Gidday goofballs, how're tings in happy happy land? This week we continued to focus on server installation practicals with a few add-ons to boot. Notes and practical specs are as below.
Remote Website Administration
One aspect of administrating a Web site is supplying the Web pages that make up the site. A number of Web design tools exist; the tools employed and the overall look and feel of the Web site depend on the purpose of the site.
Web content must be placed in the home directory of the site. The default Web site’s local path is c:\inetpub\wwwroot. You place or publish the content for the site in this directory.
You can preview Web content locally using your Web browser and the IP address or NetBIOS name of the server. For example, the content on a Web server named wimpy could be accessed using the command http://wimpy
Administrating the Web Site Remotely
You manage and administer your Web sites using the IIS Manager snap-in. Content can be added to Web directories using Windows Explorer or by selecting Explore from the shortcut menu of any Web site in the IIS Manager. Another option for managing your Web sites is the Remote Administration Web Interface.
To install Remote Administration, follow these steps:
1. Select Start, Control Panel, then Add or Remove Programs
2. In the Add or Remove Programs window, select the Add/Remove Windows Components icon. The Windows Components Wizard appears
3. Selection Applications Server in the Components list and then click Details
4. Click the Internet Information Services (IIS) subcomponent and then click Details.
5. Select World Wide Web Service and then click Details
6. Select the Remove Administration (HTML) check box and then click OK. Click OK two more times to return to the wizard’s main screen.
7. Click Next to begin the installation of the Remote Administration component.
8. Click Finish when the process is complete.
After Remove Administration is installed, you can connect to a remote Web server. Follow these steps:
1. Click the Start button and then select Run
2. In the Run dialog box, type https://server name/ip:8098 (eg. https://192.168.0.1:8098)
3. Then click OK
4. Internet Explorer opens, and a username and password dialog box appears. Enter a username with administrative privileges and an appropriate password.
5. Then click OK
The Web Remote Administration page opens. The Web interface provides links to a number of administrative tasks at the top of the page.
Administration Web Page Tools
Welcome Links are available to set the Administrator password, the server name, and the default page for the server
Status Alerts related to the site are shown on this page. For example, alerts might be related to features not configured, such as email alerts or configuration of a certificate for the server
Sites This page lists the sites on the server and enables you to start and stop the service. You can also create new Web sites from this page
Web Server This page enables you to configure the server’s general settings, such as the root directory and the number of maximum connections. Links to Web and FTP logs are provided. Links to FTP settings include FTP messages and FTP master setting.
Network You can set the server name and domain membership and configure the network interface properties on the server. You can also configure the IP address that will be used for remote administration of the server.
Users This page enables you to manage local users and groups on the server
Maintenance This page enables you to set the date and time on the server, view log files, and set the alert email for the server. You can also shut down or restart the server manually or by creating a schedule
Help This page provides a list of help topics for using the Web interface for Web server administration
Many of the common tasks for managing the Web server are found on the various administration pages. The Administration Web page provides a way to quickly manage some of the basic settings related to your IIS server and your Web sites on the server, but it can not perform all the tasks found in the IIS Manager snap-in.
Practical Task
1. Install Windows Server 2003
2. Set up Client->Server Network
3. Install and Configure Active Directory, DNS and DHCP
4. Create a User Account
5. Install and Test IIS
6. Install and Test FTP
7. Install and Test the Remote Website Administration tool
The install went smoothly enough although I did encounter a few problems along the way (as usual).
Well cheers for now groovers, stay safe and remember to wiggle it, just a little bit.
Monday, October 27, 2008
Monday, October 20, 2008
Networking Reflective Journal Week 13
Well hello all you beautiful blogging bunnies, how the devil are ya? I'm just fine and dandy thanks, but heh, let's cut the crap and get down to business dudes.
This week was once again focused mainly on revision of the server 2003 installation with all the usual bits and bobs as well as configuring FTP and installing an FTP client on the client machine then testing the connectivity with FTP client.
The process went something like this.
1 Install server 2003
2 Set up active directory, dhcp & dns
3 Create a user account
4. Set up client server network
5. Configure IIS
6. Test web server via client machine
7. Configure FTP
8. Install FTP client on client machine
9. Test FTP connection with FTP client
Revision questions.
1. What can be considered a disaster? Any unplanned interruption to normal business procedures that results from an interruption to the IT and network infrastructure that supports these business processes.
2. Why plan for disaster? You'd be a right dick-head if you didn't -it is to reduce the impact of a disaster and reduce the amount of time taken to recover from the disaster.
3. DRP stands for? Disaster recovery plan - A contingency plan covering how a business should recover from potential disasters disaster and continue functioning.
4. What are the two goals of a DRP? To prevent disruption from events that can be anticipated and to reduce the impact of disruptive events that cannot be avoided by documenting the steps to follow in the event of a disaster.
5. RAID stands for? Redundant arrays of independent disks
6. What are three techniques of RAID? Mirroring, parity and striping
7. Describe the five RAID levels?
Level 1 - data is striped across multiple drives.
Level 2 - data is mirrored across multiple disks.
Level 3 - Data is striped across three or more drives at a byte level with the parity information written to a dedicated parity disk.
Level 4 - Similar to raid 3, but the striping is implemented at a block level.
Level 5 - Data and parity is striped across three or more drives.
8. What is a UPS? Un-interruptible power supply
9. What is a cold site, a warm site and a hot site?
A cold site is the cheapest solution and provides only basic services. It has no IT equipment or infrastructure such as network cabling or office equipment and will need to be equipped before operations can resume.
A warm site is equipped with some or all of the equipment and services needed to begin operations. Before operations can be resumed computers and software will need to be installed and configured.
A hot site is a site that is available 24 hours a day, 7 days a week. These sites allow an organization to continue normal operations within a very short period of time.
Well dat'll be about de lot for 'dis week me little leprechauns, take it sleazy and don't do anything that I wouldn't........toodlepip for now.
This week was once again focused mainly on revision of the server 2003 installation with all the usual bits and bobs as well as configuring FTP and installing an FTP client on the client machine then testing the connectivity with FTP client.
The process went something like this.
1 Install server 2003
2 Set up active directory, dhcp & dns
3 Create a user account
4. Set up client server network
5. Configure IIS
6. Test web server via client machine
7. Configure FTP
8. Install FTP client on client machine
9. Test FTP connection with FTP client
Revision questions.
1. What can be considered a disaster? Any unplanned interruption to normal business procedures that results from an interruption to the IT and network infrastructure that supports these business processes.
2. Why plan for disaster? You'd be a right dick-head if you didn't -it is to reduce the impact of a disaster and reduce the amount of time taken to recover from the disaster.
