Download TroyTech INet+ Certi..

Troy Technologies USA
I-Net+
STUDY GUIDE
Edition 1
Congratulations!!
You have purchased a Troy Technologies USA Study Guide.
This study guide is a selection of questions and answers similar to the ones you
will find on the official Comptia I-Net+ exam. Study and memorize the following
concepts, questions and answers for approximately 10 to 12 hours and you will be
prepared to take the exams. We guarantee it!
Remember, average study time is 10 to 12 hours and then you are ready!!!
GOOD LUCK!
Guarantee
If you use this study guide correctly and still fail the exam, send your official score
notice and mailing address to:
Troy Technologies USA
8200 Pat Booker Rd. #368
San Antonio, TX 78233
We will gladly refund the cost of this study guide. However, you will not need this
guarantee if you follow the above instructions.
This material is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this material, or any portion thereof, may result in severe civil and criminal penalties, and will be prosecuted to the maximum
extent possible under law.
 Copyright 2000 Troy Technologies USA. All Rights Reserved.
I-Net+ Concepts
SUPPORTING INTERNET CLIENTS
•
•
•
•
•
•
Hardware platform (PC, WebTV, Internet phone) – The one necessity is the TCP/IP protocol.
Operating system - The stack is implemented differently in different operating systems,
Windows-based operating systems implement it as a DLL – Winsock.
Network connection – The connection can be through any number of possibilities, including
dial-up, proxy, and direct.
Web browser – Uses port 80 by default, and can be configured with a number of features
(caching, cookie acceptance, etc.). Both Netscape and Internet Explorer run on multiple operating system platforms.
E-mail – Commonly accessed via POP3 and sent via SMTP. This functionality can be accomplished through the browser in many cases, or other programs.
TCP/IP stack – TCP/IP is a four-layer protocol that matches up to the seven-layer OSI
model in functionality.
INTERNET SITE FUNCTIONALITY
Internet Service Provider (ISP) – ISPs access the Internet through Network Access Points
(NAPs).
The easiest way to add search capabilities to your site is to add an Index server. An Index server
will automatically index your site. After entering keywords, the index server returns the pages
that are most relevant to those keywords. An Index server can also present a security risk because it is possible that the search will return pages that you do not want people to see. You can
prevent that by setting appropriate file permissions for the restricted files.
Another easy way to make finding information on your site easy is to create a site map. A site
map is a directory of your web site with links that take visitors directly to pages that might be of
interest.
BROWSERS
•
•
•
Browsers are used to view the graphical content of the World Wide Web. FTP is used to
upload and download files. Both allow for anonymous access to sites, though it can be prohibited if security is a concern. Telnet sessions allow a user to establish a dumb-terminal
connection to a server and run processes on the server. Email clients are used to send and receive email.
To place a single file on an FTP site, use the put command. To place multiple files on an
FTP site, use mput. To retrieve a single file from an FTP site, use get. Use mget to retrieve
multiple files.
With telnet, the command to initiate the session is telnet itself:
1
•
Telnet 1.2.3.4
Or
Telnet redial.com
Once a connection is established, you must logon to the server with a valid username and
password.
IP ADDRESSES
An IP address consists of 4 octets. An octet is a combination of 8 bits. A valid IP address will
look like this: 191.28.107.208. Valid IP address will always have 4 octets separated with a dot.
You should know the classes of IP addresses and corresponding default subnet masks.
Class
First byte of
IP address
Default subnet
mask
A
1-126
255.0.0.0
B
128-191
255.255.0.0
C
192-223
255.255.255.0
D
224-239
Used for multicast broadcasts.
E
240-255
Reserved for future use.
Comment
Class A networks can have over 16 million
hosts.
Class B networks can have over 64 thousand hosts.
Class C network can have 254 hosts.
Special IP addresses
•
•
127.0.0.1 - Loopback address. When you use a ping command with 127.0.0.1, you receive a
response from the computer where the command was executed. This is helpful when determining if the TCP/IP has been properly installed on your computer. Any IP address starting
with 10 is not used on the Internet and is reserved for private networks.
To identify what service the packet is intended for, TCP/IP protocol uses port numbers. You
should know default port numbers for the most widely used Internet protocols and applications.
Application
FTP
HTTP
TELNET
POP3
SMTP
•
Default port number
21
80
23
110
25
These ports are the default, and if you change the service to another port, those accessing it
must specify the new port in their request. If the web service is changed from port 80 to port
800, the URL to access the site troytec.com becomes: http://www.troytec.com:800. URL
2
•
•
•
•
•
•
stands for Uniform Resource Locator. URLs contain the type of protocol, the DNS name or
address of the server and the path to the file being requested.
NetBIOS names (computer names) exist in Microsoft’s operating system. NetBIOS-to-IP
resolution can be done through static files (LMHOSTS) or dynamically with a Windows
Internet Naming Service (WINS) server.
Host names exist is all operating systems. On a small network, host name-to-IP resolution
can be accomplished through the use of HOSTS files. On a large network this resolution can
be accomplished via the use of Domain Name Service server machines. DNS servers divide
the extent of their coverage area into zones, with a primary and secondary server for each.
To configure TCP/IP on a host, you need only three values: default gateway, IP address and
subnet mask. The default gateway is the IP address of the router all data not intended for this
network should go to.
A subnet mask divides the total number of hosts available for one network into a smaller
number available for a number of networks. The subnet mask value is based upon the class of
network you have.
Host file configuration – the host file must exist on every machine that is performing host
name-to-IP address resolution in order for it to work properly. It can consist of an unlimited
number of lines, with each line limited to 255 characters in length. Host file format: the first
column is an IP address, and all other columns on that line (separated by any white space) are
aliases for that IP address. The pound sign (#) anywhere on a line makes the rest of the line a
comment.
