Uploaded by Naitik Jain

Networks

advertisement
Topic 3—Networks (9 hours)
Past paper questions :
3.1 Networks (9 hours)
Assessment
statement
Obj
Teacher’s notes
Explanations
Identify different
types of networks.
2
Examples include local
area network (LAN),
virtual local area
network (VLAN), wide
area network (WAN),
storage area network
(SAN), wireless local
area network (WLAN),
internet, extranet,
virtual private network
(VPN), personal area
network (PAN),
peer-to-peer (P2P).
S/E​,​ INT​ Globalization
has been accelerated
by the technical
advances linked to
network development.
LAN ​= a network inside one organization or one building
traditionally made of wires and hubs connecting ​servers ​and ​clients. ​Typically
in a business, connecting employee's PCs to the company's servers.
Network
fundamentals
3.1.1
WAN ​= a network that spans many computers in widely separate locations,
e.g. separate cities for example, linking bank offices and ATMs. WANS usually
include connections that are public, e.g. not owned by the company - like the
public telephone lines
VLAN ​= it seems to be a LAN, and is all controlled by one organization.
Commonly PART of a LAN, isolated with no connection to other parts of the
actual physical LAN. Makes sense for security purposes, isolating sensitive
resources.
WLAN ​- also called WIFI - a WIRELESS LAN, using mostly radio connections
to "access point" hubs, with wires connecting the hubs to the servers. Rarely
provides direct wireless connections between clients and servers, as cables
(wires) are much faster.
SAN - ​a network containing large amounts of storage (HDD). Usually
virtualized​ so users don't need to worry about the actual machines containing
the storage devices - commonly "data centers"
VPN - ​Virtual Private Network - provides secure, private connections between
clients and servers, running across public connections like phone line typically running across the Internet
Security issues (encryption) are very important here.
PAN - ​Personal Area Network - used to connect devices belonging to one
user, or maybe a family. Typically running through wireless router in a home.
P2P - ​Peer to Peer - communicates between "equal" clients, without using
servers. Commonly used in the Internet to exchange files directly between
client PCs.
Video links: ​https://www.belden.com/blog/smart-building/network-types
:​https://www.youtube.com/watch?v=fCxfp1iUbqw
3.1.2
Outline the
importance of
standards in the
construction of
networks.
2
INT​ Standards enable
compatibility through a
common “language”
internationally.
ASCII - ​Before networks (1950's and 1960's) computers were all non-standard,
custom built devices. They used "custom" storage methods, including
non-standard character-code systems. Once there were enough computers
containing enough data to make communication and data exchange useful,
standard storage systems were needed. Then ASCII was invented in the early
1960's, making it possible to exchange data and information easily. Original
ASCII was 7-bits plus a parity bit (128 codes). Later this expanded to 8-bits
(without a parity bit) to provide 256 codes.
UNICODE - ​Much later (1990s) this was expanded to UNICODE, because
ASCII did not include codes for "foreign" languages like Chinese, Russian,
Persian, etc. UNICODE is 16-bits, providing codes for 65536 different
characters.
Ethernet - ​a standard for LAN connections. This includes a communication
protocol, as well as a standard type of connection card and standard cables.
Without such standards, we could not ensure that new machines could connect
successfully to an existing network.
https://www.slideshare.net/makyong1/chapter-33-12564245
1. Standards ensure compatiblity
2. Define protocol
3. Roles: data integrity, flow control, deadlock resolution, congestion,
error checking
3.1.3
Describe how
communication
over networks is
broken down into
different layers.
2
Awareness of the OSI
seven layer model is
required, but an
understanding of the
functioning of each
layer is not.
