* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download TroyTech INet+ Certi..
Survey
Document related concepts
Distributed firewall wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Dynamic Host Configuration Protocol wikipedia , lookup
Deep packet inspection wikipedia , lookup
Internet protocol suite wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Remote Desktop Services wikipedia , lookup
Cross-site scripting wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Transcript
Troy Technologies USA I-Net+ STUDY GUIDE Edition 1 Congratulations!! You have purchased a Troy Technologies USA Study Guide. This study guide is a selection of questions and answers similar to the ones you will find on the official Comptia I-Net+ exam. Study and memorize the following concepts, questions and answers for approximately 10 to 12 hours and you will be prepared to take the exams. We guarantee it! Remember, average study time is 10 to 12 hours and then you are ready!!! GOOD LUCK! Guarantee If you use this study guide correctly and still fail the exam, send your official score notice and mailing address to: Troy Technologies USA 8200 Pat Booker Rd. #368 San Antonio, TX 78233 We will gladly refund the cost of this study guide. However, you will not need this guarantee if you follow the above instructions. This material is protected by copyright law and international treaties. Unauthorized reproduction or distribution of this material, or any portion thereof, may result in severe civil and criminal penalties, and will be prosecuted to the maximum extent possible under law. Copyright 2000 Troy Technologies USA. All Rights Reserved. I-Net+ Concepts SUPPORTING INTERNET CLIENTS • • • • • • Hardware platform (PC, WebTV, Internet phone) – The one necessity is the TCP/IP protocol. Operating system - The stack is implemented differently in different operating systems, Windows-based operating systems implement it as a DLL – Winsock. Network connection – The connection can be through any number of possibilities, including dial-up, proxy, and direct. Web browser – Uses port 80 by default, and can be configured with a number of features (caching, cookie acceptance, etc.). Both Netscape and Internet Explorer run on multiple operating system platforms. E-mail – Commonly accessed via POP3 and sent via SMTP. This functionality can be accomplished through the browser in many cases, or other programs. TCP/IP stack – TCP/IP is a four-layer protocol that matches up to the seven-layer OSI model in functionality. INTERNET SITE FUNCTIONALITY Internet Service Provider (ISP) – ISPs access the Internet through Network Access Points (NAPs). The easiest way to add search capabilities to your site is to add an Index server. An Index server will automatically index your site. After entering keywords, the index server returns the pages that are most relevant to those keywords. An Index server can also present a security risk because it is possible that the search will return pages that you do not want people to see. You can prevent that by setting appropriate file permissions for the restricted files. Another easy way to make finding information on your site easy is to create a site map. A site map is a directory of your web site with links that take visitors directly to pages that might be of interest. BROWSERS • • • Browsers are used to view the graphical content of the World Wide Web. FTP is used to upload and download files. Both allow for anonymous access to sites, though it can be prohibited if security is a concern. Telnet sessions allow a user to establish a dumb-terminal connection to a server and run processes on the server. Email clients are used to send and receive email. To place a single file on an FTP site, use the put command. To place multiple files on an FTP site, use mput. To retrieve a single file from an FTP site, use get. Use mget to retrieve multiple files. With telnet, the command to initiate the session is telnet itself: 1 • Telnet 1.2.3.4 Or Telnet redial.com Once a connection is established, you must logon to the server with a valid username and password. IP ADDRESSES An IP address consists of 4 octets. An octet is a combination of 8 bits. A valid IP address will look like this: 191.28.107.208. Valid IP address will always have 4 octets separated with a dot. You should know the classes of IP addresses and corresponding default subnet masks. Class First byte of IP address Default subnet mask A 1-126 255.0.0.0 B 128-191 255.255.0.0 C 192-223 255.255.255.0 D 224-239 Used for multicast broadcasts. E 240-255 Reserved for future use. Comment Class A networks can have over 16 million hosts. Class B networks can have over 64 thousand hosts. Class C network can have 254 hosts. Special IP addresses • • 127.0.0.1 - Loopback address. When you use a ping command with 127.0.0.1, you receive a response from the computer where the command was executed. This is helpful when determining if the TCP/IP has been properly installed on your computer. Any IP address starting with 10 is not used on the Internet and is reserved for private networks. To identify what service the packet is intended for, TCP/IP protocol uses port numbers. You should know default port numbers for the most widely used Internet protocols and applications. Application FTP HTTP TELNET POP3 SMTP • Default port number 21 80 23 110 25 These ports are the default, and if you change the service to another port, those accessing it must specify the new port in their request. If the web service is changed from port 80 to port 800, the URL to access the site troytec.com becomes: http://www.troytec.com:800. URL 2 • • • • • • stands for Uniform Resource Locator. URLs contain the type of protocol, the DNS name or address of the server and the path to the file being requested. NetBIOS names (computer names) exist in Microsoft’s operating system. NetBIOS-to-IP resolution can be done through static files (LMHOSTS) or dynamically with a Windows Internet Naming Service (WINS) server. Host names exist is all operating systems. On a small network, host name-to-IP resolution can be accomplished through the use of HOSTS files. On a large network this resolution can be accomplished via the use of Domain Name Service server machines. DNS servers divide the extent of their coverage area into zones, with a primary and secondary server for each. To configure TCP/IP on a host, you need only three values: default gateway, IP address and subnet mask. The default gateway is the IP address of the router all data not intended for this network should go to. A subnet mask divides the total number of hosts available for one network into a smaller number available for a number of networks. The subnet mask value is based upon the class of network you have. Host file configuration – the host file must exist on every machine that is performing host name-to-IP