DHCP versus static IP – Dynamic Host Configuration Protocol (DHCP) servers can simplify
administration of IP addresses by dynamically issuing them to clients, and not requiring them
to be hardcoded by an administrator. DHCP is built on BOOTP (Boot Protocol) and leases
addresses from a scope. When the leases expire, the IP addresses are placed back in the scope
for use by another client. At any time, the leases can be renewed or released.
MIME
Multipurpose Internet Mail Extensions (MIME) makes it possible to send non-ASCII files over
email and have them supported on the client machine. Web browsers use MIME to understand
how to display non-HTML data within the browser.
COOKIES
The purpose of cookies is to remember certain information about the user when the user accesses
the web site. This can include the user’s name and password, user preferences, the date and time
of the last visit to the web site, how many times the user has been to the web site. Cookies are
always stored on the client’s machine in unencrypted form. To set the cookie, the web server
uses “Set cookie” command in the HTTP header. Cookies can also be set with the JavaScript.
An “expiration” date and time of the cookies can be set with the expires attribute. When expiration date has been reached, the cookie will be automatically deleted from your computer. If no
expiration is set, the cookie will expire when the browser is closed. A web site can set multiple
cookies. The maximum number of cookies per domain is 20. The maximum size of cookies is 4
KB. When the limit on number of cookies is reached, the least recently used cookie is deleted.
3
DEVELOPMENT
•
•
•
•
•
API (Application Programming Interfaces) are the building blocks by which Windows-based
software applications are built by programmers.
CGI – (Common Gateway Interface) is a program language that runs on servers and provides
a means to customize output to the user. It is server-based and performs all operations on the
server (versus ActiveX and Java applets, which run on the client). Because a process must be
initiated each time the program is run, CGI tends to be server-intensive, while ISAPI and
other server-solutions can avoid spawning a new process with each iteration and not be as
intensive on the server.
SQL – (Structured Query Language) is used to find or place information in a database. Using
ODBC (Open DataBase Connectors), the Web server can interact with an SQL server and
pull up information such as from a catalog database and post the results in HTML to the user.
SAPI – (Speech API) is used for voice and telephony applications.
DLL – (Dynamic Linking Libraries) are the method by which common executable routines
are made available in the Windows-based environment. Drivers and executables depend upon
DLLs to provide functionality that can be accessed, making programming much easier.
SCRIPTS
Two most popular types of server side scripts standards are CGI ( Common Gateway Interface)
and ISAPI (Internet Server Application Programming Interface). CGI scripts can be written in
many programming languages. PERL (Practical Extraction and Report Language) and C are
probably the most popular for writing CGI scripts. JavaScripts and PERL scripts are plain text
files and can be written using any text editing application like notepad. ISAPI scripts are Microsoft's implementation of the server side scripts. ISAPI scripts only run on NT IIS servers. ISAPI
scripts are faster than CGI and have less system overhead. Client-side scripting can include Java
applets, Active Server Pages, and ActiveX. Any execution that occurs within the browser is
known as client-side programming, while any execution that occurs before data reaches the
browser is known as server-side. JavaScript is the most popular scripting language used on web
pages. Because JavaScript is processed by the client (Browser) and not on the server, JavaScript
does not slow down the server. JavaScript is supported by both Netscape and Microsoft. To tell
the browser to start interpreting JavaScript, a <script> tag is used. The </script> tag tells the
browser to stop reading the script. <script> tags can have attributes. The most common script
attribute is "language".
<script language="JavaScript">......</script>
Another scripting language is VBscript. VB script is a proprietary script from Microsoft and can
only be interpreted by Microsoft's Internet Explorer browsers. For this reason VBscript is not
used on the Internet, but sometimes used on Intranets in organizations that only have Microsoft
Internet Explorer browsers.
4
DHTML (dynamic HTML) is a way to add special effect to the text on the web page. With
DHTML you can make the text scroll across the screen or fly off the screen. There are no
DHTML standards.
HTML
HTML TAGS are elements that tell the browser how to format the text or graphic element. Tags
are always included in the "<" and ">" signs. There are two basic types of HTML tags: container
tags and stand alone tags. A container tag looks like this:
<TITLE>some title of the page</TITLE>
The title of the page is included between the <TITLE> and </TITLE> tags. The "/" is the switch
that tells the browser that the formatting effect applies only to the text between the opening and
the closing tag. The </TITLE> is the closing tag. A standalone tag does not need a closing tag.
(e.g. <BR>). Tags are not case sensitive. Container tags are always in pairs. Every opening container tag should have a corresponding closing container tag.
The basic structure of the HTML document is
<HTML>
<HEAD>
<TITLE>pages title</TITLE>
</HEAD>
<BODY>the contents of the page go here including all necessary formatting
tags</BODY>
</HTML>
Every web page has three basic elements: HTML declaration, head and body. Some tags require
attributes. The example is "<IMG> tag. You can't use <IMG> tag without attributes.
META tags. The <META> tags go inside the <HEAD> ...</HEAD> tags. <META> tags are
used to include the site's description and keywords that search engines use to index sites. META
tags must have attributes. Usual attributes are "name" and "content". <META> tags can also be
used to include the copyright information:
<META name="copyright" content="author name">
Forms are used for the input of data that will be sent to the server for processing. An example of
the form is the e-mail form that is widely used on the Internet. A user can fill out the form and
send the data to the server.
The HTML tag to start the form is <form>. It requires the closing tag </form>.
5
CSS (Cascading Style Sheet) is a collection of <style> elements that describe how different
HTML elements are presented. CSS information can be stored in a separate file on the server and
all web pages can have links to that file. This way all pages will have the same look and feel.
XML (extensive markup language) Just like with HTML, you can use a simple text editing program like notepad to write XML code. XML offers more control over the text formatting and
positioning text and other elements on the page.