3. DRP stands for? Disaster recovery plan - A contingency plan covering how a business should recover from potential disasters disaster and continue functioning.
4. What are the two goals of a DRP? To prevent disruption from events that can be anticipated and to reduce the impact of disruptive events that cannot be avoided by documenting the steps to follow in the event of a disaster.
5. RAID stands for? Redundant arrays of independent disks
6. What are three techniques of RAID? Mirroring, parity and striping
7. Describe the five RAID levels?
Level 1 - data is striped across multiple drives.
Level 2 - data is mirrored across multiple disks.
Level 3 - Data is striped across three or more drives at a byte level with the parity information written to a dedicated parity disk.
Level 4 - Similar to raid 3, but the striping is implemented at a block level.
Level 5 - Data and parity is striped across three or more drives.
8. What is a UPS? Un-interruptible power supply
9. What is a cold site, a warm site and a hot site?
A cold site is the cheapest solution and provides only basic services. It has no IT equipment or infrastructure such as network cabling or office equipment and will need to be equipped before operations can resume.
A warm site is equipped with some or all of the equipment and services needed to begin operations. Before operations can be resumed computers and software will need to be installed and configured.
A hot site is a site that is available 24 hours a day, 7 days a week. These sites allow an organization to continue normal operations within a very short period of time.
Well dat'll be about de lot for 'dis week me little leprechauns, take it sleazy and don't do anything that I wouldn't........toodlepip for now.
Monday, October 13, 2008
Networking reflective journal week 12
Ola gringos.
This week we performed the usual installation of Windows server 2003 and all the trimmings as well as adding an ftp site and testing it.
Class notes as below.
Disaster Recovery
Introduction
What is a disaster? Most organisations now rely on their IT and network infrastructure for their usual business processes to continue. Certainly on September 11, 2001 when the World Trade Centre was attacked, the disaster was truly catastrophic for all the organisations housed in the World Trade Centre towers – staff were killed, computer systems and data were destroyed.
Not all disaster are so catastrophic – for example, the failure of the hard drive in a domain controller would be considered a disaster as users would be unable to gain access to network resources. For the process of establishing a disaster recovery plan, a disaster may be defined as any unplanned interruption to normal business procedures that results from an interruption to the IT and network infrastructure that supports these business processes. This can include the system hardware and software components, the data; the staff that help maintain these systems and the buildings that house those systems.
A disaster recovery plan (DRP) is a plan that an organisation develops and maintains to reduce the impact of a disaster and reduce the amount of time taken to recover from the disaster. The DRP will have two main goals:
• Firstly, to prevent disruption from events that can be anticipated
• Secondly, to reduce the impact of disruptive events that cannot be avoided by documenting the steps to follow in the event of a disaster
Disaster recovery planning is often mentioned along with another term – business continuity planning and the development of a business continuity play (BCP). The differences between disaster recovery planning and business continuity planning are not that clearly defined and vary between organisations. For the purposes of this Unit, we will work with the definition that disaster recovery planning focuses on the recovery of the IT system infrastructure to the state that it was before the disaster struck to support the recovery of the business. Business continuity planning usually has a broader focus being concerned with ensuring that the organisation can continue all business activities after a disaster.
For example, think of a local council public library. The core business of this library is to provide the service of lending books, along with providing reference and resource materials to the general public. If there was a disaster in the library such as a fire, the DRP would detail strategies to manage the restoration of the IT functions of the library such as the membership and catalogue details store electronically. The BCP would detail strategies to ensure that the library could resume its core business of lending books to the public, possible from a new location and with new books. The two plans are interrelated by have separate outcomes.
In this lesson you will look at disaster recovery planning and how as a network systems administrator you can provide input into the planning of the DRP and provide information on this DRP to the system users.
Why plan for disaster
Organisations are now very dependent on their IT services for the conduct of their daily business. Some of the disasters that can occur include:
• Natural disaster such as fire, flood, earthquake, lightning, landslide, severe windstorm, hurricane or tsunami
• Failure of resources internal to the organisation such as equipment or network failure
• Failure of a resource external to the organisation such as power failure or telecommunication failure over which the organisation has no control
• User errors
• Criminal activities by people either internal to the organisation or external to the organisation such as hackers
• Attacks from viruses or other malware
It is necessary to plan how the organisation will recover from a disaster for several reasons including:
• Interruption to business: The service or goods provided by the orgnisation will be disrupted with potential loss of customers who are inconvenienced by the lack of service or late supply of goods
• Financial lost: If the organisation can’t fulfill its normal business processes then that has the ability to impact on an organisation very quickly
• Legal responsibility: Organisations have legal responsibilities such as the maintenance of records
Developing the disaster recovery plan
Organisations need to take every possible measure to ensure efficient and effective recovery in the event of a disaster. The following steps provide a guideline for developing the disaster recovery plan.
Develop the planning policy statement
To develop a DRP will require the input of different groups within the organisation, including the network administrator, management and other interested parties from the organisation. it is important that the DRP is developed with the support of the organisation’s management as an effective plan requires the input from many sources and will also require management approval for expenditure.
During this step the scope of the DRP will be established. Large organisations may develop separate disaster recovery plans for different subsystems of their IT services.
Conduct a risk analysis
The business process of the organisation will be identified at this stage with input from users, department managers and senior management.
As a network administrator, your input will be required to identify the IT resources that support these business processes. At this stage all the IT systems and components need to be identified, usually through an auditing process. The possible threats or risks are identified and the likelihood of that event occurring is assessed.
The impact of the loss then needs to be identified an allowable outage times defined. For example, consider the event of a domain controller failing and users not being able to connect to the network to use the organisations accounting application to send out the monthly invoices. This will have a lot more impact on the organisation than the failure of a switch with five users attached.
Identify preventative controls
Preventative controls are measures that can be taken to reduce the effects of system disruptions and can increase system availability. When conducting the risk assessment it can help identify areas that the risk impact can be removed or lessened by preventative controls. For example, from the risk assessment it may have been identified that the impact of the domain controller failing would be a lot less if another domain controller was installed.
Develop recovery strategies
Recovery strategies ensure that the system may be recovered quickly and effectively following a disruption. Strategies that can be considered here include data recovery strategies such as backup and the use of an alternate site in the event of a catastrophic disaster.
Develop the disaster recovery plan
The disaster recovery plan is a formal document that contains detailed guidance and procedures for restoring a damaged system
Testing the disaster recovery plan
It is important that the DRP is tested to identify any gaps in the planning and allows for staff to be trained in the DRP procedures
Maintaining the disaster recovery plan
As systems are upgraded, the DRP should be updated.
