Professional Documents
Culture Documents
Core 1 1001
Hardware
A bunch of aggregated study information condensed into my notes (but not a
dump!) from various sources.
There may be mispells, typos here and there. But its only 2$ 😉 Buy me a stick of
chewing gum!
Enumerated upon every objective but did not enumerate on smaller topics as they
were intuitive to understand at the time.
Welcome to leave feedback.
1.0 Mobile Devices
1.1 Given a Keyboard
scenario, install and ◦ Compact layout
configure laptop Hard drive
hardware and ◦ SSD vs. hybrid vs. magnetic disk
components. ▪ SSD comes in 1.8in, 2.5in form factors
1.8 used for sub-notebook and slimline laptops
▪ SSHD: Hybrid between SSD/HDD; SSD caches hard drive data
▪ Magnetic disk: 2.5in form factor
▪ Replace laptop storage by opening individual panel on back or opening the
panel to expose entire laptop; typically modular
Memory
◦ SODIMM
◦ MicroDIMM
◦ Replacement: Copper contacts & key must be seated in slots; sticks slide in until
snapping in place, w/ little pressure
◦ Use ESD protection when working with any type of memory
Smart card reader
◦ Integrated card reader built into laptop; External reader connects via USB
◦ Access control
Optical drive
◦ Often removable
◦ Less common due to size
Wireless card/Bluetooth module
◦ WWAN card: Enables connection over Cellular Networks
◦ 802.11x: Enables connection over Wifi Networks
◦ Bluetooth module: Enables connection over PAN networks, namely bluetooth
◦ Wi-Fi antenna should be located near top, inside display case
Cellular card
Video card
◦ Often built into CPU or system board; not modular and is the most difficult to
replace
Mini PCIe
◦ Smaller form factor PCIe expansion slot
Screen
◦ LCD Display
▪ Backlit
▪ Very fragile
▪ High native resolution; but fixed resolution
DC jack
◦ PSU power brick plugs into DC jack the power interface
◦ Autoswitching or fixed input
▪ Input voltage 110220 Volts
▪ Power bricks are specific to make and model of system
OUTPUT: Solid line with dashed line underneath indicates DC power
conversion
MAX OUTPUT POWER
◦ Replace AC adapter with a true replacement, of the same current, voltage, and
connector type
Battery
◦ Lithium ion is common in consumer electronics, has no 'memory effect' like NiCad;
charging battery diminishes capacity
◦ Form factors depend on laptop
◦ Remove battery from laptop before replacing hardware (sometimes retains its
charge)
Touchpad
◦ May include gestures
Plastics/frames
◦ Plastic
▪ Lightweight, mobile
▪ Durable, difficult to break
▪ Inexpensive and cost effective
◦ Metal
▪ More durable than plastic but difficult to repair
Speaker
◦ Self contained, not the highest quality
◦ Often stereo (L/R) channels, may have subwoofer
System board
◦ Proprietary system boards
◦ Replacement isn't easy
CPU
◦ Designed for mobility and power management
◦ Integrated components: typically memory and video controller are part of CPU
◦ Not very upgradable
1.2 Given a Display Technology
scenario, install o LCD
components within Backlight shines through liquid crystals, color filters, etc
the display of a Lightweight, relative low power and expense
laptop. Backlight diminishes color accuracy, relatively poor contrast, and is
difficult to replace
Diffuser spreads light over entire screen
o OLED
Organic compound emits light when receiving electric current
Thinner and lighter than LED, requires no glass for protection
No backlight necessary
Lower light output/Brightness than LCDs
Better contrast ratio and color representation in comparison to LCDs
Not common in laptop platforms
Organic materials can degrade overtime
Decayed images can remain on screen
More costly and power hungry than LCD
o Backlight Technology
LEDbacklit LCD display
Commonly used in modern laptop devices
Backlit is LEDs instead of florescent, LEDs arranged in matrix
around edge of screen
No need for voltage conversion to power LED backlights
Performs best in direct lights, superior to LCD when it comes to
