5 - Standards
- 5.1 Analyze a scenario and determine the corresponding OSI layer.
- 5.2 Explain the basics of network theory and concepts.
- 5.3 Given a scenario, deploy the appropriate wireless standard.
- 5.4 Given a scenario, deploy the appropriate wired connectivity standard.
- 5.5 Given a scenario, implement the appropriate policies or procedures.
- 5.6 Summarize safety practices.
- 5.7 Given a scenario, install and configure equipment in the appropriate location using best practices.
- 5.8 Explain the basics of change management procedures.
- 5.9 Compare and contrast the following ports and protocols.
- 5.10 Given a scenario, configure and apply the appropriate ports and protocols.
5.1 Analyze a scenario and determine the corresponding OSI layer.
OSI Model: a logical model for how network systems are supposed to communicate with each other. Breaks down the different components of network communication and slots them into layers. 7 logical layers that allow you to think about a networking problem and how to try to fix the problem. The Open Systems Interconnection (OSI) model is a standard means of describing network communication by defining it as a series of layers, each with specific input and output. The model provides a theoretical representation of what happens to information being sent from one device to another on a network. The sending device works from the Application layer down, and the receiving device works on the transmitted data from the Physical layer up. |
Layer 1 = Physical Layer. All the physical stuff that connects computers together. Patch panels, cables, etc. The physical stuff that connects computers together. Common problem: If someone didn't punch down the cabling properly. Transmits bits (binary digits) from one device to another and regulates the transmission stream over a medium (wire, fiber optics, or radio waves). All electrical and mechanical aspects of data transmission exist at this layer, including cabling, connectors, antennas, transceivers, baseband, broadband, signaling types, voltages, waveforms, modulation, frequencies, and clock rates. Network interface cards (sort of...moreso Layer 2), hubs, and repeaters work at this layer.
Layer 2 = Data Link Layer. Layer that switches and NICS operate on. All the computers on a network get plugged into a switch so they can talk to each other. The only layer that has any sub layers (the 2 aspects of NICs): Logical Link Control (LLC) and Media Access Control (MAC). MAC addresses reside on this layer. Address Resolution Protocol (ARP) is on this layer. Common problems: Anything that you plug into the switch, the switch isn't working properly, information isn't being sent properly, sometimes the network is slow (can be a switching problem). Structures the data into a format appropriate for the transmission medium. Adds physical addresses such as media access control (MAC) addresses or frame relay data link connection identifier (DLCI) numbers. Usually includes simple error checking. All WAN and LAN protocols exist at this layer, including Ethernet, token ring, frame relay, Point-to-Point Protocol (PPP), High-Level Data Link Control (HDLC), wireless access protocols, ATM, and X.25. (Some of these protocols extend beyond Layer 2.) Switches and bridges work at this layer. Layer 3 = Network Layer. Routers operate on this layer. Your IP address, Default Gateways, Subnet Mask, DNS is at this layer. Anything you do with the TCP/IP protocol happens at this layer. Adds logical addressing (network addresses) and chooses the best route. IP, Internet Control Message Protocol (ICMP), and Internet Group Management Protocol (IGMP) exist at this layer. Routers, multilayer switches, and firewalls work at this layer. This is the last layer that deals directly with hardware: all the other (higher) layers work strictly within software. Layer 4 = Transport Layer. The assembler/disassembler software. Decides how much info should be sent at one time. How much you will communicate to the website and how much will be communicated back. Has to do with windowing (where computers send information back and forth). Decides how long the computer should wait before it receives an acknowledgement of when it is received. Performs the actual establishment, maintenance, and teardown of the connection. Optionally divides long communications into smaller segments, including error recognition and correction, and data receipt acknowledgment. TCP and UDP protocols exist at this layer. Packet filtering routers, multilayer switches, and firewalls work at this layer. Layer 5 = Session Layer. Deals with the communication, creating a session, between 2 computers. If you go to a website, your computer at the Session layer has to create a Session with the web server you are trying to access/get data from. Every time a computer communicates with another computer, they have to open up a session. When you go to your bank's website you create a session with them. Common problem: If you administer a website you may have settings within your web server that are causing problems with this layer (i.e. PHP config files) - if those are not setup properly, your sessions might not be able to connect. Establishes and controls data communication between applications operating on two different devices, regulating when each device can send data and how much it can send. TCP and User Datagram Protocol (UDP) port numbers exist at this layer. Firewalls also work at this layer. Layer 6 = Presentation Layer. Layer the Operating System is on. A lot of configurable information but not usually what a user is playing around with. Common problems in the Presentation layer: Device drivers are messed up. Something isn't allowing a user to go onto the internet (i.e. security protocol). Translates Application layer data into an intermediate form that both client and server can process. Encryption, compression, character sets, multimedia formats, Multi-Purpose Internet Mail Extensions (MIME) types, and codecs exist at this layer. Proxies and firewalls work at this layer. Layer 7 = Application Layer. User interacts with this layer (i.e. Firefox, IE, Chrome, Safari, Outlook, Skype, etc.). Enables applications on a network node (device) to request network services such as file transfers, email, and database access. These requests are accomplished through the use of Layer 7 protocols such as Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Internet Message Access Protocol (IMAP), and the like. Proxies and firewalls work at this layer. |
5.2 Explain the basics of network theory and concepts
• Encapsulation/de-encapsulation: Adding delivery information to and removing delivery information from data through each layer of the Open Systems Interconnection (OSI) model. Encapsulation is the process of adding delivery information to the actual data transmitted on each layer. Encapsulation takes place on the transmission end as data is passed down the layers. At the receiving end, the reverse process of removing the added information is done as data passes to the next higher layer, which is de-encapsulation. The added information is called a header if it is before the data or a trailer if it is added after the data.
• Modulation techniques:
- Multiplexing: Both FDM and TDM multiplexing techniques rely on a central device, called a multiplexer, or mux, to manage multiplexing from the sending end. At the receiving end, a demultiplexer, or demux, separates the signals.
- De-multiplexing: Demultiplex (DEMUX) is the reverse of the multiplex (MUX) process – combining multiple unrelated analog or digital signal streams into one signal over a single shared medium, such as a single conductor of copper wire or fiber optic cable.
- Analog and digital techniques: A signal is data transmitted as electromagnetic pulses across a network medium.
--> Analog: An analog signal carries information as continuous waves of electromagnetic or optical energy. In networking, electrical current commonly generates analog signals, the intensity of which is measured in volts. An analog signal oscillates between maximum and minimum values over time and can take any value between those limits. The size, shape, and other characteristics of the waveform describe the analog signal and the information it carries.Though there are many intricate ways to modulate an analog signal, the three basic forms of modulation are amplitude modulation (AM), frequency modulation (FM), and phase modulation (PM). Each form of analog modulation modifies a physical characteristic of the signal wave. In case of amplitude modulation, the height of the wave, in frequency modulation, the quantity of waves, and in phase modulation, the position of the wave.
- TDM: In Time-Division Multiplexing (TDM), a communication channel is divided into discrete time slots. Each node on a network is assigned a time slot, and each sender is given exclusive access to the medium for a specific period of time. Nodes have exclusive access to the connection between themselves and a mux for that period of time. The mux combines each node's signal, and in turn, sends the resulting combined signal over the primary network medium. Using TDM, multiple baseband signals can be combined and sent over a single medium.
- FDM: In Frequency-Division Multiplexing (FDM), data from multiple nodes is sent over multiple frequencies, or channels, using a network medium. Nodes have exclusive access to the connection between themselves and a mux. The mux includes each node's signal onto its own channel, sending the resulting combined signal over the primary network medium. Using FDM, multiple broadband signals can be combined and sent over a single medium.
• Numbering systems: Typically, in day-to-day use, decimal numbering, or base 10, is used. Most are familiar with the place values of ones, tens, hundreds, thousands, and so on. Values in each place value can be between 0 and 9.
- Binary: 1s and 0s. An IPv4 address is shown and discussed in decimal or base 10 numbers for convenience (ex: 192.168.251.1), but are actually binary. Binary is used whenever an on/off state is needed and when IP addresses are being calculated. Binary is also referred to as base 2 numbering.
- Hexadecimal: Hexadecimal numbers are base 16 numbers. The values in each place can be between 0 and F; numbers above 9 are expressed with letters A through F. You are most likely to encounter these types of numbers in MAC addresses.
- Octal: Octal numbers are base 8 numbers and use the numbers 0 to 7. These are more often used by programmers and are not typically used when viewing networking addresses or routes.
• Broadband/baseband:
--> Broadband is used to mean any high-speed Internet access that is always on and faster than traditional dial-up access.
--> Baseband transmission is a technique in which digital signals are sent via direct current (DC) over a single, unmultiplexed signal channel.
• Bit rates vs. baud rate: The bit rate and baud rate are equal at one bit per symbol.
--> The bit rate is a measure of the number of bits that are transmitted per a unit of time. The bit rate is usually measured in bits per second.
--> The baud rate is the rate at which information is transferred in a communication channel. In the serial port context, "9600 baud" means that the serial port is capable of transferring a maximum of 9600 bits per second.
• Sampling size: You can determine how optimizations will affect your network by collecting a network traffic sample. You have to collect a sample that is representative of network traffic.
• CDMA: Global System for Mobile Communications (GSM) and Code Division Multiple Access (CDMA) are both standards that describe protocols for 2G digital cellular networks used by mobile phones. They both use radio signals for voice and data communications. They both have derivatives for use with 3G phones. GSM uses Universal Mobile Telecommunications System (UMTS) and CDMA uses CDMA2000. The major difference between the two is how the carrier connects to the phone and how they turn voice data into radio waves.
• Media access methods: Media access determines whether or not a particular node can transmit data on the network at a given time. Media access methods fall into two categories: contention-based and controlled. With contention-based or competitive media access, the nodes themselves negotiate for media access time. With controlled or deterministic media access, a central device or system controls when and for how long each node can transmit.
• Carrier detect/sense: The term Carrier Sense refers to the fact that Ethernet NICs listen on the network and wait until they detect (or sense) that no other nodes are transmitting data over the signal (or carrier) on the communications channel before they begin to transmit. Carrier detect = detect activity on the media.
• Wavelength: Has anyone ever told you that they were on the same wavelength as you? That means they thought you were basically thinking the same way they were. The same is true of the inverse--if they say, "you're not on the same wavelength." With electromagnetic radiation, radio waves, light waves, or even infrared (heat) waves make characteristic patterns as they travel through space. Some patterns can be the same, and some can be different. Each wave pattern has a certain shape and length. The distance between peaks (high points) is called wavelength. If two wavelengths are different, we would say they're not on the same wavelength and that is the way we tell different kinds of electromagnetic energy apart. We can use this to our advantage in electronics by sending trafic on different wavelengths at the same time.
