INDEX
Please note that index links point to page beginnings from the print edition. Locations are approximate in e-readers, and you may need to page down one or more times after clicking a link to get to the indexed material.
Numbers
100 GbE Ethernet, 106
100-megabit Ethernet, 91–92
1000BaseLX Ethernet, 97
1000BaseSX Ethernet, 97
1000BaseT Ethernet, 96
1000BaseX Ethernet, 96
100BaseFX Ethernet, 94–96, 149
100BaseT Ethernet, 92–96
10BaseT Ethernet
hub issues, 82
overview of, 73–74
specification, 77
TIA/EIA 568A and 568B, 76–77
upgrading to 100BaseT, 93
UTP use with, 74–76
10BbE Ethernet
backbone networks, 104–105
connectors, 103
copper-based, 102
fiber-based, 100–101
fiber transceivers, 104
overview of, 100
physical connections, 103
standards, 102
10GBaseER Ethernet, 101
10GBaseEW Ethernet, 101
10GBaseL4 Ethernet, 102
10GBaseLR Ethernet, 101
10GBaseLRM Ethernet, 102
10GBaseLW Ethernet, 101
10GBaseSR Ethernet, 101
10GBaseSW Ethernet, 101
10GBaseZR Ethernet, 102
110 block (110-punchdown block), 119–120, 135–136
2G technologies, mobile networking, 581–582
3G technologies, mobile networking, 582–583
40GbE Ethernet, 106
4G technologies, mobile networking, 582–583
4to6 tunneling, moving to IPv6, 441
66 block (66-punchdown block), 120
6in4 tunneling, moving to IPv6, 442
802.11a-ht, 509
802.11g-ht, 509
8P8C (8 position 8 contact) connectors, 59
A
AAA (Authentication, Authorization, and Accounting)
Kerberos, 373–375
overview of, 370–372
RADIUS, 372–373
router/switch configuration for, 418–419
TACACS+, 373
absorption, physical issues in wireless networks, 543
acceptable use policy (AUP), 628–629
access control
AUP (acceptable use policy), 628–629
authorization and, 366–367
doors, 676–678
network access policies, 629
in network security, 679
to wireless networks (IEEE 802.1x), 515–516
access control lists. See ACLs (access control lists)
Access Control Server (ACS) (Cisco), 684
access points. See WAPs (wireless access points)
access ports, workstations to VLANs, 402–403
accounting. See also AAA (Authentication, Authorization, and Accounting), 372
ACK
HTTP packets, 270–271
TCP segments, 167–168
TCP three-way handshake, 265
ACLs (access control lists)
administrative access attacks, 666
authorization techniques, 367
firewall rules, 692–693
hardening IoT devices, 594
MAC address filtering and, 511–512
troubleshooting firewalls, 695
WAN problems, 752
AcrylicWiFi, conducting site survey, 521–522
ACS (Access Control Server) (Cisco), 684
Active Directory. See AD (Active Directory)
activity lights, checking NIC status, 152–153
actuator, distributed control system, 618
AD (Active Directory)
Active Directory-integrated zones, 331, 335
managing AD databases, 385
ad hoc mode
overview of, 501–503
setting up ad hoc network, 525–526
Adaptive Network Technology (ANT+), 590–591
Adaptive Security Appliance (ASA), 753
address notation, IPv6, 424–426
address space, IPv4 vs. IPv6, 423–424
administrative accounts, administrative access attacks, 666
ADSL (asymmetric DSL). See also DSL (digital subscriber line), 476
Advanced Encryption Standard (AES), 354–355
advanced networking devices
AAA (Authentication, Authorization, and Accounting), 418–419
alternative VPNs, 396
configuring VLAN-capable switches, 400–402
content switches, 409–410
DHCP and VLANs, 406
DMVPN, 395–396
DNS for load balancing, 408–409
DTLS VPNs, 395
interVLAN routing, 404–406
intrusion detection/intrusion protection, 412–415
L2TP VPNs, 394–395
load balancing, 407–408
multilayer switches, 407
network protection devices, 412
overview of, 389
port bonding, 411–412
port mirroring, 415
PPTP VPNs, 392–394
proxy servers, 415–417
QoS (quality of service) and traffic shaping, 410–411
review Q&A, 419–422
SSL VPNs, 395
switch management, 396–398
tagging, 402–403
troubleshooting VLANs, 407
trunking, 399–400
VLANs (virtual LANs), 398–399
VPNs (virtual private networks), 390–392
VTP (VLAN Trunking Protocol), 404
advanced persistent threats (APTs), 691
adware, 668
AES (Advanced Encryption Standard), 354–355
AfriNIC (African Network Information Centre), 436
agents
managed devices running, 701–702
persistent and non-persistent, 683–684
SNMP, 384
aggregation, IPv6, 433–435
Aircrack-ng, for penetration testing, 640
AirMagnet Survey Pro, conducting site survey, 521–522
AJAX, server-side scripting, 281
alerts
emergency alert system, 652
security alerts, 687
SNMP, 703
algorithms. See also by individual types, 351
Amazon Web Services (AWS), example of IaaS, 570–571
American National Standards Institute (ANSI), 57
American Registry for Internet Numbers (ARIN), 186, 435
amplified DoS, 662
amplifiers, repeaters compared with, 454
analog telephony
converting to digital phone systems, 453–455
frequency division multiplexing, 453
long distance phone calls, 449–450
multiplexers and local exchanges, 451–453
overview of, 448–449
PSTN lines and, 470
Android Pay, 589
Android smartphones, 585
Angled Physical Contact (APC) fiber connectors, 99
Angry IP Scanner, 734
ANSI (American National Standards Institute), 57
ANT+ (Adaptive Network Technology), 590–591
antennas
multipath, 544
multiple antenna use with WAPs, 509
omnidirectional, 527–529
patch antennas, 530
satellite television, 480
troubleshooting wireless networks, 542
unidirectional, 530
anti-ESD wrist strap, 648
anti-malware
antivirus programs, 688–689
assessing security posture, 683
definition files, 413
anycast addresses, IPv6, 429–430
Apache
administering, 283–284
Apache HTTP Server on Linux/UNIX OSs, 283
APC (Angled Physical Contact) fiber connectors, 99
APIPA (Automatic Private IP Addressing), 209–210, 525
APIs (application programming interfaces), 33
APNIC (Asia-Pacific Network Information Centre), 436
Apple Pay, 589
application/context aware, firewall techniques, 691
Application layer (Layer 7), OSI model, 32–33
Application layer, TCP/IP model, 41
overview of, 39
protocols, 169–170
application programming interfaces (APIs), 33
application security, TCP/IP
HTTPS (HTTP Secure), 382–383
LDAP (Lightweight Directory Access Protocol), 385
NTP (Network Time Protocol), 385
overview of, 381
SCP (Secure Copy Protocol), 383
SFTP (SSH File Transfer Protocol), 383
SNMP (Simple Network Management Protocol), 384
applications, TCP/IP
active and passive FTP, 298–299
configuring Telnet/SSH clients, 290
connection-oriented vs. connectionless communication, 264–265
connection status, 275–278
DHCP and, 266–267
e-mail, 290–291
e-mail clients, 295
e-mail servers, 293–294
FTP and, 295–296
FTP servers and clients, 296–298
HTTP, 281
HTTPS, 283–285
ICMP, 267–268
IGMP, 268–269
NTP/SNTP, 266
overview of, 263–264
port numbers and, 269–271
publishing Web sites, 281–282
registered ports, 271–275
reviewing Internet applications, 300
rules for determining good or bad communication, 278
SMTP, POP3, IMAP4, 291–293
TCP, 265
Telnet/SSH, 285–287
Telnet/SSH servers and clients, 287–289
TFTP, 267
UDP, 265–266
Web servers and Web clients, 282–283
WWW (World Wide Web), 279–281
APTs (advanced persistent threats), 691
ARIN (American Registry for Internet Numbers), 186, 435
ARP (Address Resolution Protocol)
ARP cache poisoning, 658–661
determining MAC addresses, 171–172, 184–186
Proxy ARP, 755–756
arp utility, 729–730
arping, 730–731
AS (Authentication Server), Kerberos, 374
AS (Autonomous System), 241–242, 244
ASA (Adaptive Security Appliance), 753
Asia-Pacific Network Information Centre (APNIC), 436
ASN (Autonomous System Number), 242–243
assets
disposal, reuse, repurpose, 673
network documentation, 603
protecting critical, 635
asymmetric DSL (ADSL). See also DSL (digital subscriber line), 476
asymmetric-key encryption
defined, 353
example of, 357
public-key cryptography, 355–356
Asynchronous Transfer Mode (ATM), 228, 463–464
AT&T
competing carriers, 460–461
converting from analog to digital phone systems, 456
DSL use by, 476
fiber-to-the-home providers, 480
history of telephony in U.S., 454
ATM (Asynchronous Transfer Mode), 228, 463–464
attack surface, vulnerabilities, 658
