Configure and Troubleshooting Networks

Question 1

Give all NIC properties.

Answer 1

The computer’s network adapter connects to a network appliance
Card settings should be configured to match the network

Question 2

Give all Wired Network Cards

Answer 2

The Ethernet adapter and switch must have the same media type:
Signaling speed
Half/full duplex
Most will auto-negotiate; can be configured
Most settings can be left at default

Question 3

Give all the properties of QoS

Answer 3

A network protocol that prioritizes some types of traffic.
Can help ensure real-time applications such as VoIP or video conferences have priority.
QoS is usually configured on managed switches.
May need to enable the QoS protocol on the adapter.

Question 4

What are all the points of Onboard Network Cards

Answer 4

Most computers have a built-in Gigabit Ethernet adapter.
Uses RJ-45 port/twisted-pair cabling.
Check system setup if issues or to disable if installing a plug-in card.

Question 5

What are all the points of Wireless Network Cards

Answer 5

Set up 802.11 standards supported by the access point
The card should support any standard available
Configure Roaming Aggressiveness to adjust for weak signals
Transmit Power is usually set to the highest level by default

Question 6

What is Wake on LAN

Answer 6

Start computer remotely
A network card is active, and on standby
“Magic packet” starts the boot

Question 7

How do you setup Wake on LAN

Answer 7

To set up WoL:
1 Enable WoL in system setup

2 Enable WoL on the adapter

3 Configure a network to send magic packets

Question 8

Give all Network Connections in Windows 7 and 8

Answer 8

Configure network card with client software and protocol
Use Network and Sharing Center

Access adapter properties
Wired/wireless adapter names vary

Change properties or view status
Configure client, protocol, service
Default bindings include Microsoft clients, IPv4 and IPv6, and link-layer discovery

To join WLAN, select network from the list in the notification area
Can connect automatically
Can configure manually if the network not broadcasting

Question 9

What is Network Connection in Windows 10

Answer 9

Settings: Network & Internet
Use to access Network and Sharing Center and Network Connections applets

Question 10

Give all points of IP Adress Configuration

Answer 10

Configure wired and wireless through connection’s Properties
Default is dynamic IP
Can configure a static IP address manually
Select “Obtain an IP address automatically” for DHCP/APIPA
Can set up alternate configuration if desired

Question 11

Give all the points of Other Network Connections

Answer 11

SOHO router is typical; usually combines several functions
Other connection options include dial-up
Analog modem connects to ISP
Use Set Up a Connection or Network to configure
WAN cellular connects to a cell provider’s network
Can be USB or internal
Install vendor software, and plug-in adapter, and use software to view and configure
VPN tunnels privately through a network
Windows supports several types; can configure in Network Connections
Click the network status icon to access

Question 12

Give all the properties of SOHO Networks

Answer 12

Business network; may use the centralized server as well as clients.
Often uses a single Internet device for connectivity.
Maybe a home/residential network as well.

Question 13

Give a full description of Common SOHO Network Hardware

Answer 13

DSL or cable modem installed on customer premises.
Bundles several device types: modem, router, switch, and access point.
On DSL, the RJ-11 port connects to the phone jack; the voice/data splitter is usually part of the modern socket.
On DSL, the RJ-11 port connects to the phone jack.
Voice/data splitter is usually part of a modern socket.

Question 14

Give a description of a SOHO Network Configuration

Answer 14

Connect the device to the SOHO appliance to configure.
Access management interface through the browser.
Change the default password!
Follow the wizard interface to configure Internet access.
View line status and system log in the management console.
Helpful for troubleshooting.

Question 15

Give all the points of the wireless setting

Answer 15

Configure wireless settings; most hosts connect wirelessly.
Maybe part of setup wizard; can use management software directly.

Question 16

What settings can you adjust in wireless settings

Answer 16

Adjust settings as appropriate:
Frequency band (2.4 GHz or 5 GHz)
SSID (the name for WAN)
Security and encryption
Password (pre-shared key)
802.11 mode
Channel/channel width

Question 17

Give a description of DHCP and IP Address Configuration

Answer 17

We May need to adjust DHCP server settings
Enabled by default
If you disable it, IP addresses must be assigned manually
Easy for an attacker to determine the scope

Question 18

What are all the points of WPS

Answer 18

Simplifies secure access point setup.
AP and all adapters must be WPS-capable.
Pushbutton on device typically causes device and AP to associate automatically over WPA2.
Generates random SSID and passphrase.

