KENYA METHODIST UNIVERSITY END OF THIRD TRIMESTER 2013 COURSE CODE : CISY-331 COURSE TITLE : NETWORK ADMINISTRATION-1 STUDENT NAME: ANTONY MARCEL OTOM; REG. No.: CIS-1-3296 /2/2013 DATE OF SUBMISSION : 18TH October 2013 1) a) Discuss the Seven Specific Roles in Network Administration:- i) Network Manager - Manage local and wide-area voice and data networks by providing access to network resources, maintaining equipment, and monitoring network performance - Interpret needs and oversee planning, installation, setup, support and documentation of - Network systems - Evaluate and recommend server hardware and software components and upgrades as - Required, - Install, upgrade and configure client accounts, network printing, directory structures, - Rights, security and software on file servers, - Respond to the needs and questions of clients concerning their access to resources on the - Network, - Responsible for backup and disaster recovery measures. - Establish and maintain voice and data networks Page 1 of 15
Transcript
KENYA METHODIST UNIVERSITY
END OF THIRD TRIMESTER 2013
COURSE CODE : CISY-331
COURSE TITLE : NETWORK ADMINISTRATION-1
STUDENT NAME: ANTONY MARCEL OTOM;
REG. No.: CIS-1-3296 /2/2013
DATE OF SUBMISSION: 18TH October 2013
1) a) Discuss the Seven Specific Roles in Network Administration:-
i) Network Manager
- Manage local and wide-area voice and data networks by providing access to network resources, maintaining equipment, and monitoring network performance
- Interpret needs and oversee planning, installation, setup, support and documentation of
- Network systems - Evaluate and recommend server hardware and software components
and upgrades as- Required,- Install, upgrade and configure client accounts, network printing,
directory structures, - Rights, security and software on file servers,- Respond to the needs and questions of clients concerning their
access to resources on the - Network,- Responsible for backup and disaster recovery measures.- Establish and maintain voice and data networks
Page 1 of 15
- Oversees the installation, which involves communication equipmentprogramming, with products such as switches and routers,
- Part of the manager’s responsibility involves evaluating technologies and determining training programs to enable continual improvement of network services
ii) Network Technician
- Network Technician analyzes computer- and network-related problems reported by end-users,
- diagnoses the most effective method to resolve the problem and implements the solution; installs, maintains, and troubleshoots the Local Area Network (LAN), Wide Area Network (WAN), data communications, microcomputers and all peripheral equipment.
- Identifies, troubleshoots and resolves hardware-, software- and network-related problems encountered by end-users of the network,and the Internet.
- Configures and installs Windows workstations and other operating systems in response to the demands of a complex network design.
- Performs primary network system administration on network servers.
- Uses established tracking system to log requests; monitors progress, tracks problem resolution, identifies patterns of failure, researches bug fixes and implements solutions; communicates with manager regarding unresolved problems.
- Network technician works with network equipment and wiring in order to ensure that users have the best possible quality of service.
- Network technicians often provide desktop hardware and softwaresupport for end users. This includes both operating systems andapplications support, requiring the network technician to besomewhat of a jack of all trades.
- Network technicians typically handle initial troubleshooting onnetwork connectivity and performance problems. A networktechnician must be familiar with the company’s network design toprovide timely resolution to network problems.
- Network technicians often perform installation of pre-configuredequipment. Network engineers design networks and configure theequipment, but it is the network technician that typicallycarries the equipment out in the field, and installs and testsit.
- Network Security Technician will be responsible for the implementation, maintenance, and integration of the corporate WAN, LAN and server architecture.
- This individual will also be responsible for implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations. Other responsibilities include:-
- Performing analysis of network security needs and contributes to design, integration, and installation of hardware and software.
- Analyzing, troubleshooting and correcting network problems remotely and on-site.
- Maintaining and administering perimeter security systems such as firewalls and intrusion detection systems.
iv) Network Support Technician ,
- Assist with the installation, configuration and on-goingusability of desktop computers, peripheral equipment andsoftware.