OSI - Open System Interconnection
By establishing STANDARD layers with specific responsibilities, it's possible to
implement communication (networking) with interchangeable modules. For
example, if a new Operating System is created (e.g. Android), it's
responsibilities must be implemented (programmed) inside the OS. But it's not
necessary to also create a new browser (although this might actually be
optimized for the system).
https://www.geeksforgeeks.org/layers-of-osi-model/
https://www.youtube.com/watch?v=LANW3m7UgWs
3.1.4
Identify the
technologies
required to provide
a VPN.
2
3.1.5
Evaluate the use of
a VPN.
3
Client machine, server, connection (probably via Internet), encryption software,
client software (not necessarily a browser),
often a "relay" server (but not necessarily)
S/E​, ​AIM 9​ The use of
a VPN has led to
changes in working
Virtual Private Network -​ VPN provides "the best of both worlds" - ​mobility​ convenience through remote connections
- ​security ​equivalent to that provided in a LAN
patterns.
This permits employees - including important administrators to work from home or during a trip, but still have access to
sensitive and private data stored on the company's servers.
This often uses non-standard, hence secure, communication protocols. A
simple version uses non-standard PORT numbers
for the communication channel. Simple VPNs only make connections between
one client and one server. More complex
versions may provide direct connections between clients, e.g P2P.
Data
transmission
3.1.6
Define the terms:
protocol, data
packet.
1
Protocol = ​a clear and effective ​set of rules​ for communication,
including specific steps for starting a conversation, continuing
the conversation, making decisions about when to continue or
stop, and a specific way for ending the conversation
Data Packet​ = a small collection of data that is part of a larger
communication. For example, a video may be broken into
smaller packets - maybe 16 KiloBytes each - that are "streamed"
one after another out to the client. Notice that in the Internet,
there is no guarantee that packets will arrive in the same order
they were sent, so the recipient must reassemble the packets
in the correct order to make a complete and coherent whole.
Examples of Commonly Used Protocols
TCP/IP = Transmission Control Protocol / Internet Protocol
includes IP addresses, packet-switching strategies,
error correction strategies, handshaking methodologies, etc
HTTP = Hyper Text Transport Protocol
used by clients and servers in the WWW
An HTTP session is a sequence of network request-response transactions. An
HTTP client initiates a request by establishing a​ ​Transmission Control Protocol
(TCP) connection to a particular​ ​port​ on a server (typically port 80; see​ ​List of
TCP and UDP port numbers​). An HTTP server listening on that port waits for a
client's request message. Upon receiving the request, the server sends back a
status line, such as "HTTP/1.1 200 OK", and a message of its own. The body
of this message is typically the requested resource, although an error message
or other information may also be returned. (Wikipedia)
FTP = File Transport Protocol
This was the most common protocol used in the Internet before
the WWW was invented in 1990.
SMTP = Simple Mail Transfer Protocol
used by email servers to send email from one to another
Notice that this is a "​push​" technology - email is SENT to
the recipient, whereas HTTP is a "​pull​" technology - web-pages
are requested before they are sent.
https://www.youtube.com/watch?v=ISrJ5ojvOgA
3.1.7
Explain why
protocols are
necessary.
3
Including data
integrity, flow control,
deadlock, congestion,
error checking.
Integrity - ​means that the data arrives unchanged, reliably.
It is common that electro-magnetic interference or other faults
corrupt​ data during transmission.
Error Checking - ​The data is sent in ​packets​ and each packet contains some
error-checking codes, for example
a ​check-sum​ for the entire packet, which is a complicated
calculation done on all the bytes in the packet. When a packet
arrives, the recipient performs the check-sum algorithm to check
whether the result matches the result that was transmitted. If the
results don't match, the recipient sends an error message back
to the transmitter and asks for a ​retransmission.
Parity Check - ​For smaller transmissions, such as a password in a LAN, we
might use ​parity checks. ​This is a single b
​ it​ that accompanies a ​Byte​, tellings
whether the sum of all the bits is ​even​ or ​odd. ​Again, the recipient checks
whether the received parity bit correctly matches the received Byte - if not it
asks for retransmission
Flow Control - ​If a server is busy, like CNN during an important
news event, then a client might request a web-page and the
web-page does not arrive quickly. Then the client might assume
that the request never arrived, so it sends another request. If lots
of clients are making repeated requests, the server will ​queue-up​ all the
requests, making a longer and longer list of unfinished work.