address resolution in order for it to work properly. It can consist of an unlimited number of lines, with each line limited to 255 characters in length. Host file format: the first column is an IP address, and all other columns on that line (separated by any white space) are aliases for that IP address. The pound sign (#) anywhere on a line makes the rest of the line a comment. DHCP versus static IP – Dynamic Host Configuration Protocol (DHCP) servers can simplify administration of IP addresses by dynamically issuing them to clients, and not requiring them to be hardcoded by an administrator. DHCP is built on BOOTP (Boot Protocol) and leases addresses from a scope. When the leases expire, the IP addresses are placed back in the scope for use by another client. At any time, the leases can be renewed or released. MIME Multipurpose Internet Mail Extensions (MIME) makes it possible to send non-ASCII files over email and have them supported on the client machine. Web browsers use MIME to understand how to display non-HTML data within the browser. COOKIES The purpose of cookies is to remember certain information about the user when the user accesses the web site. This can include the user’s name and password, user preferences, the date and time of the last visit to the web site, how many times the user has been to the web site. Cookies are always stored on the client’s machine in unencrypted form. To set the cookie, the web server uses “Set cookie” command in the HTTP header. Cookies can also be set with the JavaScript. An “expiration” date and time of the cookies can be set with the expires attribute. When expiration date has been reached, the cookie will be automatically deleted from your computer. If no expiration is set, the cookie will expire when the browser is closed. A web site can set multiple cookies. The maximum number of cookies per domain is 20. The maximum size of cookies is 4 KB. When the limit on number of cookies is reached, the least recently used cookie is deleted. 3 DEVELOPMENT • • • • • API (Application Programming Interfaces) are the building blocks by which Windows-based software applications are built by programmers. CGI – (Common Gateway Interface) is a program language that runs on servers and provides a means to customize output to the user. It is server-based and performs all operations on the server (versus ActiveX and Java applets, which run on the client). Because a process must be initiated each time the program is run, CGI tends to be server-intensive, while ISAPI and other server-solutions can avoid spawning a new process with each iteration and not be as intensive on the server. SQL – (Structured Query Language) is used to find or place information in a database. Using ODBC (Open DataBase Connectors), the Web server can interact with an SQL server and pull up information such as from a catalog database and post the results in HTML to the user. SAPI – (Speech API) is used for voice and telephony applications. DLL – (Dynamic Linking Libraries) are the method by which common executable routines are made available in the Windows-based environment. Drivers and executables depend upon DLLs to provide functionality that can be accessed, making programming much easier. SCRIPTS Two most popular types of server side scripts standards are CGI ( Common Gateway Interface) and ISAPI (Internet Server Application Programming Interface). CGI scripts can be written in many programming languages. PERL (Practical Extraction and Report Language) and C are probably the most popular for writing CGI scripts. JavaScripts and PERL scripts are plain text files and can be written using any text editing application like notepad. ISAPI scripts are Microsoft's implementation of the server side scripts. ISAPI scripts only run on NT IIS servers. ISAPI scripts are faster than CGI and have less system overhead. Client-side scripting can include Java applets, Active Server Pages, and ActiveX. Any execution that occurs within the browser is known as client-side programming, while any execution that occurs before data reaches the browser is known as server-side. JavaScript is the most popular scripting language used on web pages. Because JavaScript is processed by the client (Browser) and not on the server, JavaScript does not slow down the server. JavaScript is supported by both Netscape and Microsoft. To tell the browser to start interpreting JavaScript, a <script> tag is used. The </script> tag tells the browser to stop reading the script. <script> tags can have attributes. The most common script attribute is "language". <script language="JavaScript">......</script> Another scripting language is VBscript. VB script is a proprietary script from Microsoft and can only be interpreted by Microsoft's Internet Explorer browsers. For this reason VBscript is not used on the Internet, but sometimes used on Intranets in organizations that only have Microsoft Internet Explorer browsers. 4 DHTML (dynamic HTML) is a way to add special effect to the text on the web page. With DHTML you can make the text scroll across the screen or fly off the screen. There are no DHTML standards. HTML HTML TAGS are elements that tell the browser how to format the text or graphic element. Tags are always included in the "<" and ">" signs. There are two basic types of HTML tags: container tags and stand alone tags. A container tag looks like this: <TITLE>some title of the page</TITLE> The title of the page is included between the <TITLE> and </TITLE> tags. The "/" is the switch that tells the browser that the formatting effect applies only to the text between the opening and the closing tag. The </TITLE> is the closing tag. A standalone tag does not need a closing tag. (e.g. <BR>). Tags are not case sensitive. Container tags are always in pairs. Every opening container tag should have a corresponding closing container tag. The basic structure of the HTML document is <HTML> <HEAD> <TITLE>pages title</TITLE> </HEAD> <BODY>the contents of the page go here including all necessary formatting tags</BODY> </HTML> Every web page has three basic elements: HTML declaration, head and body. Some tags require attributes. The example is "<IMG> tag. You can't use <IMG> tag without attributes. META tags. The <META> tags go inside the <HEAD> ...</HEAD> tags. <META> tags are used to include the site's description and keywords that search engines use to index sites. META tags must have attributes. Usual attributes are "name" and "content". <META> tags can also be used to include the copyright information: <META name="copyright" content="author name"> Forms are used for the input of data that will be sent to the server for processing. An example of the form is the e-mail form that is widely used on the Internet. A user can fill out the form and send the data to the server. The HTML tag to start the form is <form>. It requires the closing tag </form>. 