|
| |
INTERNET BASICS
1.1 Describe a URL, its functions and
components, different types of URLs, and the use of the appropriate type of URL
to access a given type of server. Content may include the following:
·Address Every host
must have a unique IP address. This address is a 32-bit binary number written in
decimal format as four octets (for example: 1.2.3.4). Because they are just
decimal representations of binary numbers, each octet must have a value between
0 and 255. The first octet identifies the class of network, with the following
being valid entries:
|
1 126 |
Class A |
|
128 191 |
Class B |
|
192 223 |
Class C |
|
224 239 |
Class D (multicast) |
Addresses cannot consist of all
zeros, or all ones, and the entire 127 domain is reserved because 127.0.0.1 is
set aside as the loopback address.
·Port TCP and UDP use port numbers for services. The port numbers
for common services are:
|
21 |
FTP |
|
23 |
Telnet |
|
25 |
SMTP |
|
80 |
HTTP/WWW |
|
110 |
POP3 |
|
119 |
NNTP |
|
389 |
LDAP |
These ports are the default, and if
you change the service to another port, those accessing it must specify
the new port in their request. For example, if the web service is changed
from port 80 to port 800, the URL to access the site ds-technical.com
becomes: http://www.ds-technical.com:800
1.2 Identify the issues that affect Internet site functionality (e.g.,
performance, security and reliability). Content may include the following:
·Bandwidth The amount of data that can be simultaneously
transmitted on a medium. Most often, the amount of bandwidth that can be used
by a site is equal to the amount of bandwidth that can reach the site. This
can be changed, however, by invoking bandwidth throttling. Throttling allows
you to reduce the amount of bandwidth the site can offer, thus leaving the
server hosting the site with additional bandwidth that can be allocated to
other services or other sites.
·Internet connection points the majority of users access the
Internet through ISPs.
·
Audience access the audience the users you are publishing to
should be considered when posting. If your users are predominantly low-speed
dial-up users, then files to be downloaded should be compressed, etc.
·
Internet Service Provider (ISP) ISPs access the Internet
through Network Access Points (NAPs).
·
Connection types connections can be established through
dial-up service, proxy service, dedicated lines (ISDN, T1, etc.), all of which
are explored in later sections of the objectives.
·
Corrupt files corruption can occur at any time and prevent
users from accessing your resources successfully. It is important to test your
files before posting/uploading them, and to always continue to check them for
corruption and correct, as needed.
·
Files taking too long to load consider the access the median
audience is using to reach your site. Instead of posting one 88-page PDF file
that will take forever to load, break the file into eleven 8-page segments
that can be loaded individually.
·
Inability to open files can be caused by browser dependencies.
Try to avoid browser dependencies whenever and wherever possible.
·
Resolution of
graphics is the number of determining factor in the clarity of the graphics,
and is expressed in bits: the greater the number of bits, the better the
graphic. While 24-bit graphics are perfect for an ideal world, if you want to
serve all users, you should use 8-bit graphics as that is as high as you can
go and support the 256-color monitors still in use.
1.3 Describe the
concept of caching and its implications. Content may include the following:
·
Server caching caching can be done here but requires a great deal
of RAM
·
Client caching allows sites revisited to be brought to the
browser quickly
·
Proxy caching allows users to access site data quicker as it is
always faster to send the data at the speed of the LAN medium than at the speed
of site access
·
Cleaning out client-side cache should be done on a routine basis
such as with Tweak/UI that can do so on each boot or activation and can
restore hard drive space
·
Server may cache information as well
·
Corrupt files
·
Web page update settings in browsers allow you to configure how
often to access/cache data, etc.
1.4 Describe
different types of search indexes static index/site map, keyword index, full
text index. Examples could include the following:
·
Searching your site can be graphically represented via a site
map.
·
Searching content the basics of rules for searching include:
|
A |
Finds pages with word A |
|
B |
Finds pages with word B |
|
A B |
Will find words A and words B |
|
A B |
Will find the words A and B together |
|
+A B |
Requires word A to be in the search
results |
|
A B |
Will find words A that do not contain
words B |
·
Indexing your site for a search can be accomplished with an
Index server. You can exclude words from the search by creating a noise
list.