Assessing the risk
The processes of risk assessment is a series of steps that involves:
• identify components
• identify threats
• assess likelihood
• consider the impact
After the risks are assessed, preventive controls need to be identified and disaster recovery strategies developed.
Identify components
The first step in assessing the risk is to identify and document the major components of the network required to support the business processes. As a network administrator, your input will be required to help complete this documentation. Details will be required of:
• computer hardware
• software
• network hardware
• data
• people
The documentation should include network diagrams and building floor plans showing the location of equipment.
Identify threats
The next step is to identify the threats and risks that exist for each of the components. Some examples include:
• theft
• vandalism
• fire
• flood
• power loss
• unauthorised access
Assess likelihood
The next step is to assess how likely the occurrence of the threat might be. This assessment is usually based on previous history – look at whether this event has occurred before. A ranking scheme will be used similar to the scheme below:
• low – unlikely to happen
• medium – may happen
• high – threat is likely to occur
Consider the impact
The next step is to consider the impact of each event. A ranking scheme would also be used here
• very serious – critical business functions cannot be performed
• serious – normal operations are disrupted
• non-critical – the disruption can be dealt with by other methods
Preventive Controls
The table below details some of the preventive controls that might be identified. As administrator, you will be able to advise what procedures are already in place and identify areas that where the preventive measures will need to be implemented.
Preventative measure Protects against:
RAID disc array Depending on the level of RAID installed this can protect against a disk failure
Surge protector Protect against power fluctuations
UPS Protect against short power outages and protect against power fluctuations
Generator Protect against long power outages
Installation of antivirus software Protect against virus threats
Redundancy Protect against component failure
User security Protection against unauthorized access to the system
Access control Protect against unauthorized access to data
Encryption Protect against unauthorized access to data
Redundancy
Redundancy is the duplication of information or hardware equipment components to ensure that should a primary resource fail, a secondary resource can take over its function. By introducing redundancy to a system the fault tolerance of the system is increases. Fault tolerance is the ability for a computer system to continue operating correctly in the event of a failure of one or more components to withstand and recover from a failure.
RAID (Redundant Independent Disks)
The concept of RAID was developed by researchers at the University of California at Berkeley in the 1980’s and was known as Redundant Arrays of Inexpensive Disks. The fundamental principles of RAID is to combine two or more hard drives into a single logical unit providing fault tolerance and/or improved performance. RAID technology uses three techniques:
• mirroring
• parity
• striping
Mirroring – the system writes the same data to different disks at the same time. If one disk fails, the system can operate from the working drive. Mirroring allows for data redundancy but does not improve the system performance. It has a high overhead cost as 50% of the disks on the array are reserved for duplicate data.
Parity – is a technique of checking whether data has been lost or written over by storing an additional bit with each byte of data
Striping – is a technique where bytes or groups of bytes are distributed across multiple drives, so more than one disk is reading and writing simultaneously which improves the data transfer performance. Striping provides no fault tolerance.
RAID can be implemented as either:
• hardware RAID which includes a set of disks and a separate dedicated RAID disk controller and will appear to the operating system as one hard drive
• software RAID which uses software (usually provided by the operating system) to implement and control RAID over two or more disks
The more expensive RAID systems support hot swapping, which means that a drive can be replaced while the rest of the system is still functioning. These drives are known as hot swappable.
RAID levels
There are various levels of RAID that can be implemented which offered different levels of fault tolerance, performance, reliability and cost and these levels are summarised in the table below:
RAID Level Description Comments
1 Data is striped across multiple drives Faster performance, no fault tolerance
2 Data is mirrored across multiple disks (usually two) High fault tolerance
3 Data is striped across three or more drives at a byte level with the parity information written to a dedicated parity disk The dedicated parity drive is a single point of failure
4 Similar to RAID 3, but the striping is implemented at a block level Not commonly used
5 Data and parity is stripped across three or more drives Widely used, if one drive fails, the data from the failed drive can be rebuilt from the data store on the other drives in the array
Further levels of RAID are available by using arrays that use a combination of the techniques defined above, for example RAID 10 is RAID 1 + 0. The drives are striped for performance (RAID 0), and all stripped drives are duplicated (RAID 1) for fault tolerance.
Implementing RAID systems does not replace having backup procedures. Although most levels of RAID offer a degree of fault tolerance, they do not protect against such disasters as unexpected hard disk failures, failures of support hardware or physical damage.
Power Protection
Without power none of the computer or network systems will work. Problems in the power system include:
• Blackout: total loss of power. This may be for a few minutes, a few hours or in the case of a sever natural disaster such as bushfire, a few days
• Brownout: a condition where the voltage of the electrical supply is below the standard level. For computer equipment to work, the voltage level must remain in a specified range
• Surge: a condition where there is a momentary spike in the electrical supply which can be harmful to computer equipment. The most common time for this to occur is during a thunderstorm
Preventive measures that organizations can take to protect against power problems include the installation of surge protectors (sometimes called surge arresters), uninterruptable power supplies (UPS) or generators.
Surge protector
A surge protector is a device that filters the incoming electrical supply to provide a constant voltage by removing any surges. This is the cheapest option and does not provide any protection against a brownout or blackout.
Uninterruptible Power Supply (UPS)
A UPS is a device designed to provide a backup power supply from batteries for a short period of time in the event of a blackout. It is usually used to allow a proper shutdown of the equipment that it is protecting, ensuring that files and data is not corrupted. Depending on the configuration of a device it may also offer protection against a brownout. Most UPS devices include surge protection in their design.
There are two common types of UPS systems available – standby UPS and continuous UPS. The standby UPS runs the computer from the normal power source and any drop in voltage is detected by the UPS which switches over to the battery power automatically. A standby UPS is suitable home or small business use and is cheaper.
A continuous (sometimes called online) UPS runs the computer from the battery supply which means that the device has a faster response time to a power failure.
Standby generator
A standby generator will allow for the provision of power to a site for an extended period. For critical operations, UPS systems will be backed up by a standby generator to ensure no downtime.
Recovery Strategies
Recovery strategies provide a means to restore IT operations quickly and effectively following a service disruption. The table below details some of the recovery strategies that might be identified. As a network administrator, you will be able to advise what procedures are already in place and identify areas that where a recovery strategy need to be developed.