- Configure, test, maintain, monitor and troubleshoot end user telecommunications hardware/software, telephony devices
- Maintain and administer computer networks and related computing environments Perform deployment, administration and security maintenance of Windows Server based intranet server
- Diagnose hardware and software problems associated with local andwide area network environments, PCs, and software.
- Perform data backups and disaster recovery operations.
- Ability to provide after-hours support on a rotational “on-call” basis and to work “off-hours” as needed.
- Plan, coordinate, and implement network security measures to protect data, software, and hardware.
- Perform routine network start-up and shutdown procedures, and maintain control records.
- Design, configure, and test computer hardware, networking software and operating system software.
- Recommend changes to improve systems and network configurations, and determine hardware or software requirements.
Page 3 of 15
- Provide full desktop support and regular maintenance on individual workstations
V) Voice Communications Technician,
- Plans network installations by studying customer orders, plans, manuals, and technical specifications; ordering and gathering equipment, supplies, materials, and tools, assessing installationsite; preparing an installation diagram.
- Establishes voice and data networks by running, pulling, terminating, and splicing cables; installing telecommunications equipment, routers, switches, multiplexors, cable trays, and alarm and fire-suppression systems; building ironwork and ladder racks; establishing connections; programming features; establishing connections and integrations; following industry standards; activating remote access tools; coordinating with contractors.
- Verifies service by testing circuits, equipment, and alarms; identifying, correcting, or escalating problems.
- Documents network by labeling and routing equipment and cables; recording configuration diagrams and specifications.
- Maintains network by troubleshooting and repairing outages;testing network back-up procedures; updating documentation.
vi) Outsourcing Manager,
- Is responsible to align and deliver on Business outcomes i.e. theoverall business objective, i.e. Revenue and Cost Control withVendor services as tools.
- Is the bridge between Business and the outsourcing function suchas IT. The Manager should have Selling skills as the role mustnot only execute outsourcing relationships, but should be able todebate, articulate, present and convince of the need and value ofsuch relationships
- He is also the facilitator of all things Commercial, Legal,Operations and HR as these tie in directly with any outsourcingrelationship.
- He works to manage outsourced projects for his employer. This mayinvolve creating proposal requests, establishing budgets forprojects, and reviewing proposals that are submitted to hiscompany.
- He/she is responsible for approving proposals and monitoring theprogress and performance of those hired to handle projects aswell.
Page 4 of 15
- Monitoring projects. For example, he may monitor the status ofoutsourced projects to make sure they are proceeding as expected.
- Evaluating the performance of those chosen for outsourcedprojects.
Vii) Security Compliance Auditor.- To examine the current state of a project and try to assure the
security of the current state of the project;- Determine whether the requirements are adequate and complete and
whether there are any implications that could lead tovulnerabilities.
- The auditor will generally attempt to find overt securityproblems, which should be mappable to deviations from aspecification.
- Plays a key role in the oversight and coordination of securityaudit and compliance-related functions for IT by maintainingstrong relationships with departments that support softwareapplications, databases, networking devices, operating systems,and storage devices.
- Helps IT systems administrators clearly understand internally andexternally-defined compliance requirements.
- Participate in the creation or enhancement of controls, control activities, and related evidence standards to ensure compliance with new or existing versions of the federal energy standards.
- Participate and document IT audits with regional, state, and federal authorities.
- Collect, prepare, and present evidence for continuous compliance monitoring.
- Identify and coordinate the update and approval of existing documentation.
- Evaluate, report, and work with IT owners to mitigate potential compliance violations.
- Strive to become a subject matter expert in interactions with external auditors.
- Recommend enhancement of control activities to more clearly demonstrate compliance.
- Identify opportunities for communication of ITS security and compliance initiatives.
- Develop and deliver IT security & compliance training material.
Page 5 of 15
- Establish and maintain framework for ITS documentation related tocompliance.
- Define and maintain compliance requirements for system and software design.
1 b) Discuss the ethical issues that a systems administratorencounters.
