Study Guide Test#1

Chapter 2: Study Guide
1. What are the different types of application architectures?

The different types of application architectures are: Host-based Architectures, Client-Based Architectures, Client-Server Architectures, Two-Tier, Three-Tier, and n-Tier architectures
2. Describe the four basic functions of an application software package.
The four basic functions of application software packages are: Data storage, data access logic, application logic, and presentation logic.
3. Suppose your organization was contemplating switching from a host-based architecture to client-server. What problems would you foresee?
I would foresee major problems with having to update the software on the server and clients to enable such a change to be possible and making sure that you-re wired correctly for the format to work.
4. Which is less expensive: host-based networks or client-server networks? Explain.
Client-server networks, since Host-based networks have high costs in mainframe upgrades whereas client-server networks only have the costs of the software (eg. middleware) and menial costs of the server. Microcomputers are more
than 1,000 times cheaper than mainframes for the same amount of computer power.
5. How does a thin client differ from a thick client?
A thin client differs from a thick client is that a thin-client places little or no application logic on the client, whereas a thick-client approach places all or almost all of the application logic on the client. Thin clients are easier to manage.
For what is HTTP used? What are its major parts?
It is the standard protocol for communicate between a Web browser and a Web Server.
- Request Line - Request Header - Request Body
12. What roles do SMTP, POP, and IMAP play in sending and receiving e-mail on the Internet?
SMTP: Bundles the message into an SMTP packet so that it can be transmitted.
POP: Copies the e-mail message to the client-s computer so that it can be read.
IMAP: E-mail messages can remain stored on the mail server after they are read.
13. What is cloud computing?
Cloud computing, often referred to as simply “the cloud,” is the delivery of on-demand computing resources—everything from applications to data centers—over the Internet on a pay-for-use basis.
1. How does a multipoint circuit differ from a point-to-point circuit?
Multipoint circuit known as shared circuit as well, illustrating the connectivity in which a computer shares the circuit with another. With one major disadvantage, allowing one computer to send and receive data when
using the circuit leaving other computers waiting for their turn as to one at a time option. The advantage of multipoint circuit it substitute the amount of cable required while efficiently utilizing the communication
circuit and its inexpensive to acquire vs. point-to-point circuits.
Point-to-point known as dedicated circuits, is the second type of physical circuits, which is named after its functionality in which one computer transmits data to another, hence from one point to another. Its relatively
expensive to maintain since its manually managed, and maintained.
2. Describe the three types of data flows.
The three types of data flows are simplex, half-duplex and full duplex. Simplex is one-way transmission, such as that in radio or broadcast TV transmission. Half duplex is two-way transmission, but you can transmit in only
one direction at a time. A half –duplex communication link is similar to a walkie-talkie link; only one computer can transmit at a time. With full-duplex transmission, you can transmit in both directions simultaneously, with
no turnaround time.l
3. Describe three types of guided media.
Twisted-Pair Cable
A common type of guided media is the twisted-pair cable, which is insulated pair of wires twisted and packed together in order to minimize the electromagnetic interface. Twisted-pair cables are commonly used for LAN such
as Cat 5e and Cat 6. This type of guided media can also be used for telephone line.
Coaxial Cable
Another type of guided media is the coaxial cable, which is more expensive than the typical twisted-pair cable, and provided with an inner conductor, and uses additional shielding in order to prevent interference and errors.
This type of guided media is vanishing due to the high cost associated with the implementation. The twisted-pair cable can be equipped with additional shielding that can provide the benefits of coaxial cable at a lower cost.
However, few companies still use coaxial cables that have been installed years ago.
Fiber-Optic Cable
Another commonly used type of guided media is fiber-optic cable, which uses high-speed streams, (light-emitting diodes) which carry digital information inside strands of glass known as optical fibers, and widely used in
medical imaging and mechanical engineering inspection.
4. How does analog data differ from digital data?
Analog waves are smooth and continuous where data is translated into electric pulses of varying amplitude, whereas digital waves are stepping, square, and discrete where data is first converted into binary format (zero or one) and then
transmitted.
5. Clearly explain the differences among analog data, analog transmission, digital data, and digital transmission.
6. Explain why most telephone company circuits are now digital.