Recovery strategy Why used
Backup and recovery strategy To restore data that has been lost or corrupted
Use of hot, warm or cold sites To recover from a major disaster
Equipment replacement strategy To replace stole, damaged or faulty equipment
Backup and recovery strategy
The backup and recovery strategy needs to record details for the organizations backup and restore procedures including:
• what data is to be backed up
• backup frequency and method (full, differential or incremental)
• who is responsible to perform the backup
• location of onsite backup media
• location of offsite backup media and contact details if any
• backup test procedures
• restoration procedure
Offsite storage of backup media is important, as it provides a greater level of security as there is the risk that a disaster such as a fire or flood will destroy the original data and the backup. The offsite location should be in a secure location from which it can be retrieved quickly.
Use of hot, warm or cold sites
If the organization suffers a large scale disaster such as the loss of a building to fire, the disasters recovery plan may include a strategy to perform the system operations at an alternate site.
Alternate sites are categorized by the level of readiness for system operation that they have, ranging from a cold site to warm site to hot site.
A cold site is the cheapest solution and provides only basic services. It has no IT equipment or infrastructure such as network cabling or office equipment and will need to be equipped before operations can resume.
A warm site is equipped with some or all of the equipment and services needed to begin operations. Before operations can be resumed computers and software will need to be installed and configured.
A hot site is a site that is available 24 hours a day, 7 days a week. These sites allow an organization to continue normal operations within a very short period of time.
Equipment replacement strategy
The equipment replacement strategy will detail how IT equipment will be replaced if required. It will include details of any preferred suppliers or service level agreements and contact details. It will also include details of insurance policies and contact details.
Disaster recovery plan format
The disaster recovery plan will be a formal document that includes all of the details that we have discussed in this lesson.
• Title page
• Table of contents
• Version information – the version number, author and revision history
• Introduction – including what the major goals and objectives of the plan are
• Disaster recovery scope =- details of what the plan covers
• Identification of the major business processes and associated IT resources
• Emergency notification procedures
• Disaster recovery team members – names, contact numbers, roles and responsibilities
• Procedure to declare a disaster
• Risk assessment
• Risk analysis
• Recovery priorities
• Preventative measures and procedures
• Recovery strategies and procedures
• Insurance details – details and contacts
• Vendor details
• Disaster recovery plan maintenance – who is responsible to update the plan
• Disaster recovery plan testing – what is the test plan and who will conduct the test
• Training – policies and procedures for training your organizations employees
• Conclusion
• Bibliography
• Appendices – copies of all the procedures that have been referenced
Testing the disaster recovery plan
The disaster recovery plan should be tested to verify the completeness of the plan. As a network engineer you will do part of this testing as you implement the recovery strategies developed.
Testing ensures that these strategies and procedures are understood by all the staff and that they are correct. Testing can identify problem areas that need to be rectified and the disaster recovery plan or procedure modified.
The test plan should identify how the tests will be conducted. For example, it may not be possible to test the failure of a domain controller or email server during working hours and the test may be scheduled out of hours or the failure may be simulated by applying the procedure to an identical server off line.
As data and system backup is an integral part of disaster recovery, it should be tested regularly.
Informing users about the disaster recovery plan
The disaster recovery plan is not normally available to all members of staff, but users need to be informed about the contents of the disaster recovery plan as it affects them.
Two areas of main concern for users are backup and viruses.
Backup
Users need to be informed where data should be stored so that it is backed up as part of the disaster recovery plan. They should also be informed of the frequency of the backup and the procedure to follow if they want to recover files from the backup media.
Viruses
Users need to be informed of the procedure to follow if the antivirus software detects a virus.
This information may be included in an organizations IT policy or published on the organizations IT intranet site.
No revision questions this week.
That's all for now folks......toodlepip geezers.
This week we performed the usual installation of Windows server 2003 and all the trimmings as well as adding an ftp site and testing it.
Class notes as below.
Disaster Recovery
Introduction
What is a disaster? Most organisations now rely on their IT and network infrastructure for their usual business processes to continue. Certainly on September 11, 2001 when the World Trade Centre was attacked, the disaster was truly catastrophic for all the organisations housed in the World Trade Centre towers – staff were killed, computer systems and data were destroyed.
Not all disaster are so catastrophic – for example, the failure of the hard drive in a domain controller would be considered a disaster as users would be unable to gain access to network resources. For the process of establishing a disaster recovery plan, a disaster may be defined as any unplanned interruption to normal business procedures that results from an interruption to the IT and network infrastructure that supports these business processes. This can include the system hardware and software components, the data; the staff that help maintain these systems and the buildings that house those systems.
A disaster recovery plan (DRP) is a plan that an organisation develops and maintains to reduce the impact of a disaster and reduce the amount of time taken to recover from the disaster. The DRP will have two main goals:
• Firstly, to prevent disruption from events that can be anticipated
• Secondly, to reduce the impact of disruptive events that cannot be avoided by documenting the steps to follow in the event of a disaster
Disaster recovery planning is often mentioned along with another term – business continuity planning and the development of a business continuity play (BCP). The differences between disaster recovery planning and business continuity planning are not that clearly defined and vary between organisations. For the purposes of this Unit, we will work with the definition that disaster recovery planning focuses on the recovery of the IT system infrastructure to the state that it was before the disaster struck to support the recovery of the business. Business continuity planning usually has a broader focus being concerned with ensuring that the organisation can continue all business activities after a disaster.
For example, think of a local council public library. The core business of this library is to provide the service of lending books, along with providing reference and resource materials to the general public. If there was a disaster in the library such as a fire, the DRP would detail strategies to manage the restoration of the IT functions of the library such as the membership and catalogue details store electronically. The BCP would detail strategies to ensure that the library could resume its core business of lending books to the public, possible from a new location and with new books. The two plans are interrelated by have separate outcomes.
In this lesson you will look at disaster recovery planning and how as a network systems administrator you can provide input into the planning of the DRP and provide information on this DRP to the system users.
Why plan for disaster
Organisations are now very dependent on their IT services for the conduct of their daily business. Some of the disasters that can occur include:
• Natural disaster such as fire, flood, earthquake, lightning, landslide, severe windstorm, hurricane or tsunami
• Failure of resources internal to the organisation such as equipment or network failure
• Failure of a resource external to the organisation such as power failure or telecommunication failure over which the organisation has no control
• User errors
• Criminal activities by people either internal to the organisation or external to the organisation such as hackers
• Attacks from viruses or other malware
It is necessary to plan how the organisation will recover from a disaster for several reasons including:
• Interruption to business: The service or goods provided by the orgnisation will be disrupted with potential loss of customers who are inconvenienced by the lack of service or late supply of goods
• Financial lost: If the organisation can’t fulfill its normal business processes then that has the ability to impact on an organisation very quickly
• Legal responsibility: Organisations have legal responsibilities such as the maintenance of records
Developing the disaster recovery plan
Organisations need to take every possible measure to ensure efficient and effective recovery in the event of a disaster. The following steps provide a guideline for developing the disaster recovery plan.
