Lesson 1: Creating Network Shares

Your task in this exercise is to designate shares in a peer-to-peer network configuration.

For this configuration, assume that the company to be networked is small, numbering 20 employees, only 10 of which have computers. These computers are running compatible operating systems. Employees include the managing director, three people in the Sales Department, two in the Accounting Department, two in the Product Design Department, and two in the Shipping Department. There are two laser printers available; one is connected directly to the managing director's computer, and the other is connected directly to the lead accountant's computer.

In this exercise you will:

• Designate which resources will be shared.
• Enable sharing on the appropriate computers.
• Share printers, disks, folders, and, if appropriate, files.

Configure all computers to share folders.

Configure the Managing Director's computer and the lead accountant's computer to share their printers with names MANAGE and ACCOUNT respectively.

Configure all computers except the Managing Director's to print to the ACCOUNT printer. The MANAGE printer will be used by the Managing Director, but will be available to others should the ACCOUNT printer fail.

Create one folder in each of the computers for exchanging files. Share each folder as PUBLIC.

Set sharing for the PUBLIC folder so that all users have full rights within the folder.

Users will be able to make files in their PUBLIC folders available to others, and will have the option of copying files to the other PUBLIC folders if that is more convenient.

Lesson 2: Establishing and Managing Network Accounts

For this exercise we will return to the same 20-employee company that was the subject of Exercise 9.1 in Lesson 1. Your job is to design user and group accounts for the 10-computer server-based network. To do this, you should determine what kinds of groups are appropriate to the company and its work. You will also need to establish a password policy and a personnel policy that takes into account what will happen when an employee departs from the company.

After you have established the account policies, create the appropriate user and group accounts and set whatever restrictions will be necessary for each of the groups. These should include the days and hours during which groups can log on to the network. Assign printing rights to the groups as needed and, finally, add the users to the appropriate groups.

Account policies—Create groups that correspond to the working methods of�the company. Set each user's account so that passwords must be changed every 30 days. Allow users to change their own passwords. If an employee leaves the company, all users should change their passwords, and the departed employee's account should be disabled or, better, deleted.

Accounts—Create an account for each user on the server. Create a group account on the server for the Managing Director, and one group each for the sales, accounting, design and shipping employees. Add the Managing Director to the DIRECTOR group. Add the three sales employees to the SALES group. Add the two accounting employees to the ACCOUNT group. Add the�two product designers to the DESIGN group. Add the two shipping department employees to the SHIPPING group.

Account restrictions—Restrictions must follow the working methods of the company. The Managing Director and the accountant may need access during the evening or very early morning, or weekends. Restrict their accounts accordingly. The other employees are likely to work regular hours. Their accounts can be restricted to whatever their workgroup agrees upon.

Printing—Configure all computers except the Managing Director's to print to the ACCOUNT printer. The MANAGE printer will be used by the Managing Director, but will be available to others should the ACCOUNT printer fail.

1. Two computers running the MS-DOS operating system can be connected and information can be shared. (Yes or No).

Yes

2. Connecting two computers with a communications cable is called _____________ - ____________ ____________________.

Direct-cable connection

3. Sharing on a peer-to-peer network takes place at the _____________ level.

folder

4. The first person to log on to a Windows NT network uses the ______________________ account.

administrator

5. The user account contains information that defines a user to the network's ___________________ system.

security

6. Most network account-management utilities offer an account _____________ feature with which an administrator can create a template user with certain characteristics and parameters that are common among multiple users.

copying

7. A Windows NT administrator can use a _____________ to configure and maintain a user's logon environment.

profile

8. Two key pieces of information that should be entered when creating a user account are account name and ___________________.

password

9. The ____________ account is for people who do not have a valid user account but need temporary access to the network.

Guest

10. An administrator can create a ______________ account in order to simplify administrative tasks when dealing with a large numbers of users.

group

11. A global group is used across an entire ________________.

domain

12. Groups are used to give users ______________ to perform system tasks such as backing up and restoring files.

rights

13. The network administrator assigns ____________________ to groups to access resources, such as files, directories, and printers.

permissions

14. After being deleted, a user can no longer use the network, because the network __________________ database will contain record or description of the user.

security

Lesson 1: Making Networks Secure

1. Describe two common ways by which unauthorized users can gain access to a�network; for each, describe how unauthorized access can be prevented.

