wiring block - 66 block, 110 block and others - Can be tedious - Every wire must be individually punched - Trims the wires during the punch - Very efficient process Punch down best practices - Organization is key - Lots of wires - Cable management - Maintain your twists - Your Category 6A cable will thank you later - Document everything - Written documentation - Tags - Graffiti Cable Testers - Relatively simple - Continuity test - Simple wire map - Can identify missing pins - Or crossed wires - Not usually used for frequency testing - Crosstalk, signal loss, etc Loopback plugs - Useful for testing physical ports - Of fooling your applications - Serial / RS 232 (9 pin or 25 pin) - Network connections - Ethernet, T1, Fiber - Not cross over cables Taps and port mirrors - Intercept network traffic - Send a copy to a packet capturing device - Physical taps - Disconnect the link, put a tap in the middle - Can be active or passive tap - Port Mirror - Port redirection, SPAN (Switched Port Analyzer) - Software-based tap - Limited functionality, but can work will in a punch ## Network Cables --- The importance of cable - Fundamental to network communication - Incredibly important foundation - Usually only get one good opportunity at building your cabling infrastructure - Make it good - The vast majority of wireless communication uses cables - It has to plug in somewhere Twisted Pair Copper Cabling - Balance Pair operation - Two wires with equal and opposite signals - Transmit+, Transmit- / Receive+, Receive- - The twist is the secret! - Keeps a single wire constantly moving away from the interference - The opposite signals are compared on the other end - Pairs in the same cable have different twist rates Copper Cabling Categories | Ethernet Standard | Cable Category | Maximum Supported Distance | | ----------------- | -------------- | --------------------------------------------- | | 1000BASE-T | Category 5 | 100 meters | | 1000BASE-T | Category 5e | 100 meters | | 10GBASE-T | Category 6 | Unshielded: 55 meters Shielded: 100 meters | | 10GBASE-T | Category 6A | 100 meters | Coaxial Cables - Two or more forms share a common axis - RG-6 used in television/digital cable - And high speed Internet over cable Plenum - Plenum Space - Building air circulation - Heating and air conditioning system - Concerns in the case of a fire - Smoke and toxic fumes - Worst case planning - Important concerts for any structure Plenum Rated Cable - Traditional cable jacket - Polyvinyl chloride (PVC) - Fire rated cable jacket - Fluorinated ethylene polymer (FEP) or low smoke polyvinyl chloride (PVC) Unshielded and Shielded cable - UTP (Unshielded Twisted Pair) - No additional shielding - The most common twisted pair cabling - STP (Shielded Twisted Pair) - Additional shielding protects against interference - Shield each pair and/or the overall cable - Requires the cable to be grounded - Abbreviations - U = Unshielded - S = Braided Shielding - F = Foil shielding - (Overall Cable) / (individual pairs)TP - Braided shielding around the entire cable and foil around the pairs is S/FTP - Foil around the cable with no shielding around the pairs is F/UTP Direct burial STP - Overhead cable isn't always a good option - Put the cable in the ground - Provides protection from the elements - Designed to be waterproof - Often filled with gel to repel water - Conduit may not be needed - Shielded twisted pair - Provides grounding - Adds strength - Protects against signal interference - ![[Pasted image 20241007195026.png]] ## Optical Fiber --- Fiber Communication - Transmission by light - The visible spectrum - No Radio Frequency Signal - Very difficult to monitor or tap - Signal slow to degrade - Transmission over long distances - Immune to radio interference - There's no radio interference - ![[Pasted image 20241007195229.png]] Multimode Fiber - Short range communication - Up to 2 km - Relatively inexpensive light source - i.e., LED - Larger