This can make the server slower and slower, and eventually the
server needs to be shut don't. ​Flow Control​ should prevent such
disasters, by cleverly managing the flow of data and requests. For example,
it's better to immediately send back a "busy" message,
rather than just not sending the requested data. If multiple servers are
available, perhaps in various geographical locations (like Google's servers)
flow control can re-route requests to a less busy server.
Deadlock - ​when two (or more) competing tasks are each preventing each
other from finishing. So the system keeps trying
over and over again to finish one of the tasks, but keeps getting interrupted by
the other. In modern OS's, this seldom happens, but a common example is a
PC that has too many processes running and is unsuccessfully trying to "swap"
some of them to virtual memory. Every swap operating takes time, and this
overhead makes the system unstable - we call this "thrashing". Deadlock
implies that the problem is NEVER going to end.
Congestion - ​similar to deadlock, but only causing a significant slowdown.
This usually refers to the communication channels
(wires and routers) rather than the servers.
How do protocols help?
Protocols are a set of RULES that control how communication happens. For
example, if a client sends a request to a server, the protocol might require an
immediate response - either the requested data or a message saying that the
server is busy and there may be a delay. Even if the data will be sent quickly,
the server might still send an ​acknowledge​ message, saying that it received
the request. Another example is ​handshaking​. When two devices start
communicating, they must agree on the ​transmission speed​ that will be used.
If the speed is set too high, there may be lots and lots of errors, resulting in lots
and lots of retransmissions, meaning the high transmission speed actually
slows down communication. Packet sizes, error-detection protocols and flow
control (choose a different channel or server) all contribute to fewer problems
and overall faster data transfer.
3.1.8
Explain why the
speed of data
transmission
across a network
can vary.
3
3.1.9
Explain why
compression of
data is often
necessary when
transmitting across
a network.
3
Depending on the amount of traffic in the network and the frequency of errors
(due to interference), transmission speed can speed up or slow down. It would
be foolish for a server to transmit data 10 times faster than the client can
actually receive it. Also, the server may have other things to do (many client
connections), so it might choose to send lots of small packets at a high speed,
rather than very large packets at a slower speed.
S/E​, ​INT​ Compression
has enabled
information to be
disseminated more
rapidly.
In the distant past, file sizes were quite small - several kilobytes of text. The
advent of ​multimedia​ (pictures, videos and sound) significantly increased file
sizes. A normal picture is well over 1 MegaByte. And there are lots and lots of
files being transmitted in most networks. Sending all this data in
uncompressed form would saturate (overwhelm) the available bandwidth,
resulting in substantial delays. So ​compression i​ s commonly used to reduce
file sizes and hence reduce the overall amount of data being transmitted. This
is effective as long as the client receiving the data is powerful enough to
decompress the data quickly. If not, then we can use ​lossy compression​,
where some details are simply removed (lost). A typical example is to send a
low-resolution version of a video, say 320x200, rather than an HD (high
resolution) version at 1920x1080. This means 30 times less data is
transmitted, but then a lot details are removed when so many pixels are
removed. Some researchers claim that 50% of Internet traffic is videos. If
these were all uncompressed, nothing would work any more.
3.1.10
Outline the
characteristics of
different
transmission
media.
2
Characteristics
include: speed,
reliability, cost and
security.
Transmission media
include: metal
conductor, fibre optic,
wireless.
Metal cables (copper) ​- CAT 5 cables work reliably up to 100 meters, at
speeds like 100 Megabits per second. Cables can be relatively expensive in a
large building with a long cable to each client, and with substantial installation
costs for drilling holes and making connections. But the cables are highly
reliable and provide relatively good security, since physical access is required
if someone wishes to steal data.
