CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)
"Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53"
Learn more about the PACE-IT Online program: www.edcc.edu/pace-it
2. Page 2
Instructor, PACE-IT Program – Edmonds Community College
Areas of Expertise Industry Certification
PC Hardware
Network Administration
IT Project Management
Network Design
User Training
IT Troubleshooting
Qualifications Summary
Education
M.B.A., IT Management, Western Governor’s University
B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger
with 10+ years of experience turning complex issues
into efficient and effective solutions.
Strengths include developing and mentoring diverse
workforces, improving processes, analyzing
business needs and creating the solutions
required— with a focus on technology.
3. Page 3
– Plan the network.
– Configure the network.
PACE-IT.
5. Page 5
Need a simple SOHO? Great,
just plug two PCs into a single
hub and you have a basic
network. But does it achieve
what you want?
How do you know without a plan? A network plan is vital
when implementing any network more complicated than
the most basic. The plan should cover what you are
hoping to achieve and how you are going to get there. In
addition to your expertise, you are also going to need
input from your end users. Nothing is quite so frustrating
as delivering the network and having customers tell you it
is not what they wanted.
Implementing a basic network.
6. Page 6
– List of requirements.
» Define why the network is needed.
» Define what network features are required.
» Define the scope of the network.
» Establish a budget to implement the network.
– Network design.
» What equipment is needed to implement the network?
» How will the network be organized?
» How will shared resources be placed on the network?
– Compatibility issues.
» What standards are in play now and what standards will there
be in the future?
» Does any current equipment require specific cabling or
connection types?
Implementing a basic network.
7. Page 7
– Internal connections.
» How many node connections will be required?
» How will future expansion be planned?
– External connections.
» How will the network connect to the outside?
– Network equipment placement.
» Is there a wiring/equipment closet?
» What environmental considerations are there for the placement
of equipment?
– How will network security be
implemented?
» Are there firewall type and placement considerations?
» Will VLANs be required and, if so, how many?
» How will port security be implemented?
Implementing a basic network.
9. Page 9
– Network configuration considerations.
» How clients will receive their IP addresses:
• Using static IP address configuration creates more security,
but is harder to manage.
• Using Dynamic Host Configuration Protocol (DHCP) to
automatically assign IP addresses from a pre-configured pool.
» MAC filtering will only allow specified MAC addresses onto the
network. It is an effective security measure, but it can be
difficult to control.
» A demilitarized zone (DMZ) will be required if a server will be
hosted on the network that needs to be accessed from outside
the network (e.g., a Web server).
• The DMZ is an area of the network in which outside
connections are allowed, while the internal network remains
protected.
• A DMZ will require a custom configuration of the firewall; in
most implementations, two firewalls are used.
Implementing a basic network.
10. Page 10
– Network configuration considerations
continued.
» Firewall placement and configuration considerations:
• Most SOHO WAN connection devices include firewall
services that are sufficient in most cases.
• If a DMZ needs to be deployed, the best method is to
introduce an additional router and firewall into the network,
with the DMZ residing between the WAN equipment and the
new router/firewall combination.
• If a DMZ is deployed, port forwarding should also be used at
the router/firewall level.
» Router/firewall configuration considerations:
• In the situation of a DMZ or hosted service, port forwarding
needs to be configured.
• Port forwarding is used to direct requests for specific
resources (like a request for a Web page) to the computer
that has the resource.
Implementing a basic network.
11. Page 11
– Wireless network configuration
considerations.
» The name of the wireless network will need to be determined;
this is called the service set identifier (SSID).
• The SSID can be set to broadcast in the clear.
• The SSID can alternatively be set for the broadcast to be
hidden.
» Encryption needs to be turned on (by default wireless routers
and WAPs do not have encryption enabled) and, at the
minimum, WPA2-Personal should be enabled.
» Some wireless networking equipment comes with Wi-Fi
Protected Setup (WPS) enabled by default. This should be
turned off and not used, as it creates a weakness in the
wireless network.
• WPS can be easily exploited by an attacker.
Implementing a basic network.
12. Page 12
The network that you
implement may not be
exactly what you planned,
so document any changes to
the plan.
Undoubtedly, during the process of implementing
the plan, some changes will be introduced—either
by you or at the request of the end users. Always
document the changes to the plan and the reasons
for them. Then, be sure to incorporate those
changes into the final network documentation.
Implementing a basic network.
13. Page 13
Implementing a basic network.
A network plan is vital when implementing any network more complicated
than the most basic one. At the minimum the plan should include a list of
requirements, a network design, compatibility considerations, a list of
internal and external connections, a list of where equipment will be placed,
and a means of implementing security.
Topic
Plan the network.
Summary
Configuration considerations include IP address assignment, MAC filtering,
DMZ configuration (when required), firewall placement and configuration,
and router configuration. For wireless networks, additional configuration
considerations include: SSID (network’s name), SSID broadcast type, and
encryption method.
Configure the network.
15. This workforce solution was 100 percent funded by a $3 million grant awarded by the
U.S. Department of Labor's Employment and Training Administration. The solution was
created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties, or
assurances of any kind, express or implied, with respect to such information, including
any information on linked sites and including, but not limited to, accuracy of the
information or its completeness, timeliness, usefulness, adequacy, continued availability
or ownership. Funded by the Department of Labor, Employment and Training
Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are
available upon request to individuals with disabilities. For those that are hearing
impaired, a video phone is available at the Services for Students with Disabilities (SSD)
office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call
425.354.3113 on a video phone for more information about the PACE-IT program. For
any additional special accommodations needed, call the SSD office at 425.640.1814.
Edmonds Community College does not discriminate on the basis of race; color; religion;
national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran
status; or genetic information in its programs and activities.