Network administrators generally have access to every file and shredof information on a company or organization's network. Such wideaccess means that network administrators could face a variety ofethical issues in the course of their work. These could rise from thetasks they are asked to perform or simply as a result of viewing allthe sensitive information in the course of their workday.
Invasion of PrivacyOne of the tasks a company could assign a network administrator could be looking at the browser activities and emails of employees to enforce company Internet usage policies. In this case, the network administrator could feel that it is unethical to invade employees' privacy in this way.
Equality in ReportingAnother ethical issue a network administrator could encounter in the process of reviewing employee browsing and email usage involves deciding what infractions to report. In other words, should the administrator report every single infraction, no matter how small, or should he only report serious infractions? In this case, the administrator may use his own values to determine what constitutes a "serious" infraction, and these values would also decide which employees will be let off and which ones could face disciplinary action.
Sensitive InformationA network administrator must know everything about his employer's technology infrastructure. In this case, the network administrator hasto look for ethical, as well as legal, guidance to any non-disclosure agreements he may have signed at his old company.
Whistle Blower SituationsA network administrator with unlimited access to any file on the company's servers may come across information that implicates her company in activities that are either unethical or strictly illegal. In this case, the network administrator may find herself torn between reporting her employer and her own job security. The employee needs to
Page 6 of 15
balance whether the activity is strictly illegal or simply unethical, with the constraints of any non-disclosure agreements she may have signed before going forward to report her employer.
System IntegrityEnsure the necessary integrity, reliability, and availability of the systems for which I am responsible. Design and maintain each system ina manner to support the purpose of the system to the organization.
ProfessionalismMaintaining professional conduct in the workplace and not allowing personal feelings or beliefs to cause me to treat people unfairly or unprofessionally.
Personal IntegrityHonesty in professional dealings and competence and the impact of administrator’s mistakes. Seek assistance from others when required.
Avoid conflicts of interest and biases whenever possible. When advice is sought from the administrator, he/she should avoid conflict of interest or biasness.
Q2. a) Discuss in detail the client server computing model.
The Client–Server model is a distributed application structure in computing that partitions tasks or workloads between the providers of a resource or service, called Servers, and service requesters, called Clients. Often clients and servers communicate over a computer network on separate hardware, but both client and server may reside in the same system.
A server is a host that is running one or more server programs which share their resources with clients. A Client does not share any of itsresources, but requests a server's content or service function. Clients therefore initiate communication sessions with servers which await incoming requests.
Client/Server model is a concept for describing communications betweencomputing processes that are classified as service consumers (clients)and service providers (servers).
The basic features of a C/S model are: -
1. Clients and servers are functional modules with well defined. The functions performed by a client and a server can be implemented by a
Page 7 of 15
set of software modules, hardware components, or a combination thereof. Clients and/or servers may run on dedicated machines, if needed.
2. Each Client/Server relationship is established between two functional modules when one module (client) initiates a service request and the other (server) chooses to respond to the service request.
3. Information exchange between clients and servers is strictly through messages (i.e., no information is exchanged through global variables). The service request and additional information is placed into a message that is sent to the server. The server's response is similarly another message that is sent back to the client. This is an extremely crucial feature of C/S model.
These additional features are typical of a client/server model:
4. Messages exchanged are typically interactive. In other words, C/S model does not support an off-line process. There are a few exceptions. For example, message queuing systems allow clients to store messages on a queue to be picked up asynchronously by the servers at a later stage.
5. Clients and Servers typically reside on separate machines connectedthrough a network. Conceptually, clients and servers may run on the same machine or on separate machines.
The implication of the last two features is that C/S service requests are real-time messages that are exchanged through network services. This feature increases the appeal of the C/S model (i.e., flexibility,scalability) but introduces several technical issues such as portability, interoperability, security, and performance.
b) Explain the Network Management Model as can be implemented by a network administrator.
Page 8 of 15
Why network management is important. More and more organizations rely on their networks. Business' highly dependent on the state of their networks need to grow network management tools like them. The cheapest way to manage a network is touse the tool, a network management automation.
