Comptia Server+ Student Guide

e
ut
ib
tr
is
D
STUDENT MANUAL
or
CompTIA Server+
e
at
(Exam SK0-004)
lic
up
D
ot
N
o
D
e
ut
ib
CompTIA Server+
tr
(Exam SK0-004)
is
D
or
e
at
lic
up
D
ot
N
o
D
CompTIA Server+ (Exam SK0-004)
e
Part Number: 093007
ut
Course Edition: .95
Acknowledgements
ib
PROJECT TEAM
tr
Author Media Designer Content Editor
is
Logical Operations Logical Operations Logical Operations
D
Notices
DISCLAIMER
or
While Logical Operations, Inc. takes care to ensure the accuracy and quality of these materials, we cannot guarantee their
accuracy, and all materials are provided without any warranty whatsoever, including, but not limited to, the implied warranties of
merchantability or fitness for a particular purpose. The name used in the data files for this course is that of a fictitious company. Any
resemblance to current or future companies is purely coincidental. We do not believe we have used anyone's name in creating this
e
course, but if we have, please notify us and we will change the name in the next revision of the course. Logical Operations is an
independent provider of integrated training solutions for individuals, businesses, educational institutions, and government agencies.
at
Use of screenshots, photographs of another entity's products, or another entity's product name or service in this book is for editorial
purposes only. No such use should be construed to imply sponsorship or endorsement of the book by, nor any affiliation of such
entity with Logical Operations. This courseware may contain links to sites on the internet that are owned and operated by third
lic
parties (the "External Sites"). Logical Operations is not responsible for the availability of, or the content located on or through, any
External Site. Please contact Logical Operations if you have any concerns regarding such links or External Sites.
up
TRADEMARK NOTICES
Logical Operations and the Logical Operations logo are trademarks of Logical Operations, Inc. and its affiliates.
[vendor and product name] is a [registered] trademark of [trademark owner] in the U.S. and other countries. [The [other vendor/
product name(s)] products and services discussed or described may be trademarks or registered trademarks of [name(s)].] All other
D
product and service names used may be common law or registered trademarks of their respective proprietors.
Copyright © 2013 Logical Operations, Inc. All rights reserved. Screenshots used for illustrative purposes are the property of the
software proprietor. This publication, or any part thereof, may not be reproduced or transmitted in any form or by any means,
ot
electronic or mechanical, including photocopying, recording, storage in an information retrieval system, or otherwise, without
express written permission of Logical Operations, 3535 Winton Place, Rochester, NY 14623, 1-800-456-4677 in the United States
and Canada, 1-585-350-7000 in all other countries. Logical Operations’ World Wide Web site is located at
www.logicaloperations.com.
N
This book conveys no rights in the software or other products about which it was written; all use or licensing of such software or
other products is the responsibility of the user according to terms and conditions of the owner. Do not make illegal copies of books
or software. If you believe that this book, related materials, or any other Logical Operations materials are being reproduced or
o
transmitted without permission, please call 1-800-456-4677 in the United States and Canada, 1-585-350-7000 in all other countries.
D
CompTIA Server+ (Exam
SK0-004)
e
ut
ib
tr
is
Lesson 1: Managing Server Hardware..............................1
D
Topic A: Server Components.......................................................... 2
Topic B: Server Power................................................................... 17
or
Topic C: Server Cooling................................................................ 23
Topic D: Asset Management......................................................... 28
e
at
Lesson 2: Installing a Server..........................................35

lic
Topic A: Prepare an Installation Plan.............................................36

Topic B: Prepare the Server Hardware........................................... 48
up
Topic C: Set Up the Server Hardware.............................................54

Topic D: Install an Operating System............................................ 60
D
Lesson 3: Configuring Networking................................ 65

ot
Topic A: Manage Network Cabling................................................ 66

N
Topic B: Configure Network Interface Cards..................................75

Topic C: Implement IP Addressing and Network Infrastructure
o
Services....................................................................................79
D
Lesson 4: Creating a Virtual Environment......................91

Topic A: Create Virtual Servers..................................................... 92
| CompTIA Server+ (Exam SK0-004) |
Topic B: Create Virtual Switches............................................................103
Lesson 5: Performing Basic Server Configuration................ 111

Topic A: Configure Local Server Properties........................................... 112
Topic B: Configure Server Roles............................................................ 116
e
Topic C: Set Up IP Addressing Service Roles..........................................121
ut
ib
Lesson 6: Administering the Server.....................................135
Topic A: Update the Server................................................................... 136
tr
Topic B: Server Administration Access and Control Methods................. 142
is
Topic C: Create Service Level Agreements.............................................149
D
Topic D: Monitor Server Performance....................................................155
or
Lesson 7: Implementing Storage Solutions..........................171
Topic A: Perform Capacity Planning...................................................... 172
e
Topic B: Deploy Primary Storage Devices.............................................. 179
at
Topic C: Storage Technologies............................................................. 185

lic
Topic D: Configure RAID.......................................................................189

up
Lesson 8: Securing the Server............................................. 195

Topic A: Configure Firewalls................................................................. 196
D
Topic B: Configure Security Protocols................................................... 203

Topic C: Implement Intrusion Detection Systems.................................. 208
ot
Topic D: Implement Logical Access Control Methods............................ 211

N
Topic E: Implement Data Security Methods........................................... 217

Topic F: Apply Server Hardening Techniques........................................ 225
o
Topic G: Implement Physical Security....................................................230

D
Topic H: Create Virtual Networks.......................................................... 237

Topic H: Introduction................................................................... 0
Lesson 9: Planning and Testing Disaster Recovery.............. 241

Topic A: Implement Environmental Controls......................................... 242

Topic B: Manage Documentation for the Server and the Network.......... 248
Topic C: Create A Disaster Recovery Plan..............................................253
Topic D: Perform Backup and Restoration............................................. 262
e
Lesson 10: Troubleshooting Server Issues.......................... 273
ut
Topic A: Troubleshooting Theory and Methods.....................................274
Topic B: Troubleshoot Hardware Issues................................................ 280
ib
Topic C: Troubleshoot Software Issues................................................. 292
tr
Topic D: Troubleshoot Networking Issues.............................................298
is
Topic E: Troubleshoot Storage Issues................................................... 305
Topic F: Troubleshoot Security Issues................................................... 311
D
Appendix A: Mapping Course Content to the CompTIA Server+ Exam
or
(SK0-004)................................................................................... 319
Mastery Builders................................................................................. 341
e
Solutions............................................................................................ 343
at
Glossary............................................................................................. 351
lic
Index.................................................................................................. 389
up
D
ot
N
o
D
| Table of Contents |
D
o
N
ot
D
up
lic
at
e
or
D
is
tr
ib
ut
e
About This Course
e
ut
ib
Enter intro here
tr
Course Description
is
Target Student
This course is designed for IT professionals such as PC, desktop, and helpdesk technicians
D
who have experience supporting PC hardware who wish to make the transition to become
server hardware and support specialists. This course is also designed for existing server
managers who are preparing to take the CompTIA Server+ Exam SK0-004.
Prerequisites or
To ensure your success in your course you should have 18 to 24 months of hands-on
e
experience with installation, configuration, diagnosis, and troubleshooting of PC hardware
and network operating system issues. It is also recommended that you have the CompTIA
at
A+ certification or the equivalent training and experience. You can obtain this level of skills
and knowledge by taking the following Logical Operations courses:
lic
CompTIA A+ Certification: A Comprehensive Approach

CompTIA Network+
up
Course Objectives
Upon successful completion of this course, you will be able to perform the duties of a
server administrator. You will:
D
• Manage server hardware.

• Install server hardware and operating systems.
ot
• Configure networking hardware and protocols.

• Perform basic server configuration tasks.
• Create a virtual server environment.
N
• Administer servers.
• Implement server storage solutions.
o
• Secure the server.

• Plan and test disaster recovery.
D
• Troubleshoot server issues.
The Logical Choice Dashboard

The Logical Choice Dashboard is your entry point to the Logical Choice learning
experience, of which this course manual is only one part. Visit this dashboard both during
and after class to make use of the world of support and instructional resources that make up the
Logical Choice experience!
Logon and access information for your My Logical Choice environment will be provided in
conjunction with your class experience.
At the My Logical Choice page, you can access the dashboards for your specific courses.
Each course’s dashboard will give you access to the following resources:
• eBook; an interactive electronic version of the printed book for your course.
e
• LearnTOs; brief animated components that enhance and extend the classroom learning
experience.
ut
Depending on the nature of your course and the choices of your learning provider, the course
dashboard may also include access to elements such as:
ib
• The virtual classroom for the course.
• Social media resources that enable you to collaborate with others in the learning community
using professional communications sites such as LinkedIn or microblogging such as Twitter.
tr
• Your personal Whiteboard for sketches and notes.
is
• Virtual labs, for remote access to the technical environment for your course.
• Checklists with useful post-class reference information.
• Notices from the Logical Choice administrator.
D
• Any Course Files you will download.
• The course Assessment.
• Mentoring services.
or
• Newsletters and other communications from your learning provider.
• A link to the website of your training provider

• The Logical Choice store.
e
Visit your Logical Choice dashboard often to connect, communicate, and extend your learning
at
experience!
How To Use This Book

lic
As You Learn
up
This book is divided into lessons and topics, covering a subject or a set of related subjects. In most
cases, lessons are arranged in order of increasing proficiency.
The results-oriented topics include relevant and supporting information you need to master the
D
content. Each topic has various types of activities designed to enable you to practice the guidelines
and procedures as well as to solidify your understanding of the informational material presented in
the course. Procedures and guidelines are presented in a concise fashion along with activities and
ot
discussions. Information is provided for reference and reflection in such a way as to facilitate
understanding and practice.
Data files for various activities and other supporting files for the course are available either on an
N
enclosed CD-ROM or by download. If your course manual did not come with a CD-ROM, please
go to www.logicaloperations.com to download the files. The course files may contain simulations that
enable you to practice skills that cannot be performed live during the learning event, as well as
o
sample files, support files, and additional refernce materials for use both during and after the course.
D
At the back of the book, you will find a glossary of the definitions of the terms and concepts used
throughout the course. You will also find an index to assist in locating information within the
instructional components of the book.
As You Review
Any method of instruction is only as effective as the time and effort you, the student, are willing to
invest in it. In addition, some of the information that you learn in class may not be important to you
| About This Course |

immediately, but it may become important later. For this reason, we encourage you to spend some
time reviewing the content of the course after your time in the classroom.
As a Reference
The organization and layout of this book make it an easy-to-use resource for future reference.
Taking advantage of the glossary, index, and table of contents, you can use this book as a first
source of definitions, background information, and summaries.
Course Icons
e
Watch throughout the material for these visual cues:
ut
Icon Description
ib
A Note provides additional information, guidance, or hints about a topic or task.
tr
is
A Caution helps make you aware of places where you need to be particularly careful
with your actions, settings, or decisions so that you can be sure to get the desired
results of an activity or task.
D
LearnTO notes show you where an associated LearnTO is particularly relevant to
or
the content. Access LearnTOs from your Logical Choice course dashboard.
e
Checklists provide job aids you can use after class as a reference to perform skills
at
back on the job. Access checklists from your Logical Choice course dashboard.
lic
Social notes remind you to check your Logical Choice course dashboard for
opportunities to interact with the Logical Choice community using social media.
up
Notes Pages are intentionally left blank for you to write on.
D
ot
N
o
D
| About This Course |

D
o
N
ot
D
up
lic
at
e
or
D
is
tr
ib
ut
e
1 Managing Server
Hardware
e
ut
3 hours
ib
tr
is
Lesson Objectives
D
In this lesson, you will work with server hardware. You will:
• Manage server hardware.
• Identify features of server power.
• Identify methods of server cooling.
or
e
• Identify features of asset management.
at
Lesson Introduction
lic
The CompTIA Server+ certification covers a wide range of knowledge and skills that apply
to server support and administration job roles. Any server support and administration job
up
role requires a fundamental knowledge of server hardware. In this lesson, you will work with
server hardware.
With a background in CompTIA Server+ information and skills, your server support and
D
administration career can move in many directions. Whether you are on a help desk, work
setting up new servers, are a system administrator, or have a role as a server troubleshooter,
knowledge of the server hardware provides a foundation for learning how to support and
ot
administer the server environment.

N
o
D
2 | CompTIA Server+ (Exam SK0-004)
TOPIC A
Server Components
The images and Server computers use much of the same hardware as client systems use. You should already be
examples in this course familiar with the components needed to create a functional computing system. The components
primarily illustrate tower used in a server are more robust than most client systems, but have many of the same categories of
e
servers and not rack or components. In this topic, you will identify the hardware components needed for a server computer.
blade servers. Any time
ut
you have the opportunity The server hardware includes things such as the CPU, memory, expansions lots, network cards,
to show examples or drives, and USB ports. Being able to identify these components in the server and their purpose will
images or rack mounted enable you to plan the configuration of a server with the required components.
ib
or blade server
technology, please
share those with CPU
tr
students.
CPU The processor, also called the Central Processing Unit (CPU), is the main chip on the system board that
is
Students should be executes program instructions that control the server. It is the brains of your computer. The CPU
familiar with computer processes instructions, manipulates data, and controls the interactions of the other circuits in your
hardware components. computer On most computers, the CPU is housed in a single microprocessor module and is inserted
D
This lesson focuses on directly into a CPU socket on the motherboard. The processor consists of a control unit and an
how those components Arithmetic and Logic Unit (ALU). The control unit retrieves program instructions from memory
are implemented in a and then decodes them for execution; the ALU performs mathematical operations.
server environment.
or
Many mid-range and upper-range servers have the ability to use more than one processor for routine
processing tasks. This ability is referred to as parallel processing or multiprocessing. Although
computers are built with various overlapping features, such as executing instructions while inputting
e
and outputting data, the term “multiprocessing” refers specifically to the concurrent execution of
instructions by more than one processor.
at
A multicore processor is different from a multiprocessor system. In a multicore processor, system

resources are shared and all cores reside on the same chip. In a multiprocessor system, there are two
lic
separate processors, each with its own system resources. All other components being equal, a
multiprocessor system is faster than a system with a multicore processor.
Specific CPUs are only able to be installed in a server in the socket specifically designed for that CPU.
up
The pin layout of sockets varies, so the CPU pins must match the pin layout of the socket type.
Tables of specific socket types and the supported CPUs can be found online on a variety of sites.
One such site is http://www.hardwaresecrets.com/article/A-Complete-List-of-CPU-
Sockets/373/3.
D
ot
N
o
D
Lesson 1: Managing Server Hardware | Topic A

CompTIA Server+ (Exam SK0-004) | 3
Point out the differences

between the images
shown in Figures and
the actual hardware in
the classroom or the
servers remote users
might be using.
e
ut
ib
tr
is
D
Figure 1-1: CPU examples.
or
Cache memory—the temporary storage space—is described in levels of closeness and accessibility to
e
the processor.
at
Cache Level Description
Level 1/L1 A fast memory that the CPU uses first for quick storage and
lic
calculation. Level 1 is also referred to as internal or primary cache

because it resides inside the processor. However, level 1 cache is not
very large in storage capacity. Its storage capability ranges from 8 KB
up
to 64 KB.
Level 2/L2 It feeds the L1 cache. L2 is either integrated into the CPU chip or is
available as a separate bank of chips on the system board. It is slower
D
than level 1 cache, but it can provide more than 512 KB of storage
space. A popular L2 cache memory size is 1,024 kilobytes (one
megabyte).
ot
Level 3/L3 Some microprocessor manufacturers now provide CPUs with both
level 1 and level 2 cache memory integrated in the processor chip. In
that case, the cache memory that resides outside the processor and
N
on the motherboard is called the level 3 or L3 cache.
Processor speed is the number of processing cycles that a microprocessor can perform in a given
o
second. Some CPUs require several cycles to assemble and perform a single instruction, whereas
D
others require fewer cycles. The clock speed, indicated by MHz, is a technical and theoretical rating,
whereas the actual performance speed can vary from the published clock speed rating.
Several factors affect the actual speed or performance of a CPU. This includes core, bus, and
multiplier.
• The core is an execution unit in the CPU. A single-core processor has one execution unit, dual-
core has two execution units, quad-core, has four execution units. In a multi-core processor, each
core handles incoming strings of instruction simultaneously. When one core is executing

instructions, other cores can be accessing the system bus or executing their own string of
instructions.
• The address bus (pathway) that connects the processor to main memory. The wider the address
bus, the more memory can be accessed. Data isn’t transferred over this bus. The data bus defines
the number of bits of data or instructions that can be transferred in a single operation. The larger
the data bus, the more data that can be moved and thus the faster the processor can operate.
• The clock multiplier measures the ratio of internal bus speed to external bus speed in a CPU. For
example, consider a system with a 133 MHz clock speed and a CPU with a 10x clock multiplier.
Internally, the CPU’s bus runs at 1.33 GHz (1,333 MHz) while externally its bus runs at the
e
system’s clock speed (133 MHz).
ut
CPU stepping is the revision level of a processor. When multiprocessor system boards are
manufactured, they’re tested to ensure that they will work when the speed and L2 cache size are the
same for each processor. As processors are updated, they’re tested to see if the new stepping will
ib
work with the previous one. You can get the stepping, speed, and cache information about
processors from the manufacturer. For instance, Intel provides an S-spec number on the face of
tr
their Pentium III processors that you can use in conjunction with the Quick Reference Guide found
on the Intel website to determine the stepping, voltage, timing, packaging, and other information
specific to the processor. With multiple processors, it is important to verify N+1 stepping, meaning
is
that if the processor steppings do not match or fall within one stepping of each other, then it’s
recommended that you replace one of them so that stepping, speed, and cache all match.
D
There are several commonly used CPU architectures. x86 is an instruction set architecture that
supports 32-bit processors. If something is referred to as x86, it means that it supports 32-bit
software, and it can also support 64-bit. The term x86-64 (also referred as x64) explicitly refers to
or
the 64-bit x86 architecture. The ARM architecture is often used in mobile devices and UNIX or
Linux servers. Traditionally ARM was only 32-bit, but more recently, 64-bit support has been added.
e
RAM
at
RAM Memory, commonly called RAM (random access memory), is the hardware component that stores
data as the CPU works with it. RAM is implemented as computer chips occasionally soldered to the
lic
circuit board, but more often it is attached to a specialized socket.

up
D
ot
N
o
D
Figure 1-2: Example of RAM.

Some types of RAM lose their contents quickly, even when power is present. Devices that use this
type of memory must continually refresh the contents of the chips, or data is lost. Such memory is
called dynamic RAM, or DRAM. DRAM must be refreshed hundreds of times per second. Circuits
using DRAM must include the components necessary to refresh its contents, adding complexity to
the overall system. Due to the design of DRAM circuitry, simply reading its contents is sufficient to
refresh it.
In contrast, static RAM, or SRAM, doesn’t need to be refreshed. Due to the way these chips are
built, this memory holds its contents until power is removed. Therefore, circuits using SRAM are
simpler, because refresh components aren’t required. SRAM chips can be read more quickly than
e
DRAM chips can.
ut
CMOS could use EEPROM, but EEPROM chips permit a limited number of write operations, after
which data can’t be written and stored reliably. SRAM doesn’t have such a limitation.
ib
Main system memory is implemented with DRAM. Cache memory and CMOS memory are most
often implemented with SRAM. DRAM chips are as much as four times smaller than SRAM chips
per unit of storage. DRAM circuitry is simpler, making DRAM considerably cheaper than SRAM to
tr
manufacture. The refresh circuitry is simple and inexpensive to implement, too. Thus, DRAM is
much cheaper to use than SRAM when large amounts of memory are needed, such as for main
is
system memory. SRAM is considerably faster, which makes it well suited to the smaller level 2 and
level 3 cache memories that typically use it.
D
The two most common types of RAM you will find in servers are DDR2 and DDR3.
RAM Memory Type Description
Double Data Rate SDRAM 2 (DDR2)

or
Transfers data at a rate of 400–1066 MHz, using
a 200–533 MHz I/O clock on both the rise and
fall of the clock signal. DDR2 modules transfer
e
data on a bus that is 64 data bits wide. The form
factor most appropriate for servers is a
at
registered ECC DIMMs (240 pin) module.

DDR2 DIMM memory modules are not
backward compatible with DDR DIMM due to
lic
incompatible pin configurations, core voltage,

and memory chip technology.
DDR3 SDRAM Transfers data at a rate of 800–1600 MHz, using
up
both the rise and fall of a 400–800 MHz I/O

clock signal. DDR3 memory modules transfer
data on a bus that is 64 data bits wide. DDR3
D
allows for chip capacities of 512 MB to 8 GB,

enabling a maximum memory module size of 16
GB. It transfers data at twice the rate of DDR2
ot
and uses 30% less power in the process. Like

DDR2, DDR3 chips use 240-pin connections,
but cannot be used interchangeably because of
N
differences in notch location and electrical

requirements.
o
There are various factors you need to consider to ensure memory compatibility between the server
and the memory and between memory modules.
D
• Column Access Strobe (CAS) latency is the amount of time taken to retrieve data from a particular
column of a specified row in a memory module. CAS latency is the clock cycles between the
issuance of the read command and its subsequent data retrieval. CAS2 latency essentially means
that there is a two cycle delay, and CAS3 has a three cycle delay. Therefore, to achieve better
performance, CAS memory modules must be able to support low latency settings.

• The number of pins available in the system board slot must be compatible with the pins used in
memory. For instance, 240-pin DIMMs are used in the newest and fastest DDR3 memory
servers. DDR3 is the latest generation of memory with improved architecture that allows it to
transmit data more quickly. To use DDR3 memory, the system motherboard must have 240-pin
DIMM slots and a DDR3-enabled chipset.
• Memory timing is the time taken by memory to produce the required data from the start of the
access until the data is available for use. The current memory timing varies from 5 to 70
nanoseconds. The memory timing must be compatible with the processor speed.
e
You can enhance server performance by using memory pairing, which couples two physical memory
banks. Although two different DIMMs with identical specification must technically work together,
ut
there are a few bottlenecks. To eradicate huge compatibility problems, the RAM speed or timing
must be adjusted to a slower setting. You can operate any memory type at slower clock speeds and
more conservative timings than its actual specification. This caution will help you to reduce the
ib
probability of any risks. If you pair 1 GB DDR2-667 with 1 GB DDR2-800 DIMM, then both will
run at DDR2-667 speed. Whether they are integrated into an AMD Athlon 64 X2 or a Phenom
X3/X4 processor, or are part of a chipset northbridge, all memory controllers are capable of
tr
running in the dual-channel mode. In other words, they utilize two memory banks in order to
double the bandwidth by widening the memory data path from 64 bits to 128 bits.
is
When you install memory modules, the module placement can be critical for the memory to
function properly. In some systems, it doesn't matter where modules are placed, but in other
D
systems you must place the modules in specific slots. SDRAM usually can be placed into which ever
slot is available. However, DDR dual-channel memory configuration requires that you install the
modules in specific locations. Insert modules in the first slot in each RAM bank, then if you are
or
using the second slot in each RAM bank, fill in the second slots in each bank.
Memory errors occur, perhaps more frequently than any of us wants to know. However, there are
technologies that enable computer components to detect and even recover from memory errors.
e
Error correcting code (ECC) permits your computer to not only detect that an error has occurred,
but also to correct that error. As with parity, when the computer reads the data from the module, it
at
recalculates the ECC value and compares it to the value on the module. If the values match, no
errors have occurred. If they don’t, then by using other calculations on the ECC value, the computer
can determine what was changed and what its original value was. Non-ECC is a type of RAM that is
lic
usually located in client workstations, where data integrity is not such a major concern. Obviously,
there is usually a lower efficiency associated with the requirement to fix memory errors because it
does not include any mechanism to check or fix errors.
up
Parity Checking
Another type of memory error detection is called parity checking. It provides single-bit error
D
detection but doesn’t have any correction capabilities. ECC was developed to go beyond parity
checking.
ot
ECC Cost and Recovery

ECC uses a special algorithm to encode information in a block of bits that contains sufficient detail
to permit the recovery of a single-bit error in the protected data. It uses 7 bits to protect 32 bits, or 8
N
bits to protect 64 bits. When ECC corrects a detected single-bit error in a 64-bit block of memory,
the computer continues functioning as if no error occurred. However, if an error is corrected, it can
be useful to know this; a pattern of errors can indicate a hardware problem that needs to be
o
addressed. Chipsets that support ECC mode usually include a way to report corrected errors to the
D
operating system, but it’s up to the operating system to support this. ECC will detect (but not
correct) errors of 2, 3, or 4 bits, in addition to detecting (and correcting) single-bit errors. ECC
memory handles these multiple-bit errors similarly to how parity checking handles single-bit errors; a
Non-Maskable Interrupt (NMI) instructs the system to shut down to avoid data corruption.
Multiple-bit errors are extremely rare in memory. ECC can cause a system’s performance to be
degraded, because the ECC algorithm is more complicated than parity checking, and time must be
allowed for ECC to correct any detected errors. The penalty is usually one extra wait state per

memory read, which translates to a real-world performance hit of about 2 to 3 percent. Although
non-ECC systems may save on cost, implementing ECC memory is recommended to ensure data
integrity.
Bus Types
A bus is an electrical pathway to which various server components are connected in parallel so that Bus Types
signals can be transferred. Buses are broadly classified into three types.
e
Bus Type Description
ut
Processor bus Handles traffic between the CPU and the
chipset. It transfers data between the CPU and
ib
the I/O bus, as well as between the CPU and
any external cache memory that is on board. Its
purpose is to get information to and from the
tr
CPU as fast as possible, so it functions at a
much faster rate than any other bus in the
is
server. You will seldom find bottlenecks at the
processor bus.
D
Memory bus Also known as system bus, front side bus, local
bus, or host bus. It handles traffic between the
CPU, the chipset, and RAM. It can be a
or
dedicated chipset that transfers data between the
processor bus and the memory, but sometimes
it’s incorporated right into the processor bus.
The memory bus can be a source of bottlenecks,
e
because the CPU runs faster than the RAM.
at
I/O bus Also known as main bus or expansion slot bus.

It handles traffic between hardware components
and the processor (via the memory bus). Most
lic
servers have at least two I/O buses: local and

standard. The local I/O bus services
performance-critical peripherals such as disk
up
systems, video cards, and high-speed NICs,

while the standard I/O bus services other
peripherals such as pointing devices, modems,
and standard NICs. I/O buses can experience
D
bottlenecks in many circumstances, such as

when disks and disk arrays cannot handle I/O
requests quickly enough, or network interface
ot
cards are overloaded.

N
The system bus can be single channel or dual channel. Single channel versus dual channel
architecture refers to the capability of a system bus to access multiple memory modules either in
series or in parallel. In single channel architecture, memory modules can be installed in a wide
o
variety of configurations on the system board, and are accessed in series. Dual-channel compatible
system boards require pairs of memory modules to be installed in color-coded memory slots and are
D
accessed by the system bus in parallel, in order to double the data transfer rate.
System boards include several buses, or data paths, to transfer data to and from different computer
components, including all adapter cards.

Expansion Bus Type Description

PCI Created by Intel in 1993 as a general-purpose local bus, a PCI local
bus uses 32-bit technology and runs at 33 MHz. Newer PCI systems
use 64-bit technology and runs at 66 MHz. PCI is the highest
performance general I/O bus that is currently used on modern
computers.
• Physical characteristics of cards: 33 or 66 MHz. 133 Mb/s
throughput at 33, 66, or 133 MHz. Up to eight functions can be
e
integrated on one board. Card size varies, but must have a PCI
ut
edge connector. Slot on the system board is white.
• Configuration: Supports up to five cards per bus and a system can
have two PCI buses for a total of ten devices per system. It can
ib
share IRQs, and it uses Plug and Play.
• Used for all current adapters in client and server systems.
tr
• Number of data lines: 64-bit bus often implemented as a 32-bit
bus.
is
• Communication method: Local bus standard; 32-bit bus
mastering. Each bus uses 10 loads. A load refers to the amount of
power consumed by a device. A PCI chipset uses three loads.
D
Integrated PCI controllers use one load. Controllers installed in a
slot use 1.5 loads.
• Card height can be full height (4.21 in X 12.28 in), half height, (4
PCI eXtended or PCIx

or
in X 6.9 in) or low profile/slim (2.54 in X 4.72 in to 2.54 in X
6.59 in ).
As with PCI, PCIx uses a parallel interconnect along a bus that is
e
shared with other PCIx devices. In fact, it is an extension of the
legacy PCI 32-bit format, with which it is backward-compatible. It
at
differs mainly in the fact that the bus is now 64 bits wide, and runs at
higher frequencies (now up to 533MHz, compared to 66MHz the
lic
fastest PCI frequency). PCIx is used in the server as a bus for high-
bandwidth server peripherals such as RAID controllers and Gigabit
Ethernet.
up
PCIe An implementation of the PCI bus that uses a faster serial physical-
layer communications protocol. It uses a point-to-point bus topology
to ensure that devices have constant access to the system bus.
D
• Used for high-speed graphics cards and high-speed network

cards.
• Number of data lines: Each device has a serial connection
ot
consisting of one or more lanes. Each lane offers up to 250 Mb/s

of throughput. An x16 slot (16 lanes) can handle 4 GB/s of
bandwidth in one direction.
N
• Communication method: Local serial interconnection.

.
o
Network Interface Cards

D
Network Interface Cards

Consider passing A network interface card (NIC) adds networking capabilities to servers that require additional NICs
around various types of
client and server
apart from any built-in NICs. This card transfers information across the network. For servers to be
network adapters so able to communicate with other computers on the network, you need at least one NIC. Some
students can compare servers include two or more on-board network adapters (a network interface built into the system
the similarities and board); for others, you’ll have to install one to enable basic network communications. Multiple NICs
differences.

help reduce network congestion by splitting the load over several cables or providing some basic
routing functions between separate networks.
e
ut
ib
Figure 1-3: Example of a network card.
tr
Hard Drives
is
A hard disk drive (HDD) is a storage device that uses fixed media. In other words, the disk is built Hard Drives
into a drive that remains in the computer until an upgrade or a repair is underway. Hard drives If you have hard drives
D
connect directly to the system board via at least one cable for data and another for power. The hard of various types, pass
disk itself consists of several metal or hard plastic platters with a magnetic surface coating. Data, them around the room
which is stored magnetically, can be accessed directly. and have students
or
Solid state drives are becoming more popular as the price drops. Solid state (SS) drives do not
contain moving parts. These are faster and more reliable than traditional mechanical hard drives.
Internal hard disk drives are mounted inside the computer case and are connected directly to the
identify what type of
connector the drive
uses. Also if you have
mechanical and solid
e
system board. External hard disk drives are standalone portable units connected to the system using state drives, show the
differences to students.
at
a number of connections, including USB and IEEE 1394. There are many types of hard disks. For
Point out that some of
example:
the technology listed, for
• Parallel Advanced Technology Attachment (PATA—it is also known as Integrated Development example SATA, is not as
lic
Environment (IDE), Enhanced IDE (EIDE), Ultra Direct Memory Access (UDMA), and ATA.) likely to be found in
• Small Computer Systems Interface (SCSI) servers as other
technology such as
• Serial Advanced Technology Attachment (SATA)
up
SCSI. However, if using

tower servers, any of
these technologies might
be found.
D
ot
N
o
D

e
ut
ib
tr
is
D
Figure 1-4: Hard drive and connectors.
or
Note: Solid State Drives (SSD) are another fixed storage device, but they do not contain any
moving parts like traditional hard drives do. They typically have fast access times and connect to
e
the computer using a SATA connector.
at
Hard Drive Firmware

Hard drive firmware is located in a flash memory chip on the hard drive. To ensure the correct
lic
functioning of the hard drive, the firmware will access various drive unique parameters from the
hard disk during operation. The firmware controls various hard drive operations. It includes:
• When the hard drive is powered on, the firmware configures the hardware and allows the server
up
to load the OS.

• During the hard drive operation, the firmware allows the hard disk to interact with other
components on the system.
D
• When the hard drive is powered down, the firmware executes a shutdown sequence and ensures
the hard drive powers down correctly.
ot
Riser Cards
Riser Cards A riser card is a board plugged into the system board and provides additional slots for adapter cards.
N
Because it rises above the system board, the riser card enables you to connect additional adapters to
the system in an orientation that is parallel to the system board, thereby saving on space within the
system case.
o
D

e
ut
ib
tr
Figure 1-5: Example of a Riser card.
is
Daughter Boards
D
A daughter board is an expansion board connected directly to the motherboard to facilitate the
computer with an added feature such as modem capability. In personal computing, a daughter board
can be used as a more general term for adapter cards. Sometimes, in casual usage, the term daughter
Riser Card vs. Onboard Card

or
board is used interchangeably with the term riser card, but technically they are not the same.
Riser card allows you to connect additional cards to the system in an orientation that is parallel to
e
the system. Onboard cards are directly inserted perpendicular to the system board slots.
at
RAID Controllers
lic
With hardware RAID, you use a dedicated hardware device called a RAID controller to control the RAID Controllers
disk array. There are two main types of RAID controllers: Bus-based RAID and External RAID.
up
Note: Do not confuse external RAID controllers with external RAID enclosures. The
enclosures typically provide only power and a physical infrastructure, while the external
controller also provides high-end processing and array management.
D
Type Description
Bus-based RAID In bus-based hardware RAID, the RAID controller takes the place of the
ot
SCSI host bus adapter or IDE/ATA controller that would normally

provide the interface between the hard disks and the system bus. Some
server system boards include integrated, onboard RAID controllers, but if
N
your system board does not have one of these, you can use a RAID
controller card, which is an expansion board. Bus-based hardware RAID
is cheaper and easier to implement than external RAID controllers.
o
External RAID External RAID controllers are considered higher-end designs, because
D
they contain a dedicated processor. An external RAID controller manages

the disk array from a separate enclosure, usually by using a form of SCSI.
It presents the logical drives from the array to the server via a standard
interface (again, usually SCSI), and the server interprets the array as one
or more hard disks. Compared to bus-based hardware RAID, external
RAID controllers are more flexible, offer more features, and tend to be
more expandable, but they are also more expensive.

With software RAID, there is no need for a RAID controller. The functions provided by the RAID
controller are taken care of within the RAID software. It can be incorporated into the operating
system or as a separate piece of software.
e
ut
ib
tr
is
Figure 1-6: Examples of RAID.
D
BIOS
BIOS
or
The Basic Input Output Sequence (BIOS) is the first program that is executed when you switch a
computer on. When the system boots, the BIOS identifies, tests, and initializes system devices such
as the video display card, hard disk, system clock, CD-ROM drive, and other hardware. The BIOS
then prepares the machine into a known state by instructing the processor to load the operating
e
system into the RAM. There are different BIOS programs stored on BIOS chips located on the
system boards. The BIOS chip on the motherboard contains the code for hardware components
at
such as the keyboard, disk drives, hard disk controllers, and USB human interface devices. Devices
such as SCSI controllers, RAID controllers, and video boards often include their own BIOS,
complementing or replacing the system BIOS code for any given component.
lic
UEFI
up
UEFI BIOS has been outdated for many years. Unified Extensible Firmware Interface (UEFI) has been
designed to replace BIOS and address BIOS shortcomings. UEFI is the interface between an
operating system and the firmware for the physical computer hardware. The UEFI firmware
D
interface will replace BIOS firmware eventually.

UEFI uses tables containing information regarding boot and runtime service calls for the operating
system loader and the operating system. It can run applications before the operating system has
ot
booted up. It also creates the environment for the operating system to boot into.
If you have a system Some of the BIOS shortcomings addressed by UEFI include:
N
available with UEFI, start • Faster boot times.

the computer, access,
the UEFI, and show • Protection from boot attacks.
o
students the UEFI • Support for 64-bit firmware device drivers.

interface. • Support for drives over 2.2TB.
D
The CMOS battery holds the settings configured through either BIOS or UEFI. Over time, the
battery might lose the ability to keep power supplied to the chips and retain the configuration data.
In this case, you will need to replace the CMOS battery. If a boot password has been set and
forgotten, you can remove the CMOS battery to reset the configuration and the password.

BIOS and UEFI Storage

BIOS code is stored in the firmware of the computer. UEFI code is stored in a directory in
nonvolatile memory. This directory can be stored in flash memory on the motherboard, on a hard
drive, or on a network share.
USB
USB (Universal Serial Bus) enables you to connect multiple peripherals to a single port with high USB
e
performance and minimal device configuration. USB connections support two-way communication.
Computers have several USB ports installed and can support up to 127 devices per port.
ut
There have been several USB standards defined over the years, with each specification providing
greater speeds. USB 1.1 was the first popular standard and only provided communication speeds of
ib
12 Mbps. USB 2.0 increased the speed to 480 Mbps. USB 3.0 then increased the speed to 5 Gbps.
USB 3.1 again increases the speed, this time to 10 Gbps.
tr
On the computer, the USB port is a Type A socket. The socket on the peripheral can be Type B,
Mini-B, or Micro-B. USB 3.1 defines Type C which is not only faster, but is also reversible, making
it easier for users to plug cables into the ports. The ports can be powered or not. Powered ports can
is
be used to charge devices and the devices connected to powered ports usually can function without
another power source. Larger devices such as printers and scanners will require an additional power
D
source. Cameras, keyboards, mice and other peripheral devices will not need an additional power
source.
or
e
at
lic
up
D
ot
Figure 1-7: Examples of USB ports and connectors.

