Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Chapter 12

advertisement 
CN1176
Computer Support
Kemtis Kunanuraksapong
MSIS with Distinction
MCT, MCTS, MCDST, MCP, A+
Agenda
• Chapter 12: Using Mobile Computers
• Exercise / Lab
• Quiz
Using Windows 7 on a Mobile Computer
• Special configuration settings
▫ Power and display options
• Windows 7 supports tablet PCs
▫ Reversible screen, touch sensitive, write on with a
stylus
• Handheld devices, such as SmartPhones, need to
be synchronized
Understanding Wireless Security
• Some types of attacks common to unsecured
networks:
▫ Eavesdropping
 Attackers capture traffic
▫ Masquerading
 Gain access by impersonating authorized wireless
users
▫ Attacks against wireless clients
▫ Denial of service
▫ Data tampering
Wireless Networking Hardware
• IEEE 802.11 standards
▫ Dictate frequencies, transmission speeds, and
ranges of wireless networking products.
• Newer devices can fall back to support older
devices at lower speeds.
• Security protocols are not backward compatible:
▫ Wired Equivalent Privacy (WEP)
▫ WiFi Protected Access (WPA and WPA2)
Using Wired Equivalent Privacy (WEP)
• Uses a security setting to encrypt network traffic
▫ Authentication method
 Open system – Enables any client to connect without
providing a password. WEP Encryption key is not
required
 Shared secret - Requires wireless clients to
authenticate by using a secret key
• Administrators must configure all devices with
the same shared secret key
• Relatively weak cryptography
Wi-Fi Protected Access (WPA and
WPA2)
• Two encryption options:
▫ Temporal Key Integrity Protocol (TKIP)
▫ Advanced Encryption System (AES)
• WPA has two operational modes:
▫ WPA-Personal (WPA-PSK)
▫ WPA-Enterprise (WPA-RADIUS or WPA-802.1x)
Configuring Wireless Networking
• Manual configuration for wireless adapters that
are supported directly by Windows 7
• If there is specific driver or software, you should
use that program
Windows Mobility Center
• Provides quick access to configuration settings
used by mobile computer users
Configuring Mobile Display Options
• Display configurations are often changed to
accommodate viewing:
▫ Connecting an external display
▫ Configuring multiple displays
▫ Using a display projector
Configuring Presentation Settings
• Configuration settings that
users most often adjust before
giving a presentation
• Add exception on firewall if
you want to connect Network
projector
▫ Start -> All Programs ->
Accessories -> Connect To A
Network Projector.
Configuring Power Options
• Power plans
▫ Enable you to create power usage profiles
▫ Assign different profiles depending on
 AC power source
 Batteries
• Control Panel
• Group Policy
▫ Comp Conf\Policies\Admin Temp\System\Power
Management container
• Powercfg.exe
Synchronizing Data
• For users who connect to a network when in the
office and need to take files with them when they
are not connected
• Two types of synchronization:
▫ One-way
 The system replicates any changes users make to the
source files to the destination
▫ Two-way
 Changes users make to either copy of the files are
replicated to the other system
Using Offline Files
• A form of fault tolerance
• Workstations copy server-based folders to the
local drive
▫ Users can work with the files whether the network
is operational or not, or even if they disconnect
from the network
• When the workstation reconnects,
synchronization of the files occurs
Transparent Caching
• Causes Windows 7 to save copies of files
accessed on a remote server on a local drive
• Do not remain available when disconnected
from the network
• Provides users with faster repeat access and
conserves bandwidth
• Similar to BranchCache feature, except cached
files are not shared with other workstations
Using Sync Center
• Central control panel for all synchronization
partnerships
• Pairs of folders or devices are configured to
synchronize their data on a regular basis
Using BitLocker
• Windows 7 Enterprise and Ultimate
• Encrypts an entire volume to protect against