backlighting/rich colors
CCFL: Cold Cathode Florescent Lamp
Higher voltage/power needed; uses inverter
Added thickness to display
Older laptops use
WiFi antenna connector/placement
o WiFi main and aux, Bluetooth antennas wrap around highest point of laptop
screen
Webcam
o Builtin camera and microphone
o Usually includes both audio/video capabilities, specialized drivers and software
Microphone
o Builtinto laptop, useful for video calls
o Not good for casual use, analog/USB microphones best
o Enabled by default in Windows
Update drivers, adjust audio settings, or ‘allow apps’ in microphone
settings if no longer working
Inverter
o Converts DC power into AC voltage for backlights in older types of LCD panels
(CCFLs)
Output is higher than input voltage
o If inverter stops working, screen appears dark but upon closer inspection (w/
flashlight), output still displays without lighting from backlight
Replace inverters or entire display
Digitizer/touchscreen
o For former: a stylus used as input, more common on laptop/tablets/hybrid
devices
1.3 Given a Special function keys
scenario, use o FN keys overcome restrictions of compact keyboard layout
appropriate laptop o Control Dual displays: Internal Display and External Display to toggle between
features. monitors
Refrigerator door effect: All video outputs to external monitor when
laptop is shut
Physical LCD switch or internal magnetic LCD switch on newer
portable systems
Set functionality (whether computer freezes when shut) in
BIOS/utility
Dual displays
o Toggle with Fn keys
Wireless (on/off)
o Control wireless signal with physical switch/function keyboard
May include 802.11, Bluetooth, Cellular connectivity
Cellular (on/off)
o
Volume settings
o Function key or may be standalone, often includes a mute function
Screen brightness
o Control backlight with secondary function keys;
Bluetooth (on/off)
o
Keyboard backlight
o See keys in dark, may control intensity, duration of lights
Touchpad (on/off)
o Enable inadvertent mouse clicks and movements by disabling touch pad
Screen orientation
o Landscape/portrait
o Fn key/hotkey
Media options (fast forward/rewind)
o Control audio/video without mouse clicking
o Play, stop, rewind, fast forward...
GPS (on/off)
o Listen for GPS signal with antennas; may be associated with wireless protocols
Airplane mode
Docking station
o Extend external laptop interfaces, add additional functionality (keyboard/mouse,
expansion cards)
Port replicator
o Smaller versions of docking stations that replicate port interfaces, no option for
expansion cards
Physical laptop lock and cable lock
o Reinforcedmetal locking slots connect to lock and solid object
Rotating/removable screens
o Combine laptop keyboard w/ tablet screen
1.4 Compare and Tablets
contrast o Singlescreen touch computers running iOS, android, etc
characteristics of o Larger than 7 inches diagonal
various types of o Uses SoC (System in a Chip) CPU
other mobile Smartphones
devices o Voice, email, text, instant messaging, pictures, video
o 3.5 to 6 inch
o Uses SoC (System in a Chip) CPU
Wearable technology devices
o Smart watches, fitness monitors
VR/AR headsets
o AR augmets reality, VR virtualizes worlds entirely
Ereaders
o Specialized device for bookreading, some capabilities for music and app
o Electronic paper display performs well in direct light; exceptionally long battery
life
o WiFi/Cellular connectivity
GPS
o Incar navigation that requires view of sky to revive GPS signal
o Periodic updates required via wireless or memory card upgrade
1.5 Given a Connection types
scenario, connect Wired
and configure o MicroUSB/MiniUSB/USBC
accessories and Standardized by EU
ports of other Older devices use miniUSB, a bit larger than microUSB
mobile devices USBC 24pin doublesided
Can act as analog audio output
o Lightning
8pin connector, advantages include higher power output, insert either
way, more durable
o Tethering
Mobile device shares Internet connection with device via USB