N
Hotswap
o
Hot-swapping is the ability to exchange computer hardware on the fly without interrupting the Hotswap
computer's service or, at least, minimizing the interruption. It prevents you from having to power If you have servers
D
off the system while you switch an old or faulty part for a new one, which, in turn, enables users to capable of hotswapping
keep working while you are fixing the problem. A non-hotswapable component requires that you components, consider
shut down the system before you can remove and replace the component. demonstrating
hotswapping
There are a few things to keep in mind—namely, preserving the integrity of your system's data and components to students.
preventing damage to any hardware parts involved. Having hot swap capabilities is not good if your
hardware is ruined during an exchange. To ensure that all goes smoothly when you hot-swap
components, there are a couple of things you can do. First, make sure the new component, which is

unpowered, will not be damaged when you connect it to the live (powered) system. Also, make sure
the component has features that let you disable the power-off command and partially power it down
and that its outputs stay in a high-impedance state during power-up or power-down. This will keep
the system from getting bogged down by the component's input and output pins when you connect
the component.
These steps help protect your system's circuitry and ultimately your data. When swapping
components, such as a new network card, you need to make sure the ground pins on the card make
contact first with the pins on the connector. Current is flowing, and you do not want it flowing from
the live board through unexpected return paths in the new board.
e
ut
Access the Checklist tile on your CHOICE Course screen for reference information and
job aids on Guidelines to Install Server Components.
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 1-1
Installing Server Components
Before You Begin
e
You have been provided with a toolkit containing screwdrivers and ESD protection.
ut
Scenario
You have been working at Develetech Industries as an intern for several months supporting end
ib
user computer systems. You have done very well at this, so your manager has asked you to start
working with the servers in the organization. He wants you to familiarize yourself with the hardware
components in the server environment. The servers might not have any operating system installed,
tr
they might have an client operating system installed, or they might have a server operating system
installed. Because you are just looking at the hardware and the firmware, it doesn't matter whether
is
there is an operating system installed or not. From your work with end user systems, you know that
you need to follow ESD safety precautions when working with hardware.
D
1. Verify that the server has the required peripherals attached and that it is plugged in to a power source.
a) Verify that keyboard, mouse, and monitor are connected to the server.
or
b) Verify that the monitor and system unit are connected to a power source.
2. Access the BIOS or UEFI configuration utility. If necessary, assist

e
a) Turn on the monitor. students with accessing
the BIOS or UEFI
at
b) Turn on the system unit, then press the appropriate key or key combination to access the BIOS or
UEFI configuration utility software. This information is displayed on the monitor. configuration utility.
lic
3. Determine if you have a traditional BIOS configuration utility or UEFI configuration utility.
Typically the traditional BIOS utility cannot be navigated with a mouse, and it will state at the top of the
screen that it is BIOS or UEFI.
up
4.
Note: Be sure not to make any changes to the system at this time.
D
Use the utility to gather information about your hardware.

a) Determine the CPU installed in your system.
b) Determine the amount and type of memory installed in your system.
ot
c) Verify that support for hardware virtualization is enabled.

d) Review any other information available about your system.
N
5. Exit the configuration utility. Unless you had to make a change to enable hardware virtualization
support, exit without saving any changes. If you did need to enable hardware virtualization support, be
sure to save your changes.
o
6. Shut down the system and power it off. Power off the monitor as well.
D
If desired, you can have

7. Open the system unit case. students install memory,
drives, and expansion
a) Disconnect the power cord from the system unit.
cards during this activity.
b) Disconnect peripherals
Guide students in
c) Remove the case screws and remove the panel to access internal components. locating various internal
components inside the
8. Locate server hardware inside the system unit. system case.

a) Locate the installed CPU.

b) Locate the RAM and determine how many memory modules are installed and whether they were
installed in pairs.
c) Locate the NIC and determine if it is on-board or on a separate expansion card.
d) Locate any other components identified by your instructor.
Note: You can leave the system unit open for now.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

TOPIC B
Server Power
The server hardware includes things such as the CPU, memory, expansions lots, network cards,
drives, and USB ports. Being able to identify these components in the server and their purpose will
enable you to plan the configuration of a server with the required components.
e
Servers have need for more power than a typical desktop computer. Some servers have redundant
ut
power supplies, so in case one fails, another is on stand-by to keep the server running. In this topic,
you will identify features of server power.
ib
When you work with servers, you need to be familiar with voltage, wattage, and power
consumption. Setting the correct voltage will keep your server safe from electrical perspective.
Knowing how much power your components use will help you make sure you have enough wattage
tr
from your power supply.
is
Power Supply
D
A power supply is an internal server component that converts line voltage AC power from an electrical Power Supply
outlet to low-voltage DC power for system components. It is a metal box at the rear of the If you have some
computer chassis and is attached to the system board. Though not a part of the system board, the uninstalled power
or
power supply component is required for system components to receive power. It contains a fan for
cooling because of the heat generated. Some power supply components have a voltage selector
switch to set the voltage configuration for the state used in different countries.
supplies, pass them
around to students. If
you have examples from
client systems, tower
servers, rack servers
e
Note:
and blade servers, allow
Another commonly used term for the power supply system is the power supply unit, or PSU.
at
students to identify
which type of system
each power supply
lic
would be for.
up
D
ot
N
Figure 1-8: A power supply converts AC power from an electrical outlet to DC power for system
components.
o
Power Supply Wire Color Conventions

System components cannot use the 120-volt or 240 power coming directly from the electrical outlet.
D
The power supply steps the voltages down to 3.3-, 5-, and 12-volt connections for system
components. Wires are color-coded according to their voltages. The following table shows the wire
color for each voltage connection.
Color or Component Voltage
Yellow wire +12
Lesson 1: Managing Server Hardware | Topic B

Color or Component Voltage

Blue wire -12
Red wire +5
White wire -5
Motor +/-12
Circuitry +/-5
e
Processor 3.3
ut
Voltage
ib
Voltage Voltage is the force of electricity caused by a difference in charge, or electrical potential, at two
Voltage is analogous to locations. This value, measured in volts, is also called the potential or potential difference. The
tr
water pressure. abbreviation for volts is officially an uppercase “V,” though a lowercase “v” is commonly used.
A PC power supply is the internal component that converts wall voltage (110 V or 220 V) to the
is
various DC voltages used by the computer’s other components. Power supplies have a fan to cool
their components and sometimes to help cool the other components inside the PC. Typically, a
D
power supply provides some conditioning functions and can maintain DC supplies during very brief
drops in and outages of supply voltage. Often, you can adjust the power supply to run on either 110
V or 220 V wall voltage. To make this adjustment, with the computer off, you slide a small switch to
PC.
or
the appropriate voltage. This switch is normally next to the electrical cord port on the back of the
Even some of the most powerful current CPUs only use 1.1-1.3 V. Necessary voltage for CPU and
RAM is usually detected by the motherboard (BIOS) and configured appropriately, but sometimes
e
you have to manually configure it by accessing the BIOS and entering the appropriate values. The
at
power supply will supply 3.3 V for the CPU, RAM, and other devices, but the motherboard
regulates how much they actually get.
Blade servers typically use 208 V or 230 V circuits and each server uses 5 or more kW. The
lic
minimum you should consider for each rack is 5kW, but 10-30 kW is quite common. Most systems
are auto-sensing as to the voltage needed. Auto-sensing allows the same equipment to be used
anywhere in the world, with voltages between 100V and 250V.
up
If you need to manually set the voltage, this might be done with a switch on the power supply or on
the motherboard. It might also be set through the BIOS. Refer to your system documentation for
how to set the voltage on your system if needed.
D
Note: Different countries use different voltages. In North America and Japan, wall voltage is
110. In Europe and Asia it is 220 volts.
ot
If you are using a backup generator, you might need a 48 Volt pure sine inverter. This is often
written as ~48. This helps performance without perceptible power loss.
N
Wattage
o
Wattage Power supplies are rated according to the number of watts of DC power they output. Modern power
supplies typically offer at least 300 watts, and often more, to power the PC and its internal
D
components. Older power supplies typically offered 200 watts or less. The power supply's rating
isn't necessarily an indicator of the amount of power that the unit draws from the outlet; a 350 W
power supply doesn't necessarily use more electricity than a 200 W model. Power supplies draw only
as much power as is needed to supply the internal components. If your system needs less than the
power supply’s full capability, the power supply draws enough electricity to power the PC, and no
more.

Power Consumption
Because server-class computers can be running multiple hard disks, as well as other internal Power Consumption
peripheral components, their power requirements can be quite substantial. In addition, the types of
applications that are running on a server machine can contribute to its power needs. Mission-critical
servers can require specially conditioned power to ensure that any fluctuations in the current do not
have an adverse affect on the server. Finally, the physical placement of a server can affect its power
needs. A departmental server that is housed in a cubicle or a small server closet will have different
power needs than one of several dozen servers housed in a larger data center.
e
The following table lists typical power requirements for common PC components. You can usually Consider doing an online
ut
find out an exact power requirement from technical specification documents posted on search for power supply
manufacturers’ websites. It’s often not possible, however, to separate memory and CPU power calculator and having
requirements from the motherboard’s. students use various
ib
calculators to enter the
Component Typical power requirement values for the classroom
machines to see if the
tr
Motherboard 30 W, not including the power for the CPU chip calculators come up with
and memory. This is for full power mode. the same results.
is
Sleeping states use less.
Memory Estimated to be approximately 30W per 2 GB.
D
It isn't possible to load memory independently
of the processor, so the measurement is
calculated based on the power used by a system
CPU chip or
with 2 GB of memory and then with 4 GB.
The amount of wattage used varies based on the
CPU used in the server, whether it is a single or
e
multi-core processor, and other factors. It can
vary from as low as 45 W to over 150 W. Refer
at
to the documentation for your system for more

accurate wattage use.
lic
Hard drive 5–15 W. Some manufacturers will print the

power requirement right on the drive.
Optical drive Newer CD or DVD drives can use as little as 5
up
W. Older optical drives may require 10–20 W.

Adapter card 5–30 W. For example, the high-end graphics
cards used by professional graphics software
D
developers and computer-aided designers will

require more power than a normal graphics
card.
ot
Calculating Power Needs

N
In order to calculate whether your power supply meets your power needs, you will need to add up
the maximum power you might use at one time. A range of maximum power consumption for
various components has been established. Most components use much less than the maximum. You
o
can check the documentation for the component to determine how much power it actually will use.
D
Redundant Power
Redundancy power is the ability of the power supply component to provide fault tolerance for the Redundant Power
system’s power and to prevent server shutdown due to a power supply failure. Redundancy power
supply actually contains two or more individual power units, each of which is capable of powering
the entire system. In case, there is a failure in one of the units, the other one will seamlessly supply
power to the server. You can also replace the impaired unit without shutting down the server. To

drive a load, the outputs of the two power supplies are transferred to an OR gate. In this way, power
supplies can either share the load or have one active and the other in standby. A Field Effect
Transistor (FET) ORing controller is a better practical solution because it eludes diode voltage drop,
power loss, and heat dissipation.
e
ut
ib
tr
is
D
or
Figure 1-9: Example of redundant power supplies.
e
1-Phase and 3-Phase Power
at
1-Phase and 3-Phase In North America, most residential and small-business AC electricity is provided as single-phase
Power service over three wires. Such a system uses three conductors to deliver an AC voltage on two
lic
conductors that vary in unison (though opposite in polarity), with the third conductor acting as a
ground connection.
Either 120 V electricity (between one hot conductor and ground) or 240 V electricity (between two
up
hot conductors) can be provided in a single service drop. Because of this arrangement, this common
service type is sometimes incorrectly called two-phase.
Single-phase electricity is suitable for lighting, for small motors, and when converted to DC, for
D
powering computers and office electronics. It is not efficient for high-power-need devices, such as
large motors. For those, power companies can provide three-phase electricity service.
ot
In a three-phase system, three conductors are used (sometimes a fourth is included to provide a ground
connection). Each of the three conductors is hot, providing an AC voltage. The peak of the AC
signal in one conductor is delayed by 1/3 of a cycle from the next conductor, which is delayed by
N
1/3 of a cycle from the next conductor. This delay between signal peaks provides for a constant
transfer of power over the entire cycle. Three-phase devices use different plugs and sockets to
prevent you from accidentally plugging in a single-phase device.
o
The deployment of three-phase power to servers is due to the increased power requirements of
high-density servers, particularly blade servers. These high-density servers use various processors.
D
There are several facts that contribute to the demand for three-phase power in server cabinets. They
include:
• The standard server equipment is designed with universal power supplies that draw a wide range
of input power and most commonly can support 208 V/230 V power. 208 V power is more
efficient than 120 V power.

• The amount of power that a three-phase power can deliver, whether it is 20, 30 or 60 Amp. It is
almost twice the power or (1.73 times) more than a single phase.
• Three-phase power provides power redundancy.
Plug Types
The standard household plug found in North America is referred to as an Edison plug. The plug has Plug Types
two blades and can also have a grounding pin. A 15 amp plug has two parallel blades. The blades
e
can be the same size or the neutral blade can be larger than the hot blade. A 20 amp plug has one
blade perpendicular to the second blade. This is also known as a NEMA 5-15P plug.
ut
NEMA plugs (National Electrical Manufacturers Association) defines specifications for power cords
and plugs used in North America and some other regions. NEMA devices can either have straight
ib
blades or twist lock connections. The plugs on consumer and household electronics such as monitors,
printers, and desktop computers use a straight blade plug and receptacle. Heavy duty industrial
electronics where it is important that the plug doesn't easily come out of the receptacle use a twist
tr
lock plug.
NEMA connects are defined using NEMA codes. These are composed of a number followed by a
is
dash, another number, and a letter. The first number specifies the plug configuration. The second
number specifies the amp rating of the device. The letter indicates whether it is a plug (P), a
D
receptacle (R), or uses twist lock (L).
or
e
at
lic
up
D
ot
N
Figure 1-10: Examples of plug types.

o
Note: NEMA code tables can be found online that describe the specifications for all of the
D
NEMA plug types.

ACTIVITY 1-2
Identifying Server Power Sources
Scenario
e
You want to become more familiar with the power sources you will use for your server. You will
ut
locate the power supply within the system unit, the plug that will connect the computer to a power
source, and identify any other power sources used in your system.
ib
1. Determine the voltage at which your computer will work.
a) Locate the power supply in your computer.
tr
b) On the outside of the power supply case, outside the system unit, determine if there is a switch to
select the appropriate voltage for your location.
is
c) Verify that the switch is in the appropriate position for your location.
2. Examine the power supply labels to determine the wattage of the power supply.
D
Consider having half of 3. Determine whether your power supply will have enough capacity for all of the devices in your computer.
the class use the table
from the book and the
others use actual values
from system
components. Share the
or
a) Create a list of all of the components in your system.
b) Using the table provided in this topic or the values from your system components, determine how
much power each component will require.
You can use an online power consumption calculator such as the HP Power Advisor or another tool
e
to help you with your calculations.
results and have
c) Share your results with the class.
students compare
at
results. d) If the power supply will not supply enough power, replace the power supply with one that has the
appropriate capacity.
lic
up
D
ot
N
o
D

TOPIC C
Server Cooling
The server hardware includes things such as the CPU, memory, expansions lots, network cards,
drives, and USB ports. Being able to identify these server components and their purpose will enable
you to plan the configuration of a server with the required components.
e
Server cooling is one of the most important aspects of server maintenance. Making sure that cool air
ut
is available to keep server components from overheating and failing must be considered when
setting up physical servers. In this topic, you will examine the various server cooling methods you
can use.
ib
If your servers all are housed in a server room, you need to make sure that airflow from one server
does not go directly into another server. In this topic, you will examine ways to keep this from
tr
happening.
is
Cooling Systems
D
A cooling system is a system unit component that prevents damage to computer parts by dissipating Cooling Systems
the heat generated inside a computer chassis. The cooling system can consist of one or more fans
and other components such as heat sinks or liquid coolants that service the entire computer as well
as individual components such as the power supply and CPU.
Computer systems contain several components that require cooling:
• The server case
or
e
• The CPU
• The power supply
at
• Some adapter cards

• Some hard disk drives
lic
up
D
ot
N
o
D
Figure 1-11: Examples of cooling systems.
Lesson 1: Managing Server Hardware | Topic C

Airflow
Airflow There are a number of ways airflow is accomplished in a server.
Airflow component Description

Fans Computer fans provide cooling by simply blowing regular air across heated
components. It is common to see case fans, power supply fans, adapter
card fans, and CPU fans.
e
Ducts Normally, a CPU cooler cycles warm air from inside the case though the
ut
CPU cooler’s fins. A CPU air duct draws cooler air from outside the case
directly onto the CPU cooler, making it more efficient.
Redundant cooling It is accomplished by appending extra Air Moving Devices (AMDs), either
ib
fans or blowers, so that if one AMD fails, adequate cooling is supplied by
the remaining AMDs. Providing redundant cooling by exploiting more
tr
AMDs than is needed for a nonredundant case has several disadvantages.
They include the:
is
• Cost of extra AMDs.
• Cost of supplying extra power capacity to drive the extra AMDs.
D
• Need for extra space to accommodate the extra AMDs. This is a serious
concern because the room occupied by fans cannot be used for
electronics. Due to these drawbacks redundant cooling is implemented
Point out that active

cooling is more likely to
be used in servers than
Active/Passive
cooling
or
only in servers.
Active generally means that there is a power source, such as a cooling fan.
Passive generally means that it does not use a power source, such as a heat
sink and cooling fins that are used to cool the rising air.
e
is passive cooling.
Vents Computer cases are designed with vents to facilitate airflow through the
at
case and across all components. A common implementation is to include

air vents near the bottom of the front of the case and to place a fan near
lic
the top of the rear of the case to pull cooler air through the system.
Dead Spots
up
Dead spots are particular areas of the server chassis that are deprived of air flow. By altering new
components, the favored airflow through the chassis is disturbed and the air may stop flowing in
particular areas of the chassis, thereby, causing dead spots.
D
Thermal Dissipation
ot
Thermal Dissipation In addition to providing airflow within your computer case, thermal dissipation is used to draw heat
away from components. There are several items used to accomplish thermal dissipation including
heat sinks, thermal compound, and liquid cooling.
N
Heat Sinks
o
Heat Sinks A heat sink is a device attached to a processor that addresses the problem of overheating processors.
D
It has metal fins to increase its surface area to aid in heat dissipation. Cool air is blown past it by a
fan, removing the heat from the processor.

e
ut
ib
tr
is
Figure 1-12: Example of heat sinks.
D
Thermal Compound
or
Thermal compounds are used to connect a heat sink to a CPU. At the microscopic level, when two
solids touch, there are actually air gaps between them that act as insulation; the liquid thermally
conductive compound gel fills these gaps to permit a more efficient transference of heat from the
Thermal Compound
Time permitting, show
students how to apply
e
processor to the heat sink. thermal compound to
connect a heatsink to a
at
CPU.
Liquid Cooling
lic
CPUs can be kept cool using a device to circulate a liquid or liquefied gas, such as water or freon, Liquid Cooling
past the CPU. Like an air conditioner, heat from the CPU is absorbed by the cooler liquid, and then
the heated liquid is circulated away from the CPU so it can disperse the heat into the air outside the
up
computer. Liquid cooling systems are not as prevalent as heat sinks in most server systems or low-
end servers.
D
Baffles and Shrouds

A shroud is a device that serves as a standoff between the fans and the heat source. Generally, fans Baffles and Shrouds
ot
produce a dead spot in the center of their surface, so a shroud is needed to produce even airflow
across the fins to maximize efficiency.
Baffles are used to direct the airflow around server equipment and improve the airflow. Some baffles
N
are internal to the server case. Other baffles are used in a data center environment to direct airflow
between aisles in a server room to move cold air into the system and warm air out.
o
D

e
ut
ib
tr
is
D
Figure 1-13: Example of a shroud.
Fans or
e
Fans Fans are an important part of the server cooling system. Fans can be found on the power supply, in
the heat sink over the CPU, on video cards, in the case, and sometimes additional fans are placed on
at
other components.
Although it might seem to be a good idea to remove the chassis cover to provide additional cooling,
lic
it is not recommended. Most server cases have been designed to provide an airflow path, with fans
positioned to keep the air moving and blow hot air away from heat-sensitive components. The
server case must be closed for this airflow path to work properly. If the case cover is removed, the
fans will be less efficient, blowing air around at random.
up
D
ot
N
o
D
Figure 1-14: Examples of fans.

ACTIVITY 1-3
Identifying Server Cooling Methods
Before You Begin
e
Your server case is open so you can view the internal components.
ut
Scenario
As you continue to examine the internal components of your server, you will next locate all of the
ib
cooling methods employed in your system.
tr
1. Locate the fans in your server.
Fans will typically be found in the power supply, on the CPU heat sink, and on the video card. There
is
might be additional fans in your system.
D
2. Locate any baffles and shrouds used in your server.
Baffles and shrouds can be found in areas where the manufacturer is trying to direct airflow within the
case.
3. Determine whether your server uses a liquid cooling system.

or
A liquid cooling system usually looks like a series of copper tubing placed above or beside a
component.
e
4. Determine whether any other cooling methods are used in your server. Assist students in
at
locating the various

cooling methods used in
their servers. If you have
lic
examples of other
cooling methods, such
as those found in a data
up
center server room,

consider a short field trip
to show these to
students.
D
ot
N
o
D

TOPIC D
Asset Management
Servers and network components are expensive assets. Organizations need to accurately track the
location and use of servers and network components. In this topic, you will examine features of
asset management.
e
Asset management includes labeling components, tracking warranty and life cycle, and maintaining
ut
an inventory database. Knowing what components you have and how they are being used can
maximize the budget dollars you have available.
ib
Asset Management
tr
Asset Management IT Asset Management (ITAM) is a method used by organizations in support of life cycle management
of hardware and software. The inventory, contracts, and financial aspects of the hardware and
is
software is tracked, usually in an asset management database. Tracking this information can help
when it comes to making decisions regarding purchasing or re purposing hardware and software.
This all helps the organization avoid making unneeded purchase as well as help find a new use for
D
equipment that is not currently being used. For example, a server that was being used for a mission-
critical database might no longer be powerful enough for that purpose, but it could be just fine for a
backup server, for testing, or for some other purpose.
or
Hardware and software asset management follows the asset from its initial acquisition to its final
disposal. Tracking the financial information regarding the asset life cycle is essential to making
sound business decisions on procuring, deploying, and management of the assets.
e
Note:
at
The ISO 19770 IT Asset Management protocols include provisions for best practices,
information about the software deployed on a specific device, software license data, and a
lic
standard for resource usage data.
Labeling
up
Labeling Labeling assets with unique IDs can help you track or locate items. The labels can be simple
numbered tags affixed to equipment, bar coded tags that can be read with a bar code reader, or
Radio Frequency ID (RFID) tags that can be read using a radio transmitter/receiver device. The
D
type of label all depends on how much you want to pay to track your assets. While a simple
numbered tag might be inexpensive, you will need to manually enter the asset tag in your asset
management tracking database. A bar coded or RFID tag can be read using a scanner to enter the
ot
tag data.
N
o
D
Lesson 1: Managing Server Hardware | Topic D

e
ut
ib
tr
is
D
or
e
Figure 1-15: Examples of bar code and RFID asset tags.
at
Labels should be tamper proof. Tamper proof labels typically cannot be pulled off from equipment If you have examples of
in a complete piece; parts of the tag remain affixed to the asset. Tags are also available that leave the various types of labels,
word Void or a patterned background when the ID tag is removed. share them with
lic
students.
RFID
An RFID tag contains a microchip and an antenna. An RFID scanner or reader is used to send and
up
receive radio signals from the tag.
Warranty
D
One of the pieces of information that is important to track in your asset management database is Warranty
warranty information for each piece of equipment. If you know that an item is still under warranty,
ot
when a problem arises, you can use the warranty to cover the replacement or repair of the
equipment. Likewise, if a piece of equipment is out of warranty, you can decide whether it is time to
consider replacing it with a newer device which will have a warranty.
N
Life Cycle Management

o
IT asset life cycle management (ITALM) is an important part of asset management. Using the Life Cycle Management
D
information about where in the life cycle your asset is will help you make decisions about your IT
products and services. You will have information about whether the asset is near the start or end of
its life cycle and use this information to make good business decisions. For example, if the device is
near the end of its life cycle, you can budget for its replacement. If that same device is starting to
fail, you can make an informed decision on whether to spend resources getting it working again.
Figure 1-16: Life Cycle Management.

e
ut
ib
tr
is
D
or
e
at
lic
Note: Generally, most organizations plan on replacing their servers every three to five years.
up
Inventory
D
Inventory Asset management software can be used to automatically scan for devices on the network and add
them to an inventory database. You can then add additional information including purchase date,
ot
warranty data, service records, and other information about the devices. You can also manually add
devices to the database.
N
Having an inventory database gives you information you can use to not only track what devices you
currently have, it can be used to justify the purchase of updates or additional devices. Helpdesk
applications can be integrated with the inventory database to provide a one-stop location for more
o
information about the devices.

D
Guidelines For Asset Management

Guidelines for Asset You can manage your assets manually, but usually, especially in a large organization, you will use an
Management asset management database.
To ensure that your asset management program is used to its full potential, use it:
• To document inventory of devices and software that have been procured by the organization.

• To document the location of equipment (switches, routers, servers, and so on) including
building, floor, section, room, or other location details.
• Ensure compliance with software licensing requirements.
• Justify the purchase or re-deployment of assets.
• For support in decision making processes.
• To determine when assets need to be sent for proper disposal.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 1-4
Managing Server and Network Assets
Scenario
e
You just completed a manual inventory of all computing equipment in the Accounting department.
ut
Before you do the inventory on any other departments, you talk to your manager about the benefits
of using asset management software to complete the inventory in the rest of the company. He has
several questions about why the company should spend money on this software. You have prepared
ib
an outline of the main reasons for using the software and are now filling in the details.
Here is the outline you have:
tr
• Labeling
• Warranty
is
• Inventory
• Life Cycle Management
D
If time permits, 1.
What role does labeling play in asset management and why would asset management software be
demonstrate the use of
asset management
software such as
Spiceworks from
spiceworks.com.
beneficial in supporting labeling?
or
A: Labels can help you track and locate equipment. Using bar code or RFID tags can make inventory
and asset management faster and more accurate than manually reading a printed tag.
e
2. What role does the warranty on equipment play in asset management and why would asset
at
management software be beneficial in supporting warranties?

A: By tracking the warranty dates for equipment in the asset management database, you can know
whether the equipment is still under warranty. This can help you make decisions on whether to
lic
repair, replace, or budget for updated equipment.
3. What role does inventory play in asset management and why would asset management software be
beneficial in supporting inventory?
up
A: Knowing what equipment the organization already owns or leases is important in deciding whether
additional equipment needs to be procured or whether there is equipment in storage that could be
used.
D
4. How does asset management software support life cycle management?

A: Having all of the information from initial procurement of the asset, use, maintenance, and support,
ot
you can make sound business decisions on whether to continue using and maintaining the asset
or beginning to budget for asset replacement and disposal.
N
o
D

Summary
In this module, you identified and managed server hardware. You examined server components,
power, and cooling methods. Being familiar with these components of the server environment will
help you make sound choices when managing your server assets.
Encourage students to
Do your current servers meet your organization's needs? Do you need to upgrade the hardware, power, or use the social
cooling methods? Explain why you might update or replace the components.
e
networking tools
A: Answers will vary. If the component is still under warranty or is under your organization's age limit for provided on the
ut
replacement, you might consider updating and upgrading components. If the component is at or near LogicalCHOICE Home
screen to follow up with
the end of the component's life cycle, you should consider budgeting for its replacement.
their peers after the
ib
Do you use asset management software? If so, what application do you use? What components are course is completed for
integrated into the software? Is your asset management software adequate for your needs? What would further discussion and
resources to support
you add or change?
tr
continued learning.
A: Answers will vary. Most asset management software integrates features such as inventory, warranty
management, help desk service for the component, and life cycle management features.
is
Note: Check your LogicalCHOICE Course screen for opportunities to interact with your
D
classmates, peers, and the larger LogicalCHOICE online community about the topics covered in
this course or other topics you are interested in. From the Course screen you can also access
available resources for a more continuous learning experience.
or
e
at
lic
up
D
ot
N
o
D
Lesson 1: Managing Server Hardware |

D
o
N
ot
D
up
lic
at
e
or
D
is
tr
ib
ut
e
2 Installing a Server
e
Lesson Time: 3 hours, 30 minutes
ut
ib
tr
Lesson Objectives
is
In this lesson, you will set up a server and a workstation. You will:
D
• Determine the network and server types, number of sites, and operating systems to
install.
• Set up the server hardware. or

• Prepare hardware for server installation.
• Install an operating system on prepared server hardware.

e
at
Lesson Introduction
lic
So far in this course, you've identified computer hardware used for servers. Now it's time to
put them together and configure a computing device. In this lesson, you will set up a server
and a workstation.
up
Setting up a basic server, whether it’s a rack-mount or a tower, is a fundamental skill that
you will perform many times in your career as a server administrator. There are many
variables you will need to master, such as connecting hardware components and, installing
and configuring operating systems, in order to ensure that you are meeting the needs of
D
your users.
ot
N
o
D
TOPIC A
Prepare an Installation Plan
In this lesson, you will set up a server. To start, you should prepare an installation plan.
Evaluating the various types of networks, server form factors, and available operating systems will
e
be an important part of making sure the servers you deploy best meet the needs of your users. The
number of sites where your servers are deployed can also have an impact on which servers you
ut
should create.
ib
Network Types
Network Types Networks come in a wide variety of configurations and types. You might have a small network
tr
On the overhead slide, composed of only client computers as a peer-to-peer network. Or, you might have a client-server network in
point out that there are which client computers access one or more computers on which a network operating system is
is
three LANS, connected installed.
to a WAN (which could
be a GAN), and you
D
could have CANs or
MANs if the LANs cover
a campus or city.
or
e
at
lic
up
Figure 2-1: Devices connected to form a LAN.

D
The area the network covers also varies greatly. It might be a small test network or a network within
a single department. Any network contained within a single building is referred to as a Local Area
ot
Network (LAN). If you have several buildings all sharing the same network, this is usually referred to
as a Campus Area Network (CAN). In some cities, a network is made available to anyone within the
city. This is a Metropolitan Area Network (MAN). If your network spans multiple cities, states, or
N
countries, it is referred to as a Wide Area Network (WAN) or Global Area Network (GAN).
o
D
Lesson 2: Installing a Server | Topic A

e
ut
ib
tr
is
D
Figure 2-2: A WAN composed of several LANs.
or
Another variation you will find between networks is whether each server is installed on a separate
physical computer or whether it is installed in a virtual environment. A virtual server provides
e
excellent use of resources and provides a secure environment in which the operating system runs.
at
Note: You will examine virtual servers later in this lesson.

lic
Server Form Factors

up
The form factor of a server specifies the physical dimensions and shape of the server hardware or its Server Form Factors
major components. Servers come in multiple form factors to meet varying needs, such as physical
space, access, availability, organization, and cooling and power requirements.
D
ot
N
o
D

e
ut
ib
tr
Figure 2-3: Examples of the various server form factors.
is
Form Factor Description
D
Tower A tower server looks like a traditional desktop
tower PC but includes more opportunities for
or the expansion of processing capabilities. Tower

servers take up more physical space than newer
form factors, but they often provide the best
value for smaller companies and departmental
e
networks.
at
Rackmount A rackmount server provides sliding rails and

hinged cases for easy access, and many
components such as hard drives, power
lic
supplies, expansion cards, and fans are usually

hotswappable, enabling you to replace faulty
parts without shutting down the server.
up
Rackmount servers hold more devices than

tower servers, use less physical space, and
provide better organization, but they cost more
than their tower counterparts.
D
Blade A blade server consists of a chassis that contains

one or more server blades. A server blade
ot
consists of a single circuit board holding

components such as processors, memory, and
network connections that are usually found on
N
multiple boards. Server blades are stacked side-

by-side and interconnected in a blade server
chassis. The chassis supplies power and cooling
o
to the connected blades.

D
Tower Servers
Tower Servers Tower servers are typically found on smaller networks where there is only one server or a few,
typically under 10, servers. These servers are relatively easy to set up and can be located anywhere,
not requiring a dedicated room.

Components tend not to be as densely packed in tower servers, thus making it easier to cool the
system as compared to rack or blade servers. You can add more servers relatively easily when using
towers since there is no limit imposed by a rack or blade enclosure.
On the down side, tower servers take up a lot of space compared to rack or blade servers. They can
also be noisy because of all of the fans in each tower. In addition, if the servers are housed together,
the space can become a tangled mass of network and peripheral cables.
Rack Mount Servers
e
A computer rack is a standardized mounting unit for computing devices, such as servers, routers, Rack Mount Servers
ut
internetworking devices, fans, and so forth. Standard racks, as defined by the EIA-310 specification,
are 19 inches wide (23-inch wide racks are used in some telecommunications applications). This
measurement is made from the outsides of the two mounting rails, which are 0.625 inches wide
ib
each. This makes for a 17.75-inch separation between rails, and 18.3 inches between the centers of
the mounting holes.
tr
is
D
or
e
at
lic
Figure 2-4: Example of a rack mount server.

up
The depth of racks varies. Commonly, the distance between the front and back sets of rails is either
31.5 or 39.4 inches. (Some racks don’t provide back rails and are described as two-rail racks.) The
overall outside dimensions of a rack are larger and vary by manufacturer and style. The extra width
or depth provides space for air flow (for cooling) and for chases for running wires and cables. A
D
column of electrical outlets is typically mounted along the inside of the back of the rack.
As shown in the following Figure, mounting holes are provided in groups of three, spaced 0.625
inches on center, with a space of 0.5 inches between groups. This arrangement leads to standard
ot
rack units, which are measures of vertical height. One rack unit (1U) is 1.75 inches, which is the
distance between three-hole groups. The common U sizes are shown in the following diagram.
N
o
D

Rack Mount Server

Units
e
ut
ib
tr
is
D
or
e
at
lic
up
Figure 2-5: Server-rack rail dimensions and their correspondence to U size.
Server manufacturers normally design their servers to occupy whole-number U spaces. Thus, you
D
will see devices described as 1U, 2U, and so forth. Rarely, you will encounter devices that occupy a
fractional size, such as 1.5U. Most servers are 1U or 2U.
The rack unit includes built-in cable and power management features. This helps clean up the tangle
ot
of cables and wires found when using tower servers. However, you will still have a lot of cables and
wires to manage. Multiple servers, switches, routers, and other networking components can be
mounted in the rack. Larger 3U or 4U rack servers usually have plenty space for expansion of
N
internal components such as additional network cards or drives. Most rack servers include multiple
processors and lots of RAM.
o
There is a lot of heat generated by the components in a rack system. If you have multiple racks, be
sure to create hot and cold aisles for the racks. The row with the fronts of the racks is the cold aisles
D
and the rear is the hot aisle. Be sure the hot aisle aligns with air conditioning return duct work. You
can also create containment systems in which the hot aisle is physically separated from the cold aisle.
Note: One way to minimize the number of cables is instead of using a KVM switch, to use a
keyboard, monitor, and mouse on a portable cart which are only connected to a server when
needed.

Blade Technology
While the transition from tower servers to rackmount was strictly a difference in form factor, blade Blade Technology
servers offer unique advantages in server management and availability. In addition, blade servers
provide even more physical space savings than rackmount servers, are easier to install and remove,
and consume less power than traditional box-based servers. Although there has been significant
growth in the sales of blade server systems, a factor that has held the market in check is a lack of
standards for blade formats. Every vendor has their own proprietary format, so customers need to
be very careful when committing to a blade server solution.
e
ut
ib
tr
is
Figure 2-6: Example of blade servers.
Blade servers use less cabling than tower or rack servers. This helps keep the server room more
D
organized and less cluttered. The components in a blade server are very compact which makes
cooling them challenging. Like with rack mount servers, creating hot and cold aisles can help.
or
Blade servers are connected to a backplane. The backplane in the blade enclosure enables modules
containing all of the components of the server: processor, memory, storage, and input/output. The
blades share a common chassis and perform the same types of tasks that multiple separate servers
can perform.
e
Some blade servers use a mid-plane design in which there are slots on both sides of the circuit
at
board, typically with one side holding the blade server modules and the other side containing power,
networking, and other service modules.
The blade enclosure provides a single power source for all of the blade servers within the enclosure.
lic
The power supply unit might be located within the enclosure or it might exist as a separate power
supply unit outside the enclosure. External power supply units might provide power to multiple
blade enclosures. A blade mounted UPS might be used within the enclosure or an external UPS
up
might be used in case of a power failure.

In addition to blade servers, other blade components you might encounter are blade network
modules and blade switches.
D
A blade management module is used to manage operation of the modules within the blade
enclosure. This can be done through a KVM switch or from a remote web connection. Among the
features that can be managed through the management module are remote control of blade servers,
ot
and management of power supplies, cooling mechanisms, and network switches.

N
Number of Sites
If you just have a single site, you are most likely to use a tower server, but if you need multiple Number of Sites
o
servers for multiple purposes, you might use any of the server form factors. If your network is large Sites here refers to
and covers hundreds or thousands of users, you are more likely to use rack or blade server physical locations and
D
technologies rather than tower servers. not to hot, warm, or cold

sites.
Tower servers might also be used for satellite or branch office locations.

Operating Systems
Operating Systems An operating system (OS) is a software package that enables a computer to function. It performs basic
tasks, such as recognizing the input from a keyboard, sending the output to a display screen or
monitor, and controlling peripheral devices such as disk drives and printers. It creates a user-friendly
environment that enables users to use a computer efficiently without having to know the underlying
technologies. Depending upon the version and manufacturer, the features of the user interface and
functionality vary. Examples of network operating systems include the Windows Server family of
operating systems, UNIX, and Linux distributions.
e
ut
ib
tr
is
D
Figure 2-7: Client and network operating systems.
You may want to show

LearnTO Select a Server
Operating System from
the LogicalCHOICE
or
A client operating system is an operating system end-users use to access network resources. Typically
client operating systems are Windows, Macintosh, Chrome OS, or Linux systems. Most of these
systems can function on their own without connecting to a network. Some smart phone operating
systems can also be considered client operating systems; these devices connect to cellular or wireless
e
Course screen or have networks and can use server services.
students navigate out to
at
the Course screen and A Network Operating System (NOS) is an operating system that controls the functioning of various
watch it themselves as a network components by implementing necessary protocol stacks and device drivers appropriate for
supplement to your the hardware. This aspect of the NOS differentiates it from a standalone operating system, which is
lic
instruction. If not, please designed for individual computers. Though a NOS is designed for servers, it can also be redesigned
remind students to visit to service client computers for certain applications. Therefore, the distinction between a NOS and a
the LearnTOs for this standalone operating system is not always obvious. A NOS provides features such as printer sharing,
course on their
up
LogicalCHOICE Course
file sharing, database sharing, application sharing, network security, data backup and replication
screen after class for services, and remote access services. It also offers a high degree of fault tolerance compared to a
supplemental standalone operating system.
information and
D
additional resources. Note: For additional information, check out the LearnTO Select a Server Operating System
presentation in the LearnTOs for this course on your LogicalCHOICE Course screen.
ot
UNIX
N
UNIX UNIX® is a trademark for a family of operating systems originally developed at Bell Laboratories
beginning in the late 1960s. All UNIX systems share a kernel/shell architecture, with the kernel
providing the core functionality and the interchangeable shells providing the user interface. Unlike
o
many operating systems, UNIX is portable to different hardware platforms; versions of UNIX can
run on everything from personal computers to mainframes and on many types of computer
D
processors. UNIX also incorporates built-in multitasking, multi-user support, networking functions,
and a robust platform for software development.
Many different companies and organizations have licensed the UNIX name and technology and
marketed their own UNIX versions, leading to a proliferation of different UNIX families, system
names, and interfaces. Different hardware manufacturers tend to favor particular versions, or

"flavors," of UNIX. The following table lists some of the most important UNIX categories you will
encounter.
Ask students if they
UNIX Version Description have used UNIX and if
so which versions they
Berkeley Software Distribution (BSD) UNIX Any of a group of UNIX versions that followed have used.
the innovations incorporated into UNIX at the
University of California at Berkeley. Darwin is a
newer version of BSD.
e
System V Release 4 (SVR4) UNIX The standard for UNIX systems that follow the
ut
AT&T development architecture. It was issued
to unify standards and features in competing
versions of UNIX, including BSD UNIX, and it
ib
is the foundation for most current UNIX-based
systems.
tr
Portable Operating System for Computer A set of Institute of Electrical and Electronic
Environments (POSIX) Engineers (IEEE) standards for portability of
is
applications from one UNIX environment to
another. A POSIX-compliant application should
run identically on any POSIX-compliant
D
platform.
Single UNIX Specification (SUS) A set of specifications issued by The Open
Advanced Interactive eXecutive (AIX)

the name UNIX. or
Group (www.opengroup.org), setting software
standards for operating systems that qualify for
Launched by IBM® and used on their

e
mainframe computers. AIX is closed-source,
at
proprietary UNIX that uses the Common

Desktop Environment (CDE) as its GUI. Based
on UNIX System V.
lic
Sun Solaris/Oracle Solaris A scalable OS developed by Sun Microsystems

with native support for Sun’s own Java®
Desktop Environment (though other desktop
up
environments work as well), as well as their

StarOffice™ productivity suite. Solaris™ has
been closed source for much of its history, but
D
moved more toward open source in recent years.

When Sun Microsystems was acquired by
Oracle® Corporation, the name was changed to
ot
Oracle Solaris and the open-source effort was

discontinued.
HP-UX A flavor of UNIX developed by Hewlett-
N
Packard. Like AIX, HP-UX is also based on

UNIX System V. HP-UX is distributed in
Operating Environments (OEs), which are pre-
o
packaged collections of software that ship with

D
the OS.
Linux
Linux is a UNIX-like operating system originally developed by Linus Torvalds, starting in 1991 Linux
while he was a student at the University of Helsinki. Like all operating systems, Linux enables the

most basic common system operations, such as file management, user account management, and so
forth. It provides a means for users to interact with their computer’s hardware and software.
Linux is perhaps most notable because it is free and open source. Programmers have made versions
of Linux available for nearly every computer hardware platform in current use. Linux is available for:
• Network servers and enterprise-class computing environments.
• Desktop and end-user computers.
• Non-computer devices such as cell phones, automobile control systems, network routers, and
alarm system controllers.
e
Ask students if they Linus Torvalds wrote the original Linux kernel. The kernel is the software component that provides
ut
have used Linux and if the core set of operating system functions. These include features for managing system hardware
so which distributions
they have used. Point
and for communicating between software and hardware.
ib
out that the table in this The Linux kernel is the base on which various versions, or distributions, are built. Each Linux
topic includes only the distribution (often abbreviated as distro) bundles a specific set of features, software components,
most popular and a design philosophy that targets a particular use or market segment. The following table
tr
distributions and that describes some of the distributions in common use as of this writing.
others are available.
is
Distribution Description
Ubuntu Ubuntu is a community-developed distribution coordinated by
D
Canonical, Ltd. It is currently one of the most popular end-user versions
of Linux. Ease-of-use and multi-language support are two key goals of
Ubuntu’s developers. Linux Mint (http://linuxmint.com/) is a
Red Hat Enterprise or

popular variant of Ubuntu.
Red Hat, Inc., creates the Red Hat Enterprise Linux distribution in
versions for servers and desktops. Red Hat also provides middleware
e
software components and consulting, support, and education services.
Red Hat is one of the largest Linux distributions in the business
at
marketplace.
Fedora Fedora is Red Hat’s end-user Linux distribution. Red Hat engineers
lic
participate, but Fedora development is community driven.

