108.1 Define the following devices and their uses:
a. Host/Client - Client/Host architecture allows for multiple clients to connect and share resources shared on a host(s) servers.
b. Application Server - Is a server that is designed for or dedicated to running specific applications for individual clients in order to keep resources available for other tasks.
c. Hub - Is a device for connecting multiple twisted pair or fiber optic Ethernet devices together and making them act as a single network segment.
d. Switch - Is a computer networking device that connects network segments.
e. Router - Is a device that interconnects two or more computer networks, and selectively interchanges packets of data between them.
f. WAP - Is an open international standard for application-layer network communications in a wireless-communication environment.
108.1 Define the following devices and their uses: (cont)
g. Proxy Server - Is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers.
h. Firewall - It is a device or set of devices which is configured to permit or deny computer applications/services based upon a set of rules and other criteria.
i. VPN Concentrator - Device that provides cost savings through flexible, reliable, and high-performance connectivity via remote-access solutions over public or non-secure physical lines.
j. Back-up - Up-to-date network resources that are available on hand if network files become corrupt and/or unusable.
k. Repeater - Is an electronic device that receives a signal and retransmits it at a higher level and/or higher power, or onto the other side of an obstruction, so that the signal can cover longer distances.
108.2 Define the following layers of routing and common devices associated with each:
a. Access - Access routers, including 'small office/home office' (SOHO) models, are located at customer sites such as branch offices that do not need hierarchical routing of their own.
b. Distribution - Distribution routers aggregate traffic from multiple access routers, either at the same site, or to collect the data streams from multiple sites to a major enterprise location. Distribution routers often are responsible for enforcing quality of service across a WAN, so they may have considerable memory, multiple WAN interfaces, and substantial processing intelligence.
c. Core - a core router may provide a "collapsed backbone" interconnecting the distribution tier routers from multiple buildings of a campus, or large enterprise locations. They tend to be optimized for high bandwidth.
108.3 Explain the following network terminology:
a. Star networks are one of the most common computer network topologies. In its simplest form, a star network consists of one central switch, hub or computer, which acts as a conduit to transmit messages.
a. Bus network topology is a network architecture in which a set of clients are connected via a shared communications line, called a bus. Bus networks are the simplest way to connect multiple clients, but may have problems when two clients want to transmit at the same time on the same bus. Thus systems which use bus network architectures normally have some scheme of collision handling or collision avoidance for communication on the bus, quite often using Carrier Sense Multiple Access or the presence of a bus master which controls access to the shared bus resource.
a. Ring network is a network topology in which each node connects to exactly two other nodes, forming a single continuous pathway for signals through each node - a ring. Data travels from node to node, with each node along the way handling every packet.
Because a ring topology provides only one pathway between any two nodes, ring networks may be disrupted by the failure of a single link. A node failure or cable break might isolate every node attached to the ring. FDDI networks overcome this vulnerability by sending data on a clockwise and a counterclockwise ring: in the event of a break data is wrapped back onto the complementary ring before it reaches the end of the cable, maintaining a path to every node along the resulting "C-Ring".
a. Mesh networking is a type of networking wherein each node in the network may act as an independent router, regardless of whether it is connected to another network or not. It allows for continuous connections and reconfiguration around broken or blocked paths by “hopping” from node to node until the destination is reached. A mesh network whose nodes are all connected to each other is a fully connected network. Mesh networks differ from other networks in that the component parts can all connect to each other via multiple hops, and they generally are not mobile.
LAN – local area network
d. WAN – Wide Area Network
e. Metropolitan Area Network - is a large computer network that usually spans a city or a large campus. A MAN usually interconnects a number of local area networks (LANs) using a high-capacity backbone technology, such as fiber-optical links, and provides up-link services to wide area networks and the Internet.
f. Global Access Network - is a telecommunication system that extends mobile voice, data and IP Multimedia Subsystem/Session Initiation Protocol (IMS/SIP) applications over IP networks. Unlicensed Mobile Access or UMA, is the commercial name used by mobile carriers for external IP access into their core networks.
108.4 Identify the functions, by layer, of the following models:
108.5 State the difference between IPv4 and IPv6. IPV4 HAS 32 BIT ADDRESSES IPV6 HAS 64 BIT ADDRESSES
108.6 Define the following and how they are used:
a. Non-classified Internet Protocol Router Network ( NIPRNet ) is used to exchange sensitive but unclassified information between "internal" users as well as providing users access to the Internet. NIPRNet is composed of Internet Protocol routers owned by the United States Department of Defense (DOD).