Network management standards The International Organization for Standardization (ISO) deals with five major functional areas of network management model as performancemanagement, accounting management, configuration management, fault management and security management.
Performance Management Performance management and monitoring, Assessment and review of the available bandwidth and network usage of resources in a network to make more efficient to run. Performance management is a very importantpart of the model of network management, especially for business and /or organization that wants to streamline network performance. Solar Winds is a great tool for performance management.
Accounting Management Management accounting control and evaluate the use of data and / or resources for settlement purposes. This aspect of network management is used by Internet service providers to bill customers for the resources they use.
Configuration Management Configuration management of network monitoring-side versions of hardware and software on the network to identify "Their impact on the operation of the network is an example. The Microsoft System Management Server (SMS) capability that manage, monitor and track eachpiece of software and hardware in a particular network.
Fault Management Fault management is what most people think that the administration if they think the network. The purpose of this advanced network management is to identify, detect and alert system administrators of problems that may affect system operations.
Security Management Security management deals with controlling access to resources and also notify the competent authorities if some resources are available.Similarly, a network operator, or may e-mail outsourcing, if a resource fails, management systems can be used to access the network to send messages when certain files or routers, servers. Intrusion
Page 9 of 15
Detection Systems, Symantec Intruder Alert, these capabilities of security management.
There are many products support for the management of some or all of these areas of the network. That most network management systems have in common is the use of protocols such as Simple Network Management Protocol (SNMP), SNMPv3, and Common Management Information Protocol (CMIP).
Q3.a) Explain in detail the different methods of IP address assignment.
IP address assignment can occur in one of the following ways:-
From a DHCP server
The remote access server obtains the IP address to assign to a remote client from a DHCP server on the intranet. This is the default method for IP address assignment. The remote access server behaves like a DHCP client to the DHCP server and obtains 10 IP addresses at a time. As the remote access clients connect to the remote access server, the IP addresses are assigned to the clients using Internet Protocol Control Protocol (IPCP). If no DHCP server is available, the router uses an address from the Automatic Private IP Addressing (APIPA).
From a specified range of addresses
The remote access server obtains the IP address from a static pool of addresses configured on the remote access server. If you configure a static address pool, be sure to use only IP addresses that are not in a range that your DHCP server might assign to another computer and
Page 10 of 15
that are not already assigned to computers. If the static IP address pool address ranges represent a different subnet, ensure that routes to the address ranges exist on the routers of your intranet so that traffic to the logical interface of a remote client is forwarded to the remote access server.
From a static address specified in the user account (Manual Assigning of IP Addresses).
You configure a static IP address on the Properties of Network Places / Neighborhood or on Dial-in tab of the user account for the remote client or in network policy. When a remote client initiates a connection, creates a temporary logical interface, and requests that the remote access server assign an IP address to this logical interface, the remote access server assigns the IP address specified in the remote client's user account. This method is best suited for a small number of remote users.
b) Discuss the problems encountered in IP address resolution.The most common problems usually encountered in IP address resolution include: -
No Name found in DNS Server (Name Resolution Problems) Bad IP Configuration (No correct IP configuration both at
the Server and Client levels), DHCP Server not working properly (Hardware/Software Issues)…
Check for Server problems. Is the server authoritative for the name being looked-up? Incorrect Authoritative data, Connectivity issues such as communications between the
management console Disconnected Cable: Cable between the management console and
the client/server enclosure may be loose. DS Storage Manager still cannot locate the server enclosure
Q4. a) Distinguish between Routing and Switching in computer networks.
Routing in inter-networking is the process of moving a packet of data from source to destination. Routing is usually performed by a dedicated device called a Router. Routing is a key feature of the Internet because it enables messages to pass from one computer to another and eventually reach the target machine. Each intermediary computer performs routing by passing along the message to the next computer. Part of this process involves analysing a routing table to determine the best path.