unauthorized persons, such as someone stealing
a hard drive:
▫ Increased data protection
▫ Integrity checking
Understanding BitLocker Requirements
• Computer must have a Trusted Platform Module
(TPM) and a compatible BIOS
• Startup PIN
• A personal identification number (PIN)
needed to unlock
• Startup Key
• A USB flash drive containing a startup key
Understanding BitLocker Requirements
• Has 5 operational modes:
▫
▫
▫
▫
▫
TPM + startup PIN + startup key
TPM + startup key
TPM + startup PIN
Startup key only
TPM only
Turning on BitLocker
• You can use BitLocker without TPM chip
▫ Require additional authentication at startup
Group Policy setting
 Comp Conf\Policies\Admin Templates\Windows
Comp\BitLocker Drive Encryption\OS Drives
container
• To turn on/off BitLocker
▫ Control Panel > System and Security > BitLocker
Drive Encryption. The BitLocker Drive Encryption
control panel appears
Using Data Recovery Agents (DRA)
• A user account authorized to recover BitLocker
drives with a digital certificate on a Smart Card
• Must be configured using Group Policy in an AD
DS
• Must enable DRA recovery for each type of
BitLocker resource you want to recover
Using BitLocker To Go
• Enables user to encrypt removable USB drives –
Flash drives and external HDs
Using Remote Network Connections
• For travelling or telecommuting users who must
connect to the company network from a remote
site:
▫ Dial-up
▫ Virtual Private Networking (VPN)
▫ Direct Access (new)
VPN Protocol Encapsulation
• Point-to-Point Tunneling Protocol (PPTP)
▫ Least secure
▫ For authentication, PPTP supports only
 Microsoft Challenge Handshake Authentication Protocol
version 1 (MS-CHAP v1), version 2 (MS-CHAP v2)
 Extensible Authentication Protocol (EAP), or Protected
Extensible Authentication Protocol (PEAP)
• Layer 2 Tunneling Protocol (L2TP)
▫ Relies on the IP security extensions (IPsec) for
encryption
▫ For VPN connections involving Windows XP clients,
L2TP/IPsec is the preferred protocol
VPN Protocol Encapsulation (Cont.)
• Secure Socket Tunneling Protocol (SSTP)
▫ Supported only by clients running Windows Vista
SP1 or later
▫ SSTP uses certificates for authentication, with the
EAP-TLS authentication protocol
• Internet Key Exchange, Version 2 (IKEv2)
▫ IKEv2 does not support the older authentication
mechanisms, PAP and CHAP
VPN Connection
• Start -> Control Panel > Network and Internet >
Network and Sharing Center -> Set up a new
connection or network
• VPN Reconnect
▫ When a VPN was interrupted, users had to
manually re-establish the connection
▫ VPN Reconnect enables a computer to reconnect
automatically
Network Access Protection (NAP)
• A component of the Network Policy and Access
Services role in Windows Server 2008 and
Windows Server 2008 R2
• Designed to prevent potentially dangerous
clients – local or remote – from connecting to
the network
Introducing DirectAccess
• Replacement for VPN
• Eliminates the need for clients
to manually establish wide
area connections to their
networks
• Automatically connects to the
network when connected to
the Internet
Understanding the DirectAccess
Infrastructure
• Invisible to the client, but complicated
communications process with a long list of backend infrastructure requirements:
▫
▫
▫
▫
IPV6 – Globally routable addresses
Ipsec – Provides additional security
Extensive Server requirements
Clients running Windows 7 Ultimate or Enterprise
or Server 2008 R2, in the same domain as the
DirectAccess Server
Assignment
• Matching
• Multiple Choice
Related documents
70-680_Lesson02
70-680_Lesson02
Chapter 04 - End of Year Review Sheet - RBMA-IT
Chapter 04 - End of Year Review Sheet - RBMA-IT
Lesson 4: Managing Applications, Services, Folders, and Libraries
Lesson 4: Managing Applications, Services, Folders, and Libraries
Chapter 13
Chapter 13
Knowledge Assessment
Knowledge Assessment
SVR-T328 BitLocker* Drive Encryption in the Enterprise
SVR-T328 BitLocker* Drive Encryption in the Enterprise
BitLocker - Agile Concepts
BitLocker - Agile Concepts
Agenda - Microsoft
Agenda - Microsoft
Download
advertisement