- Multiplexing: Both FDM and TDM multiplexing techniques rely on a central device, called a multiplexer, or mux, to manage multiplexing from the sending end. At the receiving end, a demultiplexer, or demux, separates the signals.
- De-multiplexing: Demultiplex (DEMUX) is the reverse of the multiplex (MUX) process – combining multiple unrelated analog or digital signal streams into one signal over a single shared medium, such as a single conductor of copper wire or fiber optic cable.
- Analog and digital techniques: A signal is data transmitted as electromagnetic pulses across a network medium.
--> Analog: An analog signal carries information as continuous waves of electromagnetic or optical energy. In networking, electrical current commonly generates analog signals, the intensity of which is measured in volts. An analog signal oscillates between maximum and minimum values over time and can take any value between those limits. The size, shape, and other characteristics of the waveform describe the analog signal and the information it carries.Though there are many intricate ways to modulate an analog signal, the three basic forms of modulation are amplitude modulation (AM), frequency modulation (FM), and phase modulation (PM). Each form of analog modulation modifies a physical characteristic of the signal wave. In case of amplitude modulation, the height of the wave, in frequency modulation, the quantity of waves, and in phase modulation, the position of the wave.
- Amplitude: The distance of the crest or trough of a wave from the midpoint of the waveform to its top or bottom. The amplitude is one half of the overall distance from the peak to the trough of the wave.
- Cycle: One complete oscillation of an analog signal.
- Frequency: The number of complete cycles per second in a wave. It is measured in hertz, which is one cycle per second. Frequency is also called the period of the wave.
- Phase: Is where a wave's cycle begins in relation to a fixed point. Thus, two waves of the same frequency that begin at the same time are said to be in phase. Two waves that either start at an offset from each other or have different frequencies are out of phase.
- Wavelength: The distance between two successive crests or troughs in a waveform.
- TDM: In Time-Division Multiplexing (TDM), a communication channel is divided into discrete time slots. Each node on a network is assigned a time slot, and each sender is given exclusive access to the medium for a specific period of time. Nodes have exclusive access to the connection between themselves and a mux for that period of time. The mux combines each node's signal, and in turn, sends the resulting combined signal over the primary network medium. Using TDM, multiple baseband signals can be combined and sent over a single medium.
- FDM: In Frequency-Division Multiplexing (FDM), data from multiple nodes is sent over multiple frequencies, or channels, using a network medium. Nodes have exclusive access to the connection between themselves and a mux. The mux includes each node's signal onto its own channel, sending the resulting combined signal over the primary network medium. Using FDM, multiple broadband signals can be combined and sent over a single medium.
• Numbering systems: Typically, in day-to-day use, decimal numbering, or base 10, is used. Most are familiar with the place values of ones, tens, hundreds, thousands, and so on. Values in each place value can be between 0 and 9.
- Binary: 1s and 0s. An IPv4 address is shown and discussed in decimal or base 10 numbers for convenience (ex: 192.168.251.1), but are actually binary. Binary is used whenever an on/off state is needed and when IP addresses are being calculated. Binary is also referred to as base 2 numbering.
- Hexadecimal: Hexadecimal numbers are base 16 numbers. The values in each place can be between 0 and F; numbers above 9 are expressed with letters A through F. You are most likely to encounter these types of numbers in MAC addresses.
- Octal: Octal numbers are base 8 numbers and use the numbers 0 to 7. These are more often used by programmers and are not typically used when viewing networking addresses or routes.
• Broadband/baseband:
--> Broadband is used to mean any high-speed Internet access that is always on and faster than traditional dial-up access.
--> Baseband transmission is a technique in which digital signals are sent via direct current (DC) over a single, unmultiplexed signal channel.
• Bit rates vs. baud rate: The bit rate and baud rate are equal at one bit per symbol.
--> The bit rate is a measure of the number of bits that are transmitted per a unit of time. The bit rate is usually measured in bits per second.
--> The baud rate is the rate at which information is transferred in a communication channel. In the serial port context, "9600 baud" means that the serial port is capable of transferring a maximum of 9600 bits per second.
• Sampling size: You can determine how optimizations will affect your network by collecting a network traffic sample. You have to collect a sample that is representative of network traffic.
• CDMA: Global System for Mobile Communications (GSM) and Code Division Multiple Access (CDMA) are both standards that describe protocols for 2G digital cellular networks used by mobile phones. They both use radio signals for voice and data communications. They both have derivatives for use with 3G phones. GSM uses Universal Mobile Telecommunications System (UMTS) and CDMA uses CDMA2000. The major difference between the two is how the carrier connects to the phone and how they turn voice data into radio waves.
• Media access methods: Media access determines whether or not a particular node can transmit data on the network at a given time. Media access methods fall into two categories: contention-based and controlled. With contention-based or competitive media access, the nodes themselves negotiate for media access time. With controlled or deterministic media access, a central device or system controls when and for how long each node can transmit.
- Contention-Based: CSMA/CD and CSMA/CA
--> Carrier Sense Multiple Access/Collision Detection (CSMA/CD) is a contention-based media access method used in Ethernet LANs, where nodes contend for use of the physical medium. Nodes can transmit whenever they have data to send. However, they must take steps to detect and manage the inevitable collisions that occur when multiple nodes transmit simultaneously. The busier a network becomes, the greater the probability of collisions, and the lower the CSMA/CD efficiency.
--> Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) is a contention-based media access method that is primarily used in IEEE 802.11–based wireless LANs. In CSMA/CA, nodes can transmit whenever they have data to send. However, they take steps before they transmit data to ensure that the media is not in use. - Controlled: Polling is a controlled media access method in which a central device contacts each node to check whether it has data to transmit. Each node is guaranteed access to the media, but network time can be wasted if polling nodes have no data to transmit.
• Carrier detect/sense: The term Carrier Sense refers to the fact that Ethernet NICs listen on the network and wait until they detect (or sense) that no other nodes are transmitting data over the signal (or carrier) on the communications channel before they begin to transmit. Carrier detect = detect activity on the media.
• Wavelength: Has anyone ever told you that they were on the same wavelength as you? That means they thought you were basically thinking the same way they were. The same is true of the inverse--if they say, "you're not on the same wavelength." With electromagnetic radiation, radio waves, light waves, or even infrared (heat) waves make characteristic patterns as they travel through space. Some patterns can be the same, and some can be different. Each wave pattern has a certain shape and length. The distance between peaks (high points) is called wavelength. If two wavelengths are different, we would say they're not on the same wavelength and that is the way we tell different kinds of electromagnetic energy apart. We can use this to our advantage in electronics by sending trafic on different wavelengths at the same time.
• TCP/IP suite: The TCP/IP protocol suite includes two Transport-layer protocols: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). These protocols correspond to Layer 4 of the OSI model. TCP carries the majority of traffic in today's networks. The TCP/IP model is a four-layer model developed by the United States Department of Defense. To some extent, it is similar to the OSI model. The TCP/IP model was developed to allow the addition of new technologies and create a more flexible architecture, which can easily allow the modification of existing protocols. This architecture later became known as the TCP/IP model after two of its most important protocols: TCP and IP.
- ICMP: The Internet Control Message Protocol (ICMP) is used with IP that attempts to report on the condition of a connection between two nodes. ICMP messages notify a sender of network conditions by reporting on errors. ICMP is connectionless and works at OSI Layer 3.
- UDP: The User Datagram Protocol (UDP), also known as the Universal Datagram Protocol, is a connectionless Transport-layer protocol in the IP suite. UDP is a best-effort delivery protocol and is used with IP in the same way TCP is. It uses a smaller, simpler header than TCP does, which provides for faster service. And because it is a connectionless protocol, it provides faster service because it does not wait for acknowledgement. UDP is used when performance is more important than the ability to receive all of the data.
- TCP: TCP is a connection-oriented, guaranteed-delivery protocol used to send data packets between devices over a network such as the Internet. It is part of the Internet protocol suite along with the Internet Protocol (IP). TCP is responsible for breaking up data into segments, reassembling them at the other end, resending data lost in transit, and resequencing data. It sends data, waits for an acknowledgement, and retransmits if necessary.
- IP: Internet Protocol (IP) is a Network-layer (OSI Layer 3) protocol that is responsible for routing individual datagrams and addressing. Responsible for packet formatting and the logical addressing scheme, IP is a connectionless protocol and acts as an intermediary between higher protocol layers and the network. It makes no guarantees about packet delivery, corruption of data, or lost packets. IP can carry either TCP or UDP as its payload. When IP is used with TCP, then IP provides the connection and TCP provides reliability because it is a guaranteed-delivery protocol.
- ICMP: The Internet Control Message Protocol (ICMP) is used with IP that attempts to report on the condition of a connection between two nodes. ICMP messages notify a sender of network conditions by reporting on errors. ICMP is connectionless and works at OSI Layer 3.
- UDP: The User Datagram Protocol (UDP), also known as the Universal Datagram Protocol, is a connectionless Transport-layer protocol in the IP suite. UDP is a best-effort delivery protocol and is used with IP in the same way TCP is. It uses a smaller, simpler header than TCP does, which provides for faster service. And because it is a connectionless protocol, it provides faster service because it does not wait for acknowledgement. UDP is used when performance is more important than the ability to receive all of the data.
- TCP: TCP is a connection-oriented, guaranteed-delivery protocol used to send data packets between devices over a network such as the Internet. It is part of the Internet protocol suite along with the Internet Protocol (IP). TCP is responsible for breaking up data into segments, reassembling them at the other end, resending data lost in transit, and resequencing data. It sends data, waits for an acknowledgement, and retransmits if necessary.
- IP: Internet Protocol (IP) is a Network-layer (OSI Layer 3) protocol that is responsible for routing individual datagrams and addressing. Responsible for packet formatting and the logical addressing scheme, IP is a connectionless protocol and acts as an intermediary between higher protocol layers and the network. It makes no guarantees about packet delivery, corruption of data, or lost packets. IP can carry either TCP or UDP as its payload. When IP is used with TCP, then IP provides the connection and TCP provides reliability because it is a guaranteed-delivery protocol.
• Collision: if two nodes transmit at the same time a collision has occurred. The collision is most likely to occur during the preamble (transmission phase).