Digital transmission produces fewer errors than analog transmission. Because the transmitted data is binary (only two distinct values), it is easier to detect and correct errors
Digital transmission permits higher maximum transmission rates. Fiber-Optic cable, for example, is designed for digital transmission.
Digital transmission is more efficient. It is possible to send more data through a given circuit using digital rather than analog transmission.
Digital transmission is more secure because it is easier to encrypt.
Finally, and most importantly, integrating voice, video, and data on the same circuit is far simpler with digital transmission.
7. What is coding?
A transformation or representation of information in a different form according to some set of per-established conventions.
8. Briefly describe three important coding schemes.
ASCII: standard code on most microcomputers. One 7-bit form that has 128 combos. and one 8 bit code that has 256 combos.
ISO 8859: 8-bit code that includes theASCII codes plus non-english lettersused by many european languages.
Unicode: 8 bit version, 16 bit version that can represent many more characters beyond the usual English or Latin characters.
9. What feature distinguishes serial mode from parallel mode?
Serial transmission is considerably slower than parallel transmission because there's only one wire to transmit one bit at a time.
10. What is bandwidth? What is the bandwidth in a traditional North American telephone circuit?
The difference between the highest and lowest frequencies in a band or set of frequencies. Standard telephone circuits have a bandwidth of 4000Hz
11. Describe how data could be transmitted using amplitude modulation, and frequency modulation?
With amplitude modulation, the amplitude or height of the wave is changed. One amplitude is defined to be 0, and another amplitude is defined to be a 1. At the highest amplitude represents a 1 and the lowest amplitude represents a 0.
12. Is the bit rate the same as the symbol rate? Explain
No, they are not. Bit rate refers to the bits coming in. Baud is a unit of signaling speed used to indicate the number of times per second the signal on the communication circuit changes.
13. What is a modem?
Takes the digital data from a computer in the form of electrical pulses and converts them into the analog signal that is needed for transmission over an analog voice-grade circuit.
14. What is quadrature amplitude modulation (QAM)?
Popular form of modulation technique. Involves splitting the symbol into eight different phases (3 bits) and two different amplitudes (1 bit), for a total of 16 different possible values.
15. Explain how pulse code modulation (PCM) works
The input voice signal is sampled 8000x per second. Each time the input voice signal is sampled, 8 bits are generated.
16. What is the term used to describe the placing of two or more signals on a single circuit?
Multiplexing is the term used to describe the placing of two or more signals on a single circuit.
17. What is the purpose of multiplexing?
A multiplexer puts two or more simultaneous transmissions on a single communication circuit..”
18. How does DSL (digital subscriber line) work?
Consider DSL Internet the big brother to dial-up. Many local phone services provide DSL offering High Speed Internet access delivered through existing telephone networks. Telephone wires carry hundreds of thousands of frequencies.
Only a few thousand are for telephone communications so the telephone and DSL modem can work at the same time.
There are two main types of DSL technology.
Symmetrical DSL– Symmetrical connections offer equal bandwidth for upload and download speeds.
Asymmetrical DSL– This is the most popular type of DSL connection. Most people download more information than they are uploading. Because of this, an asymmetrical connection has more downstream bandwidth and less upstream
bandwidth.
19. Of the different types of multiplexing, what distinguishes
a. Frequency division multiplexing (FDM)?
Divides the circuit horizontally. Many signals travel the circuit simultaneously, but on different channels with different frequencies, so they don't interfere with each other.
b. Time division multiplexing (TDM)?
Shares a communication circuit among two or more computers by having them take turns, dividing by the circuit vertically.
c. Statistical time division multiplexing (STDM)?
Allows more terminals or computers to be connected to a circuit than does FDM or TDM.
20. What is the function of inverse multiplexing (IMUX)?
Inverse multiplexing (IMUX) combines several low speed circuits to make them appear as one high-speed circuit to the user.
1. What does the data link layer do?
The data link layer controls the way messages are sent on the physical media. The data link layer handles three functions: media access control, message delineation, and error control.
2. What is media access control, and why is it important?
1
Media access control handles when the message gets sent. Media access control becomes important when several computers share the same communication circuit, such as a point-to-point configuration with a half duplex line that
requires computers to take turns, or a multipoint configuration in which several computers share the same circuit. Here, it is critical to ensure that no two computers attempt to transmit data at the same time -- or if they do, there must
be a way to recover from the problem. Media access control is critical in local area networks.
3. Under what conditions is media access control unimportant?
With point-to-point full duplex configurations, media access control is unnecessary because there are only two computers on the circuit and full duplex permits either computer to transmit at anytime. There is no media access control.
4. Compare and contrast roll-call polling, hub polling (or token passing), and contention.
Contention is the opposite of controlled access. Computers wait until the circuit is free (i.e., no other computers are transmitting), and then transmit whenever they have data to send. Contention is commonly used in Ethernet local area
networks.
5. Which is better, controlled access or contention? Explain.
The key consideration for which is better is throughput -- which approach will permit the largest amount of user data to be transmitted through the network.
Layer 2 and Layer 3 switches permit point-to-point circuits
6. Define two fundamental types of errors.
Corrupted Data and Lost data caused by problems in transmission
7. Errors normally appear in ______________________________, which is when more than osne data bit is changed by the error-causing condition.
Errors normally appear in bursts, which is when more than one data bit is changed by the error-causing condition.
8. Is there any difference in the error rates of lower-speed lines and of higher-speed lines?
Yes, normally lower speed lines have higher error rates because (1) leased lines can be conditioned to prevent noise, but dial-up lines can not and (2) dial-up lines have less stable transmission parameters.
9. Briefly define noise.
Noise consists of undesirable electrical signals, or, in the instance of fiber optic cable, undesirable light. Noise is typically introduced by equipment or natural disturbances, and it can seriously degrade the performance of a
communication circuit. Noise manifests itself as extra bits, missing bits, or bits that have been "flipped," (i.e., changed from 1 to 0 or vice versa).
10. Describe four types of noise. Which is likely to pose the greatest problem to network managers?
The following list summarizes the major sources of error. The first six are the most important; the last three are more common in analog rather that digital circuits.
Line outages are a catastrophic cause of errors and incomplete transmission. Occasionally, a communication circuit fails for a brief period.
White noise or gaussian noise (the familiar background hiss or static on radios and telephones) is caused by the thermal agitation of electrons and therefore is inescapable. White noise usually is not a problem unless it becomes so
strong that it obliterates the transmission. In this case, the strength of the electrical signal is increased so it overpowers the white noise; in technical terms, we increase the signal to noise ratio.
Impulse noise (sometimes called spikes) is the primary source of errors in data communications. Some of the sources of impulse noise are voltage changes in adjacent lines, lightning flashes during thunderstorms, fluorescent lights,
and poor connections in circuits.
Cross-talk occurs when one circuit picks up signals in another. It occurs between pairs of wires that are carrying separate signals, in multiplexed links carrying many discrete signals.
Echoes can cause errors. Echoes are caused by poor connections that cause the signal to reflect back to the transmitting equipment. If the strength of the echo is strong enough to be detected, it causes errors. In networks, echo
suppressors are devices that reduce the potential for this type of error. Echoes can also occur in fiber optic cables when connections between cables are not properly aligned.
Attenuation is the loss of power a signal suffers as it travels from the transmitting computer to the receiving computer.
Intermodulation noise is a special type of cross-talk. The signals from two circuits combine to form a new signal that falls into a frequency band reserved for another signal.
Jitter may affect the accuracy of the data being transmitted because minute variations in amplitude, phase, and frequency always occur.
11. What is a repeater?
Repeaters are commonly used on digital circuits. A repeater receives the incoming signal, translates it into a digital message, and retransmits the message. Because the message is re-created at each repeater, noise and distortion from
the previous circuit are not amplified.
12. What are three ways of reducing errors and the types of noise they affect?
Shielding (protecting wires by covering them with an insulating coating) is one of the best ways to prevent impulse noise, cross-talk and intermodulation noise.
Moving cables away from sources of noise (especially power sources) can also reduce impulse noise cross-talk and intermodulation noise. For impulse noise, this means avoiding lights and heavy machinery. Locating communication
cables away from power cables is always a good idea. For cross-talk, this means physically separating the cables from other communication cables.
Cross-talk and intermodulation noise is often caused by improper multiplexing. Changing multiplexing techniques (e.g., from FDM to TDM), or changing the frequencies or size of the guardbands in frequency division multiplexing
can help.
13. Describe three approaches to detecting errors, including how they work, the probability of detecting an error, and any other benefits or limitations.
Three common error detection methods are parity checking, longitudinal redundancy checking, and polynomial checking (particularly checksum and cyclic redundancy checking).
Polynomial checking adds a character or series of characters to the end of the message based on a mathematical algorithm. With the checksum technique, a checksum (typically one byte) is added to the end of the message.
14. Briefly describe how even parity and odd parity work.
Even parity is when the seven bits of an ASCII character have an even (2, 4, or 6) number of 1s, and therefore a 0 is placed in the eighth parity position. Odd parity is when the seven bits of an ASCII character have an odd (1, 3, 5, or
7) number of 1s, and therefore a 1 is placed in the eighth parity position.
15. Briefly describe how checksum works.
Polynomial checking, the checksum technique typically adds 1 byte to the end of the message. The checksum is calculated by adding the decimal value of each character in the message, dividing the sum by 255, and using the
remainder as the checksum. The receiver calculates its own checksum in the same way and compares it with the transmitted checksum. If the two values are equal the message is presumed to have no errors.
16. How does cyclical redundancy checking (CRC) work?
Cyclical redundancy checking (CRC) this scheme adds 8, 16, 24, 32 bits to the message. CRC is treated as a long binary number, P. Before transmission, the data link layer divides P by a fixed binary number, G, resulting in a whole
number, Q, and a remainder, R/G. So P/G = Q + R/G. If P = 58 and G = 8, then Q = 7 and R = 2. G is chosen so that the remainder, R, will be either 8, 16, 24, 32 bits. The remainder R is appended to the message as the error-checking
characters before transmission. The receiving hardware divides the received message by the same G, which generates an R. The receiving hardware checks to ascertain whether the received R agrees with the locally generated R. If
not the message is assumed to be an error.
17. Compare and contrast stop-and-wait ARQ and continuous ARQ.
With stop-and-wait ARQ, the sender stops and waits for a response from the receiver after each message or data packet. After receiving a packet, the receiver sends either an acknowledgment (ACK) if the message was received
without error, or a negative acknowledgment (NAK) if the message contained an error. If it is an NAK, the sender resends the previous message. If it is an ACK, the sender continues with the next message. Stop-and-wait ARQ is by
definition, a half duplex transmission technique.
With continuous ARQ, the sender does not wait for an acknowledgment after sending a message; it immediately sends the next one. While the messages are being transmitted, the sender examines the stream of returning
acknowledgments. If it receives an NAK, the sender retransmits the needed messages. Continuous ARQ is by definition a full duplex transmission technique, because both the sender and the receiver are transmitting simultaneously