Unauthorized users can gain access to most peer-to-peer networks by typing in a unique username and password at any of the networked computers. The best preventative measures include making the networked computers physically inaccessible by locking the area that contains them, or to enable BIOS security which allows the user to set a computer access name and password.

Unauthorized users can also access a server-based network by using someone else's name and password. The best way to prevent this is to have an enforced password policy in which passwords are not written down and are changed regularly.

2. Describe the differences between password-protected shares and access permissions.

Password-protected shares require that a password be assigned to each shared resource. Access to the shared resource is granted when a user enters the correct password. Access-permission security involves assigning certain rights on a user-by-user basis. A user types a password when logging on to the network. The server validates this user name and password combination and uses it to grant or deny access to shared resources.

3. Define data encryption and DES.

Data encryption is the scrambling of data to make it inaccessible to unauthorized persons. In a network environment, data can be encrypted before being sent onto the network. This makes the data unreadable, even by someone who taps the cable and attempts to read the data as it passes over the network. When the data arrives at the proper computer, the code for deciphering encrypted data decodes the bits, translating them into understandable information.

The Data Encryption Standard (DES) was developed by IBM and adopted as a specification for encryption by the government of the United States. DES describes how data should be encrypted and provides the specifications for the key to decryption. Both the sender and the receiver need to have access to the decryption key. Because the only way to get the�key from one location to another is to physically or electronically transmit it, DES is vulnerable to unauthorized interception.

4. Identify four common types of computer viruses and describe how they are transmitted; describe three ways to help protect computers in a network against viruses.

Four types of computer virus are called companion, macro, polymorphic and stealth. Each is a kind of file infector virus. They can be transmitted by any physical means such as CDs, floppy disks or a direct cable connection between computers, and by electronic means such as e-mail and internet downloads. Three means of protection against a computer virus are the installation of current anti-virus software, write-protection of disks, and disabling macro capabilities in vulnerable software.

Lesson 2: Maintaining a Healthy Network Environment

1. Describe the ways in which heat, humidity, dust, and smoke can each have an adverse effect on computer health. For each, describe preventive measures that can be taken to protect computers in such environments.

If the room temperature in which the equipment is located is too high, a computer's cooling fan and ventilation slots will be unable to maintain the correct operating temperature and components will begin to overheat and fail.

High humidity promotes corrosion. Corroded contacts on cable connections and expansion cards will cause intermittent failures. Corrosion can�also increase the resistance of electrical components, leading to a temperature increase that can be followed by component failure or fire.

Dust is electrostatically attracted to electronic equipment. It acts as an insulator that affects the cooling of components, causing them to overheat. Excessive dust on electronic equipment can cause electrical shorts and catastrophic equipment failure.

Smoke coats the surfaces of electronic components, acting as both insulator and conductor. Smoke residue also enhances the accumulation of dust.

Because electronic equipment is designed to operate within the same range of temperature and humidity that feels comfortable to human beings, the best preventative measure is to provide the computers with just such an environment.

2. Identify some of the human factors that can unintentionally alter a computer's operating environment. Describe the consequences to a computer of these factors, and suggest some preventive measures for each.

Because few employees have any awareness of the ventilation requirements for computer equipment, they impede the natural flow of air in and around the equipment. Once this happens, maintaining the proper temperature is impossible and failures begin. The spilling of liquid refreshment takes a toll on keyboards and computers. When it gets cold outside, space heaters are used in under-heated offices and are usually placed under the desk, often in close proximity to computers. This can present two problems: the computer becomes overheated, and the space heaters can overload power outlets, tripping circuit breakers or even causing fires. Humans can spill liquids such as coffee on computers, impede the flow of the computer's cooling air, and overheat computers with space heaters. The liquids can destroy the computer's internal circuitry and make keyboards unusable. Blocked air flow can cause a computer to overheat and burn out electronic components. The best preventative measure is to make computer users aware of the consequences of such behaviors.

3. Identify the principal hidden and industrial factors that can affect a�network's health. Include out-of-view network equipment in both an office, and a manufacturing environment. Discuss what precautions can be taken, or what changes might need to be made, for each of these hidden and industrial factors.