Device connected to internet has public IP address, devices connected
by tethering have private IP address
o Proprietary vendorspecific ports (communication/power)
One cable for power, a different cable for data
Every manufacturer released proprietary cables
EU insisted external power supply for dataenabled mobile phones sold
in EU be standardized
Wireless
o NFC
Sends small amounts of data wirelessly over limited area
Built into phone
Payment system, ticketing token, inperson information exchange
Access token/identity card
Encryption support
o Bluetooth
Highspeed communication over PAN, 3 Mbps
Smartphones, tethering, headsets/headphones, health monitors,
smartwatches, automobiles
Class 1 Bluetooth devices have 100 meter range
Class 2 Bluetooth devices have 10 meter range
Class 3 bluetooth devices have 1 meter range
Pairing
Receiving device sends unique key to sending device
(connection initiator)
o IR
Included on smartphones (esp. android) for file transfers/printing on
older phones, now used to control entertainment center
o Hotspot
'Wifi tethering' Turns phone into wireless router for 802.11 devices,
may extend cellular data network to all devices
Dependent on phone type/provider
For Internet passthrough, mobile device make's use of PC's
internet connection (reversetethering)
Accessories
o Headsets
Handsfree audio and microphone
3.5 mm TRRS connector/analog audio jack connectivity via wired
iPhone can use lightning port
o Speakers
Mobile audio, batterypowered
Wireless connection over bluetooth
o Game pads
Connect via bluetooth
o Extra battery packs/battery chargers
Swappable battery pack or external USB chargers via lightning/usb
connection
o Protective covers/waterproofing
Screen protector to avoid scratches
Device protector; waterproofing options available, may create issues w/
docking stations/charging interface (wireless charging)
o Credit card readers
Phone becomes a point of sale terminal, CCR connects to TRRS
jack/lightning/bluetooth, allowing someone to insert card
Email receipts and sign w/ finger
o Memory/MicroSD
Increase storage capacity; common on android devices but not available
on iOS devices
Small form factor, increasing capabilities
1.6 Given a Wireless/cellular data network (enable/disable)
scenario, configure o Hotspot
basic mobile device Turns phone into wireless router for 802.11 devices, may extend
network cellular data network to all devices, managed by wireless service
connectivity and provider
application support o Tethering
Anchored to mobile devicetodevice; single connection
Connect to laptop via USB/bluetooth, managed by wireless service
provider
o Airplane mode
One button turns off all radios, even Bluetooth, NFC
Cellular Device Connectivity
o Baseband updates for radio firmware
Integrated into phone but not WiFi/Bluetooth, cellular provider's
baseband radio processor that enables communications on their network
Controls GSM and 3G phone RF waves
Proprietary firmware/memory
Firmware can be updated over the air (OTA), invisible to
username
PRL/PRI Updates
PRL (Preferred Roaming List) is a priority list for which towers
the phone should use in a given geographic area
o Automatic or over-the-air (disable Wifi, enable data)
o No separate update PRL commands for iOS; this
instead takes place with software updates
PRI (Product Release Instructions) is the connection between
the mobile device and radio
IMEI vs IMSI
IMEI
o International Mobile Station Equipment Identity;
identifies a physical mobile device
Wireless carrier can allow/disallow access on
their network
IMSI
o International Mobile Subscriber Identity, identifies user
of a mobile network through the SIM card
Allows all incoming calls to follow a SIM card
when moved from one device to another
VPN
o Turn phone into VPN endpoint for secure
communication
o Integrated into phone OS
o May require additional setup
Bluetooth
Android: Settings > Wireless & Network Settings
iOS: Settings or quickaccess Control Center
10 meters