attacks. See also by individual types, 627–628
attenuation
physical issues in wireless networks, 543
troubleshooting copper cable, 144
troubleshooting fiber-optic cable, 146
AUP (acceptable use policy), 628–629
authentication
applications for, 32
defined, 350
EAP, 514–515
methods, 366
overview of, 365–366
securing wireless networking, 512–513
of servers using CRAM-MD5, 360
SSH and, 287
trusted and untrusted users and, 665
Authentication, Authorization, and Accounting. See AAA (Authentication, Authorization, and Accounting)
Authentication Server (AS), Kerberos, 374
authentication standards
AAA (Authentication, Authorization, and Accounting), 370–372
combining authentication and encryption, 379
IPSec, 380–381
Kerberos, 373–375
PPP, 368–370
RADIUS, 372–373
SSL/TLS, 379–380
TACACS+, 373
user authentication, 368
authoritative name servers, DNS, 315, 326
authorization
AAA (Authentication, Authorization, and Accounting), 372
defined, 350
overview of, 366–367
techniques, 367
Automatic Private IP Addressing (APIPA), 209–210, 525
Autonomous System (AS), 241–242, 244
Autonomous System Number (ASN), 242–243
AWS (Amazon Web Services), example of IaaS, 570–571
B
B channels (Bearer channels), ISDN, 474–475
backbone networks, 104–105
backoff, CSMA/CA and, 506
backups
assessing backup plan, 644
disaster recovery and, 642–643
RAID, 664
traditional techniques, 643
badges, RFID chips in, 676–677
bandwidth
interface monitors, 708
QoS policies for traffic shaping, 410–411
routing metrics, 236
throughput testers, 735
UTP ratings, 57
bandwidth-efficient encoding schemes, in twisted pair cabling, 58
bandwidth saturation, 543
bandwidth speed testers, 735–736
banner grabbing, 665
bare-metal hypervisors, 561
baseband, compared with broadband, 73, 92
baselines, in troubleshooting, 711–712
Basic Rate Interface (BRI), ISDN, 474
Basic Service Set (BSS)
extending wireless network, 538–539
single access points, 503
Basic Service Set Identifier (BSSID), identifying wireless networks, 504
baud/baud rate, modem speed, 470–472
BCP (business continuity plans), 642, 644–645
beacon, configuring WAPs, 532–533
beam antennas, 530
Bearer channels (B channels), ISDN, 474–475
bend radius limitation, fiber-optic cable, 146
BERT (Bit Error Rate Test), testing telephony connections, 467–468
BGP (Border Gateway Protocol)
anycast addresses, 430
communication between Autonomous Systems, 243
comparing dynamic routing protocols, 246
overview of, 242–244
query tools, 735
BiDi (Bidirectional) transceivers, fiber-optic, 104
binary numbering system
converting dotted decimal to, 174, 183–184, 195–196
overview of, 10
BIND DNS server, 409
biometrics
controlling physical access, 677
in local authentication, 366
Bit Error Rate, 467–468
Bit Error Rate Test (BERT), testing telephony connections, 467–468
bit rates, modem speeds, 471–472
blacklists, MAC address filtering, 512
block ciphers, in symmetric-key encryption, 353–354
blocking policy, security policies, 754
blocks, of storage in hard drives, 565
BlueBorne list, of security vulnerabilities on mobile devices, 588
Bluejacking, 587
Bluesnarfing, 587
Bluetooth, 586–588
BNC connectors, coaxial cable, 52, 55
bonding NICs, 151
BOOTP (Bootstrap Protocol). See also DHCP (Dynamic Host Configuration Protocol), 202
Border Gateway Protocol. See BGP (Border Gateway Protocol)
botnets, DDoS attacks, 662
bots, DDoS attacks, 662
bottlenecks, performance monitoring, 716
BPDUs (bridge protocol data units), 86–87
BRI (Basic Rate Interface), ISDN, 474
bridged connection, DSL, 477
bridged NICs, 566–567
bridges, wireless, 539
bridging loops
for switches, 85
WAN problems, 755
bring your own device. See BYOD (bring your own device)
broadband cable, competing with ADSL, 479
broadband, compared with baseband, 73, 92
broadcast addresses
IPv6 replaces with multicast, 428–429
overview of, 16
broadcast domains, 84
broadcast frequencies, wireless networking, 505
broadcast methods, wireless networking, 505
broadcast storms, WAN problems, 755
broadcasts, for name resolution, 319
BSS (Basic Service Set)
extending wireless network, 538–539
single access points, 503
BSSID (Basic Service Set Identifier), identifying wireless networks, 504
buffer, fiber-optic cable, 60
building layout, 652
bus topology
coaxial cabling in, 52
Ethernet, 73
overview of, 46–47
business continuity plans (BCP), 642, 644–645
butt set, 159
BYOD (bring your own device)
deployment models, 591
LAN problems, 749
persistent and non-persistent agents and, 684
C
CA (certificate authority), 363–365
cable certifiers. See certifiers
cable drops, mapping cable runs, 129–130
cable mismatch, troubleshooting fiber-optic cable, 146
cable modems
broadband cable competing with ADSL, 479
connecting to ISP via coaxial cable, 53
remote access connections, 485–487
RG-59 coaxial cable, 53–54
cable strippers/snips, 725
cable television, 53–54
cable testers
hardware troubleshooting tools, 722–724
measuring signal loss, 145
troubleshooting copper cable, 141
cable trays, for pulling cable, 132–133
cabling
coaxial, 51–55
copper, 51
fiber-optic, 60–62
fire ratings, 64
hands-on problems, 746
horizontal cabling, 114–116
internal network connections, 607–610
Link layer and, 34
making connections, 135
making patch cables, 136–138
mapping runs, 129–130
NICs and, 9
physical layers of OSI model and, 6–7
physical safety and, 649
pulling cable, 132–135
review Q&A, 66–68
serial and parallel, 63
shielded twisted pair, 55–56
standards, 64–65
structured cabling, 110–111, 125
twisted pair, 55
unshielded twisted pair, 56–59
Cache-only DNS servers, 326
cached lookups, DNS servers, 325
Cacti graphing program, 714–715
Caesar cipher, 351–352
CAN (campus area network) example. See networks, building
canonical name (CNAME), DNS records, 327–329
capacitance, Ohm ratings, 54
captive portals, wireless networking, 544
capture file, packet sniffers, 704
carrier sense multiple access/collision avoidance (CSMA/CA), 506–507
carrier sense multiple access/collision detection (CSMA/CD), 79–81, 506
Cat (category) ratings
100BaseT, 92
10BaseT, 74
compatibility and, 606
connecting to DSL modem using patch cable, 477
horizontal cabling, 114
patch panels, 121–122
RJ-45 jacks, 124
upgrades and, 93
UTP, 57–59
Catalyst 3550 (Cisco)
interVLAN routing, 405–406
multilayer switches, 407
cause, of problem
testing theory of, 741
theory of probable, 739–741
CCE (Certified Computer Examiner), 645
CCENT (Cisco Certified Entry Networking Technician), 2
CCITT (International Telegraph and Telephone Consultative Committee), 472–473
CCITT packet switching protocol, 463
CCMP-AES, in WPA2, 517
CCNA (Cisco Certified Network Associate), 2
CCTVs (closed-circuit televisions), for security monitoring, 678
CDMA (code-division multiple access), 582
cellular WAN
CDMA, 582
GSM, 581–582
HSPA+, 582–583
LTE, 583
overview of, 580–581
central box
frames and, 13
hubs and switches, 14–15
last mile connections, 454
NICs and, 9
physical layers of OSI model and, 7
central office
Local Exchange Carrier, 469
in telephone systems, 451–452
trunk lines, 474
certificate authority (CA), 363–365
Certificate Revocation Lists (CRLs), 383
certificates
PKI and, 362–365
revocation lists, 383
WAN problems, 754
Certified Computer Examiner (CCE), 645
Certified Forensic Computer Examiner (CFCE), 645
certifiers
hardware troubleshooting tools, 724
measuring signal loss, 145
CFCE (Certified Forensic Computer Examiner), 645
chain of custody, collecting evidence, 647
Challenge Handshake Authentication Protocol (CHAP), 369, 373
Challenge-Response Authentication-Message Digest 5 (CRAM-MD5), 360
change management
overview of, 630–632
patches and updates, 632–634
change management team, 630–631
change request, 631
channel bandwidth, wireless networking, 505
channel overlap, wireless networking, 540
Channel Service Unit/Digital Service Unit. See CSU/DSU (Channel Service Unit/Digital Service Unit)
channels
configuring WAPs, 534, 536–537
unencrypted channels as vulnerability, 673–674
wireless networking, 505–506