SUSE and openSUSE SUSE started out as a German company in 1992 and was purchased by
Novell in 2004. In 2014 it became part of Micro Focus International.
up
SUSE is released in two major versions: SUSE Linux Enterprise

Desktop (SLED) and SUSE Linux Enterprise Server (SLES). They are
built atop the open-source openSUSE core. Novell adds
interoperability, virtualization, and enterprise service features for its
D
commercial distributions.
Debian GNU/Linux Debian is a community-developed distribution managed by The Debian
ot
Project. Debian is regarded as highly customizable and powerful.

Generally, Debian would be described as an intermediate user’s version
of Linux: slightly harder to use and more customizable than some
N
versions, but less feature rich than others.

Slackware Slackware Linux is one of the oldest distributions that is still undergoing
o
active development. It is a popular, highly technical distribution aimed

at experienced Linux power users.
D
Kali Kali Linux is a derivative of Debian Linux. It is designed for use in

penetration testing and digital forensics. It contains an extensive set of
security and forensics tools.

Windows Server
The Windows Server family of products from Microsoft are very popular network operating systems. Windows Server
Windows Server 2012 is the most recent version of the NOS. Previous versions included Windows Windows Server 2003 is
Server 2008 and Windows Server 2003 (Server 2003 is no longer supported). Updates to the NOS no longer supported.
are issued and when a large group of updates is available, they are released as a Release n version of
the NOS. For example, Windows Server 2012 R2 is the updated version of Server 2012.
Typically, Windows Server 2012 R2 is installed so that it can be administered through a graphical Point out that you can
user interface (GUI). However, it can also be installed without the GUI in what is known as a Server bounce back and forth
e
Core installation. The Server Core installation not only takes up less disk space than the GUI between using the GUI
ut
installation, it provides an installation requiring less servicing and a smaller attack surface should and Core installation. It
your network be attacked. is faster and easier to
install the GUI version,
then remove the GUI
ib
Note: You can install the GUI version, then remove the GUI when you don't need it, leaving
you with the Server Core installation. You can remotely administer the Server Core server or add and add it back in when
needed than to install
the GUI back on when you need it.
the Core edition and add
tr
There are multiple editions of the Windows Server operating system. The Windows Server 2012 the GUI when needed.
editions vary based on the features they support.
is
Edition Description Features Supported
D
Windows Server 2012 Designed for highly virtualized private Full Windows Server
R2 Datacenter and hybrid cloud network functionality and licensing for
Windows Server 2012

environments. Microsoft designed this
edition of Windows Server 2012 to
meet the needs of large organizations. or
unlimited virtual machine
instances.
Designed for physical environments or Full Windows Server

e
R2 Standard environments where virtualization is functionality and licensing for
at
minimal. Microsoft designed the two virtual machine instances.

Standard edition to support
organizations that need only minimal
lic
server virtualization.
Windows Server 2012 Designed for small organizations that Streamlined interface,
R2 Essentials have up to 25 users and 50 network configured to connect to cloud
up
devices. Microsoft designed the services, and no virtualization

Essentials edition for small support.
organizations with 25 or fewer users.
D
Windows Server 2012 Designed for very small organizations General-purpose server
R2 Foundation that have up to 15 users. As with the functionality and no
Essentials edition, Microsoft designed virtualization support.
ot
the Foundation edition for small

organizations.
N
Guidelines for Preparing a Server Installation Plan

o
You should map out an installation plan before you begin installing servers. Templates for network Guidelines for Preparing
installation plans can be downloaded from the Internet, or you can create your own plan. In either a Server Installation
D
case, there are some minimal items you should include in your installation plan. These include: Plan
The five nines of up-time
• Determining the network scope, such as single site, campus-wide, or wide-area-network.
refers to keeping the
• Determining the form factor for network servers. servers up and available
• Determining how many sites the network will cover. 99.999% of the time.
• Determining which operating system or operating systems you will install.
• Determining how many users will be supported by each server.

• Determining which services will be installed on which servers. Also, will your organization
provide services such as DNS, DHCP, and mail, or will these be provided by a third party or
your ISP.
• Determining how you will implement redundancy so that users have access to data and services
99.999% of the time.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 2-1
Preparing an Installation Plan
Scenario
e
You are working with the IT manager to plan the network at the new satellite office. To make sure
ut
that nothing is missed, you begin creating an installation plan for the new office. This will be a small
office with about 25 employees. The main office currently uses Microsoft Windows Server 2012 R2
for most of their servers, but use Linux servers for some services.
ib
The new location was previously retail space, but they did have a small area where they kept the in-
store server that connected to the catalog kiosks on the sales floor and to the point-of-sale registers.
There is already a connection from this room to the local high-speed Internet provider that
tr
Develetech uses.
is
1. Using the following table, fill in the information you think would be appropriate for the new satellite Server Installation Plan
D
office. There are no right or
wrong answers for this
Item Reason for selection activity. This is just to
Network type
Server form factor

or get students thinking
about the factors they
need to begin
considering for network
e
planning and installation.
Operating
System(s)
at
Services to install
lic
2. Consider whether your answers would change if the site expanded to 50 or to 100 users. Encourage students to
share their reasons with
up
the class. Expand the

discussion with other
questions such as how
many users and what
D
server density they will

support, form factor vs
server density, and any
other planning
ot
considerations you feel

are important to the
audience.
N
o
D

TOPIC B
Prepare the Server Hardware
In order to install your operating system, you need to first make sure that your hardware meets the
minimum, or even better, the recommended hardware requirements of the operating system. You
might need to make updates or changes to your firmware. You will need to prepare the disks on
e
which the operating system is to be installed.
ut
In this topic, you will make sure that your hardware meets all of these requirements so that when
you are ready to install the operating system, you know that your hardware is up to the task.
ib
Operating System Requirements
tr
Operating System Before installation, you must make sure that your hardware meets or exceeds the minimum
Requirements requirements for the network operating system you will install. The documentation for your
is
operating system usually lists both minimum and recommended system requirements. There is often
a hardware compatibility list available as well. Especially for commercial software, the vendor often
tests the operating system and or applications with a variety of hardware to ensure that it works as
D
expected on various hardware.
Point out that operating Some of the items included in the operating system requirements list are:
systems can be installed
as a headless install in
which case keyboard,
video, and mouse aren't
• Memory required or recommended.
• Minimum CPU speed.
• Amount of disk space needed.
or
e
required on the server • Required peripherals such as video, keyboard, and mouse.
where the NOS is being • Network card.
at
installed.
• DVD drive if installing from optical disc.
lic
Firmware
Firmware Firmware straddles a gray area between hardware and software. Firmware is specialized software
up
stored in memory chips that stores information whether or not power to the computer is on. It is
most often written on an electronically reprogrammable chip so that it can be updated with a special
program to fix any errors that might be discovered after a computer is purchased or to support
updated hardware components.
D
Firmware is used to control electronic devices, such as remote controls, calculators, and digital
cameras. In a computer, firmware is implemented using the BIOS and CMOS.
ot
Firmware Updates
N
Firmware Updates Updating firmware electronically is called flashing. There are a few reasons why you should consider
upgrading the BIOS and firmware. The reasons include:
• To provide support for new hardware, such as a large hard drive or removable storage device.
o
• To fix bugs that prevent the operating system from installing or running properly.
D
• To enable advanced Plug-and-Play or advanced power management features

• To be eligible for vendor support.
.
The temptation to upgrade the BIOS and firmware simply because a newer revision is available
should be avoided. Upgrading the system BIOS or other firmware can be damaging to your server if
it is not done correctly. If you improperly flash the system BIOS, or if the flash process is
Lesson 2: Installing a Server | Topic B

interrupted by a power failure, or even if you use the wrong BIOS image to flash the system BIOS,
you can corrupt the BIOS chip so that the system will no longer boot. Often, your recovery options
will be limited, but they should be listed on the manufacturer’s support website.
BIOS/UEFI Configuration
BIOS or UEFI configuration data is stored in CMOS (complementary metal oxide semiconductor). This is an example of an
The CMOS chip maintains information without power being supplied to the computer. The term Instructor note
e
“CMOS” is frequently used to refer to the storage location of the BIOS configuration information,
rather than the chip technology. A battery, typically on the motherboard as shown in the following
ut
Figure, provides power to the CMOS chip so that its contents are maintained when the computer is
turned off or unplugged.
ib
tr
is
D
or
e
at
lic
up
Figure 2-8: The CMOS battery on the motherboard.
To configure the values stored in CMOS, you use a system setup utility provided by your computer’s
manufacturer (or by the BIOS maker). This utility is often built into the BIOS itself. Sometimes the
D
utility is stored on a special hidden portion of your hard disk (on a separate partition) or an optical
disc.
Because RAM is usually faster than ROM, some manufacturers load the ROM data from the CMOS
ot
into RAM. Some computers, especially those that use UEFI, load the data from CMOS into an
application stored on the hard drive.
N
A boot device is a device from which the operating system is loaded into the hard disk during the
booting or installation process. The BIOS allows the user to configure the boot order. For example,
if the boot order is set to read the DVD drive first and then the USB device drive, the BIOS will
o
first try to boot from the DVD drive. If the BIOS fails to read the drive or if there is no DVD in
the drive, only then the BIOS will try to boot from the USB device drive.
D
Some of the settings you might need to configure include:

• Memory size settings
• Drive boot order
• Boot password
• Drive information

Setting a BIOS password requires that the password be entered before the computer will boot. This
can prevent unauthorized access to the computer as well as to the configuration settings. If the
password is lost or forgotten, you can try removing the CMOS battery to see if the password will
reset to no password. If not, contact the motherboard manufacturer to find out if there is a
backdoor password that can be used to regain access to the computer.
Disk Preparation
e
Once you have physically installed a hard drive, you must prepare it for use by the operating system.
With hard drives, the following steps must be performed separately:
ut
• Partition the drive.
• Format the drive.
ib
Partitions divide the full capacity of a drive into smaller, logical portions that are individually usable
and configurable. For example, you could divide a 5 GB drive into two 2.5 GB logical drives,
commonly called volumes.
tr
In addition, partitions define the type of file system (often written as “filesystem”) that will be used
on the hard drive. The file system defines how data is stored on the drive. It also includes the tables
is
and structures that describe where files are stored on the volume and define the size of the various
volumes on the computer.
D
Popular hard-drive file systems for Windows computers include NTFS (the Windows NT File
System) and FAT32. The older 16-bit FAT, or file allocation table, file system is not used on hard
drives anymore. The virtual FAT (VFAT) system introduced with Windows 95 is still used on some
File Systems
or
removable media, such as USB drives and camera memory cards.
The following table describes the various file systems.
e
File system Primarly used in Description
at
ext2, ext3, ext4 Linux The “extended file system” is a Linux-specific

journaling file system. The current version is
ext4, though ext3 is still widely used.
lic
Journaling file systems log changes before

actually writing them to disk, making these file
systems less likely to become corrupted during
up
a system crash.
NTFS Windows clients and Introduced with Windows NT, the Windows
servers NT File System adds support for security, very
D
large volumes, and fault tolerance. Microsoft

continues to enhance this file system.
FAT32 Windows 9x, Windows FAT32 removed file size limits and improved
ot
XP performance over FAT. It is still used on older

systems and for removable media (camera
cards). For the most part, it has been replaced
N
by NTFS.
Reiser Linux ReiserFS was the first journaling file system. It
o
is no longer part of the Linux kernel.

D

File system Primarly used in Description

UFS BSD Unix and its UFS uses a block system for storage. Some
derivatives blocks at the start of the partition are reserved
for boot blocks and are initialized separately
from the file system. A superblock contains a
"magic number" that identifies the file system
as UFS. Cylinder groups contain backup copy
of superblock, header, inodes with file
e
attributes, and data blocks.
ut
VMFS VMWare virtual machine VMFS is the cluster file system used in
disk images VMWare virtual machine disk images.
ZFS Solaris, BSD, Linux, OS X ZFS (Zettabyte File System) combines a file
ib
system with a logical volume manager. It uses
virtualized volumes to create storage pools. It
tr
supports huge storage capacities with storage
limits that are likely never to be reached.
is
Most servers use redundant components such as power supplies, NICs, and hard drives. Redundant
hard drives are configured as RAID systems.
D
Note: RAID is covered in full elsewhere in the course.
Safety Precautions
or
e
Electricity can be dangerous. If you don’t follow proper safety precautions, electricity can kill you. Safety Precautions
Current, not voltage, is what causes the danger. Even a small amount of current passing through
at
your heart can be sufficient to cause ventricular fibrillation or stop your heart entirely. A dangerous
level of current is possible even with low voltage sources, such as a 9 V battery.
lic
The 1-10-100 rule states that you can feel 1 mA (1 milliamp, or 1/1000 amp) of current through
your body; 10 mA is sufficient to make your muscles contract to the point where you can’t let go of
a power source; and 100 mA is sufficient to stop your heart. This is a rule you should learn and
up
respect.
You should always follow common-sense safety precautions to avoid electric shock. These
precautions include the following:
D
• Don’t touch exposed electrical contacts with any part of your skin.
• Touch only insulated handles and parts of tools, probes, cords, etc.
• Leave covers on equipment unless you need to access their internal components.
ot
• Work one-handed. If you use only one hand, electricity is less likely to flow through your body
(specifically, your heart or head) and cause injury or death.
N
• Never insert anything into a wall outlet other than a power cord.
• Remove jewelry and watches when working around electricity. Rings, watches, and jewelry can
cause unintended contact with electrified components. Furthermore, these metallic items can
o
increase the surface area that's in contact with an electrical source and thus lower your body's
Tell students that while
resistance. some guides
D
• Keep your hands clean and dry. recommend leaving the

• Don't work with electricity in wet surroundings, especially on wet floors. computer plugged in,
doing so is dangerous
Static electricity is the buildup of an electrical charge on the surfaces of objects. Static electricity can and they should not do
dissipate harmlessly to ground if a suitable path is provided. Often, static is discharged quickly when that. You need to be at
objects having different electrical charges are brought into contact or simply near enough to each equal potential with the
other. device you're servicing,
not with ground.

To feel a static shock, you must experience a discharge of approximately 3000 volts or more.
Discharges of more than roughly 8000 volts might generate a visible spark. Walking across a carpet
on a dry day can generate a charge of up to 35,000 volts. Yet electronics can be damaged by a 1000-
volt discharge or less—a third or less than the minimum discharge you can feel.
To reduce the buildup of static charges and limit the likelihood of sudden discharges, follow these
tips:
• Don't shuffle your feet as you walk.
• Increase the humidity in the room or building—static charges can dissipate before growing large
e
if the humidity level is sufficiently high.
• Wear cotton clothing, which is less likely to generate static charges than are many synthetic
ut
materials.
• Remove carpeting from computer rooms and from rooms where you service computers.
ib
• Use an air ionization system to build up an opposite, and thus neutralizing, charge in the air. Tell
students that while some guides recommend leaving the computer plugged in, doing so is
dangerous and they should not do that. You need to be at equal potential with the device you're
tr
servicing, not with ground.
• Use the tools found in a typical ESD (electrostatic discharge) kit, such as wrist straps and mats,
is
to remain electrically connected to the devices you're servicing. You and the components you're
servicing do not need to be connected to ground; in fact, that can be dangerous.
D
• Equalize charges safely. Unplug the equipment, and then touch a metal portion of its chassis.
To prevent damaging discharge from occurring, you need to be at equal charge potential with the
device you're servicing (not at equal charge with ground). Do not leave the computer plugged in
or
while servicing it. If there’s a fault in the building's wiring system, full wall current could be flowing
through the ground wire. You could be injured or killed if you came into contact with the ground.
e
Guidelines for Preparing Server Hardware
at
Guidelines for Preparing Consider following these guidelines when you need to prepare server hardware for installation.
Server Hardware • Verify that the computer meets the operating system requirements for RAM, hard drive disk
lic
Guidelines for Preparing space and speed, CPU type and speed, and access to resources such as optical disks and network.
Server Hardware
• Check for any available firmware updates, and if the update is relevant or would make your
device perform better in the server, apply the firmware update.
up
• Make any BIOS or UEFI configuration updates to enable server features to function properly.
• Partition and format the disk drives if needed. Some operating systems will prompt you to
partition and format the drives during operating system installation; others might expect the disk
to already be partitioned and formatted.
D
• Follow all safety precautions to keep from damaging circuits in the server and to keep yourself
safe.
ot
N
o
D

ACTIVITY 2-2
Preparing the Server Hardware
Before You Begin
e
You will need a computer with Internet access for this activity.
ut
Scenario
You have all of the components available for your server. You have examined each of the
ib
components in some depth already. You are ready to verify that the hardware meets the system
requirements to install Windows 8.1 as a client workstation and Windows Server 2012 R2 as a
server. You will locate the system requirements and hardware compatibility lists for both operating
tr
systems.
is
1. Using a search website, locate the system requirements for Windows 8.1 with Update 1. If there is no operating
D
a) Open a web browser and access one of the search engines such as google.com or bing.com. system on student
b) Search for Windows 8.1 with Update 1 system requirements computers, consider
displaying the HCL and
2. Review the system requirements for Windows 8.1 with Update 1.
a) Examine the system requirements list.
b) Verify that your system meets the specifications listed.
or system requirements
from your instructor
station.
e
3. Search for Windows 8.1 with Update 1 hardware compatibility list then review the results.
at
a) In the search engine, search for Windows 8.1 with Update 1 hardware compatibility list
b) Examine the hardware compatibility list.
c) Verify that your system is compatible with the components listed.
lic
4. Search for system requirements and hardware compatibility list for Windows Server 2012 R2 and review
the results. Verify that your system meets the requirements.
up
D
ot
N
o
D

TOPIC C
Set Up the Server Hardware
You have verified that the hardware meets your operating system needs. Next, you will set up the
hardware in the appropriate location, with the appropriate cooling and air flow taken into
consideration.
e
In this topic, you will examine some of the ways of keeping systems cool. This includes using KVM
ut
switches to limit the number of monitors deployed in the server room.
ib
Server Location
Server Location There are several factors to consider when planning the location and design of the server room.
tr
Factor Description
is
Proximity Locate the server room near the center of the building if possible. This
is usually the most solid part of the building and the least vulnerable to
D
attack. Limit access to the room by having IT employee cubes and
security close to the server room. This makes it more difficult for
unauthorized persons to access the server room undetected.
Waterproofing
or
Ensure the room has adequate waterproofing. This is necessary not
only for flooding due to natural causes, but also from burst pipes and
other water disasters. The server room should not have plumbing in
e
the ceiling. The server room should not be in the basement either, as
basements tend to be wet with high humidity. Locate servers at least
at
one foot from the floor; this way if water does get into the room, you’ll
have a little time to rectify the situation before water gets to the
systems. Also, consider installing a monitoring device to alert you to
lic
water in the room.

Fire protection When you install fire protection, avoid the use of water-based fire
extinguishers. They should be either aerosol based or dry chemical,
up
nonreactive, and noncorrosive extinguishers such as Halon, carbon

dioxide, or FM-200.
ESD practices As you design the server room, keep in mind safe ESD practices. This
D
includes having static-resistant flooring and work surfaces.

Additionally, users should follow ESD safety precautions. A difference
in safe ESD practices between working on desktops and working on
ot
servers is related to standby power. You must unplug the server box
from the electrical supply to disable the 5V standby for the system
N
board.
o
D
Lesson 2: Installing a Server | Topic C

Factor Description
Electrical and UPS Monitor the electrical power to the server room. Consider using line
conditioners and UPSs to prevent outages from sags, brownouts, and
blackouts. The power should be as clean as possible to the server
room, with no other power consumption on the circuit serving the
server room. Before installing a UPS, ensure that it is sufficiently
charged. Serial cables can be used to communicate with the UPS. Most
network operating systems include a feature to automatically perform a
e
clean shutdown when the UPS is activated. You can usually determine
how long after the UPS kicks in before the shutdown is activated. If
ut
the power comes back on and the UPS goes back to standby, then the
shutdown won’t happen. Many UPSs use software to provide
reporting and can be monitored from a console.
ib
Temperature fluctuation Carefully monitor the temperature in the server room. The room needs
adequate ventilation, and should be maintained at a constant
tr
temperature. Computer components prefer a temperature in the 50s or
60s, whereas humans prefer upper 60s or low 70s for office
is
temperatures. Try to reach a compromise between the two extremes,
and maintain it as close as possible. Temperature fluctuation leads to
D
problems such as chip creep and damage to components. Consider
installing a monitor that will alert you when the temperature is outside
of a set range.
Active monitoring
or
Alarms and monitors are available to alert you to many of the
environmental factors. Monitor as many as possible, and be alerted to
their change. Monitors can be installed for heat, humidity, fire, and
power problems to name a few. Among the options you have available,
e
the alerts can be sent via alarms, email, phone, or to pagers.
at
HVAC Requirements
lic
Because servers generate a lot of heat, which can reduce the performance of electrical circuits, it is HVAC Requirements
essential to provide adequate cooling and ventilation inside the server room. The cooling
mechanism should conform to the industrial Heating Ventilating and Air Conditioning (HVAC)
up
standards. In the case of rack mounted servers, it is good practice to ensure that there is sufficient
space between each individual rack for proper ventilation. Also, the cooling system should be
designed to provide adequate cooling to each individual rack. Besides providing cooling and
D
ventilation, the HVAC standards require that the cooling system be capable of maintaining the
humidity at an optimum level.
Computer room air conditioning units (CRAC units) often use the temperature of the warm air
ot
entering the unit to determine the current room temperature. In a server room set up with hot and
cold aisles, this is not an accurate measure of the room temperature. The hot aisle contains all of the
hot air exhausted from the servers, concentrated into the hot aisle, making the CRAC intake air
N
much hotter than the entire room actually is.

o
HVAC Monitoring
D
Alarms and monitors are available to alert you to many of the environmental factors. Monitor as HVAC Monitoring
many as possible, and be alerted to their change. Monitors can be installed for heat, humidity, fire,
and power problems to name a few. There are SNMP (Simple Network Management Protocol)
agents for computer racks and HVAC equipment so that you can monitor the temperature,
humidity, and power use of your computer room's equipment. Among the options you have
available, the alerts can be sent via alarms, email, phone, or to pagers.

Air Flow
Air Flow Computers need to have adequate air flow in order to function properly and prevent overheating.
Air flow both inside the computer case and in the room where the equipment is housed need to be
considered.
Inside the computer case, make sure devices are placed where they will get proper air flow to avoid
overheating the device. Consider the placement of drives inside bays with cable configuration. You
might need to adjust the placement of devices to match the order of cables and cable connectors.
Make sure there is sufficient total air flow to handle whatever heat added devices add to the
e
computer.
ut
Dead spots are particular areas of the server chassis that are deprived of air flow. By altering new
components, the favored airflow through the chassis is disturbed and the air may stop flowing in
particular areas of the chassis, thereby, causing dead spots.
ib
In the room where the equipment is housed, verify that the clearances around servers and other
components are maintained. Move any objects that threaten the air flow to server components.
tr
Check the external and internal fans, ventilation ducts, and air-conditioning ducts for dust
accumulation and clean them if required.
is
When using rack mount servers, consider a rack with extra width or depth. This provides space for
air flow (for cooling). The chases for running wires and cables help keep the wires and cables from
D
obstructing air flow.
Hot Aisle and Cold Aisle

Hot Aisle and Cold Aisle or
In a server room, you should orient all of the server racks, blade servers, and any towers so that the
fronts are all facing the same direction. If you need to create additional rows of servers, be sure that
the fronts of one row of servers faces the fronts of the other row of servers. This will create a cold
e
aisle. The exhaust from the fans will create a hot aisle. The hot aisle air flow needs to be pushed
at
towards the air conditioning unit intake.

Servers are designed to take cool air into the front or face of the system. Hot air is then exhausted
out from the rear of the system. If you were to line the servers up in multiple rows with all front
lic
facing the same direction, the air intake on each row would be successively hotter.
If you need to create additional rows of servers, be sure that the hot air from the hot aisle cannot
escape into the cold aisle at the front of the new row of servers. Air flow is extremely important in
up
server rooms that contain rack units, blade servers, or any room containing multiple servers of any
type. Managing air flow enables you to improve air flow for racks and raised sub-floors. There are a
number of items you can use to help direct the air flow.
D
Item Description
Blanking panels Panels to insert in racks to seal off unused space within the rack.
ot
Filler panels Panels to insert between racks, between racks and walls and between racks and
ceilings. These can be used to contain the air in either the hot aisle or the cold
N
aisle.
Baffles Baffles direct airflow within racks and plenums. The baffles can be used to
o
rout hot air from the hot aisles to the appropriate dedicated air returns for the
computer room air conditioning intakes.
D
Server racks should not have solid doors. Doors with ventilation holes in the door allow cool air
intake on the cold aisle and hot air to be exhausted on the hot aisle.

KVM Switches
The KVM switch is a hardware device that allows the user or administrator to control multiple KVM Switches
server computers from a single Keyboard, Video and Mouse (KVM) unit. You can use buttons on
the box or keyboard commands to switch from one server to another, each time gaining keyboard,
mouse, and video capability from the server you’ve switched to, while losing the same from the
server you were just working on. Although multiple computers can be connected to the KVM, a
smaller number of computers can be controlled at any given time. Modern devices have the ability
to share USB devices and speakers with multiple computers. Some KVM switches also allow a single
e
PC to be connected to multiple monitors, keyboards, and pointing devices. While not as common as
the former access methods, this type of configuration is useful when the operator wants to access a
ut
single computer from more than one location.
ib
tr
is
D
Figure 2-9: An IP-based KVM.
In situations where several towers are to be installed in close proximity to each other, consider
or
installing a KVM switch to minimize the space and power required by multiple monitors. For
multiple server installations, consider using a KVM switch to save space and power.
There are two types of KVM switches: local KVM and IP-based KVM.
e
KVM Device Type Description
at
Local KVM Allows users to control computers located up to 1000 feet away from the
KVM console. It includes support for standard category 5 cabling between
lic
computers and users interconnected by the switch device. Category 5 based

KVM device communication uses proprietary protocols across what can be
considered a closed loop local area network infrastructure. Local KVM
up
devices can support over 256 access points with access to over 8000
computers.
IP-based KVM Allows users to access servers located at remote locations through Internet
D
using the IP addresses of the servers. Most of the access to remote servers is
done with the help of a web browser but proprietary software can also be
used for better performance. IP-based KVMs are usually slower than local
ot
KVMs.
Racked server setups are an ideal place to use KVM switches, and the additional space savings
N
provided can be an added benefit. For simple tower-rack installations, place the switch so that the
cables from each server, and the cables from the switch to the console station, can reach the switch
without being completely taut. Some rackmount systems lend themselves to KVM implementation
o
better than others do, so check with the server or rack manufacturer’s documentation to see
whether or not additional hardware or software will be needed to implement KVM switches. KVM
D
switches that are 1U high fit directly in the rack unit. Other systems might provide for network-
based KVM implementations, which would allow you to access the connected servers from a
workstation that is outside the server room or any place on the network. Because blade servers are

normally deployed into existing rackmount-type environments, the KVM issues to be considered are
quite similar to those in rackmount installations.
job aids on How to Set Up Server and Client Hardware.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 2-3
Setting up the Server and Client Hardware
Before You Begin
e
If you only have one computer per student, you will work with a partner for this activity. You will
ut
use the peripherals from one student to connect the monitor, keyboard, and mouse to both systems.
Scenario
ib
As you continue readying the server and client hardware, you are now ready to set it up. You will use
a single monitor, keyboard, and mouse for the server and the client hardware. You also have
Ethernet cables to connect the computers to the network.
tr
is
1. Connect peripherals to the KVM switch.
a) Connect the monitor to the monitor port on the KVM switch.
D
b) Connect the keyboard to the keyboard port on the KVM switch.
c) Connect the mouse to the mouse port on the KVM switch.
2. Connect the KVM switch to the server computer.

or
a) Connect a video cable from the KVM switch to the video port server computer.
b) Connect a keyboard cable from the KVM switch to the server computer with the appropriate cable.
e
It is most likely that your KVM switch and computer uses USB keyboard and mouse connections. If
you are using older equipment, it might use a PS2 connection.
at
c) Connect a mouse cable from the KVM switch to the server computer with the appropriate cable.
3. Connect cables from the KVM switch to the appropriate ports on the client computer.
lic
4. Plug the network cables into the network card on the server and client computers.
up
5. If you worked with a partner for this activity, reconnect the monitor, keyboard, and mouse to each
computer.
D
ot
N
o
D

TOPIC D
Install an Operating System
Once the server hardware is set up, the next logical step would be to install the NOS that can act as
an interface between the user and the server hardware. In this topic, you will examine some of the
issues surrounding the installation of a NOS.
e
Because there are multiple vendors, each specific NOS may have its own unique installation
ut
procedures. There are certain things you need to take care of as part of the overall software
installation procedure. A server specialist’s main area of concern will be to configure the server
hardware to work with the installed NOS so that users can get proper access to network resources.
ib
Installation Media
tr
Installation Media The default installation media for Windows operating systems is a DVD. This might have been
is
purchased at a retail establishment or downloaded from Microsoft and burned as an ISO image to
DVD. The files from the disk can be copied to a network folder or to a USB drive if the server on
which you are installing the operating system does not have a DVD drive.
D
Remote Installation
Remote Installation
or
When your organization has servers spread out over a number of locations, be it across a campus, a
city, a state, a country, or the world, it is not always convenient or practical to sit in front of a
computer and perform operating system installation. Most operating systems have some method or
e
another for being able to install the operating system remotely.
at
Older versions of Windows operating systems including Windows 2000, XP, and Server 2003 used
Remote Installation Services (RIS). A computer with the BIOS configured for PXE boot could then
execute boot environment variables remotely. RIS can be used to perform a clean install, but not for
lic
operating system upgrades. It uses a file configured with the answers to questions the administrator
would be prompted for during the installation. This answer file is configured with the appropriate
answers to the prompts so that the installation is performed without administrator intervention
up
during the install process. RIS is composed of several services that enable an operating system to be
installed remotely. The Binlsvc boot service interacts with directory services to boot the target server
remotely. The TFTPD service uses TFTP to transfer the needed files to the target system.
Windows Server 2008 and newer use an answer file as well. For these operating system installations,
D
the setup.exe command is followed with the /unattend:filename parameter where filename is the name
of the answer file. You can also use Remote Desktop Services (RDS) to perform a remote
installation. for Server 2008 and 2012.
ot
Linux distributions have their own methods of performing a remote installation. Refer to the man
pages or the web site for the distribution for the exact steps for your distribution of Linux.
N
IBM ToolsCenter for System x and BladeCenter has its own version of performing remote
installations as well. It requires the image to be deployed through RSA II, MM, or AMM. for
complete details on this method of remote installation, refer to the IBM ToolsCenter for System x
o
and BladeCenter Information Center online.

D
For all of these remote installation methods, you will need the source installation files and a network
connection.
Lesson 2: Installing a Server | Topic D

Cloning Images
Cloning images, also known as thick images, is a snapshot of the computer created at a specific Cloning Images
point in time. All of the updates, applications, and configuration are saved in the cloned image of
the computer.
The cloned image can be used to restore a computer that has been corrupted or damaged. It can
also be used to create a duplicate computer with the same configuration. If you use it to create a
second computer, you will need to reconfigure the computer name and any other settings that must
be unique on your network such as IP addresses.
e
There are many cloning applications available for purchase or for free that can be used. An Internet If you have experience
ut
search will show you the wide variety of cloning applications you can select from. Some applications with any cloning
are for specific operating systems or file systems. Others perform a bit-by-bit copy and can be used applications, share your
on any file system. experiences with the
ib
class. Ask students if
they have used any and
Scripted Install for Unattended Installation if they would
tr
recommend it.
Another method you can use to install Windows Server 2012 is to create and deploy server images Scripted Install for
is
using the Deployment Image Servicing and Management (DISM.exe) command-line utility. Unattended Installation
Microsoft designed DISM to enable you to install servers using preconfigured images instead of
performing an installation guided by the Windows Setup wizard. The advantage to using images is
D
that you can install them on servers without having to physically be at those servers. In other words,
you can install servers more quickly because you don't have to go from server to server to run the
Windows Setup wizard.
or
An image file is a mirror copy of an installed server. When you want to create an image file, your
first step is to install a master server. You then use this master server to create the image you plan to
deploy to other servers. For example, you might install Windows Server 2012 on a master server,
e
enable Remote Desktop support, and install a third-party application. After you've configured the
master server as needed, you use the DISM.exe command to create an image file based on this
at
server.
You install this custom image file by using the DISM.exe command. Here is an example of using
lic
DISM.exe to deploy an image named GUIserver.wim to a new server:

dism /Capture-Image /ImageFile:C:GUIserver.wim /CaptureDir:c:\ /Compress:fast /
CheckIntegrity /ImageName:"GUIserver" /ImageDescription:"Master image of a GUI
up
server"
Before you can deploy the GUIserver image file, you must create an unattended installation answer
file that points Setup to the custom image file. You use the Windows System Image Manager
D
(Windows SIM) utility to create this answer file.

To obtain the Windows SIM utility, you must first download and install the Windows Assessment
and Deployment Kit (ADK) from the Microsoft website. At the time of this writing, a version of
ot
the ADK that's compatible with Windows Server 2012 is available at http://
www.microsoft.com/en-us/download/details.aspx?id=30652.
N
Unattended Linux Installations

Linux distributions can be configured to be installed using an unattended installation also. For most
o
distributions, you will need to create a preseed.cfg file and a postseed.cfg. These files contains the
information necessary to select which options to install and how to configure items that you would
D

normally be prompted to configure during the installation. Refer to the documentation for your
Linux distribution for the exact procedure to perform an unattended installation.
job aids on How to Install Operating System Software.
e
job aids on How to Switch Between Windows Server 2012 Server Core and GUI.
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 2-4
Installing Windows Server 2012 R2
If you provided one
Before You Begin computer per student,
e
You have a computer available that meets the requirements for Windows Server 2012 R2 with space they can install over top
of the OS that is already
ut
available on the hard drive to install the operating system. This can be a physical computer or a
virtual machine. installed, or you can skip
this activity (they will
have a chance to install
ib
Scenario Windows Server as a
Your manager has asked you to set up a test environment. The first machine you are going to install VM later in the course),
or have students partner
tr
is a Windows Server2012 R2 server. Windows Server 2012 R2 servers have been deployed
throughout Develetech offices, so this is a good first machine to set up in your test lab environment. up and install on only
one computer.
is
1. Locate the Windows Server 2012 R2 source files. Provide students with
D
a) If your instructor provided the installation files on physical media, insert or connect the media to the the source files on a
computer on which Server 2012 R2 will be installed. DVD, USB flash drive, or
b) If your instructor provided the installation files on a network drive, connect to the folder in which the provide a network
installation files are located.
2. Install Windows Server 2012 R2 on the computer.

a)
or
When prompted for the localization settings, configure as appropriate, then select Next.
location from which
students can access the
installation files.
e
b) Select Install Now.
at
c) Select Windows Server 2012 R2 Standard (Server with a GUI), then select Next.
d) Select I accept the license terms and then select Next.
e) If prompted, enter the product key.
lic
If you are installing an Evaluation Copy of the operating system, you will not be prompted for a
product key.
f) Select Custom: Install Windows only (advanced).
up
g) Select the unallocated space available for installing the operating system and then select Next.
Installation will begin and the server will restart several times.
h) When prompted for the Administrator password, enter and confirm a password for the account, then
select Finish.
D
ot
N
o
D

Summary
In this lesson, you set up a server and a workstation. Preparing an installation plan prior to
configuring the hardware and installing the operating systems should make the process go more
smoothly.
use the social If you have experience with installing and configuring operating systems, what problems did you encounter
and how did you address them?
e
networking tools
provided on the A: Answers will vary. Some students will have encountered problems with installing Windows on outdated
ut
LogicalCHOICE Home or incompatible hardware.
their peers after the What form factors do your servers use or, if you don't currently have servers, what do you think you will
ib
course is completed for use? Why use the selected form factor?
further discussion and
resources to support A: Answers will vary. Students who are supporting work environments with many servers will typically use
tr
continued learning. rack or blade servers. Those who are building test environments are more likely to use stand-alone
tower servers.
is
D
or
e
at
lic
up
D
ot
N
o
D
Lesson 2: Installing a Server |

3 Configuring Networking
e
3 hours.
ut
ib
tr
Lesson Objectives
is
In this lesson, you will configure networking. You will:
D
• Manage network cabling.
• Configure network interface cards.
or
• Implement IP addressing and network infrastructure services.
Lesson Introduction
e
at
In previous lessons, you set up the hardware and installed the operating system for client
and server computers. In this lesson, you will configure those client and server computers to
communicate with each other over a network.
lic
You are likely to encounter various types of cables for network connections and need to
configure network cards to connect to the network. You will also need to configure the
protocols on the systems for them to properly communicate with each other and if needed
up
with computers outside your network. Understanding how to configure networking will
enable you to allow your clients and servers to communicate.
D
ot
N
o
D
TOPIC A
Manage Network Cabling
In this lesson, you will configure networking. Various types of cables are used in networks including
copper Ethernet cables and fiber optic cables. These are connected to networking devices using
patch cables. Keeping the cables orderly will help you as you manage your network cabling. In this
e
topic, you will manage network cabling.
ut
Ethernet Copper Cables
ib
Twisted Pair Cabling A twisted pair cable is a type of cable in which one or more pairs of copper wires are twisted around
each other and clad in a color-coded, protective insulating plastic sheath or jacket to form a pair. All
tr
pairs are encased in a plastic sheath or jacket. The number of pairs within a cable will vary
depending on the type of twisted pair cable. Twisted pair cables typically use shielding around pairs
of wires.
is
D
or
e
at
lic
Figure 3-1: Constituents of a twisted pair cable.

up
A twisted pair cable can be of two types: unshielded twisted pair (UTP) or shielded twisted pair (STP).
• UTP:
D
• Does not include shielding around its conductors.

• Typically contains four pairs of stranded or solid conductors.
ot
• Is inexpensive and reliable.

• STP:
• Includes foil wrapper shielding around its conductors to improve the cable's resistance to
N
interference and noise.

• Typically contains four pairs of stranded or solid conductors.
o
• Is more expensive than UTP.

Note: Twisted pair cables are available in 2–pair, 4–pair, 6–pair, 25–pair, 100–pair, and larger
D
bundles.
Note: A variation of STP, known as screen twisted pair (ScTP) or foil twisted pair (FTP), uses
only the overall shield and provides more protection than UTP, but not as much as STP.
The conductors in older twisted pair cables used a solid color scheme. Old telephone cables used
black, green, red, and yellow wires. The current color scheme uses striped colors.
Lesson 3: Configuring Networking | Topic A

Wire colors are standardized. The industry standard for twisted pair is one solid color and the same
color with white. Consider the blue pair of wires: One wire will be mostly blue with white stripes. It
will be identified on wiring diagrams as the blue/white wire. The corresponding wire in the pair will
be mostly white with blue stripes, and be identified as the white/blue wire.
In the solid color scheme, red corresponds to blue/white, green to white/blue, yellow to orange/
white, and black to white/orange.
The first four standard color pairs are listed in the following table.
e
Primary Wire Secondary Wire
ut
White/blue Blue/white
White/orange Orange/white
ib
White/green Green/white
White/brown Brown/white
tr
A twisted pair cable comes in different grades, called categories, which support different network Mention that cat1 is
is
speeds and technologies. used for voice
transmission, Cat2 is
Category Network Type Maximum Speed Description Distance used for digital phone
D
and low-speed networks,
5 Fast Ethernet 100 Mbps CAT5 supports a 100 m Cat3 was used in 10
signaling rate of Mbps Ethernet networks
5e Gigabit Ethernet 1 Gbps

100 MHz.
or
CAT5e supports a 100 m
signaling rate of
350 MHz.
and is now used for
phone wiring, and Cat4
was used for IBM Token
Ring 16 Mps networks.
e
6 Gigabit Ethernet 1 Gbps CAT6 supports a 100 m
at
signaling rate of
250 MHz.
lic
6a Gigabit Ethernet 1 Gbps CAT6a supports a 100 m

signaling rate of
500 MHz.
up
7 10 Gigabit 10 Gbps CAT7 supports a 100 m

Ethernet signaling rate of 1
GHz.
D
Note: A twisted pair cable's category is typically printed on the cable itself, making identification
easier.
ot
The total distance a cable is rated for includes the patch cables. The distance is measured between
the powered device and the next powered device.
N
Twisted pair has two common types of connectors: the RJ-45 and the RJ-11. Twisted Pair Connectors
RJ-45 is an eight-pin connector used by twisted pair cables in networking. All four pairs of wires in
o
the twisted pair cable use this connector.