• Long-term evolution (LTE) is a radio technology for wireless broadband access. LTE will offer data rates about 100 times faster than 3G networks, a downlink rate that exceeds 100 Mbps, and an uplink rate of more than 50 Mbps.
• High Speed Packet Access (HSPA) refers to a family of technologies based on the 3GPP Release 5 specification, which offers high data rate services in mobile networks. HSPA offers a downlink speed of up to 14 Mbps and an uplink speed of up to 5.8 Mbps, making it possible for users to upload or download data at a high speed without having to wait for cellular service providers to upgrade their hardware.
• A passive optical network (PON) is a system that brings optical fiber cabling and signals all or most of the way to the end user.
• Long-term evolution (LTE) is a radio technology for wireless broadband access. LTE will offer data rates about 100 times faster than 3G networks, a downlink rate that exceeds 100 Mbps, and an uplink rate of more than 50 Mbps.
• High Speed Packet Access (HSPA) refers to a family of technologies based on the 3GPP Release 5 specification, which offers high data rate services in mobile networks. HSPA offers a downlink speed of up to 14 Mbps and an uplink speed of up to 5.8 Mbps, making it possible for users to upload or download data at a high speed without having to wait for cellular service providers to upgrade their hardware.
• A passive optical network (PON) is a system that brings optical fiber cabling and signals all or most of the way to the end user.
5.3 Given a scenario, deploy the appropriate wireless standard
The IEEE 802.11 Standard: The 802.11 standard is a family of specifications developed by the Institute of Electrical and Electronics Engineers (IEEE) for the wireless LAN technology. 802.11 specifies an over-the-air interface between a wireless client and a base station or between two wireless clients. 802.11 defines the access method as Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA). It specifies spread spectrum radio devices in the 2.4 GHz band for reliability. The 802.11b standard also defines a multichannel roaming mode and automatic data rate selection. The 802.11ac standard provides faster wireless connections, better range, improved reliability, and improved power consumption than previous wireless standards. 802.11ac routers can also have up to eight antennas.
• 802.11a: has good transmission speed (54 Mbps), but at relatively short geographic range (20 meters) and can only be used at 5 GHz.
• 802.11b: has slow transmission speed at 11 Mbps and operates only at 2.4 GHz.
• 802.11g: has good transmission speed (54 Mbps), good geographic range (100 meters), and operates only at 2.4 GHz.
• 802.11n: features good coverage within 70 meters, compatibility with 5 GHz and 2.4 GHz devices, and transmission speeds of 150 Mbps or more.
• 802.11ac: has the fastest transmission speed of those listed (433 Mbps per channel), but is expensive and operates only at 5 GHz. 802.11ac covers a large area (35 meters or more) and at a very high bandwidth (up to 1 Gbps).
802.11b/g is a widely deployed wireless router for home use because of its coverage and its compatibility with most devices. Both b and g offer adequate transmission speeds (11 Mbps and 54 Mbps, respectively) over long distances (100 meters).
• 802.11a: has good transmission speed (54 Mbps), but at relatively short geographic range (20 meters) and can only be used at 5 GHz.
• 802.11b: has slow transmission speed at 11 Mbps and operates only at 2.4 GHz.
• 802.11g: has good transmission speed (54 Mbps), good geographic range (100 meters), and operates only at 2.4 GHz.
• 802.11n: features good coverage within 70 meters, compatibility with 5 GHz and 2.4 GHz devices, and transmission speeds of 150 Mbps or more.
• 802.11ac: has the fastest transmission speed of those listed (433 Mbps per channel), but is expensive and operates only at 5 GHz. 802.11ac covers a large area (35 meters or more) and at a very high bandwidth (up to 1 Gbps).
802.11b/g is a widely deployed wireless router for home use because of its coverage and its compatibility with most devices. Both b and g offer adequate transmission speeds (11 Mbps and 54 Mbps, respectively) over long distances (100 meters).
Multiple input, multiple output (MIMO) uses multiplexing to increase wireless network range and bandwidth. MIMO uses algorithms to send and receive data using multiple antennas, using multiple antenna pathways to send additional data. It can also recombine signals it receives to increase capacity and provide more reliable connections. Multi-user MIMO (MUMIMO) allows multiple independent radio antennas to access a system. Using MUMIMO, multiple users can access the same channel. It uses spatial degrees of freedom to allow multiple user access to receive data from the access point to the wireless devices.
5.4 Given a scenario, deploy the appropriate wired connectivity standard
• Ethernet standards:
The 10Base standards describe the media type and the speeds at which each type of media operates. Can transmit data at speeds of 10 Mbps. The cable standard specification contains three components:
The 10Base standards describe the media type and the speeds at which each type of media operates. Can transmit data at speeds of 10 Mbps. The cable standard specification contains three components:
- A number indicating media speed
- The signal type (baseband or broadband)
- A code for either copper or fiber media
Fast Ethernet is an Ethernet technology that can transmit data at speeds of 100 Mbps. It can use either coaxial cables or optical fibers. It is used as a backbone network to interconnect several LANs. There are several standards and specifications for 100 Mbps or Fast Ethernet, the most common of which are described in the following table.
Gigabit Ethernet is an Ethernet technology that can transmit data at speeds of 1,000 Mbps and primarily uses optical fibers for transmission. It can be used for distances ranging from 500 to 5,000 meters depending on the type of optical fiber used. The hardware required for Gigabit Ethernet is very expensive when compared with other types of Ethernet.
10 Gigabit Ethernet is currently the highest speed at which Ethernet operates. It can achieve speeds of 10 Gbps, which is 10 times faster than Gigabit Ethernet. There are several standards and specifications for 10 Gbps or 10 Gigabit Ethernet, the most common of which are described in the following table.
- 10BaseT: 802.3i / CAT5 UTP / 10 Mbps / 100 meters
- 100BaseT: 802.3u / CAT5 UTP / 100 Mbps / 100 meters
- 1000BaseT: 802.3ab / CAT5, CAT6 UTP / 1,000 Mbps (1 Gbps) / 100 meters
- 1000BaseTX: 802.3ab / CAT6 UTP, CAT7 UTP / 1,000 Mbps (1 Gbps) / 100 meters
- 10GBaseT: 802.3an / CAT5e, CAT6, CAT7 UTP / 10 Gbps speed / 100 meters
- 100BaseFX: 802.3u / Multimode or single-mode fiber / 412 (half duplex), 2,000 (full duplex), 15,000-20,000 (full duplex)
- 10Base2: 802.3a / ThinNet coax / 10 Mbps / 185 meters
- 10GBaseSR: 802.3ae / Multimode fiber (850nm wavelength) / 10.3 Gbps speed / 300 meters
- 10GBaseER: 802.3ae / Signle-mode fiber (1,550nm wavelength), Dark fiber / 10.3 Gbps speed / 40,000 meters
- 10GBaseSW: 802.3ae / Multimode fiber (850nm wavelength), 9.9 Gbps speed / 300 meters
- IEEE 1905.1-2013: The IEEE 1905.1-2013 standard, provides a common interface for home networking technologies. The Standard for a Convergent Digital Home Network for Heterogeneous Technologies is designed to reduce network complexity for consumers and helps operators manage various networks throughout homes. There are various wired connections that can be used, but the most common under this standard are Ethernet over HDMI and Ethernet over power line. A device with built-in HDMI 1.4 capabilities allows audio, video, and data communication over an HDMI 1.4 cable. Devices that comply with the nVoy hybrid home networking standard can use Ethernet over power line.
- Ethernet over HDMI: IEEE 1905.1-2013 (Ethernet Over HDMI) standard, provides a common interface for home networking technologies. The Standard for a Convergent Digital Home Network for Heterogeneous Technologies is designed to reduce network complexity for consumers and helps operators manage various networks throughout homes. There are various wired connections that can be used, but the most common under this standard are Ethernet over HDMI and Ethernet over power line. A device with built-in HDMI 1.4 capabilities allows audio, video, and data communication over an HDMI 1.4 cable. While it’s true that you’ll have fewer cables to deal with because HDMI and Ethernet are combined into a single cable, the significant advantage from a technology standpoint is that you can have a single IP-enabled device perform multiple functions. For example, an IP-enabled TV removes the need for video players, streaming devices, stereo systems, and other individual entertainment devices.
- Ethernet over power line: IEEE 1905.1-2014 (Ethernet Over Power Line). Devices that comply with the nVoy hybrid home networking standard can use Ethernet over power line.
• Wiring standards: The Telecommunications Industry Association (TIA) and the Electronic Industries Association (EIA) developed the 568 Commercial Building Telecommunication Cabling standard. This standard defines the regulations on designing, building, and managing a cabling system. The TIA/EIA 568 standard also includes recommendations for how network media may best be installed to optimize network performance.
- EIA/TIA 568A/568B:
- 100BaseT: 802.3u / CAT5 UTP / 100 Mbps / 100 meters
- 1000BaseT: 802.3ab / CAT5, CAT6 UTP / 1,000 Mbps (1 Gbps) / 100 meters
- 1000BaseTX: 802.3ab / CAT6 UTP, CAT7 UTP / 1,000 Mbps (1 Gbps) / 100 meters
- 10GBaseT: 802.3an / CAT5e, CAT6, CAT7 UTP / 10 Gbps speed / 100 meters
- 100BaseFX: 802.3u / Multimode or single-mode fiber / 412 (half duplex), 2,000 (full duplex), 15,000-20,000 (full duplex)
- 10Base2: 802.3a / ThinNet coax / 10 Mbps / 185 meters
- 10GBaseSR: 802.3ae / Multimode fiber (850nm wavelength) / 10.3 Gbps speed / 300 meters
- 10GBaseER: 802.3ae / Signle-mode fiber (1,550nm wavelength), Dark fiber / 10.3 Gbps speed / 40,000 meters
- 10GBaseSW: 802.3ae / Multimode fiber (850nm wavelength), 9.9 Gbps speed / 300 meters
- IEEE 1905.1-2013: The IEEE 1905.1-2013 standard, provides a common interface for home networking technologies. The Standard for a Convergent Digital Home Network for Heterogeneous Technologies is designed to reduce network complexity for consumers and helps operators manage various networks throughout homes. There are various wired connections that can be used, but the most common under this standard are Ethernet over HDMI and Ethernet over power line. A device with built-in HDMI 1.4 capabilities allows audio, video, and data communication over an HDMI 1.4 cable. Devices that comply with the nVoy hybrid home networking standard can use Ethernet over power line.
