Domain Migration Flashcards Preview

Information Technology > Domain Migration > Flashcards

Flashcards in Domain Migration Deck (29)
Loading flashcards...


A router is a device that forwards data packets between computer networks, creating an overlay internetwork. A router is connected to two or more data lines from different networks. When a data packet comes in one of the lines, the router reads the address information in the packet to determine its ultimate destination. Then, using information in its routing table or routing policy, it directs the packet to the next network on its journey. Routers perform the "traffic directing" functions on the Internet. A data packet is typically forwarded from one router to another through the networks that constitute the internetwork until it reaches its destination node.[1]


The seven steps in DHH's migration plan:
1) transfer or acquire _______________
2) build ___________ _____________ domain
3) establish domain _________ with DHH and DOA domains
4) _________ _________ migration from DHH domain
5) acquire _______ circuits and ______ service for all sites
6) __________ with DHH
7) migration __________

Active Directory
Active Directory
Data Internet



Originally, a firewall was a wall that was built to stop (or slow down) the spread of a fire. In terms of computer security, a firewall is a piece of software. This software monitors the network traffic. A firewall has a set of rules which are applied to each packet. The rules decide if a packet can pass, or whether it is discarded. Usually a firewall is placed between a network that is trusted, and one that is less trusted. When a large network needs to be protected, the firewall software often runs on a dedicated hardware, which does nothing else.

A firewall protects one part of the network against unauthorized access.

Data travels on the internet in small pieces; these are called packets. Each packet has certain metadata attached, like where it is coming from, and where it should be sent to. The easiest thing to do is to look at the metadata. Based on rules, certain packets are then dropped or rejected. All firewalls can do this.



A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network.[1] This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.


WAN circuits

A wide area network (WAN) is a network that covers a broad area (i.e., any telecommunications network that links across metropolitan, regional, or national boundaries) using private or public network transports. Business and government entities utilize WANs to relay data among employees, clients, buyers, and suppliers from various geographical locations. In essence, this mode of telecommunication allows a business to effectively carry out its daily function regardless of location. The Internet can be considered a WAN as well, and is used by businesses, governments, organizations, and individuals for almost any purpose imaginable.[1]


Internet provider

An Internet service provider, or ISP, usually for a monthly subscription fee, will allow a user to connect to the Internet.



In computer security, a DMZ or Demilitarized Zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term "demilitarized zone", an area between nation states in which military operation is not permitted.
There are many different ways to design a network with a DMZ. Two of the most basic methods are with a single firewall, also known as the three legged model, and with dual firewalls. These architectures can be expanded to create very complex architectures depending on the network requirements.



On a local area network (LAN), a domain is a subnetwork made up of a group of clients and servers under the control of one central security database. Within a domain, users authenticate once to a centralized server known as a domain controller, rather than repeatedly authenticating to individual servers and services. Individual servers and services accept the user based on the approval of the domain controller.

On the Internet, a domain is part of every network address, including web site addresses, email addresses, and addresses for other Internet protocols such as FTP, IRC, and SSH. All devices sharing a common part of an address, or URL, are said to be in the same domain. In the address, indiana is the domain, people is a directory in that domain, and address.shtml is a file in the directory.



The Dynamic Host Configuration Protocol is a standardized networking protocol used on Internet Protocol networks for dynamically distributing network configuration parameters, such as IP addresses for interfaces and services.

The Dynamic Host Configuration Protocol, is a protocol related to computers and networks of computers. It is referred to as DHCP for short. It was made so that computers could connect to other computers (on a network) automatically. To be able to access the Internet (or any computer network), an IP address is needed. DHCP allows for this IP address to be obtained automatically. Other data, like a DNS Nameserver, or a time server can also be obtained that way. Finally, computers that support it can even get a disk image they boot from over the network.

The address can be dynamic (it can change), or it can be static (it stays the same). After a certain time, the address lease has to be renewed.



A user is a person who uses a computer or network service. A user often has a user account and is identified by a username (also user name). Other terms for username include login name, screen name (also screenname), nickname (also nick), or handle, which is derived from the identical Citizen's Band radio term.



A network policy contains conditions, settings and constraints that lets you designate who is allowed to connect to a computer network and the circumstances when they can or cannot connect. This can be viewed as rules and each rule has a set of conditions. The network policy servers (NPS) compare the conditions to the properties of connection requests. Should there be a match between the rule and the request, the defined settings are then applied to this connection. When several network policies are configured in the network policy server, they are in a specific order so the NPS verifies each request against the first rule in the ordered list, the second and so on, until it matches. When these policies are disabled, the NPS does not check the policy when authorizing connection requests.


