Networking Part 2

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

SOHO Router Configuration (Secure the SOHO Network)

- Configure the firewall on the device. Enabling the basic firewall on the router provides an additional level of security for the private network. - Configure content filtering and parental controls. - Physically secure the router. Anyone with physical access to the router can make configuration changes and gain access to the network.

SOHO Router Configuration (Configure for a Network Environment)

- Enable and configure a DMZ (demilitarized zone) host. Configuring a DMZ on a SOHO router causes all incoming port traffic to be forwarded to the specified DMZ host. - Configure quality of service (QoS) settings. Most SOHO routers provide basic QoS functionality. When enabled, QoS prioritizes certain network communications over others. - Enable the Universal Plug and Play (UPnP) networking protocol. UPnP is a networking protocol that allows UPnP enabled devices to easily discover each other on the network and share data and media content.

Z-Wave

- It is a simpler and less expensive alternative to Zigbee. - Z-Wave operates on the 800-900 MHz radio frequency range, so it doesn't suffer any major interference issues like Zigbee does. - Z-Wave devices all link up together to form a mesh network.

Devices Using NFC (Three Modes)

- Reader/writer mode is used to read information stored on an NFC chip. - Peer-to-Peer mode enables two devices to communicate and exchange information. - Card Emulation mode emulates the functionality of a smart card in order to perform contactless payment or ticketing (this mode is typically used by smart phones).

IoT Devices (Speaker/Digital Assistant)

- Smart speakers use voice recognition software. - The voice recognition service uses algorithms to familiarize itself with your way of speaking and choice of words. - Machines' ability to recognize speech is a complex process, especially when considering the huge variety of different speech patterns.

Zigbee

- Zigbee is a standards-based wireless technology that enables wireless machine-to-machine (M2M) and IoT networks. It is designed for low-data rate, low-power applications, and is an open standard. - Zigbee is a specification based on IEEE 802.15.4 and the WPANs operate on 2.4 GHz, 900 MHz and 868 MHz frequencies.

Troubleshooting (Latency)

-Wireless communication operates in half-duplex (shared, two-way communication). Devices can both send and receive, but not at the same time. -An unstable wireless network signal can increase the processing that is performed on the signal by both the hardware and software.

Infrastructure

-employs an access point that functions like a hub on an Ethernet network. - can easily ass hosts without increasing administrative efforts - the access point can be easily connected to a wired network, allowing clients to access both wired and wireless hosts.

Ad Hoc

-works in peer-to-peer mode. -difficult to maintain for a large number of hosts because connections must be created between a host and every other host, and special configurations are required to reach wired networks

Bluetooth Version

1.2: 1 Mbps 2.0: 3 Mbps 3.0, 4.0: 24 Mbps

IoT Devices (Door Lock)

A smart lock is an electromechanical lock that can be locked and unlocked using a smart phone. It uses a wireless protocol and a cryptographic key to execute the authorization process.

IoT Devices (Switch)

A smart switch is a device that allows you to control hardwired lights, ceiling fans, certain fireplaces, small appliances, and even the garbage disposal with an app on your phone or with your voice using a virtual assistant.

Access Point Configuration (Configure Encryption and Authentication)

Add authentication to allow only authorized devices to connect. Use encryption to protect wireless communications from eavesdropping. · Always use WPA2 when possible. If WPA2 isn't available, use WPA. · Use pre-shared key (PSK) authentication with either AES (more secure) · Configure the shared secret (passphrase) value used with WPA2 or WPA.

SOHO Router Configuration (Configure the Router)

Before setting up the network, some basic settings on the router need to be configured. Most important is to change the default administrator username and password

SOHO Router Configuration (Configure the Internet Connection)

Begin by connecting the router to the internet connection using the device's WAN port. · For a DSL or ISDN router, connect the device directly to the DSL/ISDN line. · For a cable, fiber optic, or satellite connection, connect the router to the Ethernet port on the modem or connection device.