INTERNET CLIENTS
2.1 Describe the infrastructure needed
to support an Internet client. Content could include the following:
·
TCP/IP stack TCP/IP is a four-layer protocol that matches up to
the seven-layer OSI model in functionality.
·
Operating system - The stack is implemented differently in
different operating systems, Windows-based operating systems implement it as a
DLL - Winsock
·
Network connection the connection can be through any number of
possibilities, including dial-up, proxy, direct
·
Web browser uses port 80 by default, and can be configured with
a number of features (caching, cookie acceptance, etc.) . The most popular
browsers, at this time, are Netscape and Internet Explorer both of which run
on multiple operating system platforms.
·
E-mail is commonly accessed via POP3 and sent via SMTP. This
functionality can be accomplished through the browser in many cases, or other
programs.
·
Hardware platform (PC, WebTV, Internet phone) the one necessity
is the TCP/IP protocol.
2.2 Describe the use of Web browsers
and various clients (e.g., FTP clients, Telnet clients, email clients,
all-in-one clients/universal clients) within a given context of use. Examples of
context could include the following:
·
When you would use each browsers are used to view the graphical
content of the World Wide Web, with FTP is used to upload and download files.
Both allow for anonymous access to sites, though it can be prohibited if
security is a concern. Telnet sessions allow a user to establish a dumb-terminal
connection to a server and run processes on the server as if he/she were sitting
there instead of at the remote host. Email clients, as the name implies, are
used to send and receive email. Popular email packages/clients are elm, pine,
Eudora.
·
The basic commands you would use (e.g., put and get) with each
client (e.g., FTP, Telnet) to place a single file on an FTP site, you use the
put command. To place multiple files on an FTP site, you can use
mput. To retrieve a single file from an FTP site, use get,
or use mget to retrieve multiple files. With telnet, the command
to initiate the session is telnet itself, the location to go to, for example:
Telnet 1.2.3.4
Or
Telnet redial.com
Once a connection is established, you
must logon to the server with a valid username and password (plain text) as if
you were sitting at the server. You can end the connection a number of ways,
with exit being the most common command, then close the telnet
application.
2.3 Explain the issues to consider
when configuring the desktop. Content could include the following:
·
TCP/IP configuration (NetBIOS name server such as WINS, DNS,
default gateway, subnet mask) NetBIOS names (also known as computer names)
exist in the Microsoft operating system world. NetBIOS-to-IP resolution can be
done through static files (LMHOSTS) or dynamically with a Windows Internet
Naming Service (WINS) server.
As opposed to NetBIOS names
(Microsoft-only), host names exist is all operating systems (Microsoft, Unix,
etc.). On a small network, host name-to-IP resolution can be accomplished
through the use of HOSTS files. On a large network such as the Internet this
resolution can be accomplished via the use of Domain Name Service/Server
machines. DNS servers divide the extent of their coverage area into zones,
with a primary and secondary server for each.
To configure TCP/IP on a host, you need
only three values with one being that of default gateway (the other two are IP
address and subnet mask). The default gateway is the IP address of the router
all data not intended for this network should go to.
A subnet mask divides the total number of
hosts available for one network into a smaller number available for a number of
networks. The subnet mask value is based upon the class of network you have.
Default values by class, and the maximum number of hosts are:
|
Class |
Default Subnet Mask |
Total number of Hosts for Network |
|
A |
255.0.0.0 |
> 16 million |
|
B |
255.255.0.0 |
>65,000 |
|
C |
255.255.255.0 |
254 |
·
Host file configuration the host file must exist on every
machine that is performing host name-to-IP address resolution in order for
it to work properly. It can consist of an unlimited number of lines, with
each line limited to 255 characters in length. The format for the file is
that the first column is an IP address, and all other columns on that line
(separated by any white space tab, space, etc.) are aliases for that IP
address. The pound sign (#) anywhere on a line makes the rest of the line a
comment.