Multimedia extensions or plug-ins
QTVR – Allows video, audio, and animation to be displayed utilizing 3-D photos and artwork.
Flash – Allows you to create vector-based web sites.
Shockwave – It is a Netscape plug-in or an ActiveX control that allows animation, video and
audio.
Real Player – plays RealAudio and RealVideo files on the Windows and Mac operating systems.
Windows Media Player – Does not require any additional hardware. It plays files with the extension of .AVI and supports several compression methods.
Multimedia file formats
GIF (Graphics Interchange Format) The current GIF standard is GIF89a. It supports transparencies, animation and interlacing. GIF format only supports 256 colors. GIF is best suited for logos, icons, and clipart. Transparent GIFs are very popular in web design. They allow a logo or an
image to be displayed. Browser safe palettes consists of 216 colors. These colors are displayed
the same way in any browser on any operating system platform.
BMP files are the default bitmapped images used in the Windows world.
MPEG (Moving Picture Experts Group) Files are compressed digital video files considered
to be of higher quality than QuickTime and others. Compression is done by only saving the
changes between images instead of all the images.
AVI (Audio Video Interleave) format used by Microsoft’s Video for Windows.
JPEG (Joint Picture Expert Group) JPEG format supports 16 million colors and is the preferred
format for color photos. JPEG is a more compact file format and supports different levels of
compression. In many graphics programs you can choose what compression quality you want to
have. The higher the compression, the less resolution your picture will have, and the smaller the
size of the file will be. Smaller files are very important when your web site is hosted with an ISP
that limits a bandwidth of your site. Smaller files also means faster download. JPEG format does
6
not support transparencies and animation. Interlacing is only supported in p-JPEG or progressive
JPEG - the latest JPEG format. Not all graphics software supports creation of p-JPEG files.
PNG (Portable Network Graphics) PNG supports transparency and interlacing and offers better
compression than GIF. PNG also supports partial transparency.
TIFF (Tag Image File Format) Normally used for graphic files that are black-and-white. Most
common use for TIFF files is to view the faxes on your computer.
PDF (Portable Document Format)A popular format for publishing books and other black-andwhite printed documents. Documents saved in PDF format are much smaller in size than .TXT or
HTML documents. To view PDF files you need a PDF viewer from ADOBE. Because TIFF and
PDF files are used for black-and-white images, the compression level is very high.
VRML (Virtual Reality Modeling Language) This language is used to create 3 dimensional
objects. VRML 2.0 can create animated 3D objects and can have background audio.
DNS SERVERS
Domain Name System is a set of protocols and services in the TCP/IP protocol suite. To resolve
a domain name to IP address, your browser contacts a DNS server. The address of a DNS server
is provided by your ISP. If the domain name is not found in your ISP's DNS, the ISP's DNS requests that information from the root domain server. The root domain server is responsible for
maintaining database of top level domains like .com, .net, .org and country specific domains like
.DE and .SE.
Types of DNS entries:
SOA - Start of authority. SOA is the first entry in every DNS server. It contains the email address of the DNS server's administrator and other important information about the DNS server
and the local DNS database.
A record. A record contains a mapping of IP address to the Host's name.
MX record. MX record contains information of what email server processes email for the domain.
CNAME record. CNAME record can be used to assign an alias for the Host. For example in
www.troytec.com, the "www" part is a CNAME record and points to the same Host (server) as
troytec.com, and in email.troytec.com, "email" part is a CNAME record and points to another
server that is used for the email services.
NS record. NS record identifies other name servers in the domain.
7
An organization that maintains its own network usually has its own DNS servers. A minimum of
two DNS servers are required for a network; one primary and one secondary server. Cachingonly server does not contain any DNS records and is only used to cache DNS information.
•
•
Hierarchical structure – DNS is organized in such a manner with the root of the naming tree
being “.” and everything funneling down from it
Top level or original domains – edu, com, mil, net, gov, and org – exist within the United
States. Outside of the United States, two letter country level domains are used, such as .UK.
REMOTE ACCESS PROTOCOLS
TCP - Transmission Control Protocol, the most common transport layer protocol used on
Ethernet and the Internet. It was developed by DARPA. TCP is built on top of the Internet Protocol (IP) and is nearly always seen in the combination TCP/IP (TCP over IP). It adds reliable
communication, flow-control, multiplexing and connection-oriented communication. It provides
full-duplex, process-to-process connections.
UDP - User Datagram Protocol. Internet standard network layer, transport layer and session
layer protocols which provide simple but unreliable datagram services. It adds a checksum and
additional process-to-process addressing information. UDP is a connectionless protocol, which,
like TCP, is layered on top of IP. UDP neither guarantees delivery nor does it require a connection. As a result it is lightweight and efficient, but all error processing and retransmission must
be taken care of by the application program. Used for transmitting streaming video and audio
files.
POP3 - Post Office Protocol version 3. POP3 allows a client computer to retrieve electronic
mail from a POP3 server via a TCP/IP or other connection. It does not provide for sending mail,
which is assumed to be performed via SMTP or some other method. POP is useful for computers without a permanent network connection and which require a "post office" (the POP server)
to hold their mail until they can retrieve it.
SMTP - Simple Mail Transfer Protocol, a protocol used to transfer electronic mail between
computers, usually over Ethernet. It is a server-to-server protocol, so other protocols are used to
access the messages. The SMTP dialog usually happens in the background under the control of
the message transport system, but it is possible to interact with an SMTP server using telnet to
connect to the normal SMTP port, 25.
SNMP - Simple Network Management Protocol, the Internet standard protocol developed to
manage nodes on an IP network. SNMP is not limited to TCP/IP and can be used to manage and
monitor all sorts of equipment including computers, routers, wiring hubs, etc.
