network administration and support
DESCRIPTION
Managing network accounts Managing network performance Managing network data securityTRANSCRIPT
UNIT STRUCTURE
Managing network accounts
Managing network performance
Managing network data security
What you will learn
You will learn how to install, configure and maintain computer hardware, protocols,
operating systems, software and internet-working devices, with special emphasis on
developing troubleshooting skills.
Instructors with business and industry experience lead classes and cover key topics such
as network administration, client/server installation and support, Web server
management, database implementation and network security.
You will have the chance to work in groups with other class members to learn valuable
teamwork and communication skills that reflect the real-world soft-skill requirements.
Network administration and Support
Introduction A Network Administrator is an individual that is responsible for the maintenance of computer
hardware and software systems that make up a computer network including the maintenance and
monitoring of active data network or converged infrastructure and related network equipment.
Network Administrators are generally mid-level support staff within an organization and do not
typically get involved directly with users. Network Administrators focus upon network
components within a company's LAN/WAN infrastructure ensuring integrity. Depending on the
company and its size, the Network Administrator may also design and deploy networks.
Duties of a Network Administrator
The role of the Network administrator can vary significantly depending on an organizations size,
location and socio-economic considerations. Some organizations work on a user-to-technical
support ratio.] whilst others implement many other strategies.
Generally, in terms of reactive situations (i.e.: unexpected disruptions to service, or service
improvements), IT Support Incidents are raised through an Issue tracking system. Typically,
these issues work their way through a Help desk and then flow through to the relevant
technology area for resolution. In the case of a network related issue, an issue will be directed
towards a Network Administrator. If a Network Administrator is unable to resolve an issue, a
ticket will be escalated to a more senior Network Engineer for restoration of service or a more
appropriate skill group.
Network Administrators are often involved in proactive work. This type of work will often
include:
Network monitoring
Testing the network for weakness
Keeping an eye out for needed updates
Installing and implementing security programs
In many cases, E-mail and Internet filters
Managing network accounts
Accounting management involves tracking each individual user's utilization of network resources
for the purposes of allocation of resources and billing for their use of the network. This type of
information helps a network manager allocate the right kind of resources to users, as well as
plan for network growth. With the same information, the cost of transmitting messages across the
network can be computed and billed to the user if the traffic was revenue bearing. This type of
management involves monitoring the login and logoff records, and checking the network usage
to determine a user's use of the network. In addition, access privileges and usage quotas can be
established and checked against actual for accounting information.
Accounting management is an applied field that deals with actual money moving in and out of a
system. In many ways, it is the applied form of economics, although the vast majority of
accounting management applies to a single business or system rather than an entire economy.
This form of management has two main functions: it oversees project planning from an economic
standpoint and it deals with the banking and the accounting aspects of the company.
The most likely place where accounting management is needed is within a large organization
such as a business or government. In these larger organizations, the accounts are usually
managed by an entire department that does nothing but work through monetary information.
Smaller structures typically have an accounting system, but do not require the all-encompassing
systems commonly found in accounting management. These smaller accounting systems typically
have a small staff or may even outsource their accounting to a local firm.
The first main duty of accounting management is overseeing the money used by the organization.
As a result, the accounting department is typically involved in nearly every aspect of the
organization’s dealings. The accountants assist with every phase of a project from planning to
implementation. The accounting system will often determine the monetary viability of a project
before it is even started, essentially deciding if the organization can afford the money it will need
to spend.
The work of this department is often more behind-the-scenes than others. The planning and
analysis phases of a new project are often done by accounting before they are given over to the
rest of the company. If the accountants determine that the project isn’t worth the expenditure, it
is often terminated before the rest of them company is even fully aware of it.
In approved projects, accounting management is used to keep the spending on track. This means
that the department is constantly overseeing the actions of other departments in order to keep
costs down. This, plus the initial approval phases, gives this department a great deal of power in
a standard organization. As a result, most large-scale accounting departments perform rigorous
internal audits to keep the department on track.
The second duty of an accounting management department is handling the money as it flows
through the organization. It handles corporate bank accounts, payroll, invoicing and receiving.
For the most part, if the process involves the movement of money, whether in or out of the
company, the accountants are usually part of it.