D

e
ut
Figure 3-2: Twisted pair connectors — RJ-45 wiring schemes.
ib
Note: The RJ in RJ-11 or RJ-45 is an abbreviation for registered jack. An RJ-45 connector can
tr
also be called an 8P8C connector.
is
There are two standard wiring schemes for RJ-45: T568A and T568B. It is important that you use
the wiring scheme that matches the devices on your network even though all cables are the same.
D
Pin T568A (Legacy) T568B (Current Standard)
1 White/green White/orange
2
3
4
Green
White/orange
Blue
orOrange
White/green
Blue
e
5 White/blue White/blue
at
6 Orange Green
lic
7 White/brown White/brown
8 Brown Brown
up
You can also connect two UTP cables together by using a UTP coupler. This can be handy when you
have some shorter cables and you need to run them for a longer distance.
The RJ-11 connector is used with Category 1 cables in telephone system connections and is not
D
suitable for network connectivity. However, because the RJ-11 connector is similar in appearance to
the RJ-45 connector, they are sometimes confused. RJ-11 connectors are smaller than RJ-45
connectors, and have either four or six pins.
ot
There is also the RJ-48C connector, which is commonly used for T1 lines and uses pins 1, 2, 4 and
5.
N
Patch Cables
o
Patch Cables in a Patch Patch cables are short pieces of cable that connect a computer or other device to a network hub,
Panel router, or switch. The patch cable is usually a short Ethernet cable. A patch panel can have many
D
cables connected to it. Keeping the cables orderly is important so that you can find the port to
which a cable is connected if you need to add, remove, or replace a cable.
Straight-Through, Crossover, and Rollover Cables

There are generally three main types of networking cables: straight-through, crossover, and rollover
cables. Each cable type has a distinct use, and should not be used in place of another. In addition to
the differing uses, each cable type has a distinct wiring configuration within the cable itself.

• Straight-through cables are used to connect unlike devices, such as computers to hubs or switches.
All wire pairs are in the same order at each end of the cable. A straight-through cable is also
commonly known as a patch cable.
• Crossover cables are used to connect like devices, such as device to device, switch to switch, or
router to router. In a crossover cable, the transmit conductor at one end is connected to the
receive conductor at the other, allowing both devices to communicate simultaneously.
• A rollover cable is used to connect a device to a router's console port. In a rollover cable, one end
of the cable is wired exactly the opposite of the other end of the cable, going from one to eight
on end A and from eight to one on end B. They do not support data transfer; instead, they
e
provide an interface for programmers to connect to and adjust the router's configuration.
ut
Rollover cables are usually flat instead of round, and their outer jacket is often a unique color
such as yellow or light blue. Some rollover cables have Ethernet connectors on both ends and
will need a DB-9 (RS-232) or RJ-45 adapter to connect to a serial port. They are also referred to
ib
as Cisco console cables or Yost cables.
The RJ-45 cable that is commonly used for network connectivity is also referred to as straight-
tr
through cable.
In a regular Ethernet UTP patch cable, four wires are used. Pins 1 and 2 transmit and pins 3 and 6
is
receive. All lines are straight-wired. (Pin 1 is wired to pin 1, pin 2 to pin 2, and so forth.) In a
crossover cable, pins 1 and 2 connect to pins 3 and 6, and pins 3 and 6 connect to pins 1 and 2.
D
Fiber Cables
or
A fiber optic cable is a network cable that has a core surrounded by one or more glass or plastic
strands. In addition, it contains extra fiber strands or wraps, which are surrounded by a protective
outer jacket. The core is the thin glass center through which light travels transmitting data. The core
is between 5 and 100 microns thick with cladding made from optical materials such as silica.
Fiber Optic Cables
e
at
lic
up
D
ot
N
Figure 3-3: Layers in a fiber optic cable.

o
The cladding reflects light back to the core in patterns determined by the transmission mode. A
D
buffer, often made of plastic, surrounds the cladding and core. To add strength to the cable, strands
of synthetic fiber surround the buffer. An outer jacket, sometimes called an armor, wraps and
protects the whole assembly. Light pulses from a laser or high intensity LED are passed through the
core to carry the signal. The cladding reflects the light back into the core, increasing the distance the
signal can travel without a need for regeneration.

Note: Fiber optic cables are the least sensitive of any cable type to electromagnetic interference.
Caution: You should not look into the end of an operating fiber optic cable. The intensity of
light leaving the end of a singlemode fiber is strong enough to cause temporary or permanent
damage to the eye.
There are two modes of fiber optic cables available: multimode and singlemode. Both modes have an
outer diameter of 125 microns; that is, 125 millionths of a meter or 5 thousandths of an inch, which
e
is just larger than a single human hair.
ut
• Multimode fiber allows light to travel through its core in multiple rays or modes. Its core of 50 or
62.5 microns works with LED sources for slower networks and with laser for faster networks.
Multimode fiber is used mostly for short distances (up to 500 m).
ib
• At only 9 microns, the core of a singlemode fiber is much smaller in diameter than multimode
fiber. Within a singlemode fiber, light travels unidirectionally. Singlemode fiber is used with laser
tr
to process telephony and cable TV transmissions. Singlemode fiber has a higher transmission
rate and up to 50 times more potential distance than multimode fiber.
is
Fiber Connectors (2 Various connectors are used with fiber optic cables.
Slides)
Point out to students that Note: It often takes a specially trained and certified technician, plus specialized equipment, to
D
only the ST, SC, LC, and install fiber optic connectors. This is because the installation requires in-depth knowledge about
SFP connectors are fiber optic communication systems and fiber optic cables. Additionally, the installation involves
mentioned in the exam various testing processes, which can be done only by a knowledgeable or certified technician.
objectives.
Fiber Optic Connector
Straight Tip (ST)

Description or
ST connectors are similar in appearance to BNC connectors and are
e
used to connect multimode fibers. They have a straight, ceramic
center pin and bayonet lug lockdown. They are often used in
at
network patch panels. ST connectors are among the most popular

types of fiber connectors.
lic
up
Subscriber Connector or SC connectors are box-shaped connectors that snap into a

Standard Connector (SC) receptacle. They are often used in a duplex configuration where two
fibers are terminated into two SC connectors that are molded
D
together. SC is used with a singlemode fiber.

ot
N
Local Connector (LC) LC connectors are used for both singlemode and multimode fiber
and a small form factor ceramic ferrule. It is about half the size of a
o
SC or ST connector. LC connectors use an RJ-45-type latching and

can be used to transition installations from twisted pair copper
D
cabling to fiber.

Fiber Optic Connector Description

Mechanical Transfer Registered The MT-RJ connector, also called a Fiber Jack connector, is a
Jack (MT-RJ) compact snap-to-lock connector used with multimode fiber. Because
the MT-RJ connector is compact, it is easy to use. It is similar in size
to the RJ-45 connector. Two strands of fiber are attached with the
MT-RJ connector.
e
ut
Ferrule Connector (FC) FC connectors use a heavy duty ferrule in the center for more
mechanical stability than SMA or ST connectors. A ferrule is a
ib
tubular structure made of ceramic or metal that supports the fiber.
These connectors are more popular in industrial settings where
greater strength and durability is required.
tr
is
D
FDDI FDDI connectors are used for multimode fiber optic cable and are a
push/pull-type, two-channel snap-fit connectors. Also called a
Media Interface Connector (MIC).
or
e
at
Biconic The biconic connector is a screw-on type connector with a tapered

lic
sleeve that is fixed against guided rings and screws onto the threaded
sleeve to secure the connection. When the connector is inserted into
the receptacle, the tapered end of the connector locates the fiber
up
optic cable into the proper position. The biconic connector is one of
the earliest connector types.
D
Sub Multi Assembly or Sub SMA connectors are similar to ST connectors, and use a threaded
Miniature type A (SMA) ferrule on the outside to lock the connector in place. It is typically
ot
used where water or other environmental factors necessitate a

waterproof connection, unlike a bayonet-style connector.
N
o
D
As with copper media, there are also fiber couplers available. However, fiber couplers work differently
than their copper-media counterparts. Fiber couplers are used when a system has one or more input
fibers and one or more output fibers that need to be connected. The connection can be created by
thermally fusing the fibers so that the cores get into intimate contact.

Small Form-factor Pluggable

Small Form-Factor Pluggable (SFP) connectors are designed by a multi-source agreement rather
than a specific vendor. These compact, hot-pluggable connectors are used in switches, routers, and
other devices to connect fiber optic or copper cables. The SFP transceiver modules can be removed
and replaced as needed. Their small size allows high density of connectors in devices.
Cable Management
e
Patch panels are used to connect circuits to the network. Messy patch panels can make finding the
correct cable difficult when you need to add, remove, or replace a cable. Remove unused cables
ut
from the patch panel not only to make it neater, but also to prevent unauthorized network access.
Consider purchasing patch panels with locking covers to prevent unauthorized access to adding or
removing cables. Make cables the right length: too short cables can pull on connectors and too long
ib
cables can make cable management difficult.
Using cable management features such as cable channels in racks and cable management trays and
tr
baskets can help keep cables neat and orderly. Cable management trays are used in both vertical and
horizontal orientation. Be careful not to exceed the bend radius for the media you are managing as
is
doing so can lead to damaged cables. Cable ties are also useful in grouping cables together. You can
use Velcro or plastic cable ties depending on whether you will need to frequently change the cables.
D
Ask students to share Labeling of equipment, ports, and cables is so important, that TIA created a standard for labeling
how their organization items. TIA-606B specifies standards for labeling and record keeping. All changes should be
labels cables and ports. managed through Move/Add/Change (MAC) documents. Labels need to be printed (not hand
Ask if their organization
follows good cable
management, making it
easy to locate and work
with specific cables as
or
written) and securely attached to the port, cable, system, circuit, or patch panel. The identifier on the
label should conform to the FS-AN naming convention.
FS-AN character(s) Description

e
needed. Provide F The floor number and telecommunications space.
at
examples of good and

bad cable management. S A letter that identifies the telecommunications space within the “F” area.
TIA-606B Labeling
A One or two characters (letters or numbers) corresponding to a patch panel
lic
that makes up the horizontal cross-connect.

N Two to four numbers corresponding to the patch panel port where the cable
connects to the patch panel.
up
D
ot
N
o
D
Figure 3-4: An example of TIA-606B labeling.

The standard specifies how port labeling, system labeling, circuit labeling, and patch panel labeling
should be structured. Cables should be labeled within 12 inches of each end of the cable. Patch
panel ports should be labeled above the port. Circuits should be individually labeled with the FS-
AN.
Guidelines for Cable Management

Guidelines for Cable
Note: All of the Guidelines for this lesson are available as checklists from the Checklist tile on
e
Management
the LogicalCHOICE Home screen.
ut
Note: For additional information, check out the LearnTO Implement Best Practices for LearnTO Implement
Cabling in the LearnTOs for this course on your LogicalCHOICE Course screen. Best Practices for
ib
Cabling from the
Keeping the cables in your telecommunications closet neat and orderly is a good first step in making LogicalCHOICE Course
cables easy to identify. Being able to locate a port or cable that needs to be connected, disconnected, screen or have students
tr
moved, or replaced is more easily done if the ports and cables are labeled in a consistent manner. navigate out to the
For good cable management: Course screen and
is
watch it themselves as a
• Keep the telecommunications closet neat and orderly. supplement to your
• Label all ports on the switch or patch panel using the TIA-606B labeling scheme. instruction. If not, please
D
• Label all cables within a foot of each end of the cable using the TIA-606B labeling scheme. remind students to visit
• Document all changes to ports and cables using a Move/Add/Change document. the LearnTOs for this
course on their
• If Move/Add/Change documents are paper-based, keep the documents in a binder.
or
• Use cable trays and baskets as needed for organizing and keeping cables neat and orderly.
screen after class for
supplemental
information and
e
additional resources.
at
lic
up
D
ot
N
o
D

ACTIVITY 3-1
Managing Network Cabling
Consider adding cables
without ends, fiber Before You Begin
e
cables, coax cables and Your instructor will provide you with cables and a switch.
various CAT5, CAT6,
ut
and other twisted pair Scenario
cables to the cables you
provide to students. The IT Manager has asked you to connect computers and servers to the switch in the test lab. You
ib
have been given a box of cables, some network hubs and switches, various pieces of unterminated
cables, cable terminators and cable tools. You also find in the box, a label maker with label tape
tr
loaded in it. The lab is located on the first floor in the area known as area Z.
is
1. Connect network cables from the switch to client computer.
a) Connect Ethernet patch cables to ports on the switch.
D
b) Connect the other end of each patch cable to the network card in the client and server computers.
Provide examples of real 2. Label each of the cables using the FS-AN naming convention.
world implementation of
cable, switch, and port
labeling.
a)
b)
c)
or
Using the label maker, create a label for the switch: 1Z-1.
Using the label maker, create a label for the switch port to which the first server is connected: 1Z-S1.
Create a label for the switch port to which the first client is connected: 1Z-C1.
e
d) Create labels for each end of the patch cable for the server and for the client.
e) If your lab contains additional computers, create labels for each port and cable using a similar
at
naming scheme.
lic
up
D
ot
N
o
D

TOPIC B
Configure Network Interface Cards
In order to connect a device to the network cabling, your device uses a network interface card. In
this topic, you will configure the network interface card in your system.
e
Knowing the various settings available for your network interface card and how those settings can
affect network connections is important to maintaining a functional network. Having the ability to
ut
increase throughput and reliability is also an important part of network interface card configuration.
ib
Speeds
Most network cards installed in computers today are rated at 1Gbps. In order to achieve those NIC Speeds
tr
speeds, your network devices and cables also need to be capable of operating at 1 Gbps. Network
cards are usually configured to auto-negotiate and operate at the highest speed the network allows.
is
If you look at your LAN connection status, and it reports a slower speed, verify that your network Speedtest.net will give
card is configured for the appropriate speed, that your network cable is securely seated in the port, you the speed at which
D
and that all devices are capable of operating at the desired speed. The speed shown is the speed to you are connecting to
the next device in the chain. the Internet.
or
e
at
lic
up
D
ot
N
o
D
Figure 3-5: Connection speed in the network status dialog box.
Lesson 3: Configuring Networking | Topic B

Typical speeds for wired network cards are 100 Mbps or 1 Gbps. Speeds for wireless network cards
are usually in the range of 11 Mbps, 54 Mbps, or 100 Mbps, depending on the router to which you
are connected. Older 802.11b or g routers will be slower. 802.11n routers should achieve speeds of
100 Mbps or greater.
Duplexing
Duplexing Full duplex communication allows both ends of a connection to send and receive data at the same
e
time. A half-duplex connection allows only one end of the connection to send or receive at a time. In
older equipment, half-duplex was used to prevent collisions, but with modern equipment, full
ut
duplex communication is the default standard.
If you have mismatched duplex types, you might be able to communicate, but eventually the
connection will get bogged down and need to retransmit data. You can set the duplex along with the
ib
speed of the network card.
tr
Teaming
is
NIC Teaming You can combine multiple network cards in a server to improve performance and for redundancy.
Microsoft refers to this as NIC teaming. Other vendors refer to this feature as NIC aggregation,
D
balancing, failover, or bonding.
The physical network cards installed into the system are seen by the operating system as a single
logical or virtual adapter, also known as a team interface. Algorithms are used by the operating
For students interested

Inbound traffic typically uses virtual LANs.or
system to distribute the traffic between all of the NICs. This is typically used for outbound traffic.
Note: Virtual LANs will be covered in a later lesson.

e
in knowing more about
the Windows Server
at
2012 R2 implementation
of teaming, refer them to
the document on MAC Addresses
lic
Microsoft's web site:

Windows Server 2012 A MAC address, also called a physical address, is a unique, hardware-level address assigned to every
R2 NIC Teaming (LBFO) networking device by its manufacturer. MAC addresses are 6 bytes long. The first 3 bytes uniquely
Deployment and
identify the manufacturer and are referred to as the organizationally unique identifier (OUI). The
up
Management.docx.
remaining 3 bytes identify the device itself and are known as the Universal LAN MAC address.
MAC Addressing
MAC addresses can be assigned manually.
D
Note: The OUI may also be called the block ID and the universal LAN MAC address may also
be called the device ID.
ot
N
o
D

Time permitting, have

students do an
ipconfig /all and look up
the OUI online for their
MAC address.
e
ut
ib
tr
is
D
Figure 3-6: A MAC address.
or
MAC addresses use hexadecimal numeral system, a positional numeral system with a base of 16. It
uses 16 distinct symbols, 0–9 to represent values 0 to 9, and A, B, C, D, E, F to represent values 10
to 15.
On a local network it is often necessary for one host to send messages to all the other hosts at the
e
same time. This can be done by using broadcast messaging. A message can contain only one
destination MAC address, but there is a unique MAC address that is recognized by all hosts. The
at
broadcast MAC address is a 48-bit address made up of all ones. Because MAC addresses are in
hexadecimal form, the broadcast MAC address notation is FF:FF:FF:FF:FF:FF. Each F in the
lic
hexadecimal notation represents four ones (1s) in the binary address.

Multicast MAC
addresses do exist, but
up
Access the Checklist tile on your CHOICE Course screen for reference information and a detailed discussion of
job aids on How to Configure Network Interface Cards. them is beyond the
scope of this course.
D
ot
N
o
D

ACTIVITY 3-2
Configuring NIC Settings
Before You Begin
e
You have the Windows Server 2012 R2 operating system installed and your system is connected to
ut
the network.
Scenario
ib
In your test lab, you want to see what speed your system is connecting to the network at. You also
want to verify that the system is configured to use full duplex communication.
tr
1. View the connection speed of your computer.
is
a) Open Control Panel.
b) Select Network and Internet.
D
c) Open Network and Sharing Center.
d) From the Network and Sharing Center, select Change adapter settings.
e) Select the NIC.
f)
or
In the status dialog box, observe the Speed. Is the speed what you expected it to be? If not, is it
higher or lower than you expected? Consider reasons for the discrepancy, if any is found.
g) Select Close.
e
2. View the speed and duplex settings for your NIC.
at
a) Right-click the network card and select Properties.

b) Select Configure.
c) Select the Advanced tab.
lic
d) From the Property list, select Speed & Duplex.

e) Examine the options under Value.
f)
up
Based on your If the value is acceptable, select Cancel. If necessary, change the value and select OK.
equipment and network,
change the value if
needed, and guide
D
students as to what
value they should
change it to. Likely it will
be fine as it is.
ot
N
o
D

TOPIC C
Implement IP Addressing and Network
Infrastructure Services
You have installed IP addressing services on your server. In this topic, you will implement IP
e
addressing and network infrastructure services.
ut
Understanding how IPv4 and IPv6 work will help you decide whether you need to implement the
legacy IPv4 addressing or if your network is ready to move to IPv6. You can also decide where you
need to use static addressing and where you can use dynamic IP addressing. Understanding how
ib
network address services work will help you out when you are configuring IP addressing.
tr
IPv4
is
To implement TCP/IP on a network, administrators need to configure three settings on each Introduction to IP
network node: Addressing
Use this section as an
D
• IP address
advanced organizer to
• Subnet mask clarify why you are
• Default gateway presenting this content
The three main benefits of using IP on a network are:
or
• IP addresses and subnet masks enable each individual network to have a unique network address.
• Every network node can determine if a PDU is destined for a node on the local network or on a
in this order. The main
point to convey to
students is that they will
ultimately have to
e
remote network. configure these settings
on their networks.
• Routers can use network addresses and default gateways to send PDUs to the correct networks.
at
IP Address
lic
Version 4 of the Internet Protocol (IPv4) has been the standard since September of 1981. This is the IPv4
protocol that all Internet traffic was based on until recently. Every piece of information stored in a
computer can be broken down into a series of on/off conditions called bits. This type of
information is called binary data because each element has only two possible values: 1 (on) and 0
up
(off). In the binary system, a byte (or octet) is a string of eight bits.
An IPv4 address is made up of 32 bits of information. These 32 bits are divided into four octets.
There are two main methods of depicting an IP address:
D
• Binary IP addresses—What the computer reads. A binary IP address has the following format:
11001010 00101101 11100001 00001111.
ot
• Dotted-decimal IP addresses—Widely used to show IPv4 addresses. A dotted-decimal IP

address has the following format: 208.206.88.56.
Humans normally perform calculations by using the decimal (base 10) numbering system. Electronic
N
machines, however, perform calculations by using the binary (base 2) numbering system. In the decimal
numbering system, each position, starting from the rightmost, signifies a higher power of 10.
Similarly, in the binary numbering system, each position, starting from the rightmost, signifies a
o
higher power of 2.
D
Lesson 3: Configuring Networking | Topic C

Use the slide and figure

to explain the correlation
between binary and
decimal numbering.
e
ut
ib
tr
is
D
or
e
Figure 3-7: Decimal and binary numbers.
at
Subnet Mask
lic
Subnet Masks A subnet mask is a number assigned to each host for dividing the IP address into network and node
Emphasize that the portions. This segregation makes TCP/IP routable. A subnet mask removes the node ID from the
network address ends IP address, leaving just the network portion. A subnet mask is a series of continuous binary 1s that
where the 1s stop. end abruptly at some point, followed by all 0s. Where the 1s end and the 0s begin marks the dividing
up
line between network ID and host ID.

D
ot
N
o
D
Figure 3-8: The subnet mask of an IP address.
Default subnet masks use the value of eight 1s in binary, or 255 in decimal, to mask an entire octet
of the IP address. Groups of IP addresses have specific default subnet masks.

Default Subnet Mask Value of the First Octet of IP Address
255.0.0.0 1–127, with some being reserved

255.255.0.0 128–191
255.255.255.0 192–223
The following are examples of permitted subnet masks: Encourage students to

try and explain why each
e
• 255.0.0.0 of these examples is
• 255.255.0.0 either permitted or
ut
• 255.255.255.0 illegal.
• 255.255.128.0
ib
• 255.255.255.244
The subnet mask identifies which part of the IPv4 address is the network ID and which part is the
tr
host ID. In its simplest implementation, the default subnet mask is either 255 or 0. Octets with a
value of 255 identify the network ID part of the address, and a value of 0 identifies the host part of
the address.
is
So, for the IP address 192.168.1.100 and the subnet mask 255.255.255.0, the network ID is
192.168.1.0 and the host connection ID is 0.0.0.100.
D
Another way to write the IP address and subnet mask is to use a forward slash followed by the Let students know that
number of bits in the subnet mask, 192.168.1.100/24. This notation method stems from classless CIDR calculators are
or
interdomain routing (CIDR), but is used extensively as a shorthand method to identify a subnet
mask in simple subnetting implementations.
IP addresses are associated with network adapter interface connections, rather than with a specific
device such as a computer. Networked devices may have more than one network adapter interface
available. Time
permitting, demonstrate
using a CIDR calculator
either online or from a
smart phone.
e
connection, such as servers and routers.
at
Default Gateway
A default gateway is the IP address of a router that routes remote traffic from the device's local subnet
lic
to remote subnets. Typically, it is the address of the router connected to the Internet. A TCP/IP
host does not need a default gateway address if the device does not need to communicate with
devices outside its local subnet. In this case, it needs only the MAC address. You need to configure a
up
node with an IP address, a subnet mask, and a default gateway to communicate on the Internet or
any other external network. You will need only an IP address and a subnet mask to communicate
with other nodes on your network.
D
ot
N
o
D

e
ut
ib
tr
is
D
Figure 3-9: The default gateway routes traffic to remote subnets.
or
Note: You can enter ipconfig at the command prompt to view the TCP/IP parameters on
your Windows device. In Linux, this command is ifconfig.
e
IPv6
at
IPv6 Given the explosive growth of Internet users and the accompanying pressure on organizations to
support addressing for Internet-capable mobile devices such as smartphones and tablets, current
lic
manipulations to the IPv4 space using technologies such as Network Address Translation (NAT)
serve as stopgap solutions. IPv6 addressing solves the problem not only of shrinking IP address
pools, but also of many administrative inefficiencies caused by manual configuration requirements.
up
Internet Protocol version 6 (IPv6) development began in the mid-1990s. IPv6 uses 128bit addresses,
providing many more possible addresses than IPv4 provided. Ipv6 provides 2 128 addresses. IPv6
addresses include eight 16-bit fields. They are written as eight groups of four numbers in
hexadecimal notation, separated by colons. You can replace a group of all zeros by two colons. Only
D
one set of colons (::) can be used per address. Leading zeros in a field can be dropped. However,
except for the :: notation, all fields require at least one number. For example,
fe80:0000:0884:0e09:d546:aa5b can be written as fe80::884:e09:d546:aa5b.
ot
You indicate the network portion of the address by a slash and the number of bits in the address
that are assigned to the network portion. If the address ends with /48, the first 48 bits of the address
N
are the network portion. An example of a link-local IPv6 address is fe80::884:e09:d546:aa5b.

Just as with IPv4, the loopback address is a local host address. The IPv6 loopback address can be
written as ::/128. The address fe80::/10 is equivalent to the IPv4 address 169.254.0.0.
o
In IPv4, the first octet of the address denotes the network’s class. However, classes are no longer
D
formally part of the IP addressing architecture, and they have been replaced by CIDR. With IPv6,
there are five types of addresses.

Address type Description
Link-local The IPv6 version of IPv4’s APIPA. It is also used to communicate with other
devices on the local network. Link-local addresses are self-assigned using the
Neighbor Discovery process. You can identify them by using the ipconfig
command. If the IPv6 address displayed for your computer starts with fe80::,
then it’s a self-assigned link-local address.
Site-local The IPv6 version of an IPv4 private address. Site-local addresses begin with FE
and use C to F for the third hex digit—FEC, FED, FEE, or FEF.
e
Global unicast The IPv6 version of an IPv4 public address. A global unicast address is
ut
identified for a single interface. Global unicast addresses are routable and
reachable on the IPv6 Internet. All IPv6 addresses that start with the binary
values 001 (2000::/3) through 111 (E000::/3) are global addresses, with the
ib
exception of FF00::/8, which are addresses reserved for multicasts. Those bits
are followed by 48 bits that designate the global routing prefix—the network
tr
ID used for routing. The next 16 bits designate the subnet ID. The last 64 bits
identify the individual network node.
is
Multicast An address that identifies a multicast group. Just as with IPv4, an IPv6
multicast sends information or services to all interfaces that are defined as
D
members of the multicast group. If the first 16 bits of an IPv6 address are
ff00n, the address is a multicast address.
Anycast A new, unique type of address in IPv6. An anycast address—a cross between
or
unicast and multicast addressing—identifies a group of interfaces, typically on
separate nodes. Packets sent to an anycast address are delivered to the nearest
interface, as identified by the routing protocol’s distance measurement.
Multicast addresses also identify a group of interfaces on separate nodes.
e
However, the packet is delivered to all interfaces identified by the multicast
at
address (instead of to a single interface, as with anycast addresses).
IPv6 doesn’t use broadcast addresses; that functionality is included in multicast and anycast
lic
addresses. The all-hosts group is a multicast address used in place of a broadcast address.
Implementing IPv6 includes a number of benefits that will improve network operations
substantially. There are many benefits to IPv6:
up
• Extended address space: IPv6 provides 128-bit IP addresses compared to 32-bit addresses in
IPv4. The IPv4 address space provides 232 or 4,294,967,296 possible addresses, of which a
percentage are reserved for specific purposes. Contrast this to the IPv6 address space, which
D
provides 2128 or 340,282,366,920,938,463,463,374,607431,768,211,466 possible addresses. This

astounding increase in addresses ensures support for the Internet's growth and evolution as well
as increased flexibility in capacity planning for enterprise organizations.
ot
• Hierarchical addressing and router efficiency: Hierarchical addressing optimizes IPv6 address
management and reduces the size of routing tables, which enables routers to process data more
efficiently.
N
• Stateless and stateful address auto-configuration: Stateless addressing allows each host adapter to
auto-configure a unique address using neighbor discovery of IPv6 stateless devices to automate
networking and communication. Stateful addressing uses the DHCPv6 protocol and, as in IPv4,
o
addresses are assigned dynamically from a DHCP server.

D
• Elimination of broadcasts: IPv4 uses Address Resolution Protocol (ARP) broadcasts to discover
the media access control (MAC) physical address of local hosts to build a table of MAC-to-IP
address mappings. IPv6 embeds this function within IP as part of the stateless auto-
configuration function and uses the multicast protocol (IGMPv6) to send multicast neighbor
solicitation messages for neighbor discovery.
• Integrated Security (IPSec): IPv6 includes specifications for IPSec integration in the protocol.
Specifically, specifications require Authentication Header (AH) and Encapsulating Security

Payload (ESP) header support to ensure secure, reliable communication between different
applications and devices. IPSec is required by IPv6. It is not optional.
• Integrated Quality of Service (QoS): The IPv6 packet header includes two fields, traffic class and
flow label, which set a priority level for data traffic through a network. For example, streaming
video and audio applications require low latency (minimal time delays) and high priority. The
IPv6 source reduces problems with packet fragmentation and time delays by determining the
maximum size of the data payload that can be transferred over the entire route to the destination.
• Elimination of the need for NAT: A key benefit to a larger address space is the optional
elimination of translation technologies such as NAT. This simplifies network administration
e
because hosts can engage in peer-to-peer communication over the Internet, such as for real-time
ut
video conferencing and Voice over IP (VoIP). NAT, however, will continue to be used by many
organizations during their IPv4 to IPv6 transitions.
ib
IPv6 Address Scopes
Address scopes define regions, also known as spans. Addresses are defined as unique identifiers of
tr
an interface. The scopes are link-local, site network, and global network. A device usually has a link-
local address and either a site-local or global address.
is
A network address can be assigned to a scope zone. A link-local zone is made up of all network
interfaces connected to a link. Addresses are unique within a zone. A zone index suffix on the
address identifies the zone. The suffix follows a % character. An example is fe80::884:e09:d546:aa5b
D
%10.
Comparison of IPv4 and IPv6
IPv4 IPv6
or
Here is a brief summary of how IPv4 and IPv6 compare.
e
Bits 32 bit 128 bit
at
Addresses 4.3 billion About 340 Undecillion addresses

addresses
lic
Format Dotted Hexadecimal

decimal
Format 192.168.11.2 2001:0:9d38:36:44f:bc0b:758d
up
Example
Loopback 127.0.0.1 ::1
D
Broadcast 255.255.255.25 N/A - replaced with Multicast

5
Autoconfigured 169.254.x.x FE80::
ot
Multicast 224.x.x.x FF01::

N
Dynamic IP Addressing
o
Dynamic IP Addressing Most IP addresses are assigned dynamically. Dynamic IP addressing assigns an available address when
you connect to the network. This might be the same address as you were assigned previously or it
D
might be different. ISPs and DHCP servers hand out addresses as they are needed.
Having changing addresses is fine if all you are doing is consuming network resources such as web
browsing, sending and receiving email, uploading and downloading files, or using chat services.
There are several advantages to using dynamic IP addressing. These include making the pool of
available addresses go further since not every device always needs to be connected, making it harder
for attackers to reach a specific device by IP address, and more efficient use of administrator time by
not having to configure each device with a specific IP address.

Static IP Addressing
Static IP addressing means that someone has assigned and configured a specific IP address to a device. Static IP Addressing
This is usually done for servers that need to be accessed by users on the LAN or from outside the
local network over the Internet.
You will need to assign and configure a static IP address for each server. Each server will require a
unique IP address. Other devices such as network printers or network-accessible fax machines,
gateways, and routers on your network typically require a static IP address as well.
e
Public and Private IP Addressing
ut
There are two categories of IPv4 addresses: public and private. Hosts that connect to the public Public and Private IP
Internet require a unique public IP address; hosts that are on your private, internal network require Addressing
ib
unique addresses, but they do not have to be public addresses. There are differences to public and
private address assignment:
tr
• Public IPv4 addresses: Public IPv4 addresses, managed by IANA, must be unique. Typically,
IANA distributes pools of IPv4 addresses to regional Internet registries (RIRs), who in turn
is
assign IPv4 addresses to large telecoms and Internet Service Providers (ISPs). Your ISP allocates
a certain number of IPv4 addresses to your organization based on the number of devices and
hosts you connect to the Internet.
D
• Private IPv4 addresses: The available pool of IPv4 addresses steadily decreases, so RIRs will allocate
only the number of IPv4 addresses that are absolutely necessary. Many organizations implement
or
technologies such as Network Address Translation (NAT). Hosts with private IP addresses can
share a small pool of public IPv4 addresses to access the Internet by connecting to a router or
firewall configured to use NAT.
e
Note: On home networks, private addressing is usually implemented through Private Address
Translation (PAT).
at
Public IP addresses are addresses that get shared on the Internet. In order to keep internal addresses
private, Network Address Translation (NAT) is used to conceal internal private IP addresses from
lic
external networks. A router is configured with a single public IP address on its external interface and
a private address on its internal interface. A NAT service running on the router or on another
system translates between the two addressing schemes. Packets sent to the Internet from internal
up
hosts all appear as if they came from a single IP address, thus preventing external hosts from
identifying and connecting directly to internal systems.
Private IP addresses are addresses that organizations use for nodes requiring IP connectivity within
enterprise networks, but not requiring external connections to the global Internet. IP addresses in
D
each of the Classes A, B, and C are reserved as private IP addresses. When an Internet router
receives a data packet bound for one of these reserved IP addresses, it recognizes the address as
nonroutable and does not forward it outside the network. Private IP addresses can be used freely on
ot
internal networks. Because they are not routable, private IP addresses do not cause duplicate IP
address conflicts on the Internet.
N
Any organization that opts to use private IP addresses can do so without contacting the ICANN or
an Internet registry. Because these addresses are never injected into the global Internet routing
system, the address space can simultaneously be used by many different organizations. Problems
o
arising due to the shortage of IP addresses are resolved by private IP addresses.

Computers connected to a home or office network are typically assigned private IP addresses. Such
D
addresses are unique and valid within that network, but not outside of that network. Network
Address Translation (NAT) services provide the means for such internal computers to communicate
with the outside world. NAT services run on your router.
When an internal computer tries to reach an outside address, the NAT services modify the packets
to replace the private internal address with a valid public IP address. The NAT services monitor
return traffic to send such packets to the internal node for which they are bound. NAT services,

along with your firewall, typically don’t permit outside computers to initiate a communication
session with an internal node.
The following table lists the private IPv4 address ranges established by IANA. These addresses are
used for internal or private networks and cannot be used on the Internet.
Private Network Address Range
10.0.0.0/8 10.0.0.0 - 10.255.255.255

172.16.0.0/12 172.16.0.0 - 172.31.255.255
e
192.168.0.0/16 192.168.0.0 - 192.168.255.255
ut
APIPA
ib
Automatic Private IP Addressing (APIPA) is a feature of Windows that enables a Dynamic Host
Configuration Protocol (DHCP) client computer to configure itself automatically with a random IP
tr
address in the range of 169.254.0.1 to 169.254.255.254 if there is no DHCP server available. APIPA
enables DHCP clients to initialize TCP/IP and communicate with other local APIPA-configured
machines, even in the absence of an active DHCP scope. APIPA addresses are not routable, so
is
computers with APIPA addresses cannot communicate outside their local subnet. APIPA can be a
useful configuration method on small home networks because computers can initialize TCP/IP and
D
connect without any administrative configuration. On larger networks, however, a computer with an
APIPArange address is usually nothing more than a symptom, to the technician, of a DHCP
problem that requires resolution.
Default Gateway or
e
Default Gateway A gateway is a device, software, or a system that has the ability to convert data between incompatible
systems or devices. Gateways can translate data between different operating systems, or email
at
formats, or between totally different networks. A gateway can be implemented as hardware,

software, or both. You can also install gateways as software within a router, allowing the router to
act as a gateway when required, and eliminating the need for separate hardware.
lic
When TCP/IP communications need to be routed to systems on other networks, the protocol
directs the packets to a special address known as the default gateway. The default gateway is
different from a typical gateway in that the address is typically that of a network router that connects
up
the local network to other external networks. A default gateway address is not a required component
of a TCP/IP address assignment, but without a default gateway, the computer will only be able to
communicate on the local network segment.
D
Domain Name System

ot
Domain Name System The Domain Name System (DNS) is a TCP/IP name resolution service that translates a Fully Qualified
Domain Name (FQDN), which is a domain name that denotes a specific location in the DNS
hierarchy, into an IP address. For example, the FQDN server03.develetech.com will be translated
N
into the IP address 74.43.216.152. The domain name space holds information about the hierarchy of
domains and the hosts under each domain. This domain name space is referenced by the name
servers for mapping purposes.
o
D

e
ut
ib
tr
is
D
or
Figure 3-10: DNS translates the URLs or FQDNs into their corresponding IP addresses.
e
job aids on How to Configure Static IP Addressing.
at
lic
up
D
ot
N
o
D

ACTIVITY 3-3
Configuring IP Addressing
Provide students with
the appropriate IP Scenario
e
addresses, subnet You want your server to have a static IP address. You will configure your server with a static IPv4
mask, default gateway,
ut
address.
and DNS address as
needed for this activity. Note: Your instructor will provide you with the appropriate addresses needed for this activity.
ib
tr
1. Display the adapter settings on your server computer.
a) In Server Manager, select Local Server.
is
b) Select the link to the right of the Ethernet property.
c) Right-click the Ethernet adapter and select Properties.
D
2. Display IPv4 Properties.
a) In the Ethernet Properties dialog box, select Internet Protocol Version 4 (TCP/IPv4).
b) Select Properties.
3. Set a static IP address for the server.

a) Select Use the following IP address.
or
e
b) In the IP address box, enter the IP address specified by your instructor.
at
c) In the Subnet mask box, observe the default value.

d) In the Default gateway box, enter the IP address specified by your instructor.
lic
4. Configure the DNS server address.

a) In the Preferred DNS server box, enter the IP address specified by your instructor.
b) In the Alternate DNS server text box, enter 127.0.0.1
up
c) Select OK.
d) In the Ethernet Properties dialog box, select Close.
D
ot
N
o
D

Summary
In this module, you learned about configuring client and server computers to communicate with
each other over a network. By managing the network cabling and NIC configuration, and installing
and configuring the appropriate service roles and addressing for an IP network, you can make sure
that your users are able to effortlessly and seamlessly connect to and use network resources.
e
What types of network cabling are used within your organization? Why are these used? LearnTO Create Multiple
A: Answers will vary. If you have a large network, chances are that fiber optic cabling is used for the Networks by Using
ut
backbone, and Ethernet CAT 6 cables are used for connection between the patch panel and drops for Custom Subnet Masks
network devices. from the LogicalCHOICE
Course screen or have
ib
Does the network in your organization use IPv4, IPv6, or a combination? If you aren't yet using IPv6, why? students navigate out to
the Course screen and
A: Answers will vary. Most organizations still use IPv4 in part because it is what administrators are watch it themselves as a
tr
familiar with. Also, not all network equipment can be configured to use IPv6 unless it is replaced with supplement to your
newer equipment instruction. If not, please
is
remind students to visit
Note: For additional information, check out the LearnTO Create Multiple Networks by the LearnTOs for this
Using Custom Subnet Masks presentation in the LearnTOs for this course on your course on their
D
LogicalCHOICE Course screen. LogicalCHOICE Course
supplemental
or information and
e
at
lic
up
D
ot
N
o
D
Lesson 3: Configuring Networking |

D
o
N
ot
D
up
lic
at
e
or
D
is
tr
ib
ut
e
4 Creating a Virtual
Environment
e
ut
3 hours
ib
tr
is
Lesson Objectives
D
In this lesson, you will set up and configure virtual servers and virtual networks. You will:
• Create virtual servers.
• Create a virtual network. or
e
Lesson Introduction
at
Setting up virtual environments is useful in testing and in securing your resources. Using a
virtual environment allows you to experiment with new technologies, applications, and
lic
operating systems without needing additional computers and networks to test the
functionality. Also, in a production environment, using virtual environments keeps attackers
from as easily penetrating your systems. In this lesson, you will set up and configure virtual
up
servers and virtual networks.