FTP - File Transfer Protocol, a client-server protocol that allows a user on one computer to
transfer files to and from another computer over a TCP/IP network. Also the client program the
user executes to transfer files. You must know 2 FTP commands: PUT and GET. PUT is used
to send the file from a client to a server. GET is used to initiate a transfer of file from the server
to the client. All FTP servers require a client to have a valid account and a password to access
8
the files. Most FTP sites on the Internet are configured to use "anonymous" access. That is why
you are not prompted for user ID and Password when accessing most FTP sites. FTP uses TCP
as a delivery protocol.
HTTP - HyperText Transfer Protocol, the client-server TCP/IP protocol used on the World Wide
Web for the exchange of HTML documents. It conventionally uses port 80. The current version
is HTTP 1.1 One of the features of HTTP 1.1 is the “Host Header”. Host header makes it possible to have multiple virtual servers with the same IP address.
IP - Internet Protocol, the network layer for the TCP/IP protocol suite widely used on Ethernet
networks. IP is a connectionless, best-effort packet switching protocol. It provides packet routing, fragmentation and re-assembly through the data link layer. Each IP address is 32 bits long.
PPP - Point-to Point Protocol, the Internet standard for transmitting network layer datagrams
(e.g. IP packets) over serial point-to-point links. PPP has a number of advantages over SLIP; it
is designed to operate both over asynchronous connections and bit-oriented synchronous systems
and it can configure connections to a remote network dynamically, and test that the link is usable. PPP can be configured to encapsulate different network layer protocols (such as IP, IPX, or
AppleTalk) by using the appropriate Network Control Protocol (NCP). When signing up with an
ISP for Internet service, you must have PPP client software installed on your computer.
SLIP - Serial Line Internet Protocol, software that allows the Internet Protocol (IP), normally
used on Ethernet, to be used over a serial line, e.g. an RS-232 serial port connected to a modem.
SLIP modifies a standard Internet datagram by appending a special SLIP END character to it,
which allows datagrams to be distinguished separately. SLIP does not provide error detection,
compression or encryption.
PPTP- Point to Point Tunneling Protocol, a protocol for connecting Windows NT clients and
servers over Remote Access Services (RAS). PPTP can be used to create a Virtual Private Network between computers running NT. PPTP encrypts the data transmitted over the Internet.
Tunneling is a term associated with encryption.
Telnet - The Internet standard protocol for remote logins. Runs on top of TCP/IP. UNIX BSD
networking software includes a program, telnet, which uses the protocol and acts as a terminal
emulator for the remote login session.
DHCP - A server-based administration utility used to automatically assign IP addresses to clients. DHCP clients communicate with DHCP Servers via BOOTP broadcast messages, which
can only cross routers if the router is an RFC1542-compliant router, and has BOOTP forwarding
enabled. When a DHCP server receives a request for an IP address, it selects from a pool of
available addresses and offers a lease to the client. If no address exists in the pool, the client cannot initialize TCP/IP.
TFTP - Trivial File Transfer Protocol. A stripped down version of FTP. TFPT is a connectionless protocol and TFTP uses UDP as a delivery protocol.
9
ICMP - Internet Control Message Protocol. This protocol is responsible for sending error messages if the destination host can not be reached or if other problems occur during the transmission. The PING command uses ICMP protocol.
DIAGNOSTIC TOOLS
Command
Function
WINIPCFG
To see TCP/IP configuration of
your computer. Will display
your IP address, subnet mask,
default gateway, hardware
MAC address.
IPCONFIG
Same function as WINIPCFG,
used on NT computers.
NETSTAT
Will display your current
TCP/IP session including addresses of hosts connected to
your computer and port numbers.
TRACERT
PING
ARP
Will display a report that lists
all routers and networks that the
packet must travel to get to its
destination and the time in milliseconds that packet takes to
travel between routers.
Used to verify connection between your computer and remote host. You can ping a host
using its IP address or its host
name.
Will display hardware addresses
of local hosts on the network.
Entries will remain in ARP
cache for 10 minutes on windows NT
10
Comment
Used from command prompt on Windows 95/98. Very useful if your computer is obtaining Its IP address from
DHCP server and you need to find out
what IP address has been assigned to
you.
Only used on NT machines. For more
detailed information use with a switch
IPCONFIG /ALL.
Used to find out who's communicating
with your computer. Port numbers will
reveal what service being used. Can be
useful if you suspect that someone is
connected to your computer without
authorization.
Very useful when trying to find a bottleneck in your network.
This is the first utility you should use
when you have connection problem. If
you can ping a host by IP address but
can't by its name then you have a problem with name resolution.
Can use this command if you suspect
invalid ARP entries in ARP cache.
Hardware connection
Type
Analog
ISDN
DSL
Cable
Function
Traditional modem – requires a single phone line for a connection
and is limited in speeds less than 57,600 bps.
Integrated Services Digital Network, requires two phone lines, and
can reach a speed around 128,000 bps.
Digital Subscriber Line, uses existing phone lines, and is available
only in certain areas. You must be within a short distance of a
switching station, and speeds can reach 9 MBPS.
Works with the coaxial from the cable TV company and speeds is
reduced with the number of users, but is approximately 2 MBPS.
Basic modem's AT commands:
Modem commands
ATA
ATD
ATH
ATZ
Command function
Answer
Dial
Hang up
Reset
Devices used on the Internet
Network device
Function
Network interface
card (NIC card)
Puts the data into packets and transmits packet onto the network. To install the NIC card you must have available IRQ in the computer.
Bridge
Used to segment a network and reduce network traffic by examining the
source and destination hardware address of the packet. Bridges forward
packets based on their hardware addresses. Hardware addresses are also
known as MAC addresses of physical addresses.
Router
Used to route packets to remote networks by examining the packet's
network source and destination address. The destination address of the
packet must match an entry in the routing table of the router; otherwise,
the packet is discarded. When the ISP assigns your organization a valid
network address the only thing you need to connect to the Internet is a
router.