Pair for devices to work together; connect/disconnect automatically
Enable bluetooth on both devices, set both to discoverable mode and
confirm pin on both devices. Test connectivity
Corporate and ISP email configuration
o POP3
Used for downloading mail to local client; downloads/optionally deletes
email from server
For single device
Configure by providing POP3 server name, username, password
Network ports defined by mail provider: TCP 110 or TCP 995 (SSL)
o IMAP
Used for accessing mail stored on central server; accessible from
anywhere
Supports folders and serverside searching
Configure by providing IMAP server name, username, password
Network ports defined by mail provider: TCP 143 or TCP 993 (SSL)
o S/MIME
Encrypt and digitally sign messages
Integrated commercial provider email configuration
o Microsoft Exchange Online
Enterprise email integrating contacts, calendars, reminders (mobile
device database)
Email address, exchange server name, domain, username, password
IMAP/POP3
o iCloud
Apple mail, IMAP support only
Outgoing server: SMTP.mail.me.com
o Google/Yahoo
Google splits inbox into tabs
IMAP/POP3
1.7 Given a Synchronization methods
scenario, use o Synchronize to the cloud
methods to perform No physical cables or local files
mobile device Integrated into Exchange/Gmail or iCloud
synchronization Choose provider network/WiFi
o Synchronize to the desktop
Requires OS and disk space
Minimal memory requirements
iOS iTunes syncs everything in phone, creating full backups on
computer
android syncs online w/ Google
o Synchronize to the automobile
Extend phone functionality into vehicle i.e., iOS carplay, Android Auto
Synchronize contact info, music, other details in realtime
o iOS uses USB proprietary connector, older devices use 30pin connector, newer
devices use 8pin lighting connectors or USBC, 802.11 or Cellular to sync
o Android uses USB MicroB, USBC, 802.11 or Cellular to sync
Types of data to synchronize
o Contacts
o Applications
o Email
o Pictures
o Music
o Videos
o Calendar
o Bookmarks
o Documents
o Location data
o Social media data
o Ebooks
o Passwords
Mutual authentication for multiple services (SSO)
Software requirements to install the application on the PC
Connection types to enable synchronization
2.0 Networking
2.1 Compare and TCP vs UDP
contrast TCP and o TCP: Connectionoriented protocol that allows for sequencing, flow control, and
UDP ports, error correction of data packets over an IP network
protocols, and their 3way handshake establishes a network connection:
purposes. SYN: Client initiates session with server by synchronizing
packet info (SYN packet)
SYN + ACK: Server responds to client with synchronization
and acknowledgment packet (SYN + ACK packet)
ACK: Client sends back acknowledgment packet to server
(ACK packet)
Used for high fidelity services like email/file sharing
o UDP: Connectionless protocol that provides no acknowledgment of transmitted
packets
Used for services which benefit from lack of latency like audio/video
streaming, where lost packets go virtually unnoticed by the end user
Server has inbound port open, client initiates connection through the outbound port
o HTTP/HTTPS
TCP Port 80/443 (SSL)
Email Protocols
o POP3
TCP Port 110/995 (SSL/TLS)
Protocol used for email retrieval
Basic configuration requires server name, POP3 username and
password
Supported email clients include Microsoft Exchange Online, Yahoo@
Mail, Gmail, but not iCloud mail (see what ‘iCloud’ implies?)
o IMAP Internet Message Access Protocol
TCP Port 143/993 (SSL/TLS)
Improved functionality over POP3 by enabling email retrieval ‘access’
from anywhere
o SMTP Simple Mail Transfer Protocol
TCP Port 25 (465/587 SSL/TLS)
‘Send mail to people’ used for sending email messages from client
devices and between mail servers
Network Management Protocols
o Telnet
TCP/UDP Port 23 (Not secure)
Uses CLI to manage systems remotely, largely deprecated as it
transmits data in cleartext
Like FTP, it requires username and password authentication.