CHAP (Challenge Handshake Authentication Protocol), 369, 373
checksums (message digests), in hashes, 357
choose your own device (CYOD), deployment models, 591–592
CIDR (Classless Inter-Domain Routing)
generating blocks of IP addresses, 187
IPv4 naming convention, 426
real world applications, 197
subnetting and, 188–189
cipher locks, for controlling physical access, 677
ciphers
block ciphers, 353–354
defined, 351
stream ciphers, 354
ciphertext, 353
circuit switches/circuit switching, in telephone systems, 450, 453
circuits, testing for open circuit, 723
Cisco certifications, Network models, 2
Cisco Certified Entry Networking Technician (CCENT), 2
Cisco Certified Network Associate (CCNA), 2
Cisco IOS, 249–250
Cisco Network Assistant, 253, 400–402
Cisco Network Assistant (CNA), 709–711
cladding, fiber-optic cable, 60
class IDs, IP addresses and, 186–187
class of service (CoS), 616–617
Classless Inter-Domain Routing. See CIDR (Classless Inter-Domain Routing)
cleartext
encryption and, 350
vulnerabilities of, 674
client-to-site connection, L2TP VPNs, 394
clients
configuring wireless client, 537–538
installing wireless client, 524–525
LAN problems, 749
closed-circuit televisions (CCTVs), for security monitoring, 678
closed networks, 623
cloud
cloud-based anti-malware, 689
delivery methods, 574–575
disaster recovery and, 643
Infrastructure as a Service, 570–571
overview of, 569
Platform as a Service, 571–573
service layers and, 570
Software as a Service, 573
Web services, 292
cloud bursting, 575
clustering
fault tolerance, 636
load balancing, 408
CNA (Cisco Network Assistant), 709–711
CNAME (canonical name), DNS records, 327–329
coarse wavelength division multiplexing (CWDM), 462
coaxial cable
broadband cable competing with ADSL, 479
connection issues, 486–487
connectors, 52–53
Ohm ratings, 54
overview of, 51
RG (Radio Guide) ratings, 53–54
shielding, 51–52
standards, 55
use with modems, 53
COBO (corporate-owned business only) devices, deployment models, 591–592
code-division multiple access (CDMA), 582
cold sites, in business continuity plans, 644
collaboration, UC features, 612
collision domains, 81
collision lights, checking NIC status, 153
collisions, CSMA/CA and, 506
Combs, Gerald, 705
communication
connection-oriented vs. connectionless, 36–37, 264–265
rules for determining good or bad communication, 278
community cloud, 575
company-issued personally enabled (COPE), deployment models, 591–592
compatibility, issues in building networks, 601, 606–607
compromised system, symptoms of, 688
computer forensics
certification organizations, 645
collecting evidence, 647–648
documenting the scene, 646–647
first responders, 646
forensics report, 647–648
securing the area, 646
computer telephony integration (CTI), 611
configuration management, 602
conflicting permissions, 681
connection-oriented communication, 36–37, 264–265
connectionless communication, 36–37, 264–265
connections
connection status, 275–278
external network connections, 610–611
internal network connections, 607–610
simultaneous wired/wireless connections causing network failure, 747–748
TCP/IP sessions, 272
connections, wireless
no connection, 540–542
slow connection, 542–545
weird connection, 545–547
connectivity
end-to-end connectivity, 756
methods, 574
software, 730
troubleshooting remote, 491–494
connectors
1000BaseSX and 1000BaseLX, 97
100BaseFX, 94
10BaseFL, 78
10BaseT, 74–75
10BbE, 103
crossover cables, 85
fiber-optic cable, 61–62, 98–99
Gigabit Ethernet, 99
ISDN, 474
mismatch problem, 146
modems, 479
NICs, 148
serial and parallel, 63
for telephone lines, 470
unshielded twisted pair, 59
console port, managed switches and, 396, 398
content filtering, firewall rules for, 693
content switches, alternative to load balancing, 409–410
contingency planning, 641–642
continuity testers, 141–142
control plane, routers and switches and, 568
controller, distributed control system, 618
controls, in hardening network, 675–678
convergence (steady state), routers, 240
COPE (company-issued personally enabled), deployment models, 591–592
copper cabling
copper-based 10GbE, 102
crosstalk, 142–144
measuring signal loss, 144–145
overview of, 51
T1 and T3 carriers, 457–460
testers, 141–142
troubleshooting areas, 140–141
corporate-owned business only (COBO) devices, deployment models, 591–592
CoS (class of service), 616–617
cost
OSPF metrics, 244
routing metrics, 237
counters, Performance Monitor (PerfMon), 711
couplers, testing cabling, 156
cPanel e-mail server, 293
CPE (customer-premises equipment), 128
CRAM-MD5 (Challenge-Response Authentication-Message Digest 5), 360
CRC (cyclic redundancy check)
in Ethernet frame, 73
credentials
dangers of cleartext, 674
device hardening, 685
crimpers/crimping
hardware troubleshooting tools, 725
making patch cables, 136–138
RJ-45 connectors, 75–76
CRLs (Certificate Revocation Lists), 383
crossover cables
connecting to CSU/DSU boxes, 458
connecting to routers, 251
connecting to switches, 85
hands-on problems, 746
crosstalk
testing for, 723
troubleshooting copper cable, 142–144
twisted pair cabling preventing, 55
crypto-malware, 667
cryptographic hash functions. See hashes
cryptography. See encryption
CSMA/CA (carrier sense multiple access/collision avoidance), 506–507
CSMA/CD (carrier sense multiple access/collision detection), 79–81, 506
CSU/DSU (Channel Service Unit/Digital Service Unit)
dedicated private connections, 485
T3 lines and, 460
termination of T1/T3 lines, 457–459, 467
CTI (computer telephony integration), 611
customer-premises equipment (CPE), 128
CWDM (coarse wavelength division multiplexing), 462
CyberDuck FTP client, 298–299
cyclic redundancy check (CRC)
in Ethernet frame, 73
CYOD (choose your own device), deployment models, 591–592
D
D channels (Delta channels), ISDN, 474
DAC (discretionary access control), 367
DAI (Dynamic ARP Inspection), 659–661
data breach, 628
Data Encryption Standard (DES), 354
data field, of frame, 14, 71–72
Data Link layer (Layer 2), OSI model, 19–20, 228
data loss prevention (DLP), 629
Data-Over-Cable Service Interface Specification (DOCIS), 228, 479
data plane, routers and switches and, 568
data storage
network attached storage, 566
storage area networks, 565–566
virtualization and, 564–565
data structures, corresponding to layers of TCP/IP model, 41
databases, hacking, 628
datagrams
breaking packets into, 27–28
UDP, 168
DatagramTLS (DTLS) VPNs, 395
DB-25 connector, parallel connections, 63
DB-9 connector, serial connections, 63
dB (decibels)
cable signal measured in, 487
measuring RF output, 528
measuring signal loss, 144–145
DCF (Distributed Coordination Function), 506–507
DCS (distributed control system), 619–620
DDNS (dynamic DNS), 338–339
DDoS (distributed denial of service) attacks, 662–663, 666
de-encapsulation. See encapsulation/de-encapsulation
deauthentication (deauth) attacks, 663
decibels. See dB (decibels)
decimal numbering system, 10, 195–196
dedicated private connections, remote access, 484–485
default gateway, 179
definition files, malware, 413
delay, routing metrics, 236
delivery methods, cloud services, 574–575
Delta channels (D channels), ISDN, 474
demarc (demarcation point)
connecting modem to phone jack, 470–471
connections from outside world entering at, 125–127
connections inside demarc, 127–129
demarc extensions, 128
ISDN, 474
T carriers, 467
demilitarized zone (DMZ), 693–694, 754
denial of service attacks. See DoS (denial of service) attacks
dense wavelength division multiplexing (DWDM), 462, 468
deployment models, for mobile networking, 591–592
DES (Data Encryption Standard), 354
design process, in building network, 603
desktop virtualization, 555–558
destination field, in Ethernet frame, 71–72
destination host unreachable, ICMP, 268
device drivers
installing NIC drivers, 151
updating, 632
device ID, 10
device saturation, troubleshooting wireless networks, 543
devices
advanced networking. See advanced networking devices
categories to consider in building network, 601