Used to connect networks with different protocols like TCP/IP network
and IPX/SPX networks. If you only have NetBEUI protocol on your
network and need to access the Internet (TCP/IP is the protocol on the
Internet), you would need to use a Gateway.
Gateway
11
Proxy server
Firewall
Used to isolate internal network computers from the internet. When users on the network want to access the Internet, they first access the
Proxy server and the proxy server accesses the Internet and retrieves the
requested web page or document. The user then gets a copy of that page
from the proxy server. Only IP address of the proxy server goes out to
the internet. Proxy server will also cache frequently used sites to speed
up future access. Can also be configured to restrict access to certain sites
on the Internet.
Used to prevent unauthorized access from the external network such as
internet to your local network. Many organizations configure firewalls
to prohibit access to certain domains. When you design a web site and
put links to other sites, its possible that clients that access Internet from
behind the Firewall will not be able to open pages that you link to because those sites may be located in restricted domains. Most firewalls,
including MS Proxy server 2.0 will perform a reverse DNS look up to
make sure that you will not access a restricted domain by using its IP
address.
Connection Types
Connection type
T1
E1 ( European standard )
T3
xDSL
OC-1 (Optical carrier)
OC-3 (3X the speed of OC-1)
X.25
ATM
Frame Relay
Speed
1.54 MBPS
2.048 MBPS
45 MBPS. Used by ISPs to connect to the Internet. Based
on Fiber optic line.
Speed varies depending on the service plan from an ISP.
xDSL usually has faster download speed that upload speed.
51.8 MBPS
155.52 MBPS - Fiber optic standard in use today.
A packet-switching standard widely used in WANs.
Asynchronous Transfer Mode – uses 53-byte cells for all
transmissions.
A packet switching protocol supporting T1 and T3.
VIRTUAL PRIVATE NETWORKS
Virtual Private Networks are built using PPTP or other tunneling protocols to provide encrypted
(secure) communications across the Internet. They are used for connecting two different company sites such as with an Extranet, or for allowing a remote user to securely access a site.
12
SECURITY, MALICIOUS ATTACKS AND VIRUS PROTECTION
Name
Syn attack
Ping flood
Spoof
Symptom
An intruder can write a program that will establish a connection with your
server and half-open TCP ports. That will block the access to your server.
A multiple ICMP Ping messages sent to the server. That will cause the
server a high traffic to your server and access to legitimate clients will be
denied.
Using a protocol analyzer or other device to intercept and decode packets
sent to and from the server in order to find the account ID and password.
Will only work if password is sent in unencrypted form.
INTERNET RELATIONSHIPS AND SECURITY
•
•
•
Intranet – with an Intranet, you isolate the site from the world (typically with a firewall), and
do everything you can to keep outsiders from knowing the site exists or accessing it.
Extranet – with an Extranet, some of the world must know that your site exists – typically
your vendors and partners – and you limit the access to only them and your internal personnel. This is best accomplished through the use of a Virtual Private Network.
Internet – the purpose of an Internet site is for the world to know of its existence and come to
it to learn of your products, data, information, and other offerings. By default, all users enter
the site as the anonymous user and permissions are assigned to anonymous to affect all users.
COPYRIGHTS ON THE INTERNET
US copyright law protects any published or unpublished original material. The copyright protection starts from the time that material has been created. Copyright protection is automatic. It is
not necessary to register you work with any US copyright office. It is recommended that you put
a copyright notice on your web site and include the "©" symbol and the year that material was
first published. Even if no copyright notice is included, the material is still protected under copyright law.
Another way to include a copyright notice on your site is to put it in the META tags. The proper
META tag for the copyright notice is:
<META NAME="COPYRIGHT" content="YOUR NAME">
The search engines may include the contents of these META tags and display the information in
the search results. Graphics art is also protected under the copyright law. Some graphics design
software programs include a feature to embed a copyright notice in the graphics file in a form of
a digital signature called a watermark. The watermark is not visible on the picture, but can be
viewed with many graphics software.
13
BUSINESS CONCEPTS
An E-commerce enabled web site allows individuals to purchase items. To have an e-commerce
enabled web site, you must set-up a merchants system. A merchants system is a program that
lets you set up a store on the Internet. You can purchase merchant systems from different software companies or you can write your own program. The most advance merchant systems use
relational databases like SQL database. If you use a database, in order for you browser to connect
to database, you need to create a DSN - a unique name that identifies the database.
When you use the Internet to sell to other businesses, it is called e-business. The most costeffective way to successfully market a new commercial web site is to buy banner ads space on
search engines. The reason is that your banners will only be displayed when someone enters
search keywords that describe your business. Banner exchanges are not a good choice for a new
web site because the number of times that your banners is displayed depends of number of times
that you display banners of other clients. Since you are a new site, you will not be able to display
the large number of banners.
In order to be able to accept credit cards on line, you must purchase and install a security certificate from the certificate authority. Verisign is a certificate authority. The certificates are used for
data encryption and also for authenticating web sites. When you access a commercial web site
and placing the order with your credit card, the Certificate, installed on that site, tells your
browser that the web site is really who they say they are because they have been verified by the
certificate authority prior to issuing the certificate.
You can issues you own Security certificates if you have a certificate server. However, if you are
using your own certificates, every time someone tries to place on order in the secured area of
your web site, they will be prompted by a message, asking you is you trust that unknown certificate authority. Most browsers are setup with in the way that they trust major certificate authorities like Verisign and will not prompt you when certificate is presented to them.
Push – Pull Technology
In push technology, the browser gets information pushed to it without it requesting it. In pull
technology - on which most of the web is based - a user requests data before it is sent down.