But again, so crackable.
o SSH
TCP/UDP Port 22
Cryptographic network protocol for secure data communication, remote
command execution (a preferred alternative to telnet) between hosts
o FTP
TCP Port 20 (Data), TCP Port 21 (Session)
Enables file sharing between file and server; allows for authentication
but transmissions are not encrypted natively
o SNMP (Simple Network Management Protocol)
Port 161 (SNMPMAN), Port 162 (SNMPAgent)
Used to manage and monitor ‘agent’ devices on network which send
alerts (traps) to SNMP manager
Network Service Protocols
o DNS
UDP Port 53
Used to resolve domain names to IP addresses
Workstations read entries in HOSTS file before making DNS requests
o LDAP Lightweight Directory Access Protocol
TCP/UDP Port 389 (636 SSL)
Directory access protocol used to manage and query directory services
Active Directory domains are a prime example, which contain
user/group accounts/permissions
o RDP Remote Desktop Protocol
TCP/UDP Port 3389
Microsoftproprietary remote access protocol that utilizes GUI as a
means of accessing desktop on host
o NetBIOS/NetBT
Ports 137-139
Used for name querying where data sends over netBIOS connection
inside TCP/UDP packets
NetBT allows NetBIOS services to be used over TCP/IP networks
o DHCP
UDP Port 6768
Automatically assigns IP addresses and configuration information to
hosts on network
DORA Address assignment
Discovery – Client sends out DHCP discover request to identify
DHCP servers on network
Offer – Server offers available IP addresses to client
Request – Client accepts address, requesting it be assigned from
the server
o Server informs over DHCP servers that request was
accepted, prompting them to free up their offers
Acknowledgment: Server acknowledges assignment request
and client leases IP address for set amount of time
o SLP (Service Location Protocol)
Port 427
Service discovery protocol used to find devices in LAN without
configuration
o SMB/CIFS (Server Message Block/Common Internet File System)
Port 445
Windows proprietary file/folder/printer sharing
o AFP (Apple Filing Protocol)
Port 548
Appleproprietary version of SMB for MacOS
2.2 Compare and Router
contrast common ◦ Connects two or more network segments/subnets; Routers receive packets, read
networking their headers to find addressing info, and send them onto their correct destination on
hardware devices. network/internet. Routers use IP address to forward messages to appropriate
network segment. Both the data link layer MAC address and network layer IP
address are used to send packets between hosts on different subnets.
▪ Network address indicates logical address of o.g. sending device and final
destination device. Data link destination address indicates physical address of
next hop in the route (at any point) while the source address is the physical
address of the device sending the frame
▪ IP addresses remain constant as the packet is delivered from hop to hop, while
MAC addresses in the frame change as delivered from hop to hop.
▪ Each subnet has unique logical network address
▪ Can be used to connect subnets to single LAN or as a gateway to connect
multiple LANs together
▪ Can be used to connect networks of differing architecture
▪ Maintains information about other networks in routing table, used in process of
forwarding packets, it contains the address of all known networks and the next
router in the path used to reach the destination network
▪ Used with different media
◦ SOHO router: Allinone device that acts as a router for systems on LAN out to
internet, can function as a network switch (see the ports in the back for LAN
devices?), access point, DHCP server, and firewall allowing for multiinterface
connectivity
◦ Layer 3 device
Wireless Access Points (WAPs) function as a Hub for a wireless network; all wireless
hosts connected to AP can receive any message sent to it.
