NW203 Test3

  1. Kerberos
    Since Windows 2000 Server and Windows XP, all Windows products have been able to use Kerberos technology for authentication. Kerberos support is also built into clients (and network servers) running UNIX and Linux. Authentication also works in conjunction with Microsoft’s Active Directory service when authenticating Kerberos clients. Essentially, every user that successfully authenticates to the Active Directory authentication system receives a unique identifier known as a ticket. From then on, that ticket is sent along with all transmissions to indicate exactly who sent the information.
  2. Mac OS X (OS 10):
    based on a UNIX kernel, which makes it more stable, more scalable, and generally more powerful than previous versions
  3. Keychain
    The Kerberos authentication mechanism handles the authentication for Mac OS X, which makes Mac OS X compatible with other popular networking environments. Additionally, Mac OS X includes a feature known as the keychain, mentioned earlier. The keychain is a storage location for all the passwords you might use on the Internet (website passwords, FTP passwords, etc.) or anywhere. When a user authenticates to the system, that procedure unlocks the keychain. From then on, any time the user revisits a location that has credentials stored in the keychain, the keychain will automatically provide them on behalf of the user.
  4. Open Directory
    In addition to Kerberos and the keychain, Mac OS X and newer versions include support for Apple’s Open Directory. Open Directory is a directory much like Microsoft’s Active Directory and Novell’s eDirectory. It allows all users to authenticate to a central database of users so a user has to authenticate only once to the Directory. From then on, the security settings stored in the Directory for that user dictate what parts of the network can be accessed and under which conditions.
  5. Apache Web server
    Many application developers are creating small business suite packages for Mac OS X Server. Mac OS X Server comes with the Apache Web server, the most popular UNIX-based (and possibly most popular overall) web server, and MySQL 4, making for a very powerful open source web platform for developing database-driven websites.
  6. UNIX
    Bell Labs developed UNIX, in part, in 1969. We say “in part” because there are now so many iterations, commonly called fl avors, of UNIX that it is almost a completely different operating system. Although the basic architecture of all fl avors is the same (32-bit kernel, command-line based, capable of having a graphical interface, as in X Window System), the subtle details of each may make one fl avor better in a particular situation than another. Linux, although also sometimes described as a fl avor or version of UNIX, is actually something different.
  7. Unix user interfaces
    UNIX supports two types of user interfaces: several versions of the command-line interface (know as shells) and the graphical interfaces (with X Window System probably the best known version).
  8. Linux
    Linux, whose popularity has grown rapidly in the last several years, was originally developed by Linus Torvalds at the University of Helsinki, Finland. He started his work in 1991 and released version 1 of the Linux kernel in 1994. Linux is now available in literally hundreds of different downloadable versions, known as distributions, all with one common feature. They are licensed using an open-source license, specifically called the GNU public license, which means you can modify it, as long as you include the source code when you redistribute it.
  9. VM
    • Host: The actual physical computer on which one or more virtual machines run.
    • • Bare metal: Another term for the host computer that runs one or more virtual machines.
    • • Guest: Another term for a virtual machine running on a host.
    • • Guest operating system: An operating system that runs within a virtual machine. By itself, a guest is just a machine; it requires an operating system to run. The guest operating system is what brings the guest to life.
    • As far as licensing is concerned, Microsoft treats each virtual machine as a separate computer. Thus, if you run six guests on a single host and each guest runs Windows Server 2008, you need six licenses of Windows
    • Server 2008.
    • • Hypervisor: The virtualization operating system that creates and runs virtual machines.
    • The two basic types of hypervisors are Type 1 and Type 2. A Type 1 hypervisor runs directly on the bare metal. A Type 2 hypervisor runs within an operating system, which in turn runs on the bare metal.