hardening, 685
managed. See managed devices
mobile. See mobile devices
network protection. See network protection devices
robust devices in enterprise wireless, 518–519
in scenario combining monitoring tools and techniques, 713
UC devices, 613
DHCP clients, 202–203
DHCP (Dynamic Host Configuration Protocol)
configuring, 203–204
DNS suffix, 338
dynamic IP addressing, 201–202
how it works, 202–203
LAN problems, 748–749
leases, 203
MAC reservations, 206–208
overview of, 266–267
relays, 205–206
reservations, 206
setting up network addressing scheme, 610
troubleshooting, 208–212
using UDP, 168
VLANs and, 406
DHCP leases, 203
DHCP relays (DHCP relay agent), 205–206, 406
DHCP reservations, 206
DHCP scope, 204
DHCP servers
configuring, 204
how DHCP works, 202–203
rogue server, 212
running multiple, 211
troubleshooting no server message, 209–211
DHCP Snooping, 661
diagnosing problems, network installation and, 154
diagrams
graphing programs, 714–715
network documentation, 602
dial-up
connecting to Internet, 482
last mile connections, 469
on macOS, 485
private dial-up, 482–484
differential backups, 643
differentiated services code point (DSCP), 616
DiffServ (differentiated services), 616
dig (domain information groper), 343, 731
digital certificates. See certificates
Digital/Intel/Xerox (DIX) standard, 70
digital signal 1 (DS1), 458–459
digital signal, converting analog to, 456
digital signal rate (DS0), 456–457, 475
Digital Signature Algorithm (DSA), 377
digital signatures, 361
digital telephony, 473–475
alternatives to WAN telephony, 468
ATM, 463–464
bit rates vs. baud rate, 471–472
broadband cable, 479
choosing connection option, 481
converting from analog to, 453–455
dial-up lines, 469
DS0 (digital signal rate), 456–457
DSL, 475–478
fiber carriers, 460–462
fiber-to-the-home technologies, 480
last mile solutions, 468
MPLS (Multiprotocol Label Switching), 464–467
overview of, 455–456
packet switching, 462–463
PSTN (public switched telephone network), 469–471
satellite access, 479–480
T1 and T3 copper carriers, 457–460
V standards, 472–473
WAN telephony connections, 467–468
dipole antennas, 527–529
direct-sequence spread-spectrum (DSSS), 505
directional antennas, 527–530
disaster recovery, 642–643
disaster recovery team, 642
Discover, Offer, Request, and Acknowledgement (DORA), 203–204
discretionary access control (DAC), 367
dispersion, troubleshooting fiber-optic cable, 146
distance vector protocols
comparing dynamic routing protocols, 246
overview of, 237–241
RIPv1 and RIPv2, 241–242
distributed control system (DCS), 619–620
Distributed Coordination Function (DCF), 506–507
distributed denial of service (DDoS) attacks, 662–663, 666
distributed switches, 567–568
divide and conquer, in troubleshooting, 740
DIX (Digital/Intel/Xerox) standard, 70
DLP (data loss prevention), 629
DMVPN (dynamic multipoint VPN), 395–396
DMZ (demilitarized zone), 693–694, 754
DNAT (dynamic NAT), 233–234
DNS cache poisoning, 657
DNS (Domain Name System)
configuring DNS servers, 321–324
DNS Security Extensions, 340
DNS servers, 324–327
domains, 312
dynamic DNS, 338–339
forward lookup zones, 330–331
hierarchical name space, 309–314
how it works, 308–309
IPv6 and, 439
LAN problems, 749
for load balancing, 408–409
name resolution, 318–324
name servers, 314–318
overview of, 308
placing DNS servers, 335–338
record types, 327–330
in TCP/IP networks, 303
troubleshooting DNS, 340–343
troubleshooting remote connectivity, 492–493
DNS forwarding, 336–337
DNS helpers, 493
DNS resolver cache, 319, 321–322
DNS Security Extensions (DNSSEC), 340, 657
DNS servers
configuring, 321–324
DNS Security Extensions, 340
dynamic DNS, 338–339
external, 338
how DNS works, 308–309
intranets, 312
name servers, 314–318
overview of, 324–327
placing, 335–337
primary and secondary zones, 330–331
private vs. public, 337–338
spoofing attacks, 657
troubleshooting, 340–343
verifying settings, 321
DNS suffix, 338
DNSSEC (DNS Security Extensions), 340, 657
DOCIS (Data-Over-Cable Service Interface Specification), 228, 479
documentation
in building network, 602–603
of change, 632
in computer forensics, 646–647
in troubleshooting process, 742–744
domain controllers
authentication and, 373
managing AD databases, 385
Windows OSs, 334
domain information groper (dig), 343, 731
domains, DNS, 312
domains, Windows, 373–374
doors
access control measures, 676–677
safety measures, 677
DORA (Discover, Offer, Request, and Acknowledgement), 203–204
DoS (denial of service) attacks
deauthentication (deauth), 663
distributed denial of service, 662–663
IIS protection against, 283
overview of, 661–662
packets, 663
traffic floods, 685
dotted decimal notation (dotted octet numbering system)
converting to binary, 183–184, 195–196
determining number of hosts in network, 189–190
IP address notation, 22, 173–174, 425
double-tagging attacks, 403
drivers. See device drivers
Dropbox, 569
DS0 (digital signal rate), 456–457, 475
DS1 (digital signal 1), 458–459
DSA (Digital Signature Algorithm), 377
DSCP (differentiated services code point), 616
DSL Access Multiplexer (DSLAM), 476
DSL (digital subscriber line)
asymmetric, 476
installing, 476–478
modems, 477
overview of, 475–476
remote access connections, 485–487
symmetric, 475
DSLAM (DSL Access Multiplexer), 476
DSSS (direct-sequence spread-spectrum), 505
DTLS (DatagramTLS) VPNs, 395
dual stack, IPv4 and IPv6, 443
dumpster diving, 670
duplex fiber-optic cabling, 60–61
duplication of problem, in troubleshooting, 738
DWDM (dense wavelength division multiplexing), 462, 468
Dynamic ARP Inspection (DAI), 659–661
dynamic DNS (DDNS), 338–339
dynamic IP addressing. See DHCP (Dynamic Host Configuration Protocol)
dynamic multipoint VPN (DMVPN), 395–396
dynamic NAT (DNAT), 233–234
dynamic port numbers (private port numbers), 270–271
dynamic routing, 242–244
comparing dynamic routing protocols, 246
configuring dynamic routing protocol, 257
distance vector protocols, 237–241
EIGRP (Enhanced Interior Gateway Routing Protocol), 246
IS-IS (Intermediate State to Intermediate State), 245–246
link state protocols, 244
OSPF (Open Shortest Path First), 244–245
overview of, 234–235
RIPv1 and RIPv2, 241–242
dynamic VLANs, 401
E
e-mail (electronic mail)
clients, 295
hijacked accounts, 686
overview of, 290–291
servers, 293–294
SMTP, POP3, and IMAP4 protocols, 291–293
spoofing attacks, 656
E1/E3, European carrier for digital transmission, 460
EAP (Extensible Authentication Protocol)
types in common use, 514–516
for wireless authentication, 512–513
echo request/echo reply, ICMP, 267
echo, testing for electrical noise, 723
ECN (explicit congestion notification), 616
edge devices, in network security, 681–682
EDGE (Enhanced Data rates for GSM Evolution), 582–583
edge routers, 243
EDNS (extension mechanisms for DNS), 340
effective permissions, user accounts, 679–680
EGP (Exterior Gateway Protocol), 243
EIGRP (Enhanced Interior Gateway Routing Protocol), 246
electrical safety, 648–649
electromagnetic interference. See EMI (electromagnetic interference)
electronic discovery, use of forensics reports, 648
electrostatic discharge (ESD), 648–649
emergency alert system, 652
emergency exits, 652
emergency procedures, 652
EMI (electromagnetic interference)
coaxial cable shielded from, 51–52
hands-on problems, 746
STP cable and, 55
troubleshooting copper cable, 141
troubleshooting remote connectivity, 493–494
UTP limitations, 94
emulation, virtualization compared with, 555–556
encapsulation/de-encapsulation
encapsulation of data by frames, 12–13
IP packets, 170
OSI (Open Systems Interconnection), 33
TCP/IP model, 40
encryption
applications for, 32
asymmetric-key encryption, 355–357
combining authentication with, 379
configuring WAPs, 533, 535–536
defined, 350
encryption using OSI model, 357
hardening IoT devices, 594
hashes used in, 360
IPSec, 380–381
NFC (near field communication), 589
securing wireless networking, 516–518
SSH, 376–378
SSH and, 287
substitution ciphers, 351–352