Question 19

Give all the points of Access Point Placement

Answer 19

Correct antenna and access point placement helps ensure a robust network.
AP placement may be constrained by the provider’s cabling location.
Can use extenders.
A site survey can help identify dead zones.

Question 20

What is the channel selection

Answer 20

In the US, the 2.4 GHz band is subdivided into 11 channels at 5 MHz intervals.
Best to allow 25 MHz spacing for channels in active use.
No more than 3 nearby APs can have non-overlapping channels.
Newer APs detect the least-congested channel at boot; may need to adjust.
Use a spectrum analyzer to find the least busy channels.

Question 21

Give all the points of radio power levels

Answer 21

Can turn down AP power to prevent war driving.
Need to ensure enough coverage for legitimate users.
It May be exposed to an “evil twin” attack if a rogue AP is detected first.
Increasing power may also cause signal bouncing.
The client must match AP.
Best to allow auto-negotiation.

Question 22

What are Wi-Fi security protocols

Answer 22

Wi-Fi requires careful security configuration
Media “unguided;” RF scanner can intercept signals
Encryption is crucial
Cipher scrambles message; key decodes the message
Keep key secure

Question 23

The description of a WEP

Answer 23

Legacy encryption system based on the RC4 cipher
64-bit or 128-bit key
The flaw in the key production method; easy for an attacker to generate key
Deprecated and should not be used

Question 24

The description of WPA/WPA2

Answer 24

Based on RC4
Adds TKIP to fix the security problem
WPA2 developed to meet 802.11i security standards
Use WPA2 whenever possible
If not supported by devices, use WPA

Question 25

Give the description of a wifi authentication personal

Answer 25

Based on a pre-shared key generated from a passphrase. Cannot completely secure distribution of key; on home, the network may not be secure passphrase; all users share key (no accounting); hard to change the key. Simple setup. The only choice for WEP; can use WPA/WPA2 on SOHO networks or workgroups.

Question 26

Give the description of a wifi authentication Enterprise

Answer 26

Enterprise mode authentication in WPA/WPA2. Authentication passed to the RADIUS server. Suitable for server-/domain-based networks.

Question 27

Give the description of the SOHO Security Issue: SSID

Answer 27

Simple name to identify the WAN Change default SSID Do not use personal information Disable SSID broadcast Enable encryption

Question 28

Give the description of the SOHO Security Issue: Physical Security

Answer 28

Restrict physical access to enterprise routers and switches An attacker with physical access could reset to defaults, gain access

Question 29

Give the description of the SOHO Security Issue: Updating Firmware

Answer 29

Keep Internet appliance firmware and driver up to date Make sure power stays on during the update process

Question 30

Give the description of the SOHO Security Issue: Static IP Addresses

Answer 30

Static IP assignments will not deter a determined attack Router/modem must have static IP to function as DHCP server/default gateway

Question 31

Definition of Quality of Service

Answer 31

Quality of Service (QoS): Using a network protocol to prioritize types of traffic

Question 32

Give all the properties of latency and jitter

Answer 32

Modern networks provide two-way communications (VoIP, video conferencing, gaming). Standard protocols are sensitive to data loss, not delivery delay (latency/jitter). Real-time data applications are sensitive to latency and jitter, not packet loss. Latency: the time for a signal to reach the recipient Jitter: variation in delay (congestion, configuration problems). QoS: Hard to guarantee on the Internet. Can be deployed on enterprise networks. On SOHO network, may be able to configure on router/modem.

Question 33

Give a description of the firewall

Answer 33

Many types and implementations Primary distinction: Network firewall: Inline on the network Inspects all traffic Host firewall: Installed on host Inspects traffic to that host

Question 34

What is packet filtering

Answer 34

Earliest type; all firewalls capable of this function Inspects IP packet headers, accepts or drops based on rules Filtering rules based on: IP filtering Protocol ID/type Port filtering/security Configure ACL

Question 35

Give the definition of a Host firewall

Answer 35

Software on the individual host; may be in addition to the network firewall Can do packet filtering Can also grant/deny access based on software programs, services/processes, and users Two firewalls increase security; more complex to configure and troubleshoot

Question 36

Give a description of a firewall setting: Disabling Ports

Answer 36

Only enable required services; can remove service at the host. You may want service available locally but not on the Internet. Configure firewall ACL to block the port, or block by the default rule.