Wireless (WIFI) - ​radio signals like 802.11n, which supports well over 100
Megabits per second. Unfortunately WIFI is subject to substantial interference
from steel in walls and other radio signals. WIFI is generally inexpensive to
install, especially because many devices can share the same "access point"
(hub), without needing a cable for each device. The range is substantially less
than 100 meters (more like 30 m). Reliability is generally good due to
adjustable transmission speeds and good error-detection, but security is poor
since the signal can be received outside the building.
Fibre Optic ​- tiny glass fibres, bundled inside a protective cable wall. The
fibres carry ​light​ signals, rather than electricity. The light signals are
considerably faster than electrical signals, they are not disrupted by
electro-magnetic interference, and the optical fibres are a lot thinner than metal
cables - so one optical fibre cable carries a lot more data (higher ​bandwidth)
than similarly sized copper cable. Hence speed (actually bandwidth) is much
higher. But fibre cables are a lot more expensive than copper, requiring
significantly more sophisticated manufacturing techniques. Also, the fibre must
connect into a special box that converts the optical signals to electronic
signals, and these boxes are also expensive. Besides high bandwidth, one
large attraction of fibre is that it will not attract lightning strikes and will not
"short-out" when wet, making it very popular for use outside of buildings. The
light signals decay slowly, so distances of 50 kilometers or more are possible,
making fibre optic the principal medium for the Internet Backbone. "Hacking"
into a fibre optic signal is considerably more difficult than tapping into a copper
cable, so security is considerably better.
3.1.11
Explain how data is
transmitted by
packet switching.
3
3.1.12
Outline the
advantages and
disadvantages of
wireless networks.
2
3.1.13
Describe the
hardware and
software
2
Here is ​a good explanation at HowStuffWorks
Wireless
networking
S/E​ Wireless networks
have led to changes in
working patterns,
social activities and
raised health issues.
Physical issues are outlined above in 3.1.10.
Wireless is very popular now because it provides high mobility (no need to be
connected to a cable) at low installation costs. A university can outfit the entire
campus with WIFI connections by installing hundreds of access points. A
cabled version would require a huge number of cables, and users would have
difficulty moving around. The combination of high mobility and low cost have
made WIFI the primary network technology for most homes and most public
locations. Cables are still popular in businesses who require a higher level of
security. A combination of the two - providing secure cables for some
purposes and convenient WIFI for other purposes - is very popular in the
business world.
WIFI Hardware Access points​ - radio receivers that communicate with digital devices like
components of a
wireless network.
laptops and Smartphones.
Cables - ​ Most access points are then connected by a ​cable t​ o a telephone
line or into a cabled LAN.
WIFI Enabled Device ​- computer, Smartphone, television, etc. Any device
with an antenna and a WIFI chip/card and a suitable OS. If a device does NOT
contain WIFI support, a "dongle" might be added and plugged into a USB port,
assuming the OS will support this. This might not work in an older computer.
Mobile Devices - ​devices like tablets and Smartphones are purposely
designed for portability, depending on batteries and designed to be small and
easily carried around. These are virtually all intended for WIFI connections,
and probably don't contain a network cable connector (RJ 45).
WIFI Software WIFI support is provided as standard ​modules i​ n most OS's installed in
devices requiring the support. Application software is normally the same for
WIFI or cabled networks, so no specific applications are required. It might be
the case that NOT ALL browsers run on a device - say a Smartphone - but
probably SOME browser will work.
Cloud - ​Mobile devices make extensive use of "cloud computing", especially
online data storage and browser-based "apps". This adds to the portability of
the device, making personal data available around the world by storing it on a
web-server.
3.1.14
Describe the
characteristics of
wireless networks.