·
DHCP versus static IP Dynamic Host Configuration Protocol (DHCP)
servers can simplify administration of IP addresses by dynamically issuing
them to clients, and not requiring them to be hardcoded by an
administrator. DHCP is built on BOOTP (Boot Protocol) and leases addresses
from a scope. When the leases expire, the IP addresses are placed back in
the scope for use by another client. At any time, the leases can be renewed
or released.
·
Configuring browser (proxy configuration, client-side caching)
proxy servers can be configured to do active caching to automatically
retrieve pages that are commonly viewed and store them locally for access
for users.2.4 Describe MIME
types and their components. Content could include the following:
·
Whether a client can understand various types (MIME, HTML, and
uuencode) MultiPurpose Internet Mail Extensions (MIME) makes it possible
to send non-ASCII files over email and have them supported on the client
machine. Web browsers use MIME to understand how to display non-HTML data
within the browser.
·
The need to define
MIME file types for special download procedures such as unusual documents or
graphic formats there are standard MIME types recognized by all, and it is
possible for any user/administrator to create their own.
2.5 Identify problems related to
legacy clients (e.g., TCP/IP sockets and their implication on the operating
system). Content could include the following:
·
When troubleshooting problems, look for revision dates, and
manufacturer/vendor values and use them to determine if you have the most
current software available. Troubleshooting problems and performance issues
can often be tied to compatibility issues and differing versions of the Web
browser.
2.6 Explain the function of
patches and updates to client software and associated problems. Content
could include the following:
·
Patches should
never be blindly applied as you run the risk of taking a working system and
making changes that can adversely affect performance. When new patches
become available, you should always download them and carefully read the
documentation, which accompanies them. If you are experiencing none of the
problems addressed by the patch, or there would be no performance gain by
applying it, then do not apply it. If the patch looks beneficial, then try
it on a single system first to look for problems that might arise before
rolling it out to all computers.
2.7 Describe the advantages and
disadvantages of using a cookie and how to set cookies. Content could
include the following:
·
Cookies are unencrypted text files stored on the clients
computer with, or without, the users knowledge. Cookies hold values about
the user or the users preferences (such as a shopping cart) that can be
read and written to when the user accesses a site. Cookies contain
expiration dates (which can be equal to none); dates last
modified, last accessed, and last checked. Whether cookies are accepted
without prompting or not is largely based upon the browsers security
settings. In IE, you can choose to set whether cookies will:
1.
Always be accepted
2. Require prompting
before accepting
3. Be disabled
In all cases, the main purpose of a
cookie is identification.
DEVELOPMENT
3.1 Define programming-related terms
as they relate to Internet applications development. Content could include the
following:
·
API The Application Programming Interfaces are the building
blocks by which Windows-based software applications are built by programmers.
·
CGI the Common Gateway Interface is a program/language that runs
on servers and provides a means to customize output to the user. It is
server-based and performs all operations there (versus ActiveX and Java applets
which run on the client). Because a process must be initiated each time the
program is run, CGI tends to be server-intensive, while ISAPI and other
server-solutions can avoid spawning a new process with each iteration and not be
as intensive on the server.
·
SQL the Structured Query Language is used to find/place
information in a database. Using ODBC (Open DataBase Connectors), the Web server
can interact with a SQL server and pull up information such as from a catalog
database and post the results in HTML to the user.
·
SAPI the Speech API is used for voice and telephony applications
·
DLL Dynamic Linking Libraries are the method by which common
executable routines are made available in the Windows-based environment. Drivers
and executables depend upon DLLs to provide functionality that can be accessed,
making programming much easier.
·
Client and server-side scripting while CGI and ISAPI are
examples of server-side scripting, examples of client-side scripting can include
Java applets, Active Server Pages, and ActiveX. Any execution that occurs within
the browser is known as client-side programming, while any execution that occurs
before data reaches the browser is known as server-side.