Hidden factors include network wiring that runs through an attic, within walls or is otherwise invisible can be damaged during repairs to other objects in those spaces. Insects and rodents can use network materials for construction purposes of their own.

Industrial factors include noise, electromagnetic interference (EMI), vibration, corrosive and explosive environments, and untrained and unskilled workers.

These factors can be addressed by installing the networking equipment in separate enclosures with outside ventilation by using fiber-optic cabling to reduce electrical interference and corrosion problems with the cable by making sure that all equipment is properly grounded and by providing proper training to all employees that need to use the equipment.

A small organization recently suffered security breaches in its peer-to-peer network. The intruder stole valuable business data. The organization's need for�security became apparent, and now a modest-sized, but more secure,
server-based network is in place.

The organization is located in a small California community that experiences frequent earthquakes and power outages. Your job is to plan how to avoid breaches of security and plan for disaster recovery at the same time. In this exercise, examine preventive measures the organization can take to avoid data loss due to human activities and natural disasters such as earthquakes.

List the categories of things that can put the organization's data at risk. Discuss the preventive measures and recovery plans appropriate for each kind of�data loss.

An organization's data can be put at risk by:

• component failure.
• computer viruses.
• data deletion and corruption.
• fire caused by arson or electrical mishaps.
• natural disasters, such as lightning, floods, tornadoes, and earthquakes.
• power-supply failure and power surges.
• theft and vandalism.

An organization can take the following preventive measures to avoid data loss due to human activities and natural disasters:

• Use of tape and optical storage backup systems to minimize the risk of losing data. By maintaining current backup copies of existing files, data can be recovered if harm comes to the original data.
• Installation of Uninterruptible Power Supply (UPS) will allow computers to keep servers or other devices running in the event of a power failure. The best UPS systems perform online. When the power source fails, the UPS batteries automatically take over. The process is invisible to users.
• Incorporation of fault-tolerant disk systems such as Redundant Array of�Independent Disks (RAID), Sector Sparing and disk clustering will protect data by duplicating data or by placing data in different physical sources, such as different partitions or different disks. Data redundancy allows access to data even if part of the data system fails.

Disaster-recovery success is only as good as the disaster prevention and preparedness measures taken beforehand.

The only protection from a data-loss disaster is to implement one or more of the methods described earlier to back up data. Store your backups in a secure place, such as a bank safe deposit box, away from the network site. To fully recover from any disaster you will need to:

• Make a disaster-recovery plan.
• Implement the plan.
• Test the plan.

1. The first consideration in keeping data safe is to ensure the security of the network __________________.

hardware

2. Another term for access permissions is __________ - _____________ _________________.

user-level security

3. Implementing password-protected shares involves assigning a password to each shared _________________.

resource

4. If a share is set up as ___________ - ___________, users can look at the documents or copy them to their machines, but they cannot change the original documents.

read-only

5. Access permission security involves assigning certain ______________ on a user-by-user basis.

rights

6. The most efficient way to assign permissions is through the use of ______________.

groups

7. Through auditing, selected types of events are recorded in the _________________ __________ of a server in order to track network activities by user accounts.

security logs

8. A data- __________________ utility scrambles data before it goes out onto the network.

encryption

9. The Commercial COMSEC Endorsement Program (CCEP) authorizes manufacturers to incorporate classified ________________ into the communication systems they sell.

algorithms

10. Diskless computers communicate with the server and log on through the use of a special ROM boot chip installed on the computer ________________ _________________ ___________.

network interface card

11. The two most important environmental conditions to monitor are _____________________ and __________________.

temperature, humidity

12. Proper ____________________ is required to prevent a computer from overheating.

ventilation

13. The potential for ESD increases as the humidity ______________.

drops

14. True or False: If network cables are installed in the walls and in the ceilings, they will be safe from all damage.

False

15. A ___________ atmosphere with high __________ will most certainly destroy any computer equipment in a matter of days or months.

corrosive, humidity

16. The first line of defense against loss of data is usually a ___________ ________________ system.

tape backup

17. It is important to have a regular ______________ for backing up data.

schedule

18. Maintaining a __________ of all backups is important for later file recovery.

log

19. When backing up across a network, network traffic can be reduced by placing the backup computer on an isolated _______________.

