Chapter 6

[Home]

1. What are the two main performance characteristics one looks for in server technology?
What are the main types of servers,and how do they differ from one another?

- Scalability 띌� server ♨ℓ卍個뇬할좽怒櫓뗘㎕豫鉅丞� scalable technology ㅨ너怒櫓뜬레롱� server hardware 롱窪郞쬔巍닻닻픈 computer롱窪螺밈담强烏험賂듣죵す都石覽퐈箕芽鏞턺㎤納롱筽卍롭⌒축ㅕ羸攷쮸擄脩춘≥� 笑�data files 煽覽봤于쭐톱푄卍←杆죠철롱鼇克촬⌒창于줄톈鉅⊥� user 죠、瀧믹蘿芽冗箕롱
- Reliability 幄完脘ⓓ先濚 server 塏勒 webserver ⓓ들系롭㎾밥닻돼姑幄窪蘿櫓線覽開쭘는롭㎾뭇터� 24 ち.

Server 梳鰲芽� 4 뼙及윷 ㅧ�
1. HIGH-END INTEL-BASED PERSONAL COMPUTER 先濚 PC 梳보쳉졍� ブ鰲죵ㅗ怒煽聆죠□씹祿丞� intel microprocessors, RAM ▷年試�, disk drive 롱窪螺밈담强� 煽壘쥡杆죠철롱鼇汲ら西쵠琓㎦밋뉩旅⊥� Window 3.1,95,98 宣촤�©橘駱묏卍ⓓ들系둣뉘駱� server operating system (SOS) 롱琓棨梳봐路沓총벙櫓丞� server 불ℓ총蓼煽腦촹징 server operating system 험� network operating system 쳬조連 Window NT Server, Novell Netware, IntranetWare 笑� UNIX 璿稿履酪뭇脘㎪ 롱瓮彖拈복 intel processor
2.INTEL-BASED SUPERSERVERS 西쵠琓� Intel-based superserver 밂埇ブ鰲죵ㅗ怒杆죠철尸⌒청촛좡탉탱椧′脘西쵠琓� superserver
3.RISC SUPERSERVER 先濚 workstation server 롱嵬ら RISC microprocessor 롱窪邏할좽怒櫓뜰묀櫓롭㎾뭍戾稈㎕험� intel processor 롱椀椧롱椀娩
4.MAINFRAME SERVERS ㅗ怒煽聆稈㎁娩 IBM 煽覽� mainframe 롱窪螺밈담强瓮戾磵늡脘 "enterprise servers"

2.Distinguish between symmetric multiprocessing,server clustering,load balancing,and geographical decentralization. Which of these improves scalability? Which of these improves reliability?

쪂orkstation superserver 죠≠擄
- Server Clustering ⌒쳉프∴陌접系 server Server Clustering ブ鰲尸 server 愾擄� 둘푭鈞丹櫓뛰� link 舒友닻픈⊥� 죵 2 繕뒈셔尸⌒첨� server 試� scalability 尸⌒춤ら server cluster 밂埇죵ㅗ怒杆죠철尸⌒청촛좡탉탱椧′脘 server 西쵠琓㏅닙쪄 繕뒈셔롱� 2 ㅧ� ㅗ怒배腦ぷ琓뚬�(reliability) 띌� server 둘핌밍鰲尸 cluster 胥都線覽←ⓓ幄擁蔑☞뇽欺改汲묀櫓봤棹櫓�皐芼
- Load Balancing server clustering 試禹∇뉵촛讐す� ㅧ� プ于 server 죠愾擄� 西쵠琓�(塏勒 cluster) 笑筠琓西쵠琓㏅愾脘밌辱茸� load balancing router
- Geographical Decentralization 鼓》廊롱鼇鈞戴鉅⌒첨彖拈尸 server 宣逗접瀧묀鹽勒 geographical decentralization 휠뮤議텀㎖系 server 巢訛� 西쵠琓㎯� server 롤完邃　鹽勒 replicated server둘핌턺〃納롤蓼個늦怒櫓뜰ら芽蟯納 remote server 巢訛謹箕 ⌒춘븃� geographical 幄窪襤撚챨拈 TCP/IP

3.Distinguish between servers aimed primarily at end users and servers aimed at network administrators.