HARDWARE AND SOFTWARE
There is no minimum hardware requirement to access the Internet. The minimum hardware is
dictated by the software and operating system you want to use. To be connected to the Internet
you always need an IP address. If you use a dial up account, the IP address is provided by ISP.
When using a dial up account you should always disable the call-waiting feature. If call-waiting
is active, you will be disconnected from the Internet every time some one tries to call you.
IIS - Internet Information Server is the Microsoft's implementation of the Web server. If you
need to have ASP (active server pages), you must use IIS.
14
Internet is the largest type of network. Besides the Internet, the Web server can be used on the
Intranet. Intranet is a network that is confined to one organization and usually is not connected to
the Internet or connected to the Internet via a Proxy server or a Firewall. An Intranet occurs
when large organizations use their own web servers to make information available to their employees. If the company network or a segment of a network is connected to the Internet, that
segment is called Extranet.
Calculating File Download Time
To calculate the time required to download a file, base on the bandwidth use the following formula:
Size of Page / Available Bandwidth
e.g. 7,000 byte file / 56,000 KBPS = .125 = 1.25 seconds
15
I-Net+ Questions
1. What is the correct entry in a host file?
A: 216.247.86.47 www.troytec.com #troytec home page
2. A copyright notice located in the “head” section will appear how?
A. <META NAME="COPYRIGHT" CONTENT="YOUR NAME">
3. How and where are cookies stored?
A. Unencrypted and stored on the client.
4. A Unicode character set uses how many bits to represent each character?
A: 16
5.
What is the second line of MIME?
A: Content line
6. How many bits are in an IP Version 4 (IPv4) address?
A: 32 bits
7. You have a multinational corporation that wants to encrypt its e-mail. What technology
do you use?
A: PGP
8. How many Web-safe colors are available to design and create web graphics?
A: 216
9. Which of the following is not essential for a web page?
<HTML>
<BODY>
<TEXTAREA>
<TITLE>
A: <TEXTAREA>
10. What single-key encryption method is used to encrypt and decrypt a message?
A: Symmetric
16
11. What is the point where ISPs connect with each other to form the Internet backbone?
A: NAP
12. You are going to set up over the Internet lectures for a high school for students to use,
but are utilizing a very slow connection. What would be the best format?
A: Real Media
13. You use the following code in your web page. It is not loading properly. What should
you do to fix it?
<HTML>
<head>
<TITLE>My Company<title>
</HEAD>
<body>
Copyright © 2000 My Company
</BODY>
</html>
A. Fix title tags.
14. What would not give a PC the ability to connect to the Internet?
A: Virtual Modem
15. What is an example of a connection type protocol?
A: TCP
16. What does LANG do?
A: Tells the browser what type of language to expect in the page (e.g. JavaScript).
17. You can send e-mail, but you cannot receive it. Which protocol should you check?
A: POP3.
18. You have an object that is 40 mm X 60 mm. What is the best Dots Per Square Inch
(DPI) for the quickest download time?
A: 72 dpi
19. You have no connection to the network. What can you test on your browser?
17
A: Client side script
20. An attack on your web site that leaves your ports half open is called what?
A: Syn Attack
21. What is the fastest connection?
A: OC-3
22. Copyright protecting your work is…?
A: Not required, but highly recommended.
23. What does MIME stand for?
A: Multipurpose Internet Mail Extension
24. What cannot be used as a firewall?
A: DHCP Server
25. Which network device is not affected by a virus?
A: Hub
26. You have a 1,300 user database. What is the best what language to use?
A: SQL
27. Which network devices are affected by a virus?
A: Router and Gateway
28. What protocol does not use Logon Authentication?
A: SLIP
29. How would you log onto an ftp site on a web page that requires a username and password?
A: username:[email protected]
30. What is true about FTP?
18
A: Users cannot change their own password.
31. What type of DNS entry is used to identify the mail server for a domain?
A: MX
32. What is the FQDN of http:\\files.exam.comptia.com\top\bottom?
A: files.exam.compta.com
33. What do you call the first DNS server?
A: Primary
34. What is the first entry in a DNS server?
A: SOA
35. A user with a 128 Kbps ISDN modem will take about how many seconds to download a
100K file?
A: 8
36. Which step is most subject to network congestion?
A: Transmitting the response from server to client
37. What network hardware device connects a computer to an ISP and the Internet via a
standard phone line?
A: Modem
38. Which network connectivity device translates one protocol or technology into another
and is used to connect dissimilar network technologies?
A: Gateway
39. Which web browser setting controls how a web browser receives information and
automatically downloaded content from web sites?
A: Security
40. What does a digital signature do?
A: Verifies the identity of the person who applies it to a document
19
41. What is the most common way of getting information from a web surfer?
A: An HTML form
42. Which TCP/IP protocol is the primary protocol used to transfer text and binary files on
the Internet?
A: FTP
43. Which network hardware device connects dissimilar network topologies into an internetwork?
A: Bridge
44. Before you can use any Internet client for a dial-up connection, what must be installed
and configured on the client machine?
A: Modem
45. Which low cost device could you install to allow a user web access?
A: Internet appliance
46. How do streaming media formats allow for slowdowns in the data stream?
A: By building up a buffer of data before playback begins.
47. To which component of the Internet can individual users buy modem connections so
that they can get on the Internet?