D
ot
N
o
D
TOPIC A
Create Virtual Servers
Consider starting the Virtualization is a technology through which one or more simulated computers run within a physical
installation activities computer. Virtualization offers a range of benefits and is a suitable solution largely because many
located at the end of this user and system functions typically consume far less than the full power of a modern computer. For
e
topic, and then present example, if a user’s activities on her PC use just 30% of the computer’s capabilities, 70% is being
the concepts while
ut
wasted. Through virtualization, potentially three VMs could be run on a single system at this level of
systems are installing.
utilization, giving similar performance levels. Full resource utilization takes full advantage of the
resources you have available.
ib
In this topic, you will set up and configure virtual servers. Virtualization allows you to take full
advantage of a server's capacity.
tr
Hosts
is
Hosts Virtualization is a technology through which one or more simulated computers run within a physical
computer. The physical computer is called the host, and its operating system is the host OS. The
D
simulated computers are called virtual machines (VMs), and their operating systems are called guest
OSs.
or
e
at
lic
up
D
Figure 4-1: Multiple VMs on a single physical host.

ot
Server virtualization is a resource management feature that allows a single physical server to run
multiple virtual servers on it. Each virtual server is distinct, and it can run separate instances of an
operating system or even different operating systems. The use of a single physical server leads to
N
better utilization of costly hardware resources, which in most cases are not used to their full
capacity.
Virtualization using a single physical server offers many benefits. For instance:
o
• It leads to a smaller footprint with fewer servers.

D
• The snapshot or checkpoint feature provides the ability to revert unwanted changes.
• With fewer servers you require less power and less cooling.
• It reduces the number of people needed to maintain the servers.
• It increases flexibility.
• It makes it easier and faster to deploy servers.
• If you need to set up a server temporarily, virtualization makes this easy to accomplish without
the need for additional hardware.
Lesson 4: Creating a Virtual Environment | Topic A

• Newer technologies in server virtualization allow virtual machines to automatically restart on

different host servers in case of any failure in the main server. This is achieved by running virtual
machines inside a storage server that can be shared by all physical servers. This provides better
redundancy of services.
• Because virtual machines in a single server are independent of each other, they can be used as
sandbags for testing multiple applications at the same time on a single physical server.
While virtualization has many benefits, it is not a good choice for servers dedicated to applications
requiring high processing power or storage capabilities. Because virtualization divides the server’s
e
processing power and storage capacity among many virtual servers, some applications may slow
down or crash if the server’s processing power cannot meet the application’s requirement.
ut
Therefore, the network administrators should check the CPU usage and storage requirements of
each user before dividing a physical server into multiple virtual machines.
ib
Guest Operating Systems
tr
Once the virtual servers have been created on a server, each virtual machine can be configured Guest Operating
independent of another. Also each virtual machine must be provided with different IP addresses. Systems
is
The server hardware should have enough number of NICs to support multiple addresses. Once the
IP address and network settings of a virtual machine are configured, it can be connected to other
virtual machines on the same hardware or external hardware using the Internet or local domain
D
network.
Virtualization is generally categorized into three levels. Updates only need to be
Virtualization
Virtual servers
Description
or
Virtual servers apply virtualization to the data center. One or more servers are
implemented as virtual machines within a single host. Server virtualization offers
applied once. Create a
"golden image." Users
just reboot and get a
new VHD or VDI.
e
many benefits, such as better hardware utilization, but can come at the cost of
at
additional administration complexity.

Virtual With virtual applications, users share a pool of software licenses. The company
lic
applications saves money by purchasing enough licenses to service average demand (or peak
demand), rather than one license per employee. Beyond cost savings, virtual
applications provide centralized control over applications. Users cannot make
changes or install their own software, and the threat of viruses can be reduced.
up
Virtual desktops Virtual desktops go beyond virtual applications to provide an entire computing
environment, including multiple applications, a logon environment, and local
user preferences. Essentially, a virtual desktop is a virtualized PC running within
D
a VM on a host computer. End-users connect to their own virtual desktops by

using a thin terminal or specialized software.
ot
As with virtual applications, virtual desktops provide centralized administration

and additional security. Furthermore, virtual desktops empower a mobile
workforce whose members can access their personal workspaces from anywhere
N
on the network.
Another advantage is that updates only need to be applied once. A golden image
is created and when users reboot, they get a new VHD or VDI with the new,
o
updated image.
D
Hardware Requirements for Virtual Servers

Before planning to migrate a server from physical environment to virtual environment it is essential Virtual Server Hardware
to ensure that the hardware intended to be virtualized meets the requirements of all virtual machines Requirements
that are intended to be run on it. Also, the operating system running on the bare metal hardware
should be capable of supporting the guest operating systems running on each virtual machine.

Early virtualization products required modifications to the guest OS, particularly hardware drivers.
Modern CPUs include virtualization support features that enable the host to run unmodified guest
operating systems. Intel’s Virtualization Technology (VT or VT-x, which stands for Virtualization
Technology for x86) and AMD’s AMD-V (the V stands for virtualization) are the primary examples
of CPU virtualization features.
Intel VT and AMD-V are not compatible, though they provide essentially the same features. Current
host OS options typically support both of these virtualization technologies. Citrix XenServer,
Oracle's VirtualBox, and Microsoft’s Hyper-V are examples of host operating systems (or operating
system components) that take advantage of CPU virtualization features and enable virtualization.
e
You will need to check the documentation for your system to see whether it has support for
ut
hardware virtualization. Virtualization support might need to be enabled in the system BIOS in
order for it to be used.
ib
Resource Allocation between Guest and Host
tr
Host and Guest Each of the guest operating systems you install will need to meet the hardware requirements that
Resource Allocation would be needed if you were installing the operating system on a separate physical computer. The
is
host computer needs to have enough resources to be able to run the management interface and each
of the guest operating systems. The host and guests will be sharing resources including CPU, RAM,
display, disk space and disk access, and network access and utilization.
D
Resources can be allocated as a specific size when the virtual machine is created or you might be
able to use dynamic allocation. Partitioning, or slicing, allocates specific resources to each virtual
or
machine. These boundaries are not scaled up or down with changing resource requirements. With
dynamic allocation, the resources are divvied up based on resources needs as the virtual machine in
used. You can set limits for dynamic allocation so that one virtual machine doesn't end up
monopolizing all of the resources, leaving other virtual machines with no resources available.
e
at
Management Interface
Management Interface A management server or virtual server console is a virtual machine that is used by network
lic
administrators for managing other virtual machines running on the server. The management server
can be used for performing tasks such as adding or removing a virtual machine from the server and
reallocating the resources between various virtual machines running on the server.
up
Different virtualization methods and applications have different management interfaces. However,
Linux-based virtualization typically uses either Xen or Kernel-based Viral Machine (KVM). There
are two KVM management tools you can use. The virt-manager is a GUI tool that enables you to
D
manage most of the virtualization features. The other tool, virsh, is command-line based and enables
you to manage all of the features of the virtualized environment.
Microsoft Hyper-V uses the Hyper-V Manager. Virtual Box uses the Oracle VM VirtualBox
ot
Manager. Through these programs, you can create, manage, and run the virtual machines you create.
N
o
D

e
ut
ib
tr
is
D
or
e
Figure 4-2: The Oracle VM VirtualBox Manager.
at
Enterprise-level virtual environments use other tools. Some of the virtual environment management
interfaces you might encounter include:
lic
• Enerprise Virtualization Manager

• VCenter
• System Center Virtual Machine Manager
up
• Citrix Xenserver Manager
Hypervisor
D
Currently, the most popular virtualization products fall into two general categories: Hypervisor
• Bare metal hypervisors
ot
• Host-based hypervisors
A hypervisor, or virtual machine manager, is the core virtualization software that enables multiple Industry documentation
N
virtual computers to run on a single physical host. A bare metal hypervisor is one you install directly usually refers to Type 1
on the server’s hardware—you don’t install an operating system first. Bare-metal hypervisors are and Type 2 hypervisors
also known as native or Type-1 hypervisors. rather than bare metal
o
and emulator.
A host-based hypervisor is one that runs within an operating system—you install the OS first and
then install the hypervisor. This is also known as a Type-2 hypervisor or an emulator.
D
Linux-based virtualization typically uses either Xen or Kernel-based Virtual Machine (KVM). These
are both free hypervisors. Xen is a bare-metal hypervisor with built-in managment tools. KVM is
embedded in the Linux kernel.
Host-based hypervisors such as VirtualBox, Microsoft Virtual PC, and VMWare Workstation, run
on top of an existing operating system.

Hypervisor Types
Hypervisor Types There are two main methods of executing server virtualization.
Server Virtualization Method Description
Bare metal This method is where the hypervisor runs directly on the
host's hardware to control the hardware and to manage
guest operating systems. They are sometimes referred to
e
bare metal hypervisors. A guest operating system runs as a
process on the host. Examples of hardware-based
ut
virtualization include Oracle VM Server, Citrix XenServer,
VMware ESX/ESXi, and Microsoft Hyper-V. This is often
referred to as a Type 1 hypervisor.
ib
Host-based This method is where the hypervisor runs on an operating
system like other applications. These hypervisors abstract
tr
guest operating systems from the host operating system.
Examples of client-based virtualization includes VMware
is
Workstation, and VirtualBox. This is often referred to as a
Type 2 hypervisor.
D
The primary vendors of bare metal hypervisors are VMWare and Citrix. VMWare’s offerings are
built around the ESXi Server. This is the main virtualization engine for which VMWare offers a
suite of tools. For example, the Virtual Center management console is the tool you use to create
or
virtual machines, move them between hosts, monitor resource usage, and so forth. The VMotion
add-on component enables you to move VMs between hosts while those VMs are actively being
used. The LabManager add-on component enables you to set up self-serve lab computer
e
provisioning that will let end-users set up virtual computers without administrator involvement. The
VMWare File System (VMFS) is available for use in ESXi Server, but it’s not required.
at
Citrix’s XenServer is also a bare metal hypervisor. Citrix purchased the open-source Xen project.
For a while, you could still download a free, limited-feature version of Xen from Citrix or purchase
lic
the full-featured XenServer product. In early 2009, Citrix surprised industry watchers by releasing
the full XenServer product for free. Citrix’s virtualization management suite is called “Essentials for
XenServer,” and you can purchase editions with various levels of capabilities. For example, both the
Enterprise and Platinum editions offer the XenMotion migration tool (equivalent to VMotion from
up
VMWare). However, you have to purchase the Platinum version to get the automated lab
management functionality like that offered by VMWare’s LabManager.
Microsoft’s Hyper-V is a bare metal hypervisor that requires one guest virtual machine running
D
Windows Server 2008 or Windows Server 2012. That parent partition has full access to all of the
hardware and serves as the management entry point for all of the other VMs. Hyper-V has more
limitations than the products from Citrix and VMWare.
ot
Of the hosted hypervisors, Oracle's VirtualBox is a popular choice. This product is not an
enterprise-level virtualization solution, at least not at the level of VMWare and XenServer. However,
N
it does provide a powerful and free solution for test environments, client operating system
virtualization, classroom and development lab environments, and more. It is available in commercial
and open-source editions at www.virtualbox.org.
o
D
job aids on How to Set up Virtual Servers.

ACTIVITY 4-1
Installing Hyper-V
Before You Begin
e
Virtualization has been enabled in the system firmware.
ut
Scenario
You plan to soon conduct various tests on the security of your systems at Develetech. However, you
ib
don't want to dedicate separate hardware on which to run Linux tests, so you decide to use
virtualization on an existing host environment. This will make it easier to set up and manage test
environments.
tr
is
1. On your server, in Server Manager, select Dashboard.
D
2. Select Add roles and features. On the Before you begin page, select Next.
3. For Installation Type, if necessary, select Role-based or feature-based installation and select Next.
4. On the Select destination server page, select Next.

or
5. For the Server Roles, select Hyper-V. In the Add features that are required for Hyper-V dialog box,
select Add Features. Then select Next.
e
at
6. Select Wireless LAN Service then select Next.
7. Select Next four times until you reach the Confirmation step.
lic
8. Select Restart destination server automatically if required and then select Yes to restart automatically.
9. Select Install.
up
10. When the server restarts, log on to Windows.

D
11. Close the Add Roles and Features Wizard dialog box.
12. In Server Manager Tools, from the Tools menu, open Hyper-V Manager to verify that Hyper-V installed
correctly.
ot
N
o
D

ACTIVITY 4-2
Installing and Configuring Windows Server
2012 R2 Server Core Edition
e
Scenario
ut
Another test environment you would like to install in the virtual environment is Windows Server
2012 R2 Server Core edition. You have read that this takes much fewer resources than a GUI
ib
installation and would like to try it to determine if it is something Develetech might use in the
future. For now, you will just install the Server Core Edition.
tr
1. Create a virtual machine profile for Windows Server 2012 R2.
is
a) If necessary, from the Server Manager Tools menu, open Hyper-V Manager.
b) In the Hyper-V Manager window, select your server name.
c) Select Action→New→Virtual Machine.
D
d) On the Before You Begin page, select Next.
e) On the Specify Name and Location page, in the Name text box, type Server##-SvrCore where ## is
your unique student number. Select Next.
or
f) On the Specify Generation page, select Generation 2 and then select Next.
g) On the Assign Memory page, in the MB text box, type 2048 and then select Next. This will allocate 2
GBs of RAM to the virtual machine.
e
h) On the Configure Networking page, selectNext.
i) On the Connect Virtual Hard Disk page, verify that Create a virtual hard disk is selected and select
at
Next.
j)
Let students know where On the Installation Options page, select Install an operating system from a bootable image file then
lic
to find the ISO image for browse to and select the ISO image file for Windows Server 2012 R2 provided by your instructor.
Windows Server 2012 Select Next.
R2. k) On the Completing the New Virtual Machine Wizard page, select Finish.
up
l) Verify that the VM profile was properly created.

Examine the Settings for the new virtual machine to verify that they are correct and that it is
configured to boot from the DVD.
D
2. Install Windows Server 2012 R2 Server GUI Edition into the virtual machine profile.
a) With Server##-SvrCoreselected, in the Server##-SvrCore section of the Action pane, select
Connect.
ot
b) On the virtual machine toolbar, select the Start button.

c) Press any key when prompted.
d) On the Windows Setup window within the virtual environment, select Next.
N
e) Select Install Now.

f) On the Select the operating system you want to install page, with Windows Server 2012 R2
Standard (Server with a GUI) selected, select Next.
o
g) Select I accept the license terms and then select Next.

D
h) Select Custom: Install Windows only (advanced).

i) With Drive 0 Unallocated Space selected, select Next. Windows will be installed. The server will
restart multiple times during installation.
j) When prompted that the Administrator user's password must be changed, select OK.
k) Enter and confirm the password P@ssw0rd! Select OK to confirm that the password has been
changed.

l) Log in. In the Hyper-V virtual machine, when prompted to press Ctrl+Alt+Delete you will use the
right-hand Ctrl+Alt+End or use the menu option.
3. Switch Windows Server 2012 R2 from GUI to Server Core.

a)
From the Taskbar in the virtual machine, right-click the PowerShell icon and select Run as Make sure students are
Administrator. changing the virtual
b) In the PowerShell window, enter import-module ServerManager machine and not the
c) Enter uninstall-WindowsFeature Server-Gui-Shell -Restart host machine in this
step.
e
d) When the virtual machine has restarted, press right-hand Ctrl+Alt+End and log in as Administrator.
Minimize Server Manager.
ut
Notice that you are at a command prompt rather than in the GUI, but Server Manager still loads.
This gives you a minimal server environment with the ability to still do much of the configuration and
monitoring through a GUI utility.
ib
e) At the command prompt, enter start powershell
f) At the PowerShell prompt, enter uninstall-windowsfeature server-gui-mgmt-infra -restart
tr
This will remove Server Manager leaving you with just the Server Core.
g) Log in.
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 4-3
Installing Windows 8.1 with Update 1
Before You Begin
e
Distribute the installation You have a computer available that meets the requirements for Windows Server 8.1 with space
ut
media and product key available on the hard drive to install the operating system. This can be a physical computer or a
at the beginning of the virtual machine.
activity. For the
ib
Microsoft account Note: Activities may vary slightly if the software vendor has issued digital updates. Your
information, you might instructor will notify you of any changes.
want to create tent cards
tr
or text documents with
the individual account Scenario
information and
is
distribute them to
The next system in your test lab you would like to install is the Windows 8.1 operating system. Most
students after they of the users at Develetech use Windows 8.1 systems. Your test lab should mirror the systems that
complete the installation are deployed as closely as possible.
D
process. In addition, if
your physical location
has wireless networks 1. Create a virtual machine for Windows 8.1
available, you will need
to determine which
wireless network
students should connect
or
a) In Hyper-V Manager, begin creating a new virtual machine.
b) On the Before You Begin page, select Next.
c) On the Specify Name and Location page, in the Name text box, type Win8.1 Client ## where ## is
e
to, along with any your unique student number. Select Next.
password that might be d) On the Specify Generation page, select Generation 2 and then select Next.
at
required to connect to e) On the Assign Memory page, specify 2048 MB of RAM, check , and then select Next.
the wireless network. f) On the Configure Networking page, from the Connection list, select the External virtual switch,
Notify students of any Public## and then select Next.
lic
changes to activities g) On the Connect Virtual Hard Disk page, select Next.
based on digital software
h) On the Installation Options page, select Install an operating system later and then select Next.
updates issued by the
i) Select Finish.
up
software vendor.
Provide students with
the source files on a 2. Configure the virtual machine to access the boot image.
DVD, USB flash drive, or a) In Hyper-V Manager, with the Windows 8.1 client virtual machine selected, in the Actions pane,
D
provide a network select Settings.

location from which b) Under Hardware select Add Hardware.
students can access the c)
installation files. With SCSI Controller selected, select DVD Drive then select Add.
ot
This is written for d) From the Location drop-down list, select 1 or one of the other unused numbers if 1 is in use.
students to install the e) Select Image file then browse to and select the ISO image.
client as a virtual
N
f) Select Apply
machine. If you prefer g) Under Hardware select Firmware and if necessary, move DVD Drive to the top of the Boot order list.
that they install on
h) Select OK.
physical hardware,
o
provide an appropriate
machine to do so and 3. Start the Windows 8.1 installation wizard.
D
start with step 3 of this a) With the Windows 8.1 virtual machine selected, in the Actions page, in the Win8.1 Client section,
activity. select Connect.
Depending on what is b) In the virtual machine connection window, from the toolbar, select the Start button.
already added, you c) When you are prompted, press any key to boot from the installation media.
might need to select
d) On the Install Windows page, for Language to install, select English (United States).
SCSI Controller, then
select Add before adding e) For Time and currency format, select English (United States).
the DVD drive. f) For Keyboard or input method, select US.

g) Select Next.
h) In the Windows Setup window, select Install now.
4. Provide a product key, accept the license terms, and specify the installation type.
a) If the Enter the product key to activate Windows page appears, type the product key provided by
your instructor and select Next.
If you are installing an Evaluation copy of Windows 8.1, you will not be prompted for a product key.
b) On the License terms page, read the license agreement, check I accept the license terms, and If you have not already
select Next. done so, provide each
e
c) On the Which type of installation do you want page, select Custom: Install Windows only student with a valid
(advanced). product key.
ut
5. Specify where the Windows 8.1 files should be installed.
ib
a) On the Where do you want to install Windows page, examine the table.
If installing on physical
b) computers, assist
Verify that Drive 0 Unallocated Space is selected, and then select Next.
students with removing
tr
6. Complete the installation. any partitions that need
to be removed.
a) Wait while the Windows operating system files are installed and the computer reboots twice.
is
As Windows progresses
b) On the Personalize page, select a color. through the installation,
c) In the PC name text box, type the first part of your assigned Microsoft account name. briefly explain what is
D
For instance, if your assigned Microsoft account name were being done during each
SvrPlus_student02-10-30-14@outlook.com, you would enter SvrPlusStu02 as the PC name. phase of the process; for
example, installing files,
or installing features,
identifying hardware and
installing drivers, and
finalizing Registry
e
settings.
If you have not already
at
done so, provide

students with their
Microsoft account
lic
information.
If a wireless network is
available at your
up
location, tell students the

name of the wireless
network and the
password to use to
d) Select Next.
D
connect to the network.

e) If necessary, on the Wireless page, follow your instructor's directions to select and connect to an If you have codes or
available wireless network and then select Next. have an email address
or cell phone where the
ot
f) On the Settings page, select Use express settings.

You will configure Windows settings in upcoming activities, so you can accept the default settings for code could be sent, you
now. can have students enter
the code.
N
g) On the Sign in to your Microsoft Account page, type the email address associated with your
assigned Microsoft account, and then select Next. If you are reusing email
addresses, students
h) On the Help us protect your info page, select I can't do this right now . might be prompted with
o
i) On the OneDrive is your cloud storage page, select Next. "How should we set up
Windows uses your Microsoft account information to create a local computer account and applies your PC?" Have them
D
any personalized settings to that account. select Set this up as a

j) Observe the screen as Windows installs apps. new PC instead and
then select Next.
Several messages are displayed that are intended to help you use the Windows 8.1 interface. When
the Desktop screen is displayed, the Windows installation process is complete. If Windows boots to the
Start screen instead of
the Desktop, help
7. If necessary, change the Time Zone setting.
students navigate to the
a) In the taskbar, right-click the current date and time, then select Adjust date/time. Desktop.

Verify that all students b) Select the Change time zone button.
have successfully c) From the Time zone drop-down listed, select the appropriate time zone for your location and then
installed Windows and select OK.
have changed the time d) In the Date and Time dialog box, select OK.
zone before you proceed
to the next topic. 8. Remove the installation media from the computer.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

TOPIC B
Create Virtual Switches
<INSERT TOPIC INTRODUCTION HERE>
e
Network Virtualization
ut
Hyper-V network virtualization also enables you to isolate VMs that share the same host. This can Network Virtualization
be an effective solution when you are using Hyper-V to host VMs for another organization because
network traffic is separated into separate virtual LANs (VLANs).
ib
When network virtualization is implemented, each VM has two IP addresses:
• The customer IP address is assigned by the customer to the VM so that the VM can
tr
communicate with the customer's internal network. This is the IP address that is displayed when
you use the ipconfig command on the VM.
is
• The provider IP address is assigned by the hosting provider to the VM so that the provider can
manage the VM. This address is visible to the host and to other hosts on the physical network,
D
but not from within the VM itself.
Because each provider address is different, multiple VMs on a host can actually have the same
customer IP address without causing addressing conflicts.
Network virtualization can be configured in several ways:
or
• Create virtual switches and connect different VM adapters to different switches in order to
segment the network.
e
• Implement VLANs to extend network segmentation into the physical network, and have two
at
hardware switches that support VLANs.

Dividing a network between multiple virtual switches and multiple physical adapters and
implementing VLANs are ways to isolate network traffic and optimize Hyper-V network
lic
performance.
Types of Virtual Switches

up
A virtual switch controls network traffic between VMs, including VMs hosted on the same server Types of Virtual
and VMs hosted on other servers on the physical network. Hyper-V on Windows Server 2012 Switches
D
supports three different types of virtual switches.
Type Description
ot
External Used to map a network to a specific network adapter or network adapter team.
Internal Used to communicate between the virtual machines on the host, and between
N
the virtual machines and the host itself.

Private Used to communicate between virtual machines, not between the virtual
o
machines and the host itself.

D
Note: In Windows Server 2008 and 2008 R2, the term virtual network was used for this
capability.
When you configure a virtual switch, you can also configure VLAN IDs so that you can associate
existing VLANs on the physical network with VLANs within the Hyper-V host. This enables you to
separate network traffic into logical networks, where traffic can move from one VLAN to another
only after passing through a router.
Lesson 4: Creating a Virtual Environment | Topic B

To implement a virtual network, in Hyper-V Manager, in the Actions pane, select Virtual Switch
Manager. When you create the virtual switch, you can select which type of switch it should be as
well as which physical network adapter it should be connected to. You can also choose the
management VLAN to be used by the management operating system. This isolates host network
traffic from the VMs when both are using the same physical network interface card (NIC).
Note: Check out the LearnTO Implement a Virtual Switch presentation by selecting the
LearnTO tile on your LogicalCHOICE Course screen.
e
LearnTO Implement a
MAC Addresses
ut
Virtual Switch from the
screen or have students Media access control (MAC) addresses uniquely identify the network card. They are 6-byte hexadecimal
numbers that identify a NIC. This can pose a problem with virtual network adapters. The virtual
ib
navigate out to the
Course screen and switch in Hyper-V is a traditional layer 2 switch, meaning that it switches based on MAC address.
watch it themselves as a The MAC addresses of the source and destination machines are sent in each packet, and the switch
tr
supplement to your uses these addresses to route the packet. An external virtual switch is connected to the external
instruction. If not, please world (the world outside the virtualized environment) through the physical NIC. Ethernet packets
is
from a VM destined for a machine outside the virtual environment are sent out through this
the LearnTOs for this
course on their
physical NIC. This means that the physical NIC must be able to carry the traffic from all the VMs
connected to this virtual switch. This is harder than it seems because the packets being routed
D
screen after class for through the physical NIC will contain multiple MAC addresses (one for each VM's virtual NIC).
supplemental Unless you specify static MAC addresses for each VM's network adapter, Hyper-V will allocate
information and
MAC Addresses
addresses.
or
MAC addresses from an address pool. By default, a MAC address pool contains 255 MAC
When you have only one Hyper-V host, automatic MAC address allocation should not present any
problems because the host will ensure that each VM has a unique MAC address from the pool.
e
However, when you have multiple Hyper-V hosts that are connected to external networks, you
should consider configuring each host so that it uses a different address pool.
at
In addition, when VMs get their IP addresses through DHCP, you should consider assigning static
MAC addresses so that the DHCP reservation ensures that the IP address is always allocated to the
lic
same MAC address.

You can manually configure the MAC address in the VM settings, under Network Adapter, in
Advanced Features
up
Sample MAC Address Ranges

D
If you are configuring MAC address ranges for several hosts, you might want to change the values
of the fifth pair of hexadecimal digits. For instance, the following table shows possible MAC address
ranges for three hosts.
ot
Host MAC Address Range

N
Host A Minimum: 00-16-9E-2C-AA-00

Maximum: 00-16-9E-2C-AA-FF
o
Host B Minimum: 00-16-9E-2C-BB-00

D
Maximum: 00-16-9E-2C-BB-FF
Host C Minimum: 00-16-9E-2C-CC-00
Maximum: 00-16-9E-2C-CC-FF

Virtual Network Adapters

Hyper-V only binds the virtual network service to a physical network adapter when a virtual switch Virtual Network Adapters
is associated with the physical network adapter in question. So you must assign a virtual switch to Hyper-V is similar to the
your actual physical (host machine's) network card. preceding product,
Virtual Server, but has
Hyper-V has two kinds of virtual network adapters that you can choose from:
key differences.
• A network adapter (formerly known as a synthetic network adapter) that is designed specifically
for VMs to significantly reduce CPU overhead during network I/O by using shared memory on
e
the VM bus for more efficient data transfer.
• A legacy adapter (formerly known as an emulated network adapter) that simulates a hardware
ut
NIC.
In the VM settings, when the VM is turned off, you can add either (or both) network adapter type.
ib
In the properties of the network adapter, you can choose which virtual switch (or none) to connect
the network adapter to. Different NICs can be connected to different physical network adapters, if
needed.
tr
The network adapter can provide VLAN tagging. If you choose to do this, performance will be
significantly better if the physical network adapter supports
is
NDIS_ENCAPSULATION_IEEE_802_3_P_AND_Q_IN_OOB encapsulation for both large
send and checksum offload. Without this support, Hyper-V cannot use hardware offload for packets
D
that require VLAN tagging, causing decreased network performance.
The network adapter has much better performance than the legacy adapter, but requires a driver in
the guest operating system. This driver is added when you install integration services. The legacy
or
adapter does not require a driver, and can be used for older guest operating systems that do not
support integration services, or for VMs such as bare metal boxes that must PXE boot from the
network.
e
Unless you require the legacy adapter, you should delete any that you have. If you do require a
legacy adapter to boot from the network, make sure that it is listed first in the VM settings, under
at
Hardware, under BIOS, in the Startup Order.

Note: A deep dive into VLANs is beyond the scope of this course. For more information, see
lic
"Understanding Hyper-V Virtual Networks - Part 1 - Switching basic concepts" at http://

blogs.technet.com/b/apb/archive/2009/03/10/understanding-hyper-v-virtual-
networks-internally.aspx.
up
There are several properties you can configure for a virtual network adapter.
Property Description
D
Virtual Switch The virtual switch associated with the NIC.

VLAN ID The ID for the virtual LAN.
ot
Bandwidth The ability to manage bandwidth to better organize network traffic.

Management
N
MAC Address The physical address of the NIC. In the case of a virtual NIC, the
virtual address.
o
D

Property Description
SR-IOV This new feature allows you to assign a network adapter that supports
single-root I/O virtualization (SR-IOV) directly to a virtual machine.
This allows a PCIe device to appear to be multiple separate physical
PCIe devices. The end result is network performance that is almost the
same as in a physical, non-virtualized network. You can only select SR-
IOV if there support in the BIOS, the operating system, and the
hypervisor that is running on the hardware.
e
ut
job aids on How to Manage Virtual Networking.
ib
VirtualBox Network Modes
tr
VirtualBox Network In VirtualBox Settings for each virtual machine, you can configure up to eight network cards. These
is
Modes can each be configured in one of seven modes as listed in the following table.
If students are interested
Networking mode Description
D
in more information
about the available
modes, refer them to Not attached Emulates the Ethernet cable being unplugged from the
https:// network card.
www.virtualbox.org/
manual/
ch06.html#network_nat_
service.
NAT
or
The default mode. Useful for users who want to browse
websites, access email, or download files from the
Internet.
e
NAT Network A new experimental mode that acts like a home router,
at
enabling systems within the network and outside the

network to communicate.
lic
Bridged networking Connects to a physical network card to exchange network

packets directly without using the host OS network stack.
Useful for network simulation and using guest servers.
up
Internal networking Network is visible only to specified virtual machines. This

is a VLAN in which applications on the host and the
outside networks cannot be communicated with.
D
Host-only networking Creates a virtual network interface on the host and

provides connectivity between virtual machines and the
host. This is like using a physical loopback interface.
ot
Generic networking User selects a driver to be used with VirtualBox or

distributed in extension packs. Sub-modes available are
UDP Tunnel or Virtual Distributed Ethernet (VDE)
N
networking.
o
D
job aids on How to Create a Virtual Network.

ACTIVITY 4-4
Creating a Virtual Network
Scenario
e
To complete your pilot implementation of virtualization for Develetech, you decide to create a
ut
VLAN on your server. You want to build a sandbox test network. The Kali Linux virtual machines
need to communicate with each other, and need to be isolated from the productivity network. The
Ubuntu server needs to communicate with other machines in the test network as well as with the
ib
production network.
tr
1. Create a private virtual switch.
a) Open Hyper-V Manager.
is
b) In the Actions pane, select Virtual Switch Manager.
c) Under Create virtual switch, select Private.
D
d) Select Create Virtual Switch.
e) Type Private## as the name for the new VLAN.
f)
Select OK to create the VLAN, and close Virtual Switch Manager.
2. Create an external switch.

a) In the Actions pane, select Virtual Switch Manager.
or Ask students how a
cloud provider might
make use of virtual
switches. Answers might
include HR and Finance
e
b) Under Create virtual switch, select External.
department isolation
c) Select Create Virtual Switch.
from the rest of the
at
d) Type Public## as the name for the new VLAN. network.

e)
If multiple network cards are installed, select the appropriate network card. If necessary, assist
lic
f) When prompted that pending changes may disrupt network connectivity, select Yes. students in selecting a
g) Select OK. network card.
up
D
ot
N
o
D

ACTIVITY 4-5
Installing Linux on a Virtual Machine
Before You Begin
e
Your instructor has downloaded and provided you with a VHD file for CentOS 7 Linux.
ut
Scenario
You've identified Kali Linux as an operating system that includes a great deal of penetration testing
ib
tools, vulnerability assessment programs, and other security utilities that will help ensure your
enterprise is safe from threats. You decide to install the operating system in the virtual environment
you installed. This will make it easier to set up and manage Kali Linux or any other environments
tr
you later decide to incorporate.
is
However, hosts running these virtual machines are still exposed to risk, so you'll configure security
settings in the virtual hosting process. You need to ensure that the VM is hidden from the outside
network and that, in the event that an attacker takes control of the VM, they cannot in turn
D
compromise the host it runs on.
Some of the web developers have asked to have CentOS 7 Linux installed. While you have the
or
virtual environment set up and configured, you decide this would be a good environment in which
to test the CentOS distribution of Linux. One of the web developers has provided you with a VHD
that already has CentOS 7 Linux installed.
e
1. Create a virtual machine profile for Kali Linux.
at
a) In the Hyper-V Manager window, select the Server .

b) Select Action→New→Virtual Machine.
lic
c) In the New Virtual Machine Wizard dialog box, select Next.

d) On the Specify Name and Location page, in the Name text box, type Server##-Kaliwhere ## is your
unique student number.
e) Select Next.
up
f) On the Specify Generation page, with Generation 1 selected, select Next.

g) On the Assign Memory page, in the MB text box, type 2048 and then select Next. This will allocate 2
GBs of RAM to the virtual machine.
D
h) On the Configure Networking page, select Public## and then select Next.
i) On the Connect Virtual Hard Disk page, accept the defaults and select Next.
j)
On the Installation Options page, select the appropriate installation source and then select Next.
ot
Let students know which

option to select. k) Select Finish.
N
2. Install Kali Linux into the virtual machine profile.

a) With Server##-Kali selected, select Connect.
b)
Let students know where If necessary, navigate to the location specified by your instructor for the kali-linux-1.0.9a-amd64 file.
o
to find the Kali Linux file. c) Select Action→Start.

D
d) In the Server##-Kali window, with Live (amd64) selected, press Enter.

This will create a live instance of Kali Linux instead of going through the more time-consuming
process of installing it.
e) After Kali Linux loads, verify that you are logged in to the desktop.
f) At the top of the Kali Linux desktop, select the Iceweasel icon.

Note: Iceweasel is a rebranded version of Mozilla® Firefox® web browser.
g) In Iceweasel, navigate to www.google.com and verify that you can connect.

h) Close Iceweasel.
3. Save and shut down the virtual machine.

a) In the virtual machine menu, select Action→Save. The current state of the virtual machine is saved
and the machine is turned off.
e
b) Close the Server##-Kali on server_name - Virtual Machine Connection window.
ut
4. Import an existing virtual machine to Hyper-V.
a) In Hyper-V Manager, in the Actions pane, select Import Virtual Machine.
ib
b) On the Before You Begin page, select Next.
c)
On the Locate Folder page, browse to and select the folder containing the virtual machine your Let students know where
instructor provided for you and then select Next.
tr
to get the Cent)S 7 VHD
d) On the Choose Import Type page, select Copy the virtual machine (create a new unique ID) and to import.
then select Next.
is
e) On the Choose Folders for Virtual Machine Files page, select Next.
f)
On the Choose Folders to Store Virtual Hard Disks page, select Next.
D
If the original virtual
g) On the Completing Import Wizard page, select Finish. machine was created on
the same machine
5. Test the CentOS 7 virtual machine. students are installing it
a)
b)
c)
or
In Hyper-V Manager, select the Server##-CentOS7 virtual machine, then select Connect.
In the Server##-CentOS7 on server_name - Virtual Machine Connection window, select the Start.
At the login prompt, enter root
to, they will need to
rename the folder.
e
d) At the password prompted, enter the password P@ssw0rd!
at
6. Shut down the virtual machine.

a) In the virtual machine toolbar, select Shutdown.
lic
b) In the Shut Down Machine dialog box select Shut Down. The shutdown command is issued on the
server and the server is turned off.
c) Close the centos7_server_name on server_name - Virtual Machine Connection window.
up
D
ot
N
o
D

Summary
In this lesson, you installed and configured virtual servers and clients. By using Hyper-V to create
VMs and manage virtual networking, you can extend the capabilities of your network.
use the social Does your organization, or will your organization, use virtual servers? Why or why not?
networking tools A: Answers will vary. If you need to perform testing, virtual servers are a good way to create an
e
provided on the environment where you can safely test new functionality without needing to have a separate physical
LogicalCHOICE Home computer available for testing. If you want to add another layer of protection to your servers, you can
ut
create virtual servers to make them less accessible to attackers.
course is completed for Does your organization, or will your organization, use virtual switches? Why or why not?
ib
resources to support A: Answers will vary. You might use virtual switches if you need to create a network separate from your
continued learning. organization's main network, which might be for testing or for highly confidential data being
tr
exchanged between select individuals or servers.
is
D
or
e
at
lic
up
D
ot
N
o
D
Lesson 4: Creating a Virtual Environment |

5 Performing Basic Server
Configuration
e
ut
3 hours
ib
tr
is
Lesson Objectives
D
In this lesson, you will perform basic server configuration. You will:
• Configure local server settings.
• Install and configure server roles.
• Set up IP addressing service roles.
or
e
at
Lesson Introduction
lic
You now have a fully functional server, but it only has the default settings. In this lesson,
you will configure some of the configurable settings on your server.
By configuring the server to function the way you need it to, you can improve functionality
up
for your users and make it more efficient for you as the server administrator. In this lesson
you will examine the current settings, examine the tools you can use to configure the server,
and add a server role to your server.
D
ot
N
o
D
TOPIC A
Configure Local Server Properties
Before you start making configuration changes to your server, you should examine the current
settings to see if they will work for you. In this topic, you will configure local server settings such as
the computer name.
e
ut
Server Properties
Server 2012 R2 Server When you install a server operating system, there are many server properties that need to be
ib
Properties configured. Some of them are configured during the installation process, some are given default
values that you should change, and some are not configured at all. Some properties show details
tr
about the hardware or software installed; these values are only changed if a change is made to the
hardware or software.
is
D
or
e
at
lic
Figure 5-1: Server 2012 R2 server properties.

up
As you can see in the previous figure, Windows Server 2012 R2 has quite a few properties listed.
You can manually change some of these properties such as the Computer Name. Some can be
configured through software such as Windows Firewall and Remote management. Currently, the
D
server in the figure is configured as a Workgroup computer, but if you were to install Active
Directory Domain Services, the Workgroup property would no longer be displayed, and the name of
the Active Directory would be shown instead.
ot
Different operating systems have different properties that need to be configured. A Linux server
would not list Workgroup or Active Directory. However, it would have the Computer name and
N
some of the other properties listed for the Windows Server.
Host Name
o
Host Name The host name of a computer is the name assigned to a computer so that it can be identified on the
D
network. If you are using a workgroup, the name will just be the computer name. If you are using
Active Directory or are using the computer as a server on the Internet, the name will be composed
of the computer name and the domain name. For example, if the name of the computer is Server01,
and it is in the develetech.com domain, the host name will be Server01.develetech.com. This
example would be considered the fully qualified domain name (FQDN) of Server01.
Lesson 5: Performing Basic Server Configuration | Topic A

Host names are not case sensitive. The name can be composed of letters, numbers and dashes.
Other characters cannot be used for host names. Each portion of a domain name can be up to 63
characters in length, with the entire host name containing no more than 253 characters. Because
these are designed for use by humans, shorter names are easier to use.
Host names are translated by services such as DNS to their numerical network address. It is easier
for humans to read and remember strings of letters than it is to read and remember numbers, so that
is the main reason we see host names instead of their corresponding IP address.
e
Local Accounts
ut
Local accounts are user accounts that are created and stored on the local computer and apply only to Local Accounts
that specific computer. The user needs to authenticate to the computer to access resources on the
computer. If there are multiple users that use a single computer, they should each have their own
ib
local account created for use on that computer.
When you first set up a Windows client or server, you will have a local account. The local account
tr
will allow you to access and configure the resources on the local client or server computer. Local
account information is stored in the Security Accounts Manager (SAM) file.
is
Note: On Windows 8.1 computers, you can set up a local account or use a Microsoft account
which is a domain account based on your email address.
D
On a Linux or UNIX computer, the local account information is stored in the /etc/passwd file. A
user ID number is created to identify the user account. Standard user accounts usually have a value
above 500 and system accounts usually have a value between 1 and 100.
or
e
job aids on How to Configure Local Server Properties in Windows Server 2012 R2 GUI.
at
lic
job aids on How to Configure a Windows Server 2012 R2 Server Core Installation.
up
D
ot
N
o
D