Question 37

Give a description of a firewall setting: MAC Filtering

Answer 37

Firewalls, switches, and APs can whitelist/blacklist MAC addresses. Can be time-consuming, but good security option for SOHO networks.

Question 38

Give a description of a firewall setting: Content Filtering / Parental Controls

Answer 38

Blocks websites and services based on keywords, ratings, or classification. Can restrict times. ISP-enforced filters cannot distinguish account types. Filters can also be enforced by OS.

Question 39

Give a description of a firewall setting: Whitelists / Blacklists

Answer 39

Blacklists document URLs known to harbor specific undesired content. Whitelists document sites that will be accessible even if the filter is applied.

Question 40

Give a full description of NAT

Answer 40

All routers/modems use NAT/NAPT The router has a single public address; clients use local private addresses The router translates between the Internet and the host Usually auto-configured Some protocols may need ALG to open ports dynamically

Question 41

Give a full description of Port Forwarding and Port Triggering

Answer 41

Internet hosts only see the router’s public address. Configure port forwarding/DNAT if running an Internet-facing service on your internal network. The router transmits Internet requests to a given port to a designated internal host. Port triggering is for applications using multiple ports.

Question 42

Give a full description of DMZ

Answer 42

If the internal server is exposed to the Internet, consider local network security; a compromised server can expose LAN to attacks. Enterprise networks use DMZ; hosts in DMZ are not trusted by the local networks. Traffic from Internet cannot access the local network through DMZ. SOHO vendors’ “DMZ” = LAN computer that receives all Internet communications not forwarded to other hosts.

Question 43

Give all the properties of Universal Plug and Play

Answer 43

Users may be tempted to turn off the firewall if the configuration is complex. Services requiring complex configuration can use UPnP to instruct the firewall with the correct configuration. Does have security vulnerabilities: Use only if required. Don’t let UPnP accept Internet requests. Keep firmware, and security advisories up to date.

Question 44

Give a description of the Windows Firewall

Answer 44

Each version has become more advanced Configure in Control Panel Can configure exceptions Use Windows Defender Security Center on Windows 10

Question 45

What are the properties of Windows Firewall with Advanced Security

Answer 45

Add-in to basic firewall Can configure outbound filtering, IPSec, monitoring Configure in Group Policy on the domain, in management console in a workgroup Configure inbound and outbound rules as appropriate Rules can use various triggers

Question 46

What is location-awareness

Answer 46

Firewall settings can be applied depending on a connected network. Displays dialog when a new network is detected. Set location (Home, Work, Public, Domain). Use Network and Sharing Center to change location. In Windows 8/Windows 10, networks are either public or private. Change using the Settings app

Question 47

Give a description of Browser Configuration

Answer 47

Browser is very important software, for browsing and as an app interface. Internet Explorer has been dominant, but other browsers have similar configurations. General settings include home pages, browsing history, etc. Clear browsing history on public computers. Check or set the default browser Manage add-ons Various advanced settings and options Resetting the browser Privacy settings control the use of cookies Text files containing session data Configure pop-up blocker Security settings protect the system from malicious content on web pages. In Windows, configure by security zone. Configure proxy: User machines send requests to the proxy server, which sends them to the Internet. May also perform caching for improved performance. Use LAN Settings to configure the proxy address.

Question 48

Give the browser configuration connections.

Answer 48

Configure connections: Dial-up Router

Question 49

Explain Remote desktop

Answer 49

Allows the user to connect to a desktop remotely Desktop machine = terminal server; connecting machine = Windows terminal Good for homeworkers Can also be used for troubleshooting TCP port 3389

Question 50

Explain Remote Assistance

Answer 50

Allows the user to request help from a technician The helper can join user sessions and take control of the desktop Port assigned dynamically from ephemeral range; intended for local support, not to pass through firewalls

Question 51

Give a full description of Remote Settings Configuration

Answer 51

Remote Assistance is allowed by default; Remote Desktop is not Configure in System Properties/Remote Settings Choose RDP client options, including NLA RDP authentication/session data is always encrypted Define which users can connect remotely (local or domain accounts)

Question 52

Explain Remote Credential Guard

Answer 52

Remote Desktop credentials are vulnerable on machines compromised by malware. RDPRA Mode and Remote Credential Guard mitigate this risk.