Trusted certificates

Trusted certificates are typically used to make secure connections to a server over the Internet. A certificate is required in order to avoid the case that a malicious party which happens to be on the path to the target server pretends to be the target.


File sharing

File sharing is the practice of distributing or providing access to digitally stored information, such as computer programs, multimedia (audio, images and video), documents or electronic books. It may be implemented through a variety of ways. Common methods of storage, transmission and dispersion include manual sharing utilizing removable media, centralized servers on computer networks, World Wide Web-based hyperlinked documents, and the use of distributed peer-to-peer networking.


Web application

A web application is a software application that runs on a remote server. In most cases, Web browsers are used to access Web applications, over a network, such as the internet. Web applications are different from other applications because they do not need ot be installed.



The Domain Name System (DNS) is a system used to convert a computer's host name into an IP address on the Internet. For example, if a computer needs to communicate with the web server, your computer needs the IP address of the web server


File server

In computing, a file server is a computer attached to a network that has the primary purpose of providing a location for shared disk access, i.e. shared storage of computer files (such as documents, sound files, photographs, movies, images, databases, etc.) that can be accessed by the workstations that are attached to the same computer network. The term server highlights the role of the machine in the client–server scheme, where the clients are the workstations using the storage. A file server is not intended to perform computational tasks, and does not run programs on behalf of its clients. It is designed primarily to enable the storage and retrieval of data while the computation is carried out by the workstations.





User account

A user's account allows a user to authenticate to system services and be granted authorization to access them; however, authentication does not imply authorization. To log into an account, a user is typically required to authenticate oneself with a password or other credentials for the purposes of accounting, security, logging, and resource management.

Once the user has logged on, the operating system will often use an identifier such as an integer to refer to them, rather than their username, through a process known as identity correlation. In Unix systems, the username is correlated with a user identifier or user id.

Each user account on a multi-user system typically has a home directory, in which to store files pertaining exclusively to that user's activities, which is protected from access by other users (though a system administrator may have access). User accounts often contain a public user profile, which contains basic information provided by the account's owner.


Network permissions



Network security

Firewalls and antivirus

Network security starts with authenticating, commonly with a username and a password. Since this requires just one detail authenticating the user name —i.e. the password— this is sometimes termed one-factor authentication. With two-factor authentication, something the user 'has' is also used (e.g. a security token or 'dongle', an ATM card, or a mobile phone); and with three-factor authentication, something the user 'is' is also used (e.g. a fingerprint or retinal scan).
Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users.[2] Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS)[3] help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like wireshark traffic and may be logged for audit purposes and for later high-level analysis.


Firewall v. Antivirus

Firewalls can protect against some problems (viruses and attacks) that come from the internet. They cannot protect against viruses, that come from infected media (like an infected office document on an USB flash drive).


Client-server relationship

The client-server relationship describes the relation between the client and how it makes a service request from the server, and how the server can accept these requests, process them, and return the requested information to the client. The interaction between client and server is often described using sequence diagrams. Sequence diagrams are standardized in the Unified Modeling Language.


Primary domain controller

A Primary Domain Controller (PDC) is a server computer in a Windows domain. A domain is a network of logically grouped computers to which access is controlled by the PDC. Various account types exist in the domain, the most basic is the "guest" or "anonymous login" account. The PDC has an administration account which has overall total control of the domain resources.[1]


Secondary Domain controller



domain controller

On Microsoft Servers, a domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within the Windows Server domain.[1][not in citation given][2] A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of a single username and password combination.


Active directory

Active Directory (AD) is a directory service implemented by Microsoft for Windows domain networks. It is included in most Windows Server operating systems.

An AD domain controller authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted password and determines whether the user is a system administrator or normal user.[1]


Certificate authority

In cryptography, a certificate authority or certification authority (CA), is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or assertions made by the private key that corresponds to the public key that is certified. In this model of trust relationships, a CA is a trusted third party that is trusted by both the subject (owner) of the certificate and the party relying upon the certificate. CAs are characteristic of many public key infrastructure (PKI) schemes.



A database is a system for organizing data. It is a collection of raw data that can be manipulated, sorted, and questioned to produce information. The data can be stored in many ways.



A Client Access License ("CAL") is a software license distributed by software companies to allow clients to connect to its server software and use the software's services.