3.2 Describe the differences between
popular client-side and server-side programming languages. Examples could
include the following:
·
Java an object-oriented programming language created by Sun
Microsystems that allows programs to be run in almost every operating system
(via a Java Virtual Machine)
·
JavaScript created by Netscape to provide active content on web
sites
·
Perl Practical Extraction and Report Language an interpretive
language (requires an interpreter) that can be used to write CGI scripts and
perform text processing tasks
·
C a programming language that has been around for almost 30
years that uses a small amount of resources and can run on most operating
systems
·
C++ - the object-oriented counterpart to C. It is used for
graphical environments and runs on most operating systems.
·
Visual Basic a graphical programming language that is
event-driven. It typically requires an executable to be compiled before being
able to be run on a users machine
·
VBScript a non-compiled scripting language based on Visual Basic
that allows controls to be added to web pages.
·
Jscript a non-compiled scripting language based on Microsofts
implementation of JavaScript (which came from Netscape).
·
XML eXtensible Markup Language allows multiple HTML links
(versus the standard one) and is a chopped down version of SGML (Standard
Generalized Markup Language). It is useful for shopping sites and others that
can have multiple results needed for an action. Many believe XML will replace
HTML eventually for writing web pages.
·
VRML Virtual Reality Modeling Language a plug-in that allows
the display of 3-D objects within web browsers.
·
ASP Active Server Pages run only on the Windows NT platform and
allow processing to be done on the server (which sends back pure HTML) and on
the client (which is processed within the browser, but can be viewed in Source.)
3.3 Describe the differences between a
relational database and a non-relational database.
A flat-file database holds all data in
one solitary table, while a relational database stores data in different
tables (each of which can be in a different format). Relational databases are
far more complicated than flat-file databases, but also much more flexible and
scalable for big installations.
3.4 Identify when to integrate a
database with a Web site and the technologies used to connect the two.
A database should be integrated with a
web site anytime you need to return values from it to the user, or input
values from the user into it. In the first scenario, a database could be used
to show inventory on hand when queried by partners in your extranet. In the
second scenario, a database could be used to collect mailing addresses from
users who want to receive your catalog.
ODBC - Open DataBase Connector allows the Web server to interact with a SQL
server.
3.5 Demonstrate the ability to create
HTML pages.
Always employ cross-browser coding in
your html, and verify compatibility between different browsers. Know that
using the <UL> syntax will produce a non-ordered, non-numbered list. Using the
<OL> syntax will produce a numbered and ordered list. To insert a command to
run a script, use the syntax: <script language="JavaScript">.
The correct syntax for a link to D S Technical Solutions is <A HREF="http://www.ds-technical.com">D
S Technical</A>. To insert an image, the correct syntax is <IMG SRC="image.gif
">
The "© " syntax produces the copyright symbol - ©. The <tr> syntax is
used to signify rows in a table and is not a required component on all HTML
pages.
3.6 Identify popular multimedia
extensions or plug-ins. Examples could include the following:
·
QTVR (quick time) Created by Apple, it allows video, audio, and
animation to be displayed with its strength laying in the ability to show 3-D
photos and artwork
·
Flash from Macromedia, allows you to create vector-based web
sites
·
Shockwave from Macromedia, it is a Netscape plug-in or
an ActiveX control that allows for animation on web sites, as well as audio and
video.
·
Real Player plays RealAudio and RealVideo files on the Windows
and Mac operating systems
·
Windows Media Player designed by Microsoft, and does not require
any additional hardware. It plays files with the extension of .AVI and support
several compression methods.
3.7 Describe the uses and benefits of
various multimedia file formats.
JPEG (Joint Photographic Experts Group)
compresses images smaller than GIF (Graphics Interchange Format), but GIF
maintains resolution and sharpness even when compressed. GIF89a adds
animation to GIF images by using multiple images in one file.
PNG Portable Network Graphic files
resemble GIF images but do not use the patented compression algorithm employed
by GIF. PDF Portable Document Format files are files (typically document)
that can be read on any platform with Adobes Acrobat Reader. RTF Rich Text
Format was created by Microsoft and allows commands such as fonts to be
incorporated directly in the file.
TIFF Tagged Image File Format files
are highly supported bitmapped graphics files that can be any resolution.
