Your task in this exercise is to designate shares in a peer-to-peer network configuration.
For this configuration, assume that the company to be networked is small, numbering 20 employees, only 10 of which have computers. These computers are running compatible operating systems. Employees include the managing director, three people in the Sales Department, two in the Accounting Department, two in the Product Design Department, and two in the Shipping Department. There are two laser printers available; one is connected directly to the managing director's computer, and the other is connected directly to the lead accountant's computer.
In this exercise you will:
Configure all computers to share folders.
Configure the Managing Director's computer and the lead accountant's computer to share their printers with names MANAGE and ACCOUNT respectively.
Configure all computers except the Managing Director's to print to the ACCOUNT printer. The MANAGE printer will be used by the Managing Director, but will be available to others should the ACCOUNT printer fail.
Create one folder in each of the computers for exchanging files. Share each folder as PUBLIC.
Set sharing for the PUBLIC folder so that all users have full rights within the folder.
Users will be able to make files in their PUBLIC folders available to others, and will have the option of copying files to the other PUBLIC folders if that is more convenient.
For this exercise we will return to the same 20-employee company that was the subject of Exercise 9.1 in Lesson 1. Your job is to design user and group accounts for the 10-computer server-based network. To do this, you should determine what kinds of groups are appropriate to the company and its work. You will also need to establish a password policy and a personnel policy that takes into account what will happen when an employee departs from the company.
After you have established the account policies, create the appropriate user and group accounts and set whatever restrictions will be necessary for each of the groups. These should include the days and hours during which groups can log on to the network. Assign printing rights to the groups as needed and, finally, add the users to the appropriate groups.
Account policies—Create groups that correspond to the working methods of�the company. Set each user's account so that passwords must be changed every 30 days. Allow users to change their own passwords. If an employee leaves the company, all users should change their passwords, and the departed employee's account should be disabled or, better, deleted.
Accounts—Create an account for each user on the server. Create a group account on the server for the Managing Director, and one group each for the sales, accounting, design and shipping employees. Add the Managing Director to the DIRECTOR group. Add the three sales employees to the SALES group. Add the two accounting employees to the ACCOUNT group. Add the�two product designers to the DESIGN group. Add the two shipping department employees to the SHIPPING group.
Account restrictions—Restrictions must follow the working methods of the company. The Managing Director and the accountant may need access during the evening or very early morning, or weekends. Restrict their accounts accordingly. The other employees are likely to work regular hours. Their accounts can be restricted to whatever their workgroup agrees upon.
Printing—Configure all computers except the Managing Director's to print to the ACCOUNT printer. The MANAGE printer will be used by the Managing Director, but will be available to others should the ACCOUNT printer fail.
Yes
Direct-cable connection
folder
administrator
security
copying
profile
password
Guest
group
domain
rights
permissions
security
Unauthorized users can gain access to most peer-to-peer networks by typing in a unique username and password at any of the networked computers. The best preventative measures include making the networked computers physically inaccessible by locking the area that contains them, or to enable BIOS security which allows the user to set a computer access name and password.
Unauthorized users can also access a server-based network by using someone else's name and password. The best way to prevent this is to have an enforced password policy in which passwords are not written down and are changed regularly.
Password-protected shares require that a password be assigned to each shared resource. Access to the shared resource is granted when a user enters the correct password. Access-permission security involves assigning certain rights on a user-by-user basis. A user types a password when logging on to the network. The server validates this user name and password combination and uses it to grant or deny access to shared resources.
Data encryption is the scrambling of data to make it inaccessible to unauthorized persons. In a network environment, data can be encrypted before being sent onto the network. This makes the data unreadable, even by someone who taps the cable and attempts to read the data as it passes over the network. When the data arrives at the proper computer, the code for deciphering encrypted data decodes the bits, translating them into understandable information.
The Data Encryption Standard (DES) was developed by IBM and adopted as a specification for encryption by the government of the United States. DES describes how data should be encrypted and provides the specifications for the key to decryption. Both the sender and the receiver need to have access to the decryption key. Because the only way to get the�key from one location to another is to physically or electronically transmit it, DES is vulnerable to unauthorized interception.
Four types of computer virus are called companion, macro, polymorphic and stealth. Each is a kind of file infector virus. They can be transmitted by any physical means such as CDs, floppy disks or a direct cable connection between computers, and by electronic means such as e-mail and internet downloads. Three means of protection against a computer virus are the installation of current anti-virus software, write-protection of disks, and disabling macro capabilities in vulnerable software.
If the room temperature in which the equipment is located is too high, a computer's cooling fan and ventilation slots will be unable to maintain the correct operating temperature and components will begin to overheat and fail.
High humidity promotes corrosion. Corroded contacts on cable connections and expansion cards will cause intermittent failures. Corrosion can�also increase the resistance of electrical components, leading to a temperature increase that can be followed by component failure or fire.