Managing Access and Accounts:
• Setting up user accounts is less complicated than assigning access rights
• Every OS has procedures and/or an interface for setting up accounts
• It is better to add privileges than to take them away from users
• Start with fairly restrictive account policies
User Accounts:
• A user account holds information about the specific user
• It can contain basic information such as name, password, and the level of permission the
user in granted
• It can also contain much more specific information such as the department the user
works in, a home phone number, and the days and hours the user is allowed to log on to
specific workstations
Managing Groups:
• Groups are created to make the sharing of resources more manageable
• A group contains users that share a common need for access to a particular resource
• Even though the connotations may differ with each operating system, all of these terms
still refer to the access that a user or group account is granted
Administrator Account :
• All operating systems have an administrative account
• The administrative account should be used only for the purpose of administering the
server
• Granting users this type of access is a disaster waiting to happen
• Most operating systems set up the administrative account during installation
Passwords:
• Allowing users to create simple passwords produces an unsecured environment
• If the passwords are too difficult to remember, users will probably write them down and
may even post them
• A weak password might be very short or only use alphanumeric characters or contain
information easily guessed by someone profiling the user
Strong Passwords:
• Strong passwords can be derived from events or things the user knows
• For example, the phrase "Going to the Bahamas on June 6, 2006 with Jean” can be
converted to gtB6606@J
• This creates a complex password that is easy for the user to remember
Password Policies:
• Password policies help protect the network from hackers and define the responsibilities
of users who have been given access to company resources
• All users should read and sign security policies as part of their employment process
• Many times it is necessary to restrict logon hours for maintenance purposes.
Performance Management
Performance management involves measuring the performance of a network and its resources in
terms of utilization, throughput, error rates, and response times. With performance management
information, a network manager can reduce or prevent network overcrowding and
inaccessibility. This helps provide a more consistent level of service to users on the network,
without overtaxing the capacity of devices and links.
This form of management looks at the percentage of utilization of devices and error rates to help
in improving and balancing the throughput of traffic in all parts of a network. Typically, some
devices are more highly utilized than others. Performance monitoring give qualitative and time
relevant information on the health and performance of devices so that underutilized devices are
more fully utilized, and overtaxed devices are rebalanced. In a well-utilized network with healthy
components, the error rates for packets traversing the network are down and response times are
shortened.
• As your network changes, its performance must be monitored and improved
• A measure of normal activity is known as a baseline
• Baselines must be updated on a regular basis, when the network has changed, or new
technology has been deployed
Monitoring Tools
• After baselines are established, the network needs to be monitored
• Many tools can be used to monitor the performance on the network:
– Event Viewer
– Performance Console
– Network Monitor
– Task Manager
The Event Viewer
• Allows auditing certain events
• The Event Viewer maintains three log files:
– One for system processes
– One for security information
– One for applications
The Task Manager
• Task Manager can be used to end processes or applications that get hung up without
having to reboot the machine
• It also gives you an instant view of CPU and memory usage
• It should be one of the first places to check when something seems awry
The Network Monitor
• Network Monitor is a protocol analyzer
• It can be used to capture network traffic and generate statistics for creating reports
• Network Monitor is not installed by default in Windows 2000
• It must be added as an optional Windows component
Network security management
Security management deals with ensuring overall security of the network, including protecting
sensitive information through the control of access points to that information. Sensitive
information is any data that an organization wants to secure, such as research documents,
payroll data, and sales and inventory figures. Protecting sensitive data from unauthorized access
is a common requirement. Security concerns can be assuaged with a well-designed and
implemented security management system.
Security management controls access to the network devices and sensitive information through
the use of devices such as passwords. This management also controls the form of sensitive data
using methods such as encryption. There are many encryption techniques available for sensitive
digital data such as public and private key encryption that have been in use for some time.
Each area of management in this five-part model is not exclusive of the others. It is typical for
performance management to work in conjunction with fault and configuration management. For
example, a monitored device interface that exhibits a slowly increasing error rate can be verified
by an alarm query, and could then be reconfigured and bypassed before the fault affects traffic.