PostScript files are documents containing laser printer object-oriented
command language for specifying typeface, fonts, etc. EPS Encapsulated
PostScript is the graphics side of PostScript.
BMP files are the default bitmapped
images used in the Windows world, while MOV is the file format for movies.
MPEG Moving Picture Experts Group
files are compressed digital video files considered to be of higher quality
than QuickTime and others. Compression is done by only saving the changes
between images instead of all the images.
AVI Audio Video Interleave is the
format used by Microsofts Video for Windows.
BINHex can convert binary data into
ASCII data (extension .HQX) - allowing it to be sent through email. Streaming
media allows a browser to begin displaying the data as it is sent to it. With
Non-streaming media, all the data must be received before processing begins.
3.8 Describe the process of pre-launch
site/application functionality testing.
Before launching a site, you must:
check hot links, test different browsers, test to ensure the new site does not
corrupt your e-commerce sites and that it can be accessed, perform load
testing, and test with various speed connections.
NETWORKING
4.1 Describe the core components of
the current Internet infrastructure and how they relate to each other. Content
may include the following:
·
Network access points NAPs are how/where ISPs connect to the
Internet and effectively form the backbone.
·
Backbone the main structure behind which the Internet is built.
4.2 Identify problems with Internet
connectivity from source to destination for various types of servers. Examples
could include the following:
·
E-mail
·
Slow server
·
Website
4.3 Describe Internet domain names and
DNS. Content could include the following:
·
DNS entry types DNS records consist of different types of
information. Key among them is:
|
Cname |
an alias name/canonical name |
|
Mx |
mail receiver for the organization |
|
A |
system name |
|
NS |
authoritative computer for the domain |
·
Hierarchical structure DNS is organized in such a manner
with the root of the naming tree being . and everything funneling down
from it, as in bubba.ds-technical.com. which breaks out to:
|
. |
the root server |
|
Com |
commercial venture |
|
ds-technical |
the company |
|
bubba |
the computer in question |
If bubba is the primary server for the
organization and running the web server, then www.ds-technical.com becomes
bubba.ds-technical.com.
·
Role of root domain server the root server is responsible
for the resolution of for the organization/zone.
·
Top level or original domains edu, com, mil, net, gov, and
org exist within the United States. Outside of the United States, two
letter country level domains are used, such as .UK, .au, etc.
4.4 Describe the nature, purpose, and
operational essentials of TCP/IP. Content could include the following:
·
What addresses are and their classifications (A, B, C, D)
see Section 1.1
·
Determining which
ones are valid and which ones are not (subnet masks) subnets must be
created by borrowing numbers that could be used for the address of the host
to identify the address of the subnet. While some vendors differ, most
require sequential use of the bits from the left to the right and prevent
using all 0s or all 1s. Given that, the following become the only valid
subnets for a Class C network:
|
Subnet Address |
Maximum Number of Subnets |
Maximum number of Hosts on a
Class C network |
|
192 |
2 |
62 |
|
224 |
6 |
30 |
|
240 |
14 |
14 |
|
248 |
30 |
6 |
|
252 |
62 |
2 |
|
254 |
126 |
invalid |
|
255 |
254 |
invalid |
·
Public versus private IP addresses when connecting to the
Internet (meaning the world), you must have a unique IP address for every
single host within the world. When you are not connecting to the world,
however, then the addresses must only be unique within your network. Public
addressing requires the uniqueness, while private addressing suggests that
the following ranges be used:
|
Class of network desired |
Starting address |
Last available address |
|
A |
10.0.0.0 |
10.255.255.255 |
|
B |
172.16.0.0 |
172.31.255.255 |
|
C |
192.168.0.0 |
192.168.255.255 |
4.5 Describe the purpose of remote
access protocols. Content could include the following:
·
SLIP Serial Line Internet/Interface Protocol - the oldest
line protocol of the group, it can only be used with TCP/IP, does not offer
error correction or support dynamic IP addressing
·
PPP Point to Point Protocol - an enhancement to SLIP, it
offers error correction, support for dynamic IP addressing, the use of
protocols other than TCP/IP and password logons
·
PPTP Point to Point Tunneling Protocol - Microsofts
enhancement over PPP, it allows for secure connections over the Internet by
tunneling other protocols within TCP/IP packets. An alternative to PPTP is
L2F (Layer 2 Forwarding) from Cisco. Tunneling is also known as
encapsulation and both PPTP and L2F are used to create Virtual Private
Networks (VPNs).4.6
Describe how various protocols or services apply to the function on a Mail
system, Web system, and file transfer system. Content could include the
following:
·
POP3 used for retrieving mail
·
SMTP used for sending mail
·
HTTP protocol of the web service
·
FTP used to upload and download files
·
NNTP (news server) allows subscription to news servers
·
TCP/IP protocol of the Internet
·
LDAP - Lightweight Directory Access Protocol - is built on the
X.500 standard and allows applications to obtain directory access and
information.