5 CSS (Cascading Style Sheet) is a collection of <style> elements that describe how different HTML elements are presented. CSS information can be stored in a separate file on the server and all web pages can have links to that file. This way all pages will have the same look and feel. XML (extensive markup language) Just like with HTML, you can use a simple text editing program like notepad to write XML code. XML offers more control over the text formatting and positioning text and other elements on the page. Multimedia extensions or plug-ins QTVR – Allows video, audio, and animation to be displayed utilizing 3-D photos and artwork. Flash – Allows you to create vector-based web sites. Shockwave – It is a Netscape plug-in or an ActiveX control that allows animation, video and audio. Real Player – plays RealAudio and RealVideo files on the Windows and Mac operating systems. Windows Media Player – Does not require any additional hardware. It plays files with the extension of .AVI and supports several compression methods. Multimedia file formats GIF (Graphics Interchange Format) The current GIF standard is GIF89a. It supports transparencies, animation and interlacing. GIF format only supports 256 colors. GIF is best suited for logos, icons, and clipart. Transparent GIFs are very popular in web design. They allow a logo or an image to be displayed. Browser safe palettes consists of 216 colors. These colors are displayed the same way in any browser on any operating system platform. BMP files are the default bitmapped images used in the Windows world. MPEG (Moving Picture Experts Group) Files are compressed digital video files considered to be of higher quality than QuickTime and others. Compression is done by only saving the changes between images instead of all the images. AVI (Audio Video Interleave) format used by Microsoft’s Video for Windows. JPEG (Joint Picture Expert Group) JPEG format supports 16 million colors and is the preferred format for color photos. JPEG is a more compact file format and supports different levels of compression. In many graphics programs you can choose what compression quality you want to have. The higher the compression, the less resolution your picture will have, and the smaller the size of the file will be. Smaller files are very important when your web site is hosted with an ISP that limits a bandwidth of your site. Smaller files also means faster download. JPEG format does 6 not support transparencies and animation. Interlacing is only supported in p-JPEG or progressive JPEG - the latest JPEG format. Not all graphics software supports creation of p-JPEG files. PNG (Portable Network Graphics) PNG supports transparency and interlacing and offers better compression than GIF. PNG also supports partial transparency. TIFF (Tag Image File Format) Normally used for graphic files that are black-and-white. Most common use for TIFF files is to view the faxes on your computer. PDF (Portable Document Format)A popular format for publishing books and other black-andwhite printed documents. Documents saved in PDF format are much smaller in size than .TXT or HTML documents. To view PDF files you need a PDF viewer from ADOBE. Because TIFF and PDF files are used for black-and-white images, the compression level is very high. VRML (Virtual Reality Modeling Language) This language is used to create 3 dimensional objects. VRML 2.0 can create animated 3D objects and can have background audio. DNS SERVERS Domain Name System is a set of protocols and services in the TCP/IP protocol suite. To resolve a domain name to IP address, your browser contacts a DNS server. The address of a DNS server is provided by your ISP. If the domain name is not found in your ISP's DNS, the ISP's DNS requests that information from the root domain server. The root domain server is responsible for maintaining database of top level domains like .com, .net, .org and country specific domains like .DE and .SE. Types of DNS entries: SOA - Start of authority. SOA is the first entry in every DNS server. It contains the email address of the DNS server's administrator and other important information about the DNS server and the local DNS database. A record. A record contains a mapping of IP address to the Host's name. MX record. MX record contains information of what email server processes email for the domain. CNAME record. CNAME record can be used to assign an alias for the Host. For example in www.troytec.com, the "www" part is a CNAME record and points to the same Host (server) as troytec.com, and in email.troytec.com, "email" part is a CNAME record and points to another server that is used for the email services. NS record. NS record identifies other name servers in the domain. 7 An organization that maintains its own network usually has its own DNS servers. A minimum of two DNS servers are required for a network; one primary and one secondary server. Cachingonly server does not contain any DNS records and is only used to cache DNS information. • • Hierarchical structure – DNS is organized in such a manner with the root of the naming tree being “.” and everything funneling down from it Top level or original domains – edu, com, mil, net, gov, and org – exist within the United States. Outside of the United States, two letter country level domains are used, such as .UK. REMOTE ACCESS PROTOCOLS TCP - Transmission Control Protocol, the most common transport layer protocol used on Ethernet and the Internet. It was developed by DARPA. TCP is built on top of the Internet Protocol (IP) and is nearly always seen in the combination TCP/IP (TCP over IP). It adds reliable communication, flow-control, multiplexing and connection-oriented communication. It provides full-duplex, process-to-process connections. UDP - User Datagram Protocol. Internet standard network layer, transport layer and session layer protocols which provide simple but unreliable datagram services. It adds a checksum and additional process-to-process addressing information. UDP is a connectionless protocol, which, like TCP, is layered on top of IP. UDP neither guarantees delivery nor does it require a connection. As a result it is lightweight and efficient, but all error processing and retransmission must be taken care of by the application program. Used for transmitting streaming video and audio files. POP3 - Post Office Protocol version 3. POP3 allows a client computer to retrieve electronic mail from a POP3 server via a TCP/IP or other connection. It does not provide for sending mail, which is assumed to be performed via SMTP or some other method. POP is useful for computers without a permanent network connection and which require a "post office" (the POP server) to hold their mail until they can retrieve it. SMTP - Simple Mail Transfer Protocol, a protocol used to transfer electronic mail between