A: Access point ISP
48. What TCP/IP protocol can be used for directory access?
A: LDAP
49. Trademark protection applies to what?
A: Ad slogans
50. Which is the least secure; Internet, Extranet, VPN, or Intranet?
A: Internet
51. What protocol is the least secure?
20
A: SMTP
52. What is the default subnet mask for the IP address 194.206.42.7
A: 255.255.255.0
53. Which does not generally require an Access Control List (ACL)?
A: Internet
54. What is the most useful aspect of the JAVA language?
A: Cross-platform capability
55. What technology is used for vector-based Web sites?
A: Flash
56. What is encrypted text called?
A: Ciphertext
57. If you want to play streaming video on your site, what is the best technology to use?
A: Flash
58. Which technology implements VPNs using IPsec?
A: L2TP
59. T3 - E3 line connections have maximum speeds of what?
A: 44.736 - 34.368 MBPS
60. What is the connection speed of an OC-3 line?
A. 155.52 MBPS
61. Which technology provides an interactive 3-D environment?
A: VRML
62. Which Internet bandwidth technology is mainly used on the Internet backbone?
A: ATM
21
63. Based on speed and cost, which Internet bandwidth link type would be the best choice
for a small ISP serving 100 dial-up users?
A: T1
64. What type of SMTP server sends e-mails it receives to a list of e-mail recipients, forming a “discussion group”?
A: List server
65. Which two TCP/IP utilities are the most similar in function?
A: PING and TRACERT
66. Which network hardware device will improve network performance?
A: Router
67. When surfing, your browser receives the message “The server is not responding”.
What could be the problem?
A: The server is overloaded
68. What command is used to start a file transfer from a remote site?
A: get
69. What kind of file image supports animation?
A: GIF89a
70. True or false: Telnet servers present no security risk.
A: False
71. The success of a banner ad is usually measured how?
A: Clickthrough rate
72. Which network hardware device protects a server from malicious attacks over the
Internet?
A: Firewall
73. What does a tunneling protocol facilitate?
22
A: VPNs
74. What is the native protocol of the Internet?
A: TCP/IP
75. What is the fastest video card mode for displaying web graphics?
A: 64 bit
76. What is one limitation of web browser cookies?
A: There can be a maximum of 20 cookies per domain.
77. Why can't U.S. sites support browser encryption that uses keys longer than 40 bits?
A: Most countries outside US only use browser capable of 40 bit encryption.
78. If no expiration date is set, how long will the cookies stay in effect?
A: Until the computer is rebooted.
79. Which standard allows several “virtual servers” all using different DNS names to be
resolved to the same IP address?
A: HTTP 1.1
80. Configuring a router to advertise routes that either don't exist nor aren't where they
say they are known as what kind of an attack?
A: Spoofing
81. If you want to have secure communications on your Intranet, what must you implement
in order to create your own key pairs?
A: A certificate server
82. Browsers commonly support which client-side scripting language?
A: JavaScript
83. Where do the majority of security violations within corporate networks come from?
A: Employees
84. Which security is the standard for secure online transactions?
23
A: SET
85. In order to be an e-commerce server, a computer must offer what services?
A: Virtual shopping cart services
86. How can you find out what browser someone was using when they got an error message?
A: Look in the error log
87. Which of the following has the least impact on apparent web site performance?
A: RAM in the client
88. In order to have copyright protection, a work must be what?
A: Must be an original creation.
89. A client-side script is not working correctly. What is the most likely cause?
A: The web client doesn't support scripting.
90. What is Microsoft's preferred server-side scripting language called?
A: Active Server Pages (ASP)
91. What are the best types of documents to distribute using Electronic Data Interchange
(EDI)?
A: Orders and invoices
92. The ANSI standard upon which EDI is based is which of the following?
A: X12
93. How many years does a copyright offer protection for an invention?
A: 0 years
94. Using a portion of a document protected by copyright as long as it does not take away
from the original document or is used for an educational purpose, falls under the realm
of which of the following?
A: Fair use
24
95. Which is not eligible for copyright protection?
A: An ingredient list
96. The type of technology wherein a browser must go to a site and bring information down
is known as what?
A: Pull
97. A webmaster from one site "borrows" content from another site and places it on his
own. The content was protected by copyright and the Webmaster did not obtain permission to use it. Under what circumstance can the Webmaster do so without legal
ramifications?
A: If the Webmaster is doing a parody
98. What command is used to show TCP/IP active connections?
A: NETSTAT
99. What is CSS in web design terminology?
A: Cascading style sheets
100.
What is CSS in a server/internet capacity?
A: Commercial secured server
101.
Which AT modem command is for dialing?
A: ATD
102.
Which AT modem command is for resetting the modem?
A: ATZ
103.
What command would you use to determine the MAC address of a workstation?
A: ARP
104.
What is the easiest database to set up?
A: Relational database
25
105. You have users connecting via RAS. What is the best way to prevent unauthorized
access to your network?
A: Firewall
106.
How do you ensure that you’ve seeing the most up-to-date web site page?
A: Use the Refresh button.
107.
What is the default port for FTP?
A: 21
108.
What is the default port for Telnet?
A: 23
109.
What is the default port for the SMTP protocol?
A: 25
110.
When connecting to a web site, which default port will be used?
A: 80
111. You want to allow members of your organization to send email to all other members
of your organization. Which server would be the one to use?
A: List
112.
Which protocol has the highest security?
A: PPTP
113.
Where can you find the specification for an Internet standard?
A: RFC
114. You would like to install a fast line in your office, with at least 10 MBPS transfer
rate, which would be most suitable?
A: T3
115. In a multi-tiered architecture object, request brokers can be implemented through
what?
26
A: Corba
116. An ISP has assigned you a class C network address and a valid subnet mask. What
should you use to connect to the Internet?
A: Router
117.
What is the color depth of JPEG?
A: 24 bit
118.
Which remote access protocol does not support IPX?
A: SLIP
119.
Which command is used to download multiple files?
A: mget
120.
How long does it take to download a 7,000 byte file at 56k?
A: 1.25 seconds
121.
How does the following code help copyright your page?
<JavaScript>
(!=User.Top On.Top)
</Java>
A: Will not allow frame to be displayed in other web pages.
122.
What graphic file format supports partial transparency?
A: PNG
123.
What bandwidth technology uses a 53 byte cell?
A: Asynchronous Transfer Mode (ATM)
124.