108.6 Define the following and how they are used: (cont)
b. Secret Internet Protocol Router Network ( SIPRNet ) is a system of interconnected computer networks used by the United States Department of Defense and the U.S. Department of State to transmit classified information (up to and including information classified SECRET) via the TCP/IP protocol suite in a secured environment.
108.6 Define the following and how they are used: (cont)
c. Joint Worldwide Intelligence Communications System , is a system of interconnected computer networks used by the U.S. Department of Defense and the U.S. Department of State to transmit classified Top Secret and SCI information by packet switching over TCP/IP in a secure environment.
108.7 Explain the following networks and where they are employed:
a. DODN GIG – the global information grid is a globally interconnected, end-to-end set of information capabilities for collecting, processing, storing, disseminating, and managing information on demand to warfighters, policy makers, and support personnel.
b. Defense Information System Network (DISN) is the United States Department of Defense's enterprise network for providing data, video and voice services. In September 1991, OSD directed DISA to implement the DISN
c. Navy/Marine Corps Intranet (NMCI) is a United States Department of the Navy outsourcing program, in which an outside contractor provides a vast majority of information technology services for the entire Department, including the United States Navy and Marine Corps. The major US-CONUS shore based Navy network.
d. ONE-NET is a Navy-wide initiative to install a common and secure IT infrastructure to OCONUS Navy locations. It is based on the Navy-Marine Corps Intranet (NMCI) architecture and is designed to be interoperable with IT-21, NMCI, and the Global Information Grid in the near future.
e. IT-21 Network – The IT-21 network is a system built to industry standards, using commercial off-the-shelf technology (or COTS), devoid of stovepipes, in a client-server environment. The goal of IT-21 is to link all U.S. forces and eventually our allies together in a network that enables voice, video and data transmissions from a single desktop PC, allowing warfighters to exchange information that is classified or unclassified, and tactical or non-tactical. The IT-21 network is a GAN, and is managed by 4 Fleet NOCs positioned around the world for 24/7 operations.
108.8 Describe the following:
Machine Language is a system of instructions and data executed directly by a computer's central processing unit.
Assembly Languages are a type of low-level languages for programming computers, microprocessors, microcontrollers, and other (usually) integrated circuits. They implement a symbolic representation of the numeric machine codes and other constants needed to program a particular CPU architecture.
High-level Language is a programming language with strong abstraction from the details of the computer. In comparison to low-level programming languages, it may use natural language elements, be easier to use, or be more portable across platforms. Such languages hide the details of CPU operations such as memory access models and management of scope.
Operating system (OS) is a set of system software programs in a computer that regulate the ways application software programs use the computer hardware and the ways that users control the computer.
Applications are computer software's designed to help the user to perform singular or multiple related specific tasks.
108.9 Describe the following to include the risks associated:
a. Virus is a computer program that can copy itself and infect a computer. A virus spreads from one computer to another (in some form of executable code) when its host is taken to the targeted infected computer
b. Worms are self-replicating malware computer programs. They use a computer network to send copies of their selves to other nodes (computers on the network) and may do so without any user intervention.
c. Trojans are malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user's computer system.
d. Backdoors in computer systems (or cryptosystem or algorithm) are a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected.
e. Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
108.10 Describe function and risk associated with following activities:
Network enumerating is a computing activity in which user names, and info on groups, shares and services of networked computers are retrieved.
Buffer Overflow is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This may result in erratic program behavior, including memory access errors, incorrect results, program termination (a crash), or a breach of system security
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The idea is to convince the application to run SQL code that was not intended.
Dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities.
e. Privilege escalation is the act of exploiting a bug or design flaw in a software application to gain access to resources which normally would have been protected from an application or user.
f. Brute force attack is a strategy used to break the encryption of data. It involves traversing the search space of possible keys until the correct key is found.
g. Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques; essentially a fancier, more technical way of lying.
108.10 Describe function and risk associated with following activities: (cont)
108.11 Describe the functionality of PKI.
Public Key Infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority ( CA ). The binding is established through the registration and issuance process. The PKI role that assures this binding is called the Registration Authority ( RA ) . For each user, the user identity, the public key, their binding, validity conditions and other attributes are made unforgivable in public key certificates issued by the CA.
PKI PROCESS FLOW CHART
108.12 State the purpose of DNS.
Domain Name System ( DNS ) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.