ACTIVITY 5-1
Configuring Local Server Properties
Before You Begin
e
You have installed Windows Server 2012 R2 and it has the default computer name.
ut
Scenario
You are continuing to set up and configure the lab test environment in which you have so far
ib
created a server. The default names assigned during installation don't mean anything, so you would
like to configure the server computer name property.
tr
1. View the Local Server Properties.
is
a)
Note: Perform these steps on your host system.
D
Log in to your Windows Server 2012 R2 server as Administrator.
b) If necessary, select Server Manager from Start screen or task bar.
or
c) In Server Manager, in the left pane, select Local Server.
d) Observe the current settings. Any setting that can be configured is shown as a link. Settings that are
informational only are not links.
e
2. Turn off Internet Explorer Enhanced Security Configuration.
at
a) Select the link to the right of IE Enhanced Security Configuration.

b) For both Administrators and Users, select Off and then select OK.
lic
3. Change the Time Zone.

a) Select the link to the right of Time zone.
b) Select Change time zone.
up
c) From the Time zone drop-down list, select the appropriate time zone for your location.
d) If necessary, check or uncheck Automatically adjust clock for Daylight Saving Time.
e) Select OK twice.
D
4. Configure the Computer name property.

a) Select the value next to Computer name.
ot
b) In the System Properties dialog box, select Change.

c) In the Computer Name/Domain Changes dialog box, in the Computer name text box, select the
current name, the type in the new name, Server## where ## is your unique student number, then
N
select OK.
d) When prompted that you must restart your computer to apply these changes, select OK.
e) In the System Properties dialog box, select Close.
o
f) When prompted, select Restart Now. The computer is restarted and you will see the Lock screen
when it has finished rebooting.
D
5. Log in and confirm the Computer Name has changed.

a) Log in as Admin.
b) In Server Manager, display the Local Server properties.
c) Confirm that the Computer name is now Server##.
6. View and change the Server Core server's computer name.

a)
Note: Perform these steps on your Server Core virtual machine.
At the command prompt, enter start powershell

b) At the PowerShell prompt, enter Get-Content ENV:Computername
This shows you the current name of the computer.
c) Enter Rename-Computer -NewName Server##-Core
This will rename the computer from the default name to the specified name.
e
d) If prompted, enter y to continue.
e) Enter restart-computer to reboot the computer so the rename will take effect.
ut
f) Log in after the system reboots.
g) At the command prompt, enter start powershell
h) At the PowerShell prompt, enter Get-Content ENV:Computername
ib
Confirm that the name has successfully been changed.
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

TOPIC B
Configure Server Roles
Consider showing the In most organizations, the network will have several servers, each taking on a different role. In
Add Roles and Features smaller networks and test environments, one server might perform several roles. In this topic, you
wizard on your server as will examine some of the typical roles you can configure a server to perform.
e
you present the services
in this topic.
ut
Web Server
Web Server A web server provides access to personal, corporate, or education website content. This service is
ib
provided primarily to external users, such as customers or students, who access the web services
from the Internet. Web servers typically provide web services to external users, although intranet
tr
servers can provide web services to internal users.
is
Application Server
An application server provides access to shared applications, including data warehousing, data
D
Application Server
processing, and other applications shared among multiple users. Some application servers are
dedicated servers, meaning that they provide only one type of application service to network users.
Applications that are large or very sensitive might be distributed across multiple servers to provide
or
fast access to resources and to prevent a critical system failure if one server goes offline.
Directory Server
e
A directory server provides authentication services across an organization, providing access via a single
at
Directory Server
Point out that the basis logon to servers and computers within the organization. Directory services servers also authenticate
of all directory services incoming connections, providing remote access to users outside the network. These include users
lic
is LDAP. who are traveling or who work remotely from home or other organizational sites. An example of
directory services you are likely to encounter is Microsoft's Active Directory Domain Services (AD
DS). On Linux systems, you might see OpenLDAP, ApacheDS, OpenDJ, or 389 Directory Server.
up
Database Server
Database Server A database server provides access to databases, including those for customer information, provided by
D
database software such as Oracle or SQL Server. A database server holds the database management
system (DBMS) and databases. It is dedicated to database storage, updating, and retrieval, and is a
key component in a client/server environment.
ot
Upon requests from the client machines, it searches the database for selected records and passes
them back over the network. A database server and file server may be one and the same because a
N
file server often provides database services. However, the term implies that the system is dedicated
to database use only and not a central storage facility for applications and files.
o
File and Print Server

D
File Server File servers are computers that store the programs and data files intended to be shared by multiple
users. Many file servers use high-speed LAN or WAN links to keep data moving at optimal rates.
Simply put, a file server acts like a remote disk drive.
A print server enables many network users to share the common printers. The printers might be
directly attached to the network or attached to the server.
Lesson 5: Performing Basic Server Configuration | Topic B

A file server might also be combined with a print server. In this case, it provides access to shared
files, such as documents, pictures, spreadsheets, and graphics, as well as access to laser and inkjet
printers.
Messaging Server
A messaging server provides Instant messaging, primarily for internal users. Some organizations have Messaging Server
dedicated messaging servers, giving users a secure way to send and receive messages without using
e
less-secure Internet instant messaging services.
ut
Mail Server
ib
A mail server, also called the message server, provides post office facilities by storing incoming mails Mail Server
or messages for distribution to users and forwards outgoing mails or messages through appropriate
channels. Many of today’s mail servers also provide other services such as document collaboration,
tr
chat, web access, and file storage. The term may refer to just the software that performs this service
while residing on a machine with other service functions.
is
An example of a mail server you might encounter is Microsoft Exchange Server. It can be installed
on a Windows Server 2012 server as well as other versions of Windows Server. Refer to the
D
documentation for the version of Exchange you are installing to determine the operating system and
hardware requirements for installing it in your environment.
Routing and Remote Access Server

or
A routing and remote access server provides access to internal network services and computers to
employees working outside the network. This is a useful feature for employees who are traveling or
Routing and Remote
Access Server
e
working from home. These are referred to as remote services.
at
Network Services Server

lic
Network services such as DNS, DHCP, terminal, fax, and other network services are also provided Network Services Server
from servers. These services might be spread out over multiple servers or installed on a single
server. It all depends on how many servers you have available, the load required for each service to
up
carry, and the overall size of the network.
Service Description
D
Fax A fax server provides a bank of fax modems, allowing users to fax out messages
and remote users to fax in messages over the next available modem. It may be a
dedicated machine or implemented on a file server that is providing other
ot
services.
Terminal A terminal server is designed to be Server Application Models capable of
N
emulating multiple hosts at the same time and allotting separate virtual sessions
for each host. It is widely used in centralized computing networks where
multiple clients may need to access the server at the same time. If the demands
o
of the client are low, then the companies can use terminal services as a way of
extending the lives of their outdated computers. Because a terminal server can
D
support hundreds of sessions, companies can spend money on upgrading the

server and use older clients, thereby, saving money.
DHCP DHCP servers provide IP addressing information for network computers. This
information includes IP addresses, subnet masks, default gateways, and DNS
server addresses.

Service Description
Directory Directory Services servers provide authentication services across an organization,
providing access via a single logon to servers and computers within the
organization. Directory services servers also authenticate incoming connections,
providing remote access to users outside the network. These include users who
are traveling or who work remotely from home or other organizational sites.
DNS DNS servers provide name resolution services for users accessing Internet
resources. Name resolution allows users to use familiar web names, such as
e
www.microsoft.com, instead of using IP addresses, to access websites. DNS
ut
servers also point users to internal resources, such as directory services, file and
print servers, and database servers.
Proxy A proxy server provides Web requests on behalf of clients. With a proxy server,
ib
a client’s request is not sent directly to the remote host. Instead, the request goes
to the proxy server, which then sends the request to the remote host on behalf
tr
of the client. Before sending the packet, the proxy server replaces the original
sender’s address and other identifying information with its own. When the
is
response arrives, the proxy server looks up the original sending node’s
information, updates the incoming packet, and forwards it to the client. By these
actions, a proxy server masks internal IP addresses, like a NAT device. It also
D
blocks unwanted inbound traffic—there will be no corresponding outbound
connection data in its tables, so the packets will be dropped. Many proxy servers
also provide caching functions, which speed up web page access for internal
Monitoring
users.
or
A monitoring server provides network monitoring statistics to help server and
network administrators optimize network usage.
e
Network Time An NTP server provides time synchronization services for computer clocks.
at
Protocol (NTP) This server provides the mechanisms to synchronize time and coordinate time
distribution in a large network. Correct times are important for authentication
services.
lic
up
job aids on How to Install and Configure Server Roles.

D
ot
N
o
D

ACTIVITY 5-2
Installing and Configuring Server Roles
Before You Begin
e
Your Windows Server 2012 R2 server has been renamed to Server##.
ut
Scenario
As you continue working on setting up your test lab, the next task on your list is to convert the
ib
server from being a Workgroup computer to being an Active Directory computer.
tr
1. Open the Add Roles and Features wizard.
a)
is
Note: Perform the following steps on your host computer.
D
Logged in as Admin, in Server Manager, select Manage→Add Roles and Features.
b) On the Before you begin page, select Next.
c) On the Select installation type page, with Role-based or feature-based installation selected, select
Next.
or
d) On the Select destination server page, with your server selected, select Next.
2. Install Active Directory Domain Services.

e
a) On the Select server roles page, select Active Directory Domain Services.
at
b) In the Add Roles and Features Wizard dialog box, select Add Features.
c) On the Select server roles page, select Next.
d) On the Select features page, select Next.
lic
e) On the Active Directory Domain Services page, select Next.

f) On the Confirm installation selections page, select the Restart the destination server automatically if
required check box, then select Yes.
up
g) Select Install.
h) Select Promote this server to a domain controller.
3. Promote the server to a domain controller.

D
a) On the Deployment configuration page, select Add a new forest.

b) In the Root domain name text box, type lab##.develetech.com and then select Next.
ot
c) On the Domain Controller Options page, enter and confirm P@ssw0rd! then select Next.
d) On the DNS Options page, view and the close the warning message at the top of the window. Select
Next.
N
e) On the Additional Options page, verify that The NetBIOS domain name is Lab##, then select Next.
f) On the Paths page, select Next to accept the default paths for the folders.
g) On the Review Options page, scroll through the Review your selections list, then select Next.
o
h) Review the prerequisites check to confirm that all checks passed successfully.
i) Select Install. After the installation is completed, the server will reboot.
D
4. Finish and confirm the installation.

a) When the server has rebooted, log in as Admin.
b) In Server Manager, select Local Server.
c) Verify that Workgroup is no longer listed as a property and that Domain is now listed with the value
being the domain name you configured.

5. Configure static IP address settings for the server core server.

a) Start Hyper-V Manager and start the Server 2012 Server Core server.
b)
Note: Perform these steps on the Server Core virtual machine.
At the PowerShell prompt, enter Get-NetIPInterface

Record the number for your Ethernet card shown in the ifIndex column.
c) Enter New-NetIPAddress -InterfaceIndex ## -IPAddress assigned_ipaddress -PrefixLength 24 -
DefaultGateway gateway_address
e
In this substep, substitute the values assigned by your instructor for any italicized values.
ut
d)
Use the classroom DNS Enter set-DNSClientServerAddress -InterfaceIndex ## -ServerAddresses
server for the first DNS dns_server_address,another_dns_server_address
ib
address and 8.8.8.8 or
another address of your 6. View the current domain setting for your virtual server and join a domain.
choice for the second a) At the PowerShell prompt enter (Get-WmiObject Win32_ComputerSystem).domain
tr
DNS server address.
This should return the result that you are currently a member of WORKGROUP.
b) Enter Add-computer -DomainName lab##.develetech.com -Credential lab##\Administrator -Restart
is
c) Enter the password when prompted.
d) When the system restarts, log in as lab01\Administrator
D
or
e
at
lic
up
D
ot
N
o
D

TOPIC C
Set Up IP Addressing Service Roles
You have created a server with basic services installed on it. In this topic, you will add additional
service roles to give the server additional functionality.
e
Accessing resources within your network and outside your network requires that protocols and
services for those protocols are available from somewhere. Installing the necessary services on your
ut
server is part of administering the server. Having the services under your control as administrator
means you can configure and control how those services are used.
ib
OSI Model
tr
The Open Systems Interconnection (OSI) model is a standard means of describing network communication The OSI Model
by defining it as a series of layers, each with specific input and output. The model provides a The TCP/IP model is
is
theoretical representation of what happens to information being sent from one computer to another covered later in the
on a network. The sending computer works from the Application layer down, and the receiving course.
computer works on the transmitted data from the Physical layer up. The OSI model was developed
D
by the International Standards Organization (ISO) and has seven layers that are numbered in order
from the bottom (Layer 1) to the top (Layer 7).
or
e
at
lic
up
D
ot
N
o
D
Lesson 5: Performing Basic Server Configuration | Topic C

Provide additional
mnemonics for the OSI
model, if you like.
Don't spend too much
time delving into the
specifics of the OSI
model. Detail is provided
here for student
reference. For testing
e
purposes students only
need to have a general
ut
idea of where server
components and
networking fit into the
ib
model.
tr
is
D
or
e
at
lic
Figure 5-2: Layers in the OSI reference model.

up
Note: It can be difficult to remember the correct sequence of the OSI layers, it is easy to
remember them from the top down, using the mnemonic “All People Seem To Need Data
D
Processing.”
The layers of the OSI model, starting from the top, are described in the following table.
ot
Layer Number and Description

Name
N
Layer 7, Enables applications on a network node (computer) to request network

Application layer services such as file transfers, email, and database access. These requests are
accomplished through the use of Layer 7 protocols such as Hypertext
o
Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Mail

Transfer Protocol (SMTP), Internet Message Access Protocol (IMAP), and
D
the like. Proxies and firewalls work at this layer.

Layer 6, Translates Application layer data into an intermediate form that both client
Presentation layer and server can process. Encryption, compression, character sets, multimedia
formats, Multi-Purpose Internet Mail Extensions (MIME) types, and codecs
exist at this layer. Proxies and firewalls work at this layer.

Layer Number and Description

Name
Layer 5, Session Establishes and controls data communication between applications operating
layer on two different computers, regulating when each computer can send data
and how much it can send. TCP and User Datagram Protocol (UDP) port
numbers exist at this layer. Firewalls also work at this layer.
Layer 4, Transport Performs the actual establishment, maintenance, and teardown of the
layer connection. Optionally divides long communications into smaller segments,
e
including error recognition and correction, and data receipt acknowledgment.
ut
TCP and UDP protocols exist at this layer. Packet filtering routers, multilayer
switches, and firewalls work at this layer.
Layer 3, Network Adds logical addressing (network addresses) and chooses the best route. IP,
ib
layer Internet Control Message Protocol (ICMP), and Internet Group
Management Protocol (IGMP) exist at this layer. Routers, multilayer
tr
switches, and firewalls work at this layer.
Layer 2, Data Link Structures the data into a format appropriate for the transmission medium.
is
layer Adds physical addresses such as media access control (MAC) addresses or
frame relay data link connection identifier (DLCI) numbers. Usually includes
D
simple error checking. All WAN and LAN protocols exist at this layer,
including Ethernet, token ring, frame relay, Point-to-Point Protocol (PPP),
High-Level Data Link Control (HDLC), wireless access protocols, ATM, and
Layer 1, Physical
layer
or
X.25. (Some of these protocols extend beyond Layer 2.) Switches and bridges
work at this layer.
Transmits bits (binary digits) from one computer to another and regulates the
transmission stream over a medium (wire, fiber optics, or radio waves). All
e
electrical and mechanical aspects of data transmission exist at this layer,
at
including cabling, connectors, antennas, transceivers, baseband, broadband,

signaling types, voltages, waveforms, modulation, frequencies, and clock
rates. Network interface cards, hubs, and repeaters work at this layer.
lic
Note: While it is true that a repeater, hub, or network interface card

will also be designed to work with a specific Layer 2 protocol (such as
up
Ethernet or token ring), these devices are generally classified as Layer

1 devices because their primary purpose is connectivity rather than
forwarding decisions based on Layer 2 addresses.
D
The OSI model is an excellent conceptual model to understand networking and to compare the
functionality of different devices and protocols. You will often hear experienced engineers and
troubleshooters discuss a problem by referring to the relevant OSI layer. Examples include: “I think
ot
it’s a Layer 2 problem as opposed to a Layer 3 problem,” or “Do we really have to use Layer 3
addressing to carry data across a point-to-point cellular call?”
N
Note: Some network protocols do not map directly to the OSI model. For example,
Multiprotocol Layer Switching (MPLS) is often referred to as Layer 2.5 because it exists
somewhere between the traditional concept of the Data Link and Network layers.
o
D
TCP vs. UDP

The TCP/IP protocol suite includes two Transport-layer protocols: Transmission Control Protocol
(TCP) and User Datagram Protocol (UDP). TCP is a connection-oriented, guaranteed-delivery protocol
used to send data packets between computers over a network such as the Internet. It is part of the
Internet protocol suite along with the Internet Protocol (IP). TCP is responsible for breaking up data
into datagrams, reassembling them at the other end, resending data lost in transit, and resequencing

data. It sends data, waits for an acknowledgement, and fixes erroneous data. IP is responsible for
routing individual datagrams and addressing.
The User Datagram Protocol (UDP), also known as the Universal Datagram Protocol, is a
connectionless Transport-layer protocol in the Internet protocol suite. A connectionless, best-effort
delivery protocol, UDP is used with IP like TCP. It transmits data and ensures data integrity as TCP
does. UDP, however, lacks reliability, flow-control, and error-recovery functions. It is less complex
than TCP, and since it is a connectionless protocol, it provides faster service.
Common Ports
e
This table lists some of the most common well-known TCP and UDP port numbers. Additional
ut
well-known ports and other port number assignments are available online at www.iana.org/
assignments/port-numbers.
ib
Port Type Service Name Purpose
20/21 TCP FTP File transfers
tr
22 TCP/UDP SSH Secure shell for secure data transmission
is
SFTP Secure file transfers
SCP Secure copy
D
23 TCP/UDP TELNET Telnet services
25 TCP SMTP Simple mail transfers
53
68
TCP/UDP
UDP
DNS
DHCP
or Domain name system
Dynamic Host Configuration Protocol
e
80 TCP HTTP Hypertext transfer protocol
110 TCP POP3 Post office protocol
at
123 TCP NTP Network time protocol

lic
137 UDP NetBIOS Network Basic Input/Output System

(NetBIOS) naming service
138 UDP NetBIOS NetBIOS datagram distribution service
up
139 TCP NetBIOS NetBIOS session service

143 TCP/UDP IMAP Internet message access protocol
D
389/3268 TCP/UDP LDAP Lightweight Directory Access Protocol

Port 389 is used to request information from
local DC; port 3268 is used to query the
ot
global catalog.
427 TCP/UDP SLP Service Location Protocol used by svrloc
N
service in network browser.

443 TCP HTTPS HTTP secure combines HTTP with
o
SSL/TLS protocols.
445 TCP SMB Server Message Block (SMB)
D
TCP/UDP CIFS Common Internet File System (CIFS)

548 TCP AFP Apple Filing Protocol over TCP used by
AppleShare, Personal File Sharing, Apple File
Service
989/990 TCP FTPS FTP over Secure Sockets Layer

Port Type Service Name Purpose

3389 TCP/UDP RDP Remote desktop protocol
Network Addressing
You have configured TCP, IP, Subnet masks, Gateway, DHCP, and DNS settings for an IP Network Addressing
network. These addresses need a way to get from your computer to another computer on your
e
network or another network. If the IP address is in the same network segment, and the address is
configured correctly, there should be no problem with access between the two computers. However,
ut
if the computer you are trying to reach is on another network segment or completely outside your
network, the gateway address of a network device is required in order to reach the other computer.
ib
Various protocols are used to usher those packets of information from one computer to another.
Various hardware devices are also used to get the packets where they need to go. The following
table lists some of the protocols and devices, and describes which OSI model layer they function at.
tr
The devices at layers 3-5 will need the appropriate network address assigned so that computers can
access them in order to get information across the network.
is
OSI Layer Protocols or Key Characteristics Network Devices
D
Layer 7, HTTP, FTP, SMTP, IMAP, etc. Application proxy
Application layer
Layer 6, Encryption, compression, character sets, Application proxy
Presentation layer multimedia formats, MIME types, codecs, etc.
Layer 5, Session
layer
TCP and UDP port numbers
or
Firewalls
e
Layer 4, TCP and UDP protocols Firewalls
at
Transport layer
Layer 3, Network IP, ICMP, and IGMP protocols Multi-layer switches, routers,
lic
layer and firewalls

Layer 2, Data Ethernet, token ring, frame relay, PPP, Switches/bridges and access
Link layer HDLC, wireless access protocol, ATM, X.25, points
up
etc.
Layer 1, Physical Cabling, connectors, antennas, transceivers, Hubs, repeaters, patch panels,
layer baseband, broadband, signaling types, cables, and network cards
D
voltages, waveforms, modulation, frequencies,

and clock rates. Network interface cards,
hubs, repeaters, etc.
ot
Network Hardware
N
A variety of network hardware is used to connect and interconnect networks. The following table Network Hardware
lists and describes network hardware. Have students identify
o
which OSI layer each

device works in.
D

Hardware Description
Hub A hub is a device that connects multiple Ethernet or twisted pair

devices together. By this connection, multiple devices can act as a
single network segment. Hubs can either simply receive data
transmitted from a device on one port and broadcast it out to the
devices connected on all other ports, or they can perform the same
receive-then-broadcast action but regenerate or boost the signal.
Hubs are generally inexpensive and easy to manage; however, they
e
do not provide the best performance in high-traffic or latency
sensitive situations. Hubs have largely been replaced by switches, but
ut
many dedicated hubs still remain in use. Troubleshooting a hub is
made easier by the use of status lights for the various ports.
ib
Switch A switch is a network hardware device that joins multiple computers
together within the same LAN. Unlike a hub, switches forward
packets to only the destination port based on MAC addresses.
tr
Because of this, they are slightly smarter than hubs, and are more
common. Switches can also be connected to other switches, thus
is
increasing the number of devices on a LAN without sacrificing
performance. Troubleshooting a switch is made easier by the use of
D
status indicator lights on the various ports.
Router A router is a networking device that connects multiple networks that
use the same protocols. Traffic from one network to another does
or
not always have to travel between the same routers. On the Internet,
for example, traffic is routed according to the best available path at
the time. Troubleshooting a router is made easier by the use of
status indicator lights on the various ports.
e
Bridge A bridge is a network device that divides a logical bus network into
at
segments. Bridges examine the MAC address of each packet. If the

packet is destined for a node connected to a different port, the
lic
bridge forwards the packet. If the packet is addressed to a node on

its own segment, the bridge does not forward the packet. This
arrangement reduces traffic between segments and improves overall
network performance.
up
Access Point An access point (AP) is a device or software that facilitates

communication and provides enhanced security to wireless devices.
It also extends the physical range of a WLAN. The AP functions as
D
a bridge between wireless STAs (stations) and the existing network

backbone for network access.
ot
Modem A modem is a device that modulates and demodulates digital data to

an analog signal that can be sent over a telephone line. Its name is a
combination of modulate and demodulate. Use a modem to connect
N
to the Internet and to translate digital information to and from your

computer. Depending on the type of connection used, you will use
either a cable modem, a DSL modem, a wireless modem, a voice
o
modem, or a radio modem. A laptop modem can be an internal

device, or can be added to a system using a PC Card or an
D
ExpressCard.
NAS A network-attached storage (NAS) appliance is a data storage device
that can be connected to a network to provide direct data access and
file sharing to multiple computing devices attached to the network.

Hardware Description
Firewall A firewall is a software program or hardware device that protects
networks from unauthorized data by blocking unsolicited traffic.
Firewalls allow incoming or outgoing traffic that has specifically
been permitted by a system administrator and incoming traffic that is
sent in response to requests from internal systems. Firewalls use
complex filtering algorithms that analyze incoming network data
based on destination and source addresses, port numbers, and data
e
type.
ut
VoIP phones Voice over IP (VoIP) phones can transmit voice signals over IP data
networks. With VoIP, the phone system and IP network translate
between voice and network signals and between phone numbers and
ib
IP addresses. You can make a telephone call and the signal will be
transmitted over your network connection and transferred to the
standard phone system if the called party does not have VoIP
tr
service. Conversely, when a caller dials a phone number that maps to
a VoIP device, VoIP routes the call to the IP host.
is
Internet appliances An Internet appliance is a device that allows quick easy access to the
Internet. It can be connected to a number of computing devices for
D
allowing access to Internet services.
Legacy Addressing
or
Today's networks are almost all TCP/IP networks using DNS and DHCP. In the past however,
there were many Windows Server 2000 and Server 2003 networks that made use of WINS and
Legacy Addressing
e
NetBIOS, and some applications and resources still rely on this technology.
at
The Windows Internet Name Service (WINS) is Microsoft ® ’s NetBIOS name resolution service, which
was developed to reduce the number of NetBIOS name resolution broadcasts on networks that use
NetBIOS naming. The WINS server uses a name resolution table to map NetBIOS names to
lic
protocol addresses. WINS clients are configured with the IP address of the WINS server so that
they automatically register their names in the WINS database when they come online. They can also
resolve names by targeted requests to the WINS server. There has been talk of phasing out WINS
up
for years, and Microsoft began to move in that direction with the release of Windows Server 2008.
The WINS service is replaced in Windows Server ® 2008 with a new type of DNS zone that will
still support older WINS clients.
D
A NetBIOS name is 16 characters, with the first 15 characters used for the name and the 16th
character used to designate a particular service or functionality. A NetBIOS name can consist of
letters, numbers, and the following special characters: ! @ # $ % ^ & ( ) - _ ‘ { } . ~
ot
NetBIOS names must be unique. They cannot contain spaces or any of the following special
characters: \ * + = | : ; “ ? < > ,
NetBIOS names aren’t case-sensitive, so “A” is equivalent to “a.” Some examples of valid NetBIOS
N
names are SUPERCORP, SERVER01, and INSTRUCTOR.

In a NetBIOS name, the reserved 16th character is typically expressed as a hexadecimal number
o
surrounded by angle brackets at the end of the name. For example, the NetBIOS name
SUPERCORP<1C> would represent a request for the SUPERCORP domain controllers. When
D
you try to access a given service, you don’t have to append a NetBIOS suffix manually; Windows
does this automatically. When you’re setting the NetBIOS name on a domain or computer, you
enter it without the 16th character because a single NetBIOS name can be used to represent many
different services on the same system.
NetBIOS names exist at the same level—a concept referred to as a flat namespace—even if the
computers to which they’re assigned are arranged in a network hierarchy. All NetBIOS names are in
one big pool, without anything that identifies what part of the network the names belong to. For

example, SERVER01 and SERVER02 are both valid NetBIOS names. By looking at them,
however, you can’t tell that SERVER01 is a member of the domain CHILD01, and SERVER02 is a
member of CHILD02. With the flat-namespace structure, managing a large network environment
becomes much more difficult.
Resolving NetBIOS Names

The simplest way for a computer to resolve a NetBIOS name to a numeric address is to send a
network broadcast, as shown in Exhibit 9-9. A broadcast is a message destined for all computers on
a given network. The name-request broadcast message includes the NetBIOS name the computer is
e
looking for, the type of service (represented by the 16th character), and the address of the computer
ut
sending the broadcast. The computer with the requested NetBIOS name can respond to the request.
If a computer with a matching NetBIOS name and service type receives the broadcast message, it
responds directly to the computer that sent the broadcast message.
ib
Once the two computers know each other’s IP addresses, they can communicate directly with one
another. In order to improve performance and reduce network traffic, IP addresses associated with
tr
resolved NetBIOS names are cached for 10 minutes.
is
D
or
e
at
lic
up
D
ot
N
o
Figure 5-3: NetBIOS name resolution, using a broadcast.

D
Although using broadcasts to resolve NetBIOS names is simple, it isn’t efficient. Network devices
such as routers, which are used to control traffic among various parts of a network, usually don’t
forward broadcasts. Two computers on different physical networks separated by a router can’t
resolve each other’s NetBIOS names. To overcome some of these problems, Microsoft introduced
the Windows Internet Name Service (WINS).

WINS is a database with which all computers on a network register their NetBIOS names. In order
for computers to register with WINS, they must be configured with the IP address of one or more
WINS servers on the network. When a computer needs to resolve a NetBIOS name to an IP
address, it sends a request directly to a WINS server, instead of sending a broadcast to the entire
network. If the WINS server finds a matching name in its database, it responds with the IP address
of the computer being sought.
Due to such problems as excessive broadcasts and the inability of broadcasts to cross routers, and in
acknowledgement of the dominant role the Internet plays in today’s networks, Microsoft switched
to DNS as the primary name-resolution system on Windows networks, starting with Windows 2000.
e
ut
DNS
DNS names are typically composed of three parts: a computer name, a domain name, and a top-
ib
DNS
level domain name. For example, in the name www.microsoft.com, www is the computer’s name
(or an alias for the actual name), microsoft is the domain, and com is the top-level domain.
tr
With this scheme, many computers can be called “www” without causing naming conflicts.
Additionally, there can be many computers within the Microsoft domain, each with a different
is
name. There can also be more than one Microsoft domain, as long as each one is contained in a
different top-level domain. You can also use subdomains. For example, in
www.corporate.microsoft.com, “corporate” is a domain within the Microsoft domain. Four-part
D
names such as this aren’t rare, but you probably won’t see divisions beyond that.
When you install Active Directory Domain Services in Windows Server 2012 R2, DNS also is
locate AD DS resources.
Top-level Domains
or
installed. AD DS relies on DNS for basic services such as supplying SRV records to allow clients to
e
Top-level domains (TLDs) constitute the suffix at the end of a DNS name. The original
at
specifications called for the following TLDs, each meant to contain domains with the following
purposes:
• .com for general business
lic
• .org for nonprofit organizations

• .edu for educational organizations
up
• .gov for government organizations

• .mil for military organizations
• .net for Internet organizations (hosting companies and ISPs)
• .int for international
D
As more countries joined the Internet, new TLDs were added for each country. A few examples of
these two-letter (digraph) TLDs are in the following list, and a complete list can be found at
ot
www.iana.org/cctld/cctld-whois.htm:
• .ar for Argentina
• .be for Belgium
N
• .ca for Canada

• de for Germany
o
• .cn for China

• .ve for Venezuela
D
The Internet Corporation for Assigned Names and Numbers (ICANN) regulates TLDs. ICANN
reated several newer TLDs to keep pace with the demands of the growing Internet. These include:
• .biz for businesses
• .name for individuals
• .museum for museums
• .pro for professionals

• .aero for aviation

• .coop for cooperatives
• .info for general information
DHCP
DHCP Dynamic Host Configuration Protocol (DHCP) is a network protocol that provides automatic assignment
of IP addresses and other TCP/IP configuration information to the network nodes that are
e
configured as DHCP clients. DHCP requires a DHCP server configured with at least one DHCP
scope. The scope contains a range of IP addresses and a subnet mask, and it can contain other
ut
options such as a default gateway address. When the scope is enabled, it automatically leases
TCP/IP information to DHCP clients for a defined lease period.
ib
A DHCP server runs software that automatically assigns IP addresses to client stations logging on to
a TCP/IP network. It eliminates the need to manually assign permanent IP addresses. DHCP
software typically runs on servers and is also found in network devices such as firewalls, ISDN
tr
routers, and modem routers that allow multiple users access to the Internet. You can also configure
DHCP servers to provide additional client settings such as default gateways and DNS server
is
addresses. Newer DHCP servers dynamically update the DNS servers after making assignments.
Ensure that DHCP servers are started before the client computers or any other computers or
servers that depend on the DHCP servers for networking information.
D
or
e
at
lic
up
D
ot
Figure 5-4: DHCP server automatically assigns IP addresses.
The DHCP server can be configured to supply a default domain suffix to users. Configure the
N
DHCP server with the default domain suffix that you want DHCP clients to use. DHCP clients will
automatically append the domain suffix to partial (non-FQDN) names. For example, if you set the
default domain suffix to develetech.com, and the client attempts to resolve the name "mail", the
o
suffix defined by the default domain name suffix is automatically added to the end of name the user
entered. In our example, the name would be resolved to mail.develetech.com.
D
NAT
NAT Computers connected to a home or office network are typically assigned private IP addresses. Such
addresses are unique and valid within that network, but not outside of that network. Network Address

Translation (NAT) services provide the means for such internal computers to communicate with the
outside world.
NAT services run on your router. When an internal computer tries to reach an outside address, the
NAT services modify the packets to replace the private internal address with a valid public IP
address. The NAT services monitor return traffic to send such packets to the internal node for
which they are bound. NAT services, along with your firewall, typically don’t permit outside
computers to initiate a communication session with an internal node.
e
PAT
ut
The most common type of NAT is Port Address Translation (PAT). PAT enables a single public IP PAT
address to be shared by multiple devices on a LAN. By mapping local devices to the single IP
address, this keeps down the number of IP addresses needed.
ib
PAT is typically used on home routers to map all of your home network devices to the single IP
address provided by the service provider. The device is given a port number which is then appended
tr
to the IP address to give the device a unique address.
is
Guidelines for Setting up Server Roles
D
In order for your server to provide the DNS and DHCP server roles, you will need to install and Guidelines for Setting up
configure them on your server. Server Roles
• Install the services on your server as needed for DNS.
• Configure the DNS services on your server.
• Install the services on your server as needed for DHCP.
• Configure the DHCP services on your server.
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 5-3
Setting up Addressing Server Roles
Before You Begin
e
You have a Windows Server 2012 R2 server physical server and a Windows Server 2012 R2 server
ut
core virtual server. The VM server is running and you are logged in.
Scenario
ib
You want to use DHCP address services in your server lab environment. Your manager has asked
you to install and configure the service so that only the computers in the lab can access and receive
DHCP services and no computers outside of the lab will receive services from the lab server.
tr
is
1. Create a server group.
a) On your physical Windows Server, in Server Manager on the Dashboard page, select Add other
D
servers to manage.
b) Select Find Now.
c) Select each server and then select the Add button.
d) Select OK.
e) Select Create a server group. or
f) In the Server group name text box, type Lab##Servers
g) Select each server then select the Add button.
e
h) Select OK.
at
2. Install the DHCP Server role.

a) In the Dashboard pane, select Add roles and features.
lic
b) On the Before you begin page, select Next.

c) On the Select installation type page, select the default, Role-based or feature-based installation, and
then select Next.
up
d) On the Select destination server page, select your server core server and then select Next.
e) On the Select server roles page, check the DHCP Server check box.
f) In the Add Roles and Features Wizard dialog box, select Add Features.
D
g) On the Select server roles page, select Next.

h) On the Select features page, select Next.
i) On the DCHP Server page, select Next.
ot
j) On the Confirm installation selections page, check the Restart the destination server automatically if
required check box.
k) If prompted, select Yes to confirm you want to restart the server.
N
l) Select Install to install the DHCP Server role.

m) When the installation completes, select Close.
o
3. Switch the Server Core installation to a GUI interface.

a)
D
If the DVD is no longer Log in to the Server 2012 VM as Administrator.

captured, you might b) At the command prompt, enter powershell
need to recapture it to c) At the PowerShell prompt, enter install-windowsfeature server-gui-mgmt-infra, server-gui-shell -
perform this step. restart
4. Authorize the DHCP server.
a) On the VM, in Server Manager, observe the Notifications button.

Next to the Notifications button, you should see a yellow triangle with an exclamation point indicating
that you have a notification.
b) Select the Notifications button.
c) In the Post-Deployment Configuration message box, select Complete DHCP configuration to open
the DHCP Post-Install configuration wizard.
This wizard walks you through creating the DHCP Administrators and DHCP Users groups, and
authorizing the DHCP server in Active Directory Domain Services.
d) On the Description page, select Next.
e) On the Authorization page, verify that Use the following user's credentials is selected and that the
e
User Name text box contains LAB##\Administrator.
f) Select Commit to authorize the server.
ut
g) On the Summary page, read the results displayed.
In addition to authorizing the DHCP Server role, the wizard also created the DHCP Administrators
and DHCP Users groups.
ib
h) Select Close to close the wizard.
tr
5. Verify the creation of the DHCP security groups, DHCP Administrators and DHCP Users. Let students know that
a) Open Active Directory Users and Computers. Scopes can be created
and used to assign
is
b) In the left pane, select the Users container.
addresses to virtual
c) In the right pane, verify that you see the two DHCP security groups.
machines.
d) Close Active Directory Users and Computers.
D
or
e
at
lic
up
D
ot
N
o
D

Summary
In this module, you learned about configuring basic server settings. You examined some of the roles
that a server can perform and configured settings such as computer name and Active Directory.
use the social Which of the various methods for managing servers that were covered do you think you will use? If you will
networking tools use multiple methods, which ones will you use most often? Why?
e
provided on the A: Answers will vary. You might manage the server directly from the server, using a server core
LogicalCHOICE Home installation, or from a remote server. Each method has pros and cons associated with having access
ut
to the physical server, or not having access, being able to travel to the physical server.
course is completed for Which server roles is your organization running? Are the roles on dedicated servers, or are multiple roles
ib
further discussion and on servers? Should your organization keep server roles internal or outsourced to a cloud or hosting
service? Why?
continued learning.
tr
A: Answers will vary. In larger organizations, each server typically has a dedicated role to play in the
network infrastructure. In smaller organizations or in test environments, a single server might need to
is
perform several roles. In some organizations, outsourcing to a cloud or hosting service might be more
economical, while other organizations might need tighter control over information than can be
provided through outsourcing.
D
or
e
at
lic
up
D
ot
N
o
D
Lesson 5: Performing Basic Server Configuration |

6 Administering the Server
e
If time permits and students are interested, consider doing some of the activities with students partnering and installing items on their partner's server
instead of their own server. 3 hours, 30 minutes
ut
ib
tr
Lesson Objectives
is
In this lesson, you will administer the server. You will:
D
• Update the server.
• Administer server access and control methods.
• Create service level agreements.
• Monitor server performance.
or
e
Lesson Introduction
at
You have set up the hardware and installed server operating systems. Now the real work
lic
begins. Keeping the server operating systems updated and controlling who has access to the
server resources will be an important part of any server administrator's job. In this lesson
you will administer servers.
up
Documenting what customers expect from servers and from those who administer the
servers as well as documenting what services you expect from vendors and customers is
important to maintaining a good working relationship. Also, knowing how well your servers
are performing and taking steps to keep servers performing at optimum levels is another
D
part of the server administrator's job.

ot
N
o
D
TOPIC A
Update the Server
You have installed the operating system software, but there are likely already updates to the
operating system. Updating server software is an important part of a server administrator's job.
Because a single fault in the server may lead to disruption of services to clients, it is essential to
e
ensure that all upgrades are carried out in a well planned manner. Upgrading the software on a
ut
server requires good knowledge of the various issues that can arise during the upgrade and their
possible solutions. In this topic, you will update the server operating systems.
ib
Change Management
tr
Change Management Whenever an IT change is made, a set of procedures called change management should be followed.
You should develop such procedures with your network staff, systems engineers, IT planning team,
management, and end-user departmental representatives. Document and publish your change
is
management procedures, and then insist that such procedures always be followed.
Typically, the change management process is initiated with a request for change (RFC) document. This
D
document records the change, the category that the change falls into, and any other items the change
might affect.
or
Next, the RFC is sent through a review and approval process. A priority is set, and it is assigned to
whoever will make the change. Decisions on whether to proceed should be made with
representatives from various departments affected by the change. All of the discussions related to
the RFC should be documented.
e
The RFC is scheduled and a proposed completion time is set. The change is then planned,
at
developed, tested, and implemented by the person or team to which the RFC was assigned. All of
this is documented in the RFC log.
The change is complete when both the change owner and the requester verify that the change has
lic
been successfully implemented. Finally, the RFC is reviewed by all parties involved, and the change
is closed.
Your change management process should ensure that you:
up
• Communicate with all stakeholders involved with or affected by the change.

• Determine if infrastructure modifications are required as part of the change. These would include
updates to power, backup power, and cooling systems to accommodate new or changed
D
equipment.
• Document the system state before (for a baseline) and after any changes. This includes recording
the details of the change itself and recording the details of the new system configuration state
ot
after the change is implemented.

