1. UDP is used for voice and video traffic instead of TCP because TCP introduces delays that break data streams and UDP does not have mechanisms for retransmitting lost packets. TCP is preferred for transmitting data files because it is more reliable and requires lost packets to be retransmitted.
2. To facilitate secure intranet access for remote workers, an enterprise IT department would use VPN and user authentication.
3. The purpose of the Cisco Enterprise Architecture is to divide the network into functional components while still maintaining the concept of Core, Distribution, and Access Layers.
https://theacademicessays.com/downloads/solution-cis-534-advanced-networking-design-term-paper-project-designing-secure-network-complete-solution/
Project: Designing a Secure Network
This term paper involves putting together the various concepts learned throughout this course. You are tasked with designing the most secure network possible, keeping in mind your goal of supporting three (3) IT services: email, file transfer (centralized), and VPN. Your first step is to design a single network capable of supporting there three (3) different services. Once you have fully designed your network, you will need to provide three (3) workflow diagrams explaining how your designed network handles the three (3) different transactions. The first is an internal user sending an email using his / her corporate email address to a user on the Yahoo domain with an arbitrary address of user534@yahoo.com. The second workflow diagram should show a user initiating an FTP session from inside your network to the arbitrary site of ftp.netneering.com. The third workflow is an externally located employee initiating a VPN session to corporate in order to access files on the Windows desktop computer, DT-Corp534-HellenS, at work.
Write a ten to fifteen (10-15) page paper in which you complete the following three (3) Parts. Note: Please use the following page breakdown to complete your assignment:
Overall network diagram: One (1) page
Datapath diagrams: Three (3) pages (one for each diagram)
Write-up: six to ten (6-10) pages
Part 1
Using Microsoft Visio or its open source alternative, create a diagram showing the overall network you’ve designed from the user or endpoint device to the Internet cloud, and everything in between, in which you:
o Follow the access, core, distribution layer model.
o Include at a minimum:
Authentication server (i.e. Microsoft Active Directory)
Routers
Switches (and / or hubs)
Abstract: The Dynamic Host Configuration protocol (DHCP) is a protocol that is designed to help in automate the process of IP configuration and the rest of network parameters to the host in the network. The DHCP has a unique and important features which are make its address administration very efficient especially nowadays with the proliferation of mobile devices with the patterns that have a transient network access. With a large network or with a mobile ad-hoc network, the administrator will face an impossibility to configure the IP and the rest of network parameters of the host in the network because there will be many wrongs or there will be no infra-structure.
One of the most important features of DHCP is that the same IP will not be allowed to be used at the same time between two hosts or network cards in DHCP mechanism.
The misconfigurations or misbehavior of the host will prevent the DHCP to work properly. Our focus in this paper is to discuss the address administration of DHCP over performance and vulnerabilities in operational networks today. Moreover, we will try to display how the misconfigurations of the host could affect the DHCP and how we will be able to get rid or reduce these misconfigurations.
In this paper, an improved secure address resoluti
on protocol is presented where ARP spoofing
attack is prevented. The proposed methodology is a
centralised methodology for preventing
ARP spoofing attack. In the proposed model there is
a central server on a network or subnet
which prevents ARP spoofing attack.
Mitigation of Selfish Node Attacks In Autoconfiguration of MANETsIJAAS Team
Mobile ad-hoc networks (MANETs) are composed of mobile nodes connected by wireless links without using any pre-existent infrastructure. Hence the assigning of unique IP address to the incoming node becomes difficult. There are various dynamic auto configuration protocols available to assign IP address to the incoming nodes including grid based protocol which assigns IP address with less delay and low protocol overhead. Such protocols get affected by presence of either selfish nodes or malicious nodes. Moreover there is no centralized approach to defend against these threats like in wired network such as firewall, intrusion detection system, proxy etc. The selfish nodes are the nodes which receive packet destined to it and drop packet destined to other nodes in order to save its energy and resources. This behavior of nodes affects normal functioning of auto configuration protocol. Many algorithms are available to isolate selfish nodes but they do not deal with presence of false alarm and protocol overhead. And also there are certain algorithms which use complex formulae and tedious mathematical calculations. The proposed algorithm in this paper helps to overcome the attack of selfish nodes effect in an efficient and scalable address auto configuration protocol that automatically configures a network by assigning unique IP addresses to all nodes with a very low protocol overhead, minimal address acquisition delay and computational overhead.