·
LPR the command used to print files to the LPD service (NT)
or daemon (Unix).
·
Telnet allows establishment of a dumb terminal session
·
Gopher an archaic method of seeing content on the Internet
prior to WWW
4.7 Describe when to use various
diagnostic tools for identifying and resolving Internet problems. Content
could include the following:
·
Ping an all-purpose utility for verifying that a remote host
can be reached by bouncing bytes of data to it
·
WinIPCfg or IP Config shows the IP configuration data for a
Windows 95/98 system
·
ARP Address Resolution Protocol shows the resolution
between IP addresses and physical (MAC) addresses
·
Trace Routing Utility tracert works like ping but shows
the hops taken to reach the remote host
·
Network Analyzer used to analyze packets of data sent across
the network
·
Netstat shows the statistics for TCP/IP on a host
4.8 Describe hardware and software
connection devices and their uses. Content could include the following:
·
Network interface card (NIC) the physical entity within the
host to which the networking cabling is connected
·
Various types of modems including analog, ISDN, DSL, and
cable:
|
Analog |
Traditional modem requires a single
phone line for a connection and is limited in speed to around 57,600bps |
|
ISDN |
Integrated Services Digital Network,
requires two phone lines, and can reach a speed around 128,000bps |
|
DSL |
Digital Subscriber Line, uses existing
phone lines (copper), and is available only in certain areas. You must be
within a short distance of a switching station, and speeds can reach 9Mbps |
|
Cable |
Works with the coaxial from the cable
TV company and speeds is reduced with the number of users, but is
approximately 2Mbps |
·
Modem setup and commands most common commands are:
|
ATA |
Answer |
|
ATD |
Dial |
|
ATH |
Hang up |
|
ATX |
Exit |
·
Adapter same as NIC
·
Bridge used to connect two (and only two) networks together. Can
be used with nonroutable protocols
·
Internet-in-a-box a complete solution for Internet service
·
Cache-in-a-box available from a number of vendors, essentially a
hard drive on the network for storing cache
·
Hub a device that sends all data that comes in out to all ports
·
Router used to connect multiple networks together using routing
tables requires routable protocols
·
Switch similar to a hub, but directs data which comes in only to
the port it the data is intended for
·
Gateway an upper layer device that can connect dissimilar
networks together for the purpose of passing application data (such as email)
back and forth
·
NOS a Network Operating System any operating system that
supports networking such as NetWare, Windows NT, etc.