Develop the planning policy statement
To develop a DRP will require the input of different groups within the organisation, including the network administrator, management and other interested parties from the organisation. it is important that the DRP is developed with the support of the organisation’s management as an effective plan requires the input from many sources and will also require management approval for expenditure.
During this step the scope of the DRP will be established. Large organisations may develop separate disaster recovery plans for different subsystems of their IT services.
Conduct a risk analysis
The business process of the organisation will be identified at this stage with input from users, department managers and senior management.
As a network administrator, your input will be required to identify the IT resources that support these business processes. At this stage all the IT systems and components need to be identified, usually through an auditing process. The possible threats or risks are identified and the likelihood of that event occurring is assessed.
The impact of the loss then needs to be identified an allowable outage times defined. For example, consider the event of a domain controller failing and users not being able to connect to the network to use the organisations accounting application to send out the monthly invoices. This will have a lot more impact on the organisation than the failure of a switch with five users attached.
Identify preventative controls
Preventative controls are measures that can be taken to reduce the effects of system disruptions and can increase system availability. When conducting the risk assessment it can help identify areas that the risk impact can be removed or lessened by preventative controls. For example, from the risk assessment it may have been identified that the impact of the domain controller failing would be a lot less if another domain controller was installed.
Develop recovery strategies
Recovery strategies ensure that the system may be recovered quickly and effectively following a disruption. Strategies that can be considered here include data recovery strategies such as backup and the use of an alternate site in the event of a catastrophic disaster.
Develop the disaster recovery plan
The disaster recovery plan is a formal document that contains detailed guidance and procedures for restoring a damaged system
Testing the disaster recovery plan
It is important that the DRP is tested to identify any gaps in the planning and allows for staff to be trained in the DRP procedures
Maintaining the disaster recovery plan
As systems are upgraded, the DRP should be updated.
Assessing the risk
The processes of risk assessment is a series of steps that involves:
• identify components
• identify threats
• assess likelihood
• consider the impact
After the risks are assessed, preventive controls need to be identified and disaster recovery strategies developed.
Identify components
The first step in assessing the risk is to identify and document the major components of the network required to support the business processes. As a network administrator, your input will be required to help complete this documentation. Details will be required of:
• computer hardware
• software
• network hardware
• data
• people
The documentation should include network diagrams and building floor plans showing the location of equipment.
Identify threats
The next step is to identify the threats and risks that exist for each of the components. Some examples include:
• theft
• vandalism
• fire
• flood
• power loss
• unauthorised access
Assess likelihood
The next step is to assess how likely the occurrence of the threat might be. This assessment is usually based on previous history – look at whether this event has occurred before. A ranking scheme will be used similar to the scheme below:
• low – unlikely to happen
• medium – may happen
• high – threat is likely to occur
Consider the impact
The next step is to consider the impact of each event. A ranking scheme would also be used here
• very serious – critical business functions cannot be performed
• serious – normal operations are disrupted
• non-critical – the disruption can be dealt with by other methods
Preventive Controls
The table below details some of the preventive controls that might be identified. As administrator, you will be able to advise what procedures are already in place and identify areas that where the preventive measures will need to be implemented.
Preventative measure Protects against:
RAID disc array Depending on the level of RAID installed this can protect against a disk failure
Surge protector Protect against power fluctuations
UPS Protect against short power outages and protect against power fluctuations
Generator Protect against long power outages
Installation of antivirus software Protect against virus threats
Redundancy Protect against component failure
User security Protection against unauthorized access to the system
Access control Protect against unauthorized access to data
Encryption Protect against unauthorized access to data
Redundancy
Redundancy is the duplication of information or hardware equipment components to ensure that should a primary resource fail, a secondary resource can take over its function. By introducing redundancy to a system the fault tolerance of the system is increases. Fault tolerance is the ability for a computer system to continue operating correctly in the event of a failure of one or more components to withstand and recover from a failure.
RAID (Redundant Independent Disks)
The concept of RAID was developed by researchers at the University of California at Berkeley in the 1980’s and was known as Redundant Arrays of Inexpensive Disks. The fundamental principles of RAID is to combine two or more hard drives into a single logical unit providing fault tolerance and/or improved performance. RAID technology uses three techniques:
• mirroring
• parity
• striping
Mirroring – the system writes the same data to different disks at the same time. If one disk fails, the system can operate from the working drive. Mirroring allows for data redundancy but does not improve the system performance. It has a high overhead cost as 50% of the disks on the array are reserved for duplicate data.
Parity – is a technique of checking whether data has been lost or written over by storing an additional bit with each byte of data
Striping – is a technique where bytes or groups of bytes are distributed across multiple drives, so more than one disk is reading and writing simultaneously which improves the data transfer performance. Striping provides no fault tolerance.
RAID can be implemented as either:
• hardware RAID which includes a set of disks and a separate dedicated RAID disk controller and will appear to the operating system as one hard drive
• software RAID which uses software (usually provided by the operating system) to implement and control RAID over two or more disks
The more expensive RAID systems support hot swapping, which means that a drive can be replaced while the rest of the system is still functioning. These drives are known as hot swappable.
RAID levels
There are various levels of RAID that can be implemented which offered different levels of fault tolerance, performance, reliability and cost and these levels are summarised in the table below:
RAID Level Description Comments
1 Data is striped across multiple drives Faster performance, no fault tolerance
2 Data is mirrored across multiple disks (usually two) High fault tolerance
3 Data is striped across three or more drives at a byte level with the parity information written to a dedicated parity disk The dedicated parity drive is a single point of failure
4 Similar to RAID 3, but the striping is implemented at a block level Not commonly used
5 Data and parity is stripped across three or more drives Widely used, if one drive fails, the data from the failed drive can be rebuilt from the data store on the other drives in the array
Further levels of RAID are available by using arrays that use a combination of the techniques defined above, for example RAID 10 is RAID 1 + 0. The drives are striped for performance (RAID 0), and all stripped drives are duplicated (RAID 1) for fault tolerance.
Implementing RAID systems does not replace having backup procedures. Although most levels of RAID offer a degree of fault tolerance, they do not protect against such disasters as unexpected hard disk failures, failures of support hardware or physical damage.
Power Protection
Without power none of the computer or network systems will work. Problems in the power system include:
• Blackout: total loss of power. This may be for a few minutes, a few hours or in the case of a sever natural disaster such as bushfire, a few days
• Brownout: a condition where the voltage of the electrical supply is below the standard level. For computer equipment to work, the voltage level must remain in a specified range
• Surge: a condition where there is a momentary spike in the electrical supply which can be harmful to computer equipment. The most common time for this to occur is during a thunderstorm
Preventive measures that organizations can take to protect against power problems include the installation of surge protectors (sometimes called surge arresters), uninterruptable power supplies (UPS) or generators.