computers, usually over Ethernet. It is a server-to-server protocol, so other protocols are used to access the messages. The SMTP dialog usually happens in the background under the control of the message transport system, but it is possible to interact with an SMTP server using telnet to connect to the normal SMTP port, 25. SNMP - Simple Network Management Protocol, the Internet standard protocol developed to manage nodes on an IP network. SNMP is not limited to TCP/IP and can be used to manage and monitor all sorts of equipment including computers, routers, wiring hubs, etc. FTP - File Transfer Protocol, a client-server protocol that allows a user on one computer to transfer files to and from another computer over a TCP/IP network. Also the client program the user executes to transfer files. You must know 2 FTP commands: PUT and GET. PUT is used to send the file from a client to a server. GET is used to initiate a transfer of file from the server to the client. All FTP servers require a client to have a valid account and a password to access 8 the files. Most FTP sites on the Internet are configured to use "anonymous" access. That is why you are not prompted for user ID and Password when accessing most FTP sites. FTP uses TCP as a delivery protocol. HTTP - HyperText Transfer Protocol, the client-server TCP/IP protocol used on the World Wide Web for the exchange of HTML documents. It conventionally uses port 80. The current version is HTTP 1.1 One of the features of HTTP 1.1 is the “Host Header”. Host header makes it possible to have multiple virtual servers with the same IP address. IP - Internet Protocol, the network layer for the TCP/IP protocol suite widely used on Ethernet networks. IP is a connectionless, best-effort packet switching protocol. It provides packet routing, fragmentation and re-assembly through the data link layer. Each IP address is 32 bits long. PPP - Point-to Point Protocol, the Internet standard for transmitting network layer datagrams (e.g. IP packets) over serial point-to-point links. PPP has a number of advantages over SLIP; it is designed to operate both over asynchronous connections and bit-oriented synchronous systems and it can configure connections to a remote network dynamically, and test that the link is usable. PPP can be configured to encapsulate different network layer protocols (such as IP, IPX, or AppleTalk) by using the appropriate Network Control Protocol (NCP). When signing up with an ISP for Internet service, you must have PPP client software installed on your computer. SLIP - Serial Line Internet Protocol, software that allows the Internet Protocol (IP), normally used on Ethernet, to be used over a serial line, e.g. an RS-232 serial port connected to a modem. SLIP modifies a standard Internet datagram by appending a special SLIP END character to it, which allows datagrams to be distinguished separately. SLIP does not provide error detection, compression or encryption. PPTP- Point to Point Tunneling Protocol, a protocol for connecting Windows NT clients and servers over Remote Access Services (RAS). PPTP can be used to create a Virtual Private Network between computers running NT. PPTP encrypts the data transmitted over the Internet. Tunneling is a term associated with encryption. Telnet - The Internet standard protocol for remote logins. Runs on top of TCP/IP. UNIX BSD networking software includes a program, telnet, which uses the protocol and acts as a terminal emulator for the remote login session. DHCP - A server-based administration utility used to automatically assign IP addresses to clients. DHCP clients communicate with DHCP Servers via BOOTP broadcast messages, which can only cross routers if the router is an RFC1542-compliant router, and has BOOTP forwarding enabled. When a DHCP server receives a request for an IP address, it selects from a pool of available addresses and offers a lease to the client. If no address exists in the pool, the client cannot initialize TCP/IP. TFTP - Trivial File Transfer Protocol. A stripped down version of FTP. TFPT is a connectionless protocol and TFTP uses UDP as a delivery protocol. 9 ICMP - Internet Control Message Protocol. This protocol is responsible for sending error messages if the destination host can not be reached or if other problems occur during the transmission. The PING command uses ICMP protocol. DIAGNOSTIC TOOLS Command Function WINIPCFG To see TCP/IP configuration of your computer. Will display your IP address, subnet mask, default gateway, hardware MAC address. IPCONFIG Same function as WINIPCFG, used on NT computers. NETSTAT Will display your current TCP/IP session including addresses of hosts connected to your computer and port numbers. TRACERT PING ARP Will display a report that lists all routers and networks that the packet must travel to get to its destination and the time in milliseconds that packet takes to travel between routers. Used to verify connection between your computer and remote host. You can ping a host using its IP address or its host name. Will display hardware addresses of local hosts on the network. Entries will remain in ARP cache for 10 minutes on windows NT 10 Comment Used from command prompt on Windows 95/98. Very useful if your computer is obtaining Its IP address from DHCP server and you need to find out what IP address has been assigned to you. Only used on NT machines. For more detailed information use with a switch IPCONFIG /ALL. Used to find out who's communicating with your computer. Port numbers will reveal what service being used. Can be useful if you suspect that someone is connected to your computer without authorization. Very useful when trying to find a bottleneck in your network. This is the first utility you should use when you have connection problem. If you can ping a host by IP address but can't by its name then you have a problem with name resolution. Can use this command if you suspect invalid ARP entries in ARP cache. Hardware connection Type Analog ISDN DSL Cable Function Traditional modem – requires a single phone line for a connection and is limited in speeds less than 57,600 bps. Integrated Services Digital Network, requires two phone lines, and can reach a speed around 128,000 bps. Digital Subscriber Line, uses existing phone lines, and is available only in certain areas. You must be within a short distance of a switching station, and speeds can reach 9 MBPS. Works with the coaxial from the cable TV company and speeds is reduced with the number of users, but is approximately 2 MBPS. Basic modem's AT commands: Modem commands ATA ATD ATH ATZ Command function Answer Dial Hang up Reset Devices used on the Internet Network device Function Network interface card (NIC card) Puts the data into packets and transmits packet onto the network. To install the NIC card you must have available IRQ in the computer. Bridge Used