Dust is electrostatically attracted to electronic equipment. It acts as an insulator that affects the cooling of components, causing them to overheat. Excessive dust on electronic equipment can cause electrical shorts and catastrophic equipment failure.
Smoke coats the surfaces of electronic components, acting as both insulator and conductor. Smoke residue also enhances the accumulation of dust.
Because electronic equipment is designed to operate within the same range of temperature and humidity that feels comfortable to human beings, the best preventative measure is to provide the computers with just such an environment.
Because few employees have any awareness of the ventilation requirements for computer equipment, they impede the natural flow of air in and around the equipment. Once this happens, maintaining the proper temperature is impossible and failures begin. The spilling of liquid refreshment takes a toll on keyboards and computers. When it gets cold outside, space heaters are used in under-heated offices and are usually placed under the desk, often in close proximity to computers. This can present two problems: the computer becomes overheated, and the space heaters can overload power outlets, tripping circuit breakers or even causing fires. Humans can spill liquids such as coffee on computers, impede the flow of the computer's cooling air, and overheat computers with space heaters. The liquids can destroy the computer's internal circuitry and make keyboards unusable. Blocked air flow can cause a computer to overheat and burn out electronic components. The best preventative measure is to make computer users aware of the consequences of such behaviors.
Hidden factors include network wiring that runs through an attic, within walls or is otherwise invisible can be damaged during repairs to other objects in those spaces. Insects and rodents can use network materials for construction purposes of their own.
Industrial factors include noise, electromagnetic interference (EMI), vibration, corrosive and explosive environments, and untrained and unskilled workers.
These factors can be addressed by installing the networking equipment in separate enclosures with outside ventilation by using fiber-optic cabling to reduce electrical interference and corrosion problems with the cable by making sure that all equipment is properly grounded and by providing proper training to all employees that need to use the equipment.
A small organization recently suffered security breaches in its peer-to-peer
network. The intruder stole valuable business data. The organization's need for�security
became apparent, and now a modest-sized, but more secure,
server-based network is in place.
The organization is located in a small California community that experiences frequent earthquakes and power outages. Your job is to plan how to avoid breaches of security and plan for disaster recovery at the same time. In this exercise, examine preventive measures the organization can take to avoid data loss due to human activities and natural disasters such as earthquakes.
List the categories of things that can put the organization's data at risk. Discuss the preventive measures and recovery plans appropriate for each kind of�data loss.
An organization's data can be put at risk by:
An organization can take the following preventive measures to avoid data loss due to human activities and natural disasters:
Disaster-recovery success is only as good as the disaster prevention and preparedness measures taken beforehand.
The only protection from a data-loss disaster is to implement one or more of the methods described earlier to back up data. Store your backups in a secure place, such as a bank safe deposit box, away from the network site. To fully recover from any disaster you will need to:
hardware
user-level security
resource
read-only
rights
groups
security logs
encryption
algorithms
network interface card
temperature, humidity
ventilation
drops
False
corrosive, humidity
tape backup
schedule
log
segment
physical
disk striping
protection
mirroring
controller
striping
Disk Administrator
mirrored
independent
In this exercise, a list of terms is given in the left column. For each term listed, fill in the definition in the space given in the column to the right.
Term | Definition |
---|---|
Redirection | The direction of a request for services from the local computer out onto the network. |
Print spooler | Software that intercepts a print job and sends it to a print queue. |
Print queue | A buffer in which the print job is held until the printer is ready to print it. |
Print-sharing utility | A utility that helps the network administrator manage all the functions of a print server. |
Share name | The network name of a shared resource. |
Printer driver | Software that allows the printer to work with the print server. |
Print Manager | A Windows NT print-sharing utility. |
Printer maintenance includes supplying the printer with paper and toner, clearing the printer if there is a paper jam, and monitoring the printer's output to ensure that print jobs do not back up and overflow the printer's output bin. Other tasks are monitoring the printer's performance and notifying a technician if a serious problem develops, as well as routinely cleaning the printer in accordance with the manufacturer's instructions.
The best means of allocating a single printer's resources is to share the printer on a network. Then give users network permission to use the shared printer.
PDLs are page-description languages that tell a printer how printed output should look. The printer uses the PDL to construct text and graphics to create the page image.
A shared fax server does for fax communication what a shared printer does for printing: it makes fax capabilities available to all users on the network. A shared fax server allows anyone on the network to send a fax; a shared printer allows anyone on the network to access that printer's resources.
A fax server gives users the ability to send a fax without having to leave their desks. Some fax servers allow an administrator to monitor incoming faxes and to route them to the intended recipients, while discarding others, such as advertisements.
Some fax-enhancement software allows users to send faxes from word-processing packages, databases, spreadsheets, and e-mail. Some even provide diagnostic utilities, error reporting, and accounting features to make fax servers easy to administer.
server
redirected
spooler
identify
PDL
permissions
reorder
print-sharing utility
monitor, route
databases, spreadsheets, e-mail