• Remain in compliance with any applicable laws and regulations after the change is implemented.
N
• Dispose of obsolete equipment in accordance with your equipment disposal process.
Benefits of a Formal Change Management System

o
A formal change management process has many benefits. It ensures that all of the effects of a
change are examined before the change is actually implemented. A formal process makes sure that a
D
consistent set of procedures is followed so that steps aren’t forgotten. It ensures that security and
downtime risks are considered and managed. And finally, a natural offshoot of a formal procedure is
that your system documentation will be updated to include not only a record of the change, but also
the details associated with the resulting new conditions.
Lesson 6: Administering the Server | Topic A

Change Documentation
In addition to architecture documentation, each individual system should have a separate document
that describes its initial state and all subsequent changes. This document includes configuration
information, a list of patches applied, backup records, and even details about suspected breaches.
Printouts of hash results, last modification dates of critical system files, and contents of log files may
be pasted into this book.
System maintenance can be made much smoother with a comprehensive change document. For
instance, when a patch is available for an operating system, it typically applies in only certain
e
situations. Manually investigating the applicability of a patch on every possible target system can be
very time consuming; however, if logs are available for reference, the process is much faster and
ut
more accurate.
ib
Patch Management
A patch is a small program designed to fix problems in an application or update a computer program Patch Management
tr
or its supporting data. A patch may also be used for replacing graphics or audio and for improving
the usability or performance of a program. The process of planning what patches should be applied
is
to which systems at a specified time and developing an appropriate strategy is known as patch
management. Software vendors usually distribute patches via software downloads, although some
in-house patches might be released on CD-ROM or via email. Though patches are meant to fix
D
problems, poorly designed patches can sometimes introduce new problems.
Some software applications are designed to automatically update themselves whenever an update is
or
available on the Internet. In situations where system administrators control a number of computers,
this automation helps to ensure consistency across a network. However, if your organization's policy
is to have the IT department test patches before allowing users to install patches, you might need to
take measures to prevent users from installing untested patches.
e
Patch management should include testing the patch before distributing it across the organization.
at
The patch might adversely affect interoperability between the program being patched and other
programs with which the program interacts. Operating system patches might prevent some
applications from functioning as well. Determining any potential problems in a test setting will allow
lic
you to contact the patch owner to alert them to the problem and hopefully receive a patch that
doesn't cause any problems.
Patch management is the practice of monitoring for, obtaining, evaluating, testing, and deploying
up
integral fixes and updates for programs or applications, known as patches. As the number of
computer systems in use has grown over recent years, so has the volume of vulnerabilities and
corresponding patches and updates intended to address those vulnerabilities. However, not every
D
computer within an organization will necessarily be compatible with a certain patch, whether it be
because of outdated hardware, different software versions, application dependencies, and so on.
Because of the inconsistencies that may be present within the various systems, the task of managing
ot
and applying patches can become very time-consuming and inefficient without an organized patch
management system. In typical patch management, software updates are evaluated for their
applicability to an environment and then tested in a safe way on non-production systems. If the
N
patch is validated on all possible configurations without causing more problems, only then will the
valid patch be rolled out to all computers throughout the entire organization.
A patch management program might include:
o
• An individual responsible for subscribing to and reviewing vendor and security patches and
D
updating newsletters.
• A review and triage of the updates into urgent, important, and non-critical categories.
• An offline patch-test environment where urgent and important patches can be installed and
tested for functionality and impact.
• Immediate administrative push delivery of approved urgent patches.
• Weekly administrative push delivery of approved important patches.
• A periodic evaluation phase and full rollout for non-critical patches.

Many organizations have taken to creating official patch management policies that define the who,
what, where, when, why, and how of patch management for that organization.
Operating System Updates

Operating System Operating systems are their most vulnerable immediately after it is installed. This is because
Updates computers typically have the original version of the operating system installed without any of the
updates issued since the operating system was released. Operating system updates need to be
e
performed by an administrative user.
Let students know that Windows Server operating systems might need hotfixes, patches, or full updates installed.
ut
Windows update can • Hotfixes fix errors in the operating system code. These errors are discovered after the operating
result in support for older
devices being dropped if
system has been released. The hotfixes often replace specific files with revised versions.
ib
the older drivers are • Patches are temporary or quick fixes. They are designed to fix security vulnerabilities. Patches
removed and no can also be used to fix compatibility or operating problems.
functional driver is • Updates enhance the operating system and some of its features. In addition, updates are issued to
tr
available to work with improve computer security, improve ease of use, add functionality, and/or improve the
the device. performance of the operating system.
is
Microsoft provides two enterprise solutions for managing operating system updates. Windows
Server Update Services (WSUS) is a free tool that enables administrators to manage update
D
distribution to the computers on a network. System Center Configuration Manager (SCCM) is a
product you can purchase from Microsoft to manage updates as well as set configuration and
security policies and perform system status monitoring activities.
or
Linux distributions typically include update tools that you can run to update the operating system
and related applications. This might be done through a command-line utility or a GUI utility, usually
within the System Configuration area. Your distribution might notify you of available updates, or
e
you might need to go to the distribution web page and check for updates.
at
Note: Refer to the documentation for your distribution for the specifics on how to update the
operating system.
lic
Linux updates are packaged in various ways depending on the distribution. These include Redhat
Package Manager (RPM), Debian Package (deb), or tar or zip files. Different distributions that use
RPM packages use different commands for package management including zypper for OpenSUSE,
up
yum for Fedora and CentOS, or urpmi for Mandriva and Mageia.
Note: Updates in .tar and .zip formats don't have the dependencies defined like the package
management updates do.
D
Windows Update
You can install the latest service pack and hotfixes from download.microsoft.com or from
ot
update.microsoft.com. Updates might also be stored locally on an update server on your network—
check with your network administrator.
N
You can use the Windows Update feature to automatically manage patches, hotfixes, and other
updates. When configuring Windows Update, you have the following options:
• Install updates automatically (recommended)—Configures Windows to automatically download
o
and install updates each day. After you select this option, you can configure a custom schedule
D
for applying updates.

• Download updates but let me choose whether to install them—Configures Windows to
download the necessary updates. However, Windows does not automatically install them.
Instead, you must install them manually. You might select this option if you run a custom
application that might conflict with specific Windows updates.
• Check for updates but let me choose whether to download and install them—Configures
Windows to obtain a list of the latest updates (without downloading them). You must open the

list and select the updates you want to install. Windows will then download and install the
selected updates. You might choose this strategy if you need to minimize the impact of updates
on your network traffic.
• Never check for updates (not recommended)—Prevents Windows from checking for updates.
You might select this option if you have your own update scheme and update server.
If Windows Update reports that it failed to install an update, you can manually download and install
the update directly from Microsoft’s Downloads site. The update should refer to a Microsoft
Knowledge Base article, such as KB947562. Use the Knowledge Base number to find the update on
e
Microsoft’s site. If, after installing an update, you start to experience problems with specific devices
or software, you might need to back out the update installation by using Programs and Features in
ut
the Control Panel.
Application Updates
ib
In addition to keeping the operating system updated with the latest patches and fixes, you need to Application Updates
tr
keep applications updated as well. This is particularly important for applications such as virus
protection applications that are updated sometimes daily against new found threats. Productivity
is
applications also face vulnerabilities which might need attention as well.
You might need to manually check the vendor's web site for updates, or the application might
D
prompt you to install the latest updates. Updates might be issued as an executable file you need to
run, but more often, you connect to the vendor's site and the updates are automatically installed as
needed.
or
For Windows 8.1, Windows apps are automatically updated when an update is available. This feature
can be turned off or disabled. To disable the feature, you will need to log in with your Microsoft
account. If it is disabled, you can still manually check for updates.
If an organization wants
to test all updates before
they are deployed to
users, automatic
e
updates should be
Security Software Updates disabled and updates
at
issued through WSUS or

Security software should be installed on every system in your organization. It should provide firewall another internal method.
and anti-virus protection at a minimum. Most security software comes as a suite that also includes Security Software
lic
other security protection such as ad blockers, password managers, and spyware protection. Updates
The vendors are constantly updating their software as new threats are found. If you don't have the
latest updates installed, the newer threats are likely to get through on your system. Most security
up
software is configured to automatically update whenever new updates are available. If your
organization turns this feature off, for example, if you want to test updates before they are deployed,
you will need to manually push the updates out to your users
D
Firmware Update Management

ot
Firmware updates are another update you will need to keep your eye on. Firmware updates are not Firmware Update
done as frequently as operating system or application updates, but if a new feature needs to be Management
enabled or if a vulnerability is detected, then the vendor will issue firmware updates.
N
The firmware most likely to be updated is the BIOS or UEFI firmware. Usually, the firmware
version that ships with your PC is all you ever need. However, you might need to upgrade your
o
system firmware in the following situations:

• There are device problems or other bugs that your PC manufacturer identifies as being caused by
D
system firmware problems.

• There are device problems that you can attribute to no other cause than the system firmware.
Additionally, you have exhausted all other troubleshooting avenues in trying to fix the problems.
• You need to use new hardware options that, while supported by your motherboard, aren’t
supported by the system firmware.

Usually, you should look to your PC’s manufacturer if you need information about your system
firmware or are looking for updates or fixes. Typically, the computer manufacturer provides links to
system firmware updates and flashing utilities. The system firmware manufacturers provide the
firmware to PC manufacturers in an incomplete state. The PC manufacturers make final
modifications to tailor the firmware to their exact hardware. This tailored firmware is what’s shipped
to you in your new PC. For this reason, system firmware updates must come from your PC’s
manufacturer, not from the original equipment manufacturers.
Device Driver Update Management
e
ut
Device Driver Update Windows Setup loads the default drivers from the Windows installation CD. After the installation is
Management complete, you might discover that certain devices aren’t functioning properly. You’re probably going
to have to install drivers for at least one device, especially for devices that are newer than the
ib
operating system you’re installing. You should also obtain the latest drivers for any installed
hardware or any hardware you plan to install; you can usually get drivers from the hardware
manufacturer’s website. It’s a good idea to find updated drivers and have them available to save
tr
time.
is
Although most devices are packaged with drivers, some of the drivers might not be the most up-to-
date ones. Most manufacturers offer free downloads of drivers and utilities for their devices.
Determine the name of the manufacturer, and visit the appropriate website. Look for a link that
D
offers drivers, support, or downloads. Then download the driver, which is often zipped, to a local
hard disk, from which you can install it on the appropriate computer.
or
After you’ve found an updated device driver, you can install it. If one is provided, use the
installation file provided with the device. If you have the device driver file without an installation
program, use Device Manager. In Device Manager, choose to update the driver for a device, and
then point the wizard to the location of the new driver.
e
Compatibility Lists
at
Compatibility Lists Whenever you install new hardware or software on your system, you need to make sure it is
lic
compatible with your operating system. The vendor publishes a list of hardware and operating
system requirements that need to be met in order to use the new device or application. This
information usually includes information such as the operating system version, the amount of RAM
up
and disk space required, and possibly additional requirements.

This information is printed on the outside of the packaging so you have access to it before making
the purchase. The information is also available on the vendors' websites.
D
Software Update Testing and Validation

ot
Software Update Testing Before you deploy software updates to the users across your organization, you should test the
and Validation updates first. This way, if the update affects any of the other applications you use, or if it isn't
compatible with the hardware you use, you will not affect all of your users. If you do run into issues
N
with the update, you can contact the vendor for additional assistance. If the application is one
written within your organization, the programmers will need to make changes to ensure that the
update works properly.
o
If you have a standard for all of the client computers and for all server computers, testing the
updates is easy. If you have a test lab set up, you can test servers and clients. However, if there is no
D
standard, you might need to have various users test the update and have them report back to you
any issues they encounter.
job aids on How to Update Operating Systems.

ACTIVITY 6-1
Updating the Server Operating System
Scenario
e
You have installed the operating systems in your lab virtual server test environment and configured
ut
the systems. You know how important it is to keep your operating systems updated, so you are
taking time now to update all of the operating systems in your lab.
ib
1. Update the Windows Server 2012 R2 server.
a)
tr
Note: You will perform this on your host computer.
is
From the right side of the screen, swipe in from the edge to display the Charms bar. If the updates are taking
b) Select Search. too long, you can move
D
c) In the text box, enter windows update on while they continue
d) From the results list, select Windows Update. downloading and
installing, or you can
e) Select Turn on automatic updates. Windows checks for updates.
stop the update. The
f)
g)
Select the link for important updates.
Select Install.
2. If you have a Linux GUI installed: Update the Linux server.

or purpose of the activity is
to show the students
how it is done.
Time and resources
e
a) If necessary, open Hyper-V Manager then connect to and start the Linux server. permitting, you might
want to demonstrate
at
b) Select System Settings.

WSUS.
c) In the System Settings dialog box, under System, select Software & Updates.
d) In the Software & Updates dialog box, select the Updates tab.
lic
e) From the Automatically check for updates list, select Daily.

f) Verify that the next two options are set to Display immediately.
g) Select Install.
up
h) When prompted for an elevated privilege password, enter P@ssw0rd!
3. If you are working from the Linux command line: Update Linux.
D
a) If necessary, open Hyper-V Manager then connect to and start the Linux server.
b) Log in.
c) Enter su -c 'yum update'
ot
d) If prompted, enter the password for the root user. You may want to show
LearnTO Manage
Note: To learn more, check out the LearnTO Manage Updates Using WSUS Updates Using WSUS
N
presentation from the LearnTO tile on the CHOICE Course screen. from the CHOICE
o
watch it for themselves

as a supplement to your
D
instruction. If not, please

course on their CHOICE
course screen after
class for supplemental
information and

TOPIC B
Server Administration Access and Control
Methods
Administering the server access and controls is where an administrator spends most of their time.
e
This can be done directly at the local server or remotely across the network or the Internet. In this
topic, you will manage server access and control methods.
ut
Access and Control Methods
ib
Access and Control A variety of access and control methods can be used to administer a server.
Methods
tr
Access and Control Method Examples
is
Local hardware administration • KVM
• Serial
D
• Virtual administration console
Network-based hardware administration • KVM over IP
or
Network-based operating system administration •
• ILO
• iDRAC
RDP
e
• SSH
• VLNC
at
• Command line/shell
lic
Local Hardware Administration

Local Hardware Local hardware administration refers to servers that have dedicated keyboard, mouse, and video
up
Administration peripherals attached to the server. This is useful in a small network with only a single, or possible
two or three servers, but when the network is larger, this is not a very efficient method of
administering the server. Not only does it waste money on purchasing and maintaining the
D
additional peripherals, the monitors produce heat that you will need to remove from the server area.
Also, it can be difficult to find a place to position the peripherals for the servers.
ot
KVM
KVM A keyboard, video, and mouse (KVM) switch can be used to access multiple servers. The switch is a
N
box or small unit to which the servers are connected through USB or other cabling. You can use
buttons on the box or keyboard commands to switch from one server to another, each time gaining
keyboard, mouse, and video capability from the server you’ve switched to, while losing the same
o
from the server you were just working on.

D
Serial Connections for Server Administration

Serial Connections for Some legacy server hardware such as the Sun Solaris server could be used without an attached
Server Administration keyboard or a Sun console. Instead, it used a serial port and a NULL modem cable to attach to a
device from which the server could be administered. This included devices such as ASCII terminals,
another Sun console, or a network terminal concentrator or server.
Lesson 6: Administering the Server | Topic B

Serial console servers are also used for more current servers. A small box provides several serial
ports that are connected to serial ports on network equipment including routers, switches, and
servers. The console of the connected device is accessed over a serial link or through telnet or ssh
terminal emulator software. The content is then accessed by a keyboard, mouse, and monitor
connected to the box.
This is useful for administering remote servers. However, the serial connection is slow and it can
take some time to draw the image on screen. Therefore, it is usually used for command-line use
rather than the GUI interface on the server.
e
Virtual Administration Console
ut
You can perform administrative tasks directly on the console of a server. However, you should Virtual Administration
consider using a virtual administration console instead. Performing administration tasks on the Console
ib
console consumes server resources that could otherwise be used for providing services to users.
Using a virtual administration console moves that resource consumption to the desktop computer
tr
from which you are running the virtual administration console. Examples of this technology are the
Microsoft Remote Systems Administration Toolkit and the Linux ssh command.
is
Network-based Hardware Administration
D
Remote server and network device administration can also be performed using network-based hardware Network-based
administration tools. These including KVM over IP, HP's Integrated Lights-Out (ILO) technology, and Hardware Administration
Dell's Integrated Dell Remote Access Controllers (iDRAC).
Server Management Plan

or
e
A server management plan is used as a road map for monitoring and servicing both OS-dependent
and OS-independent server components efficiently. A server management plan includes procedures
at
for managing software installation, availability of service providers, change requirements, security
requirements, and remote management. Server management plans also identify the person or
persons responsible for carrying out each management task.
lic
Server management plans should also outline the means by which the servers can be managed. In-
band management refers to server management tasks that are accomplished through live production
network connections and pathways, while out-of-band (OOB) management refers to server management
up
tasks that are accomplished without using the production network.

In-band management primarily provides ease of use, while OOB management provides fault
tolerance. If a switch or even the entire network fails, you will still be able to manage the server if
D
you have included OOB management strategies in your server management plans.
In-band Management
ot
In-band management of servers and network devices requires that software is installed on the
system that you will remotely manage. This might be virtual network computer configuration or
N
SSH. Using in-band management, you can't access the server or network device's BIOS/UEFI and
you can't remotely install the operating system. It also isn't possible to resolve boot issues.
Out-of-band Management
o
Out-band-band management uses a dedicated channel to manage servers and network devices.
D
OOB typically uses a network connection that is physically separated from the production network.
An OOB solution should provide the administrator with complete access to all device functions
from powering the device on and off, booting and shutting down, monitoring device features, in
addition to sending and receiving keyboard, video, and mouse signals.
OOB is usually implemented using either built-in remote management or by adding a remote
management card.

KVM over IP
KVM over IP KVM over IP allows users to access servers located at remote locations through the Internet using
the IP addresses of the servers. Most of the access to remote servers is done with the help of a web
browser, but proprietary software can also be used for better performance. IP based KVMs are
usually slower than local KVMs.
Integrated Lights-Out
e
Integrated Lights-Out Lights-out management (LOM) is a type of OOB management. It uses a dedicated management channel
ut
to access servers and network devices. The servers and network devices can be managed remotely
whether or not they are turned on. It works even if the operating system is not working or has yet to
be installed.
ib
One example of LOM is Hewlett-Packard's Integrated Lights-Out (ILO) It is embedded on some HP
servers or it can be added as a card to HP servers.
tr
Using a web browser, you have complete access to the server from any location. Using ILO, you
can:
is
• Power on the server.
• Shut down or reboot the server.
D
• Mount remote optical disks or images.
• Inventory and deploy servers by provisioning with rapid discovery and remote access.
• Monitor the server health and performance, including power and thermal control.
or
• Perform remote administration to optimize server performance.
• Allows you to review Integrated Management Log files whether the server is up or not.
e
Integrated Dell Remote Access Controller
at
Integrated Dell Remote Another example of a network-based hardware OOB management tool is Dell's Integrated Dell Remote
Access Controller Access Controller (iDRAC).
lic
iDRAC is used through a browser interface. Using iDRAC you can:

• Power on, reboot, or shut down the server.
• Perform routine server administration as a remote console.
up
• Mount remote disk images.
Network-based Operating System Administration

D
Network-based There are several network-based operating system administration tools you can use, depending on
Operating System your needs. These include:
ot
Administration
• Remote Desktop Protocol (RDP)
• Secure Shell (SSH)
N
• Virtual Network Computing (VNC)

• Command line or shell
o
RDP
D
RDP The Remote Desktop Protocol (RDP) is a proprietary protocol created by Microsoft for connecting to
and managing computers that are not necessarily located at the same place as the administrator. It
uses port 3389, runs on TCP, and works on the Application layer (Layer 7) of the OSI model. It and
the remote desktop software allow a user to remotely log into a networked computer. The desktop
interface, or application GUI, of the remote system looks as if it were accessed locally. RDP is a
multiple-channel capable protocol that allows for separate virtual channels for carrying device

communication and presentation data from the server, as well as encrypted client mouse and
keyboard data. RDP provides an extensible base and supports up to 64,000 separate channels for
data transmission and provisions for multipoint transmission.
e
ut
ib
tr
is
Figure 6-1: RDP.
D
SSH
or
Secure Shell (SSH) is a program that enables a user or an application to log on to another computer
over a network, execute commands, and manage files. SSH operates at the Application layer (Layer
7) of the OSI model and the Application layer of the TCP/IP model. It uses port 22 and runs on
TCP.
SSH
e
It creates a shell or session with a remote system, offers strong authentication methods, and ensures
at
that communications are secure over insecure channels. It replaces UNIX-based remote connection
implementations that transmit unencrypted passwords. With the SSH slogin command, the login
session, including the password, is encrypted and protected against attacks. Secure Shell works with
lic
many different operating systems, including Windows, UNIX, and Macintosh. Windows does not
provide a native SSH client. You will have to download and install an SSH client such as PuTTY,
WinSCP, or Teraterm Pro with the TTSSH extension.
up
D
ot
N
o
D
Figure 6-2: An SSH session that uses slogin.
Note: SSH is a replacement for the UNIX-based rlogin command, which can also establish a
connection with a remote host, but transmits passwords in cleartext.

There are two versions of Secure Shell available: SSH1 and SSH2. They are two different protocols
and encrypt different parts of a data packet. To authenticate systems, SSH1 employs user keys to
identify users; host keys to identify systems; session keys to encrypt communication in a single
session; and server keys, which are temporary keys that protect the session key. SSH2 is more
secure; it does not use server keys. SSH2 includes a secure replacement for FTP called Secure File
Transfer Protocol (SFTP). Because they are different protocol implementations, SSH1 and SSH2 are
not compatible with each other.
Note: Note that the acronym SFTP is used both for Secure File Transfer Protocol as well as for
e
the now obsolete Simple File Transfer Protocol.
ut
All traffic (including passwords) are encrypted by SSH to eliminate connection hijacking,
eavesdropping, and other network-level attacks, such as IP source routing, IP spoofing, and DNS
spoofing. When you implement SSH with encryption, any attacker manages to gain access to your
ib
network can neither play back the traffic nor hijack the connection. They can only force SSH to
disconnect.
tr
VNC
is
This is an example of an Virtual Network Computing (VNC) is a platform-independent desktop sharing system. VNC client and
Instructor note server software is available for almost any operating system (and for Java), so a VNC viewer on a
D
Linux system can connect to a VNC server on a Microsoft system and vice versa.
VNC uses the Remote Frame Buffer (RFB) protocol, which allows the client and server to
or
determine the best version of RFB they can support during a session. VNC is not an inherently
secure system, but does offer varying levels of password and content encryption, depending on the
implementation.
e
Command Line
at
Command Line Command line tools can be used directly on the server, or you can use them with remote access
tools. It is often more efficient to use the command line version of tools when performing remote
lic
administration because the GUI version can take a lot of time and resources to display on the
remote system.
up
Shell
Shell Most operating systems are installed and managed using a GUI interface today. However, a shell is
also available. A shell is a command language interpreter in which you enter commands. The
D
interpreter then executes commands. Shells have always been available in UNIX and Linux
environments. More recent versions of Windows Server operating systems now offer a shell
environment called PowerShell.
ot
N
job aids on How to Remotely Administer a Server.
o
D

ACTIVITY 6-2
Remotely Administering a Server
GAIL
e
- When keying this, see if this works. Maybe drop back to server core? Maybe connect from Linux
to Windows using ssh?
ut
Scenario
ib
You have a Windows Server 2012 R2 Server Core server. You would like to remotely administer this
server from your other server. You will need to configure the server core server before you can
remotely administer the server.
tr
is
1. Assign a static IP address to your Server Core server. Emphasize to students
a) If necessary, log on to the Server Core server. that they must perform
this activity on the server
D
b)
From the table, select the appropriate IP address for your server. core VM they previously
installed..
Student Server Core IP Addresses If your classroom uses a
Student A
Student B
192.168.1.201
192.168.1.203
or different IP addressing
scheme, substitute the
appropriate addresses.
e
Student C 192.168.1.205
at
Student D 192.168.1.207
Student E 192.168.1.209
lic
Student F 192.168.1.211
and so on... 192.168.1.213 - 192.168.1.253
up
c) Type ipconfig /all to find the adapter name.

d) In the command prompt window, enter this command:
netsh interface ip set address "adapter_name" static ip_address
D
subnet_mask default_gateway metric
Note: For this command, adapter_name is the name of the interface (such as
"Local Area Connection" or "Ethernet") as displayed in the output of
ot
ipconfig /all (be sure to leave the name in quotes), ip_address is the new IP
address you want to assign to the server; subnet_mask is the correct subnet
N
mask for your network, default_gateway is the IP address of a router or

firewall for accessing the Internet; and metric is a number you assign to this
connection (typically 1).
o
Windows Server 2012 uses the metric information to determine the order in which it should attempt
to connect to the Internet.
D
e) Enter ipconfig to verify that you successfully changed the server's IP address.
2. Change the server's computer name.

a) Select the appropriate computer name for your server based on your student name (student A,
student B, student C, and so on): serverA02, serverB02, serverC02, and so on.
b) In the command prompt window, enter the following command:

netdom renamecomputer %computername% /newname:server_name
Note: For this command, server_name is the name you want to assign to the
server. For example, serverA02, serverB02, serverC02, and so on.
c) When prompted to proceed with the name change, type Y and press Enter.
d) Restart the server so that the name change takes effect. Use the command shutdown /r to restart
the server immediately.
e) Sign on as Administrator.
f) Enter hostname to confirm that you assigned the correct name to your server.
e
ut
If there are problems 3. Enable Remote Desktop support on the server and verify that it's working properly.
connecting to the VM a) To enable administrators to use Remote Desktop to connect to and manage this Server Core server,
from the host through in the command prompt window, enter the following command:
ib
RDP, turn on Network
cscript C:\Windows\System32\Scregedit.wsf /ar 0
Discovery and enable
the following services: b) On your host server, point to the upper-right corner of the screen and then select Search. In the
Search text box, enter Remote Desktop and from the results list select Remote Desktop Connection.
tr
DNS Client, Function
Discovery Resource c) In the Computer text box, enter your Server Core server IP address and then select Connect. If
Publication, SSDP prompted, for the user name enter Administrator and enter the password of P@ssw0rd!
is
Discovery, and UPnP
Device Host. 4. When finished, close all windows and sign out.
D
Alternatively, have
students partner up and
access their partner's
server.
or
e
at
lic
up
D
ot
N
o
D

TOPIC C
Create Service Level Agreements
Having a document that defines the level of service between customers and providers is important.
The customer and provider can be between you and the users, between you and your vendors, or
between any two parties that use or support your servers and network. In this topic, you will
e
examine some of the features of a service level agreement and what might be defined within it.
ut
Service Level Agreement
ib
A service level agreement (SLA) is a legally binding service contract between a service provider and the Service Level
end-user. This document specifies the service levels for support, documents any penalties for the Agreement
tr
service level not being met by the provider, and describes disaster recovery plans.
SLAs often contain details that will be helpful when your organization is recovering from a disaster,
is
upgrading systems, or confirming proper operations. Although SLAs are typically created outside of
a documentation process, copies should be made available within your documentation set.
Alternatively, your documentation can note the existence of and official location of SLAs.
D
or
e
at
lic
up
D
ot
Figure 6-3: An SLA is negotiated between the customer and the service provider.
N
Common Service Level Agreements

Different organizations may have different SLAs with their vendors.
o
SLA Description
D
Point of contact This agreement involves assigning a system

administrator and a backup system administrator
for the servicing and maintenance of the
organization's network.
Lesson 6: Administering the Server | Topic C

SLA Description
Maintenance schedule This agreement involves negotiating the
provision of security updates, operating system
updates and latest service packs, application
updates, hardware updates, and client-specific
application updates.
Network security This agreement involves negotiating the
provision of security features for the network
e
such as latest version of antivirus software and
ut
activation and deactivation of hardware ports as
required by the organization.
Consultation This agreement involves negotiating the
ib
provision of hardware consultation, capacity
planning consultation, and troubleshooting and
tr
problem resolution.
Migration This agreement involves the provision for
is
migrating user accounts and groups from the
current domain to a new domain.
D
Hours of service This agreement involves negotiating the hours
of service. Most of the server components
require 24/7 hours of service to ensure minimal
Termination and renewal or disruption of services.

These agreements include clauses related to
termination and renewal of the contract such as
e
notice period for the termination of service
contract and charges for renewal of service
at
agreements.
Scope of service This agreement lists the various platforms,
lic
events, operating systems, and hardware for

which the service will be provided. The vendors
or service providers will not provide any service
up
for the products other than those listed in the

scope of service.
D
Scheduled Downtime
Scheduled Downtime Organizations typically aspire to have 100 percent availability of all systems. However, this isn't a
ot
realistic expectation for most organizations. At various times throughout a system's life cycle, the
hardware, operating system, or software might require maintenance and updates that require the
system be taken offline or rebooted.
N
The near 100% availability of systems is often referred to as "five 9s" or 99.999% availability.
Scheduled downtime does not count against the five 9s as downtime.
o
Through advanced planning, you can often schedule when systems will be unavailable. This
scheduled downtime enables users to plan accordingly. Some organizations reserve a certain window
D
of time each day, week, month, or year to perform maintenance during scheduled downtime. If the
downtime is not needed, the administrators can let the users know that no maintenance will be
needed during the specified window of time, and the users will not be impacted by any downtime.

Unscheduled Downtime
Unscheduled downtime is likely to be much less frequent if you have the opportunity to perform Unscheduled Downtime
maintenance tasks during scheduled downtime. However, unforeseen circumstances such as
hardware failure or power outages might still occur.
Organized, methodical troubleshooting and recovery will keep the downtime to a minimum in most
cases of unscheduled downtime. The SLAs that have been created will specify how much time is
allotted to various types of unscheduled downtime, and after which time the vendor or
administrator is out of compliance with the SLA.
e
ut
Impact Analysis
Impact analysis is a structured method for examining proposed changes to identify any unforeseen Impact Analysis
ib
adverse effects the change might have on an organization. Working with a team, brainstorm to
identify negative impacts the change might produce. This can help you determine whether the
tr
project should be undertaken in the first place, and if you do decide to undertake the project, to
identify and prepare for potential issues that might occur because of the change.
is
It can be very difficult to identify and document the consequences of the change. During the
brainstorming session, you should try to identify how various groups might be impacted by the
change including departments, processes, customers, and other groups. You will need to evaluate
D
how the change will impact each of the identified groups.
The brainstorming team will need to identify the actions that will need to be taken if any of the Try to generate
or
potential problems actually occurs. The team will need to come up with a strategy for the impacted
groups to help them understand why the change is needed and get their support so they don’t fight
the change. The team also needs to prepare a contingency plan for dealing with problems that might
arise from the change during and after implementing the change.
discussion asking how
impact analysis can be
part of a disaster
recovery plan.
e
Note: Disaster Recovery is covered in detail in a separate lesson.
at
lic
Client Notification
As part of the SLA, you need to identify how and when client notification is delivered when Client Notification
up
scheduled or unscheduled downtime occurs. For scheduled downtime, as much notice as possible
should be given. For unscheduled downtime, notification should be provided as soon as the needed
downtime is identified and let clients know how long it will be before systems are available again.
D
If you have a standing schedule of times when systems will be unavailable, this should be published Ask students how they
and provided to relevant individuals throughout the organization. This is often done as a calendar would alert clients to
published to the in-house documentation and housed on a shared network volume, SharePoint downtime if the email
ot
server, or other shared online location. system was impacted.

Suggestions might
Note: No level of notification is too high. It is likely that someone still will not get notified no include text messages to
cell phones, a group
N
matter how you provide notification.

meeting with managers,
or other methods.
Mean Time to Resolution

o
D
MTTR is a term that is often found in SLA documents. This abbreviation can have several different Mean Time to
meanings, and you need to make sure you define it in your documentation. It would have a Resolution
significantly different impact if you wanted it to refer to Minimum Time To Respond or Mean Time Point out the importance
To Resolution. of documenting
The Mean Time To Resolution is the average amount of time it takes to resolve a particular issue. abbreviations in
Your SLA should document the MTTR for various types of outages. A simple issue that can be documentations so that
appropriate expectations
and results can be met.

resolved using on-site personnel would have a much faster resolution time than a complete network
outage caused by a major storm that impacts an entire city.
Change Management Policies

Change Management Whenever an IT change is made, a set of procedures called change management policies should be
Policies followed. You should develop such procedures with your network staff, systems engineers, IT
planning team, management, and end-user departmental representatives. Document and publish
e
your change management procedures, and then insist that such procedures always be followed.
Typically, the change management process is initiated with a request for change (RFC) document.
ut
This document records the change, the category that the change falls into, and any other items the
change might affect.
ib
Next, the RFC is sent through a review and approval process. A priority is set, and it is assigned to
whoever will make the change. Decisions on whether to proceed should be made with
representatives from various departments affected by the change. All of the discussions related to
tr
the RFC should be documented.
The RFC is scheduled and a proposed completion time is set. The change is then planned,
is
developed, tested, and implemented by the person or team to which the RFC was assigned. All of
this is documented in the RFC log.
D
The change is complete when both the change owner and the requester verify that the change has
been successfully implemented. Finally, the RFC is reviewed by all parties involved, and the change
is closed.
or
Your change management process should ensure that you:
• Communicate with all stakeholders involved with or affected by the change.
• Determine if infrastructure modifications are required as part of the change. These would include
e
updates to power, backup power, and cooling systems to accommodate new or changed
at
equipment.
• Document the system state before (for a baseline) and after any changes. This includes recording
the details of the change itself and recording the details of the new system configuration state
lic
after the change is implemented.

• Remain in compliance with any applicable laws and regulations after the change is implemented.
• Dispose of obsolete equipment in accordance with your equipment disposal process.
up
Benefits of a Formal Change Management Process

A formal change management process has many benefits. It ensures that all of the effects of a
D
change are examined before the change is actually implemented. A formal process makes sure that a
consistent set of procedures is followed so that steps aren’t forgotten. It ensures that security and
downtime risks are considered and managed. And finally, a natural offshoot of a formal procedure is
ot
that your system documentation will be updated to include not only a record of the change, but also
the details associated with the resulting new conditions.
N
Change Documentation
In addition to architecture documentation, each individual system should have a separate document
that describes its initial state and all subsequent changes. This document includes configuration
o
information, a list of patches applied, backup records, and even details about suspected breaches.
D
Printouts of hash results, last modification dates of critical system files, and contents of log files may
System maintenance can be made much smoother with a comprehensive change document. For
instance, when a patch is available for an operating system, it typically applies in only certain
situations. Manually investigating the applicability of a patch on every possible target system can be
very time consuming; however, if logs are available for reference, the process is much faster and
more accurate.

Guidelines for Creating SLAs

A well written SLA provides a clear framework between the entities providing and receiving Guidelines for Creating
services. Some guidelines to keep in mind when creating the various SLAs between customers and SLAs
organizations are:
• Define and describe the services covered by the SLA.
• Document who the agreement is between. Some SLAs might be between the IT department and
the entire organization. Others might be between the IT department or the organization and an
e
outside vendor.
• Define and describe the standards expected from the service provider. This also includes
ut
defining the consequences of what happens if the standards are not met.
• Document the time-frame for resolving issues. Also document how long the SLA is in effect for
and when it should be reviewed for renewal or termination.
ib
• Define the roles and responsibilities of the client and the service provider.
• Document the criteria to be used to evaluate whether the service levels have been met.
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 6-3
Creating an SLA
Scenario
e
Your manager has invited you to be on the team that will be updating, renewing, and creating new
ut
service level agreements. Some of the agreements are between specific departments and the IT
department. Others are between the entire organization and the IT department or with outside
vendors.
ib
You are not that familiar with what should be in an SLA, so you want to look at some examples on
the Internet. From the ones you have seen so far, you see that most of them address the following
areas, and want to make sure the ones you create do as well:
tr
• Response time vs resolution time
is
• Covered and excluded issues
• How evaluation is measured
D
• Obligations on the part of the client and the part of the provider
Provide a couple of good

examples of SLAs.
or
1. Using your preferred search web site, search for examples of service level agreements.
2. Referring to the list in the Scenario, determine whether you think the SLA met your requirements.
e
As an alternative to 3. Using a text editor or word processor, create the outline for an SLA between the IT department and the
having students create HR department for the support and maintenance of the employee records database.
at
their own SLA, assign

half of the class to be
the client and half to be
lic
the provider, then create

the SLA as a group. You
can write the SLA outline
on the whiteboard, or if
up
you have remote

students, create it in a
text editor to share.
D
ot
N
o
D

TOPIC D
Monitor Server Performance
Users often report that the server is slow. This might be true, or the users might just be impatient.
Knowing how well your server is performing is an important part of an administrator's duties.
Having a baseline from which to compare current performance is crucial. In this topic, you will
e
monitor server performance.
ut
Performance Monitoring
ib
The tools you use to monitor resource usage vary by operating system and version. Windows offers Performance Monitoring
various tools, though not all tools are available in all versions of Windows. Linux distributions vary
tr
significantly, and each one includes its own selection of tools. The following sections describe
common tools that you can use to monitor storage. Check your operating system version to confirm
their availability or to locate other tools that provide similar functionality.
is
Windows Monitoring Tools
D
Windows offers various tools for monitoring system resources and disk usage. Helpful tools include Windows Monitoring
Reliability Monitor, Performance Monitor, and Resource Monitor. Tools
Resource Monitor
or
e
Resource Monitor contains an important tool called Overview, which you can use to assess and Resource Monitor
maintain the health of your system. Overview is the first tool you see when you open Resource
at
Monitor. It provides real-time graphs and detailed information about four key components:
• CPU—Displays CPU utilization.
lic
• Hard disk—Displays the disk utilization input/output statistics.

• Network—Details network utilization traffic.
• Memory—Displays memory utilization statistics, including the percent of memory used and the
up
number of hard page faults.

D
ot
N
o
D
Lesson 6: Administering the Server | Topic D

e
ut
ib
tr
is
D
or
e
Figure 6-4: Resource Monitor.
at
Performance Monitor
lic
Performance Monitor You use Performance Monitor to monitor computer performance in real time (in one-second
intervals), or in the form of saved reports of real-time data. Hundreds of computer performance
variables called counters are available for measuring and assessing a computer’s performance.
up
Performance data can be logged for historical and analytical purposes. Performance Monitor can
also perform real-time monitoring. Using Performance Monitor, you can:
• Create a baseline to compare system performance over time.
D
• Monitor system resource use.

• Locate performance problems.
• Identify performance bottlenecks.
ot
N
o
D

e
ut
ib
tr
is
D
Figure 6-5: A real-time graph in Performance Monitor.
or
e
Reliability Monitor
at
Reliability Monitor can be accessed from Performance Monitor. It can also be launched as a stand- Reliability Monitor
lic
alone application. Reliability Monitor shows detailed information regarding events that affect system
reliability. The data it produces can be charted using the Stability Index to show how stable a system
has been over the life of the system.
up
The Baselining Process

Creating and applying a baseline is a cyclical process.
D
The Baselining Process

ot
N
o
D

e
ut
ib
tr
Figure 6-6: The baselining process involves repeated testing.
is
The number, type, and frequency of tests performed and recorded in the baseline will vary
D
depending upon the systems and the needs of the organization. The organization must also decide
how often to establish a new baseline to reflect current performance.
Ask students why Typically, you will record baseline measurements to a log file that you can review later, rather than
baselining is so
important. or
examining the measurements in real time. Most performance or network monitoring systems enable
you to save log data. For example, in Windows Server 2012 R2, Performance Monitor gives you the
option to record data directly to log format. When you log data in Performance Monitor, you can
select all counters for a selected object, or specific counters. You can examine the counter values by
e
selecting the counters to add when you open the log file in Chart view.
at
Note: Establishing a baseline allows you to be proactive rather than reactive in managing your
servers.
lic
Linux Monitoring Tools

up
Linux Monitorying Tools The various Linux distributions each offer their own set of tools for system monitoring. In general,
Point out that different any of the GUI environments (Gnome, KDE) will include a resource monitoring tool. In Debian
distributions have Linux, the tool is called System Monitor. You can use it to view CPU, memory, swap (virtual
D
different tools, but the memory), and network information, and more. System Monitor presents information similar to that
functionality is similar. provided by Windows Task Manager.
ot
N
o
D

e
ut
ib
tr
is
D
or
e
Figure 6-7: Linux System Monitor.
at
Linux also offers many command-line tools, such as the input/output statistics program, iostat.
Without command switches, the program outputs CPU utilization, disk utilization, and network
lic
utilization statistics. Using command switches, you can view any one of those three categories
individually. For example, the iostat –d command outputs only disk performance information. In
addition, you can add the -x option to display extended information.
up
For each device, iostat lists the following information:

• tps — The number of transfers per second.
• Blk_read/s — The number of blocks read per second.
D
• Blk_wrtn/s — The number of blocks written per second.