https://theacademicessays.com/downloads/solution-cis-534-advanced-networking-design-term-paper-project-designing-secure-network-complete-solution/
Project: Designing a Secure Network
This term paper involves putting together the various concepts learned throughout this course. You are tasked with designing the most secure network possible, keeping in mind your goal of supporting three (3) IT services: email, file transfer (centralized), and VPN. Your first step is to design a single network capable of supporting there three (3) different services. Once you have fully designed your network, you will need to provide three (3) workflow diagrams explaining how your designed network handles the three (3) different transactions. The first is an internal user sending an email using his / her corporate email address to a user on the Yahoo domain with an arbitrary address of user534@yahoo.com. The second workflow diagram should show a user initiating an FTP session from inside your network to the arbitrary site of ftp.netneering.com. The third workflow is an externally located employee initiating a VPN session to corporate in order to access files on the Windows desktop computer, DT-Corp534-HellenS, at work.
Write a ten to fifteen (10-15) page paper in which you complete the following three (3) Parts. Note: Please use the following page breakdown to complete your assignment:
Overall network diagram: One (1) page
Datapath diagrams: Three (3) pages (one for each diagram)
Write-up: six to ten (6-10) pages
Part 1
Using Microsoft Visio or its open source alternative, create a diagram showing the overall network you’ve designed from the user or endpoint device to the Internet cloud, and everything in between, in which you:
o Follow the access, core, distribution layer model.
o Include at a minimum:
Authentication server (i.e. Microsoft Active Directory)
Routers
Switches (and / or hubs)
Abstract: The Dynamic Host Configuration protocol (DHCP) is a protocol that is designed to help in automate the process of IP configuration and the rest of network parameters to the host in the network. The DHCP has a unique and important features which are make its address administration very efficient especially nowadays with the proliferation of mobile devices with the patterns that have a transient network access. With a large network or with a mobile ad-hoc network, the administrator will face an impossibility to configure the IP and the rest of network parameters of the host in the network because there will be many wrongs or there will be no infra-structure.
One of the most important features of DHCP is that the same IP will not be allowed to be used at the same time between two hosts or network cards in DHCP mechanism.
The misconfigurations or misbehavior of the host will prevent the DHCP to work properly. Our focus in this paper is to discuss the address administration of DHCP over performance and vulnerabilities in operational networks today. Moreover, we will try to display how the misconfigurations of the host could affect the DHCP and how we will be able to get rid or reduce these misconfigurations.
In this paper, an improved secure address resoluti
on protocol is presented where ARP spoofing
attack is prevented. The proposed methodology is a
centralised methodology for preventing
ARP spoofing attack. In the proposed model there is
a central server on a network or subnet
which prevents ARP spoofing attack.
Mitigation of Selfish Node Attacks In Autoconfiguration of MANETsIJAAS Team
Mobile ad-hoc networks (MANETs) are composed of mobile nodes connected by wireless links without using any pre-existent infrastructure. Hence the assigning of unique IP address to the incoming node becomes difficult. There are various dynamic auto configuration protocols available to assign IP address to the incoming nodes including grid based protocol which assigns IP address with less delay and low protocol overhead. Such protocols get affected by presence of either selfish nodes or malicious nodes. Moreover there is no centralized approach to defend against these threats like in wired network such as firewall, intrusion detection system, proxy etc. The selfish nodes are the nodes which receive packet destined to it and drop packet destined to other nodes in order to save its energy and resources. This behavior of nodes affects normal functioning of auto configuration protocol. Many algorithms are available to isolate selfish nodes but they do not deal with presence of false alarm and protocol overhead. And also there are certain algorithms which use complex formulae and tedious mathematical calculations. The proposed algorithm in this paper helps to overcome the attack of selfish nodes effect in an efficient and scalable address auto configuration protocol that automatically configures a network by assigning unique IP addresses to all nodes with a very low protocol overhead, minimal address acquisition delay and computational overhead.