- Ethernet over HDMI: IEEE 1905.1-2013 (Ethernet Over HDMI) standard, provides a common interface for home networking technologies. The Standard for a Convergent Digital Home Network for Heterogeneous Technologies is designed to reduce network complexity for consumers and helps operators manage various networks throughout homes. There are various wired connections that can be used, but the most common under this standard are Ethernet over HDMI and Ethernet over power line. A device with built-in HDMI 1.4 capabilities allows audio, video, and data communication over an HDMI 1.4 cable. While it’s true that you’ll have fewer cables to deal with because HDMI and Ethernet are combined into a single cable, the significant advantage from a technology standpoint is that you can have a single IP-enabled device perform multiple functions. For example, an IP-enabled TV removes the need for video players, streaming devices, stereo systems, and other individual entertainment devices.
- Ethernet over power line: IEEE 1905.1-2014 (Ethernet Over Power Line). Devices that comply with the nVoy hybrid home networking standard can use Ethernet over power line.
• Wiring standards: The Telecommunications Industry Association (TIA) and the Electronic Industries Association (EIA) developed the 568 Commercial Building Telecommunication Cabling standard. This standard defines the regulations on designing, building, and managing a cabling system. The TIA/EIA 568 standard also includes recommendations for how network media may best be installed to optimize network performance.
- EIA/TIA 568A/568B:
- 568A: This obsolete standard defined the standards for commercial buildings and cabling systems that support data networks, voice, and video. It further defined cable performance and technical requirements.
- 568B: This standard, some sections of which are now obsolete, defines the standards for preferred cable types and the minimum acceptable performance levels for:
• 100 ohm twisted pair
• STP
• Optical fiber
The correct wiring scheme for the T568B standard is white orange, orange, white green, blue, white blue, green, white brown, brown. - 568C defines the standards for commercial building cabling. It recognizes CAT6a as a media type. It also defines the minimum bend radius for both shielded and unshielded twisted pair cables. In addition, it specifies the maximum untwist value for CAT6a cable termination. 568C is the cabling standard that defines specifications such as the minimum bend radius for twisted pair cables and the maximum untwist value for CAT6a cable termination.
• Broadband standards:
- DOCSIS: DOCSIS, the Data Over Cable Service Interface Specification, is the standard used by cable companies to provide high-speed data communication using the existing cable TV system. DOCSIS 3.1 was released in 2013 with specifications to support at least 10 Gigabits per second downstream and 1 Gigabit per second upstream.
- DOCSIS: DOCSIS, the Data Over Cable Service Interface Specification, is the standard used by cable companies to provide high-speed data communication using the existing cable TV system. DOCSIS 3.1 was released in 2013 with specifications to support at least 10 Gigabits per second downstream and 1 Gigabit per second upstream.
5.5 Given a scenario, implement the appropriate policies or procedures
• Security policies: A security policy describes the means that the organization will take to protect the confidentiality, availability, and integrity of sensitive data and resources, including the network infrastructure, physical and electronic data, applications, and the physical environment. It often consists of multiple individual policies, often including Acceptable Use Policy, Audit Policy, Extranet Policy, Password Policy, and Wireless Standards Policy. Before any contractors begin work, you should present all of the appropriate security policies to each one individually and have them sign.
Common Security Policy Types
Administrators use several common security policy types as part of most corporate security policies.
• Network policies: A network policy is a formalized statement or set of statements that defines network functions and establishes expectations for users, management, and IT personnel. It describes, in detail, the acceptable use policies of network equipment for a particular organization, including the appropriate methods to maintain, upgrade, and troubleshoot the network. Policies may also include specific information about security and network functioning, such as the use of removable drives and other detachable media, instant messaging, wireless devices, the Internet, backup storage, network monitoring procedures, and vendor agreements. Network policies may include other areas of network functioning depending on the size and needs of an organization.
• Acceptable use policy: A corporate security policy should include, as a primary component, a definition and description of an organization’s physical and intellectual assets and the employee’s responsibilities when viewing, creating, or disposing of those resources. This major piece of the security policy is known as Acceptable Use Policy. The Acceptable Use Policy and it should be one of the first, if not the first, items in the security policy document.
• Standard business documents:
- SLA: A Service Level Agreement (SLA) document is a part of a service contract in which a service is formally defined between two or more parties. This can be a legally binding formal or an informal "contract".
- MOU: A Memorandum of Understanding (MOU) document describes a bilateral or multilateral agreement between two or more parties, including each party's requirements and responsibilities. It is often used in cases where parties either do not imply a legal commitment, or in situations where the parties cannot create a legally enforceable agreement. It is far more formal than a handshake and is given weight in a court of law should one party fail to meet the obligations of the memorandum.
- MSA: A Master Service Agreement (MSA) is a contract that outlines and governs future agreements between parties, allowing those parties to quickly build and enact future agreements because the terms of the MSA are already in place and can serve as an outline for these agreements.
- SOW: A Statement of Work (SOW) is a formal document that defines the work activities, deliverables, and timeline a vendor must execute in performance of specified work for a client. The SOW usually includes detailed requirements and pricing, with standard regulatory and governance terms and conditions. The main purpose of a SOW is to define the liabilities, responsibilities, and work agreements between clients and vendors.
- MLA: A Master License Agreement (MLA) document describes an agreement between two or more parties, where one party is providing a service or product and the other party agrees to certain terms and conditions in order to use it.
Common Security Policy Types
Administrators use several common security policy types as part of most corporate security policies.
- Acceptable Use Policy: Defines the acceptable use of an organization's physical and intellectual resources
- Audit Policy: Details the requirements and parameters for risk assessment and audits of the organization's information and resources
- Extranet Policy: Sets the requirements for third-party entities that desire access to an organization’s networks
- Password Policy: Defines standards for creating password complexity. It also defines what an organization considers weak passwords and the guidelines for protecting password safety
- Wireless Standards Policy: Defines what wireless devices can connect to an organization's network and how to use them in a safe manner that protects the organization's security
• Network policies: A network policy is a formalized statement or set of statements that defines network functions and establishes expectations for users, management, and IT personnel. It describes, in detail, the acceptable use policies of network equipment for a particular organization, including the appropriate methods to maintain, upgrade, and troubleshoot the network. Policies may also include specific information about security and network functioning, such as the use of removable drives and other detachable media, instant messaging, wireless devices, the Internet, backup storage, network monitoring procedures, and vendor agreements. Network policies may include other areas of network functioning depending on the size and needs of an organization.
• Acceptable use policy: A corporate security policy should include, as a primary component, a definition and description of an organization’s physical and intellectual assets and the employee’s responsibilities when viewing, creating, or disposing of those resources. This major piece of the security policy is known as Acceptable Use Policy. The Acceptable Use Policy and it should be one of the first, if not the first, items in the security policy document.
• Standard business documents:
- SLA: A Service Level Agreement (SLA) document is a part of a service contract in which a service is formally defined between two or more parties. This can be a legally binding formal or an informal "contract".
- MOU: A Memorandum of Understanding (MOU) document describes a bilateral or multilateral agreement between two or more parties, including each party's requirements and responsibilities. It is often used in cases where parties either do not imply a legal commitment, or in situations where the parties cannot create a legally enforceable agreement. It is far more formal than a handshake and is given weight in a court of law should one party fail to meet the obligations of the memorandum.
- MSA: A Master Service Agreement (MSA) is a contract that outlines and governs future agreements between parties, allowing those parties to quickly build and enact future agreements because the terms of the MSA are already in place and can serve as an outline for these agreements.
- SOW: A Statement of Work (SOW) is a formal document that defines the work activities, deliverables, and timeline a vendor must execute in performance of specified work for a client. The SOW usually includes detailed requirements and pricing, with standard regulatory and governance terms and conditions. The main purpose of a SOW is to define the liabilities, responsibilities, and work agreements between clients and vendors.
- MLA: A Master License Agreement (MLA) document describes an agreement between two or more parties, where one party is providing a service or product and the other party agrees to certain terms and conditions in order to use it.
5.6 Summarize safety practices
• Electrical safety: When installing or maintaining electrical utility equipment, such as enterprise-grade uninterruptible power supplies (UPS), conduit into your facility, high-power lines, and linkages to the power grid, ensure a professional electrician performs the work. Depending on the power hardware or maintenance work, you should use professional electrician as they are trained specifically in the high-level power systems and connections to everything outside of your facility. Professional electricians should install, test, and maintain electric power equipment beyond basic maintenance. Network technicians can safely install and test low-power communication circuits in network cabling.
- Grounding: To prevent an electrostatic discharge from damaging electronic components, you should touch metal or use a grounding mat when working with electronic components. Grounding is a safety precaution that is meant to direct current safely away from humans and into the ground.
• ESD: Electro Static Discharge
- Static:
• Installation safety: It is always a good idea to have a partner with you when performing work, to use grounding or insulating materials like gloves and electro-static discharge (ESD) mats to avoid shocks or damage to equipment, and to thoroughly read manufacturers' manuals. However, in the case of enterprise or high-level electrical systems, it is highly advisable to leave installation and maintenance work to qualified electrical technicians, even though some basic maintenance operations can likely be performed by you or your team. When you are installing, maintaining, and troubleshooting equipment, you should follow these safety rules:
- Lifting equipment: When lifting equipment, always assess the situation first to determine if you can lift or move items safely. When you lift, bend at your knees and not at your waist. This will prevent strain on your back muscles and pressure on your spine. Use lifting equipment for heavy and/or bulky items.
- Rack installation: When installing a rack system, follow safety guidelines to ensure your safety and the safety of any equipment.
- Placement: Make sure you use proper placement of equipment and devices as prescribed by the manufacturer. When installing devices in a wiring closet, you need to consider the placement of those devices so that your setup and maintenance activities are not hampered. Make sure that the devices are placed within reach of a power source and that power cords are not in high foot-traffic areas. Devices that need to connect to other devices should be within a reasonable distance of each other. Devices should also be physically accessible by the people who need to perform administration tasks on them. Proper airflow for cooling must be taken into account so that devices do not overheat.
- Tool safety: Check tools before you begin to ensure they are in good condition and functioning properly. Do not misuse tools.
• MSDS: A Material Safety Data Sheet (MSDS) is a technical bulletin that is designed to give users and emergency personnel information about the proper procedures for the storage and handling of a hazardous substance. This applies to any situation in which an employee is exposed to a chemical under normal use conditions or in the event of an emergency. The manufacturers supply MSDSs with the first shipment to a new customer and with any shipment after the MSDS is updated with significant and new information about safety hazards. You can get MSDSs online; the Internet has a wide range of free resources. The Occupational Health and Safety Administration (OSHA) regulations govern the use of MSDSs and the information an MSDS must contain in the U.S. If you’re unsure about working with a new product that contains an unusual coating or is composed of multiple unfamiliar materials, you should consult the Material Safety Data Sheets (MSDS) to ensure your safety. Working with unfamiliar or new materials isn’t necessarily dangerous; however, when some materials are heated, burned, frayed, wet, or otherwise manipulated, they can emit dangerous fumes or toxic dust that could be inhaled or absorbed through the skin. Always consult the MSDS that accompanies any materials that you work with. The safety officer at your company maintains MSDS.