Question 53

Explain the Remote Assistance Process

Answer 53

Remote Assistance request placed with Remote Assistance tool (file, email, or Easy Connect). The helper opens the invitation file and waits for the user to accept the offer. Remote Desktop window and chat tool open. Remote Assistance session encrypted, same as RDP.

Question 54

Fully explain the remote desktop process

Answer 54

Open via the Communications menu in Accessories or by typing mstsc at a command prompt. Enter the server's computer name or IP address to connect. You will need to define logon credentials. Use the format ComputerOrDomainName\UserName No one else can use the target system while in remote mode.

Question 55

What are the remote access technologies

Answer 55

Remote Desktop and Remote Assistance are Microsoft technologies. Can connect from Linux, macOS, iOS, or Android to Windows RDP server using mstsc client. Use other protocols and software for incoming connections to non-Windows devices.

Question 56

Explain Telnet fully.

Answer 56

Command-line terminal emulation protocol and program The host runs Telnet Daemon on TCP port 23 The client uses the Telnet program Once connected, can use the same commands as the local user Common commands: open HostPort; ?; status; close; quit Troubleshooting for SMTP or HTTP Remote router or switch configuration

Question 57

A full description of SSH

Answer 57

Replaces unsecure administration and file copy programs (Telnet, FTP) Uses TCP port 22 Encrypts each session Many commercial products SSH servers identified by public/private key pairs SSH clients can keep mappings or use commercial SSH key management products

Question 58

Explain SSH authentication

Answer 58

The server’s host key is used to set up a secure channel for SSH client authentication Various authentication methods are possible; can be enabled/disabled as needed: Username/password Kerberos Host-based Public key

Question 59

Give all the points of Screen Sharing and VNC

Answer 59

In macOS, use Screen Sharing for remote desktop Based on VNC Can use any VNC client Encrypted VNC itself is a freeware Similar to RDP TCP port 5900 Freeware versions have no connection security Commercial products include encryption solutions

Question 60

Explain File Share

Answer 60

Network file sharing can be complex (file sharing protocol; permissions; user accounts) Vendors offer simple file sharing options: AirDrop (Apple iOS/macOS) NearShare (Microsoft) Third-party and open-source alternatives Products include security, but always the potential for misuse Only accept requests from known contacts Security vulnerabilities may allow unsolicited transfers

Question 61

Give all the ways of Common Wired Network Connectivity Issues and how to troubleshoot them.

Answer 61

Rule out hardware-layer connectivity (cable connection) Troubleshoot wired connectivity: Test with ping Verify patch cord between host/panel and panel/switch Connect a different host Verify network adapter link properties Connect to a different port Check the switch (if multiple users) Use cable testing tools Troubleshoot slow transfer speeds: Check network adapter driver configuration Check to set for a switch port Check for: Switch or router congestion or network-wide problem Adapter driver issues Malware Interference in network cabling

Question 62

Give all the ways of Common Wireless Network Connectivity Issues and how to troubleshoot them.

Answer 62

Consider problems with physical media, and configuration: RF signal weakens with distance Check security and authentication configuration Configuration issues: If in range, check SSID mismatch or SSID broadcast Standards mismatch Dual-band support Low RF/RSSI Signal issues: Channel interference Signal blocking Use a Wi-Fi analyzer such as inSSIDer to perform a site survey A site survey can: Identify sources of interference problems Measure signal strength Identify congested channels

Question 63

Describe IP configuration issues and how to resolve them, and also give the switches.