(the sender is sending messages, and the receiver is sending ACKs and NAKs).
18. How long is an Ethernet address in bits and bytes?
Stop bits in asynchronous transmission are necessary to return the state of the transmission medium to the idle state (such as +3v in Figure 4-9). The signal must return to the idle state in order for the start bit to be recognized as such.
Start Bit An Ethernet address contains 12 hexadecimal (48 bites) digits or 6 bytes.
7-bit ASCII data
Parity bit
Stop bit
0111010011 Idle
19. What is transmission efficiency?
Transmission efficiency is defined as the total number of information bits (i.e., bits in the message sent by the user) divided by the total bits in transmission (i.e., information bits plus overhead bits).
20. How do information bits differ from overhead bits?
Information bits are those used to convey the user’s meaning. Overhead bits are used for purposes such as error checking, and marking the start and end of characters and packets.
Are stop bits necessary in asynchronous transmission?
Yes, stop bits in asynchronous transmission are necessary to return the state of the transmission medium to the idle state. The signal must return to the idle state in order for the start bit to be recognized as such. 0111010011
21. Under what conditions does a data link layer protocol need an address?
At some point in the networking process, the device’s data link layer must be addressed by the layer 3 protocol, no matter what the particular data link layer protocol that is running on the network.
22. Are large frame sizes better than small frame sizes? Explain
Selecting the right frame size can have a great effect on performance. There is an optimal frame size that is not so small that packets have low efficiency by carrying too little information for too much overhead, nor so large as to incur
the risk of more errors and thus longer and more frequent retransmission. The optimal frame size is dependent on the specific application and the pattern of messages it generates.
1. What does the network layer do?
The network layer performs three important functions: addressing, routing, and breaking long messages into smaller packets for transmission by the data link layer. The network layer sits between the application layer and the data
link layer. The network layer accepts messages from the application layer and formats and addresses them for transmission by the data link layer. The network layer also accepts individual messages from the data link layer and
organizes them into coherent messages that it passes to the application layer.
Connectionless routing means each packet is treated separately and makes its own way through the network. It is possible that different packets will take different routes through the network depending upon the type of routing used
and the amount of traffic. Because packets following different routes may travel at different speeds, they may arrive out of sequence at their destination. The sender’s network layer therefore puts a sequence number on each packet,
in addition to information about the message stream to which the packet belongs. The network layer must reassemble them in the correct order before passing the message to the application layer.
2. What is a subnet and why do networks need them?
Each organization must assign the IP addresses it has received to specific computers on its networks. In general, IP addresses are assigned so that all computers on the same local area network have a similar addresses. For example,
suppose a university has just received a set of Class B addresses starting with 128.184.x.x. It is customary to assign all the computers in the same LAN numbers that start with the same first three digits, so the Business School LAN
might be assigned 128.184.56.x while the Computer Science LAN might be assigned 128.184.55.x (see Figure 6-8). Likewise, all the other LANs at the university and the backbone network that connects them, would have a different
set of numbers. Each of these LANs are called a TCP/IP subnet because they are logically grouped together by IP number. Knowing whether a computer is on your subnet or not it very important for message routing.
3. What is a subnet mask?
While it is customary to use the last byte of the IP address to indicate different subnets, it is not required. Any portion of the IP address can be designated as a subnet by using a subnet mask. Every computer in a TCP/IP network is
given a subnet mask to enable it to determine which computers are on the same subnet (i.e., LAN) as it is, and which computers are outside of its subnet. The subnet mask is a number that each routing device on a network can use to
compare the routing packet to in order to determine if the packet stays in that portion or the network, or should be routed on to the next portion of the network.
2
For example, a network could be configured so that the first two bytes indicated a subnet (e.g., 128.184.x.x) so all computers would be given a subnet mask giving the first two bytes as the subnet indicator. This would mean that a
computer with an IP address of 128.184.22.33 would be on the same subnet as 128.184.78.90, and that the message stays within that network. On the other hand, if the subnet comparison shows that the message is not on that particular
subnet, then the routing device will move the packets on in their journey.
4. Explain how the client computer in Figure 5.14 (128.192.98.xx) would obtain the data link layer address of its subnet gateway.
When a computer is installed on a TCP/IP network (or dials into a TCP/IP network), it knows the IP address of its subnet gateway. This information can be provided by a configuration file or via a bootp or DHCP server.
However, the computer does not know the subnet gateway’s Ethernet address (data link layer address). Therefore, TCP would broadcast an ARP request to all computers on its subnet, requesting that the computer whose
IP address is 128.192.98.1 to respond with its Ethernet address.
All computers on the subnet would process this request, but only the subnet gateway would respond with an ARP packet giving its Ethernet address. The network layer software on the client would then store this
address in its data link layer address table.
5. Convert 32-bit binary IP address to a decimal dotted format
6. Change the following IPv4 addresses from binary notation to dotted-decimal notation.
a. 10000001 00001011 00001011 11101111
b. 11000001 10000011 00011011 11111111
c. 11100111 11011011 10001011 01101111
d. 11111001 10011011 11111011 00001111
Solution
We replace each group of 8 bits with its equivalent decimal number (see Appendix B) and add dots for separation:
a. 129.11.11.239
b. 193.131.27.255
c. 231.219.139.111
d. 249.155.251.15
7.
8.
1. Assuming Classful routing, how many bit positions to borrow from, to subnet 199.67.67.0 into 5 subnets.
2. Write down the modified subnet mask of the network address 199.67.67.0 from Q.1
3. Identify the subnet address the following IP address 199.67.67.49 belongs to.
4. Which protocol is used to resolve a given IP address to its Ethernet address?
5. The network layer is responsible for end-to-end delivery of the message.
6. Write down the broadcast address for the network:210.23.45.0
7. Write down the broadcast address for the network:169.67.0.0
8. Assuming Classful routing, how many bit positions to borrow from, to subnet 169.67.0.0 into 5 subnets.
9. Write down the modified subnet mask of the network address 169.67.0.0 from Q.8
10. An ARP request is _________ to all devices on the network.
11. An ARP reply is ___________ to the host requesting the address.
12. Given the IP address of a host: 205.101.55.66, and its subnet mask 255.255.255.192 compute the subnet address in the decimal dotted format, and the broadcast address.
3
13. _________ is a specially formatted request used to perform IP address to data link address resolution.
a. Address Resolution Protocol
b. Domain Service Request
c. HTTP request
d. Link state request
14. For a Class C network address 205.101.55.0, that needs to support 2 subnets, the subnet mask in binary is:
a. 1111 1111.1111 1111.1111 1111.0000 0000
b. 1111 1111.1111 1111.1111 1111.1111 1111
c. 1111 1111.1111 1111.1111 1111.1100 0000
d. 1111 1111.1111 1111.1111 1111.1000 0000
15. For a Class C network address 205.101.55.0, that needs to support 2 subnets, the subnet mask in decimal form is:
a. 255.255.255.0
b. 255.255.255.182
c. 255.255.255.192
d. 255.255.255.128
16. Given the IP address of a host: 205.101.55.66, compute the subnet address in the decimal dotted format using the correct subnet mask from your selection in question 14 or 15 :
a. 205.101.55.0
b. 205.101.55.62
c. 205.101.55.64
d. 205.101.55.255
17. In a Class B network address, the network address field
a. 8 bits
b. 16 bits
c. 24 bits
d. 32 bits
CHAPTER 5
NETWORK AND TRANSPORT LAYERS
18. What does the transport layer do?
The transport layer links application software in the application layer with the network and is responsible for the end-to-end delivery of the message. The transport layer sits between the application layer and the network layer. The
transport layer accepts messages from the application layer and packetizes them. Packetizing means to take one outgoing message from the application layer and break it into a set of smaller packets for transmission through the
network. Conversely, it also means to take the incoming set of smaller packets form the network layer and reassemble them into one message for the application layer.
19. What does the network layer do?
The network layer performs three important functions: addressing, routing, and breaking long messages into smaller packets for transmission by the data link layer. The network layer sits between the application layer and the data
link layer. The network layer accepts messages from the application layer and formats and addresses them for transmission by the data link layer. The network layer also accepts individual messages from the data link layer and
organizes them into coherent messages that it passes to the application layer.
20. What are the parts of TCP/IP and what do they do? Who is the primary user of TCP/IP?
TCP performs packetizing: breaking the data into smaller packets, numbering them, ensuring each packet is reliably delivered, and putting them in the proper order at the destination. IP performs routing and addressing. IP software is
used at each of the intervening computers through which the message passes; it is IP that routes the message to the final destination. The TCP software only needs to be active at the sender and the receiver, because TCP is only
involved when data comes from or goes to the application layer.
21. Compare and contrast the three types of addresses used in a network.
When users work with application software, they typically use the application layer address (e.g., entering an Internet address into a browsers, such as www.cba.uga.edu). When a user types an Internet address into a Web browser,
the request is passed to the network layer as part of an application layer packet formatted using the HTTP standard.
The network layer software translates this application layer address into a network layer address. The network layer protocol used on the Internet is TCP/IP, so this Web address (www.cba.uga.edu) is translated into an TCP/IP address
(usually just called an IP address for short) which is four bytes long when using IPv4 (e.g., 128.192.78.5).
The network layer then determines the best route through the network to the final destination. Based on this routing, the network layer identifies the data link layer address of the next computer to which the message should be sent. If
the data link layer is running Ethernet, then the network layer IP address would be translated into an Ethernet address (e.g., 00-0F-00-81-14-00).
22. How is TCP different from UDP?
TCP is a connection-oriented protocol. UDP is a connection-less protocol. What are the differences between connectionless and connection-oriented routing?
Connection-oriented routing sets up a virtual circuit between the sender and receiver. In this case, a temporary virtual circuit is defined between the sender and receiver. The network layer makes one routing decision when the
connection is established, and all packets follow the same route. All packets in the same message arrive at the destination in the same order in which they were sent. In this case, packets only need to contain information about the
stream to which it belongs; sequence numbers are not needed, although many connection-oriented protocols include a sequence number to ensure that all packets are actually received.
Connection-oriented routing has greater overhead than connectionless routing, because the sender must first “open” the circuit by sending a control packet that instructs all the intervening devices to establish the circuit routing.
Likewise, when the transmission is complete, the sender must “close” the circuit. Connection-oriented protocols also tend to have more overhead bits in each packet. Connection-oriented implies 2 nodes at each end do a 3-way
handshake to establish connect:
23. How does TCP establish a session?
TCP sets up a virtual circuit between the sender and the receiver. The transport layer software sends a special packet (called a SYN, or synchronization characters) to the receiver requesting that a connection be established. The
receiver either accepts or rejects the connection, and together, they settle on the packet sizes the connection will use. Once the connection is established, the packets flow between the sender and the receiver, following the same route
through the network.