symmetric-key encryption, 353–355
tunneling, 378–379
unencrypted channels as vulnerability, 673–674
WPA2, 518
XOR (eXclusive OR) encryption, 352–353
end-to-end connectivity, 756
endpoints
open ports (listening ports), 275
PPTP, 392
TCP/IP, 271–272
VPN, 390–391
Enhanced Data rates for GSM Evolution (EDGE), 582–583
Enhanced Interior Gateway Routing Protocol (EIGRP), 246
enhanced small form factor pluggable (SFP+), 10GbE connections, 103
enterprise wireless
administering, 519–520
overview of, 518
PoE (Power over Ethernet), 521
robust devices, 518–519
VLAN pooling, 520
environment
considerations in building network, 601
controlling, 651–652
environmental monitors, 157
ephemeral port numbers, 270–271
equipment racks
diagrams, 605
installation and maintenance, 649–651
monitoring systems, 157
mounting, 650–651
power backup for, 157
in telecommunications rooms, 116–118
equipment room, network design, 605
error rate, interface monitors, 709
escalation, in troubleshooting
determining when to escalate, 754–756
as necessary, 742
overview of, 741
ESD (electrostatic discharge), 648–649
ESS (Extended Service Set), 503
ESSID (Extended Service Set Identifier), 504–505, 539
ESX/ESXi hypervisors, 561, 563
Ethernet
100-megabit, 91–92
1000BaseSX and 1000BaseLX, 97
100BaseFX, 94–96
100BaseT, 92–94
10BaseFL, 78–79
10BbE, 100–103
40GbE and 100 GbE standards, 106
backbone networks, 104–105
bus Ethernet, 73
connecting segments, 84
connectors, 99
crossover cables, 85
CSMA/CD and, 79–81
enhancing/extending Ethernet networks, 81–82
fiber transceivers, 104
frames, 71–73
Gigabit Ethernet, 96–97
hub issues, 82
IEEE 802.1Q switch standard, 400
IEEE 802.3 standards, 70
implementing Gigabit Ethernet, 99–100
IP addresses in LANs, 170–172
LAN problems, 750–751
overview of, 69–70
routing interfaces, 227
SFF fiber connectors, 98
STP (spanning tree protocol), 85–87
switch issues, 87
switches, 82–84
TIA/EIA 568A and 568B, 76–77
troubleshooting interface errors in remote connectivity, 492
uplink ports, 84–85
UTP use with 10BaseT, 74–76
WAN connectivity, 468
EUI-48 (Extended Unique Identifier-48), MAC addresses, 11
EUI-64 (Extended Unique Identifier-64 bit), MAC addresses, 427
event management, SNMP, 703
evidence, forensic, 647–648
evil twin, rogue access points, 546–547
Evolved High-Speed Packet Access (HSPA+), 582–583
Exchange Server, e-mail, 294
eXclusive OR (XOR) encryption, 352–353
Exim server, e-mail, 293
exit plans, 652
explicit congestion notification (ECN), 616
Extended Service Set (ESS), 503
Extended Service Set Identifier (ESSID), 504–505, 539
Extended Unique Identifier-48 (EUI-48), MAC addresses, 11
Extended Unique Identifier-64 bit (EUI-64), MAC addresses, 427
Extensible Authentication Protocol (EAP)
types in common use, 514–516
for wireless authentication, 512–513
Extensible Markup Language (XML), 280
extensible protocols, SNMP as, 701
extension mechanisms for DNS (EDNS), 340
Exterior Gateway Protocol (EGP), 243
external connections, in building networks, 610–611
external firewalls, 693
F
F connectors
cable modems, 479
fail closed/fail open, door safety measures, 652, 677
failover, high availability and, 635
fair access policy, security policies, 754
far-end crosstalk (FEXT), troubleshooting copper cable, 143–144
Fast Ethernet, 96
fault tolerance
benefits of star topology, 48
hardware, 664
redundancy and, 636
FC (Fibre Channel), 565
FCoE (Fibre Channel over Ethernet), 565
FCS (frame check sequence)
in Ethernet frame, 71–73
frame movement, 17
overview of, 16
structure of frames and, 14
FDM (frequency division multiplexing), 453
feature changes/updates, 633
FEC (Forwarding Equivalence Class), Multiprotocol Label Switching, 465–466
FEXT (far-end crosstalk), troubleshooting copper cable, 143–144
FHSS (frequency-hopping spread-spectrum), 505
fiber-optic cable
100BaseFX Ethernet, 94–96
10BaseFL Ethernet, 78–79
10BbE Ethernet, 100–101
characteristics of fiber transceivers, 104
connectors, 61–62
duplex fiber-optic cabling, 60–61
Gigabit Ethernet, 70
NICs (network interface cards), 149
optical connection tester, 153
overview of, 60
signal loss/degradation, 146
signal mismatch, 146
single-mode and multimode, 61
troubleshooting, 145
troubleshooting tools, 147–148
fiber-optic carriers
OC (Optical Carrier), 461
overview of, 460–461
SONET (U.S.) and SDH (Europe), 461–462
WDM (wave division multiplexing), 462
fiber-to-the-home technologies, 480
fiber transceivers, 104
Fibre Channel (FC), 565
Fibre Channel over Ethernet (FCoE), 565
file hashing, 357
file integrity monitoring (FIM), 717
file servers, NAS as alternative to, 605
File Transfer Protocol. See FTP (File Transfer Protocol)
FileZilla, FTP servers, 296–297
filtering
firewall rules for, 693
MAC address filtering, 511–512, 533–534
FIM (file integrity monitoring), 717
FIN, TCP three-way handshake, 265
fire escape plans, 652
fire ratings, cabling, 64
fire suppression system, 651
Firefox browser (Mozilla), 298
firewalls
access control lists, 692–693
defined, 268
external and internal, 693–694
honeypots and honeynets, 694–695
implementation and configuration, 691–692
intrusion detection and intrusion protection, 412
techniques and features, 690–691
troubleshooting, 695
types, 690
virtual firewalls, 568
firmware updates, 633
floor plan, for network installation, 129
flow cache, NetFlow, 707
forensics. See computer forensics
forward lookup zones, DNS, 325–326, 330–331
forward proxy servers, 416
Forwarding Equivalence Class (FEC), Multiprotocol Label Switching, 465–466
four-post racks, 118
FQDN (fully qualified domain name)
defined, 313
DNS hierarchy and, 317
in DNS resolver cache, 323
load balancing and, 408
reverse lookup zones and, 331
fractional T1 access, 460
frame check sequence. See FCS (frame check sequence)
frames
data structures corresponding to TCP/IP layers, 41
Ethernet, 71–73
Link layer, 35
in OSI model, 12–14
packets in, 24–27
send/receive (movement), 16–19
FreeRADIUS, 373
frequencies
configuring access points, 537
wireless networking, 505
frequency analysis, cracking Caesar ciphers, 351
frequency division multiplexing (FDM), 453
frequency-hopping spread-spectrum (FHSS), 505
frequency mismatch, troubleshooting wireless networks, 540
frequency ratings, UTP cable, 57
FTP (File Transfer Protocol)
active and passive, 298–299
clients, 298
overview of, 295–296
reviewing Internet applications, 300
servers, 296–297
full backups, 643
fully meshed topology, 50
G
gain, measuring RF output, 528
gateways (gateway routers), NAT setup, 229
gateways, UC gateways, 613
GBIC (gigabit interface converters), 99, 146
GCFA (GIAC Certified Forensic Analyst), 645
Generic Routing Encapsulation (GRE), 396
geofencing, 593
Get requests, SNMP manager, 702–703
GIAC Certified Forensic Analyst (GCFA), 645
GIAC (Global Information Assurance Certification), 645
Gigabit Ethernet
1000BaseSX and 1000BaseLX, 97
connectors, 98–99
implementing, 99–100
overview of, 96–97
standards, 70
gigabit interface converters (GBIC), 99, 146
Global System for Mobile Communications (GSM), 581–582
global unicast addresses, IPv6, 430–431
Gmail, 292
cloud services (Google Drive), 569
Google Web Server (GWS), 283
Web services, 292
GPS, geofencing and, 593
graphical user interfaces (GUIs), 283–284
graphs. See diagrams
GRE (Generic Routing Encapsulation), 396
Greenfield mode, WAPs, 509
ground loops, in electrical safety, 648
groups
dangers of default accounts, 681
IGMP groups, 269
permissions, 679–680
Windows OSs, 332–334
GSM (Global System for Mobile Communications), 581–582
guest networks, network security and, 684–685
guests
managing guest accounts, 665
virtualization, 551
GUIs (graphical user interfaces), 283–284
GWS (Google Web Server), 283
H
H.320, VTC over ISDN, 616
H.323
UC protocols, 614–615
VoIP standards, 490
HA (high availability), 635–636
hands-on problems, 745–748
hard drives
dynamically sizing virtual drive, 558
pools on SANs, 565
hardening IoT devices, 594
hardening network
controlling user accounts, 679–681
device hardening, 685