◦ Unlike a hub, a WAP is a Layer 2 device; can read Data link layer address in frame
◦ Often configured as a bridge to connect wireless to wired segments; both hosts are
on the same subnet
◦ Act as central connecting point for Wireless LANS/Wifi enabled systems to allow
data communications over air
2.4 GHz/5 GHz frequencies
Defined by IEEE 802.11 standards
Firewall
◦ Router with additional security features, a software/hardware implementation
designed to block/allow types of incoming/outgoing traffic depending on a set of
rules
◦ Layer 3 device but capable of functioning at higher layers according to information
found there
Bridge
◦ Used to connect two or more media segments (LANs) together on same subnet or
separate one part of a subnet from another; used nowadays to increase network size
◦ Create separate collision domains but NOT broadcast domains (switches do that);
also link network segments using different physical media (so long as they have the
same architecture/network protocols)
◦ Forwarding decisions are made in software; bridges build a database based on MAC
addresses to make forwarding decisions
◦ Inferior to switches as it allows for fewer network segments and physical ports
◦ All segments connected to the bridge are on the same subnet and thus share a
common subnet address
◦ Can connect two segments using different types of network architecture (Ethernet
segment, Wireless)
◦ Layer 2 device; reads MAC address in frame to make forwarding decisions
▪ Frame forwarding is independent of upperlayer protocols
Switch
◦ Multiport bridge that performs filtering based on MAC addresses with exclusive
features not found in bridge
▪ Switches can process multiple frames simultaneously; most bridges process
single frame at a time
▪ Provide guaranteed bandwidth to each port
▪ Can make additional forwarding decisions based on MAC addresses (i.e., MAC
address filtering)
◦ Central-connecting intelligent device that connects computers in a LAN through a
wired star topology
◦ Divides network segments into multiple collision domains and makes frame
forwarding decisions based on MAC addresstoport mappings
◦ Forwarding decisions are made in hardware/ASIC
▪ Copper wiring with port interconnection
◦ Switch Types
▪ Unmanaged
Require no port management/configuration; autonomous method of adding
hosts
Easy implementation at the cost of few or no configuration options namely,
advanced management and security features
▪ Managed
Allow changing of port configurations port speed, duplexing, VLAN
assignment, MAC address filtering, in addition to port security features
Can be configured via web interface, SSH, console port or similar tool
Likely to be used in Enterprise network
◦ Work within Ethernet 802.3
▪ 1000 Mbps → 802.3ab
▪ 10 Gbps → 802.3an
◦ Layer 3 switch is capable of reading Layer 3 (network) addresses and routing
packets between subnets, often providing better performance but not nearly as many
features as a router
◦ Disable unused physical ports on switch to prevent users from connecting their own
networking equipment and gaining unauthorized access
◦ To prevent switch spoofing attacks
▪ Hardcode all the access ports as an access port and disable DTP everywhere
▪ Hardcode all the trunk ports as a trunk port and never enable DTP on trunk ports
▪ Avoid keeping an access port in dynamic desirable, dynamic auto, or trunk
mode
NIC
◦ Network interface cards are physical devices added to systems to allow connectivity
to a computer network
◦ May be integrated into motherboard or function as separate component
◦ Servers might use redundant NICs to allow for higher availability and increased
throughput
◦ Layer 1/2 device
Cloudbased Network Controllers
◦ If general network controllers provide centralized management, configuration, and
monitoring of computer networks, a cloudbased one is one that is accessed over
Internet via cloud provider and/or organization
◦ Can automate tasks to manage infrastructure
Repeater
◦ Amplifies signals to transmit over greater distance without quality loss
◦ Layer 1 device
Hub
◦ Central connecting point of physical star, logical bus topology. Hosts to send data
through one main circuit that all ports connect through (as opposed to matrix of
circuits that switches use); Incoming signals are broadcaster and recreated on any
connected ports, and the host to which the frame is addressed to accepts the frame,
while other hosts ignore the frame
▪ Allows only two hosts to communicate with each other at any time
◦ Layer 1 device
◦ Negatively impacts network performance due to fewer collision domains. Use a
bridge or switch instead.