Node at one end sends ------ SYN
Node at the other ends responds with ----- SYN + ACK
Node at one end (sent SYN) responds ------- ACK
24. What is a subnet and why do networks need them?
Each organization must assign the IP addresses it has received to specific computers on its networks. In general, IP addresses are assigned so that all computers on the same local area network have a similar addresses. For example,
suppose a university has just received a set of Class B addresses starting with 128.184.x.x. It is customary to assign all the computers in the same LAN numbers that start with the same first three digits, so the Business School LAN
might be assigned 128.184.56.x while the Computer Science LAN might be assigned 128.184.55.x (see Figure 6-8). Likewise, all the other LANs at the university and the backbone network that connects them, would have a different
set of numbers. Each of these LANs are called a TCP/IP subnet because they are logically grouped together by IP number. Knowing whether a computer is on your subnet or not it very important for message routing.
25. What is a subnet mask?
While it is customary to use the last byte of the IP address to indicate different subnets, it is not required. Any portion of the IP address can be designated as a subnet by using a subnet mask. Every computer in a TCP/IP network is
given a subnet mask to enable it to determine which computers are on the same subnet (i.e., LAN) as it is, and which computers are outside of its subnet. The subnet mask is a number that each routing device on a network can use to
compare the routing packet to in order to determine if the packet stays in that portion or the network, or should be routed on to the next portion of the network.
For example, a network could be configured so that the first two bytes indicated a subnet (e.g., 128.184.x.x) so all computers would be given a subnet mask giving the first two bytes as the subnet indicator. This would mean that a
computer with an IP address of 128.184.22.33 would be on the same subnet as 128.184.78.90, and that the message stays within that network. On the other hand, if the subnet comparison shows that the message is not on that particular
subnet, then the routing device will move the packets on in their journey.
26. How does dynamic addressing work?
With dynamic addressing, a server is designated to supply a network layer address to a computer each time the computer connects to the network. This is commonly done for client computers, but usually not done for servers.
Instead of providing a network layer address in a configuration file, a special software package is installed on the client that instructs it to contact bootp or DHCP servers using data link layer addresses. This message asks the servers
to assign the requesting computer a unique network layer address. The server runs a corresponding bootp or DHCP software package that responds to these requests and sends a message back to the client giving it its network layer
address (and its subnet mask).
27. What benefits and problems does dynamic addressing provide?
The bootp or DHCP server can be configured to assign the same network layer address to the computer each time it requests an address (based on its data link layer address), or it can lease the address to the computer by picking the
“next available” network layer address from a list of authorized addresses. Addresses can be leased for as long as the computer is connected to the network or for a specified time limit (e.g., two hours). When the lease expires, the
client computer must contact the bootp or DHCP server to get a new address. Address leasing is commonly used by Internet service providers (ISPs) for dial-up users.
Dynamic addressing greatly simplifies network management in non-dial-up networks too. With dynamic addressing, address changes need to be done only to the bootp or DHCP server, not each individual computer. The next time
each computer connects to the network or whenever the address lease expires, it automatically gets the new address.
28. What is address resolution?
In order to send a message, the sender must be able to translate the application layer address (or server name) of the destination into a network layer address and in turn translate that into a data link layer address. This process is called
address resolution. There are many different approaches to address resolution that range from completely decentralized (each computer is responsible for knowing all addresses) to completely centralized (there is one computer that
knows all addresses).
29. How does TCP/IP perform address resolution for network layer addresses?
Server name resolution is the translation of application layer addresses into network layer addresses (e.g., translating an Internet address such as www.cba.uga.edu into an IP address such as 128.192.98.3). This is done using the
Domain Name Service (DNS). Throughout the Internet there are a series of computers called name servers that provide DNS services. These name servers run special address databases that store thousands of Internet addresses and
their corresponding IP addresses. These name servers are in effect the "directory assistance" computers for the Internet. Any time a computer does not know the IP number for a computer, it sends a message to the name
server requesting the IP number.
When TCP/IP needs to translate an application layer address into an IP address, it sends a special TCP-level packet to the nearest DNS server. This packet asks the DNS server to send the requesting computer the IP address that
matches the Internet address provided. If the DNS server has a matching name in its database, it sends back a special TCP packet with the correct IP address. If that DNS server does not have that Internet address in its database, it will
issue the same request to another DNS server elsewhere on the Internet.
4
Once your computer receives an IP address it is stored in a server address table. This way, if you ever need to access the same computer again, your computer does not need to contact a DNS server. Most server address tables are
routinely deleted whenever you turn off your computer.
30. How does TCP/IP perform address resolution for data link layer addresses?
To send a message to a computer in its network, a computer must know the correct data link layer address. In this case, the TCP/IP software sends a broadcast message to all computers in its subnet. A broadcast message,
as the name suggests, is received and processed by all computers in the same LAN (which is usually designed to match the IP subnet). The message is a specially formatted TCP-level request using Address Resolution
Protocol (ARP) that says “Whoever is IP address xxx.xxx.xxx.xxx, please send me your data link layer address.” The TCP software in the computer with that IP address then responds with its data link layer address.
The sender transmits its message using that data link layer address. The sender also stores the data link layer address in its address table for future use.
31. What is routing?
Routing is the process of determining the route or path through the network that a message will travel from the sending computer to the receiving computer. Every computer that performs routing has a routing table developed by the
network manager that specifies how messages will travel through the network.
32. How does decentralized routing differ from centralized routing?
With centralized routing, all routing decisions are made by one central host computer. Centralized routing is used typically only in host-based networks and in this case, routing decisions are rather simple. All computers are connected
to the central computer by individual point-to-point circuits, so any message received is simply retransmitted on the point-to-point circuit connected to the destination.
Decentralized routing allows all computers in the network make their own routing decisions following a formal routing protocol. In MANs and WANs, the routing table for each computer is developed by its individual network
manager. Most decentralized routing protocols are self-adjusting, meaning that they can automatically adapt to changes in the network configuration (e.g., adding and deleting computers and circuits).
33. What are the differences between connectionless and connection-oriented routing?
Connection-oriented routing sets up a virtual circuit between the sender and receiver. In this case, a temporary virtual circuit is defined between the sender and receiver. The network layer makes one routing decision when the
connection is established, and all packets follow the same route. All packets in the same message arrive at the destination in the same order in which they were sent. In this case, packets only need to contain information about the
stream to which it belongs; sequence numbers are not needed, although many connection-oriented protocols include a sequence number to ensure that all packets are actually received.
Connection-oriented routing has greater overhead than connectionless routing, because the sender must first “open” the circuit by sending a control packet that instructs all the intervening devices to establish the circuit routing.
Likewise, when the transmission is complete, the sender must “close” the circuit. Connection-oriented protocols also tend to have more overhead bits in each packet.
34. What is a session?
A session can be thought of as a conversation between two computers. When the sender wants to send a message, it first establishes a session with the destination computer. The sender then sends the data packets in order until all data
has been sent. Then the session is ended.
35. What is Quality of Service routing and why is it useful?
Quality of service (QoS) routing is a special type of connection-oriented dynamic routing in which different messages or packets are assigned different priorities. For example, videoconferencing requires fast delivery of packet to
ensure that the images and voices appear smooth and continuous; they are very time-dependent, because delays in routing will seriously affect the quality of the service provided. Email can have a low QoS, as it is not critical that it
be delivered immediately to the destination.
36. Compare and contrast unicast, broadcast, and multicast messages.
The most common type of message in a network is the usual transmission between two computers. One computer sends a message to another computer (e.g., a client requesting a Web page). This is called a unicast
message. In the situation of a broadcast message, the message is sent to all computers on a specific LAN or subnet. A third type of message called a multicast message is used to send the same message to a group of
computers.
37. Explain how the client computer in Figure 5.14 (128.192.98.xx) would obtain the data link layer address of its subnet gateway.
When a computer is installed on a TCP/IP network (or dials into a TCP/IP network), it knows the IP address of its subnet gateway. This information can be provided by a configuration file or via a bootp or DHCP server.
However, the computer does not know the subnet gateway’s Ethernet address (data link layer address). Therefore, TCP would broadcast an ARP request to all computers on its subnet, requesting that the computer whose
IP address is 128.192.98.1 to respond with its Ethernet address.
All computers on the subnet would process this request, but only the subnet gateway would respond with an ARP packet giving its Ethernet address. The network layer software on the client would then store this
address in its data link layer address table.
38. How does HTTP use TCP and DNS use UDP?
HTTP at the application layer would pass its message packet with overhead, including the Internet address of the destination, to the transport layer where TCP software would complete packetization at the Transport layer and hand it
off to the Network layer.
Domain Name Services, the Domain Name Server (aka DNS) is primarily responsible for translating IP Addresses into valid Domain Names and translating valid Domain Names into IP addresses. UDP is a connection-less transport
layer protocol. DNS would pass either a Domain Name or an IP address along with its packet(s) to the Transport layer for forwarding to the Network layer to be routed to the destination.
39. How does static routing differ from dynamic routing? When would you use static routing? When would you use dynamic routing?
With static routing, the routing table is developed by the network manager, and changes only when computers are added to or removed from the network. For example, if the computer recognizes that a circuit is broken or unusable
(e.g., after the data link layer retry limit has been exceeded without receiving an acknowledgment), the computer will update the routing table to indicate the failed circuit. If an alternate route is available, it will be used for all subsequent
messages. Otherwise, messages will be stored until the circuit is repaired. When new computers are added to the network, they announce their presence to the other computers, who automatically add them into their routing tables.
Static routing is commonly used in networks that have few routing options. For example, most LANs are connected to the backbone network in only one place. There is only one route from the LAN to the backbone, so static routing
is used.
Dynamic routing (or adaptive routing) is used when there are multiple routes through a network and it is important to select the best route. Dynamic routing attempts to improve network performance by routing messages over the
fastest possible route, away from busy circuits and busy computers.
CHAPTER 6
NETWORK DESIGN
What are the keys to designing a successful data communications network?