to segment a network and reduce network traffic by examining the source and destination hardware address of the packet. Bridges forward packets based on their hardware addresses. Hardware addresses are also known as MAC addresses of physical addresses. Router Used to route packets to remote networks by examining the packet's network source and destination address. The destination address of the packet must match an entry in the routing table of the router; otherwise, the packet is discarded. When the ISP assigns your organization a valid network address the only thing you need to connect to the Internet is a router. Used to connect networks with different protocols like TCP/IP network and IPX/SPX networks. If you only have NetBEUI protocol on your network and need to access the Internet (TCP/IP is the protocol on the Internet), you would need to use a Gateway. Gateway 11 Proxy server Firewall Used to isolate internal network computers from the internet. When users on the network want to access the Internet, they first access the Proxy server and the proxy server accesses the Internet and retrieves the requested web page or document. The user then gets a copy of that page from the proxy server. Only IP address of the proxy server goes out to the internet. Proxy server will also cache frequently used sites to speed up future access. Can also be configured to restrict access to certain sites on the Internet. Used to prevent unauthorized access from the external network such as internet to your local network. Many organizations configure firewalls to prohibit access to certain domains. When you design a web site and put links to other sites, its possible that clients that access Internet from behind the Firewall will not be able to open pages that you link to because those sites may be located in restricted domains. Most firewalls, including MS Proxy server 2.0 will perform a reverse DNS look up to make sure that you will not access a restricted domain by using its IP address. Connection Types Connection type T1 E1 ( European standard ) T3 xDSL OC-1 (Optical carrier) OC-3 (3X the speed of OC-1) X.25 ATM Frame Relay Speed 1.54 MBPS 2.048 MBPS 45 MBPS. Used by ISPs to connect to the Internet. Based on Fiber optic line. Speed varies depending on the service plan from an ISP. xDSL usually has faster download speed that upload speed. 51.8 MBPS 155.52 MBPS - Fiber optic standard in use today. A packet-switching standard widely used in WANs. Asynchronous Transfer Mode – uses 53-byte cells for all transmissions. A packet switching protocol supporting T1 and T3. VIRTUAL PRIVATE NETWORKS Virtual Private Networks are built using PPTP or other tunneling protocols to provide encrypted (secure) communications across the Internet. They are used for connecting two different company sites such as with an Extranet, or for allowing a remote user to securely access a site. 12 SECURITY, MALICIOUS ATTACKS AND VIRUS PROTECTION Name Syn attack Ping flood Spoof Symptom An intruder can write a program that will establish a connection with your server and half-open TCP ports. That will block the access to your server. A multiple ICMP Ping messages sent to the server. That will cause the server a high traffic to your server and access to legitimate clients will be denied. Using a protocol analyzer or other device to intercept and decode packets sent to and from the server in order to find the account ID and password. Will only work if password is sent in unencrypted form. INTERNET RELATIONSHIPS AND SECURITY • • • Intranet – with an Intranet, you isolate the site from the world (typically with a firewall), and do everything you can to keep outsiders from knowing the site exists or accessing it. Extranet – with an Extranet, some of the world must know that your site exists – typically your vendors and partners – and you limit the access to only them and your internal personnel. This is best accomplished through the use of a Virtual Private Network. Internet – the purpose of an Internet site is for the world to know of its existence and come to it to learn of your products, data, information, and other offerings. By default, all users enter the site as the anonymous user and permissions are assigned to anonymous to affect all users. COPYRIGHTS ON THE INTERNET US copyright law protects any published or unpublished original material. The copyright protection starts from the time that material has been created. Copyright protection is automatic. It is not necessary to register you work with any US copyright office. It is recommended that you put a copyright notice on your web site and include the "©" symbol and the year that material was first published. Even if no copyright notice is included, the material is still protected under copyright law. Another way to include a copyright notice on your site is to put it in the META tags. The proper META tag for the copyright notice is: <META NAME="COPYRIGHT" content="YOUR NAME"> The search engines may include the contents of these META tags and display the information in the search results. Graphics art is also protected under the copyright law. Some graphics design software programs include a feature to embed a copyright notice in the graphics file in a form of a digital signature called a watermark. The watermark is not visible on the picture, but can be viewed with many graphics software. 13 BUSINESS CONCEPTS An E-commerce enabled web site allows individuals to purchase items. To have an e-commerce enabled web site, you must set-up a merchants system. A merchants system is a program that lets you set up a store on the Internet. You can purchase merchant systems from different software companies or you can write your own program. The most advance merchant systems use relational databases like SQL database. If you use a database, in order for you browser to connect to database, you need to create a DSN - a unique name that identifies the database. When you use the Internet to sell to other businesses, it is called e-business. The most costeffective way to successfully market a new commercial web site is to buy banner ads space on search engines. The reason is that your banners will only be displayed when someone enters search keywords that describe your business. Banner exchanges are not a good choice for a new web site because the number of times that your banners is displayed depends of number of times that you display banners of other clients. Since you are a new site, you will not be able to display the large number of banners. In order to be able to accept credit cards on line, you must purchase and install a security certificate from the certificate authority. Verisign is a certificate authority. The certificates are used for data encryption and also for authenticating web sites. When you access a commercial web site and placing the order with your