Access Point Configuration (Enable MAC Address Filtering)

By specifying which MAC addresses are allowed to connect to your network, you can prevent unauthorized devices from connecting to the access point. · All MAC addresses are allowed to connect to the network, except for those specified in the deny list. · All MAC addresses are denied access, except for those specified in the allow list.

Bluetooth Distance

Class 1: 100 m Class 2: 10 m Class 3: 1 m

Access Point Configuration (Disable DHCP for Wireless Clients)

Disabling DHCP on the wireless access points allows only users with a valid, static IP address in the range to connect.

Troubleshooting (Antenna Orientation)

For radio frequency wireless devices, the antenna orientation might have a small effect on signal strength. · Directional antenna - Creates a narrow, focused signal in a particular direction, which increases the signal strength and transmission distance - Provides a stronger point-to-point connection; is better equipped to handle obstacles · Omnidirectional antenna - Disperses the RF wave in an equal 360-degree pattern - Provides access to many clients in a radius

802.11 b

Frequency: 2.4 GHz Maximum Speed: 11 Mbps Maximum Distance: 150 ft.

802.11g

Frequency: 2.4 GHz Maximum Speed: 54 Mbps Maximum Distance: 150 ft.

802.11n

Frequency: 2.4 GHz or 5 GHz Maximum Speed: 600 Mbps Maximum Distance: 300 ft.

802.11ac

Frequency: 5 GHz Maximum Speed: 1.3 Gbps Maximum Distance: 150 ft.

802.11a

Frequency: 5 GHz Maximum Speed: 54 Mbps Maximum Distance: 100 ft.

Access Point Configuration (Configure the Wireless Protocol)

If your access point supports multiple wireless protocols, select the protocols to support, such as 802.11n only or mixed mode (both 802.11n and 802.11g).

Troubleshooting (Obstructions)

In situations where there is no clear line-of-sight between transmitter and receiver due to obstructions (e.g., concrete or metal studs), the wireless signal is reflected along multiple paths before finally being received. This can cause phase shifts, time delays, and attenuation. There are two common antenna diversity implementations: · Spatial diversity uses multiple antennas that are physically separated from one another. · Pattern diversity uses two or more co-located antennas with different radiation patterns.

Troubleshooting (Airplane Mode)

Instead of a physical switch, some portable devices have a software-controlled switch called Airplane Mode. When in Airplane Mode, all wireless functionality is disabled.

Troubleshooting (Atmospheric and EMI Conditions)

Interference from weather or EMI can degrade the signal and cause service interruptions.

Access Point Configuration (Change the Default SSID)

Many manufacturers use a default SSID that contains identifying information (such as device manufacturer and model number - it is also possible to disable the SSID broadcast. This is known as SSID suppression or cloaking. With broadcasting disabled, the SSID needs to be manually entered into devices for them to connect to the network (the SSID will not show up in the list of available networks).

SOHO Router Configuration (Enable NAT)

Network address translation (NAT) is a protocol that allows multiple computers to share a single public IP address used on the internet · The internet is classified as a public network. All devices on the public network must have a registered IP address. This address is assigned by the ISP. · The SOHO network is classified as a private network. All devices on the private network use private IP addresses internally, but share the public IP address when accessing the internet. · A NAT router associates a port number with each private IP address. Communications with the private hosts from the internet are sent to the public IP address and the associated port number. Port assignments are made automatically by the NAT router.

IoT Devices (Bulb)

Smart bulbs normally work with conventional lighting fixtures and bulb holders. There are even some higher-end bulbs that change colors, track motion, stream audio over Bluetooth, or double as connected cameras.

IoT Devices (Plug)

Smart plugs automate anything with a plug on it. You can remotely turn on and off anything that's plugged into them using an app. They are an easy solution to making small appliances such as lamps, coffee makers, and toasters smart.

IoT Devices (Thermostat)

Smart thermostats learn from your habits and schedule, give you the freedom to control the climate in your home remotely, show you energy consumption in real-time, and can even adjust themselves depending on ambient conditions like humidity.