Cable Modem
◦ Allows devices to access the internet, generically, cable internet users use a device
with an RG6 port for the provider’s coaxial cabling and twistedpair patch cable
connects devices
▪ Shared bandwidth
▪ Coaxial Cabling
▪ Cabling carries TV signal
◦ DSL Modem: Different ports than cable modems with some additional defining
features
▪ Dedicated bandwidth
▪ Twisted pair copper cabling
▪ Dedicated RG11 line makes use of telephone line
Patch Panel
◦ Physical termination point for network cables in building, consisting of multiple
RJ45 ports (to connect to switches) and 110 IDC termination points on back to
connect all individual wires in twisted pair cabling
◦ Typical data path for user to server: Computer > RJ45 Jack > Twisted Pair Cable >
Patch Panel > Switch(s) > Server
Power over Ethernet (PoE)
◦ Twisted pair Ethernet cabling standard that carries data and power, delivers between
15100 watts to PoE compliant powered devices (PDs)
▪ Power Sourcing Equipment (PSE) may be PoE compliant switch or alike
2448 port PoEenabled switch ideal for organizations with groups of remote
devices
For organizations with 12 remote devices, best use an Injector to supply
power to PoE equipment
◦ Plugs into main network switch port, powered normally from AC outlet,
but has second RJ45 port to connect 12 remote devices
▪ Check cabling requirements to handle PoE amperage (Cat 5 or
higher)
Ethernet over Power
◦ Powerline communication standard that sends data over electrical lines
▪ Implemented over standard electrical lines in home or office by adding
modulated carrier signal to wiring system
▪ Powerline network uses power adapters for AC outlet and Ethernet patch cables
to connect from adapters
2.3 Given a SOHO router functions as an allinone routing device with a switch for wired connections,
scenario, install and firewall, access point, etc.
configure a basic Setup SOHO router: Router/Switch Functionality
wired/wireless o Switched Ethernet Interfaces (Typically x4 with one VLAN), Routing
SOHO network functionality (typically DSL/cable modem) and WAP functionality
Automatically performs NAT between WAN (internet) and LAN
(internal) ports
o Configure default security settings
Login to router with IP address and change the login information to
something more complex
Update firmware
o General Configuration
WAN connection/address: IP address obtained through DHCP via ISP,
allows connectivity to ISP infrastructure and eventually out to Internet
Publicly visible on internet
Default Gateway: Address the router uses to go beyond ISP
network and Internet, just as LAN clients look for LAN address
gateway to go beyond LAN
DNS server address: Server that resolves domain names to ISP
addresses when router tries to access any server on Internet
o Can specify internal DNS servers
May need to configure static IP address for WAN or configure
secure connection to internet via Point to Point Tunneling
Protocol (PPTP) or Layer 2 Tunneling Protocol (L2TP)
LAN connection/address: Private address visible to computers on your
internal network
Same as the IP address you logged in with
Gateway address for network clients
Router and all clients are on same LAN address with same
subnet mask, so they’re able to communicate
SOHO router is usually a DHCP server itself, so any LAN devices
automatically receive an internal IP address
NIC configurations
o Status indicator LEDs tell you connectivity of the network adapter
o Wired
o Wireless NICs should automatically detect and match the channel used by the
AP
o Installation
Update/Install drivers first
Then configure network settings
IoT devices automatically communicate outbound to connect to central server
o Secure IoT devices by separating them on a DMZ/guest network, using latest
encryption standards for the wireless network
Firewall Settings
o NAT Network Address Translation
NAT translates internal IP addresses to appear as one single IP address
on Internet
Hides internal IP address by modifying IP packet headers while
in transit across routing device
1-to-1 static NAT:For web server to be accessible to internet
PAT (Port Address Translation): NAT method that binds private IP
addresses and port numbers to corresponding public IP address
1-to-many PAT: For internal users to access Internet
DNAT
SNAT
o Port forwarding
Solution that allows a server with a private IP address to serve requests
from the outside public network by allowing a user to configure their
(SOHO) router so an internal device is able externally; NAT is done in