credit card, the Certificate, installed on that site, tells your browser that the web site is really who they say they are because they have been verified by the certificate authority prior to issuing the certificate. You can issues you own Security certificates if you have a certificate server. However, if you are using your own certificates, every time someone tries to place on order in the secured area of your web site, they will be prompted by a message, asking you is you trust that unknown certificate authority. Most browsers are setup with in the way that they trust major certificate authorities like Verisign and will not prompt you when certificate is presented to them. Push – Pull Technology In push technology, the browser gets information pushed to it without it requesting it. In pull technology - on which most of the web is based - a user requests data before it is sent down. HARDWARE AND SOFTWARE There is no minimum hardware requirement to access the Internet. The minimum hardware is dictated by the software and operating system you want to use. To be connected to the Internet you always need an IP address. If you use a dial up account, the IP address is provided by ISP. When using a dial up account you should always disable the call-waiting feature. If call-waiting is active, you will be disconnected from the Internet every time some one tries to call you. IIS - Internet Information Server is the Microsoft's implementation of the Web server. If you need to have ASP (active server pages), you must use IIS. 14 Internet is the largest type of network. Besides the Internet, the Web server can be used on the Intranet. Intranet is a network that is confined to one organization and usually is not connected to the Internet or connected to the Internet via a Proxy server or a Firewall. An Intranet occurs when large organizations use their own web servers to make information available to their employees. If the company network or a segment of a network is connected to the Internet, that segment is called Extranet. Calculating File Download Time To calculate the time required to download a file, base on the bandwidth use the following formula: Size of Page / Available Bandwidth e.g. 7,000 byte file / 56,000 KBPS = .125 = 1.25 seconds 15 I-Net+ Questions 1. What is the correct entry in a host file? A: 216.247.86.47 www.troytec.com #troytec home page 2. A copyright notice located in the “head” section will appear how? A. <META NAME="COPYRIGHT" CONTENT="YOUR NAME"> 3. How and where are cookies stored? A. Unencrypted and stored on the client. 4. A Unicode character set uses how many bits to represent each character? A: 16 5. What is the second line of MIME? A: Content line 6. How many bits are in an IP Version 4 (IPv4) address? A: 32 bits 7. You have a multinational corporation that wants to encrypt its e-mail. What technology do you use? A: PGP 8. How many Web-safe colors are available to design and create web graphics? A: 216 9. Which of the following is not essential for a web page? <HTML> <BODY> <TEXTAREA> <TITLE> A: <TEXTAREA> 10. What single-key encryption method is used to encrypt and decrypt a message? A: Symmetric 16 11. What is the point where ISPs connect with each other to form the Internet backbone? A: NAP 12. You are going to set up over the Internet lectures for a high school for students to use, but are utilizing a very slow connection. What would be the best format? A: Real Media 13. You use the following code in your web page. It is not loading properly. What should you do to fix it? <HTML> <head> <TITLE>My Company<title> </HEAD> <body> Copyright © 2000 My Company </BODY> </html> A. Fix title tags. 14. What would not give a PC the ability to connect to the Internet? A: Virtual Modem 15. What is an example of a connection type protocol? A: TCP 16. What does LANG do? A: Tells the browser what type of language to expect in the page (e.g. JavaScript). 17. You can send e-mail, but you cannot receive it. Which protocol should you check? A: POP3. 18. You have an object that is 40 mm X 60 mm. What is the best Dots Per Square Inch (DPI) for the quickest download time? A: 72 dpi 19. You have no connection to the network. What can you test on your browser? 17 A: Client side script 20. An attack on your web site that leaves your ports half open is called what? A: Syn Attack 21. What is the fastest connection? A: OC-3 22. Copyright protecting your work is…? A: Not required, but highly recommended. 23. What does MIME stand for? A: Multipurpose Internet Mail Extension 24. What cannot be used as a firewall? A: DHCP Server 25. Which network device is not affected by a virus? A: Hub 26. You have a 1,300 user database. What is the best what language to use? A: SQL 27. Which network devices are affected by a virus? A: Router and Gateway 28. What protocol does not use Logon Authentication? A: SLIP 29. How would you log onto an ftp site on a web page that requires a username and password? A: username:[email protected] 30. What is true about FTP? 18 A: Users cannot change their own password. 31. What type of DNS entry is used to identify the mail server for a domain? A: MX 32. What is the FQDN of http:\\files.exam.comptia.com\top\bottom? A: files.exam.compta.com 33. What do you call the first DNS server? A: Primary 34. What is the first entry in a DNS server? A: SOA 35. A user with a 128 Kbps ISDN modem will take about how many seconds to download a 100K file? A: 8 36. Which step is most subject to network congestion? A: Transmitting the response from server to client 37. What network hardware device connects a computer to an ISP and the Internet via a standard phone line? A: Modem 38. Which network connectivity device translates one protocol or technology into another and is used to connect dissimilar network technologies? A: Gateway 39. Which web browser setting controls how a web browser receives information and automatically downloaded content from web sites? A: Security 40. What does a digital signature do? A: Verifies the identity of the person who applies it to a document 19 41. What is the most common way of getting information from a web surfer? A: An HTML form 42. Which TCP/IP protocol is the primary protocol used to transfer text and binary files on the Internet? A: FTP 43. Which network hardware device connects dissimilar network topologies into an internetwork? A: Bridge 44. Before you can use any Internet client for a dial-up connection, what must be installed and configured on the client machine? A: Modem 45. Which low cost device could you install to allow a user web access? A: Internet appliance 46. How do streaming media formats allow for slowdowns in the data stream? A: By building up a buffer of data before playback begins. 