�밂¨拈롱瓮沓백念戾丞窯于줄텬≡臥퐈紀釋ㅲ밟태儷묀櫓돼年, ⌒축㎐�, ⌒체텃�, ⌒창擄塏勒薑友롱琓逗방♨㎈촬�� file server, client/server application server 笑� server 斛癰�
- ⓖ므묄系 server 롱歪촤들系⌒춤� network administratior 煽覽′脘 administrative server 旋羸� network 죵⌒축둣뷜돈戾パ벴于묄旅� network administrator ⓓ∴擄先濚 administrative server administrator server ⓓ丞� network technology よ픈聖藕� administrator 닻픈釋ㅲ밟태螺系 network 롱獄紀ラ攷쫠鰲↗埇

4.How do directory servers help users? How do directory servers help administrators? What do X.500 and LDAP standardize? How are X.500 and LDAP different?

�
- よ픈 administrator ㅗ벡蠻 end user 尸⌒축�秊連련耭쫘≥
- X.500 先濚뮐撚챨拈ⓕ� OSI 先濚曲빨처痍戾丞熔納笑僅拉衲賂쑨
- LADP 芽傭蔑앗껸弩擄匙溶撚챨拈♨� X.500 ㅧ� lightweigth directory access protocol(LDAP) 尸⌒축앝窪뼙芹韜먹잃얇鉅繕및棨험� X.500, LDAP ⓓ총볶� TCP/IP 尸뿌Ŀ曼箕 LDAP 芽禹�怒納텀쭌사뭍戾쵬蟯朞ブ鰲뛰Å췌廊죠돤겊밟는 IETP
- ㅗ怒巢〉脘� X.500 先濚죠돤겊뭍酪헉삠묄駱밞찼柬塏紀 directory access protocol 褐퓜 LADP 丞芋묀櫓됴봤紀⌒쳉紀쵬繞할졔于㎕櫓柬塏紀 directory access protocol 睾脘㎶及鼓쨈

5.In network management, what should the network administrator be able to do from the network management console? Distinguish between network management programs, managed devices, network management agents, and MIBs. How do RMON probes differ from other managed devices?

쩸etwork 笑謹밑�둣試� network administrator 蔬뇻搜챌殼友㎖系曲빨처痍戾沈터棨餓
- 尸⌒첨彖拈旋羸琨찼永怒롱窪攬琦開胥戾쪄⊥벙櫓芽瑢紀�皐芼ⓕ￥滿≥녹복 network 죙묠及←벚于줄텬愾脘밌藕헙尸⌒챔磯⌒챨拈�皐芼煽覽′脘 management information base (MIB) ブ鰲搜챌殼友㎞拈�皐芼攷幕撚痘鉅 network management program 롭⌒쳬斗ㅓ祿件쵬삔볶尸�皐芼曲빨처痍戾ㅗ벡蠻穗� network management system 尸 network network management agent ⓓ롭⌒천都듣菰羸菰櫓닻픈 network management program 복⌒초밂뵘밑묄系⌒챔磯⌒촐滿≥녹
- RMON probe ブ鰲롭⌒쳉퓟쳬접于줄텬≡臥퐈紀褐퓜♨쬷etwork 笑勤프뚬㎕櫓石瀆롬㎖系�皐芼尸롬㎁뚤둣 ⓕ□픕露밍鰲餓鼓□픕露밍鰲 network management program 芽冗丹櫓쳬봤프�皐芼繕톰拈旅죠ⓕ� RMON probe 쫓㎁怒櫓떱戾ⓓ褐㎭샹 network 先濚揀�女�皐芼煽覽′脘 traps 띌腦∇닮綱立櫓녹錮뭇촤�

6.What are the two major standards for network management? What are comprehensive network management programs, and why do we need them?

1.SNMP (Simple Network Management Protocol) was created by the IETF as past of the overall TCP/IP standarda. The most popular network management protocol. The newest vertion, SNMP v3, add a number of security enhancements.
2.CMIP/CMIS (Common Management Information Prpotocol/Common Management Information Services) OSI has its own network management protocol. Even the abbreviation is complex, reflecting the complexity of CMIP/CMIS. These OSI protocol also possess a high degree of sophistication. In the future if SNMP does not deliver the functionality that network administrators need in a timely manner.
- Comprehensive network management programs that can collect data using multiple network protocols and integrate this information

7.What are the three layers of functionality for network management? Briefly characterize each layer.

- 3 Layer 尸 network management
1.Transmission management :뼙鬼故닻픈 hubs, switches, routers, modems, and carrier transmission lines.
2.Systems management : moves us up to the management of individual servers and client PCs.
3.Application management : is concerned with the management of distribute application, such as database application. 뼙鬼故닻픈 application access control and the collection of application use statistics across servers.