The Dynamic Host Configuration Protocol (DHCP)
provides a framework for passing configuration information
to hosts on a UDP network. Computers that are connected to
IP networks must be configured before they can communicate
with other hosts. The most essential information needed is
an IP address. DHCP eliminates the manual task by a network
administrator. DHCP is based on the Bootstrap Protocol
(BOOTP), adding the capability of automatic allocation of
reusable network addresses and additional configuration
options. DHCP captures the behavior of BOOTP relay agents,
and DHCP participants can interoperate with BOOTP
participants. Proposed system, i.e., Customized DHCP aims
to give the security for DHCP, which was not present in the
older one and it uses UDP instead of TCP thus reducing the
number of fields as compared to the old DHCP, in turn which
decreases the execution time and still providing the basic
functionality of the usual DHCP.
Computer network is a distributed system consisting of loosely coupled computers and other
devices. Any two of these devices, which we will from now on refer to as network elements or
transmitting elements, can communicate with each other through a communication medium. In
order for these connected devices to be considered a communicating network, there must be a set
of communicating rules or protocols each device in the network must follow to communicate wit
another device in the network. The resulting combination consisting of hardware and software is a computer communication network or computer network in short. Figure 1.1 shows a computer
network
The peer-reviewed International Journal of Engineering Inventions (IJEI) is started with a mission to encourage contribution to research in Science and Technology. Encourage and motivate researchers in challenging areas of Sciences and Technology.
The Dynamic Host Configuration Protocol (DHCP)
provides a framework for passing configuration information
to hosts on a UDP network. Computers that are connected to
IP networks must be configured before they can communicate
with other hosts. The most essential information needed is
an IP address. DHCP eliminates the manual task by a network
administrator. DHCP is based on the Bootstrap Protocol
(BOOTP), adding the capability of automatic allocation of
reusable network addresses and additional configuration
options. DHCP captures the behavior of BOOTP relay agents,
and DHCP participants can interoperate with BOOTP
participants. Proposed system, i.e., Customized DHCP aims
to give the security for DHCP, which was not present in the
older one and it uses UDP instead of TCP thus reducing the
number of fields as compared to the old DHCP, in turn which
decreases the execution time and still providing the basic
functionality of the usual DHCP.
Computer network is a distributed system consisting of loosely coupled computers and other
devices. Any two of these devices, which we will from now on refer to as network elements or
transmitting elements, can communicate with each other through a communication medium. In
order for these connected devices to be considered a communicating network, there must be a set
of communicating rules or protocols each device in the network must follow to communicate wit
another device in the network. The resulting combination consisting of hardware and software is a computer communication network or computer network in short. Figure 1.1 shows a computer
network
The peer-reviewed International Journal of Engineering Inventions (IJEI) is started with a mission to encourage contribution to research in Science and Technology. Encourage and motivate researchers in challenging areas of Sciences and Technology.
Space is not fundamental (although time might be). Talk at the 2010 Philosophy of Science Association Meeting, Montreal. By Sean Carroll, http://preposterousuniverse.com/
Fast Ethernet cables are uses for interdependent connection; on the other hand, serial cables are used for the connection of central organization router with department routers.
Availability is one of the most important concerns in the networking world. For any high available
network, we need to maintain 99.99999% availability. That is why it is one of the most important factors to
find out the single point of failure in the network architecture and eliminate that single point of failure
(SPOF) from physical network and logical network. SPOF in our server infrastructure has been analysed
in terms of communicating with the router for forwarding traffic with multiple routers. We have developed
an algorithm that will automatically select default gateway into the network interface card of virtual
machines. The proposed algorithm will automatically enable Default Gateway Weight settings (DGW)
protocol among routers by configuring Network interface card with default gateway of all routers. The
proposed protocol works based on weight settings for the multiple default gateway configuration in the
host. There will be heartbeat communication and re-convergence will be performed within the shortest
possible time. Lowest weight setting will select the path for packet forwarding through specified routers
related with the default gateway from the virtual machine.
1. 1.Which two statements are reasons why UDP is used for voice and video traffic instead of TCP? (Choose
two.)
TCP requires all data packets to be delivered for the data to be usable.
The acknowledgment process of TCP introduces delays that break the streams of data.
UDP does not have mechanisms for retransmitting lost packets.
UDP tolerates delays and compensates for them.
TCP is a connectionless protocol that provides end-to-end reliability.
UDP is a connection-oriented protocol that provides end-to-end reliability.