47. To which component of the Internet can individual users buy modem connections so that they can get on the Internet? A: Access point ISP 48. What TCP/IP protocol can be used for directory access? A: LDAP 49. Trademark protection applies to what? A: Ad slogans 50. Which is the least secure; Internet, Extranet, VPN, or Intranet? A: Internet 51. What protocol is the least secure? 20 A: SMTP 52. What is the default subnet mask for the IP address 194.206.42.7 A: 255.255.255.0 53. Which does not generally require an Access Control List (ACL)? A: Internet 54. What is the most useful aspect of the JAVA language? A: Cross-platform capability 55. What technology is used for vector-based Web sites? A: Flash 56. What is encrypted text called? A: Ciphertext 57. If you want to play streaming video on your site, what is the best technology to use? A: Flash 58. Which technology implements VPNs using IPsec? A: L2TP 59. T3 - E3 line connections have maximum speeds of what? A: 44.736 - 34.368 MBPS 60. What is the connection speed of an OC-3 line? A. 155.52 MBPS 61. Which technology provides an interactive 3-D environment? A: VRML 62. Which Internet bandwidth technology is mainly used on the Internet backbone? A: ATM 21 63. Based on speed and cost, which Internet bandwidth link type would be the best choice for a small ISP serving 100 dial-up users? A: T1 64. What type of SMTP server sends e-mails it receives to a list of e-mail recipients, forming a “discussion group”? A: List server 65. Which two TCP/IP utilities are the most similar in function? A: PING and TRACERT 66. Which network hardware device will improve network performance? A: Router 67. When surfing, your browser receives the message “The server is not responding”. What could be the problem? A: The server is overloaded 68. What command is used to start a file transfer from a remote site? A: get 69. What kind of file image supports animation? A: GIF89a 70. True or false: Telnet servers present no security risk. A: False 71. The success of a banner ad is usually measured how? A: Clickthrough rate 72. Which network hardware device protects a server from malicious attacks over the Internet? A: Firewall 73. What does a tunneling protocol facilitate? 22 A: VPNs 74. What is the native protocol of the Internet? A: TCP/IP 75. What is the fastest video card mode for displaying web graphics? A: 64 bit 76. What is one limitation of web browser cookies? A: There can be a maximum of 20 cookies per domain. 77. Why can't U.S. sites support browser encryption that uses keys longer than 40 bits? A: Most countries outside US only use browser capable of 40 bit encryption. 78. If no expiration date is set, how long will the cookies stay in effect? A: Until the computer is rebooted. 79. Which standard allows several “virtual servers” all using different DNS names to be resolved to the same IP address? A: HTTP 1.1 80. Configuring a router to advertise routes that either don't exist nor aren't where they say they are known as what kind of an attack? A: Spoofing 81. If you want to have secure communications on your Intranet, what must you implement in order to create your own key pairs? A: A certificate server 82. Browsers commonly support which client-side scripting language? A: JavaScript 83. Where do the majority of security violations within corporate networks come from? A: Employees 84. Which security is the standard for secure online transactions? 23 A: SET 85. In order to be an e-commerce server, a computer must offer what services? A: Virtual shopping cart services 86. How can you find out what browser someone was using when they got an error message? A: Look in the error log 87. Which of the following has the least impact on apparent web site performance? A: RAM in the client 88. In order to have copyright protection, a work must be what? A: Must be an original creation. 89. A client-side script is not working correctly. What is the most likely cause? A: The web client doesn't support scripting. 90. What is Microsoft's preferred server-side scripting language called? A: Active Server Pages (ASP) 91. What are the best types of documents to distribute using Electronic Data Interchange (EDI)? A: Orders and invoices 92. The ANSI standard upon which EDI is based is which of the following? A: X12 93. How many years does a copyright offer protection for an invention? A: 0 years 94. Using a portion of a document protected by copyright as long as it does not take away from the original document or is used for an educational purpose, falls under the realm of which of the following? A: Fair use 24 95. Which is not eligible for copyright protection? A: An ingredient list 96. The type of technology wherein a browser must go to a site and bring information down is known as what? A: Pull 97. A webmaster from one site "borrows" content from another site and places it on his own. The content was protected by copyright and the Webmaster did not obtain permission to use it. Under what circumstance can the Webmaster do so without legal ramifications? A: If the Webmaster is doing a parody 98. What command is used to show TCP/IP active connections? A: NETSTAT 99. What is CSS in web design terminology? A: Cascading style sheets 100. What is CSS in a server/internet capacity? A: Commercial secured server 101. Which AT modem command is for dialing? A: ATD 102. Which AT modem command is for resetting the modem? A: ATZ 103. What command would you use to determine the MAC address of a workstation? A: ARP 104. What is the easiest database to set up? A: Relational database 25 105. You have users connecting via RAS. What is the best way to prevent unauthorized access to your network? A: Firewall 106. How do you ensure that you’ve seeing the most up-to-date web site page? A: Use the Refresh button. 107. What is the default port for FTP? A: 21 108. What is the default port for Telnet? A: 23 109. What is the default port for the SMTP protocol? A: 25 110. When connecting to a web site, which default port will be used? A: 80 111. You want to allow members of your organization to send email to all other members of your organization. Which server would be the one to use? A: List 112. Which protocol has the highest security? A: PPTP 113. Where can you find the specification for an Internet standard? A: RFC 114. You would like to install a fast line in your office, with at least 10 MBPS transfer rate, which would be most suitable? A: T3 115. In a multi-tiered architecture object, request brokers can be implemented through what? 26 A: Corba 116. An ISP has assigned you a class C network address and a valid subnet mask. What should you use to connect to the Internet? A: Router 117. What is the color depth of JPEG? A: 24 bit 118. Which remote access protocol does not support IPX? A: SLIP 119. Which command is used to download multiple files? A: mget 120. How long does it take to download a 7,000 byte file at 56k? A: 1.25 seconds 121. How does the following code help copyright your page? <JavaScript> (!