Page 11 of 15
Packet switching is the approach used by some computer network protocols to deliver data across a local or long distance connection. It entails packaging data in specially formatted units (called packets )that are typically routed from source to destination using network switches and routers. Each packet contains address information that identifies the sending computer and intended recipient. Using these addresses, network switches and routers determine how best to transferthe packet between hops on the path to its destination.A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). Technically, network switches operate at layer two (Data Link Layer) of the OSI model.
b) Using a diagram show how path determination is implemented.
Path determination occurs at the network layer. A router uses path determination to compare a destination address to the available routesin its routing table and select the best path. The routers learn of these available routes through static routing or dynamic routing.
Routes configured manually by the network administrator are static routes. Routes learned by other routers using a routing protocol are dynamic routes.
The router uses path determination to decide which port to send a packet out of to reach its destination. This process is also referred to as routing the packet.
Each router that the packet encounters along the way is called a hop. The hop count is the distanced travelled. Routers can make decisions based on the Load, Bandwidth, Delay, Cost, and Reliability of a network link.
The following process is used to determine the path for every packet that is routed: -• The router compares the IP address of the packet that it received tothe IP tables that it has.• The destination address is obtained from the packet.• The mask of the first entry in the routing table is applied to the destination address.• The masked destination and the routing table entry are compared.• If there is a match, the packet is forwarded to the port that is associated with that table entry.• If there is not a match, the next entry in the table is checked.
Page 12 of 15
• If the packet does not match any entries in the table, the router checks to see if a default route has been set.Refer the Path-Determination Diagrams below:-
Q5.a) Using examples distinguish between VLSM and CIDR.A Variable-Length Subnet Mask (VLSM) is a sequence of numbers of variable length that streamlines packet routing within the subnets of a proprietary network.
A subnet can be a geographically defined local area network (LAN). Alternatively, a subnet may define security boundaries, departmental boundaries, multicast zones or hardware security parameters.
Once a packet has arrived at an organization's main gateway with its network number, that packet is routed to its ultimate destination using a subnet number. The VLSM is usually a string of binary digits shown over the subnet number, telling the router which parts of the subnet number to look at.
The use of a subnet mask saves a router the task of having to handle an entire IP address because the router deals only with the digits selected by the mask. The VLSM facilitates efficient use of IP address space in networks whose subnets are not filled to capacity. Example: In networks having many unassigned IP addresses, a VLSM can provide more efficient use of address space than the more common Fixed-Length Subnet Mask (FLSM) in which the sequence of numbers always has the same length. Variable-length subnet masking also makes it easier for system administrators to change the configuration of a network as an organization evolves.
CIDR: Classless Inter-Domain Routing ( CIDR ) is a method for allocatingIP addresses and routing Internet Protocol packets. Its goal was to slow the growth of routing tables on routers across the Internet, and to help slow the rapid exhaustion of IPv4 addresses.CIDR - Classless Inter Domain Routing - was adopted to help ease the load imposed on internet and large network backbone routers by the increasing size of routing tables.
Large routing tables have several adverse effects: Page 13 of 15
Routers require more memory in order to store and manipulate their routing tables which increases operation costs.
Routing latency is increased due to the large amount of data contained in the routing tables.
Network bandwidth usage is increased by routing updates when routers exchange their routing tables.
A solution to these problems was found in CIDR. CIDR permits IP Address aggregation which in turn reduces the size of routing tables and so addresses the problems listed above.
b) Identify and discuss the different functions of the transportlayer and of what utility they are to a network administrator.
The key functions of transport layer include:- Connection-oriented
communication Byte orientation
Reliability
Flow control
Congestion avoidance
Application identification
Client-side entity identification
Confirmation that the entire message arrived intact
Segmentation of data for network transport
Control of data flow to prevent memory overruns
Establishment and maintenance of both ends ofvirtual circuits
Transmission-error detection
Realignment of segmented data in the correct order on the receiving side
Multiplexing or sharing of multiple sessions over a single physical link
They help the Network administrator in monitoring, managing and trouble-shooting Network problems.