• Emergency procedures: When at work, you should look in the Emergency Preparedness and Procedures Manual to find out what to do in case of a fire, earthquake, tornado, or other disaster. In the event of an emergency, your organization needs to have established emergency procedures and the proper equipment. In the case of a fire, earthquake, or similar disaster, employees need to know where the emergency exits are and where to gather once outside the building. There also need to be procedures in place to inform employees how to act if hostile intruders gain access to the premises. Emergency equipment such as smoke detectors, fire extinguishers, and fire and security alarms need to be in place and maintained. Document these procedures and ensure that each employee is familiar with them.
- Building layout: If there is ever an emergency in your building, you need to get everyone out safely and protect your network assets at the same time. The building layout can be an important key to keeping people and assets safe. Server rooms that are in the center of the building are better positioned not only for running cables to all areas, but also this location provides some protection from people on the street easily gaining access to it. Someone posing as an emergency responder who is actually there to attack or steal network assets would have to pass many employees and other emergency personnel to reach a server room located in the center of the building.
- Fire escape plan: the fire escape plan should be drilled at least twice a year.
- Safety/emergency exits: Your building should have clearly marked safety and emergency exits, and the fire escape plan should be drilled at least twice a year.
- Fail open/fail close: When developing applications or allowing network access, developers need to determine what will happen if an error or exception is encountered. Fail open and fail closed relate to the behavior of applications and networks when an error or exception is encountered. After the error, a fail open system continues to allow access; a fail closed system denies access.
- Emergency alert system: In the event of a fire, hostage situation, or natural disaster, employees should be alerted to any potential problems through an emergency alert system. This might include sirens and lights within the building, being included on lists of business and school closings, and phone or text messages to alert network users to the problem.
• Fire suppression systems: Physical security is as important as network security in protecting an organization and employees from crime. An organization's physical components have vulnerabilities that should be mitigated by employing appropriate physical security measures after asking the following questions:
• HVAC: Your heating, ventilation, and air conditioning (HVAC) system is an important part of keeping your network devices running. Providing proper air flow in server rooms helps keep servers and network devices from overheating, which can lead to network downtime or even fire.
• Plenum cable: A plenum cable is a network cable that is jacketed tightly around conductors so that fire cannot travel within the cable. The jacket of the plenum cable does not emanate poisonous gases when it burns. Fire codes require that you install this special grade cabling in the plenum, an air handling space, including ducts and other parts of the heating, ventilating, and air conditioning (HVAC) system in a building, between the structural and suspended ceilings, and under raised floors, as well as in firebreak walls. Unlike non-plenum cables, plenum cables can run through the plenum and firebreak walls.
- Grounding: To prevent an electrostatic discharge from damaging electronic components, you should touch metal or use a grounding mat when working with electronic components. Grounding is a safety precaution that is meant to direct current safely away from humans and into the ground.
• ESD: Electro Static Discharge
- Static:
• Installation safety: It is always a good idea to have a partner with you when performing work, to use grounding or insulating materials like gloves and electro-static discharge (ESD) mats to avoid shocks or damage to equipment, and to thoroughly read manufacturers' manuals. However, in the case of enterprise or high-level electrical systems, it is highly advisable to leave installation and maintenance work to qualified electrical technicians, even though some basic maintenance operations can likely be performed by you or your team. When you are installing, maintaining, and troubleshooting equipment, you should follow these safety rules:
- Lifting equipment: When lifting equipment, always assess the situation first to determine if you can lift or move items safely. When you lift, bend at your knees and not at your waist. This will prevent strain on your back muscles and pressure on your spine. Use lifting equipment for heavy and/or bulky items.
- Rack installation: When installing a rack system, follow safety guidelines to ensure your safety and the safety of any equipment.
- Placement: Make sure you use proper placement of equipment and devices as prescribed by the manufacturer. When installing devices in a wiring closet, you need to consider the placement of those devices so that your setup and maintenance activities are not hampered. Make sure that the devices are placed within reach of a power source and that power cords are not in high foot-traffic areas. Devices that need to connect to other devices should be within a reasonable distance of each other. Devices should also be physically accessible by the people who need to perform administration tasks on them. Proper airflow for cooling must be taken into account so that devices do not overheat.
- Tool safety: Check tools before you begin to ensure they are in good condition and functioning properly. Do not misuse tools.
• MSDS: A Material Safety Data Sheet (MSDS) is a technical bulletin that is designed to give users and emergency personnel information about the proper procedures for the storage and handling of a hazardous substance. This applies to any situation in which an employee is exposed to a chemical under normal use conditions or in the event of an emergency. The manufacturers supply MSDSs with the first shipment to a new customer and with any shipment after the MSDS is updated with significant and new information about safety hazards. You can get MSDSs online; the Internet has a wide range of free resources. The Occupational Health and Safety Administration (OSHA) regulations govern the use of MSDSs and the information an MSDS must contain in the U.S. If you’re unsure about working with a new product that contains an unusual coating or is composed of multiple unfamiliar materials, you should consult the Material Safety Data Sheets (MSDS) to ensure your safety. Working with unfamiliar or new materials isn’t necessarily dangerous; however, when some materials are heated, burned, frayed, wet, or otherwise manipulated, they can emit dangerous fumes or toxic dust that could be inhaled or absorbed through the skin. Always consult the MSDS that accompanies any materials that you work with. The safety officer at your company maintains MSDS.
• Emergency procedures: When at work, you should look in the Emergency Preparedness and Procedures Manual to find out what to do in case of a fire, earthquake, tornado, or other disaster. In the event of an emergency, your organization needs to have established emergency procedures and the proper equipment. In the case of a fire, earthquake, or similar disaster, employees need to know where the emergency exits are and where to gather once outside the building. There also need to be procedures in place to inform employees how to act if hostile intruders gain access to the premises. Emergency equipment such as smoke detectors, fire extinguishers, and fire and security alarms need to be in place and maintained. Document these procedures and ensure that each employee is familiar with them.
- Building layout: If there is ever an emergency in your building, you need to get everyone out safely and protect your network assets at the same time. The building layout can be an important key to keeping people and assets safe. Server rooms that are in the center of the building are better positioned not only for running cables to all areas, but also this location provides some protection from people on the street easily gaining access to it. Someone posing as an emergency responder who is actually there to attack or steal network assets would have to pass many employees and other emergency personnel to reach a server room located in the center of the building.
- Fire escape plan: the fire escape plan should be drilled at least twice a year.
- Safety/emergency exits: Your building should have clearly marked safety and emergency exits, and the fire escape plan should be drilled at least twice a year.
- Fail open/fail close: When developing applications or allowing network access, developers need to determine what will happen if an error or exception is encountered. Fail open and fail closed relate to the behavior of applications and networks when an error or exception is encountered. After the error, a fail open system continues to allow access; a fail closed system denies access.
- Emergency alert system: In the event of a fire, hostage situation, or natural disaster, employees should be alerted to any potential problems through an emergency alert system. This might include sirens and lights within the building, being included on lists of business and school closings, and phone or text messages to alert network users to the problem.
• Fire suppression systems: Physical security is as important as network security in protecting an organization and employees from crime. An organization's physical components have vulnerabilities that should be mitigated by employing appropriate physical security measures after asking the following questions:
- Is the building adequately covered by a fire-suppression system? Not just the server room, but other general areas as well.
- Are critical systems and server rooms equipped with special fire protection methods? Will a fire accident destroy the storage systems and will data be compromised?
- Is network cabling in the plenum areas of the building fire-resistant?
• HVAC: Your heating, ventilation, and air conditioning (HVAC) system is an important part of keeping your network devices running. Providing proper air flow in server rooms helps keep servers and network devices from overheating, which can lead to network downtime or even fire.
• Plenum cable: A plenum cable is a network cable that is jacketed tightly around conductors so that fire cannot travel within the cable. The jacket of the plenum cable does not emanate poisonous gases when it burns. Fire codes require that you install this special grade cabling in the plenum, an air handling space, including ducts and other parts of the heating, ventilating, and air conditioning (HVAC) system in a building, between the structural and suspended ceilings, and under raised floors, as well as in firebreak walls. Unlike non-plenum cables, plenum cables can run through the plenum and firebreak walls.
5.7 Given a scenario, install and configure equipment in
the appropriate location using best practices
Distribution frames are devices that terminate cables and enable connections with other devices. Many installations will use a combination of a main distribution frame (MDF) and several intermediate distribution frames (IDFs).
• Intermediate distribution frame: The locations vary, but IDFs are usually situated in a wiring closet on each floor or in each major section of a large single-story structure. IDFs are always kept in locked rooms or in secure locations.
• Main distribution frame: Main distribution frames (MDFs), on the other hand, are usually located on the first floor or in an area easily accessible by various telecommunication or power providers that would need to manage it. IDFs are usually connected to a centrally-located MDF, which manages the connections between external communication cables coming into the building and the building's internal cabling network.
• Cable management:
- Patch panels: A patch panel is a connection point for drop and patch cables. Typically, a patch panel has one or more rows of RJ-45 or other connectors. Drop cables are connected to the connectors. Cables run between the connectors to connect drop cables, as needed.
• Power management:
- Power converters: In networking, you are most likely to encounter power converters as transformers for devices. You might also see them in voltage regulators and the mains power supply.
- Circuits: A power circuit is the collection of wires that carry current from the breaker to the devices. Be sure there are enough circuits to supply power to all of your devices without overloading any one circuit. Circuit breakers will shut the circuit down if it is overloaded.
- UPS: An Uninterruptible Power Supply (UPS) is a device that provides backup power when the electrical power fails or drops to an unacceptable voltage level. This helps reduce or eliminate data loss and limit or prevent hardware damage during power surges or brownouts. Equipment such as a UPS should always be placed as near as practical to the protected device or circuitry, but out of the way so that regular work is not impeded. Both small and large computer setups can have a UPS, including larger data center facilities.
- Inverters: An inverter or power inverter is a device that converts DC current to AC current. For networking you need an inverter that supplies a stable DC power source so that there are few, close to no, power fluctuations as these could harm the networking equipment.