=User.Top On.Top) </Java> A: Will not allow frame to be displayed in other web pages. 122. What graphic file format supports partial transparency? A: PNG 123. What bandwidth technology uses a 53 byte cell? A: Asynchronous Transfer Mode (ATM) 124. Which protocol is used to set up a VPN? A: PPTP 125. What is the length of life of a copyright obtained by an author who then dies two years later? 27 A: 52 years 126. You browse the web, and when you enter the URL of the web page, you receive the "error 404" message. What is the cause of that message? A: The file does not exist on the server. 127. What Class does 131.xxx.xxx.xxx fall under? A: Class B 128. What could be wrong if you can only ping 127.0.0.1 and your IP address, but not the router? A: Your subnet mask is invalid 129. What would you add to a workstation to setup a “dumb terminal” to provide web browsing capabilities? A: Set up the PC with a web browser client with a connection to the HTTP. 130. Your ISP has assigned you a valid IP address, and a valid subnet mask. They also assigned you the gateway’s IP address. You assigned this IP address, subnet mask and a gateway to your computer and you still cannot access the Internet. What is the most likely cause of the problem? A: ISP forgot to make a change on his router 131. Which HTML tag is used for the numbered list? A: OL 132. You use proxy server to connect to the web site. The server that hosts that site logs all IP addresses that connect to the site. Your company has 200 IP addresses. Which IP addresses will be logged by the server? A: Only IP address of the proxy server will be logged 133. “Method”, “Action”, and “Input Type” are all attributes of what? A: Form 134. Where do most search engines get their information about sites from? A: META tags 135. You try to connect to a web site and you receive an error message “Destination unreachable”. What is the most likely cause of this error? 28 A: Problem with gateway 136. The ability to translate documents such as web pages easily into other languages is provided by what? A: Unicode 137. A browser plug-in that supports animation, audio, video and user actions on both Windows and Mac platforms is called what? A: Shockwave 138. What browser plug-in allows objects to be rotated in three dimensions? A: QuickTime VR 139. What digital standard has a high compression rate because it only stores changes between frames? A: MPEG 140. What is the correct HTML syntax to create a link on a web page to www.troytec.com? A: <A HREF=“http://www.troytec.com”> Troy Technologies</A > 141. What are the three basic elements of every web? A: HTML declaration, head and body. 142. Which protocol does TFTP use as a delivery protocol? A: UDP 143. VeriSign is a type of what? A: Certificate Authority 144. What is the easiest way to add search capabilities to your web site? A: Index Server 145. You attempt to log onto a remote site, but can’t. You made sure you are typing in the correct password. What would you try next? A: Hit the caps lock and retype your password. 29 146. Using a protocol analyzer or other device to intercept and decode packets sent to and from the server in order to find the account ID and password is called what? A: Spoofing 147. A hacker is attempting to bring your web site to its knees by continuously using the ping utility on it. This type of attack is known as what? A: Denial-of-service 148. Which is a server side script? A: PERL 149. Encryption is used where? A: In Virtual Private Networks 150. A common error made in developing an international English language Web site is: A: Use of colloquialisms 151. What language must be compiled before it can be executed? A: Java 152. What capability will adding a merchants system to your site provide? A: E-commerce 153. Most browsers do not have support for what? A: Telnet 154. You created a form on your site that takes the data from the user and sends it to the server. What is the most effective way to make sure the data is entered in a specific format? A: Validate on the browser with JavaScript 155. You receive a timeout error when accessing a TCP port. What is the cause? A: Firewall has port closed. 156. What is required to be connected to the Internet? 30 A: TCP/IP address 157. What does the DNS A record do? A: Contains a mapping of IP address to the Host's name. 158. What is not a valid Internet IP address? A: 10.X.X.X 159. What client enables you to establish a command line session host with a network host? A: Telnet 160. A proxy server is connected to the Internet via a cable modem and can access the Internet. Your users cannot access the Internet, the ISP verified that connection was available. What should you do to fix the problem? A: Reset the cable modem 161. Which protocol uses authentication? A: IMAP 162. Which class of addressing is reserved for futures use? A: E 163. The transfer rate of 51.84 MBPS applies to what? A: OC-1 164. What are the two parts of every IP address? A: Network + Host 165. A device used as a portal to and from the Internet is known as what? A: Gateway 166. Martha wants to have a contest on her web site. What method should she use? A: Shockwave 167. What is the command to initiate an FTP session? 31 A: Connect 168. What do you need to have in order for your browser to connect to a database if you use a database on your e-commerce site? A: DSN 169. You want to implement ASP (Active server Pages) on your sites server. What must be in place before you can use these types of pages? A: IIS 170. Microsoft's implementation of the Web Server is called what? A: IIS 171. Which type of index enables you to search a site for a specific phrase? A: Keyword Server 172. Which network device allows you to communicate with a host that uses a different protocol stack? A: Gateway 173. What entry in the DNS identifies an alias? A: CNAME 174. You have updated your email application, and need access to 300 entries in your old address book. What should you do? A: Import the address book. 175. What type of server should you install to keep email address accounts up-to-date on client machines? A: Directory Server 176. What language is vendor dependent? A: VBScript 177. Where could you find specifications for secure online transaction? 32 A: SET 178. You have a reference page that is frequently visited. It loads very slowly. What should you do to decrease the load time? A: Increase cache size. 179. What is a valid class B address? A: 130.XXX.XXX.XXX 180. What protocol does SLIP support? A: TCP/IP 181. What is the best way to run a search query to find hotels or car rentals in Concord, California? A: Concord and California and Hotels or Car Rentals. 182. Where are CGI scripts ran? A: On the server. 183. What protocol does Telnet run under? A: IP 184. You see your server opening connections, but never completing connections. What type of attack is this? A: Syn attack 33