A thorough needs analysis, developing one or more physical network designs, designing to operate and maintain with minimal staff intervention.
How does the traditional approach to network design differ from the building block approach?
Traditional network designs used a very structured approach for the analysis and design. This by default built in limitations to the growth and need to change network designs as the needs of the organization and technology
itself changed.
Describe the three major steps in current network design.
Needs analysis, technology design and cost assessment.
4.What is the most important principle in designing networks?
Completing a thorough needs analysis that takes into consideration the needs of the organization over the short and long-term. From this analysis then a logical network design can be developed to ensure that the network can
satisfy all needs over time.
5.Why is it important to analyze needs in terms of both application systems and users?
Because you want to make sure that the network can support the bandwidth and other operational characteristics required by the user applications.
6.Describe the key parts of the technology design step.
It examines the available technologies and assesses which options will meet the users' needs. The designer makes some estimates about the network needs of each category of user and circuits in terms of current technology
and matches needs to technologies.
7.How can a network design tool help in network design?
Network design tools can perform a number of functions to help in the technology design process. Other network design tools can discover the existing network; that is, once installed on the network, they will explore the
network to draw a network diagram. For example, simulation is used to model the behavior of the communication network.
8.On what should the design plan be based?
The design plan should be based on the geographic scope of the network, the number of users and applications, the current and future network needs of the various network segments, and the costs of the network and
maintaining the network.
9.What is an RFP, and why do companies use them?
While some network components can be purchased "off-the-shelf," most organizations develop a request for proposal (RFP) before making large network purchases. RFPs specify what equipment, software, and services are
desired and ask vendors to provide their best prices. Some RFPs are very specific about what items are to be provided in what time frame. In other cases, items are defined as mandatory, important, or desirable, or several
scenarios are provided and the vendor is asked to propose the best solution.
11.What are some major problems that can cause network designs to fail?
Some major problems that can cause network designs to fail can be categorized by the steps of the building block design approach.
Technology design problems
• buying the wrong equipment or services; often the right technology but the wrong products or features
• vendor misrepresentation; the products and/or services did not work as promised
Needs analysis problems
• requirements were incomplete or inaccurate
• a significant change in business requirements as the network was installed.
Overall problems with the design process
• lack of network design skills internally; did not use external consultants or systems integrators external network consultants or systems integrators who bungle the project
12.What is a network baseline, and when is it established?
Most network design projects today are network upgrades, rather than the design of entirely new networks. In this case, there is already a fairly good understanding of the existing traffic in the network, and most importantly,
the rate of growth of network traffic. In this case, it is important to gain an understanding of the current operations (application systems and messages).
The needs analysis step provides a network baseline against which future design requirements can be gauged.
13. What are the seven network architecture components?
The seven network architecture components are LANs, building backbones, campus backbones, WANs, Internet access, e-commerce edge and data centers.
14. What is the difference between a building backbone and a campus backbone, and what are the implications for the design of each?
5
A building backbone distributes network traffic to and from the LANs. The building backbone typically uses the same basic technology that we use in the LAN (a network switch) but usually we buy faster switches because
the building backbone carries more network traffic than a LAN.
A campus backbone connects all the buildings on one campus. Some vendors call this the Core Layer. The campus backbone is usually faster than the backbones we use inside buildings because it typically carries more
traffic than they do. We use routers or layer 3 switches that do routing when we design the campus.
15. What are typical speeds for the LAN, building backbone, and campus backbone? Why?
LAN – 1 Gbps
Building backbone – 10 Gbps
Campus backbone – 40 Gbps
16. Is it important to have the fastest wireless LAN technology in your apartment? What about in the library of your school? Explain.
It is not necessarily important to have the fastest wireless LAN technology in your apartment because that technology may be faster than your Internet access to your apartment. For example, if you have 10 Mbps Internet
access to your apartment, a 54 Mbps access point in your apartment is still limited to 10 Mbps downloads from the Internet. The 54 Mbps access within the apartment is only good for connections between networking devices
within the apartment.
The answer is similar as it applies to the library within your school. As long as the traffic stays within the library, a fast wireless network is beneficial.
CHAPTER 7
WIRED AND WIRELESS LOCAL AREA NETWORKS
1. Define local area network.
A local area network is a group of microcomputers or other workstation devices located within a small or confined area and are connected by a common cable. A LAN can be part of a larger backbone network connected to other
LANs, a host mainframe, or public networks.
2. Describe at least three types of servers.
A LAN can have many different types of dedicated servers. Four common types are file servers, database servers, print servers, and communication servers. File servers allow many users to share the same set of files on a common,
shared disk drive. A database server usually is more powerful than a file server. It not only provides shared access to the files on the server, but also can perform database processing on those files associated with client-server computing.
The key benefit of database servers is that they reduce the amount of data moved between the server and the client workstation. They can also minimize data loss and prevent widespread data inconsistencies if the system fails.
Print servers handle print requests on the LAN. By offloading the management of printing from the main LAN file server or database server, print servers help reduce the load on them and increase network efficiency in much the
same way that front end processors improve the efficiency of mainframe computers. Communications servers are dedicated to performing communication processing. There are three fundamental types: fax servers, modem servers,
and access servers.
Fax servers manage a pool of fax-boards that enable LAN users to send or receive faxes. Access servers and modem servers allow users to dial into and out of the LAN by telephone. Dialing into the LAN is accomplished with an
access server, whereas dialing out is accomplished with a modem server.
3. Describe the basic components of a wired LAN.
The basic components of a wired LAN are the NICs, circuits, access points, and network operating system.
The network interface card (NIC) allows the computer to be physically connected to the network cable, which provides the physical layer connection among the computers in the network.
The circuits are the cables that connect devices together. In a LAN, these cables are generally twisted pair from the client to the hub or server. Outside the building, fiber optic is generally used.
Network hubs and switches serve two purposes. First, they provide an easy way to connect network cables. In general, network cables can be directly connected by splicing two cables together. Second, many hubs and switches act as
repeaters or amplifiers. Signals can travel only so far in a network cable before they attenuate and can no longer be recognized.
The network operating system (NOS) is the software that controls the network. Every NOS provides two sets of software: one that runs on the network server(s), and one that runs on the network client(s). The server version of the
NOS provides the software that performs the functions associated with the data link, network, and application layers and usually the computer’s own operating system. The client version of the NOS provides the software that performs
the functions associated with the data link and the network layers, and must interact with the application software and the computer’s own operating system.
4. Describe the basic components of a wireless LAN.
The basic components of a wireless LAN are the NICs, circuits, access points, and network operating system.
The network interface card (NIC) allows the computer to be physically connected to the network cable, which provides the physical layer connection among the computers in the network.
The “circuit” is the air that connects the wireless clients to the access points. Between the access points and the switches or servers, twisted pair cable is typically utilized.
A wireless access point performs the same functions as a hub or switch in a wired environment.
5. What types of cables are commonly used in wired LANs?
It is very common to see LANs built using traditional twisted pair cables (e.g., Cat 5, Cat 5e).
6. What is a cable plan and why would you want one?
A cable plan is a plan for the network layout, including how much cable is used, where the cables are, how many and where hubs are located, how many ports are available, what local city fire codes must be followed, and what are
the identification labels of the cable.
7. What does a NOS do? What are the major software parts of a NOS?
8. How does wired Ethernet work?
Ethernet is the most commonly used LAN in the world, accounting for almost 70 percent of all LANs. Ethernet uses a bus topology and a contention-based technique media access technique called Carrier Sense Multiple Access with
Collision Detection (CSMA/CD). There are many different types of Ethernet that use different network cabling (e.g., 10Base-2, 10Base-5, 10Base-T, and 10Broad-36).
9. How does a logical topology differ from a physical topology?
A logical topology illustrates how the network operates with the various protocols that may be running. A single network can have multiple protocols. A physical topology illustrates exactly where all the hardware and cabling are
‘physically’ located and connected.
10. Briefly describe how CSMA/CD works.
CSMA/CD, like all contention-based techniques, is very simple in concept: wait until the bus is free (sense for carrier) and then transmit. Computers wait until no other devices are transmitting, and then transmit their data. As long as
no other computer attempts to transmit at the same time, everything is fine. However, it is possible that two computers located some distance from one another can both listen to the circuit, find it empty, and begin to simultaneously.
This simultaneous transmission is called a collision. The two messages collide and destroy each other.
The solution to this is to listen while transmitting, better known as collision detection (CD). If the NIC detects any signal other than its own, it presumes that a collision has occurred, and sends a jamming signal. All computers stop
transmitting and wait for the circuit to become free before trying to retransmit. The problem is that the computers which caused the collision could attempt to retransmit at the same time. To prevent this, each computer waits a random
amount of time after the colliding message disappears before attempting to retransmit.
11. Explain the terms 100Base-T, 1000Base-T, 100Base-F, 10 GbE, and 10/100/1000 Ethernet.
Historically, the original Ethernet specification was a 10 Mbps data rate using baseband signaling on thick coaxial cable, called 10Base5 (or “Thicknet”), capable of running 500 meters between hubs. Following 10Base5 was 10Base2
or thinnet as we used to say. Thinnet or RG-58 coaxial cable, similar to what is used for cable TV was considerably cheaper and easier to work with, although it was limited to 185 meters between hubs. The 10Base-2 standard was
often called “Cheapnet.”
When twisted pair cabling was standardized for supporting Ethernet (app. 1988) the T replaced the 2 to represent “twisted-pair”. Twisted pair is the most commonly used cable type for Ethernet. 10BaseT breaks down as 10 Mbps,
baseband, and the “T” means it uses twisted pair wiring (actually unshielded twisted pair). It was the 10Base-T standard that revolutionized Ethernet, and made it the most popular type of LAN in the world.
Eventually the 10BaseT standard was improved to support Fast Ethernet or 100BaseT that breaks down as 100Mbps baseband over twisted-pair cable, and 100BaseF over fiber. This eventually was improved even further to 1000BaseT
or 1 Billion BITs per second baseband. There is currently a revised standard evolving which makes Ethernet even faster. It is known as the 10GbE or 10 Billion BITs per second Ethernet. Though proven to work it has yet to reach
the marketplace. But it would be astute to consider that it will be here in the near future.
Finally, 10/100Mbps Ethernet refers to the standard that can autosense which speed it needs to run at between the two speeds of 10Mbos or 100Mbps. It comes down to the type of NIC running at the individual node and the type of
switch port that the node connects into. It is commonplace to run 10/100Mbps switches in LAN operating environments where there are older NICs already operating and no real business case requirements for upgrading these nodes.
12. How do Ethernet switches know where to send the frames they receive? Describe how switches gather and use this knowledge.
Ethernet switches operate on the destination MAC address of each packet processed to determine which port to pass on each packet presented for transmission.
Ethernet switches learn and store in memory in the form of a forwarding table, the specific port location of each MAC address for every device connected to any of its ports.
13. Compare and contrast cut-through, store and forward, and fragment-free switching.
With cut through switching, the switch begins to transmit the incoming packet on the proper outgoing circuit as soon as it has read the destination address in the packet.
With store and forward switching the switch does not begin transmitting the outgoing packet until it has received the entire incoming packet and has checked to make sure it contains no errors.
Fragment-free switching lies between the extremes of cut through and store and forward switching. With fragment-free switching, the first 64 bytes and if all the header data appears correct, the switch presumes the rest
of the packet is error free and begins transmitting.
14. Compare and contrast the two types of antennas.
A directional antenna projects a signal only in one direction. Because the signal is concentrated in a narrower, focused area, it is a stronger signal and carries further. More popular is the omnidirectional antenna,
which broadcasts in all directions except directly above itself.
15. How does Wi-Fi perform media access control?
Media access control uses Carrier Sense Multiple Access with Collision Avoidance, or CSMA/CA, which is similar to the media access control used in Ethernet LANs. The computers “listen” before they transmit,
and if there is not a collision, all is well. Wi-Fi does attempt to avoid a collision more than regular Ethernet LANs do, however, by using two techniques called Distributed Coordination Function and Point
Coordination Function (refer to questions 12 and 13 for detailed descriptions of these two access control methods).
16. How does Wi-Fi differ from shared Ethernet in terms of topology, media access control, and error control, Ethernet frame?
Wi-Fi is very similar to shared Ethernet in terms of the logical and physical topologies. The Wi-Fi approach uses a logical bus and a physical star arrangement, just like shared Ethernet. On the shared bus in Wi-Fi,
the computers must take turns transmitting, which is not always so in shared Ethernet. For error control, Wi-Fi has a hidden node problem, where some computers may not sense contention, and may therefore transmit
when they should not, so Wi-Fi uses a slightly different technique for contention to try and cut down on collisions.
17. Explain how CSMA/CA DCF works.
This technology relies on the ability of computers to physically listen before they transmit. With DCF, each frame in CSMA/CA is sent using stop and wait ARQ, and it is designed in such a way so that no other
computer begins transmitting while the waiting period is going on.
18. Explain how CSMA/CA PCF works.
6
Using PCF (also called the virtual carrier sense method), AP manages the shared circuit – thus every computer (node) wishing transmit data first sends RTS to AP, if no other node is transmitting data,
then AP sends CLS. Every computer (node) will hear CLS, and will refrain from sending data. Controlled-access method is used when the data frames exceed a certain size. There can be a “hidden node
problem” with CSMA/CA PCF because some computers at the edge of the network may not sense every transmission, increasing the likelihood of collisions.
19. Explain how association works in WLAN.