Troubleshooting (Wireless On/Off Switch)

Some portable devices have a physical wireless switch on the outside of the device. The wireless switch turns the device's integrated wireless network adapter on and off.

Home Network

The Home network location is designed for use on networks where you know and trust each device on the network. · Network discovery is enabled. This means other computers and devices on the network are able to see and connect to each other. · Connected devices are able to join the network homegroup. · The Windows firewall configuration is changed to allow certain types of network communication through.

Public Network

The Public network location is designed for use on unknown or public networks (e.g., a coffee shop or other public Wi-Fi network). · Network discovery is disabled. This means other computers on the network cannot see you and you cannot see them. · Network sharing, such as printers and scanners, is disabled. · The Windows firewall configuration is changed to block almost all inbound and most outbound communications.

Access Point Configuration (Configure Wi-Fi Protected Setup (WPS))

The WPS security protocol makes it easier for WPS-enabled devices (e.g., a wireless printer) to connect to the wireless network.

Work Network

The Work network location is designed to be used in a SOHO environment or other small business network. · Network discovery is enabled; however, the computer is unable to create or join a homegroup. · The Windows firewall configuration is changed to allow certain types of network communication.

Access Point Configuration (Configure the Channel)

The channel identifies the portion of the wireless frequency used by the access point and connected devices. - You should use a channel that does not overlap or conflict with other access points in the area

Access Point Configuration (Determine Best Access Point Placement)

The location of the access point can affect signal strength and network access. · Place access points in central locations. Radio waves are broadcast in each direction, so the access point should be located in the middle of the area that needs network access. · Do not place the access point next to sources of interference, such as other wireless transmitting devices (cordless phones or microwaves) or other sources of interference (motors or generators).

Troubleshooting (Incorrect Configuration)

The most common source of problems with wireless networking is incorrect configuration. Before considering other problems, verify that the correct SSID and WEP/WPA keys have been configured. - Remember that WEP/WPA keys are not case sensitive, but passphrases are case sensitive.

IoT Devices (Security Camera)

Wireless cameras transmit video through a RF transmitter. The video is sent to a receiver that connects to the viewing and recording device. That device gives easy access to all video footage recorded through the cameras. Modern wireless camera technology tends to implement such features as motion detection, scheduled recording, remote viewing, and automatic cloud storage.

Troubleshooting (Range)

Wireless standards have a limited range. Moving a notebook outside the effective range will weaken the signal and likely cause intermittent reception.

Troubleshooting (Channel Interference)

You might experience problems with your wireless network when other devices are trying to use the same or adjacent channels. There are also numerous devices that operate in the 2.4 GHz and 5 GHz ranges, which can create background noise and additional interference. - To avoid interference, try changing the channel used on the AP.

piconet

can have up to 7 devices, and each device can participate in multiple piconets at the same time

Authentication Methods (Shared Key)

clients and APs are configured with a shared key (called a secret or a passphrase). Only devices with the correct shared key can connect to the wireless network.

Channel Bonding

combines two, non-overlapping 20 MHz Channels into a single 40 MHz channel, resulting in slightly more than double the bandwidth

Near Field Communication (NFC)

enables communication between two devices that are in very close proximity with each other. · NFC operates in the 13.56 MHz frequency and has a maximum transmission speed of 424 Kbps. · Special chips called NFC chips are used to send, receive, and store data. · devices must be within 2 inches of each other. · NFC has seen widespread use in the following areas: - Contactless payment (e.g., using a smart phone as a payment method) - Identification (e.g., passports that contain an NFC chip) - Video gaming

Internet of Things (IoT)

evolved from machine-to-machine (M2M) communication. It is a sensor network of several smart devices that connect people, systems, and other applications to collect and share data.

Multiple-Input, Multiple-Output (MIMO)

increases bandwidth by using multiple antennas for both the transmitter and receiver.