2
Include: WiFi;
Worldwide
Interoperability for
Microwave Access
(WiMAX); 3G mobile;
WIFI​ - 802.11 hubs like you see at home and in school, at MacDonalds and the
airport, etc. Data rates around 100 Megabits per second.
3G​ - that is the cell phone (handy) network providing WEB DATA access. This
is NOT what you need for cell phone voice calls. But you could use it for VoIP
future networks.
S/E​, ​INT​ Connectivity
between different
locations.
(Voice Over IP). "a minimum data rate of 2 Mbit/s for stationary or walking
users, and 384 kbit/s in a moving vehicle," (Wikipedia)
WiMAX ​- "​WiMAX​ (​Worldwide Interoperability for Microwave Access​) is a
wireless​ communications standard designed to provide 30 to 40
megabit-per-second data rates,​[1]​ with the 2011 update providing up to 1
Gbit/s​[2]​ for fixed stations" (Wikipedia)
Limited versions of WiMAX are available in various places around the world,
but usage is still not very common, and basically dying off (not increasing)
Future Networks
Internet of Things, 5G, better BlueTooth, Network Neutrality, NFC = Near Field
Communication = Contactless Credit Card readers
3.1.15
Describe the
different methods
of network security.
2
Include encryption
types, userID, trusted
media access control
(MAC) addresses.
S/E​ Wireless networks
have led to concerns
about the security of
the user’s data.
WEP - Wired Equivalent Privacy​ - this was the first encryption technology
widely used in WIFI. It uses a 40-bit key. "Although its name implies that it is
as secure as a wired connection, WEP has been demonstrated to have
numerous flaws and has been deprecated in favour of newer standards such
as​ ​WPA2​." (Wikipedia)
WPA2 - WiFi Protected Access - "​makes use of the​ ​Advanced Encryption
Standard​ (AES)​ ​block cipher​" (Wikipedia) This is considerably more secure
than WEP, using up to 256 bits for the key. It has not yet been "cracked".
MAC - Media Access Control - ​a unique identifier for every network device in
the world (!!) Some WIFI access points require the MAC address to be added
to the list of permitted devices, so a new user with a new device will be denied
access. This is considerably safer than WEP or WPA2, because knowing the
key is not enough - your device must be added into the approved list by a
system administrator. This would be impractical in a public area like a school,
but is quite easily done in a home network. In a business environment, it is
time consuming but might be worthwhile for improved security.
userID - ​This happens at a higher level than other protocols. For example, if
you want to use WIFI in a hotel, your computer is allowed direct connection to
the hotel's network. Then you must supply a user ID and a password before
the network will allow you to connect to the Internet. The hotel might charge
for the service, and so the network will limit the number of days that your ID is
valid.
3.1.16
Evaluate the
advantages and
disadvantages of
each method of
network security.
3
userID - ​simple to implement (requires only software), easy to manage, very
flexible.
MAC - ​more trouble to set up and manage than others, but highest level of
security (assuming we can trust the administrator). Limits the number and
variety of devices that can be used.
WEP -​ easy to setup and use, but "broken" because the key is too short
WPA2 - ​easy to setup and use, not "broken" like WEP, but less secure than
MAC because any device can be used as long as the user knows the key
Discussion Questions
(1) Explain 2 differences between the World-Wide-Web and a Wide-Area-Network.
(2) Outline a sensible SECURITY system for use in a Peer-to-Peer network.
(3) The OSI Layers model is supposed to provide standardization for Network communications.
Explain why other standards like ASCII, UNICODE and HTML are still needed, even though
they are not part of the OSI standard.
(4) Explain why SOFTWARE is more important than HARDWARE when setting up a VPN.
(5) Explain why WIFI and VPN might BOTH be needed to provide mobility for some users.
(6) Explain the different roles of HTTP and HTML in the World-Wide-Web.
(7) Outline 2 advantages that make Optical Fibre better than Copper Cables for outdoor use.
(8) Outline the most important difference between how SMTP transfers email
and how HTTP distributes web-pages.