edge devices, 681–682
guest and quarantine networks, 684–685
host security, 686
malware prevention, 686–689
monitoring, 678
network security, 679
overview of, 675
persistent and non-persistent agents, 683–684
physical security, 675
posture assessment, 682–683
prevention and control, 675–678
switch port protection, 661
hardware
benefits of virtualization, 559
configuring virtual hardware, 554
edge devices, 682
fault tolerance, 664
firewall appliance, 690
firewalls, 690
hands-on problems, 746
OSI layers 1 & 2, 6–8
wireless networking, 499–501
hardware troubleshooting tools
cable strippers/snips, 725
cable testers, TDRs, and OTDRs, 722–724
certifiers, 724
light meters, 724–725
multimeters, 725–726
overview of, 722
punchdown tools, 726
tone probes/tone generators, 726
voltage quality recorder and temperature monitor, 725
hashes
digital signatures, 361
examples of, 358–359
exercise using SHA-512, 359–360
integrity and, 357–358
use in encryption and authentication, 360
header, frame structure, 14
Health Insurance Portability and Accountability Act (HIPAA), 630
heat/cooling, factors in choosing location of telecommunications room, 131
heat maps, in site survey, 522
heating, ventilation, and air conditioning (HVAC), 651
Hello packets, OSPF, 244
Heroku, example of PaaS, 572–573
hexadecimal numbering system, 10, 425
hextet, IPv6 notation, 425
HIDS (host-based IDS), 413–414
high availability (HA), 635–636
high-throughput mode, WAPs, 509
HIPAA (Health Insurance Portability and Accountability Act), 630
HIPS (host-based intrusion protection system), 415
HMI (human machine interface), 619–620
home automation, 591
honeynets, 694–695
honeypots, 694–695
hops/hop counts
metrics, 236
RIPv1, 241
routers and, 235
horizontal cabling
choosing, 115–116
overview of, 114–116
solid core vs. stranded, 115
structured cabling components, 113
host-based anti-malware, 689
host-based firewalls
intrusion detection/intrusion protection, 412
overview of, 690
host-based intrusion protection system (HIPS), 415
host file
editing, 307
flat name space in, 309
overview of, 306–308
host names, DNS, 312
host security
anti-malware programs, 688–689
malware prevention, 686–688
host-to-site connection, VPNs, 393–394
host virtualization, 554
hot sites, business continuity plans, 645
Hot Standby Router Protocol (HSRP), 636
hotspots, wireless, 583–584
HSPA+ (Evolved High-Speed Packet Access), 582–583
HSRP (Hot Standby Router Protocol), 636
HTML (Hypertext Markup Language)
publishing Web sites, 281–282
version 5 (HTML5), 280
as Web interface, 279
HTTP (Hypertext Transfer Protocol)
ACK packet, 270–271
Apache HTTP Server, 283
Application layer protocols, 169
content switches, 409–410
overview of, 281
reviewing Internet applications, 300
vulnerabilities in, 283
HTTP proxy server, 417
HTTPS (HTTP Secure)
content switches, 409–410
overview of, 283–285
reviewing Internet applications, 300
securing TCP/IP applications, 382–383
securing Web browsers, 585
using secure protocols, 674
hubs
bus Ethernet and, 73
Ethernet issues, 82
overview of, 14–15
human machine interface (HMI), 619–620
humidity, factors in choosing location of telecommunications room, 131
HVAC (heating, ventilation, and air conditioning), 651
hybrid cloud, 575
hybrid routing protocols, 243
hybrid topology, 48–49
HyperTerminal, 248
Hypertext Markup Language. See HTML (Hypertext Markup Language)
Hypertext Transfer Protocol. See HTTP (Hypertext Transfer Protocol)
hypervisors
administering, 563
choosing, 561–562
overview of, 554–555
virtualization in modern networks, 561
I
IaaS (Infrastructure as a Service), 570–571, 574–575
IACIS (International Association of Computer Investigative Specialists), 645
IANA (Internet Assigned Numbers Authority)
managing IP addresses, 186–187
on port numbers, 270
standardization of dynamic routing protocols, 241
IAS (Internet Authentication Service), 372–373
IB (InfiniBand), 565–566
IBSS (Independent Basic Service Set), 501
ICA (Independent Computing Architecture), 488
ICANN (Internet Corporation for Assigned Names and Numbers), 309, 318
ICMP (Internet Control Message Protocol)
Internet layer protocols, 166–167
overview of, 267–268
ping command, 730
PMTU (Path MTU Discovery), 753
traceroute/tracert, 728
ICS (industrial control system), 617–619
ICS server, 619
IDEA (International Data Encryption Algorithm), 354
IDF (intermediate distribution frame). See also telecommunications room, 116, 607
IDS (intrusion detection system), 412–414
IEEE (Institute of Electrical and Electronic Engineers)
access control/authentication (802.1X), 512, 515–516
broadcast frequencies (802.11), 505
collision avoidance methods (802.11), 506–507
Ethernet (1000BaseT-802.3ab), 96
Ethernet (1000BaseX-802.3z), 96
Ethernet (802.3), 70
Ethernet switches (802.1Q), 400
mobile networking (802.11), 583–586
networking standards (802), 64–65
parallel communication (1284), 63, 65
Power over Ethernet (802.3af), 521
requesting MAC addresses from, 10
RSTP standard (802.1w), 87
summary (802.11), 507
wireless (802.11), 499
wireless (802.11a), 508
wireless (802.11ac), 510
wireless (802.11b), 507
wireless (802.11g), 508–509
wireless (802.11n), 509
IETF (Internet Engineering Task Force)
development of IPv6, 423
dynamic routing protocols, 241
IPSec, 380
ifconfig. See ipconfig/ifconfig
IFG (interframe gap), CSMA/CA and, 506
IGMP groups, 269
IGMP (Internet Group Management Protocol), 268–269
IGMP snooping, 751
IGP (Interior Gateway Protocol), 243–245
IGRP (Interior Gateway Routing Protocol), 246
IIS (Internet Information Services), as Microsoft Web server, 282–283
IMAP (Internet Message Access Protocol)
alternatives to, 291–293
e-mail clients, 295
example of connection-orientation, 36–37
Microsoft Exchange Server, 294
overview of, 291
reviewing Internet applications, 300
impedance
Ohm ratings, 54
testing for impedance mismatch, 723
improper access, 679
IMT-2000 (International Mobile Telecommunications-2000), mobile standard, 582
in-band management, VNC and SSH enabling, 491
inbound traffic, firewalls blocking, 689
incident response, 642
incidents, contingency planning, 641
incremental backups, 643
Independent Basic Service Set (IBSS), 501
Independent Computing Architecture (ICA), 488
industrial control system (ICS), 617–619
InfiniBand (IB), 565–566
infrared communication (IR), 590
Infrastructure as a Service (IaaS), 570–571, 574–575
infrastructure mode, 503–504, 526
inheritance, administering permissions and, 681
initialization vectors (IV), 517
insider threats, 664
installing physical network
bonding NICs, 151
buying NICs, 149
checking link lights, 154–155
connecting NICs, 150–151
connecting patch panels, 138–140
connecting work areas, 135–136
connections inside demarc, 127–129
creating floor plan, 129
demarc (demarcation point), 125–127
diagnosing problems, 154
equipment racks, 116–118
horizontal cabling, 114–116
installing NIC drivers, 151
link lights, 152–153
making cable connections, 135
making patch cables, 136–138
mapping cable runs, 129–130
measuring signal loss, 144–145
NICs, 148–149
overview of, 109–110
patch panels and cable, 118–123
pulling cable, 132–135
review Q&A, 160–162
selecting location for telecommunications room, 131–132
star-bus topology, 111–112
structured cabling and, 110–111, 125
telecommunications room, 113–114, 116
testing cable runs, 140
testing cabling, 155–156
testing NICs, 155
toner use in troubleshooting, 158–160
troubleshooting copper-related issues, 140–144
troubleshooting fiber-related issues, 145–148
troubleshooting telecommunications rooms, 156–158
work area, 123–125
Institute of Electrical and Electronic Engineers. See IEEE (Institute of Electrical and Electronic Engineers)
insulating jacket, fiber-optic cable, 60
Integrated Services Digital Network (ISDN), 473–475, 616
integrity of data, 350, 357–360
Interexchange Carriers (IXC), 469
interface monitors, 708–711
interfaces
adding to routers, 228
APIs (application programming interfaces), 33
DCS (distributed control system), 618
monitoring, 708–711