8.Characterize the following: authentication, encryption, privacy, confidentiality, message integrity, denial-of-service attack, intrusion detection, and security selfanalysis. Why is intrusion detection, which is often ignored, critical for security?

쩰orms of authentication.
- Encryption : If someone does intercept messages, you would like to prevent that person from benefiting from this action.
- Privacy : is transform your messages into a form that will be unreadable by anyone intercepting the message. That person will see only an unreadable sequence of oncs and zeros.
- Confidentiality : Encryption gives privacy
- Message Integrity : controls ensure that if a message is altered, the receiving party will be able to detect the alteration.
- Denial-Of-Service Attack : to deluge a server with hundrens of thousands of computer-generated message. The sistem will be so overloaded that it will not be able to server its normal users. Other attacks use fewer message,each of which requires the system to take a long period of time to handle.
- Intrusion Detection : If a network lacks the ability to delect intruders, attackers will be able to take their time, trying many different thing until something works.
- Security self-analysis : essentially attack the system themselves, in order to detect security holes before hackers can find them.

9.Why is understanding the business the first step in developing a security policy? What are policy servers, and why are they important?

쩺olicies, one size does not fit all.
- Other security devices check with the policy server to implement their security protocols For instance, to prevent a hacker from finding a weak server to attack, every server might check with the policy server when it implements its access protocols.

10.Characterize the following: plaintext, ciphertext, encryption methodology, and encryption key. Why is it important for keys to be as large as possible?

�
- Ciphertext : Encryption converts this plaintext into ciphertext, which an interceptor will not be able to read. The receiver converts the ciphertext back to the original plaintext.
- Encryption Methodology : is to subtract N positions in the alphaber for each letter. So if we subtract two positions, we would encrypt the letter C by changing it to A.
- Encryption key : the key length is made quite long. A key of 56 bits provides minimal commercial security, whereas a key of 128 bits provides good security.
- Because there are only four possible keys, 00, 01, 10, and 11.

11.Distinguish between single key and public key encryption. Which reduces problems of key distribution?

�
- Public Key Encryption : each person has a public key. Instead of keeping. It secret, everyone makes his or her public key available to everyone
- This reduces the problem of key distribution. Athought private keys must still be distributed securely, there is only one secure key delivery per user, rather than two far each of a user's business partners.

12.In public key encryption, when A sends to B, what key does A use? When A authenticates himself or herself to B, what key does A use? If A and B send messages to each other, what keys do A and B use? If A encrypts a message to B, can A read it afterward?

�
- Sender's Public Key
- Although anyone can encrypt a message with a receiver's public key,the public key cannot decrypt the message afterward.

13.How are public key encryption and single key encryption usually combined? Why are they combined?

쩯ncryption. The key creator sends this single key encrypted with the other party's public key. The receiver decrypts the single key using the receiver's private key and the rest of the session uses single key encryption.

14.In public key authentication, how do you prove you are who you say you are? What are the steps in creating a message containing a digital signature? How does a digital signature differ from a digital certificate?

�
- Digital signature that the next step is to encrypt the message digest with the sender's private key.
- That a company attaches the digital certificate to every message it sends. The receiver, seeing the digital certificate authority has checked the company'identity and has assigned it a digital certificate. If the receiver is suspicious,it can verify the company's identity and other characteristics by checking with the certificate authority.

15.What is the function of a firewall? Distinguish between IP firewalls and application firewalls. What happens between the time that you send an HTTP request message and the time that you get the HTTP response message when you have an IP firewall? When you have an application layer firewall?

�
- IP firewalls provide some protection, a skilled hacker can easily defeat them.
- Application firewalls are also called proxy firewalls. To be a proxy means to act in place of someone else.

16.What are the levels of depth in filtering? What are the purposes of filtering? Explain what an integrated transmission network of the future is likely to look like.

�
- Purposes of Filtering 뼙鬼故닻픈 4 す都
1.Effective, Efficient, and Reliable Delivery
2.Access Control
3.Quality of Service (QoS)
4.Translation
- Although companies want to have the "best of breed" in each type of device, such as firewalls and routers, an integrated transmission network would be far easier to manage.

�


	[Home] [Info] [Homework] [Contect쟊ink] [Internet잺afe] [Project]

Hosted by www.Geocities.ws