Core ![[Pasted image 20241007195414.png]] Single Mode Fiber - Long range communication - Up to 100 km without processing - Expensive light source - Commonly uses lasers - Smaller Core ![[Pasted image 20241007195518.png]] ## 568A and 568B Colors --- Structured Cabling Standards - International ISO/IEC 11801 cabling standards - Defines classes of networking standards - Telecommunications Industry Association (TIA) - Standards, market analysis, trade shows, government affairs, etc - ANSI/TIA-568: Commercial Building Telecommunications Cabling Standard - Commonly referenced for pin and pair assignments of eight conductor 100 ohm balanced twisted pair cabling - T568A and T568B T568A and T568B termination - Pin assignments from T568B standard - Eight conductor 100 ohm balance twisted pair cabling - T568A and T568B are different pin assignments for 8P8C connectors - Assigns the T568A pin out to horizontal cabling - Many organizations traditionally use 568B - Difficult to change in mid-stream - You can't terminate one side of the cable with 568A and other with 568B - This has never been the definition of a Gigabit Ethernet crossover cable 568A and 568B termination ![[Pasted image 20241007200121.png]] ## Section 13: Network Configurations REDO --- **96. Network Configurations** - [[Transmission Control Protocol-Internet Protocol (TCP-IP Protocol)]] - [[Protocol]] **97. IPv4** - [[Internet Protocol v.4 (IPv4)]] | | 1st [[Octet]] | 2nd Octet | 3rd Octet | 4th Octet | | ----------------------------------------------------------------- | ------------- | --------- | --------- | --------- | | [[Dotted Decimal Notation]] | 192 | 168 | 1 | 4 | | Binary Digits | 11000000 | 1010100 | 00000001 | 00000100 | | [[Subnet Mask]] **specifically a Class C subnet mask** | 255 | 255 | 255 | 0 | | Binary | 11111111 | 11111111 | 11111111 | 00000000 | - 192.168.1 <- represents the network that i can contain up to 254 devices - because the subnet mask has a 1, which represents the network portion of the IPv4 address - .4 <- represents the specific host on said network (could be a server, desktop, laptop, table, smartphone, or any other network device) - because the subnet mask has a 0, which represents the host portion of the IPv4 address - These address can be broken up into classes or groupings of ranges that can be used for different purposes - Each Class has its own default [[Subnet Mask]] - To identify the class for a given IP address, we need to look at the first [[Octet]] | Class | 1st Octet Value | Default Subnet Mask | Possible Hosts | [[Classless Inter-Domain Routing (CIDR)\|CIDR Notation]] | | -------------------------------------------------------------------------------------------------------- | --------------- | ------------------- | ----------------------------------------------------------- | -------------------------------------------------------- | | A | 1-127 | 255.0.0.0 | 16.7 million available for a single network address portion | /8 | | B | 128-191 | 255.255.0.0 | 65,536 | /16 | | C | 192-223 | 255.255.255.0 | 256 | /24 | | D **Special class that's reversed for multicasting or multicast routing ([[Multicast Address]])** | 224-239 | - | - | - | | E **Reserved for research and developmental or study only** | 240-255 | - | 268 Million (reserved) | - | [[Classful Mask]] - 192.168.1.4 - 255.255.255.0 Don't have to stick with a classful subnet mask - Could instead use a classless subnet mask - [[Classless Inter-Domain Routing (CIDR)]] - 255.255.255.0 -> 256 hosts to 255.255.255.192 -> 64 hosts - Borrow 2 bits from the host and gave it to the network portion of the address - How you make four different subnetworks or subnets - [[Public (Routable) IP]] - [[Private (Non-Routable) IP]] - Specialized IPs - [[Loopback Address]] - [[Automatic IP Addressing (APIPA)]] - As your computer boots up, it's going to attempt to get its own IP address using dynamic IPs, using the [[Dynamic Host Configuration Protocol (DHCP)]] protocol - Goes through a four step process known as [[DORA]] **98. Assigning IPv4 Addresses** - Two different methods to tell a computer what type of address they're going to have: - [[Static (Manually) Assignment]] - [[Dynamic Assignment]] - Whether you're using either of these IP assignments, you still need to use the same four components - [[Internet Protocol (IP) Address]] - [[Subnet Mask]] - [[Default Gateway]] - Server Address ([[DNS Server]]) - [[Domain Name System (DNS)]] - [[Windows Internet Name Service (WINS)]] - Four different methods of dynamically assigning the critical addressing information for each client: - [[Bootstrap Protocol (BOOTP)]] - [[Dynamic Host Configuration Protocol (DHCP)]] - [[Automatic IP Addressing (APIPA)]] - [[ZeroConfig (ZeroConf)]] **99. DHCP** - [[Dynamic Host Configuration Protocol (DHCP)]] - IP conflicts, where the same [[Internet Protocol (IP) Address]] is assigned to the multiple machines will not happen with DHCP because each device is assigned an IP from a [[DHCP Scope|Scope]] - Instead of statically assigning these IPs, you could use something known as a [[DHCP Reservation]] - Can automate all of our devices whenever they come online. When a device joins our network, it's going to reach out to our DHCP server and it's going to do the [[DORA]] process - IP addresses can also be [[Static (Manually) Assignment|statically assigned]] if you provide all four pieces of information to your client device - [[Dynamic Assignment|Dynamically]] assigning IP addresses is done by the DHCP servers (configuration is done for us) **100. DNS** - [[Domain Name System (DNS)]] - Client device gets told to go to a website and so it reaches out to a [[DNS Server]] and says "What is the website?", and the DNS server is going to reply back and say it's IP address. Then the client gets redirected to a web server using their router and their way in connection since they now know the right IP address to use as their destination - Usually rely on our [[Internet Service Provider (ISP)]] to do this function for us - But if you're running you're own website, you might also have your own DNS server inside your network, and you'll be responsible for setting up your own DNS records that dictate what servers are located at what IP addresses and for what purposes - Like contact list on a phone - [[Fully Qualified Domain Name (FQDN)]] - Could look at it from a [[Uniform Resource Locator (URL)]] perspective - Inside your [[DNS Server]], you're going to create different records that hold different types of information based on your use case | [[DNS Record]] | Description | Function | | ---------------- | -------------- | -------------------------------------------------------------- | | [[A Record]] | Address | Links a hostname to a [[Internet Protocol v.4 (IPv4)]] address | | [[AAAA Record]] | Address | Links a host name to an [[Internet Protocol v.6 (IPv6)]] | | [[CNAME Record]] | Canonical Name | Points a [[Domain]] to another domain or [[Subdomain]] | | [[MX Record]] | Mail Exchange | Directs emails to a mail server | | [[TXT Record]] | Text | Adds text into the [[Domain Name System (DNS)\|DNS]] | | [[NS Record]] | [[Nameserver]] | Indicates which DNS nameserver has the authority | - [[Internal DNS]] - [[External DNS]] - [[Time To Live (TTL)]] - [[Recursive Lookup]] - [[Iterative Lookup]] **101. VLAN** - [[Virtual Local Area Network (VLAN)]] - Allows you to break out certain ports to be used for different broadcast domains - Different logical network that share the same physical hardware - ![[Pasted image 20241005190104.png]] - Logically separate out the traffic into each of those virtual networks - VLAN Trunking - ![[Pasted image 20241005190236.png]] - Merge all that data onto a single cable, we call it a trunk - To identify the VLANs that are going over the trunk is by using an electronic tag that is four bytes long, called our [[Four Byte Identifier]] - One VLAN is left