network interface cards. See NICs (network interface cards)
NIU (network interface unit), 125–127, 470, 476
routing interfaces, 227
interference. See also EMI (electromagnetic interference); RFI (radio frequency interference)
addressing physical issues in wireless networks, 544–545
hands-on problems, 746
site survey indicating sources of, 524
troubleshooting remote connectivity, 493–494
interframe gap (IFG), CSMA/CA and, 506
Interior Gateway Protocol (IGP), 243–245
Interior Gateway Routing Protocol (IGRP), 246
intermediate distribution frame (IDF). See also telecommunications room, 116, 607
Intermediate State to Intermediate State (IS-IS), 245–246
internal connections, building networks, 607–610
internal firewalls, 694
International Association of Computer Investigative Specialists (IACIS), 645
International Data Encryption Algorithm (IDEA), 354
International Mobile Telecommunications-2000 (IMT-2000), mobile standard, 582
International Organization for Standardization (ISO), 57
International Society of Forensic Computer Examiners (ISFCE), 645
International Telecommunications Union (ITU), 473, 582
International Telegraph and Telephone Consultative Committee (CCITT), 472–473
Internet
DDNS (dynamic DNS) and, 340
decentralization of, 242
World Wide Web and, 279
Internet Assigned Numbers Authority. See IANA (Internet Assigned Numbers Authority)
Internet Authentication Service (IAS), 372–373
Internet Control Message Protocol. See ICMP (Internet Control Message Protocol)
Internet Corporation for Assigned Names and Numbers (ICANN), 309, 318
Internet DNS, 335–336
Internet Group Management Protocol (IGMP), 268–269
Internet Information Services (IIS), as Microsoft Web server, 282–283
Internet layer, TCP/IP
data structures, 41
overview of, 35
protocols, 166–167
Internet Message Access Protocol. See IMAP (Internet Message Access Protocol)
Internet of Things (IoT)
DDoS attacks, 666
hardening IoT devices, 594
Internet Protocol Security (IPSec), 380–381, 396
Internet service providers. See ISPs (Internet service providers)
Internet Small Computer System Interface (iSCSI), 565
Internet Society (ISOC), 241
Intra-Site Automatic Tunnel Addressing Protocol (ISATAP), 442
intranets, DNS servers and, 312
intrusion detection system (IDS), 412–414
intrusion protection system (IPS), 414–415
inventory management, 603
IOS, Cisco operating system, 249–250
iOS smartphones, 585
IoT (Internet of Things)
DDoS attacks, 666
hardening IoT devices, 594
ip a, displaying MAC and IP addresses, 11–12, 176, 178
IP Address Management (IPAM), 340
IP addresses, 173–174
32-bit in IPv4, 172–173
applying, 176–178
assignments, 197
class IDs, 186–187
configuring routers, 255–256
depletion of IPv4 addresses, 228–229
diagnosing TCP/IP networks, 345
DNS name resolution and, 318–320
documentation, 603
dynamic IP addressing, 201–202
generating, 209–210
hands-on problems, 746
IPv4 vs. IPv6 address space, 423–424
LAN problems, 748–749
multicast addresses, 268–269
overview of, 22–24
PAT and, 231
replacing 32-bit addresses with 128-bit addresses, 245
setting up network addressing scheme, 610
special IP addresses, 212–213
spoofing attacks, 656
static IP addressing, 198–201
subnet masks, 181–186
in TCP/IP networks, 23
uniqueness of, 174
utility for displaying, 174–176
IP cameras, for security monitoring, 678
IP filtering, firewall rules for, 693
IP helper, 406
IP (Internet Protocol), in TCP/IP suite, 22, 166–167
IP packets
data structures corresponding to TCP/IP layers, 41
encapsulation/de-encapsulation, 170
frames and, 24–26
Internet layer and, 35
TCP segments, 37–38
IP/SIP, for VTC, 616
IPAM (IP Address Management), 340
ipconfig/ifconfig
checking if IPv6 is working, 437, 439
configuring DNS, 321–324
displaying MAC and IP addresses, 176–177
forcing DNS server to update records, 339
software troubleshooting tools, 728–729
troubleshooting DNS, 340–341
viewing MAC addresses, 11–12
IPS (intrusion protection system), 414–415
IPSec (Internet Protocol Security), 380–381, 396
IPv4
address notation, 424–425
configuring DNS in Windows, 320
depletion of IPv4 addresses, 228–229
dual stack with IPv6, 443
history of, 423
Internet layer protocols, 166–167
running IPv4 and IPv6, 440–441
IPv4 to IPv6 tunneling standards
4to6 tunneling, 441
6in4 tunneling, 442
ISATAP, 442
NAT traversal, 442
overlay tunnels, 443
overview of, 441
tunnel brokers, 443
IPv6, 435–436
address notation, 424–426
aggregation, 433–435
anycast addresses, 429–430
DNS and, 439
global unicast addresses, 430–431
Internet layer protocols, 166–167
IPSec, 380–381
link-local addresses, 426–427
moving to IPv6, 441–443
multicast addresses, 428–429
NDP, 436–437
no-default routers and, 431–433
OSPF support, 245
overview of, 423–424
prefix lengths, 427
review Q&A, 444–446
running IPv4 and IPv6, 440–441
verifying it is working, 437, 438
IR blasters, 590
IR (infrared communication), 590
IS-IS (Intermediate State to Intermediate State), 245–246
ISATAP (Intra-Site Automatic Tunnel Addressing Protocol), 442
iSCSI (Internet Small Computer System Interface), 565
ISDN (Integrated Services Digital Network), 473–475, 616
ISFCE (International Society of Forensic Computer Examiners), 645
ISO (International Organization for Standardization), 57
ISOC (Internet Society), 241
ISPs (Internet service providers)
configuring routers, 255–256
DNS helpers, 493
IS-IS, 246
NIU (network interface unit), 125–127
WAN problems, 752–753
Web servers provided by, 281–282
ITU (International Telecommunications Union), 473, 582
IV (initialization vectors), 517
IXC (Interexchange Carriers), 469
J
JavaScript, 281
jumbo frames, 565
K
Kali Linux, 641
KDC (Key Distribution Center), 374–375
Keks, Anton, 734
Kerberos, 373–375
Kernel-based Virtual Machine (KVM), 562
Key Distribution Center (KDC), 374–375
key fobs, RFID chips in, 676–677
key pads, door access control measures, 677
key pairs, in asymmetric-key encryption, 356
keyboards, Bluetooth and, 586
KVM (Kernel-based Virtual Machine), 562
L
L2F (Layer 2 Forwarding), 394
L2TP (Layer 2 Tunneling Protocol), 394–395
Label Distribution Protocol (LDP), 465
label edge router (LER), 465–466
label switching router (LSR), 465–466
LACNIC (Latin American and Caribbean Internet Addresses Registry), 436
LACP (Link Aggregation Protocol), 412, 750–751
LANs (local area networks)
configuring routers, 256
fiber-based 10 GbE and, 100–101
interconnecting LANs using routers, 179–181
IP addresses in, 170–172
NAT setup, 229
network IDs, 178–179
problems, 748–751
remote access, 481
routing table example, 221–223
troubleshooting interface errors in remote connectivity, 492
laptops
Bluetooth and, 586
installing wireless client, 524–525
last mile
connection from central office to end users, 454
digital telephony, 468
latency, troubleshooting copper cable, 144
Latin American and Caribbean Internet Addresses Registry (LACNIC), 436
laws, policies imposed by government laws and regulations, 629–630
Layer 2 Forwarding (L2F), 394
Layer 2 Tunneling Protocol (L2TP), 394–395
Layer 3 switches, 219
layers, OSI model
Layer 1 (Physical layer), OSI model, 7–10
Layer 2 (Data Link layer), OSI model, 19–20, 228
Layer 3 (Network layer), OSI model, 22–24
Layer 4 (Transport layer), OSI model, 27–28
Layer 5 (Session layer), OSI model, 28–31
Layer 6 (Presentation layer), OSI model, 31–32
Layer 7 (Application layer), OSI model, 32–33
LC connectors
in 1000BaseSX and 1000BaseLX, 97
for fiber optic cable, 61–62
SFF (small form factor) connectors, 98
LDAP (Lightweight Directory Access Protocol), 385
LDP (Label Distribution Protocol), 465
LEC (Local Exchange Carrier), 469
LEDs (light-emitting diodes), 152–153, 746
legacy mode, WAPs, 509
legacy systems
isolating, 606
vulnerabilities of, 673
legal holds, use of forensics reports, 648
LER (label edge router), 465–466
licensing restrictions, 603, 630
light-emitting diodes (LEDs), 152–153, 746
light leakage, troubleshooting fiber-optic cable, 146
light meters, hardware troubleshooting tools, 724–725