Surge protector
A surge protector is a device that filters the incoming electrical supply to provide a constant voltage by removing any surges. This is the cheapest option and does not provide any protection against a brownout or blackout.
Uninterruptible Power Supply (UPS)
A UPS is a device designed to provide a backup power supply from batteries for a short period of time in the event of a blackout. It is usually used to allow a proper shutdown of the equipment that it is protecting, ensuring that files and data is not corrupted. Depending on the configuration of a device it may also offer protection against a brownout. Most UPS devices include surge protection in their design.
There are two common types of UPS systems available – standby UPS and continuous UPS. The standby UPS runs the computer from the normal power source and any drop in voltage is detected by the UPS which switches over to the battery power automatically. A standby UPS is suitable home or small business use and is cheaper.
A continuous (sometimes called online) UPS runs the computer from the battery supply which means that the device has a faster response time to a power failure.
Standby generator
A standby generator will allow for the provision of power to a site for an extended period. For critical operations, UPS systems will be backed up by a standby generator to ensure no downtime.
Recovery Strategies
Recovery strategies provide a means to restore IT operations quickly and effectively following a service disruption. The table below details some of the recovery strategies that might be identified. As a network administrator, you will be able to advise what procedures are already in place and identify areas that where a recovery strategy need to be developed.
Recovery strategy Why used
Backup and recovery strategy To restore data that has been lost or corrupted
Use of hot, warm or cold sites To recover from a major disaster
Equipment replacement strategy To replace stole, damaged or faulty equipment
Backup and recovery strategy
The backup and recovery strategy needs to record details for the organizations backup and restore procedures including:
• what data is to be backed up
• backup frequency and method (full, differential or incremental)
• who is responsible to perform the backup
• location of onsite backup media
• location of offsite backup media and contact details if any
• backup test procedures
• restoration procedure
Offsite storage of backup media is important, as it provides a greater level of security as there is the risk that a disaster such as a fire or flood will destroy the original data and the backup. The offsite location should be in a secure location from which it can be retrieved quickly.
Use of hot, warm or cold sites
If the organization suffers a large scale disaster such as the loss of a building to fire, the disasters recovery plan may include a strategy to perform the system operations at an alternate site.
Alternate sites are categorized by the level of readiness for system operation that they have, ranging from a cold site to warm site to hot site.
A cold site is the cheapest solution and provides only basic services. It has no IT equipment or infrastructure such as network cabling or office equipment and will need to be equipped before operations can resume.
A warm site is equipped with some or all of the equipment and services needed to begin operations. Before operations can be resumed computers and software will need to be installed and configured.
A hot site is a site that is available 24 hours a day, 7 days a week. These sites allow an organization to continue normal operations within a very short period of time.
Equipment replacement strategy
The equipment replacement strategy will detail how IT equipment will be replaced if required. It will include details of any preferred suppliers or service level agreements and contact details. It will also include details of insurance policies and contact details.
Disaster recovery plan format
The disaster recovery plan will be a formal document that includes all of the details that we have discussed in this lesson.
• Title page
• Table of contents
• Version information – the version number, author and revision history
• Introduction – including what the major goals and objectives of the plan are
• Disaster recovery scope =- details of what the plan covers
• Identification of the major business processes and associated IT resources
• Emergency notification procedures
• Disaster recovery team members – names, contact numbers, roles and responsibilities
• Procedure to declare a disaster
• Risk assessment
• Risk analysis
• Recovery priorities
• Preventative measures and procedures
• Recovery strategies and procedures
• Insurance details – details and contacts
• Vendor details
• Disaster recovery plan maintenance – who is responsible to update the plan
• Disaster recovery plan testing – what is the test plan and who will conduct the test
• Training – policies and procedures for training your organizations employees
• Conclusion
• Bibliography
• Appendices – copies of all the procedures that have been referenced
Testing the disaster recovery plan
The disaster recovery plan should be tested to verify the completeness of the plan. As a network engineer you will do part of this testing as you implement the recovery strategies developed.
Testing ensures that these strategies and procedures are understood by all the staff and that they are correct. Testing can identify problem areas that need to be rectified and the disaster recovery plan or procedure modified.
The test plan should identify how the tests will be conducted. For example, it may not be possible to test the failure of a domain controller or email server during working hours and the test may be scheduled out of hours or the failure may be simulated by applying the procedure to an identical server off line.
As data and system backup is an integral part of disaster recovery, it should be tested regularly.
Informing users about the disaster recovery plan
The disaster recovery plan is not normally available to all members of staff, but users need to be informed about the contents of the disaster recovery plan as it affects them.
Two areas of main concern for users are backup and viruses.
Backup
Users need to be informed where data should be stored so that it is backed up as part of the disaster recovery plan. They should also be informed of the frequency of the backup and the procedure to follow if they want to recover files from the backup media.
Viruses
Users need to be informed of the procedure to follow if the antivirus software detects a virus.
This information may be included in an organizations IT policy or published on the organizations IT intranet site.
No revision questions this week.
That's all for now folks......toodlepip geezers.
Networking reflective journal week 8
Bonjour toutes les peoples.
This week we did the usual install of windows server 2003 with all the trimmings plus concentrated on security access with regards to users and groups.
Class notes as follows:
Managing Users
Introduction
The main method for a user to gain access to resources on an organisation’s network is to have a user account created which will be authenticated at logon by the user providing the correct password.
Implementing a user account policy
Section: User account management
Policy
Access to computer systems will be controlled by usernames and passwords
To implement a user account policy, the procedures established will need to address the following points:
• Who has the authority to approve the creation of a new user account, or approve the modification of an account?
• What are the requirements for passwords and how can these requirements be enforced?
• Will a legal notice be displayed before logon?
• What happens when an employee leaves?
• Do the operating system default user settings match the requirement security settings?
User accounts need to be issued to users in accordance with the organisation’s user account policy so that they can gain access to network resources and services. For most organisations, passwords are the main way of authenticating users to the network or computer system, but if greater security is required biometrics devices such as fingerprint readers can be used.
To simplify administration, users are placed into groups and permissions to resources are allocated to the group. These groups can be either:
• Built-in or created at the time of the installation of the network operating system. These groups usually define what rights a user has to perform certain operation on the network operating system such as creating users or performing a backup
• User define or created by the network administrator to group users who require access to common resources
Authorising the creation or modification of new user account
User accounts are usually created upon receipt of a Request for User Account from that has been signed by an authorised officer and the User Account policy may define who is an authorised officer. When a user signs this form, usually they are signing to say that they have read and understood the organisations Acceptable Use Policy and agree to abide by those conditions.