  10. Benefits of virtualization
    • Hardware cost:
    • Energy costs:
    • Recoverability
    • Disaster recovery
  11. IPSec
    Internet Protocol Security (IPsec), an industry standard, provides security for L2TP. IPsec is a set of open standards designed to provide security for IP networks. It provides support for peer-computer authentication and data authentication and data encryption. It supports two modes of operation. When operating in transport mode, only the message portion of the IP packet is encrypted. It is used for host-to-host communications. Remote access connections always use transport mode. It also supports a tunnel mode, in which the entire packet is encrypted and then encapsulated inside another IP packet. It enables IPsec support for non-IPsec aware client operating systems. Tunnel mode can be used with host-to-host communications, but is also used with host-to-network and network-to-network communications. On a Windows network, IPsec is supported by Windows 2000 and later servers and Windows XP and later clients unless used for VPN access with the L2TP client software installed.
  12. Circuit switched networks
    Circuit-switched networks are the oldest and simplest approach to MAN and WAN circuits. These services operate over PSTN; that is, the telephone networks operated by the common carriers such as AT&T, Verizon, CenturyLink, and so on. Circuit-switched services use cloud architecture. The users lease connection points (e.g., telephone lines) into the common carrier’s network, which is called the cloud, shown in Figure 10-17. A person (or computer) dials the telephone number of the destination computer and establishes a temporary circuit between the two computers. The computers exchange data, and when the task is complete, the circuit is disconnected (e.g., by hanging up the phone).
  13. Dedicated circuit network
    • With a dedicated circuit network, you lease circuits from common carriers. All connections are point to point, from one building in one city to another building in the same or a different city. The carrier installs the circuit connections at the two end points of the circuit and makes the connection between them. The circuits still run through the common carrier’s cloud, but the network behaves as if you have your own physical circuits running from one point to another as in Figure 10-18. Once again, the user leases the desired circuit from the common carrier (specifying the physical end points of the circuit) and installs the equipment
    • needed to connect computers and devices (for example, routers or switches) to the circuit. This equipment may include multiplexers or a channel service unit (CSU) and/or a data service unit (DSU); a CSU/DSU is the WAN equivalent of a NIC in a LAN.
  14. Packet switched networks
    With packet-switched networks, as with circuit-switched networks, you buy a connection into the common carrier cloud as shown in Figure 10-19. The user pays a fixed fee for the connection into the network (depending on the type and capacity of the service) and is charged for the number of packets transmitted. The user’s connection into the network is a packet assembly/disassembly device (PAD), which the customer or common carrier can own and operate.
  15. IPSec
    The most important of the VPN security protocols is called IPSec, which stands for Internet Protocol Security. IPSec is a collection of standards for encrypting and authenticating packets that travel on the Internet. In other words, it provides a way to encrypt the contents of a data packet so that only a person who knows the secret encryption keys can decode the data. And it provides a way to reliably identify the source of a packet so that the parties at either end of the VPN tunnel can trust that the packets are authentic.
  16. L2TP
    Another commonly used VPN protocol is Layer 2 Tunneling Protocol (L2TP). This protocol does not provide data encryption. Instead, it is designed to create end-to-end connections called tunnels through which data can travel. L2TP is actually a combination of two older protocols, one (called Layer 2 Forwarding Protocol, or L2FP) developed by Cisco, and the other (called Point-to-Point Tunneling Protocol, or PPTP) developed by Microsoft. Most VPNs today use a combination of L2TP and IPSec, called L2TP over IPSec. This type of VPN combines the best features of L2TP and IPSec to provide a high degree of security and reliability.
  17. Back types
    Differential: Differential backups use the archive bit to determine whether a file has changed since the last normal backup. Differential backups take longer than incremental backups on subsequent runs because all changed data is backed up each time. They require less time to restore data because you restore the full backup and most recent differential backup only. • Incremental: Incremental backups use the archive bit to determine whether a file has changed since the last full or incremental backup. Incremental backups take less time than differential backups on subsequent backups. However, data restoration takes more time because the normal backup tape and all incremental tapes made since the last normal backup are needed.
  18. ESD
    Electronic software distribution (ESD), sometimes called desktop management or automated software delivery, is one solution to the configuration problem. ESD enables network managers to install software on client computers over the network without physically touching each client computer. Desktop Management Interface (DMI) is the emerging standard in ESD software.
Card Set
NW203 Test3
NW203 Test3