·
Firewall either a hardware or software entity that protects a
network by stopping network traffic from passing through it. In most cases, a
firewall is placed on the network to allow all internal traffic to leave the
network (emails to the outside world, web access, etc.), but stop all traffic
from the outside world from entering the internal network
4.9 Describe various types of Internet
bandwidth technologies (link types). Content could include the following:
·
T1/E1 a T1 is a dedicated line that operates across 24 channels
at 1.544Mbps. E1 is the European counterpart: it uses 32 channels and can run at
2.048Mbps
·
T3/E3 A T3 is a dedicated line of 672 channels (E3 is the
European counterpart) able to run at speeds of 43Mbps
·
Frame relay a packet switching protocol supporting T1 and T3
·
X.25 a packet-switching standard widely used in WANs
·
ATM Asynchronous Transfer Mode uses 53-byte cells for all
transmissions
·
DSL see section 4.8
4.10 Describe the purpose of various
servers what they are, their functionality, and features. Content could
include the following:
·
Proxy used to provide Internet access for clients, perform
caching
·
Mail
·
Mirrored duplicates data so that it is not lost in the event of
a hardware failure
·
Cache - stores data
·
List sends messages received to all members of a mailing list
·
Web (HTTP) -
·
News provides subscription content
·
Certificate issues security keys
·
Directory (LDAP) allows directory listing
·
E-commerce allows for commercial transactions with security
implied
·
Telnet dumb terminal
sessions
·
FTP uploading and downloading of files
INTERNET SECURITY
5.1 Define the following Internet
security concepts:
|
Access control |
access control lists (ACLs) reside
with the resource and verify what users can access said resource
firewalls prevent intruders from entering the network from the outside world
packet filters do as the name implies
proxy servers act on the behalf of the clients |
|
Authentication |
Must/should encompass:
·
Digital Certificates
·
Digital signatures
·
non-repudiation
(the ability to prove who sent data) |
|
Encryption |
public and private keys use two values.
The first (public) is known by all, while the second (private) is known only
by the one user. This is known as asymmetric encryption (with symmetric
encryption, the same key is used to encode and decode)
secure socket layers (SSL)- allows for data to be transmitted across a
secure connection
S/MIME an enhancement to MIME that supports RSA's public-key encryption
of email messages
digital signatures an attachment to email used to uniquely identify a
sender. X.509 is the most common standard for digital certificates
Be aware of global versus country-specific encryption standards when
exporting |
|
Auditing |
Consists of:
·
intrusion detection utilities
·
log files
·
auditing logs |
|
SET (Secure Electronic Transactions) |
a standard for using digital signatures
to uniquely identify users and allow for credit card transactions over the
Internet |
5.2 Describe VPN and what it does.
·
Virtual Private Networks are built using PPTP or other tunneling
protocols to provide encrypted (secure) communications across the Internet.
They are used for connecting two different company sites such as with an
extranet, or for allowing a remote user to securely access a site.
5.3 Describe various types of
suspicious activities.
Possible symptoms are:
·
Multiple login
failures
·
Denial of service (DoS) attacks wherein the system is kept so
busy responding to non-legitimate traffic/requests that it cannot service
legitimate users.
·
Mail flooding/spam (overwhelming a site with junk email)
·
Ping floods - Flooding a site with ICMP echoes (also known as
smurfing)
·
Syn floods- when a client attempts to establish a connection
with a host on TCP/IP, the first request sent is a SYN. In a Syn flood, you
overwhelm a host with SYN requests for connections.
5.4 Describe access security
features for an Internet server (e.g., mail server, Web server).
Internet security access features can include the use of:
·
User names and passwords this is the minimal level of access
that should be acceptable.
·
File level assigning permissions to files for access by
anonymous and known users
·
The use of digital certificates
·
File-level access: read is needed for viewing and
downloading, write is needed to modify/change/create/upload,
no access cancels all other rights
5.5 Describe the purpose of
anti-virus software and when to use it.
Anti-virus software, as the name implies, identifies viruses when they enter
the system and stops them from damaging data on the system. Anti-virus
software can, and should, be located on both:
·
Browser/client
·
Server
5.6 Describe the differences between
the following as they relate to security requirements:
·
Intranet with an Intranet, you isolate the site from the world
(typically with a firewall), and do everything you can to keep outsiders from
knowing the site exists or accessing it
·
Extranet with an Extranet, some of the world must know that
your site exists typically your vendors and partners and you limit the
access to only them and your internal personnel. This is best accomplished
through the use of a Virtual Private Network.
·
Internet the purpose of an Internet site is for the world to
know of its existence and come to it to learn of your products, data,
information, and other offerings. By default, all users enter the site as the
anonymous user and permissions are assigned to anonymous to affect all users
BUSINESS CONCEPTS
| |
|
![[Under Construction]](undercon.gif){kind=small}