Using these five management categories as guide lines, a more critical review can be made of
any product's ability to manage or be managed as a network device.
security is that the security an organization needs largely determines exactly how professionals
manage the network. Each part of the security system also has to be organized well to ensure
efficiency of control, with managers identifying the threats present for the network. When
managers find breaches of policy or law that relate to the system, it is their responsibility to turn
individuals over to the proper authorities or take appropriate business action.
The amount of security necessary in a network varies from person to person and business to
business. For instance, a home network may contain some personal information such as
passwords, but it does not contain the same amount of confidential information as a network in a
major government agency. The more sensitive the information on the network is, or the larger
the amount of data, the more closely managers have to manage the network, putting more heavy-
duty security measures in place.
Understanding
that the need for network management and security varies, network managers must formalize
their network management and security policies. For example, they might write a specific policy
that explains the specific software or user authentication procedure the company will use, or
what a person has to do for permission to connect a portable device such as a flash drive. Within
the policy, they must be specific about the penalties or consequences of policy breach, such as
suspension, loss of pay, dismissal or alert of police.
Just as police officers have to identify threats such as violence, people in network security and
management have to identify the threats to the network in order to develop a management policy
and keep the network at the right level of access. Examples of threats to network management
and security include hacking, viruses and denial-of-service attacks. Once the network manager
knows the risks, he can configure the network in such a way that the network is more secure
against those particular issues. Identifying risks involves investigating both the hardware and
software a person or company uses.
Network management and security personnel are not law enforcement agents. When they have
evidence of an electronic or Internet crime, however, they are obligated to report the problem.
This is a matter of both company and social stability. This obligation leads network managers to
serve as liaisons between their company or client and law enforcement agents as needed,
providing evidence of legal breaches and testifying about the network in question. If an employee
is dismissed or disciplined for breach of company policy rather than law, the network manager
might have to help defend the company's decision in the instance the dismissed or disciplined
employee files a lawsuit.
Network Security Components:
• The security components of a network fall into the following three areas:
– physical
– data
– system
Physical Security
• identifies threats to the hardware and buildings that store system data
• Threats include unauthorized access as well as natural disasters
• As new physical security systems are deployed users must be trained on how to use them
Protecting Data and Systems
• Backing up data is critical
• Off-site copies of data allow recovery in case an entire facility is destroyed
• If backup function is outsourced, be sure the company is reputable and the employees are bonded
Protecting Data and Systems
• Backing up data is critical
• Off-site copies of data allow recovery in case an entire facility is destroyed
• If backup function is outsourced, be sure the company is reputable and the employees are bonded
Questions:
1. Twisted pair cabling uses an RJ-11 connector.
a) True b) False
2. Which cable type offers the most security?
a) Coaxial
b) Shielded twisted pair
c) Fiber optic
d) Twisted pair
3. Which statement is not true about a repeater?
a) It regenerates network signals so they can travel farther.
b) They are primarily used in linear cable systems.
c) Every node on the network must have the same address.
d) All segments must have the same access address.
4. Ethernet,Token ring, and Arcnet are_____?
a) Topologies
b) Buses
c) Protocols
5. While installing NT server as a member server in Corp domain you get the message "Could not locate Primary Domain Controller for CORP domain". What do you do?
a) Install the member Server in a workgroup and join the domain later.
b) Install the memeber server as a PDC.
c) Install the server as a BDC in a workgroup and join the domain later.
d) Stop installation
6. Three network model types are centralized, distributed and
a) constructed
b) administrative
c) managed
d) collaborative
7. Which address is valid for Class C?
a) 33.114.17.24
b) 199.45.283.24
c) 202.67.13.87
d) 155.23.94.2
8. The IP address consists of ________ octets.
a) 2 b) 4 c) 8 d) 16
9. How many hosts can a Class B network have if the default subnet mask is used?
a) 65,435 b) 16,384 c) 16,483 d) 65,534
10. What Class of Address has a 0 as the Most Significant Bit in the first octet?
a) Class A b) Class B c) Class C d) Class D
11. What is the default subnet mask for a Class C address?
a) 255.0.0.0
b) 255.255.0.0
c) 255.255.255.0
d) 255.255.255.255
12. EtherNet can support up to ................... nodes on a network.
a) 256
b) 1024
c) 2000
d) 100
13. Which levels of RAID does Windows NT support?
a) 1 to 5
b) 0 to 5
c) 1, 5
d) 0, 1, 5
14. (True/False) RAID level 5 uses a dedicated drive that holds parity information for fault tolerance.