segment

20. Fault-tolerant systems protect data by duplicating data or placing data in different _______________ sources.

physical

21. RAID level 0, called ____________ _______________, divides data into 64K blocks and spreads it equally in a fixed rate and order among all disks in�an array.

disk striping

22. Level 0 disk striping does not offer data ___________________.

protection

23. Disk __________________ duplicates a partition and moves the duplication onto another physical disk so that there are always two copies of the data.

mirroring

24. Duplexing is intended to protect against disk ___________________ failures, as well as media failures.

controller

25. Writing complete blocks of data to each disk in the array is known as disk ________________.

striping

26. In Windows NT Server, the ___________ _____________________ program is used to configure Windows�NT Server fault tolerance.

Disk Administrator

27. In RAID level 10, data that is contained on a physical drive in one array is __________________ on a drive in the second array.

mirrored

28. "Clustering" is the term applied to a group of ___________________ systems working together as a single system.

independent

Lesson 1: Network Printing

In this exercise, a list of terms is given in the left column. For each term listed, fill in the definition in the space given in the column to the right.

Term	Definition
Redirection	The direction of a request for services from the local computer out onto the network.
Print spooler	Software that intercepts a print job and sends it to a print queue.
Print queue	A buffer in which the print job is held until the printer is ready to print it.
Print-sharing utility	A utility that helps the network administrator manage all the functions of a print server.
Share name	The network name of a shared resource.
Printer driver	Software that allows the printer to work with the print server.
Print Manager	A Windows NT print-sharing utility.

Lesson 2: Managing a Shared Printer

1. Identify and describe four tasks required for routine printer maintenance.

Printer maintenance includes supplying the printer with paper and toner, clearing the printer if there is a paper jam, and monitoring the printer's output to ensure that print jobs do not back up and overflow the printer's output bin. Other tasks are monitoring the printer's performance and notifying a technician if a serious problem develops, as well as routinely cleaning the printer in accordance with the manufacturer's instructions.

2. Describe how a network administrator can allocate a single printer's resources among several workstations.

The best means of allocating a single printer's resources is to share the printer on a network. Then give users network permission to use the shared printer.

3. Define PDLs and describe their function in printing.

PDLs are page-description languages that tell a printer how printed output should look. The printer uses the PDL to construct text and graphics to create the page image.

Lesson 3: Sharing Fax Modems

1. How does a fax server compare with a shared printer? What are the roles of�each?

A shared fax server does for fax communication what a shared printer does for printing: it makes fax capabilities available to all users on the network. A shared fax server allows anyone on the network to send a fax; a shared printer allows anyone on the network to access that printer's resources.

2. Define the function of a fax server.

A fax server gives users the ability to send a fax without having to leave their desks. Some fax servers allow an administrator to monitor incoming faxes and to route them to the intended recipients, while discarding others, such as advertisements.

3. Describe three enhancements that can be added to a fax server.

Some fax-enhancement software allows users to send faxes from word-processing packages, databases, spreadsheets, and e-mail. Some even provide diagnostic utilities, error reporting, and accounting features to make fax servers easy to administer.

1. When network users want to print data on a shared network printer, the data is�sent to a _____________ that feeds the data to the printer.

server

2. Each network print job must be ________________ away from a computer's local printer port and onto the network cable.

redirected

3. The memory buffer in the print server's RAM that holds the print job until the printer is ready is called a ______________.

spooler

4. In order for users to access a shared printer, they must have a way to ________________ the printer.

identify

5. The printer uses the _________ to construct text and graphics to create the page image.

PDL

6. Managing users who access printing over a computer network includes assigning _________________, as with any other shared network resource.

permissions

7. One task an administrator can accomplish from a remote location is to ______________ print jobs in the queue.

reorder

8. Most current network operating systems allow an administrator to manage a network printer with a ____________ - _______________ ______________.

print-sharing utility

9. A good fax server service allows an administrator to ________________ incoming faxes and to ____________ the appropriate one to the proper person.

monitor, route

10. Fax-server enhancements that allow users to send faxes from ______________, _________________, and ____________ are available.

databases, spreadsheets, e-mail

NEXT