- Power redundancy: Power redundancy is built into many servers in the form of duplicate power supplies. Many servers can use a Y-power cord or two individual power cords to connect to two power supplies on the back of a single server. If one power supply goes bad or if a single power cable is unplugged, the other power supply continues to supply the device with power.
• Device placement:
• Air flow: Air flow is important because electronic equipment performs best when the temperature is between 68 and 75 degrees Fahrenheit or 20 to 24 degrees Celsius. This is important to maintain a safe working temperature. Proper air flow management is the effort to maximize cooling by either supplying cooling air to equipment, or by eliminating the mixing and recirculation of hot equipment exhaust air. Most network equipment has an optimal temperature and humidity that it needs to be kept at to ensure proper performance. If it gets too hot or cold it may not run effectively or even fail. An ambient temperature range of 68° to 75°F (20° to 24°C) and humidity levels between 45 and 55 percent is generally recommended for performance and reliability. Your heating, ventilation, and air conditioning (HVAC) system is an important part of keeping your network devices running. Providing proper air flow in server rooms helps keep servers and network devices from overheating. Rows of servers should be placed with fronts facing fronts, creating a cold aisle, and the rear of units creating a hot aisle where ventilation systems can gather up the hot air, cool it, and recirculate the cooled air. There are several techniques and equipment that can help you control temperature and humidity levels. Some of these are:
• Cable trays: a networking peripheral that’s used to support and organize cables in a network. The cable tray helps support and organize network cables and is present in office furniture and other areas where cable management is important for safety and visual aesthetics.
• Rack systems: A rack system is a standardized frame or enclosure for mounting electronic equipment and devices. They allow for dense hardware configurations without occupying excessive floorspace or requiring shelving. The 19-inch rack format is an industry standard. Each piece of equipment or device is fastened to the rack frame with screws. Equipment that is designed to be placed in a rack system is usually identified as a rack mount, rack-mounted system, rack-mount instrument, rack-mount chassis, subrack, or rack-mountable. All types of electronics and computing devices come in rack- mounted packages, including servers, switches, routers, telecommunications components, tape drives, and audio and video equipment. The industry standard data center rack width is 19 inches. Rack systems can be two-post racks or four-post racks.
- Server rail racks: Server rail racks use rails to mount the systems to the racks. Rack mount systems might include the rails, or you might need to purchase them separately. Some server rail racks are fixed mounts. Others are sliding rails, making it easier to access the rear of the device.
- Two-post racks: Two-post racks are designed for lightweight equipment such as switches.
- Four-post racks: Four-post racks are designed for heavier equipment such as servers. These racks are typically bolted to the floor for stability and security. 2U servers are sufficiently heavy to require four-post rack installation.
- Free-standing racks: Free-standing racks are usually heavier duty racks that don’t need to be bolted to the floor for stability.
• Labeling: Labeling cables is an important aspect of cable management. Labels should help you accelerate tracing a cable to see where it runs to. This can be achieved by numbering the cables and labeling each end of the cable with the same number. Labeling can also be used to identify the properties of the cable, such as the length, type, and so on. Labeling of equipment, ports, and cables is so important, that TIA created a standard for labeling items. TIA-606B specifies standards for labeling and record keeping. All changes should be managed through Move/Add/Change (MAC) documents. Labels need to be printed (not handwritten) and securely attached to the port, cable, system, circuit, or patch panel. The standard specifies how port labeling, system labeling, circuit labeling, and patch panel labeling should be structured. Cables should be labeled within 12 inches of each end of the cable. Patch panel ports should be labeled above the port. Circuits should be individually labeled with the FS-AN. The identifier on the label should confirm to the FS-AN naming convention:
- System labeling
- Circuit labeling
- Naming conventions
- Patch panel labeling
• Rack monitoring: Rack monitoring sensors are used to monitor environmental conditions to help maintain constant conditions. It monitors temperature, humidity, and air flow around your rack-mounted servers.
• Rack security: If you use a shared data center, you should use racks with lockable doors as a precaution to ensure the physical security of your racked systems.
- An MDF contains the devices used to manage the connections between external communication cables coming into the building and the cables of the internal network, via a series of IDFs. An MDF is usually a long steel rack that is accessible from both sides. Termination blocks are arranged horizontally on one side at the front of the rack shelves. The jumpers lie on the shelf and run through vertically arranged termination blocks.
- An IDF is a free-standing or wall-mounted rack for managing and interconnecting end user devices, such as workstations and printers, and an MDF.
• Intermediate distribution frame: The locations vary, but IDFs are usually situated in a wiring closet on each floor or in each major section of a large single-story structure. IDFs are always kept in locked rooms or in secure locations.
• Main distribution frame: Main distribution frames (MDFs), on the other hand, are usually located on the first floor or in an area easily accessible by various telecommunication or power providers that would need to manage it. IDFs are usually connected to a centrally-located MDF, which manages the connections between external communication cables coming into the building and the building's internal cabling network.
• Cable management:
- Patch panels: A patch panel is a connection point for drop and patch cables. Typically, a patch panel has one or more rows of RJ-45 or other connectors. Drop cables are connected to the connectors. Cables run between the connectors to connect drop cables, as needed.
• Power management:
- Power converters: In networking, you are most likely to encounter power converters as transformers for devices. You might also see them in voltage regulators and the mains power supply.
- Circuits: A power circuit is the collection of wires that carry current from the breaker to the devices. Be sure there are enough circuits to supply power to all of your devices without overloading any one circuit. Circuit breakers will shut the circuit down if it is overloaded.
- UPS: An Uninterruptible Power Supply (UPS) is a device that provides backup power when the electrical power fails or drops to an unacceptable voltage level. This helps reduce or eliminate data loss and limit or prevent hardware damage during power surges or brownouts. Equipment such as a UPS should always be placed as near as practical to the protected device or circuitry, but out of the way so that regular work is not impeded. Both small and large computer setups can have a UPS, including larger data center facilities.
- Inverters: An inverter or power inverter is a device that converts DC current to AC current. For networking you need an inverter that supplies a stable DC power source so that there are few, close to no, power fluctuations as these could harm the networking equipment.
- Power redundancy: Power redundancy is built into many servers in the form of duplicate power supplies. Many servers can use a Y-power cord or two individual power cords to connect to two power supplies on the back of a single server. If one power supply goes bad or if a single power cable is unplugged, the other power supply continues to supply the device with power.
• Device placement:
• Air flow: Air flow is important because electronic equipment performs best when the temperature is between 68 and 75 degrees Fahrenheit or 20 to 24 degrees Celsius. This is important to maintain a safe working temperature. Proper air flow management is the effort to maximize cooling by either supplying cooling air to equipment, or by eliminating the mixing and recirculation of hot equipment exhaust air. Most network equipment has an optimal temperature and humidity that it needs to be kept at to ensure proper performance. If it gets too hot or cold it may not run effectively or even fail. An ambient temperature range of 68° to 75°F (20° to 24°C) and humidity levels between 45 and 55 percent is generally recommended for performance and reliability. Your heating, ventilation, and air conditioning (HVAC) system is an important part of keeping your network devices running. Providing proper air flow in server rooms helps keep servers and network devices from overheating. Rows of servers should be placed with fronts facing fronts, creating a cold aisle, and the rear of units creating a hot aisle where ventilation systems can gather up the hot air, cool it, and recirculate the cooled air. There are several techniques and equipment that can help you control temperature and humidity levels. Some of these are:
- Position diffusers so that they deliver cool air directly to the equipment.
- Use blanking panels on unused rack spaces so that air passes through the equipment rather than around it.
- Use structured cabling systems to eliminate disorganized and excess cables that might restrict exhaust air flow from rack mounted equipment. Also consider cutting cables and power cords to the correct length to allow more room for air to flow away from the back of the rack.
- Remove unnecessary sub–floor obstructions to increase air flow. For example, cabling in the sub-floor plenum can impede proper air circulation.
- Use floor grommets to improve cooling by sealing areas where cables enter and exit plenums.
- Consider getting a professional air flow assessment to help identify ways to improve cooling efficiency.
• Cable trays: a networking peripheral that’s used to support and organize cables in a network. The cable tray helps support and organize network cables and is present in office furniture and other areas where cable management is important for safety and visual aesthetics.
• Rack systems: A rack system is a standardized frame or enclosure for mounting electronic equipment and devices. They allow for dense hardware configurations without occupying excessive floorspace or requiring shelving. The 19-inch rack format is an industry standard. Each piece of equipment or device is fastened to the rack frame with screws. Equipment that is designed to be placed in a rack system is usually identified as a rack mount, rack-mounted system, rack-mount instrument, rack-mount chassis, subrack, or rack-mountable. All types of electronics and computing devices come in rack- mounted packages, including servers, switches, routers, telecommunications components, tape drives, and audio and video equipment. The industry standard data center rack width is 19 inches. Rack systems can be two-post racks or four-post racks.
- Server rail racks: Server rail racks use rails to mount the systems to the racks. Rack mount systems might include the rails, or you might need to purchase them separately. Some server rail racks are fixed mounts. Others are sliding rails, making it easier to access the rear of the device.
- Two-post racks: Two-post racks are designed for lightweight equipment such as switches.
- Four-post racks: Four-post racks are designed for heavier equipment such as servers. These racks are typically bolted to the floor for stability and security. 2U servers are sufficiently heavy to require four-post rack installation.
- Free-standing racks: Free-standing racks are usually heavier duty racks that don’t need to be bolted to the floor for stability.
• Labeling: Labeling cables is an important aspect of cable management. Labels should help you accelerate tracing a cable to see where it runs to. This can be achieved by numbering the cables and labeling each end of the cable with the same number. Labeling can also be used to identify the properties of the cable, such as the length, type, and so on. Labeling of equipment, ports, and cables is so important, that TIA created a standard for labeling items. TIA-606B specifies standards for labeling and record keeping. All changes should be managed through Move/Add/Change (MAC) documents. Labels need to be printed (not handwritten) and securely attached to the port, cable, system, circuit, or patch panel. The standard specifies how port labeling, system labeling, circuit labeling, and patch panel labeling should be structured. Cables should be labeled within 12 inches of each end of the cable. Patch panel ports should be labeled above the port. Circuits should be individually labeled with the FS-AN. The identifier on the label should confirm to the FS-AN naming convention:
- F: The floor number and telecommunications space.
- S: A letter that identifies the telecommunications space within the “F” area.
- A: One or two characters (letters or numbers) corresponding to a patch panel that makes up the horizontal cross-connect.