the other direction
Sometimes called Destination/Static NAT because we change
the destination IP address for inbound traffic; anyone who
accesses port number and IP address from outside has access to
the given server on the inside of network
Configure traffic from specific port to be delivered to IP
address on internal device
Port triggering: Router configuration features that allows opening of
inbound ports based on outbound requests made by private internal
network hosts
o Screened Subnet/DMZ
Subnet of publically available servers placed outside an organization’s
firewall
SOHO routers allow configuration of an IP address on internal
network/physical port on router to be DMZ
IP address of device that would have access from internet
o UPnP Universal Plug and Play
Zeroconfiguration architecture that allows devices to dynamically join a
network, learn about the presence of other devices, and supports auto
configuration,
Ports are open only when using a particular application, closed
when not. Security risk as you don’t directly control open ports,
thus recommended to have UPnP disabled in place of port
forwarding
o MAC Filtering
Filtering technique that assigns MAC addresses to interfaces and either
allow/disallow access for particular MAC address on your network
‘Security obscurity’ MAC addresses are viewable in packet captures
and able to be spoofed
Allow/Deny List
o Allow/whitelists specifies no traffic allowed through firewall unless you specify
the sites that are allowed
o Deny/blacklist specifies all incoming traffic allowed through firewall except for
blocked sites, URLs, domain names, IP addresses
QoS
o Allows admins to prioritize certain types of traffic (i.e., VoIP, port numbers, IP
addresses, etc)
Access Point Settings
o Set an SSID (Service Set Identifier); a unique WLAN name identifier that
groups wireless devices together into the same logical network
32bit character inserted into each frame
Disabling SSID broadcast prevents the AP from including the SSID in
the beacon frame that is sent by the AP periodically to announce
network characteristics, and you will have to manually setup each client
with the SSID
Increasing beacon interval increases the time it takes wireless
clients to locate the wireless network, but reduces the traffic
generated by the beacon
o Configure the RF Channel
Wireless APs can be set up on channels between 48 and 165 in the 5
Ghz frequency range or channels between 1 and 11 in the 2.4 GHz
frequency range
Frequencies should be spaced out appropriately for
noninterference with other wireless networks
‘Mixed Mode’ Accepts connections from wireless clients running
802.11a, 802.11n, 802.11ac (5 GHz) OR 802.11b, 802.11g, 802.11n
(2.4 GHz) for greater compatibility
Single connection type increases network efficiency
o Configure security settings
Disabling SSID broadcast to make devices unable to detect the network
name, requiring manual setup to connect to the networking
Set up Encryption w/ an encryption standard
Wifi Protected Access (WPA)
o 128bit RC4/TKIP encryption used, 256bit AES
encryption used for WPA2 and is strongest encryption
method
WPA2 uses blockcipher mode mode with
CBCMAC Protocol (CCMP) to replace TKIP
o Supports both preshared key (WPAPSK or WPA
Personal) and 802.1x (WPA Enterprise) authentication
via a centralized database on a RADIUS/TACACS
server using AAA (authentication, authorization,
accounting) protocol
Can use dynamic or preshared keys
128bit encryption keys
Wired Equivalent Privacy (WEP)
o Security flaws
o LEAP/Lightweight EAP provides authentication
2.4 Compare and ◦ 802.11 protocols define speeds, frequencies, protocols used to transmit data over
contrast wireless radiowaves
networking ▪ Channels are frequency ranges of Wifi networks. Any Wifi network will have a
protocols channel width associated with it usually 20 MHz for a 2.4 GHz network and 40
MHz for a 5 GHz network
Place WLANS and APs on seperate, distant channels
◦ Perform wireless site survey w/ WiFi analyzer program to determine
existing WiFi networks in a given frequency range to prevent
overlapping channels/interference
Channel bonding is the practice of combining 2 nonoverlapping 20 MHz
channels into one logical channel to double transmission speed, it increases
channel width to 40 MHz for 2.4 GHz and 80 MHz for 5 GHz networks;
drawback is increased risk of interference
▪ Increasing WAP coverage w/ power output can send signals farther but security
implications and restrictions on maximum output Wi-Fi devices exist
Spec 802.11 standards