Scoring Rule For: correctness of response
Option 2 and Option 3 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 2
2. Why is TCP the preferred Layer 4 protocol for transmitting data files?
TCP is more reliable than UDP because it requires lost packets to be retransmitted.
TCP requires less processing by the source and destination hosts than UDP.
UDP introduces delays that degrade the quality of the data applications.
TCP ensures fast delivery because it does not require sequencing or acknowledgements.
Scoring Rule For: correctness of response
2 points for Option 1
0 points for any other option
Max Value = 2
3. Which two solutions would an enterprise IT department use to facilitate secure intranet access for remote
workers? (Choose two.)
VPN
NAT
user authentication
client firewall software
packet sniffing
Scoring Rule For: correctness of response
Reset View
Reset View
Reset View
2. Option 1 and Option 3 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 2
4.What is the purpose of the Cisco Enterprise Architecture?
remove the three-layer hierarchical model and use a flat network approach
divide the network into functional components while still maintaining the concept of Core, Distribution, a
Access Layers
provide services and functionality to the core layer by grouping various components into a single compon
located in the access layer
reduce overall network traffic by grouping server farms, the management server, corporate intranet, and e-
commerce routers in the same layer
Scoring Rule For: correctness of response
2 points for Option 2
0 points for any other option
Max Value = 2
5. In which functional area of the Cisco Enterprise Architecture should IDS and IPS be located to detect and
prevent malicious activity from outside?
enterprise campus
WAN and Internet
enterprise edge
service provider edge
Scoring Rule For: correctness of response
2 points for Option 3
0 points for any other option
Max Value = 2
6.What is a benefit of having an extranet?
It provides web-like access to company information for employees only.
It limits access to corporate information to secure VPN or remote access connections only.
It allows customers and partners to access company information by connecting to a public web server.
It allows suppliers and contractors to access confidential internal information using controlled external
connections.
Reset View
Reset View
3. Scoring Rule For: correctness of response
2 points for Option 4
0 points for any other option
Max Value = 2
7.What does VoIP provide to telecommuters?
high-quality, live-video presentations
real-time voice communications over the Internet
ability to share desktop applications simultaneously
secure, encrypted data transmissions through the Internet
Scoring Rule For: correctness of response
2 points for Option 2
0 points for any other option
Max Value = 2
8. Which functional component of the Cisco Enterprise Architecture is responsible for hosting internal
servers?
enterprise campus
enterprise edge
service provider edge
building distribution
Scoring Rule For: correctness of response
2 points for Option 1
0 points for any other option
Max Value = 2
9. Which task would typically only require services located at the access layer of the hierarchical design
model?
connecting to the corporate web server to update sales figures
Reset View
Reset View
Reset View
4. using a VPN from home to send data to the main office servers
printing a meeting agenda on a local departmental network printer
placing a VoIP call to a business associate in another country
responding to an e-mail from a co-worker in another department
Scoring Rule For: correctness of response
2 points for Option 3
0 points for any other option
Max Value = 2
10. What are two important characteristics or functions of devices at the Enterprise Edge? (Choose two.)
providing Internet, telephone, and WAN services to the enterprise network
providing a connection point for end-user devices to the enterprise network
providing high-speed backbone connectivity with redundant connections
providing intrusion detection and intrusion prevention to protect the network against malicious activity
providing packet inspection to determine if incoming packets should be allowed on the enterprise network
Scoring Rule For: correctness of response
Option 4 and Option 5 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 2
11.The ABC Corporation implements the network for its new headquarters using the Cisco Enterprise
Architecture. The network administrator wants to filter the traffic from and to the outside world. Where shou
the administrator deploy a firewall device?
server farm
enterprise edge
enterprise campus
service provider edge
Scoring Rule For: correctness of response
2 points for Option 2
0 points for any other option
Max Value = 2
Reset View
Reset View
Reset View
5. 12. Which two measures help ensure that a hardware problem does not cause an outage in an enterprise LAN
that supports mission critical services? (Choose two.)
providing failover capability
installing redundant power supplies
purchasing more bandwidth from the ISP
enabling half-duplex connectivity to access layer devices
installing routers that can handle a greater amount of throughput
Scoring Rule For: correctness of response
Option 1 and Option 2 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 2
13. Which statement describes the difference between an enterprise WAN and an enterprise extranet?
An enterprise WAN is designed to interconnect local LANs, while an enterprise extranet is designed to
interconnect remote branch offices.