- N: Two to four numbers corresponding to the patch panel port where the cable connects to the patch panel.
- System labeling
- Circuit labeling
- Naming conventions
- Patch panel labeling
• Rack monitoring: Rack monitoring sensors are used to monitor environmental conditions to help maintain constant conditions. It monitors temperature, humidity, and air flow around your rack-mounted servers.
• Rack security: If you use a shared data center, you should use racks with lockable doors as a precaution to ensure the physical security of your racked systems.
5.8 Explain the basics of change management procedures
The change management process is put into place to assess and prevent unnecessary risks from being introduced into an (computing) environment due to hasty decisions and undocumented changes. Change management is a systematic way of approving and executing change in order to ensure maximum security, stability, and availability of information technology services. When an organization changes its hardware, software, infrastructure, or documentation, it risks the introduction of unanticipated consequences. Changes may also be necessary in response to a security incident where modifications are required to resolve the issue. Therefore, it is important that an organization be able to properly assess risk; to quantify cost of training, support, maintenance, or implementation; and to properly weigh benefits against the complexity of a proposed change. By maintaining a documented change management procedure, an organization can protect itself from potential adverse effects of hasty change.
• Document reason for a change: Document rationale for the change.
• Change request: Create a change request, which should include:
- Configuration procedures:
- Rollback processes: The rollback process describes the steps that you take to back out of a change in case of failure or in case the change cannot be safely implemented. Generally, if your change takes you outside of the prescribed change window, you have to roll back the change and start the change process again to modify the window (the time required to process a change).
- Potential impact:
- Notification processes:
• Approval process: Initiate and work through an established approval process.
• Maintenance window: Plan the change.
• Notification of change: Implement the change.
• Documentation: Ensure adequate documentation exists and is updated, including:
- Network configurations: it is important to fully document any physical location changes or additions to the network to maintain accurate network maps and inventories for future reference.
- Additions to network:
- Physical location changes:
• Document reason for a change: Document rationale for the change.
• Change request: Create a change request, which should include:
- Configuration procedures:
- Rollback processes: The rollback process describes the steps that you take to back out of a change in case of failure or in case the change cannot be safely implemented. Generally, if your change takes you outside of the prescribed change window, you have to roll back the change and start the change process again to modify the window (the time required to process a change).
- Potential impact:
- Notification processes:
• Approval process: Initiate and work through an established approval process.
- Analyze the change request to determine the feasibility of the request.
- Determine the costs and benefits of the proposed change.
- Evaluate the change based on the feasibility, costs, benefits, and need.
• Maintenance window: Plan the change.
- Identify what is required in order to make the change.
- Determine the time required to implement the change.
• Notification of change: Implement the change.
- Notify affected parties of downtime, if any.
- Execute the change.
- Test the change.
- Provide notification of the change to affected parties.
• Documentation: Ensure adequate documentation exists and is updated, including:
- Network configurations: it is important to fully document any physical location changes or additions to the network to maintain accurate network maps and inventories for future reference.
- Additions to network:
- Physical location changes:
5.9 Compare and contrast the following ports and protocols
• 80 HTTP: Hypertext Transfer Protocoll (HTTP) is an unsecure protocol. Any nosy person can plug into a network and see/read the HTTP packets moving between a Web server and a Web client.
• 443 HTTPS: Port 443 is for Hypertext Transfer Protocol Secure (HTTPS). It is a secure version of HTTP that provides a secure connection between a web browser and a server. HTTPS uses the Secure Sockets Layer (SSL) security protocol to encrypt data. HTTPS runs at the Application layer (Layer 7) of the OSI model and the Application layer of the TCP/IP model. It uses port 443 and runs on TCP. Websites that use SSL start with "https". Not all web browsers and servers support HTTPS, though.
• 443 HTTPS: Port 443 is for Hypertext Transfer Protocol Secure (HTTPS). It is a secure version of HTTP that provides a secure connection between a web browser and a server. HTTPS uses the Secure Sockets Layer (SSL) security protocol to encrypt data. HTTPS runs at the Application layer (Layer 7) of the OSI model and the Application layer of the TCP/IP model. It uses port 443 and runs on TCP. Websites that use SSL start with "https". Not all web browsers and servers support HTTPS, though.
• 137-139 NetBIOS: Network Basic Input/Output System (NetBIOS) is a program that allows applications on separate computers to communicate over a local area network. Ports 137-139 are for NetBIOS, an older program that allows applications on different computers to communicate within a local area network (LAN). If you want to filter NetBIOS over Transmission Control Protocol (TCP) from outside of your network, (to deny NetBIOS) deny ports 137, 138, and 139 in your firewall rules.
E-mail protocols
POP3 is used to receive e-mail from SMTP servers via TCP port 110. Not used much.
IMAP4 is used to receive e-mail from SMTP servers via TCP port 143. The preferred alternative to POP3.
SMPT is used by clients to send e-mail over TCP port 25.
• 110 POP: Because POP3 is designed by default to download messages to a local device and delete them from the email server, it is not the best email protocol to use when users need to access their email from multiple devices. Or, if they select the option (within their email client) to leave their messages on the server, they will have to delete old messages manually to avoid exceeding mailbox size limits, which may also lead to messages being split across multiple devices. If using POP for email retrieval, a local computer or device crashing can mean the loss of all mail messages on the device. POP does have a secure port (port 995). Used for message retrieval only. Post Office Protocol 3 (POP3) is a protocol used to retrieve email messages from a mailbox on a mail server. POP3 uses port 110 for regular transmissions and port 995 for encrypted transmissions, and it runs on TCP. With POP3, email messages wait in the mailbox on the server until the client retrieves them. The client can start the transfer on a set schedule, or transfer messages manually. Once the client retrieves and downloads the messages, the server deletes them unless the client configures options to leave the messages on the server. The client then works with the locally cached email messages. Because POP3 is designed by default to download messages to the local device and delete them from the email server, it is not the best email protocol to use when users need to access their email from multiple devices. This is because when they use POP3, they end up with their email messages downloaded and split among the devices they use instead of having all their messages in one central location. Or, if they leave their messages on the server, they will have to delete old messages manually to avoid exceeding mailbox size limits, which may also lead to messages being split across multiple devices.
• 143 IMAP: One major advantage of IMAP over POP is that messages retrieved via IMAP stay on the server by default, making them easily accessible and manageable from any device. With IMAP, mail is stored on (likely) highly-reliable servers, keeping it safe from local device issues and data loss. IMAP is built and configured by default to leave email on the mail server, allowing users to access mail from any device at any time and view a real-time list of their mail and folders, messages read or unread status, message movement, flags, etc. IMAP's secure port is 993. Used for message retrieval only. Unlike POP3, IMAP4 enables users to access folders other than their mailbox. Internet Message Access Protocol version 4 (IMAP4) is a protocol used for retrieving messages from a mail server. IMAP4 uses port 143 for regular transmissions and port 993 for encrypted transmissions, and it runs on TCP. Though it is similar to POP3, IMAP4 is more powerful and offers several functions. They include:
• 25 SMTP: Simple message transfer protocol (SMTP) is used to send e-mail. SMTP travels over TCP port 25 and is used by clients to send messages. To be more precise, SMTP is a communications protocol for formatting and sending email messages from a client to a server or between servers.
• 143 IMAP: One major advantage of IMAP over POP is that messages retrieved via IMAP stay on the server by default, making them easily accessible and manageable from any device. With IMAP, mail is stored on (likely) highly-reliable servers, keeping it safe from local device issues and data loss. IMAP is built and configured by default to leave email on the mail server, allowing users to access mail from any device at any time and view a real-time list of their mail and folders, messages read or unread status, message movement, flags, etc. IMAP's secure port is 993. Used for message retrieval only. Unlike POP3, IMAP4 enables users to access folders other than their mailbox. Internet Message Access Protocol version 4 (IMAP4) is a protocol used for retrieving messages from a mail server. IMAP4 uses port 143 for regular transmissions and port 993 for encrypted transmissions, and it runs on TCP. Though it is similar to POP3, IMAP4 is more powerful and offers several functions. They include:
- A user can check an email header and also look for a specific string of characters in the contents of a message before downloading it.
- Messages can also remain on the server while the client works with them as if they were local.
- Users can search through messages by keywords and choose which messages to download locally.
- Messages in the user's mailbox can be marked with different status flags, such as deleted or replied to. The messages and their status flags stay in the mailbox until explicitly removed by the user.
- An email message containing multimedia files can be partially downloaded, saving bandwidth.
- A user can create, rename, or delete mailboxes on a mail server, and also arrange mailboxes in a hierarchical manner in a folder for email storage.
- Unlike POP3, IMAP4 enables users to access folders other than their mailbox.
• 25 SMTP: Simple message transfer protocol (SMTP) is used to send e-mail. SMTP travels over TCP port 25 and is used by clients to send messages. To be more precise, SMTP is a communications protocol for formatting and sending email messages from a client to a server or between servers.
• 5060/5061 SIP: SIP initiates, modifies, and terminates a session. It is a signaling protocol for multimedia communication sessions. SIP must work with other protocols because it is responsible only for the signaling portion of a communication session.
• 2427/2727 MGCP: Media Gateway Control Protocol (MGCP), which uses port 2427 for UDP and 2727 for TCP, was developed by Cisco as an alternative to H.323 for setting up, managing, securing, and transmitting calls over the Internet. H.248 is an implementation of MGCP for providing communication services across a traditional telephone network and a data packet transmission network, like the Internet.
• 5004/5005 RTP: Real-Time Transport Protocol (RTP) transmits audio or video content and defines the packet for delivery including the type of content, sequence numbering, time stamping, and delivery monitoring. Has no specific UDP or TCP port number; rather, it has a dynamic range of port numbers, a feature that makes traversing firewalls difficult. The major difference between the Session Initiation Protocol (SIP) and the Real-Time Transport Protocol (RTP) is that SIP is used for control signaling such a call setup and teardown.
• 1720 H.323: Port 1720 is associated with H.323 for VoIP. H.323 is an international Voice over IP (VoIP) standard that actually contains a group of protocols for setting up, managing, securing, and transmitting calls over the Internet.
• TCP: Transmission Control Protocol (TCP) is a connection-oriented, guaranteed-delivery protocol used to send data packets between devices over a network such as the Internet.
- Connection-oriented: TCP is a connection-oriented, guaranteed-delivery protocol used to send data packets between devices over a network such as the Internet. It is part of the Internet protocol suite along with the Internet Protocol (IP). TCP is responsible for breaking up data into segments, reassembling them at the other end, resending data lost in transit, and resequencing data. It sends data, waits for an acknowledgement, and retransmits if necessary.