(9) Explain the importance of check-sums in a packet-switching system.
(10) Explain two essential differences between MAC security and userID security
in a wireless network connection.
(11) Explain how DNS and Domain Names work. (not in the syllabus, but still worth knowing)
(12) What is the total bandwidth of the World-Wide-Web?
640 TeraBytes per min (eg Youtube Video 60 MB per sec - actually 1 MB per sec - lots of users - 5 billion per day)
~~~~~~~~
(13) Assume that a bank director wishes to be able to work from home.
He wants to access secret documents as well as public documents from his bank's servers.
(a) Outline one advantage and one disadvantage of using a wireless (WIFI) connection at home.
(b) Outline one advantage and one disadvantage of using VPN.
​(c ) Explain why he might be able to work WITHOUT using HTTP.
(d) Explain why the documents probably contain ASCII codes.
(e) Outline 2 ways that ENCRYPTION might be used in this system.
~~~~~~~~
Examination questions
#12 May 2014 HL p 1
An international organization has offices located across several countries. For some of its activities, for example human resource management, it has been decided to
adopt a “Software-as-a-Service” (SaaS) solution in order to keep the running costs low.
(a) Describe the features of SaaS. [3]
(b) Discuss the limitations of SaaS in relation to security. [6]
Each office makes some data available to external customers through the use of an extranet and allows employees to work from home through a VPN.
(c) Define the term extranet. [2]
(d) Distinguish between a VPN and an extranet. [4]
May 2015 HL P 1
3. Outline one example of the use of a virtual private network (VPN).
6. Describe how a GPS system can identify the position of a person. [3]
7. Describe one way that the operating system of a networked workstation hides the complexity of the network from the user. [3]
10. Six lawyers and one secretary work together in the same building and are connected via a LAN to a central server. Each has their own workstation.
(a) Outline the concept of the Open Systems Interconnection (OSI) model in communication across a network. [3]
(b) Outline, with an example, the function of protocols. [3]
The secretary deals with booking appointments for clients. New clients are given the first available appointment with any lawyer and returning clients are given the first
available appointment with their usual lawyer.
A new customized computer package is bought to deal with appointment making.
(c) Identify the data that needs to be input by the secretary when someone asks for an appointment. [2]
The data on appointments is held as one page for each day.
(d) Describe a suitable data structure to hold the data for one day. [3]
(e) Using the data structure you suggested in (d), outline the steps in a procedure to create an appointment for a client. [5]
May 2016 P1 #12
A college has a high-speed network. The network is accessible to all students and staff
through their personal accounts. The network may be accessed by using desktop computers available in the college. When in the college, users can also use personal
laptops to connect wirelessly or dock with an Ethernet cable. When not in the college, users can connect via a virtual private network (VPN) over the internet.
(a) In the given context, distinguish between Ethernet and wireless in terms of reliability of transmission. [4]
(b) Describe two features of a VPN that make it secure. [4]
(c) State one technology that is necessary for a VPN. [1]
The college is devising a policy for the use of its IT resources and services. They are considering prohibiting the use of external services such as cloud storage and
blogs.
(d) In relation to the specific activities that may be carried out by students,
discuss two advantages and two disadvantages of the use of external services. [6]
~~~~~~~~
Nov 2017 HL P1 #11
A wireless local area network (WLAN) is used to extend access to a school’s wired local area network.
(a) Identify one hardware component of the WLAN, other than computers. [1]
The advantages of this WLAN are user-mobility and economical access points.
(b) Outline two disadvantages of this WLAN. [4]
(c) Identify three ways in which the network administrator can reduce the risk of unauthorized access to confidential data. [3]
The concept of packet data transmission is used within this network. Figure 1 shows the simplified structure of a data packet.
(d) Define the term protocol. [1]
(e) With reference to Figure 1, explain how data is transferred by packet switching. [6]
Download