An enterprise WAN is designed to interconnect branch offices, while an enterprise extranet is designed to
access to external business partners.
An enterprise WAN is designed to provide remote access for its teleworkers, while an enterprise extranet i
designed to provide Internet connectivity for the enterprise.
An enterprise WAN is designed to provide Internet connectivity for the enterprise, while an enterprise extr
is designed to provide remote access to the enterprise network for teleworkers.
Scoring Rule For: correctness of response
2 points for Option 2
0 points for any other option
Max Value = 2
14. What can be found at the enterprise edge?
Internet, VPN, and WAN modules
Internet, PSTN, and WAN services
server farms and network management
campus infrastructure, including access layer devices
Reset View
Reset View
Reset View
6. Scoring Rule For: correctness of response
2 points for Option 1
0 points for any other option
Max Value = 2
15. A remote user needs to access a networking device on the internal network of the company. The transact
between the remote user and the device must be secure. Which protocol enables this to happen securely?
HTTP
SSH
Telnet
FTP
Scoring Rule For: correctness of response
2 points for Option 2
0 points for any other option
Max Value = 2
16. A business consultant must use Internet websites to research a report on the e-business strategies of sever
firms and then electronically deliver the report to a group of clients in cities throughout the world. Which tw
teleworker tools can the consultant use to accomplish this project? (Choose two.)
VoIP
VPN
HTTP
Telnet
email
Scoring Rule For: correctness of response
Option 3 and Option 5 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 2
17. How does a VPN work to support remote user productivity?
It uses SSL to encrypt remote user logins to the corporate intranet.
It uses secure Telnet for remote user connections to internal network devices.
Reset View
Reset View
7. It creates a virtual circuit that allows real-time communications between any two Internet endpoints.
It uses encapsulation to create a secure tunnel for transmission of data across non-secure networks.
Scoring Rule For: correctness of response
2 points for Option 4
0 points for any other option
Max Value = 2
18. What is the main purpose of the Access Layer in a hierarchically designed
network?
performs routing and packet manipulation
supplies redundancy and failover protection
provides a high-speed, low-latency backbone
serves as a network connection point for end-user devices
Scoring Rule For: correctness of response
2 points for Option 4
0 points for any other option
Max Value = 2
19. What type of traffic flow is always considered to be
external?
file sharing traffic
system updates
company e-mail
Internet bound traffic
transaction processing
Scoring Rule For: correctness of response
2 points for Option 4
0 points for any other option
Max Value = 2
20. What are two benefits of controlling the flow of traffic in an enterprise network? (Choose
Reset View
Reset View
Reset View
8. two.)
security
smaller failure domains
more reliable transaction processing
bandwidth optimization
local control of network services
Scoring Rule For: correctness of response
Option 1 and Option 4 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 2
21. What are two important guidelines when using packet sniffers to determine traffic flow patterns? (Choos
two.)
Capture only traffic from a single application at a time.
Perform the capture on several different network segments.
Create a baseline capture during a low or non-utilization period.
Relocate highly active servers before attempting the capture.
Capture traffic during peak utilization times.
Scoring Rule For: correctness of response
Option 2 and Option 5 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 2
22. Which three items can be discovered by using a packet sniffer application? (Choose
three.)
network transmission speed
source IP address
Ethernet frame type
duplex operational status
near-end crosstalk (NEXT) level
TCP sequence number
Scoring Rule For: correctness of response
Reset View
Reset View
Reset View
9. Option 2, Option 3, and Option 6 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 3
23. What are two benefits to an employee of teleworking? (Choose
two.)
reduced commuting costs
reduced network complexity
reduced need for support staff
reduced need for expensive business attire
reduced security risks to the network infrastructure
Scoring Rule For: correctness of response
Option 1 and Option 4 are correct.
1 point for each correct option.
0 points if more options are selected than required.
Max Value = 2
24. Which protocol and process could be implemented on a network to
ensure that a telecommuter can attend a training presentation via the use
of VoIP and still experience uninterrupted data streams and quality
conversations?
TCP and QoS UDP and QoS TCP and queuing UDP and VPN
TCP and VPN
Scoring Rule For: correctness of response 2 points for Option 2
0 points for any other option Max Value = 2
Reset View
Reset View
Reset View