a) True
b) False
15. You have installed Windows NT Server 4.0 and now want to set up fault tolerance on your hard disk.
Which of the following fault-tolerance methods can the system files be part of?
a) mirror set
b) stripe set without parity
c) stripe set with parity
d) volume set
16. You are installing a multiboot system containing Windows 95, Windows NT Server and Windows NT
Workstation. You want to be able to share files and data among the three operating systems. What file
system should you choose?
a) NTFS
b) FAT
c) HPFS
d) FAT32
17. What is the minimum requirement for Disk Duplexing ?
a) 1 hard disk controller and 2 physical disks
b) 1 hard disk controller and 3 physical disks
c) hard disks controllers and 2 physical disks
d) hard disks controller and 4 physical disks
18. You are given a diagram of a subnetted class B network. In the middle there is a router at 160.110.4.1,
there is a workstation at 160.110.7.100
that can't communicate with an NT server at 160.110.4.17. The subnet mask on everything is 255.255.252.0.
There are also some printers, and other workstations placed in there to throw you off track.
a) Change the subnet mask to 255.255.240.0
b) Change the subnet mask to 255.255.248.0
c) Place the problem workstation on the same subnet as the NT server
d) Some lame answer about changing the IP of one of the bogus workstations.
e) Change the default gateway of the problem workstation to 160.110.4.1.
19. You have 5 class C blocks given to you by Internic. You need to implement these on you network. You
have 3 segments with 300 clients each. Minimize number of subnets on each segment. What do you do?
a) Leave the default subnet mask in place
b) Implement a subnet mask borrowing 3 bits.
c) Implement a subnet mask borrowing 4 bits.
d) Something else
20. To view all computer roles in the domain you would run _____ on the PDC
a) server manager
b) computer manager
c) domain manager
d) shift manager
21. A BDC is promoted by ________
a) reinstalling Windows NT
b) naming the BDC as the PDC
c) using server manager
d) 2 & 3
22. For connectivity to UNIX systems connected to your WindowsNT network, you would use:
a) TCP/IP
b) NetBEUI
c) NetBIOS
d) UNC
23. Disk striping without parity requires _____ physical hard drives
a) 2 b) 3 c) 4 d) > 4
24. When a hard drive that is part of the mirror set dies, the easiest and quickest way to get backup up and
running is to:
a) replace the drive with an exact match
b) Reboot
c) Remove the drive and reboot
d) break the mirror set, replace the drive, reset the mirror set
25. You are given a diagram of a subnetted class B network. In the middle there is a router at 160.110.4.1,
there is a workstation at 160.110.7.100 that can't communicate with an NT server at 160.110.4.17. The subnet
mask on everything is 255.255.252.0. There are also some printers, and other workstations placed in there
to throw you off track. The answers (choose two)?
a) Change the subnet mask to 255.255.240.0
b) Change the subnet mask to 255.255.248.0
c) Place the problem workstation on the same subnet as the NT server
d) Some lame answer about changing the IP of one of the bogus workstations.
e) Change the default gateway of the problem workstation to 160.110.4.1
26. What is the protocol used in windows 95 for peer-to-peer networking?
a. TCP/IP b) NetBIOS c) NetBEUI d) IPX.SPX
27. You have an Ethernet network and a Tokin Ring network. When you send a file from Token Ring to
Ethernet it takes 2 minutes. When you send the same file from Ethernet to Token Ring it takes 30
seconds.What is the cause?
a) The Ethernet packet size is larger than the Token Ring packet size
b) The Token Ring packet size is larger than the Ethernet packet size.
c) The Token Ring network is slower
28. How many ohms is used for termination of a 10Base5 network?
a. 45 ohms b) 50 ohms c) 100 ohms
29. Which type of cabling is able to handle speeds up to 100Mbps.
a) CAT 3
b) Category 5
c) Category 100
30. An IP address is:
a) a 16-bit number written as a 4-decimal number with each 8 bits representing a byte.
b) a 32-bit octal number separated into 4 bytes.
c) a 32-bit number normally written as a 4-decimal number with each number representing 8 bits of the address.