Searching for an available AP is called scanning and NIC can engage in either active or passive scanning. During active scanning, a NIC transmits a special frame called probe frame on all active channels on its
frequency range. When an AP receives a probe frame, it responds with a probe response that contains all the necessary information for a NIC to associate with it. A NIC can receive several probe responses from
different APs. It is up to the NIC to choose with which AP to associate with. This usually depends on the speed rather than distance from an access point. Once a NIC associates with an access point they start
exchanging packets over the channel that is specified by the access point.
During passive scanning, the NIC listens on all channels for a special frame called beacon frame that is sent out by an access point. The beacon frame contains all the necessary information for a NIC to associate with
it. Once a NIC detects this beacon frame it can decide to associate with it and start communication on the frequency channel set by the access point.
20. What is the best practice recommendation for wired LAN design?
The best recommendations are based primarily on evaluating the trade-off between effective data rates and costs. Sometimes it is also interesting to evaluate LAN vs. WLAN as part of the process.
21. What are the best practice recommendations for WLAN design?
The best recommendations are based primarily on evaluating the trade-off between effective data rates and costs. Sometimes it is also interesting to evaluate LAN vs. WLAN as part of the process.
22. What is a site survey, and why is it important?
The site survey determines the feasibility of the desired coverage, the potential source of interference, the current locations of the wired network into which the WSAN will connect, and an estimate of the number of
APs required to provide coverage.
23. How do you decide how many APs are needed and where they should be placed for best performance?
The network manager will make a determination based off four factors: nominal data rates, error rates, efficiency of the data link layer protocols used, and efficiency of the media access control protocols.
24. What are three special purpose devices you might find in a data center and what do they do?
Three special purpose devices that the data center may contain include a load balancer, virtual servers, and storage area networks. The load balancer acts as a router at the front of the server farm to distribute any
processing to an appropriate server. Logical servers are logically separate servers (e.g., a Web server, an email server, and a file server) on the same physical computer. The virtual servers run on the same physical
computer but appear completely separate to the network. Lastly, the storage area network are LANs devoted solely to data storage.
25. Describe three ways to improve network performance on the server.
Improving server performance can be approached from two directions simultaneously: software and hardware.
Software methods include changing the NOS and fine-tuning the NOS.
Hardware methods include adding a second server and upgrading the server’s hardware.
26. Describe three ways to improve network performance on circuits.
Circuit performance can be improved by using faster technologies, by adding more circuits, and by segmenting the network into several separate LANs by adding more switches or access points.
27. Types of Wireless Ethernet:
IEEE 802.11 has many standards:
802.11a
802.11b
802.11g
802.11n
802.11ac
28. Security
Wardriving: wireless reconnaissance with intent to break into the network
WEP: Wired Equivalent Privacy requires client to submit a key to AP to join the Wi-Fi network.
WPA: Wi-Fi protected Access (WPA) provides better security over WEP – every frame is encrypted using WEP key
802.11i (WPA2) - more advanced secured type of WLAN
Below is my home Wi-Fi setup as an illustration
Wireless Advanced Settings (5GHz a/n/ac)
Enable Wireless Router Radio
Fragmentation Length (256-2346):
CTS/RTS Threshold (1-2347):
Preamble Mode
My Wi-Fi network AP will operate on physical carrier sense (CSMA/CA) up to frame length of 2346
And threshold value is 2347 over which AP will manage the Wi-Fi network using Virtual Carrier Sense
Wireless Network (2.4GHz b/g/n)
Enable SSID Broadcast
Name (SSID):
Channel:
Mode:
Security Options
None
WPA2-PSK [AES]
WPA-PSK [TKIP] + WPA2-PSK [AES]
WPA/WPA2 Enterprise
My SSID is NETGEAR19 and security key uses WPA2-PSK protocol for authentication.
Storage Area Network (SNA) is where high-speed servers are networked using high speed networks.
MAC address filtering: AP has a list of MAC addresses of nodes that can join the Wi-Fi network.
Server Virtualization??
Network Services vs. Directory Services ????
1. Briefly outline the steps required to complete a risk assessment.
A. Develop risk measurement criteria
B. Inventory IT assets
C. Identify threats
D. Document existing controls
E. Identify improvements
2. Name and describe the main impact areas. Who should be responsible for assessing what is meant by low/medium/high impact for each of the impact areas? Explain your answer.
1. Financial – revenue and expenses
2. Productivity – business operations
3. Reputation – customer perceptions
4. Safety – health of customers and employees
5. Legal – potential for fines and litigation
3. What are some of the criteria that can be used to rank security risks?
7
 Most damaging, most dangerous, most risky.
 Most sensitive, most critical to organization, most likely to cause political problems
 Most costly to recover, most difficult to recover, most time consuming to recover
 Greatest delay, most likely to occur
4. What are the most common security threats? What are the most critical? Why?
Some of the more common security threats include viruses, theft of equipment, theft of information, device failure, natural disaster, sabotage, and denial of services.
5. Explain the purpose of threat scenarios. What are the steps in preparing threat scenarios?
Threat scenarios describe how an asset can be compromised by one specific threat. An asset can be compromised by more than one threat, so it is common to have more than one threat scenario for each asset. The
purpose is to begin preparation for mitigation of that threat.
In order to prepare for threat scenarios, the following steps must be followed:
1. name the asset
2. describe the threat
3. explain the consequence (violation of confidentiality, integrity or availability)
4. estimate the likelihood of this threat happening (high, medium, low)
6. What is the purpose of the risk score and how is it calculated?
Risk scores are used to compare the risk scores among all the different threat scenarios to help us identify the most important risks we face. It is calculated by multiplying the impact score by the likelihood (using 1 for
low likelihood, 2 for medium likelihood, and 3 for high likelihood).
7. What are the four possible risk control strategies? How do we pick which one to use?
The risk control strategies are to accept the risk, mitigate it, share it, or defer it. Selection of a strategy depends on things such as the impact (positive or negative) of the risk, the likelihood of the event occurring, and the cost.
8. What is the purpose of a disaster recovery plan? What are the major elements of a typical disaster recovery plan?
The Disaster Recovery Plan is a way to create a report that gives details of the stairs that will take you to recover your enterprise from a disastrous opportunity. Many corporations have taken the time to prepare a disaster recovery
plan, however, leave it to collect a shelf for dirt, which has not been reviewed or updated. Your enterprise does not remain the same; Development, change, and reunion of corporations. An effective accident compensation plan
should be regularly reviewed and updated to ensure that it reflects the modern state of the commercial enterprise and fulfills the business enterprise's goals. It is not the easiest requirement to review it, but it should be tested to ensure
that it will be completed upon completion.
Disaster recovery plan goals and objectives
In order to expand the disaster medical plan, you should first understand the goals and goals that will complete the plan. Here you can use six dreams and goals to ensure that your disaster recovery plan may be a hit.
Reduce the overall risk. 1. Hero images/Getty images 2. Keep your disaster recovery plan and check 3. Day-to-Day Operation Restore 4. Owners and investors reduce anxiety 5. Rapid Response 6. Compliance with the five rules:
health care, food processing, training and others, disaster treatment plan.
9. What is a computer virus? What is a worm?
A computer virus is an executable computer program that propagates itself (multiplies), uses a carrier (another computer program), may modify itself during replication, is intended to create some unwanted event. Viruses cause
unwanted events -- some are harmless (such as nuisance messages), others are serious (such as the destruction of data). Most viruses attach themselves to other programs or to special parts on disks. As those files execute or are
accessed, the virus spreads. Some viruses change their appearances as they spread, making detection more difficult.
A worm is a special type of virus that spreads itself without human intervention. Worms spread when they install themselves on a computer and then send copies of themselves to other computers, sometimes by e-mail, sometimes
via security holes in software.
10. Explain how a denial-of-service attack works.
A DOS attacks works by an attacker attempting to disrupt the network by flooding it with messages so that the network cannot process messages from normal users. The simplest approach is to flood a Web server, mail server, and
so on, with incoming messages. The server attempts to respond to these, but there are so many messages that it cannot.
11. How does a denial-of-service attack differ from a distributed denial-of-service attack?
While the source of a denial-of-service (DoS) attack could be a single computer, a distributed denial-of-service (DDoS) attack could involve hundreds of computers on the Internet simultaneously sending messages to a target site. A
DDoS hacker plants DDoS agent software on these computers and then controls the agents with DDoS handler software, which can send instructions to the agent software on the computers controlled by the hacker for purposes of
launching a coordinated attack.
12. What is a disaster recovery firm? When and why would you establish a contract with them?
13. There are many components in a typical security policy. Describe three important components.
Major elements of a security policy are:
 The name of the decision-making manager who is in charge of security.
 An incident reporting system and a rapid response team that to respond to security breaches in progress.
 A risk assessment with priorities as to which components are most important.
 Effective controls placed at all major access points into the network to prevent or deter access by external agents.
 Effective controls placed within the network to ensure internal users cannot exceed their authorized access.
 An acceptable use policy that explains to users what they can and cannot do.
 A plan to routinely train users on security policies and build awareness of security risks.
 A plan to routinely test and update all security controls that includes monitoring of popular press and vendor reports of security holes.
14. What are the three major aspects of intrusion prevention (not counting the security policy)?
The three main aspects of preventing unauthorized access: securing the network perimeter, securing the interior of the network, and authenticating users.
15. How do you secure the network perimeter?
There are three basic access points into most organizational networks: from LANs, the Internet, and WLANs. One important element of preventing unauthorized users from accessing an internal LAN is through physical security.
A firewall is commonly used to secure an organization’s Internet connection. NAT is a common security measure that can be used as well.
16. What is eavesdropping in a computer security sense?
Eavesdropping refers to the process of unauthorized tapping into a computer network through local cables that are not secured behind walls or in some other manner.
17. What is a sniffer?
Sniffers can impersonate credentials used by authorized or legitimate users and use those to log in to the system for committing fraud.
18. What is a firewall?
A firewall is a router, gateway, or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network. The network is designed so that a firewall is placed
on every network connection between the organization and the Internet. No access is permitted except through the firewall. Some firewalls have the ability to detect and prevent denial-of-service attacks, as well as
unauthorized access attempts. Two commonly used types of firewalls are packet level, and application level.
19. How do the different types of firewalls work?
A packet-level firewall examines the source and destination address of every network packet that passes through it. It only allows packets into or out of the organization’s networks that have acceptable source and destination
addresses.
An application level firewall acts as an intermediate host computer between the Internet and the rest of the organization’s networks. Anyone wishing to access the organization’s networks from the Internet most login to this firewall,
and can only access the information they are authorized for based on the firewall account profile they access.
The NAT firewall uses an address table to translate the private IP addresses used inside the organization into proxy IP addresses used on the Internet
20. What is IP spoofing?
IP spoofing means to fool the target computer (and any intervening firewall) into believing that messages from the intruder’s computer are actually coming from an authorized user inside the organization’s network.
Spoofing is done by changing the source address on incoming packets from their real address to an address inside the organization’s network. Seeing a valid internal address, the firewall lets the packets through to their
destination. The destination computer believes the packets are from a valid internal user and processes them.
21. What is a NAT firewall and how does it work?
The NAT firewall (sometimes referred to as a proxy server) uses an address table to translate the private IP addresses used inside the organization into proxy IP addresses used on the Internet.
When a computer inside the organization accesses a computer on the Internet, the NAT firewall changes the source IP address in the outgoing IP packet to its own address.
When the external computer responds to the request, it addresses the message to the NAT firewall's IP address. The NAT firewall receives the incoming message, and after ensuring the packet should be permitted
inside, changes the destination IP address to the private IP address of the internal computer and changes the TCP port id to the correct port id before transmitting it on the internal network. This way, systems outside
the organization never see the actual internal IP addresses, and thus they think there is only one computer on the internal network.
22. What is a security hole and how do you fix it?
Many security holes are highly technical; for example, sending a message designed to overflow a network buffer, thereby placing a short command into a very specific memory area that unlocks a user profile. Others
are rather simple, but not obvious.
23. Explain how a Trojan horse works.
Trojans are remote access management consoles that enable users to access a computer and manage it from afar. Trojans are often concealed in other software that unsuspecting users download over the Internet. Music and video
files shared on the Internet are common carriers of Trojans. When the user downloads and plays the music file, it plays normally and the attached Trojan software silently installs a small program that enables the attacker to take
complete control of the user’s computer, so the user is unaware that anything bad has happened.
24. Compare and contrast symmetric and asymmetric encryption.
A symmetric (or single key) encryption algorithm is one in which the key used to encrypt a message is the same as the one used to decrypt it. Both parties to the transmission must possess the same key for encryption and decryption.
The key must be kept secret, leading to a need for key management.
An asymmetric algorithm is one in which the key used to decrypt a message is different from the one used to encrypt it. Public key encryption is the most common for asymmetric encryption. , there are two keys. One key (called the
public key) is used to encrypt the message and a second, very different private key is used to decrypt the message. The net result is that if two parties wish to communicate with one another, there is no need to exchange keys beforehand.
All public keys are published in a directory. Each knows the other's public key from the listing in the public directory and can communicate encrypted information immediately. The key management problem is reduced to the on-site
protection of the private key.
25. Describe how symmetric encryption and decryption works.
A symmetric algorithm is an algorithm in which the key used to decrypt a particular bit stream is the same as the one used to encrypt it. Using any other key produces plaintext that appears as random as the ciphertext. No keys are
exchanged between the sender and the receiver.
8
Encryption is the process of disguising information into ciphertext, whereas decryption is the process of restoring it to readable form (plaintext). An encryption system has two parts: the algorithm itself and the key, which personalizes
the algorithm by making the transformation of data unique. Two pieces of identical information encrypted with the same algorithm but with different keys produce completely different ciphertexts. When using most encryption systems,