lights-out-management (LOM), 491
Lightweight Access Point Protocol (LWAPP), 520
Lightweight Directory Access Protocol (LDAP), 385
link aggregation
LAN problems, 750–751
NICs (network interface cards), 151
port bonding, 411–412
Link Aggregation Protocol (LACP), 412, 750–751
Link layer (Network Interface layer), TCP/IP, 34–35, 41
link lights
checking NIC status, 152–153
diagnosing problems, 154–155
troubleshooting with, 746
link-local addresses, IPv6, 426–427
link state advertisement (LSA) packets, 244
link state protocols
comparing dynamic routing protocols, 246
IS-IS, 245–246
OSPF, 244–245
overview of, 244
link state, wireless networking software, 501
Linux/UNIX OSs
administrative access attacks, 666
Apache HTTP Server, 283
configuring DNS, 320–321
dig (domain information groper), 343
displaying MAC and IP addresses, 174–178
e-mail servers, 293
forward and reverse lookup zones, 331
FreeRADIUS, 373
FTP servers, 296
hashing exercise using SHA-512, 360
installing NIC drivers, 151
Net Activity Viewer, 275
netstat utility for viewing endpoints, 272–274
performance monitors, 711
static IP addressing, 199
telnetd server, 288
troubleshooting no DHCP server message, 211
troubleshooting routers, 258–259
LLC (Logical Link Control), 19–20
load balancing
content switches as alternative to, 409–410
DNS for, 408–409
fault tolerance, 636
overview of, 407–408
QoS (quality of service) and traffic shaping, 410–411
local area networks. See LANs (local area networks)
local attacks (physical), 664–666
local authentication, 365
local DNS, 335–336
Local Exchange Carrier (LEC), 469
local exchanges, in telephone systems, 451–453
location services, locating lost/disabled mobile devices, 593–594
locks
physical intrusion, 669–670
prevention and control measures in hardening, 675
logic bombs, 668
logical addressing
IP addresses, 22
in large networks, 21
routers, 22–23
Logical Link Control (LLC), 19–20
logical topology, 49
logs
managing, 712
in performance monitoring, 711
LOM (lights-out-management), 491
long distance phone calls, 449–450
Long Term Evolution (LTE), 583
looking glass sites, software troubleshooting tools, 735
loopback adapters, in certifiers, 724
loopback address, special IP addresses, 212
loopback plug, 155–156
loopback test, checking NIC status, 155
LSA (link state advertisement) packets, 244
LSR (label switching router), 465–466
LTE (Long Term Evolution), 583
LWAPP (Lightweight Access Point Protocol), 520
Lyon, Gordon, 638
M
MAC address filtering, 511–512, 533–534
MAC addresses, 10–14
determining from IP address, 171–172, 184
dynamic VLANs, 401
Ethernet frames, 72
EUI-48, 11
EUI-64, 427
frame movement, 17–19
frames and, 13–14
hexadecimal numbering system and, 10
hubs and switches and, 14–15, 82–84
LAN problems, 748
limits of physical addresses, 21
malicious users and, 665
NICs and, 9–10
reservations, 206–208
in TCP/IP networks, 23
utility for displaying, 174–176
viewing on various OSs, 11–12
MAC (mandatory access control), 367
MAC (Media Access Control), 19–20
MAC reservations, DHCP, 206–208
macOS
administrative access attacks, 666
dial-up on, 485
displaying MAC and IP addresses, 174–178
hashing exercise using SHA-512, 360
installing NIC drivers, 151
performance monitors, 711
static IP addressing, 199
telnet server, 288–289
troubleshooting DHCP server, 210–211
troubleshooting routers, 258
viewing endpoints, 272–274
VPN on, 394
macros, types of malware, 667
Mail eXchanger (MX) records, DNS, 329
mailboxes, e-mail servers, 294
main distribution frame (MDF), 128–129, 611
malformed packets, 658
malicious users, 665–666
malware
anti-malware definition files, 413
anti-malware programs, 688–689
assessing security posture, 683
dealing with, 688
overview of, 667
preventing, 686–689
training end users in recognizing, 634
types, 667–668
man-in-the-middle attacks, 663–664
managed devices. See also VLANs (virtual LANs)
exploring managed switch capabilities, 419
managed switches, 396–398
port mirroring in managed switches, 415
routers and switches as, 248
in SNMP system, 700–701
managed networks, SNMP, 700
managed security service provider (MSSP), 717
Management Information Base (MIB), 384, 700–701
mantraps, preventing tailgaiting, 676
master (primary) DNS server, 315
material safety data sheet (MSDS), 651
maximum transmission unit (MTU), 237, 752–753
MBSA (Microsoft Baseline Security Analyzer), 638
MD5 (Message-Digest Algorithm version 5), 358–359
MDF (main distribution frame), 128–129, 611
mean time between failure (MTBF), 644
mean time to failure (MTTF), 644
mean time to recover (MTTR), 644
Media Gateway Control Protocol (MGCP), 614–615
medianets, VTC, 615–617
memorandum of understanding (MOU), 637
Message-Digest Algorithm version 5 (MD5), 358–359
messaging, UC features, 612
MetaFrame terminal emulation, 488
Metasploit, penetration testing, 641
metrics
interface monitors, 708
OSPF, 244
MGCP (Media Gateway Control Protocol), 614–615
MHTechEd (Mike’s High-Tech Educational Supply Store and Post Office), 5–6
MIB (Management Information Base), 384, 700–701
micro (µ), in measurement of fiber-optic cable, 60
Microsoft Baseline Security Analyzer (MBSA), 638
Microsoft Exchange Server, e-mail servers, 294
Mike's High-Tech Educational Supply Store and Post Office (MHTechEd), 5–6
MIMO (multiple in/multiple out)
multiple antenna use with WAPs, 509
Multiuser MIMO, 510
troubleshooting wireless networks, 542
Miredo, NAT traversal, 442
mirrored ports, packet sniffers, 704
mixed mode, WAPs, 509
MLS (multilayer switches)
content switches, 409–410
DNS for load balancing, 408–409
interVLAN routing, 404
load balancing, 407–408
port bonding, 411–412
QoS and traffic shaping, 410–411
MMS (multimedia messaging system), 582
mobile devices
on-boarding and off-boarding, 592
deployment models, 591–592
geofencing, 593
hardening, 594
installing wireless client, 524–525
locating lost/disabled, 593–594
vulnerabilities on, 588
mobile networking
ANT+, 590–591
Bluetooth, 586–588
on-boarding and off-boarding mobile devices, 592
CDMA, 582
cellular WAN, 580–581
deployment models, 591–592
geofencing, 593
GSM, 581–582
hardening IoT devices, 594
HSPA+, 582–583
IR (infrared communication), 590
locating lost/disabled devices, 593–594
LTE, 583
NFC, 588–589
overview of, 579
review Q&A, 595–597
RFID, 589–590
standard (802.11), 583–586
technologies, 580
Z-wave and Zigbee, 591
modal distortion, fiber-optic cable, 61
models. See network models
modem (modulator-demodulator)
connecting PCs over phone lines, 470
converting analog to digital, 456
data speeds (bit rates and baud rate), 471–472
dial-up, 482
DSL modems, 477
remote access connections, 485–487
satellite modem, 480
troubleshooting interface errors in remote connectivity, 492
V standards, 472–473
modulation techniques, 451
monitoring
networks. See network monitoring
physical surveillance, 678
power use, 157–158
motherboards, 149
MOU (memorandum of understanding), 637
mounting brackets, for cable, 133
Mozilla Firefox, 416
Mozilla Thunderbird, 295
MPLS (Multiprotocol Label Switching), 464–467
MSAs (multisource agreements), 103, 637
MSDS (material safety data sheet), 651
MSSP (managed security service provider), 717
MTBF (mean time between failure), 644
MTTF (mean time to failure), 644
MTTR (mean time to recover), 644
MTU black hole, 753
MTU (maximum transmission unit), 237, 752–753
MU-MIMO (Multiuser MIMO), 510
multicast addresses, 268–269, 428–429
multicast, unicast compared with, 614
multifactor authentication, 366, 677
multilayer switches. See MLS (multilayer switches)
multimedia messaging system (MMS), 582
multipath antennas, 544
multiple in/multiple out. See MIMO (multiple in/multiple out)
multiplexers/demultiplexers
customer-premises equipment, 128
DSL Access Multiplexer, 476
frequency division multiplexing, 453
in telephone systems, 451–453
time division multiplexing, 458
wave division multiplexing, 462
Multiprotocol Label Switching (MPLS), 464–467
multisource agreements (MSAs), 103, 637
MX (Mail eXchanger) records, DNS, 329