Networking – Endterm Reviewer
SLIDE 11: WIRELESS STANDARDS AND
TECHNOLOGIES 802.11ax
Wireless Standards Speed: 2.4 / 5.0 GHz
Max Data Rate: 10-12 Gbps
802.11a
Typical Indoor Range: 150 feet
Speed: 5 GHz Typical Outdoor Range: 300 feet
Max Data Rate: 54 Mbps Topology: Ad-hoc, Infrastructure
Typical Indoor Range: 100 feet
Frequencies And Range
Typical Outdoor Range: 400 feet
Topology: Ad-hoc, Infrastructure
802.11b
Speed: 2.4 GHz
Max Data Rate: 11 Mbps
Typical Indoor Range: 150 feet
Typical Outdoor Range: 450 feet
Topology: Ad-hoc, Infrastructure
802.11g
Speed: 2.4 GHz
Max Data Rate: 54 Mbps
Typical Indoor Range: 150 feet
Typical Outdoor Range: 450 feet
Topology: Ad-hoc, Infrastructure
802.11n CHANNELS
Speed: 2.4 / 5.0 GHz
Max Data Rate: 600 Mbps
Typical Indoor Range: 175 feet
Typical Outdoor Range: 230 feet
Topology: Ad-hoc, Infrastructure CHANNEL BONDING
Backward Compatibility: 802.11a,
802.11b, and 802.11g Combines different channels to
increase the throughput
802.11ac Was introduced in 802.11n
Speed: 5.0 GHz Is configured with channels 1 and 6
Max Data Rate: 1.3 Gbps in 2.4 GHz range
o Has total width of 70 MHz
Typical Indoor Range: 115 feet
Typical Outdoor Range: - o Forms a channel of 40 MHz (20
Topology: Ad-hoc, Infrastructure + 20)
o Leaves a single non-overlapping
channel, 11 with 30 MHz
Can be configured with 5.0 GHz
1
� Networking – Endterm Reviewer
o Has a total width of 500 MHz ANTENNA TYPES
o Allows multiple bonded channels
Omni
because they are non-
overlapping Transmit signals to all directional
equally
SERVICE SET IDENTIFIER (SSID)
Are used in wireless routers,
Basic Service Set mobiles,
and radio transmission towers
Is a name given to the logical WLAN
Are easy to install and implement
segment
Can be installed in any direction
Contains only one wireless access
Have shorter range as signal is
point (WAP)
transmitted in all directions
Does not support mobility as there is
a single WAP Directional
Extended Service Set Transmit narrow directional signals
Are used when you need signals in a
Connects more than one WAPs
specific direction, such as television
Allows clients to move from one
antennas
WAP to another WAP
Have good transmission and
Requires each WAP to use the same
reception of signals
SSID
Allows the WAPS to have unique SLIDE 12: CLOUD CONCEPTS AND
BSSID CONNECTIVITY OPTION
Independent Basic Service Set (Ad-hoc) DEPLOYMENT MODELS
Is also known as the Ad-hoc mode 1. Public Cloud
or peer—to-peernetwork
Is a simple wireless network that - Works on the shared infrastructure
allows the wireless clients to - Requires users to pay by:
communicate with each other o Subscriptions
Does not require a router or WAP in o Pay-per-use
between to connect with the clients - Is owned by a third-party service
provider
Roaming - Is cost-effective and easier to
Allows the clients to move from one maintain
WAP to another WAP • Users have zero-maintenance
o Keeps a persistent connection on the infrastructure
o Does not require re- • Is less secure than the private
authentication with thesecond Cloud
WAP
Requires the WAPs to beconfigured
with same SSIDs
2. Private Cloud
Is set up by an organization or by a
2
� Networking – Endterm Reviewer
third-party for the organization 2. IaaS - or Infrastructure as a Service
Is dedicated to a single Allows the network
organization administrators to
o No shared infrastructure set up their networks in the cloud
Is more expansive than public Works just like the on-
cloud premise infrastructure except
Provides higher security than the access to the physical
public cloud hardware
Provides more flexibility in Allows upscaling and
Configuration downscaling as and when
required
3. Community Cloud Works in the pay-per-use
Has the same set of resources model
shared by multiple entities Example: Amazon EC2,
Works well with the entities, such Microsoft Azure
as federal agencies, that share
common characteristics 3. PaaS – or Platform as a Service
Security Provides development
Privacy platform the programmers
and developers
Compliance
Hosts development tools
Example:
Reduces the cost of
IBM SoftLayer
development tools for the
Salesforce Community Cloud
developers
4. Hybrid Cloud Example: Google App
Engine,
Combines public and private cloud 4. DaaS – or Desktop As A Service
Provides flexibility and security Provides virtual desktop to
Flexibility using the public the users via a Web browser
cloud Uses the per-user
Security using the private subscription model
cloud Can be either:
Can be used for high performance o Persistent
applications o Non-persistent
SERVICE MODELS INFRASTRUCTURE AS CODE
1. SaaS - or Software as a Service Infrastructure As Code (IaC)
delivery model.