communicating parties must share this key. If the algorithm is adequate and the key is kept secret, acquisition of the ciphertext by unauthorized personnel is of no consequence to the communicating parties.
26. Describe how asymmetric encryption and decryption works.
In asymmetric encryption and decryption there are two keys. One key (called the public key) is used to encrypt the message and a second, very different private key is used to decrypt the message. Public key systems are based on
one-way functions. Even though you originally know both the contents of your message and the public encryption key, once it is encrypted by the one-way function, the message cannot be decrypted without the private key. One-
way functions, which are relatively easy to calculate in one direction, are impossible to "uncalculate" in the reverse direction.
All public keys are published in a directory. When Organization A wants to send an encrypted message to Organization B, it looks through the directory to find its public key. It then encrypts the message using B's public key. This
encrypted message is then send through the network to Organization B, which decrypts the message using its private key.
27. What is key management?
Key management is concerned with dispersing and storing keys carefully. Because the DES algorithm is known publicly, the disclosure of a secret key can mean total compromise of encrypted messages. Managing this system of
keys can be challenging, especially with symmetric algorithms.
28. How does DES differ from 3DES? From RC4? From AES?
DES uses a 56-bit key while 3DES uses a 168-bit key (3 x 56).
RC4 uses keys from 40 to 256 bits in length.
AES uses the Rijndael algorithm and has key sizes of 128, 192, and 256 bits.
29. Compare and contrast DES and public key encryption.
DES is a symmetric algorithm, which means that the key used to decrypt a particular bit stream is the same as the one used to encrypt it. Using any other key produces plaintext that appears as random as the ciphertext. Because the
DES algorithm is known publicly, the disclosure of a secret key can mean total compromise of encrypted messages. Managing this system of keys can be challenging.
Public key encryption is inherently different from secret key systems like DES. because it is asymmetric; there are two keys. One key (called the public key) is used to encrypt the message and a second, very different private key is
used to decrypt the message. Public key systems are based on one-way functions. Even though you originally know both the contents of your message and the public encryption key, once it is encrypted by the one-way function, the
message cannot be decrypted without the private key. One-way functions, which are relatively easy to calculate in one direction, are impossible to "uncalculate" in the reverse direction. Public key encryption is one of the most secure
encryption techniques available, excluding special encryption techniques developed by national security agencies.
Note: DES key length is 56 bits (168 bits for 3DES) while private key length for public key encryption is 512 or 1,024 bits.
30. Explain how authentication works.
Public key encryption permits authentication (or digital signatures). When one user sends a message to another, it is difficult to legally prove who actually sent the message. Legal proof is important in many communications, such as
bank transfers and buy/sell orders in currency and stock trading, which normally require legal signatures. Thus a digital signature or authentication sequence is used as a legal signature on many financial transactions. This signature is
usually the name of the signing party plus other key-contents such as unique information from the message (e.g., date, time, or dollar amount). This signature and the other key-contents are encrypted by the sender using the private
key. The receiver uses the sender’s public key to decrypt the signature block and compares the result to the name and other key contents in the rest of the message to ensure a match.
31. What is PKI and why is it important?
PKI stands for Public Key Infrastructure. PKI refers to the encryption infrastructure that has developed around the most popular form of asymmetric encryption (also called public key encryption) called RSA. RSA was invented at
MIT in 1977. The patent expired on the technology in 2000 and many new companies have now entered the market and public key software has dropped in price.
Public key encryption is different from symmetric single key systems. Because pubic key encryption is asymmetric, there are two keys. One key (called the public key) is used to encrypt the message and a second, very different
private key is used to decrypt the message. Public key encryption is one of the most secure encryption techniques available.
32. What is a certificate authority?
A certificate authority (CA) is a trusted organization that can vouch for the authenticity of the person or organization using authentication (e.g., VeriSign). A person wanting to use a CA registers with the CA and must provide some
proof of identify. There are several levels of certification, ranging from a simple confirmation from valid email address to a complete police-style background check with an in-person interview. The CA issues a digital certificate that
is the requestor's public key encrypted using the CA's private key as proof of identify. This certificate is then attached to the user's email or Web transactions in addition to the authentication information. The receiver then verifies the
certificate by decrypting it with the CA's public key -- and must also contact the CA to ensure that the user's certificate has not been revoked by the CA.
33. SSL?
Secure Sockets Layer (SSL) operates between the application layer software and the transport layer. SSL encrypts outbound packets coming out of the application layer before they reach the transport layer and decrypts
inbound packets coming out of the transport layer before they reach the application layer. With SSL, the client and the server start with a handshake for PKI authentication and for the server to provide its public key and
preferred encryption technique to the client (usually RC4, DES or 3DES). The client then generates a key for this encryption technique, which is sent to the server encrypted with the server's public key. The rest of the
communication then uses this encryption technique and key.
34. How does SSL differ from IPSec?
SSL differs from IPSec in that SSL is focused on Web applications, while IPSec can be used with a much wider variety of application layer protocols.
35. Compare and contrast IPSec tunnel mode and IPSec transfer mode.
 IPSec transport mode provides only encryption of the message payload, while tunnel mode additionally encrypts the final destination by encrypting the entire IP packet which is then included in a new added
packet that is address to an IPSec agent rather than to the true final destination.
 In transport mode leaves the IP packet header unchanged so it can be easily routed through the Internet. It adds an additional packet (either an Authentication Header (AH) or an Encapsulating Security Payload
(ESP)) at the start of the IP packet that provides encryption information for the receiver.
 In tunnel mode, the newly added IP packet conceals the final destination (which is encrypted since it just identifies the IPSec encryption agent as the destination, not the final destination. As with the transport
mode, encryption information is added in the form of an AH or ESP. When the IPSec packet arrives at the encryption agent, the encrypted packet is decrypted and sent on its way. In tunnel mode, attackers can
only learn the endpoints of the tunnel, not the ultimate source and destination of the packets
36. What are the three major ways of authenticating users? What are the pros and cons of each approach?
The three major ways to authenticate users is to base account access on something you know, something you have, or something you are.
37. What are the different types of one-time passwords and how do they work?
38. Explain how a biometric system can improve security. What are the problems with it?
39. Why is the management of user profiles an important aspect of a security policy?
Each user’s profile specifies what data and network resources he or she can access, and the type of access allowed (read only, write, create, delete).
40. How does network authentication work and why is it useful?
Instead of logging into a file server or application server, network authentication requires that users login to an authentication server. This server checks the user id and password against its database and if the user is an authorized
user, issues a certificate. Whenever the user attempts to access a restricted service or resource that requires a user id and password, the user is challenged and his or her software presents the certificate to the authentication server. If
the authentication server validates the certificate then the service or resource lets the user in. In this way, the user no longer needs to enter his or her password for each new service or resource he or she uses. This also ensures that
the user does not accidentally give out his or her password to an unauthorized service—it provides mutual authentication of both the user and the service or resource.
41. What is an intrusion prevention system?
Assuming that prevention efforts will not be sufficient to avoid all intrusions, intrusion prevention systems (IPSs) can be used to monitor networks, circuits, and particular applications and report detected intrusions.
42. Compare and contrast a network-based IPS, a host-based IPS, and an application-based IPS.
In each case the IPS reports intrusions to an IPS management console:
 The network-based IPS monitors key network circuits through IPS sensors that are placed on the key circuits to monitors all network packets on that circuit.
 The host-based IPS monitors a server and incoming circuits. It is installed on the server that it is monitoring.
 An application-based IPS is a specialized host-based IPS that monitors one application on its server such as a Web server.
43. How does IPS anomaly detection differ from misuse detection?
Anomaly detection compares monitored activities with a known "normal" set of activities for a stable network environment while misuse detection compares monitored activities with signatures of prior known attacks. Anomaly
detection looks for extreme changes in certain kinds of behavior while misuse detection guards against a repeat of prior intrusions.
44. What is computer forensics?
Computer forensics is the use of computer analysis techniques to gather evidence for criminal and/or civil trials and includes the following steps:
 Identify potential evidence.
 Preserve evidence by making backup copies and use those copies for all analysis.
 Analyze the evidence.
 Prepare a detailed legal report for use in prosecutions.
45. What is a honey pot?
A honey pot is a server that contains highly interesting fake information available only through illegal intrusion to “bait” or "entrap" the intruder and also possibly divert the hacker's attention from the real network
assets. The honey pot server has sophisticated tracking software to monitor access to this information that allows the organization and law enforcement officials to trace and document the intruder’s actions. If the
hacker is subsequently found to be in possession of information from the honey pot, that fact can be used in prosecution.
46. Although it is important to protect all servers, some servers are more important than others. What server(s) are the most important to protect and why?
To answer this question, return to the risk assessment process and ask which server loss will cause the greatest damage to the organization. Is the highest priority assigned to...?
 Loss of customer/client information
 Loss of online access
 Interruption of or loss of support for activity (manufacturing, health care, etc.)
 Invasion of privacy/loss of confidentiality
 Integrity of accounts
 Proprietary secrets
1. What is the basic structure of the Internet?
The Internet is hierarchical in structure. At the top are the very large national Internet service providers like AT&T, Sprint, etc. with regional and local internet service providers reporting up through this hierarchy.
2. What is an IXP?
9
Internet Exchange Points are connection points between Internet Service Providers.
3. What is a POP?
A POP is an acronym for “point of presence.” The POP is the place at which the ISP providers services to its customers.
4. What type of circuits are commonly used to build the Internet today? What type of circuits are commonly used to build Internet 2?
Today, the backbone circuits of the major U.S. national ISPs operate at SONET OC-192
(10 Gbps).
Internet 2 will consist of circuits at least at OC-192 levels, with OC-768 (80 Gbps) and possibly even OC-3072 (160 Gbps) available.
5. Compare and contrast cable modem and DSL.
Individuals connect to ISP’s mostly via DSL and cable modems today. The speeds vary between the two technologies and it depends on location and provider as to which is faster. One of the main differences between
the two is that DSL customers have a direct connection back to the end office with point-to-point technology, whereas cable modems use shared multipoint circuits.
6. Explain how DSL works.
DSL requires equipment that is installed at the end of the cable (within the house or office) which allows traditional telephone service (POTS) to take advantage of much higher data transmissions rates via the existing
cable in the local loop.
7. How does a DSL modem differ from a DSLAM?
A DSL modem produces Ethernet 10Base-T packets so it can be connected directly into a computer or router and hub so that it can serve the needs of a small network. The DSLAM de-multiplexes the data streams
and converts them into ATM data, which are then distributed to the ISPs.
8. Explain how ADSL works.
ADSL is the most common type of DSL used today. It uses frequency division multiplexing to create three separate channels over the one local loop circuit. One channel is the traditional voice telephone circuit, the
second channel is a relatively high-speed simplex data channel, and the third channel is a slightly slower duplex data channel.
9. Explain how a cable modem works.
The cable modem works very similar to DSL, with one very important difference, DSL is a point-to-point technology, whereas cable modems use shared multipoint circuits. Cable modems must compete with other
users for the available capacity. Circuits that have many clients are thus slower than circuits with fewer circuits.
10. What are the principal organizations responsible for Internet governance, and what do they do?
There is no one organization that operates the Internet. The closest thing the Internet has to an owner is the Internet Society (ISOC). This is an open membership professional society with more than 175
organizational and 8,000 individual members in over 100 countries. The ISOC mission is to ensure “the open development, evolution and use of the Internet for the benefit of all people.
11. How is the IETF related to the IRFT?
The ISOC comprises of four bodies that act together to govern, IETF and IRFT are two of the four.
12. What is the principal American organization working on the future of the Internet?
The Internet Engineering Task Force (IETF) and the Internet Architecture Board (IAB) are the two principal US organizations working on the future of the internet. IETF is a large, open international community of
network designers, operators, vendors, and researchers concerned with the evolution of the internet architecture and the smooth operation of the Internet. IAB provides strategic architectural oversight that can be
passed statements or simply passed directly to the relevant IETF working group.
1. What are common carriers, local exchange carriers, and interexchange carriers?
A common carrier is a private company that sells or leases communication services and facilities to the public. Who regulates common carriers and how is it done?
3. How does MPLS work?
It is sometimes called a layer 2.5 technology because it inserts four-byte header that contains its own information between the layer 2 frame and the layer 3 IP packet. With MPLS, the customer connects to the
common carrier’s network using any common layer 2 service (e.g., T carrier, SONET, ATM, frame relay, Ethernet). The carrier’s switch at the network entry point examines the incoming frame and converts the
incoming layer 2 or layer 3 address into an MPLS address label. This label and some other control information (e.g., quality of service (QoS)) form the MPLS header, which is inserted into the layer 2 frame for
transmission inside the carrier’s network.
4. Compare and contrast dedicated-circuit services, and packet-switched services.
With dedicated circuit networks, a circuit is established between the two communicating computers. This circuit provides a guaranteed data transmission capability that was available for use by only those two computers and is
assigned solely to that transmission. No other transmission is possible until the circuit is closed. In contrast, packet switched services enable multiple connections to exist simultaneously between computers over the same physical
circuit or even over different physical circuits.
With packet switched services, the user again buys a connection into the common carrier cloud). The user pays a fixed fee for the connection into the network (depending upon the type and capacity of the service) and is charged for
the number of packets transmitted.
6. What are the most commonly used T carrier services? What data rates do they provide?
T-Carrier Designation DS Designation Speed
DS-0 64 Kbps
T-1 DS-1 1.544 Mbps
T-2 DS-2 6.312 Mbps
T-3 DS-3 33.375 Mbps
T-3 DS-4 274.176 Mbps
7. Distinguish among T-1, T-2, T-3, and T-4 circuits.