Which protocol is used to set up a VPN?
A: PPTP
125. What is the length of life of a copyright obtained by an author who then dies two
years later?
27
A: 52 years
126. You browse the web, and when you enter the URL of the web page, you receive the
"error 404" message. What is the cause of that message?
A: The file does not exist on the server.
127.
What Class does 131.xxx.xxx.xxx fall under?
A: Class B
128. What could be wrong if you can only ping 127.0.0.1 and your IP address, but not the
router?
A: Your subnet mask is invalid
129. What would you add to a workstation to setup a “dumb terminal” to provide web
browsing capabilities?
A: Set up the PC with a web browser client with a connection to the HTTP.
130. Your ISP has assigned you a valid IP address, and a valid subnet mask. They also
assigned you the gateway’s IP address. You assigned this IP address, subnet mask and a
gateway to your computer and you still cannot access the Internet. What is the most
likely cause of the problem?
A: ISP forgot to make a change on his router
131.
Which HTML tag is used for the numbered list?
A: OL
132. You use proxy server to connect to the web site. The server that hosts that site logs
all IP addresses that connect to the site. Your company has 200 IP addresses. Which IP
addresses will be logged by the server?
A: Only IP address of the proxy server will be logged
133.
“Method”, “Action”, and “Input Type” are all attributes of what?
A: Form
134.
Where do most search engines get their information about sites from?
A: META tags
135. You try to connect to a web site and you receive an error message “Destination unreachable”. What is the most likely cause of this error?
28
A: Problem with gateway
136. The ability to translate documents such as web pages easily into other languages is
provided by what?
A: Unicode
137. A browser plug-in that supports animation, audio, video and user actions on both
Windows and Mac platforms is called what?
A: Shockwave
138.
What browser plug-in allows objects to be rotated in three dimensions?
A: QuickTime VR
139. What digital standard has a high compression rate because it only stores changes
between frames?
A: MPEG
140. What is the correct HTML syntax to create a link on a web page to
www.troytec.com?
A: <A HREF=“http://www.troytec.com”> Troy Technologies</A >
141.
What are the three basic elements of every web?
A: HTML declaration, head and body.
142.
Which protocol does TFTP use as a delivery protocol?
A: UDP
143.
VeriSign is a type of what?
A: Certificate Authority
144.
What is the easiest way to add search capabilities to your web site?
A: Index Server
145. You attempt to log onto a remote site, but can’t. You made sure you are typing in
the correct password. What would you try next?
A: Hit the caps lock and retype your password.
29
146. Using a protocol analyzer or other device to intercept and decode packets sent to
and from the server in order to find the account ID and password is called what?
A: Spoofing
147. A hacker is attempting to bring your web site to its knees by continuously using the
ping utility on it. This type of attack is known as what?
A: Denial-of-service
148.
Which is a server side script?
A: PERL
149.
Encryption is used where?
A: In Virtual Private Networks
150.
A common error made in developing an international English language Web site is:
A: Use of colloquialisms
151.
What language must be compiled before it can be executed?
A: Java
152.
What capability will adding a merchants system to your site provide?
A: E-commerce
153.
Most browsers do not have support for what?
A: Telnet
154. You created a form on your site that takes the data from the user and sends it to the
server. What is the most effective way to make sure the data is entered in a specific
format?
A: Validate on the browser with JavaScript
155.
You receive a timeout error when accessing a TCP port. What is the cause?
A: Firewall has port closed.
156.
What is required to be connected to the Internet?
30
A: TCP/IP address
157.
What does the DNS A record do?
A: Contains a mapping of IP address to the Host's name.
158.
What is not a valid Internet IP address?
A: 10.X.X.X
159. What client enables you to establish a command line session host with a network
host?
A: Telnet
160. A proxy server is connected to the Internet via a cable modem and can access the
Internet. Your users cannot access the Internet, the ISP verified that connection was
available. What should you do to fix the problem?
A: Reset the cable modem
161.
Which protocol uses authentication?
A: IMAP
162.
Which class of addressing is reserved for futures use?
A: E
163.
The transfer rate of 51.84 MBPS applies to what?
A: OC-1
164.
What are the two parts of every IP address?
A: Network + Host
165.
A device used as a portal to and from the Internet is known as what?
A: Gateway
166.
Martha wants to have a contest on her web site. What method should she use?
A: Shockwave
167.
What is the command to initiate an FTP session?
31
A: Connect
168. What do you need to have in order for your browser to connect to a database if you
use a database on your e-commerce site?
A: DSN
169. You want to implement ASP (Active server Pages) on your sites server. What must
be in place before you can use these types of pages?
A: IIS
170.
Microsoft's implementation of the Web Server is called what?
A: IIS
171.
Which type of index enables you to search a site for a specific phrase?
A: Keyword Server
172. Which network device allows you to communicate with a host that uses a different
protocol stack?
A: Gateway
173.
What entry in the DNS identifies an alias?
A: CNAME
174. You have updated your email application, and need access to 300 entries in your old
address book. What should you do?
A: Import the address book.
175. What type of server should you install to keep email address accounts up-to-date on
client machines?
A: Directory Server
176.
What language is vendor dependent?
A: VBScript
177.
Where could you find specifications for secure online transaction?
32
A: SET
178. You have a reference page that is frequently visited. It loads very slowly. What
should you do to decrease the load time?
A: Increase cache size.
179.
What is a valid class B address?
A: 130.XXX.XXX.XXX
180.
What protocol does SLIP support?
A: TCP/IP
181. What is the best way to run a search query to find hotels or car rentals in Concord,
California?
A: Concord and California and Hotels or Car Rentals.
182.
Where are CGI scripts ran?
A: On the server.
183.
What protocol does Telnet run under?
A: IP
184. You see your server opening connections, but never completing connections. What
type of attack is this?
A: Syn attack
33