o Is used for hosting Use a high-level descriptive coding
applications in the cloud language to set up the infrastructure
Provides access to the users based Automates the provisioning of
on subscription infrastructure
Requires a Web browser to access Removes the manual work to:
applications o Set up and manage servers
Examples: Gmail, Office365 o Installing operating systems
3
� Networking – Endterm Reviewer
o Configuring storage and “Capabilities can be elastically provisioned
databases and released, in some cases automatically,
Helps to orchestrate across multiple to scale rapidly outward and inward
systems commensurate with demand. To the
o Span a distributed consumer, the capabilities available for
application across several provisioning often appear to be unlimited
systems and can be appropriated in any quantity at
any time.”
In simpler terms, elasticity is about adding
CONNECTIVITY OPTIONS or removing resources to your
infrastructure in an automated manner.
Virtual Private Network (VPN)
When workload increases, resources are
A. Site-to-site VPN: automatically added for the applications that
Is between VPN gateway in the is demanded them. When the workload
cloud and a VPN endpoint in on- decreases, the resources are automatically
premises removed without any manual intervention.
Joins two networks over the internet. Elasticity helps in controlling cloud
Uses IPsec resources costs. You have to pay only for
what you use. When the resources are not
B. Client-to-site VPN: required, it simply removes them.
Is between a VPN gateway in the
cloud and a VPN client SCALABILITY
Private-Direct Connections Is when the administrators add more
resources to get optimal
Is a dedicated direct connection performance
between:
Is about increasing the resources to
o The cloud environment
manage the load
o Customer’s network o Scaling Up
Creates the IPSec-encrypted private Add more resources
connection between two endpoints to the system
MULTITENANCY o Scaling Out
Adding more systems
Multitenancy for load management
Has several tenants using the same
cloud infrastructure
o The same server or system SECURITY IMPLICATIONS
o The same hard drive (for data) Let’s look at some of these security
Is done by the cloud service provider implications.
to achieve cost efficiency
o Service attacks
ELASTICITY o Shared Cloud Computing
Services
Elasticity
o Employee Negligence
Elasticity, as defined by NIST, is: o Inadequate date backups
4
� Networking – Endterm Reviewer
o Phishing and Social
Engineering Attack
o System Vulnerabilities SLIDE 13: NETWORK
TROUBLESHOOTING
Many cloud consumers use the public
1. Identify the Problem
cloud, which works with shared resources.
This causes a serious threat. If one of the Gather information
cloud consumers having data and Question users
applications on one server is compromised, Identify symptoms
the threats become real for the other Determine if anything has changed
tenants on the same server. Duplicate the problem, if possible
Approach multiple problems
Employee Negligence individually
Most organizations allow their employees to
remotely connect to their networks or the 2. Establish a Theory
cloud applications and data. Nowadays, Question the obvious
employees use a mobile phones, tablets, Consider multiple approaches
and other devices to connect to the cloud. If o Top-to-bottom/ bottom-to-top OSI
any of these is vulnerable or infected model
with malware, it can also impact the o Divide and conquer
cloud environment.
3. Test the Theory
Data backups can be a concern in the cloud
If the theory is confirmed, determine
environment. You don’t know where your
the next steps to resolve the
data is replicated and if it is replicated at all.
problem
In a cyber-attack, such as malware or
If the theory is not
ransomware, it might be difficult to
confirmedreestablish a new theory
retrieve data if the data is not backed up
or escalate
properly.
Specifically, social engineering and phishing 4. Establish a Plan
have been a threat to cloud environments. If Determine the possible effects of the
a user accidentally falls to the phishing solution that you plan to implement
threat and is connected to the cloud, the Need to determine a workaround or
a
attacker can access the user credentials
final solution
and do the lateral movement to sabotage
the cloud infrastructure.
5. Implement the Solution
Just like the on-premises infrastructure, Implement the plan that you created
cloud infrastructure is also prone to in
vulnerabilities. After all, it is still running on the previous step
the physical infrastructure and using the Need to have requisite permissions
same set of operating systems and to
applications. A single vulnerability in the implement the solution
operating systems or applications in the o May require additional help
cloud can let an attacker exploit the cloud
environment. 6. Verify The Functionality
5
� Networking – Endterm Reviewer
Is the next step after implementing
the solution
Requires the validation of the
solution implemented
o Ensure there are no negative
outcomes
o Ensure the problem is fixed
Implement preventive measures
7. Document the Scenario
Requires the document to be
created updated based on a new or
existing problem
Requires new document if:
o Problem is new
o Problem has never encountered
before
Should capture the following:
o Symptoms
o Corrective actions
o Outcomes