untagged (known as the Native VLAN (VLAN 0)) **102. VPN** - [[Virtual Private Network (VPN)]] - Can be figured in different ways - Site to site - Can connect two offices together - Used to connect two sites and provide an inexpensive alternative to dedicated leased lines - Client to site - Can connect a single remote user back to a corporate network - Sending data from a single host and connecting it back to our headquarters office - Client to router - [[Clientless VPN]] - Used with web browsing - Use either [[Full Tunnel]] or [[Split Tunnel]] - Both can be used with site to site or client to site models **103. IPv6** - [[Internet Protocol v.6 (IPv6)]] - 340 undecillion addresses - [[Internet Protocol v.4 (IPv4)]] has limited addressable space (4.2 billion addresses) - [[Address Exhaustion]] - [[Internet Protocol v.5 (IPv5)]] - [[Tunneling]] **104. Ports and Protocols** - [[Port]] | Protocol | Port Number | Usage | | ------------------------------------------------- | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [[File Transfer Protocol (FTP)]] | 20, 21 | Provides insecure file transfers between a client and a server on a computer network (no encryption) | | [[Secure Shell (SSH)]] | 22 | Provides a secure remote control of another machine using a text-based environment | | [[Secure File Transfer Protocol (SFTP)]] | 22 | Provides secure file transfers | | [[Telnet]] | 23 | Provides insecure remote control of another machine using a text-based environment | | [[Simple Mail Transfer Protocol (SMTP)]] | 25 | Provides the ability to send emails over the network | | [[Domain Name System (DNS)]] | 53 | Converts domain names to IP address, and IP address to domain names | | [[Dynamic Host Configuration Protocol (DHCP)]] | 67, 68 | Automatically provides network parameters, such as assigned IP address, subnet mask, default gateway, and the DNS server | | [[HyperText Transfer Protocol (HTTP)]] | 80 | Used for insecure web browsing | | [[Post Office Protocol (POP)]] | 110 | Used for receiving incoming emails. Only used for inbound or incoming email. Also uses a store and forward method of communication | | [[Network Basic Input-Output System (NetBIOS)]] | 137, 139 | Used for file or printer sharing in a Windows network | | [[Internet Mail Access Protocol (IMAP)]] | 143 | A newer method of retrieving incoming emails which improves upon the older POP3 | | [[Simple Network Management Protocol (SNMP)]] | 161,162 | Used to collect data about network devices and monitor their status | | [[Lightweight Directory Address Protocol (LDAP)]] | 389 | Used to provide directory services to your network | | [[HyperText Transfer Protocol Secure (HTTPS)]] | 443 | Used as a secure and encrypted version of web browsing. Will be sending data over an encrypted tunnel that will either use [[Secure Socket Layer (SSL)]] or [[Transport Layer Security (TLS)]] | | [[Server Message Block (SMB)]] | 445 | Used for Windows file and printer sharing services | | [[Remote Desktop Protocol (RDP)]] | 3389 | Provides graphical remote control of another client or server | **105. TCP vs UDP** - [[Transmission Control Protocol (TCP)]] - [[User Datagram Protocol (UDP)]] | TCP | UDP | | --------------------------------------------------- | ---------------------------------- | | Reliable (three way handshake) | Not reliable | | Connection-oriented | Connectionless | | Segment retransmission and flow control (windowing) | No retransmission and no windowing | | With segmentation of sequencing | Without sequencing | | With acknowledgement | Without acknowledgemnt | | | | ## Ports --- Port 20/21 - FTP Port 22 - SSH Port 23 - Telnet Port 25 - SMTP Port 67 - DHCP Port 68 - DHCP Client Port 53 - DNS ## Professor Messer Practice Exam --- #### Exam 1: **A1**: 1. Lightning 2. RJ45 3. HDMI 4. Micro-USB 5. DB-9 6. USB-C **A2**: 7. SATA Revision 3.2 8. USB 3.2 Gen 1 9. Thunderbolt v3 10. One Stream 802.11ax 11. 