Answer 63

If the host IP configuration is incorrect it will not be able to communicate View adapter status in Windows Use ipconfig at the command line Typical switches: /all /release /renew /displaydns /flushdns

Question 64

What is the process of using ipconfig

Answer 64

Use ipconfig to test adapter configuration: Static or DHCP? If DHCP, correct parameters? If the configuration is correct, check for: Communication with DHCP server Configuration with DHCP server Multiple conflicting DHCP servers On Linux, use ifconfig; some different functionality

Question 65

Describe IP Connectivity issues and all connectivity tests

Answer 65

If the link and IP are correct, the problem may be in network topology. Test connections by trying to use resources (but doesn’t eliminate application fault). Use other connectivity tests: Ping DNS testing IP conflict

Question 66

Give all connectivity tests that can be done and what will the outcome be.

Answer 66

Use ping to test communications. Ping loopback, workstation, default gateway, remote host. If successful, reply with time in milliseconds. If unsuccessful: Destination unreachable No reply (request timed out) Test DNS: Ping DNS names. Try reverse lookup. Troubleshoot IP conflicts: Possible configuration error due to static assignment. Windows disables IP. Identify affected machines and resolve duplicates.

Question 67

How do you deal with routing issues and what will occur?

Answer 67

Use tracert to investigate routing problems Command will time out if the host not located Will list: Router hops Ingress interface Response time Asterisk if no response

Question 68

What are the points of unavailable resources

Answer 68

If not with cabling, switches/routers, or IP, the problem is at a higher layer Failures possible in: Security Name resolution Application/OS If Internet access or local resources are unavailable, establish the scope by trying a different client: If works, problem with 1st client If fails, the problem is with the server, device, or infrastructure

Question 69

How do you troubleshoot internet availability

Answer 69

Troubleshooting Internet availability: If “No Internet access” message, no working Internet connection Check local PC settings Check ISP’s service status page/helpline Restart modem/router Suspect security issue (misconfigured proxy, firewall blocking host)

Question 70

How do you perform a reset

Answer 70

Performing a reset: Restart server as a stock response to persistent problems Restart application Run Windows network troubleshooter Reset the network stack Windows 10: Network & Internet > Status Windows 7/8: Network Adapter troubleshooter or command-line tools Remove network adapters and reboot; update all network settings

Question 71

How do you investigate open ports and connections? What are the switches?

Answer 71

Use netstat to investigate open ports and connections Use –a, -b, -n switches Linux has a slightly different utility

Question 72

What is nslookup

Answer 72

Use nslookup to investigate name resolution problems nslookup -Option Host Server Query a different name server and compare your results

Question 73

Explain the Internet of Things

Answer 73

A global network of devices equipped with sensors, software, and network connectivity. Devices can communicate and pass data M2M. “Things” identified with unique numbers/codes.

Question 74

Definition of Bluetooth Bluetooth Low Energy

Answer 74

Radio communication speeds up to 3 Mbps; v3 or v4 up to 24 Mbps The maximum range of 10 m/30 ft (signal strength weak at max. distance) Used in many portable/wearable devices Pairing procedure BLE version for low-powered devices that transmit infrequently

Question 75

Definition of Z-Wave

Answer 75

Wireless protocol for home automation Mesh topology over low-energy radio waves Can configure repeaters up to four “hops” High 800-low 900 MHz range; runs for years on battery power

Question 76

Definition of ZigBee

Answer 76

Similar to/competitive with Z-Wave 2.4 GHz band Up to 65,000 devices in a single network (232 for Z-Wave); no hop limit

Question 77

Definition of RFID and NFC

Answer 77

Tagging and tracking devices with radio-frequency tags NFC: peer-to-peer version of RFID

Question 78

How do you configure IoT on a device?

Answer 78

IoT functionality in home automation/smart home devices To interoperate, devices must all share protocol (i.e., Z-Wave or Zigbee) and be compatible with the same virtual assistant/hub Endpoint devices (thermostats, light switches, etc.) Smartphone control (using Wi-Fi, Bluetooth, NFC) Smart hub control (Z-Wave, Zigbee, Wi-Fi, Bluetooth, NFC) Dedicated hub from vendor Generic smart speaker/digital assistant

Question 79

Give a description of digital assistants

Answer 79

Voice interface responding to natural language Smartphones, computers, smart-speaker hubs Back-end server processing; raises privacy/security concerns Google Assistant Amazon Alexa Apple Siri Microsoft Cortana The device may require “training” to recognize and respond to the user’s voice