A T-1 circuit (sometimes called a DS-1 circuit) provides a data rate of 1.544 Mbps. T-1 circuits can be used to transmit data, but often are used to transmit both data and voice. In this case, a time division multiplexer (TDM) provides
24 64 Kbps circuits. Digitized voice using pulse code modulation (PCM) requires a 64 Kbps circuit so a T-1 circuit enables 24 simultaneous voice channels.
8. How do packet-switching services differ from other wide area networks services?
Packet switched services are quite different from the other types of network services. For each of these three, dialed circuit services, dedicated circuit services, and circuit switched services, a physical circuit was established between
the two communicating computers. This circuit provided a guaranteed data transmission capability that was available for use by only those two computers.
In contrast, packet switched services enable multiple connections to exist simultaneously between computers. With packet switched services, the user again buys a connection into the common carrier network. The user pays a fixed
fee for the connection into the network and charged for the number of packets transmitted.
9. Compare and contrast MPLS, and Ethernet services.
MPLS is different in that it is designed to work with a variety of commonly used layer-2 protocols. The customer connects to the common carrier’s network using any common layer-2 service. MPLS offers a wide range of speeds
because it can run on a variety of physical circuits such as T-carrier and SONET.
10. How do VPN services differ from common carrier services?
A type of VAN, called a virtual private network (VPN) (or sometimes software defined network) has emerged. VPNs provide circuits that run over the Internet but appear to the user to be private networks. Internet access is inexpensive
compared to the cost of leasing dedicated circuits, circuit switched services, or packet switched services from a common carrier.
11. Explain how VPN services work.
VPNs stands for Virtual Private Network. VPN is a virtualized extension of a private network across a public network.
It means Virtual private network is a way to transmit private data over public network for example internet using a encryption like security mechanisms.
Virtual private network allows employees to access a intranet securely while they are at outside of the office.
Individual internet users secures their wireless transactions with a VPN. VPN is created by establish a virtual point to point connection through the use of connections. VPN can provide some benefits of a wide area network(WAN).
From a users a point of view ,the resources available within the private network ,it can be accessed remotely.
Traditional VPNs are basically characterized by point to point topology and they do not support or connect broadcast domains.
VPNs cannot make online connections,but they can increase security and privacy.
Examples
Secure socket layer (SSL) is a example of a VPN ,which is the remote user which connects using the web browser. Avoid to install specialized client software.
1. How does a layer-2 switch differ from a router?
Layer 2 switches operate by using the data link layer address or MAC address to forward packets between network segments. They connect the same or different types of cable. Layer-2 switches (or workgroup switches)
operate at the Data Link layer, and typically provide ports for a small set of 16 to 24 computers. Layer-2 switches enable all ports to be in use simultaneously by managing paired combinations of ports as separate point-to-point circuits.
Layer-2 switches "learn" addresses; a layer-2 switch builds a forwarding table after it is first turned on. To learn addresses, a layer-2 switch retransmits to all ports (except to the one from which it was received) only for a packet with
a destination address not already in the forwarding table. The resulting ACK from the destination computer (that recognized its address) is then used by the layer-2 switch to add the new port number and address to the forwarding
table.
Routers operate at the network layer. They connect two different TCP/IP subnets. Routers strip
off the data link layer packet, process the network layer packet, and forward only those messages that need to go to other networks on the basis of their network layer address. In general, they perform more processing
on each message than switches and therefore operate more slowly.
2. How does a layer-2 switch differ from a VLAN?
Layer 2 switches operate by using the data link layer address or MAC address to forward packets between network segments. They connect the same or different types of cable. Layer-2 switches (or workgroup switches)
operate at the Data Link layer, and typically provide ports for a small set of 16 to 24 computers. Layer-2 switches enable all ports to be in use simultaneously by managing paired combinations of ports as separate point-to-point circuits.
Layer-2 switches "learn" addresses; a layer-2 switch builds a forwarding table after it is first turned on. To learn addresses, a layer-2 switch retransmits to all ports (except to the one from which it was received) only for a packet with
a destination address not already in the forwarding table. The resulting ACK from the destination computer (that recognized its address) is then used by the layer-2 switch to add the new port number and address to the forwarding
table.
VLAN switches work a little differently. When a VLAN switch receives a frame that is destined for another computer in the same subnet on the same VLAN switch, the switch acts as a traditional layer-2 switch: it
forwards the frame unchanged to the correct computer. VLAN switches use Ethernets 802.1q’s tagging to move frames from one switch to another. When a VLAN switch receives an Ethernet frame that needs to go to
a computer on another VLAN switch, it changes the Ethernet frame by inserting the VLAN ID number and a priority code into the VLAN tag field.
3. How does a router differ from a VLAN?
VLAN switches can create multiple subnets, so they act like routers, except the subnets are inside the switch, not between switches. Therefore, broadcast messages sent by computers in one VLAN segment are sent only
to the computers on the same VLAN.
4. Under what circumstances would you use a switched backbone?
10
Switched backbones can be used in situations where the network administrators wants to spread the traffic around the network more efficiently. In addition, it also provides an architecture where network capacity is no longer tied to
the physical location of the computers, as computers in
5. Under what circumstances would you want to use a routed backbone?
Routed backbones are good for connecting different buildings on the same enterprise campus backbone network. The primary advantage of the routed backbone is that it clearly segments each part of the network
connected to the backbone. Each segment has its own subnet addresses that can be managed by a different network manager. Broadcast messages stay within each subnet and do not move to other parts of the network.
6. Under what circumstances would you use a VLAN backbone?
A VLAN backbone is useful when you want to put computers that are in different geographic locations in the same subnet. In addition, VLANs make it much simpler to manage the broadcast traffic and provide a better opportunity
to prioritize traffic on the network.
7. Explain how routed backbones work.
Routed backbones move packets along the backbone based on their network layer address (i.e., layer 3 address). The most common form of routed backbone uses a bus topology (e.g., using Ethernet 100Base-T). Routed backbones
can be used at the core or distribution layers.
At the core layer routed backbones are sometimes called subnetted backbones or hierarchical backbones and are most commonly used to connect different buildings within the same campus network.
At the distribution layer a routed backbone uses routers or layer 3 switches to connect a series of LANs (access layer) to a single shared media backbone network. Each of the LANs are a separate subnet. Message traffic stays
within each subnet unless it specifically needs to leave the subnet to travel elsewhere on the network, in which case the network layer address (e.g., TCP/IP) is used to move the packet.
8. Explain how switched backbones work.
Switched backbone networks use a star topology with one device, usually a switch, at its center. The traditional backbone circuit and set of routers or bridges is replaced by one switch and a set of circuits to each LAN. The
collapsed backbone has more cable, but fewer devices. There is no backbone cable. The “backbone” exists only in the switch, which is why this is called a collapsed backbone. The original collapsed backbone technology uses
layer-2 switches and suffers some disadvantage due to the load of data link layer overhead message traffic and limitations on network segmentation. As this weakness has been recognized, collapsed backbone technology is adapting
by evolving to the use of layer-3 switches to overcome these problems. The result is better performance and improved network management capabilities for switched backbone networks.
9. What is IEEE 802.1q?
IEEE 802.1q is an emerging standard that inserts 16-bytes of VLAN information into the normal IEEE 802.3 Ethernet packet. When a packet needs to go from one VLAN switch to another VLAN switch, the first switch replaces the
incoming Ethernet packet with an 802.1q packet that contains all the information in the original 802.3 Ethernet packet, plus 16-bytes of VLAN information. The additional VLAN information is used to move the packet from switch
to switch within the VLAN network. When the packet arrives at the final destination switch, the IEEE 802.1q packet is stripped off and replaced with a new Ethernet packet that is identical to the one with which it entered the VLAN.
10. Some experts are predicting that Ethernet will move into the WAN. What do you think?
The new Ethernet/IP packet networks have become dominant for high-traffic networks (2 Mbps to 1Gbps), even though SONET and ATM remain preferred for some requirements. Since WAN required a network with high network
capacity, I believe that Ethernet will move into the WAN into the near future.
11

Study Guide Test#1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Study Guide Test#1

Uploaded by

Copyright:

Available Formats

Chapter 2: Study Guide

1. What are the different types of application architectures?

6. Explain why most telephone company circuits are now digital.

4. Which protocol is used to resolve a given IP address to its Ethernet address?

5. The network layer is responsible for end-to-end delivery of the message.

6. Write down the broadcast address for the network:210.23.45.0

7. Write down the broadcast address for the network:169.67.0.0

10. An ARP request is _________ to all devices on the network.

11. An ARP reply is ___________ to the host requesting the address.

What are the keys to designing a successful data communications network?

Enable Wireless Router Radio

Fragmentation Length (256-2346):

CTS/RTS Threshold (1-2347):

Wireless Network (2.4GHz b/g/n)

Enable SSID Broadcast

WPA-PSK [TKIP] + WPA2-PSK [AES]

7. Distinguish among T-1, T-2, T-3, and T-4 circuits.

You might also like