Wi-Fi Protected Access 3 (WPA3)

is a new authentication launched in 2018. It is a more resilient version of WPA2. WPA3: · Uses password-based authentication · Provides better protection against password guessing attempts by using Simultaneous Authentication of Equals (SAE) · Offers 192-bit cryptographic strength, giving additional protection for networks dealing with sensitive data

Wired Equivalent Privacy (WEP)

is an optional component of the 802.11 specifications that were deployed in 1997. Following are weakness: - static pre-shared key (PSK) is configured on the AP and the client. It cannot be dynamically changed or exchanged without administration. As a result, every host on large networks

STA (Station)

is any device that is able to use the 802.11 protocol to communicate on a wireless network. Devices on a wireless network include: - A wireless NIC for sending and receiving signals. - A wireless access point (AP) is a lot like a hub. A wireless bridge connects two wireless APs into a single network or connects your wireless AP to a wired network.

Wi-Fi Protected Access (WPA)

is the implementation name for wireless security based on initial 802.11i drafts that was deployed in 2003 · Uses Temporal Key Integrity Protocol (TKIP) for encryption · Supports both pre-shared key (WPA-PSK or WPA Personal) and 802.1x (WPA Enterprise) authentication

Wi-Fi Protected Access 2 (WPA2) or 802.11i

is the implementation name for wireless security that adheres to the 802.11i specifications · Uses Advanced Encryption Standard (AES) as the encryption method · Supports both pre-shared key (WPA2-PSK or WPA2 Personal) and 802.1x (WPA2 Enterprise) authentication Can use dynamic keys or pre-shared keys

Service Set Identifier (SSID)

network name, groups devices together into the same logical network

Authentication Methods (Open)

requires that clients provide a MAC address in order to connect to the wireless network. - allow any wireless client to connect to the AP - Used on public networks - can implement MAC address filtering to restrict access to the AP to only known (or allowed) MAC addresses.

Infrared (IR)

uses invisible light waves for communication. Infrared: · Is a line-of-sight medium. Objects cannot be in the path of communications. · Communicates at 9600 bps up to 4 Mbps and uses the resources of a COM port. · Works best for devices within 1 meter, but can operate up to 30 meters in areas without ambient light interference. · Offers no security for transmissions.

Bluetooth

uses radio waves in the 2.4 GHz frequency range for communication. · Bluetooth uses ad hoc connections between devices to create personal area networks called piconets. · adaptive frequency hopping (AFH), Bluetooth is able to automatically detect other devices in the area and avoid the frequencies used by those devices

Authentication Methods (802.1x)

uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients. Originally designed for Ethernet networks, the 802.1x standards have been adapted for use in wireless networks to provide secure authentication. - Requires following: - A RADIUS or TACACS+ server to centralize user account and authentication information - A PKI for issuing certificates

SOHO Router Configuration (Create a Whitelist and Blacklist)

· Whitelisting means that only the devices on the list are allowed access. Basically, everyone is blocked access except for the devices on the whitelist. Blacklisting means all devices are allowed access except for the ones on the blacklist. It's just the opposite of Whitelisting.

Troubleshooting (AP Placement)

· With omnidirectional antennas, radio waves are broadcast in each direction, so the AP should be located in the middle of the area that needs network access. · Devices often get better reception from APs that are above or below. · In general, placing APs higher up prevents interference problems caused by going through building foundations. · For security reasons, APs should not be placed near outside walls. The signal will emanate beyond the walls. Placing the AP in the center of the building decreases the range of the signals available outside of the building.


Ensembles d'études connexes

Trauma Systems and Mechanism of Injury

View Set

Astronomy Ch. 6 - The Solar System

View Set

COMPARTV CRIM JUST - Exam 1 - Ch 1, 2, 3

View Set

US History | The American Yawp | Chapter 10 Study Quiz

View Set

CH 3 & 4 - VISION & OTHER SENSES

View Set

Chapter 16: Monopolistic Competition

View Set