Passwords
The requirements for the user with respect to passwords will be usually be published in the organisation’s Acceptable Use policy or in a Password policy. It is important that users are aware of the password policy so that they can select a suitable password when required. Most policies will state that the password is to be kept confidential and is not to be written down anywhere.
Recommendations for ‘strong’ passwords include:
• Use a minimum of 8 characters
• Use a mix of upper and lower case characters
• Use a mix of alphabet characters, numeric characters and non-alphanumeric characters such as ? # @
• Don’t use a dictionary word
• Don’t use something familiar about yourself such as your birth date, car make or pets name
• It is better to use an administrative tool in the network operating system to enforce any password policy rather than relying on the user to create a suitable password.
Display a legal notice
Some organisations display a banner that will display before a user logs on to the network. Usually this banner is a legal notice reminding users that they have agreed to abide by the Acceptable Use policy of the organisation.
When an employee leaves
When an employee leaves an organisation, there will be a process to be followed usually in the form of a checklist to ensure that all keys, access cards and equipment has been returned to the organisation. Different sections of the organisation need to be notified, the human resources section needs to modify its records, the financial departments will need to issue termination payments and the IT department of the organisation also needs to be notified.
The IT section may have their own checklist to remove the user access to the organisations IT service. All accounts will need to be disabled and any equipment such as a laptop returned.
Default User Settings
When a network Operating System is first installed, a user account is created that will allow the administration of the system and this account is known as administrator. In a windows system the administrator is placed into the Administrators built-in groups and staff authorised to perform network administration duties would be placed into this group.
The other primary group created is for standard users and it is important to know what permissions are assigned to this user group by default and this varies with the network operating system installed. One of the fundamental principles that underlies a security policy is that users and/or groups should be granted the most restrictive set of permissions needed to perform their work related duties.
Managing Access Control
Introduction
When planning a folder structure for your server, there are two considerations that need to be taken into account:
• Security – access to files and folders should be in accordance with the organisation’s security requirements
• Convenience – folders with similar security requirements should be grouped together, for example all user home folders should be grouped together. This allows the administration of backups and restores simpler
Designing the Folder System for a Server
When designing access to network resources, users will need access to several different types of shared folders. These are:
• User home folders
• Group shared folders
• Application folders
As a network administrator you might choose to store these folders on a separated drive or partition depending on the expected total storage capacity required. A separate partition would be recommended. To make the administration of backups easier, they should be separate from operating system and server application folders. When planning a folder system one thing to remember is that the one sure thing you can say about hard disk storage space is that you can never have too much.
It is also important to remember that permissions assigned to a folder will normally be ‘inherited’ by the subfolders contained within the folder unless that permission is explicitly blocked.
File System Access Control
Access for users to network resources such as applications or data is controlled by permissions assigned through the operating system. User s should be given access to network resources applications or data only at the level that they need to perform their work duties. When assigning permissions assign them to groups, not users as this simplifies the administration.
To document the file system access control an access control list (ACL) or a capability table are created. Both have the same information but in a different format.
Access Control List
RESOURCES Legend:
• F – Full
• W – Write
• R – Read
• X – Execute
• N - None
USER GROUPS Personnel Payroll Accounts General
Administrator F F F F
Users N N N R
Accounts N N F R
Payroll RX W N F
Management R R R F
Human Resources F R N F
Capability Table
Resources User Groups Legend:
• F – Full
• W – Write
• R – Read
• X – Execute
• N – None
Personnel Administrator F
Payroll RX
Payroll Administrator F
Payroll W
Management R
Human Resources R
Accounts Administrator F
Accounts F
Management R
General Administrator F
Users R
Accounts R
Payroll F
Management F
Human Resources F
Complete Activity 1
Giving users access to shared folders
To allow users access to a shared network folder, the most common method is to map a network drive. Mapping allocates an available drive letter which points to the shared folder location.
To locate a shared folder resource, UNC, or Universal Naming Convention, is used to specify the shared folder. The UNC for a Windows system is as follows:
\\server_name\share_name
• server_name – is the name of the server where the network share is located
• share_name – is the name of the shared network folder
Revision Questions.
Question 1
The main purpose of an organisation's security policy is to ensure the integrity, confidentiality and availability of key information assets and resources.
What is meant by the following?
• Integrity - ensuring that all procedures are followed to the letter.
• Confidentiality - Securing the user's personal information.
• Availability - Ensuring the user can properly login to the network.
Question 3 (True or False)
Policies are a formal and high-level statement of the organisation’s goals and objectives for a specified subject area? True
Question 4 (True or False)
Policies need not be reviewed periodically. False
Question 5
List two policy procedures you may come across in an organisation.
Download restrictions
Software installation restrictions.
Internet access restrictions.
That's all for this week chaps......toodlepip for now.
This week we did the usual install of windows server 2003 with all the trimmings plus concentrated on security access with regards to users and groups.
Class notes as follows:
Managing Users
Introduction
The main method for a user to gain access to resources on an organisation’s network is to have a user account created which will be authenticated at logon by the user providing the correct password.
Implementing a user account policy
Section: User account management
Policy
Access to computer systems will be controlled by usernames and passwords
To implement a user account policy, the procedures established will need to address the following points:
• Who has the authority to approve the creation of a new user account, or approve the modification of an account?
• What are the requirements for passwords and how can these requirements be enforced?
• Will a legal notice be displayed before logon?
• What happens when an employee leaves?
• Do the operating system default user settings match the requirement security settings?
User accounts need to be issued to users in accordance with the organisation’s user account policy so that they can gain access to network resources and services. For most organisations, passwords are the main way of authenticating users to the network or computer system, but if greater security is required biometrics devices such as fingerprint readers can be used.
To simplify administration, users are placed into groups and permissions to resources are allocated to the group. These groups can be either:
• Built-in or created at the time of the installation of the network operating system. These groups usually define what rights a user has to perform certain operation on the network operating system such as creating users or performing a backup
• User define or created by the network administrator to group users who require access to common resources
Authorising the creation or modification of new user account
User accounts are usually created upon receipt of a Request for User Account from that has been signed by an authorised officer and the User Account policy may define who is an authorised officer. When a user signs this form, usually they are signing to say that they have read and understood the organisations Acceptable Use Policy and agree to abide by those conditions.
Passwords
The requirements for the user with respect to passwords will be usually be published in the organisation’s Acceptable Use policy or in a Password policy. It is important that users are aware of the password policy so that they can select a suitable password when required. Most policies will state that the password is to be kept confidential and is not to be written down anywhere.