• Server Message Block (SMB): is a protocol that works on the Application layer of the OSI model and helps share resources such as files, printers, and serial ports among devices. SMB uses port 445 and runs on TCP. In a TCP/IP network, NetBIOS clients, such as Windows systems, use NetBIOS over TCP/IP to connect to servers, and then issue SMB commands to complete tasks such as accessing shared files and printers.
• UDP: The User Datagram Protocol (UDP), also known as the Universal Datagram Protocol, is a connectionless Transport-layer protocol in the IP suite. UDP is a best-effort delivery protocol and is used with IP in the same way TCP is. It uses a smaller, simpler header than TCP does, which provides for faster service.
- Connectionless: And because it is a connectionless protocol, it provides faster service because it does not wait for acknowledgement. UDP is commonly used in streaming media such as Voice over IP (VoIP), real-time video (as opposed to video-on-demand), and network management applications in which a device is polled regularly for its health. It is used when performance is more important than the ability to receive all of the data. The User Datagram Protocol (UDP), also known as the Universal Datagram Protocol, is a connectionless Transport-layer protocol in the IP suite. UDP is a best-effort delivery protocol and is used with IP in the same way TCP is. It uses a smaller, simpler header than TCP does, which provides for faster service. And because it is a connectionless protocol, it provides faster service because it does not wait for acknowledgement. UDP is commonly used in streaming media such as Voice over IP (VoIP), real-time video (as opposed to video-on-demand), and network management applications in which a device is polled regularly for its health. It is used when performance is more important than the ability to receive all of the data.
• 2427/2727 MGCP: Media Gateway Control Protocol (MGCP), which uses port 2427 for UDP and 2727 for TCP, was developed by Cisco as an alternative to H.323 for setting up, managing, securing, and transmitting calls over the Internet. H.248 is an implementation of MGCP for providing communication services across a traditional telephone network and a data packet transmission network, like the Internet.
• 5004/5005 RTP: Real-Time Transport Protocol (RTP) transmits audio or video content and defines the packet for delivery including the type of content, sequence numbering, time stamping, and delivery monitoring. Has no specific UDP or TCP port number; rather, it has a dynamic range of port numbers, a feature that makes traversing firewalls difficult. The major difference between the Session Initiation Protocol (SIP) and the Real-Time Transport Protocol (RTP) is that SIP is used for control signaling such a call setup and teardown.
• 1720 H.323: Port 1720 is associated with H.323 for VoIP. H.323 is an international Voice over IP (VoIP) standard that actually contains a group of protocols for setting up, managing, securing, and transmitting calls over the Internet.
• TCP: Transmission Control Protocol (TCP) is a connection-oriented, guaranteed-delivery protocol used to send data packets between devices over a network such as the Internet.
- Connection-oriented: TCP is a connection-oriented, guaranteed-delivery protocol used to send data packets between devices over a network such as the Internet. It is part of the Internet protocol suite along with the Internet Protocol (IP). TCP is responsible for breaking up data into segments, reassembling them at the other end, resending data lost in transit, and resequencing data. It sends data, waits for an acknowledgement, and retransmits if necessary.
• Server Message Block (SMB): is a protocol that works on the Application layer of the OSI model and helps share resources such as files, printers, and serial ports among devices. SMB uses port 445 and runs on TCP. In a TCP/IP network, NetBIOS clients, such as Windows systems, use NetBIOS over TCP/IP to connect to servers, and then issue SMB commands to complete tasks such as accessing shared files and printers.
• UDP: The User Datagram Protocol (UDP), also known as the Universal Datagram Protocol, is a connectionless Transport-layer protocol in the IP suite. UDP is a best-effort delivery protocol and is used with IP in the same way TCP is. It uses a smaller, simpler header than TCP does, which provides for faster service.
- Connectionless: And because it is a connectionless protocol, it provides faster service because it does not wait for acknowledgement. UDP is commonly used in streaming media such as Voice over IP (VoIP), real-time video (as opposed to video-on-demand), and network management applications in which a device is polled regularly for its health. It is used when performance is more important than the ability to receive all of the data. The User Datagram Protocol (UDP), also known as the Universal Datagram Protocol, is a connectionless Transport-layer protocol in the IP suite. UDP is a best-effort delivery protocol and is used with IP in the same way TCP is. It uses a smaller, simpler header than TCP does, which provides for faster service. And because it is a connectionless protocol, it provides faster service because it does not wait for acknowledgement. UDP is commonly used in streaming media such as Voice over IP (VoIP), real-time video (as opposed to video-on-demand), and network management applications in which a device is polled regularly for its health. It is used when performance is more important than the ability to receive all of the data.
5.10 Given a scenario, configure and apply the appropriate ports and protocols
Protocol: Port
FTP – File Transport Protocol: 20, 21
Port 21 is the unsecured file transfer protocol (FTP). For years, your users have used File Transfer Protocol (FTP) to update files on websites, but you have decided to use more secure protocols for all your services. Which protocol will you substitute for FTP? Secure File Transfer Protocol (SFTP) performs the same file transfer functionality but over a secure channel.
SSH – Secure Shell: 22
If you replace Telnet with SSH you would need to deny port 23 and allow port 22.
Telnet: 23
Port 23 is Telnet, an unsecured terminal emulation protocol that enables users at one site to simulate a session on a remote host as if the terminal were directly attached.
SMTP – Simple Mail Transport Protocol: 25
Simple Mail Transfer Protocol (SMTP) is used for email but is directional in its function. What is the SMTP port number and the direction of of email flow, from the sender's perspective? 25; outbound. SMTP operates on port 25 in the outbound direction.
DNS – Domain Name System: 53
DNS uses port 53 on both UDP and TCP. You have to be sure that both are allowed in the firewall. Check that port 53 for User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) are allowed.
DHCP – Dynamic Host Configuration Protocol: 67, 68
Make sure ports 67 and 68 are not denied in your firewall if you would like DHCP to dynamically assign IP addresses.
TFTP – Trivial File Transport Protocol: 69
Some members of your staff suggest using one of the network booting protocols so that they can relieve some of the company’s desktop support costs. You agree, but have to allow the protocol through the firewall for it to function. Allow TFTP, which uses port 69.
HTTP – Hypertext Transfer Protocol: 80
HTTPS – Hypertext Transfer Protocol Secure: 443
Port 443 is for Hypertext Transfer Protocol Secure (HTTPS), is a secure version of HTTP that provides a secure connection between a web browser and a server.
SSL VPN – Secure Sockets Layer virtual private network: 443
POP3 – Post Office Protocol version 3: 110
Operates in the inbound or receiving direction.
NTP – Network Time Protocol: 123
IMAP4 – Internet message access protocol version 4: 143
Operates in the inbound or receiving direction.
SNMP – Simple Network Management Protocol: 161
SNMP is an Internet protocol that enables administrators to monitor and manage network devices and traffic. Working at the Application layer of the OSI model and the Application layer of the TCP/IP model, SNMP uses ports 161 and 162 to collect information from and send configuration commands to networking devices such as routers, switches, servers, workstations, printers, and any other SNMP-enabled devices. SNMP generally runs over UDP.
IPsec – Internet Protocol security (through the use of ISAKMP – Internet Security Association and Key Management Protocol): 500
RDP – Remote Desktop Protocol: 3389
RDP is a proprietary protocol created by Microsoft for connecting to and managing devices that are not necessarily located at the same place as the administrator. It uses port 3389, runs on TCP, and works on the Application layer of the OSI model. It and the remote desktop software allow a user to remotely log in to a networked device.
FTP – File Transport Protocol: 20, 21
Port 21 is the unsecured file transfer protocol (FTP). For years, your users have used File Transfer Protocol (FTP) to update files on websites, but you have decided to use more secure protocols for all your services. Which protocol will you substitute for FTP? Secure File Transfer Protocol (SFTP) performs the same file transfer functionality but over a secure channel.
SSH – Secure Shell: 22
If you replace Telnet with SSH you would need to deny port 23 and allow port 22.
Telnet: 23
Port 23 is Telnet, an unsecured terminal emulation protocol that enables users at one site to simulate a session on a remote host as if the terminal were directly attached.
SMTP – Simple Mail Transport Protocol: 25
Simple Mail Transfer Protocol (SMTP) is used for email but is directional in its function. What is the SMTP port number and the direction of of email flow, from the sender's perspective? 25; outbound. SMTP operates on port 25 in the outbound direction.
DNS – Domain Name System: 53
DNS uses port 53 on both UDP and TCP. You have to be sure that both are allowed in the firewall. Check that port 53 for User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) are allowed.
DHCP – Dynamic Host Configuration Protocol: 67, 68
Make sure ports 67 and 68 are not denied in your firewall if you would like DHCP to dynamically assign IP addresses.
TFTP – Trivial File Transport Protocol: 69
Some members of your staff suggest using one of the network booting protocols so that they can relieve some of the company’s desktop support costs. You agree, but have to allow the protocol through the firewall for it to function. Allow TFTP, which uses port 69.
HTTP – Hypertext Transfer Protocol: 80
HTTPS – Hypertext Transfer Protocol Secure: 443
Port 443 is for Hypertext Transfer Protocol Secure (HTTPS), is a secure version of HTTP that provides a secure connection between a web browser and a server.
SSL VPN – Secure Sockets Layer virtual private network: 443
POP3 – Post Office Protocol version 3: 110
Operates in the inbound or receiving direction.
NTP – Network Time Protocol: 123
IMAP4 – Internet message access protocol version 4: 143
Operates in the inbound or receiving direction.
SNMP – Simple Network Management Protocol: 161
SNMP is an Internet protocol that enables administrators to monitor and manage network devices and traffic. Working at the Application layer of the OSI model and the Application layer of the TCP/IP model, SNMP uses ports 161 and 162 to collect information from and send configuration commands to networking devices such as routers, switches, servers, workstations, printers, and any other SNMP-enabled devices. SNMP generally runs over UDP.
IPsec – Internet Protocol security (through the use of ISAKMP – Internet Security Association and Key Management Protocol): 500
RDP – Remote Desktop Protocol: 3389
RDP is a proprietary protocol created by Microsoft for connecting to and managing devices that are not necessarily located at the same place as the administrator. It uses port 3389, runs on TCP, and works on the Application layer of the OSI model. It and the remote desktop software allow a user to remotely log in to a networked device.
Ports and Protocols Summary
network__ports_and_protocols.pdf |