10GBASE-T **A3**: 12. tcp/443 - HTTPS 13. LDAP 14. udp/53 - DNS 15. tcp/143 - IMAP 16. u 17. tcp/3389 - RDP 18. tcp/22 - SSH **A4**: A. CPU Slot B. Memory Slot C. Motherboard Main Power 24 pin D3. PCIe x1 E. SATA slot F. Front Panel connector **A5:** RAID 1+0 ## 81% on the multiple choice **A6:** B **A7:** A **A8.** C <- COME BACK **A9.** B **A10.** B <- COME BACK **A11.** Correct D **A12.** A **A13.** B **A14.** B **A15.** A **A16.** B **A17.** D **A18.** A **A19.** A **A20.** C **A21.** A, C **A22.** A **A23.** A **A24.** A, E **A25.** C **A26.** D **A27.** A, C **A28.** C **A29.** B **A30.** D **A31.** A **A32.** C **A33.** C **A34.** B, E **A35.** B **A36.** A **A37.** B <- COME BACK **A38.** B **A39.** A **A40.** B **A41.** C **A42** C **A43** D **A44.** A **A45.** C **A46.** C **A47.** A **A48.** B **A49.** A **A50.** D **A51.** B **A52.** B **A53.** D **A54.** A **A55.** A **A56.** A **A57.** B, C <- COME BACK **A58.** A **A59.** A **A60.** C **A61.** A **A62.** B **A63.** D **A64.** A **A65.** D **A66.** D **A67.** C **A68.** B **A69.** B **A70.** C **A71.** D **A72.** B **A73.** C **A74.** D **A75.** B **A76.** B **A77.** D **A78.** B **A79.** C **A80.** D **A81.** D **A82.** A **A83.** D **A84.** A **A85.** D **A86.** A **A87.** B **A88.** D **A89.** B **A90.** C #### Exam 2: **B1** - Thermal - Heating Element - Impact - Ribbon - Inkjet - Ink Cartridge - Laser - Fuser - 3D - Plastic Filament **B2** USB Type A USB Type C HDMI USB Type B Lightning **B3** Toner Probe Cable Tester Crimper Network Tap **B4** RAID 5 RAID 1 RAID 10 RAID 0 **B5** 1. RDP 2. SMTP 3. Telnet 4. DHCP 5. DNS 6. SMB 7. SSH ## 88% on the multiple choice **B6.** A **B7.** D **B8.** C **B9.** A **B10.** B **B11.** A **B12.** C **B13.** D **B14.** A **B15.** B **B16.** D **B17.** D **B18.** D **B19.** B **B20.** C **B21.** A **B22.** D **B23.** B **B24.** C **B25.** C **B26.** B **B27.** D **B28.** C, F **B29.** B **B30.** C **B31.** C **B32.** A **B33.** B **B34.** B **B35.** B **B36.** A **B37.** A **B38.** A **B39.** D **B40.** D **B41.** B **B42**. C **B43.** B **B44.** C **B45.** C **B46.** B **B47.** A **B48.** D **B49.** A **B50.** B **B51.** C **B52.** B **B53.** A **B54.** C **B55.** E **B56.** A **B57.** D **B58.** C **B59.** A **B60.** D **B61.** C **B62.** D **B63.** D **B64.** D **B65.** B **B66.** D **B67.** C **B68.** B **B69.** D **B70.** D **B71.** **B** **B72.** D **B73.** D **B74.** B **B75.** D **B76.** C **B77.** C **B78.** A **B79.** D **B80.** B **B81.** C **B82.** B **B83.** D **B84.** A **B85.** B **B86.** A **B87.** A **B88.** C **B89.** C **B90.** A #### Exam 3: **C1.** 1. Router 2. Access Point 3. Switch 4. Patch Panel **C2.** 1. Scratched photosensitive drum 2. Ink Cartridge is low 3. Fuser is not optional 4. Incorrect Page Description Language 5. Drum not cleaning properly **C3.** - 802.11g - 2.4GHz - none - 802.11n - 2.4 GHz, 5 GHz - none - 802.11 ac - 5 GHz - MIMO - 802.11ax - 2.4 GHz, 5 GHz - MU-MIMO **C4.** 1. SATA 2. F-connector 3. RJ45 4. HDMI **C5.** 1. TCP/443 2. TCP/23 3. TCP/389 4. TCP/445 **C6.** B **C7.** D **C8.** A **C9.** A **C10.** C **C11.** A **C12.** A **C13.** C **C14.** C **C15.** C **C16.** A **C17.** C **C18.** A **C19.** C **C20.** A, E **C21.** B **C22.** A **C23.** C **C24.** C **C25.** D **C26.** D **C27.** B **C28.** C **C29.** D, D **C30.** B **C31.** C **C32.** A **C33.** D **C34.** D **C35.** A **C36.** D **C37.** C **C38.** B **C39.** C **C40.** C **C41.** A **C42.** C **C43.** D **C44.** A **C45.** B **C46.** A **C47.** D **C48.** C **C49.** A **C50.** D **C51.** B **C52.** A **C53.** B **C54.** B **C55.** D. **C56.** C **C57.** C **C58.** B **C59.** D **C60.** D **C61.** C **C62.** A **C63.** C **C64.** B **C65.** B **C66.** B **C67.** D **C68.** A **C69.** C **C70.** D **C71.** A **C72.** A **C73.** C **C74.** A **C75.** B **C76.** D **C77.** C **C78.** D **C79.** B **C80.** A **C81.** B **C82.** D **C83.** A **C84.** B **C85.** B **C86.** B **C87.** B **C88.** A **C89.** D **C90.** D