Recommendations for ‘strong’ passwords include:
• Use a minimum of 8 characters
• Use a mix of upper and lower case characters
• Use a mix of alphabet characters, numeric characters and non-alphanumeric characters such as ? # @
• Don’t use a dictionary word
• Don’t use something familiar about yourself such as your birth date, car make or pets name
• It is better to use an administrative tool in the network operating system to enforce any password policy rather than relying on the user to create a suitable password.
Display a legal notice
Some organisations display a banner that will display before a user logs on to the network. Usually this banner is a legal notice reminding users that they have agreed to abide by the Acceptable Use policy of the organisation.
When an employee leaves
When an employee leaves an organisation, there will be a process to be followed usually in the form of a checklist to ensure that all keys, access cards and equipment has been returned to the organisation. Different sections of the organisation need to be notified, the human resources section needs to modify its records, the financial departments will need to issue termination payments and the IT department of the organisation also needs to be notified.
The IT section may have their own checklist to remove the user access to the organisations IT service. All accounts will need to be disabled and any equipment such as a laptop returned.
Default User Settings
When a network Operating System is first installed, a user account is created that will allow the administration of the system and this account is known as administrator. In a windows system the administrator is placed into the Administrators built-in groups and staff authorised to perform network administration duties would be placed into this group.
The other primary group created is for standard users and it is important to know what permissions are assigned to this user group by default and this varies with the network operating system installed. One of the fundamental principles that underlies a security policy is that users and/or groups should be granted the most restrictive set of permissions needed to perform their work related duties.
Managing Access Control
Introduction
When planning a folder structure for your server, there are two considerations that need to be taken into account:
• Security – access to files and folders should be in accordance with the organisation’s security requirements
• Convenience – folders with similar security requirements should be grouped together, for example all user home folders should be grouped together. This allows the administration of backups and restores simpler
Designing the Folder System for a Server
When designing access to network resources, users will need access to several different types of shared folders. These are:
• User home folders
• Group shared folders
• Application folders
As a network administrator you might choose to store these folders on a separated drive or partition depending on the expected total storage capacity required. A separate partition would be recommended. To make the administration of backups easier, they should be separate from operating system and server application folders. When planning a folder system one thing to remember is that the one sure thing you can say about hard disk storage space is that you can never have too much.
It is also important to remember that permissions assigned to a folder will normally be ‘inherited’ by the subfolders contained within the folder unless that permission is explicitly blocked.
File System Access Control
Access for users to network resources such as applications or data is controlled by permissions assigned through the operating system. User s should be given access to network resources applications or data only at the level that they need to perform their work duties. When assigning permissions assign them to groups, not users as this simplifies the administration.
To document the file system access control an access control list (ACL) or a capability table are created. Both have the same information but in a different format.
Access Control List
RESOURCES Legend:
• F – Full
• W – Write
• R – Read
• X – Execute
• N - None
USER GROUPS Personnel Payroll Accounts General
Administrator F F F F
Users N N N R
Accounts N N F R
Payroll RX W N F
Management R R R F
Human Resources F R N F
Capability Table
Resources User Groups Legend:
• F – Full
• W – Write
• R – Read
• X – Execute
• N – None
Personnel Administrator F
Payroll RX
Payroll Administrator F
Payroll W
Management R
Human Resources R
Accounts Administrator F
Accounts F
Management R
General Administrator F
Users R
Accounts R
Payroll F
Management F
Human Resources F
Complete Activity 1
Giving users access to shared folders
To allow users access to a shared network folder, the most common method is to map a network drive. Mapping allocates an available drive letter which points to the shared folder location.
To locate a shared folder resource, UNC, or Universal Naming Convention, is used to specify the shared folder. The UNC for a Windows system is as follows:
\\server_name\share_name
• server_name – is the name of the server where the network share is located
• share_name – is the name of the shared network folder
Revision Questions.
Question 1
The main purpose of an organisation's security policy is to ensure the integrity, confidentiality and availability of key information assets and resources.
What is meant by the following?
• Integrity - ensuring that all procedures are followed to the letter.
• Confidentiality - Securing the user's personal information.
• Availability - Ensuring the user can properly login to the network.
Question 3 (True or False)
Policies are a formal and high-level statement of the organisation’s goals and objectives for a specified subject area? True
Question 4 (True or False)
Policies need not be reviewed periodically. False
Question 5
List two policy procedures you may come across in an organisation.
Download restrictions
Software installation restrictions.
Internet access restrictions.
That's all for this week chaps......toodlepip for now.
Networking reflective journal week 10
This week focused on a revision installation of server 2003, covering everything so far covered in the semester, otherwise known as a case study.
This included active directory, user accounts, groups, client access and security, DHCP, IIS, DNS, passwords etc.
We were given a first draft of the practical exam to ponder in preparation for the end of the year.
There were no class notes this week.
Revision questions.
Question 1
As well as file and printer services, networks can provide other services such as:
Security access control, Domain control, user administration, Web services, communication, etc.
Question 2
Network user authentication usually consists of a username and a password
Question 3 (True or False)
Users should be given access to network resources such as applications or data only at the level that they need to perform their work duties. True
Question 4
What does UNC stand for? Universal Naming Convention
Question 5
The UNC for a Windows system is as follows: server name/directory path
This included active directory, user accounts, groups, client access and security, DHCP, IIS, DNS, passwords etc.
We were given a first draft of the practical exam to ponder in preparation for the end of the year.
There were no class notes this week.
Revision questions.
Question 1
As well as file and printer services, networks can provide other services such as:
Security access control, Domain control, user administration, Web services, communication, etc.
Question 2
Network user authentication usually consists of a username and a password
Question 3 (True or False)
Users should be given access to network resources such as applications or data only at the level that they need to perform their work duties. True
Question 4
What does UNC stand for? Universal Naming Convention
Question 5
The UNC for a Windows system is as follows: server name/directory path
Monday, October 6, 2008
Networking Reflective Journal week 11
Today focused on a revision practical of last terms work. Each student completed an install of Windows server 2003 with IIS, DNS and DHCP, creating a server-user network to one machine via a hub. User accounts and groups were then created and connectivity between server and host was tested.
This was carried out successfully and was a beneficial lesson. We were also given the tasks for the practical exam in order to properly prepare. There were no other class notes this week and no revision questions.
Toodlepip for now.
This was carried out successfully and was a beneficial lesson. We were also given the tasks for the practical exam in order to properly prepare. There were no other class notes this week and no revision questions.
Toodlepip for now.
Subscribe to:
Posts (Atom)