• Blk_read — The total number of blocks read.
• Blk_wrtn — The total number of blocks written.
ot
You should watch for:

• A high number of read or write operations per second indicates a busy disk. Continually high
N
levels indicate a slow disk that should be replaced by a faster one. Steadily increasing values
indicate a disk that is trending toward being a bottleneck. Consider moving data to another
device or upgrading the disk or controller. The increased storage capacity provided by a larger or
o
additional disk should help alleviate the bottleneck.

• A high iowait value indicates that a drive is a bottleneck because the CPU is spending a lot of
D
time waiting for I/O. The disk iops (input/output per second) bottleneck should be alleviated if
you replace the disk with a faster drive.
Other frequently used Linux monitoring tools are top and atop. These interactive monitors show
the Linux system load for CPU, memory, disk, and network usage levels on the system. For more
details, refer to the top and atop man pages.

Virtual Managers
vCenter Operations If you are using virtual machines, your hypervisor most likely has a built-in virtual monitoring tool.
Manager This will provide you with information about the CPU, memory, network, and disk usage of the
vCenter Operations systems running within the hypervisor. You can also monitor the virtual machines outside of the
Manager is just one virtual environment, which removes the overhead created by the hypervisor and virtualization.
example of a virtual
manager.
e
ut
ib
tr
is
D
Figure 6-8: The vCenter Operations Manager.
Performance Baseline
or
e
at
Performance Baseline Creating a baseline is a cyclical process.
Step Description
lic
Evaluate network To decide what statistics to measure, evaluate the network purpose.
You will monitor differently on a network that primarily provides file
access than you would on one that hosts web servers.
up
Design tests Develop a suite of tests that reveals the network's performance level.
Make the tests consistent and yield scalable results, speed times,
percentages, and other ratings. Avoid test that do not show
D
improvement or degradation.
Schedule tests Determine when to run the tests. The tests should include a sample of
different network usage levels, including peak and off-peak usages, and
ot
should be run over a period of time to present a realistic profile.

Run tests Run the tests.
N
Document results Document the test results. Record the data in a way that can be saved
and compared with future tests.
o
Analyze data Analyze the data to identify bottlenecks, which are parts of the system
that perform poorly compared to other components and reduce overall
D
system performance.
Repeat tests Repeat the tests at regular intervals or when network performance
seems low. If the performance data compares unfavorably to the
baseline, try to identify the cause and troubleshoot the problem.

Step Description
Update as needed On an ongoing basis, upgrade or reconfigure components to remove
bottlenecks and then repeat the test to establish new baseline values.
The number, type, and frequency of tests performed and recorded in the baseline will vary
depending upon the systems and the needs of the organization. The organization must also decide
how often to establish a new baseline to reflect current performance.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
Figure 6-9: The baseline process.
Server Optimization
ot
After you have established the server and network performance baseline, you can begin to look for Server Optimization
opportunities to improve performance. Server optimization methods include improving server and
N
data performance. This might include distributing applications over multiple servers, improving
network infrastructure, and server virtualization. In other cases, server optimization might involve
consolidating resources onto a single powerful server that can support virtualization and moving
o
services from one virtual server to another virtual server.

D
Examine the load and performance issues identified when you created your performance baseline.
You might see that disk input/output is where your issues lie. You might alternatively see that you
have too many services running on a single server to gain good performance. When possible, move
intensive services to separate servers.

Swap or Pagefile Optimization

Swap or Pagefile Virtual memory uses swap space or page files on the hard drive when the physical memory on a
Optimization machine is full. Writing to the hard drive is much slower than writing to physical RAM. Even if you
have plenty of RAM in your system, you are still going to run out of room in RAM sometimes.
The default settings for swap or pagefile space are sufficient for most end users, but for servers and
users with high memory requirements, you might want to optimize the swap or pagefile settings.
You can improve performance by moving the swap space from the boot partition to another
partition or even to a separate hard drive. You can also improve performance by allocating a larger
e
area on the drive to use for swap space. If the initial size and maximum size are set to the same
ut
value, you can prevent fragmentation of the items moved to the swap space.
In Windows Server 2012 R2, the swap space is on the boot partition by default. It should be set to
1.5 times the size of the physical RAM as a starting point; the numbers you need will vary based on
ib
the amount of RAM and services offered. Databases require more swap space than other
applications or services. To improve performance, consider moving it to another partition,
tr
preferably on another hard drive. However, Windows does "dump" memory into this location when
a "blue screen" event occurs and it expects the swap file to be on the boot partition. For this reason,
you might consider creating two paging files: one on the boot disk and another one on another
is
partition.
In Ubuntu Linux, the swap file cache is configured using swappiness settings. If swappiness is set
D
to 0, then the system will avoid swapping processes from physical memory to swap cache until
absolutely necessary. If it is set to 100, it will aggressively swap processes from physical memory. By
default, Ubuntu is set to 60. Setting swappiness to 10 is recommended for improved desktop
or
performance, but for servers, leave it at the default.
e
at
lic
up
D
ot
N
o
D
Figure 6-10: Swap file settings in Windows.

Figure 6-11: Swap file settings in Linux.
Current Performance vs Baseline Performance
e
After establishing a performance baseline, you might want to periodically review performance and Current Performance vs
ut
compare it to the baseline. Often, the way you find out that performance has degraded is through Baseline Performance
help desk tickets with users noting that performance is slow.
ib
If your performance baseline was conducted when conditions were different than the current Ask students how time
conditions, you will likely notice a marked difference between current performance versus the of day or what users are
baseline performance. Be sure to conduct the performance baseline under load so that it will be as doing will impact the
tr
close to what users experience as possible. baseline.
is
Processes and Services Monitoring
D
Servers should only run the processes and services required for your environment and users. Any Processes and Services
processes and services that are not required should be disabled or removed. This will help your Monitoring
system run faster and prevent unauthorized access to the processes and services that are not being
used.
or
You can view the processes running on your system. In Windows Server 2012 R2, the processes are
listed in the Resource Monitor on the CPU tab. In Linux, the System Monitor utility Process tab
lists the running processes.
e
at
lic
up
D
ot
N
o
D

e
ut
ib
tr
is
D
or
e
Figure 6-12: Processes running on a Windows server.
at
lic
up
D
ot
N
o
D

e
ut
ib
tr
is
D
or
e
Figure 6-13: Processes running on a Linux server.
at
You can view the services running on your system. In Windows Server 2012 R2 the services can be
found in the Services utility. In Linux, the services are listed in the /etc/services file.
lic
Log Monitoring
up
Log files contain important information about your server. Some of the information is simply that— Log Monitoring
informational. Other entries alert you to potential problems, typically listed as Warnings. The items
you will be most interested are those listed as Errors. Some of the errors you will expect to see are
from invalid login attempts or other failed processes or services. However, if there are other error
D
entries you did not expect to see, those are the ones you will need to investigate and resolve.
Keep an eye on the size of log files. In some servers, you can specify a maximum size that the log
ot
files can grow to, and if they exceed those sizes, the older entries are overwritten. You can also
configure the log files to be backed up before entries are overwritten. If the log files are not set to
overwrite and they are not monitored, the files can grow very large, consuming disk space you might
N
otherwise use for other purposes.

o
D

e
ut
ib
tr
is
D
or
Figure 6-14: Windows Server log files contain important information.
e
In Windows Server Event Viewer, you can do more than just simply view information. You can:
at
• Attach a task to an event. This task might start or stop a service, or send an email if specified
conditions occur.
• Event forwarding. You can configure the servers to forward specific events when certain
lic
conditions occur.
• Specify a collector computer. This computer will collect events, based on subscriptions you
create, from other computers and servers. You can create the subscription for specific logs or
up
specific events.
D
ot
N
o
D

e
ut
ib
tr
is
D
Figure 6-15: Linux server log files contain important information.
You will want to create exception reports. These reports identify what isn't running right on the
servers. In Linux, you can use the inotify command.
or
e
job aids on How to Monitor Server Performance.
at
lic
up
D
ot
N
o
D

ACTIVITY 6-4
Monitoring Server Performance
Before You Begin
e
You are logged in as Administrator on the Windows Server 2012 R2 server and as root on the Linux
ut
server.
Scenario
ib
Your test environment is taking shape nicely now. Before you go any further in creating the
environment, you want to get a baseline on the performance of the servers and network in the test
lab. You want to create baselines for virtual servers.
tr
is
If time permits, have 1. Examine the performance of the Windows Server 2012 R2 server.
students pair up and a) In Server Manager select Tools→Performance Monitor.
D
monitor their partner's b) In Performance Monitor under Performance→Monitoring Tools, select Performance Monitor. A graph
remote server and their is displayed that shows the performance of the system.
local server.
c) At the top of the graph, select the Add button to add additional statistics to the graph.
or
d) Select TCPv4 then select Add. Select OK.
e) From the Start screen, open Internet Explorer and access a search site, then search for the topic of
your choice.
f) In the Performance Monitor window, observe the additional information displayed on the graph.
e
at
lic
up
D
ot
N
o
D
The blue and green lines added to the graph show the TCPv4 datagram activity.

g) Close Internet Explorer and Performance Monitor.
2. Examine the performance of the Linux server using a GUI-based monitoring tool. Time permitting, have
a) From the Linux Desktop select the Search option. students use other
b) In the Search text box, type system monitor and from the results list, select System Monitor. network monitoring tools
in either or both server
c) From the View menu, switch back and forth between My Processes and All Processes, examining
environments.
each list.
d) Select the Resources tab. Graphs for CPU, Memory and Swap, and Network activity are displayed.
e) Open Firefox and search for performance monitoring
e
f) Examine the graphs to see how the activity of performing the search affected each graph.
ut
g) Close Firefox and System Monitor.
3. Examine the performance of the Linux server using command line top command.
ib
a) Open a command line interface on the Linux system. This can be a terminal window inside the GUI
or a separate terminal.
b) With root access, enter man top to view the man page for the top command.
tr
c) At the command prompt, enter top
d) Press O, then press N and finally press Enter to sort the output by memory usage.
is
Note: This is uppercase O and N.
D
e) Enter O K to sort the output by CPU usage.
f) Press q to quit from the command and return to the command prompt.
or
e
at
lic
up
D
ot
N
o
D

Summary
In this module, you learned about some of the tasks involved with administering the server. By
keeping the servers updated and controlling who has access to what, you can go a long way toward
making sure you meet the standards set in SLAs.
use the social What steps do you take to make sure that servers are up to date and that server performance is the best it
e
networking tools can be?
provided on the A: Answers will vary. Using WSUS or another method to make sure that the latest server updates are
ut
LogicalCHOICE Home applied might be useful. Creating a baseline performance level and using monitoring tools to check
current performance levels will help you know if performance needs to be improved.
ib
course is completed for Do you have service level agreements to which you must adhere? Between which parties do you have
further discussion and SLAs? If you don't have SLAs, what will you recommend that your organization include and between which
parties?
tr
continued learning.
A: Answers will vary. SLAs can help maintain good working relationships between users and
is
administrators, users and vendors, or any two parties that provide or receive services from your
server and network. The SLA should include point of contact, security details, time frames for work to
be completed among other things.
D
or
e
at
lic
up
D
ot
N
o
D
Lesson 6: Administering the Server |

7 Implementing Storage
Solutions
e
ut
2 hours, 30 minutes
ib
tr
is
Lesson Objectives
D
In this lesson, you will implement storage solutions. You will:
• Perform capacity planning.
• Deploy primary storage devices. or
• Identify server storage technologies.
e
• Implement RAID.
at
Lesson Introduction
lic
Previously, you examined the hardware and operating system components of a server.
Another important component supporting the data storage needs of your organization is the
up
storage system. In this lesson, you will identify data storage technologies and
implementations.
You can implement a variety of storage solutions for a server—from simple external storage
D
devices and internal hard drives to advanced methods of data storage. You should be able to
compare and contrast the various storage technologies and specifications to decide upon the
best high performance storage solution.
ot
N
o
D
TOPIC A
Perform Capacity Planning
As a server administrator, you need to make sure that there is enough storage space for users to
store their files on the network, that there is enough room for applications to be installed, and space
for updates to applications and the operating system. This is all part of capacity planning. You need
e
to know how much space you need right now and how much space you will need at some distance
ut
into the future. In this topic, you will examine the features available to maximize the space you have,
prevent users from hogging space, and plan for the future as part of capacity planning.
ib
Disk Size Calculation
tr
Disk Size Calculation When you are planning how much disk space you will need for your server, you will need to
consider the advertised space and the actual drive space. Most drive specifications are listed using
Base 10 which rounds to 1000 Megabytes or Gigabytes, versus the actual disk space with is
is
calculated using Base 2, for 1024 Megabytes or Gigabytes. Also, some of that space is used by the
system when formatting and partitioning the drives, and it is unavailable for use.
D
Sometimes the M in MB or the G in GB refers to a decimal measurement (multiples of 1000), and
sometimes it’s a binary measurement (multiples of 1024 based on powers of 2). If you are not seeing
the disk space you expected, perhaps you have just misunderstood which units are being used. The
or
FAT32 file system is less efficient with very large drives compared to NTFS. You can also lose space
with some sector and cluster size combinations.
The block size also affects how disk space is used. If you have a large block size and small files,
e
space is wasted if the small files do not use the entire block.
at
Disk Quotas
lic
Disk Quotas In all server environments, available disk space eventually becomes an issue. This is often a result of
users storing large data files or archiving e-mail messages (which may include attachments) in their
home directories. Depending on the number of users on the network and the amount of data they
up
are storing, disk space can easily become scarce, and you will have to impose rules to control its use.
You can use disk quotas as a means of monitoring and controlling the amount of disk space available
to users. Administrators can use disk quotas as a capacity-planning tool or as a way of managing data
storage. Using disk quotas has the following advantages:
D
• It prevents users from consuming all available disk space.

• It encourages users to delete old files as they reach their disk quotas.
ot
• It allows an administrator to track disk usage for future planning.

• It allows administrators to track when users are reaching their limits.
N
Most NOSs have the ability to implement disk quotas. In Windows Server 2008 and Server 2012,
you can enable disk quotas on any NTFS volume, but they are disabled by default. By enabling disk
quotas, you can see the amount of disk space being consumed by users.
o
In Windows Server 2012 R2, you can use File Server Resource Manager (FSRM) to create quotas.
FSRM uses templates to create quotas.
D
Lesson 7: Implementing Storage Solutions | Topic A

e
ut
ib
tr
is
D
or
e
at
lic
up
D
Figure 7-1: File Server Resource Manager quota templates.
To use disk quotas as a management tool, you can specify the maximum amount of space allocated
ot
to network users. This is particularly useful for volumes hosting home folders, which tend to
consume a lot of disk space. Many organizations establish a quota on users’ home folder volumes.
Exceptions can be created for users who require more disk space than others.
N
It’s important to keep in mind that the amount of disk space that someone uses changes when
ownership of files is transferred from one user account to another. For example, suppose that Moira
o
creates a database called Clients.mdb that occupies 1022 KB on a volume with disk quotas enabled.
After Moira creates and saves the database, her available disk space is decreased by 1022 KB. If
D
Moira later changes job roles within the company and John takes ownership of the database, Moira’s
available disk space would increase by 1022 KB, while John’s would decrease by the same amount.
Quota Parameters
The following table summarizes the options available on the Quota tab of an NTFS volume in
Windows Server 2012 R2. Other NOSs with the disk quota feature will have similar options that you
can configure.

Quota Parameters
Parameter Description
Enable quota management Tracks disk space on the volume and allows for the
configuration of disk quotas.
Deny disk space to users Causes users to be denied access to additional disk space after
exceeding quota limit they reach their quota limits.
Do not limit disk usage Tracks disk usage, but does not limit disk space available to
e
users.
Limit disk space to Sets the default amount of disk space that is available to users.
ut
Set warning level to Sets the default amount of disk space that a user can consume
before a warning message is sent to the user, stating the quota is
ib
being reached.
Log event when user exceeds Causes an event to be entered in the system log to notify the
tr
their quota limit administrator that the user has reached his or her quota.
Log event when a user exceeds Causes an event to be entered in the system log to notify the
is
their warning level administrator that the user is approaching his or her quota.
D
or
e
at
lic
up
D
ot
N
o
D
Figure 7-2: The Quota options for an NTFS volume on Server 2012 R2.

Quota Exceptions
In Windows Server 2012, you can set disk quotas for specific user accounts. On the Quota tab of
the Properties dialog box, click the Quota Entries button to open the Quota Entries window;
then select New Quota Entry from the Quota menu. You can then select the user account for
which you want to establish a quota and configure appropriate quota limits for that user.
Compression
e
File compression is a way to save disk space by removing blank or repeated characters within files. Compression
There are a variety of file and disk compression utilities available, using a variety of compression
ut
algorithms. The various compression algorithms compress files in different ways, with some being
better for some file types and others being better for other file types.
ib
Windows NTFS file systems have built-in compression. The Linux ext4 file system does not have
built-in compression. In both file systems, compressed files show up in a different color to indicate
that the files are compressed. Windows NTFS compression can be enabled on a file, folder, or disk
tr
basis. NTFS compression is performed in the background, automatically decompressing when the
files are accessed.
is
D
or
e
at
lic
up
Figure 7-3: Compressed items are displayed in a different color.
Some of the file compression utilities you might use include:

D
In Linux, enter apropos

• WinZip compression to see what
commands are available
• gzip for compression.
ot
• z
• lzma
N
• 7z
• rar
o
Capacity Planning Considerations

D
Until crystal balls are more accurate at showing us exactly how much storage space we will need, we Capacity Planning
will have to use various tools, assumptions, and forecasts to determine how much storage space we Considerations
need to allocate to servers, to applications, and for users. As a storage administrator, you need to
assess the current disk usage and make predictions about how much storage space will be needed for
both immediate use and for a specific future time frame. Be sure to consider past use as well; this
can be an indicator of how quickly and by how much your storage needs change.

Storage space is getting less and less expensive over time. So, you probably don't want to buy the
amount of storage you need for the next 5 or 10 years. Instead, purchasing and allocating the
amount of storage space you need for the next year or two would be prudent.
As you are analyzing the current and future use, be sure to take into consideration the use of disk
quotas and compression. Also, consider allocating space in tiers, with frequently accessed files in one
tier composed of the fastest and newest storage, and less frequently accessed files on another tier
that could make use of older, slower storage space.
Virtualization also comes into play with capacity planning. Virtualized storage enables you to
e
manage pooled physical storage from a single storage device. Another virtual technique is thin
provisioning in which disk storage space is allocated dynamically based on the minimum space a
ut
user needs at the current time.
There are other items to consider when planning for storage needs.
ib
Tool Description
tr
Quota management How well quotas are used and enforced can have a significant impact
on your storage needs.
is
File screening management Control the types of files users are allowed to save. For example,
preventing storage of files such as music or video.
D
Storage reports Review storage reports to determine what is being stored, where it is
being stored, and by whom.
Classification management Assign classification properties to files or folders, then create
or
classification rules based on those properties to determine actions
that might be taken on the files or folders.
e
Data Dedeuplication and Single Instance Storage
at
Data Deduplication and Data deduplication eliminates redundant data. Duplicate instances of the data are removed, and
Single Instance Storage replaced with a pointer to the unique copy of the data. This works at the block or sub-file level. It is
lic
often used by storage systems and backup systems where the files have similar content, but not
exactly duplicate content. The pointer points to the common elements between the files, and only
the dissimilar parts are stored in separate files. This is often used in virtualization where each guest
up
OS has the same files, but are used in separate deployments of the operating systems. More savings
are achieved when there is more commonality between the various data files.
A similar concept is single instance storage. In this methodology, the file system identifies files that are
identical. Only one of the files is retained, and an external reference to that file is created to point to
D
the single file. This works at the file level. This is often used in email systems where the same
message has been sent to multiple users.
ot
N
job aids on How to Implement Disk Quotas.

o
D

ACTIVITY 7-1
Managing Storage Capacity
Scenario
e
Develetech will be implementing disk quotas and compression on the drives because they are
ut
nearing capacity. You have been asked to try it out in your test environment. You realize some users
will be upset to have limits placed on their storage space, so you want to issue warnings before their
space is used up, so if needed, the user can try to make a case for why they need additional space
ib
allocated. You need to determine if using these features will provide enough additional space on the
servers so that the company doesn't need to purchase additional storage space right away.
tr
1. Install the File Server Resource Manager on the Windows Server 2012 R2 server.
is
a) In Server Manager, on the Dashboard page, select Add roles and features.
b) In the Add Roles and Features Wizard, select Next until you are at the Select server roles page.
D
c) Expand File and Storage Services→File and iSCSI Services then select File Server Resource
Manager.
d) Select Add Features and then select Next twice.
f) Select Install.
g) Select Close.
or
e) Check Restart the destination server automatically if required and then select Yes.
e
2. Implement disk quotas on the Windows Server 2012 R2 server.
a) In the Server Manager navigation pane, select File and Storage Services.
at
b) Select Shares.
c) From the Tasks menu, select New Share.
lic
d) On the Select the profile for this share page, select SMB Share - Advanced and then select Next.
Using the Advanced share profile enables you to set disk quotas on the share.
e) On the Select the server and path for this share page, select Type a custom path.
up
f) In the text box, type c:\shares\marketing and then select Next.

g) On the Specify share name page, select Next to accept the default share name.
h) In the New Share Wizard dialog box, select OK to create the new directory.
i) Select Next until you are at the Quota page.
D
j) Select Apply a quota based on the template.

k) Select each of the templates and review the summary of each template.
Some of the templates have hard limits, others have soft limits. Other features include sending
ot
emails at preset percentage of capacity and logging the event in event log files.
l) Select Monitor 500 MB Share then select Next.
N
m) On the Confirm selections page, select Create.

n) On the View results page, examine the settings and then select Close.
o
3. Compress files on a Windows Server 2012 R2 server. Point out that

a) Open File Explorer from the task bar. compressing files is
D
b) Navigate to C:\shares\marketing. typically used when

archiving data. In
c) Right-click marketing and select Properties.
production it would
d) On the General tab, select Advanced. negatively affect
e) Check Compress contents to save disk space and then select OK. performance.
f) In the marketing Properties dialog box, select OK.
Notice that the name of the folder is now displayed in blue text, indicating that the folder is set to use
compression.

4. Would you recommend compressing the contents of all available storage spaces? Why or why not?
A: Answers will vary. Not all folders and files can be compressed. For user storage, compression can
greatly improve the capacity for storage.
5. At Develetech, some users in the marketing department create video assets to promote company
products. Other users in other departments create few files that are very small. Still others use a
database to track customer orders, customer service requests, and repair orders. What strategy would
you use when making recommendations for disk quotas for these employees?
A: Answers will vary. Each group of users has different capacity needs, so by using groups to create
e
the quota limits, you can meet each group's needs.
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

TOPIC B
Deploy Primary Storage Devices
In the earlier lessons, you identified the main components of a server. Among the important server
components is the storage device. In this topic, you will identify the various types of storage devices
used in servers.
e
As a server technician, your responsibilities include installing and maintaining different types of
ut
internal and external computer components, including storage devices. The ability to identify the
types of storage devices found in most servers will be very useful when you are asked to work on a
server.
ib
Hard Drives
tr
A hard disk drive (HDD) is a storage device that uses fixed media. In other words, the disk is built Hard Drives
is
into a drive that remains in the computer until an upgrade or a repair is underway. Hard drives
connect directly to the system board via at least one cable for data and another for power. The hard
disk itself consists of several metal or hard plastic platters with a magnetic surface coating. Data,
D
which is stored magnetically, can be accessed directly.
Internal hard disk drives are mounted inside the computer case and are connected directly to the
or
system board. External hard disk drives are standalone portable units connected by the system using
a number of connections, including USB and IEEE 1394. There are many types of hard disks. For
example:
• Parallel Advanced Technology Attachment (PATA) - it is also known as Integrated
e
Development Environment (IDE), Enhanced IDE (EIDE), Ultra Direct Memory Access
at
(UDMA), and ATA.)

• Small Computer Systems Interface (SCSI)
• Serial Advanced Technology Attachment (SATA)
lic
up
D
ot
N
o
D
Figure 7-4: Examples of hard drives.
Lesson 7: Implementing Storage Solutions | Topic B

Hard Drive Firmware

Hard drive firmware is located in a flash memory chip on the hard drive. To ensure the correct
functioning of the hard drive, the firmware will access various drive unique parameters from the
hard disk during operation. The firmware controls various hard drive operations. It includes:
• When the hard drive is powered on, the firmware configures the hardware and allows the server
to load the OS.
• During the hard drive operating, the firmware allows the hard disk to interact with other
components in the system.
e
• When the hard drive is powered down, the firmware executes a shutdown sequence and ensures
the hard drive powers down correctly.
ut
Solid State Drives
ib
Solid State Drives Solid state drives (SSD), also known as flash storage, are internal storage devices that store data using
flash memory. Flash memory gets its name because its microchip is organized in such a way that a
tr
section of its memory cells can be erased in a single action or flash. In solid state storage devices,
data can be erased and reprogrammed in units of memory called blocks. Common types of solid
is
state storage devices include USB drives, flash memory cards, and secure digital (SD) memory cards.
D
or
e
at
lic
up
D
ot
Figure 7-5: SSD stores information in memory cells that can be erased in a flash.
Solid state devices contain no moving parts and tend to be more reliable than magnetic drives.
N
Magnetic drives store information on a magnetic coated media that is rotated under a read/write
head. Solid state drives are extremely fast since these devices have no moving parts, eliminating seek
time, latency, and other electromechanical delays inherent in conventional disk drives.
o
Other Solid State Storage Devices

D
In addition to solid state drives, other solid state storage devices include:
• USB flash drives
• Compact flash cards
• Smart media cards
• sD-Picture Cards
• Memory Sticks (MS)

• Secure Digital (SD) cards

• Multi Media Cards (MMC)
Disk Specifications
A number of disk specifications are used to identify features and performance of disk drives. The Disk Specifications
following table describes these specifications.
e
Specification Description
ut
RPM The speed of a hard drive is based on how fast the disk is spun to
retrieve the requested data. This is referred to as revolutions per minute
(rpm). Common speeds include:
ib
• 5,400 rpm
• 7,200 rpm
tr
• 10,000 rpm
• 15,000 rpm
is
Dimensions/form factor Most hard drives are 3.5" form-factor drives. Some are 1" high and
referred to as slimline or low-profile drives. Others are 1.6" high and
D
referred to as half-height drives. If you use the half-height drives, make
sure your server case is designed to support that size, to ensure proper
cooling and power for the drives.
Capacity
or
Drive capacity refers to the amount of data that can be stored on the
drive. Different drive types support different maximum capacities. Also,
different file system types have varying maximum capacities. Capacity is
expressed in MB, GB, TB, PB, or EB.
MB=megabytes,
GB=gigabytes,
TB=terabytes,
PB=petabyte,
e
EB=exabyte
Bus width Bus width refers to the amount of data that can be sent at one time over
at
the data cable between the hard drive and the system.
IOPS Input/Output per second is a performance measurement for storage
lic
devices. This is a value stated by the manufacturer, but will vary based
on the number of read versus write operations, the number of sequential
versus random access requests, and block size on the drive.
up
Seek time and latency Seek time is the amount of time a drive takes to move between tracks.
Latency is the time after the drive gets to the appropriate track to get to
the required sector on the drive.
D
Hotswap vs. non- Hot swapping enables you to plug in or unplug devices without shutting
hotswap components down the computer. Non-hotswappable drives require that you shut
down the system before adding or removing the drive.
ot
Drive Interfaces
N
A variety of drive interfaces can be used in servers. Drive Interfaces

o
Drive Interface Description

D
SAS Serial attached SCSI, which permits SCSI connectivity over cables up to 8
meters long. It has a 1 bit bus width, 300 MBps bandwidth, and supports up to
128 device ports, supporting up to 16,384 devices.

Drive Interface Description

SATA Serial ATA has a transfer rate of 150 to 300 MBps. It is a serial bus
implementation of an ATA-style interface. Many enhancements, including a dual
cable arrangement and dedicated connection to each device make it faster than
the original ATA specification.
SCSI The Small Computer Systems Interface is a bus interface. There are many
varieties of SCSI ranging from 8-bit bus width and 5 MBps bandwidth for the
original SCSI specification to 16-bit bus width and 640 MBps bandwidth for the
e
Ultra-640 standard.
ut
USB You can connect storage devices to the USB bus. However, many common
USB drives are actually ATA drives with an integrated USB interface adapter.
While this is certainly a convenient way to attach an external ATA drive to your
ib
PC, it’s not the same as connecting a drive directly to the USB interface.
USB supports hot swapping, meaning that you can plug in or unplug devices
tr
without powering down the PC. It’s also dynamically self-configuring in that all
you typically need to do to begin using a USB device is to plug it in.
is
Fiber Channel Fiber Channel is a reliable high-speed transmission technology that enables
concurrent communications among workstations, mainframes, servers, data-
D
storage systems, and other peripherals that use the SCSI and IP protocols. It is
scalable to the total system bandwidth of up to one terabit per second. It can
use either a copper or fiber optic cable. Its bandwidth may range from 100
or
Mbps to 2 Gbps, and some implementations even reach 10 Gbps.
Hotswappable Drive Components

e
Some interface technologies, such as USB, FireWire, SATA, and serial SCSI, support the hot-
at
Hotswappable Drive
Components swapping of components, as do some expansion-bus backplane designs. Also called hot plugging,
hot swapping enables you to plug in or unplug devices without shutting down the computer. Hot
lic
plugging requires the following considerations to be handled by designers and users:

• Physical connections
• Dynamic bus configuration
up
• Software enabling and disabling

A hot-plug device must be able to be connected and removed without being damaged by electrical
surges. Of course, such devices must not damage the computer’s electronics. Designers must ensure
D
that both ground and hot connections can be made safely and easily.
Typically, ground wires are connected first to ensure that the device’s electronics have a suitable
electrical ground before voltage is applied. Such a scheme prevents component damage and lessens
ot
the risk of electrical shock as you connect the device. Longer pins, a staggered arrangement of pins,
and edge connector traces are common ways that device designers make sure ground wires connect
first.
N
Special current-limiting circuitry is added inline with power pins to prevent inrushing voltage from
damaging the electronics. Additionally, circuits are designed to operate over a range of voltages
o
because voltages will vary for a few hundred milliseconds—a long time for electronics—as you plug
in the device.
D
With some bus technologies, such as USB and FireWire, the size and shape of the connectors enable
you to quickly and safely connect external devices. For SCSI bus or internal (backplane) connectors,
designers might fashion a slide or lever mechanism to make it easier for you to quickly connect a
new device to the bus.
Once you have physically connected the device, and it has received power (from the bus or external
source), it will need to be configured to participate in communications. This function is handled by

bus and operating system designers. The USB specification, for example, describes how devices
identify themselves and their needs. The operating system uses this information to configure the
new device to coexist with other devices.
Modern operating systems use caching, logging, and journaling to improve the perceived
performance of the system and to add fault tolerance. With such operating systems, you must
disable a device in the operating system before removing it. Doing so forces the operating system to
write cached and journaled files to the disk and to close log files. Windows, for example, provides
the Safely Remove Hardware Wizard, which you use to safely disable a hot-plug device before
physically disconnecting it.
e
ut
job aids on Guidelines for Deploying Primary Storage Devices.
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 7-2
Deploying Primary Storage Devices
Scenario
e
You will be doing more testing in the lab environment that you have created. The drive in the server
ut
is getting nearer to capacity than you would prefer. Your manager has given you permission to begin
searching for additional drives to add to your server. The hardware configuration of the server is:
• Intel® Xeon® E5-2403 v2 1.80GHz
ib
• 8GB RAM
• Support for up to 4, 3.5" Hot-Plug Hard Drives and Embedded SATA
tr
• 500GB 7.2K RPM SATA 3Gbps 3.5in Cabled Hard Drive
One of the goals in the lab environment is to test virtualization and moving services to various
is
virtual servers rather than have all services on one server. Another goal is testing new applications
and hardware. You want to make sure that the drives you request meet these goals and will work
D
properly with your existing server.
Time permitting, have

students install an
internal or external
storage device on their
server.
1.
or
Based on the stated goals and hardware configuration, would you recommend procuring an internal
hard drive or an external portable hard drive? Why?
A: Answers will vary. Internal hard drive will give a more realistic approximation of the network
environment under which the drive will perform. This can be important if when testing new
e
applications, you are also testing the speed of the application. External drives make it easy to
at
swap out a drive configured for one set of applications and replace it with a drive configured with
other applications.
lic
2. How many drives do you recommend procuring for the test environment? Why?
A: Answers will vary. While you could use a single large drive, it might be more prudent to procure
two or more smaller drives, giving you more flexibility in how the server is configured for each test
scenario.
up
3. What disk specifications will you use when evaluating which drive to procure? What are your minimum
requirements you feel you should request in order to provide valid testing of the stated goals?
D
A: Answers will vary. You should consider the capacity, the RPMs, the form factor, the seek time, and
the IOPS at a minimum. The low end of the recommendation should be no less than a SATA 500
GB drive at 7200 RPM.
ot
4. Using your preferred search site, search the web for a server-level drive that meets the needs you
identified in the previous steps.
N
o
D

TOPIC C
Storage Technologies
Network-attached storage is a versatile and efficient system that is an attractive data storage solution
for many organizations. So, there is a good chance that you will work with or evaluate a NAS system
at some point in your career. NAS systems have specific software, hardware, and configuration
e
requirements that you should understand if you find yourself evaluating, implementing, or
ut
supporting a NAS in your environment.
Implementing a SAN is an intriguing possibility for organizations that need extremely high
performance storage solutions. But it is important to weigh the cost, complexity, and tradeoffs of
ib
selecting this type of solution over a NAS, a traditional server cluster, or even basic file servers.
You'll need to understand these and other technical issues if you ever support an organization that
tr
considers a SAN implementation.
In this topic, you will explore storage technologies beyond just installing hard disks within a server.
is
Direct Attached Storage
D
Storage that is attached directly to a server without a network between the storage device and the Direct Attached Storage
server is referred to as direct attached storage (DAS). Typically, the DAS is an enclosure that holds
or
several hard drives and is connected to the computer through SATA, eSATA, SCSI, SAS, or Fiber
Channel. DAS also includes the internal hard drives in the server.
Network Attached Storage

e
at
Network attached storage (NAS) is in essence a self-contained file server that you connect to your Network Attached
network rather than to an expansion bus. NAS devices provide file-level access via their integrated Storage
operating system, such as an embedded Linux version. That software enables you to either manage
lic
access and allocation directly, or integrate such management with your existing network operating
system and infrastructure.
A NAS unit can use a single hard drive or implement a drive array (RAID). It is designed just to
up
provide file-based storage to network users and devices. To clients, a NAS unit appears to be
another file server on the network to which they can map drives to shares on the server.
You connect the NAS device to your network, using your existing media (10BaseT, fiber optic
D
cabling, and so forth). The NAS makes files available via standard file sharing protocols, such as
SMB/CIFS (Windows) or NFS (Linux/UNIX).
In most large data centers, FCoE is the connection option of choice for connecting NAS devices. In
ot
smaller data centers, you can consider using iSCSI instead. While iSCSI isn't as fast as FCoE, it is
much less complicated and less expensive to implement.
N
Storage Area Network

o
A storage area network (SAN) is a device or system that provides block-level access to external storage. Storage Area Network
In essence, a SAN is a self-contained external hard drive. A SAN is typically made up of multiple
D
drives (typically in a RAID configuration), a master control computer, and other devices. A SAN is
displayed to the client operating system as a disk that can be managed through volume management
utilities, can be formatted with the desired file system, and can be mounted.
Unlike NAS, a SAN can act as your server’s primary hard drive—to your server, the SAN appears to
be a local hard drive. Typically, your server communicates with the SAN by using SCSI techniques,
though not typically using the Physical or Transport layer SCSI (e.g. cabling) components. Most
often, you connect SANs via one of these low-level storage network technologies:
Lesson 7: Implementing Storage Solutions | Topic C

• AoE—ATA over Ethernet, a protocol that enables access to SATA (not IDE/PATA) devices
over an Ethernet physical layer.
• iSCSI—SCSI over TCP/IP.
• SAS—Serial attached SCSI, which permits SCSI connectivity over cables up to 8 meters long.
• HyperSCSI—SCSI over Ethernet.
• FCP—Fiber Channel Protocol (a mapping of SCSI over Fiber Channel) over various transports,
including FCoE (Fiber Channel over Ethernet), iFCP (Fiber Channel over IP), and SANoIP
(also Fiber Channel over IP).
e
Software on the SAN enables you to divide the total storage space into multiple virtual drives (or
use just one virtual drive). You can also expand or shrink drives dynamically via the SAN’s
ut
management software. Typically, you can perform backups, drive replacement, RAID rebuilds, and
other operations via the SAN’s console without interrupting your server’s operations.
ib
Just a Bunch of Disks (JBOD)
tr
JBOD Just a Bunch of Disks, or JBOD, also referred to as spanning, is a storage method that uses a number
of external physical hard drives organized into a single logical drive to store data. JBOD is a simple
is
storage technology that allows a server to write to a large storage medium comprising multiple
smaller drivers. Unlike RAID, JBOD does not provide any advantages in terms of redundancy or
D
performance.
Tape
Tape or
A tape drive is a storage device that stores data magnetically on a tape that is enclosed in a
removable tape cartridge. Data on the tape must be read sequentially. Sizes for external tape drives
vary, but internal drives have a 5.25-inch form factor. Tape drives are most commonly used to store
e
backup copies of archived, offline data in large data centers and are almost never used with desktop
at
computers. Technological advances made by IBM have allowed for data on tapes to be accessed and
read in a file format method similar to other storage media, such as optical disks and flash drives.
The specification is called Linear Tape File Systems (LTFS). LTFS is a tape format that determines
lic
how data is recorded on tape and how specialized software will read that data.
A tape library is a device that provides more storage capacity than a single tape cartridge could hold.
A tape library might do so by using a robotic mechanism to switch cartridges in and out as needed.
up
Alternatively, a tape library might use multiple drives, each with its own cartridge, presenting the
combined storage space to the operating system as if it were a single large tape cartridge. Tape
libraries automate the task of manually inserting and removing cartridges, as you must do with a
single drive.
D
You use tape libraries to back up and archive large data sets. For example, the typical SAN provides
more live storage space than can fit on a single backup tape. Such SANs require a tape library for
ot
any backups and restores you perform.

Note: Backup and Recovery is covered in detail elsewhere in the course.
N
Optical Drive
o
D
Optical Drive Optical drives can be internal or external devices. Internal devices can be connected via IDE, Serial
ATA, or SCSI. External drives are most often FireWire (IEEE 1394) or USB devices. Some external
drives might also be connected via SCSI, or even by a parallel connection for older drives. External
versions aren’t as popular as they were in the past because computers now come with internal
optical drives as standard components.

IDE, SCSI, and USB optical drives might require drivers for your operating system. If so, Windows
should detect the drive after you install it and either load the drivers automatically or prompt you for
an installation source. FireWire storage devices don’t require drivers for most operating systems.
WORM Drives
Write once, read many (WORM) devices permit you to store information permanently, or at least in
a form that does not permit the reuse of the media. Most people think of the specialized optical
drive, often called a WORM drive, when considering this type of device. But other devices enable
WORM functionality. Tape drives and punched paper cards are two other types of devices that can
e
provide WORM functionality.
ut
Companies use WORM devices to archive data to comply with government or industry regulations.
For example, medical companies might record patient records on WORM devices to comply with
HIPAA requirements. Once stored, the data could not be altered, so its legal status and legitimacy
ib
would be preserved according to the regulations.
WORM media can be destroyed and sometimes overwritten. But such alterations are typically
tr
obvious. You could rip up a punch card or melt an optical disc, for example. WORM optical drives
typically record data by melting spots on the disc to form binary zeros or ones. Although you could
is
melt all the zeros to transform them to ones, you could not write new usable data to the disc.
D
Solid State Media
There are various types of solid state or flash storage devices, many of which are used in external Solid State Media
devices such as digital cameras and mobile devices.
Solid State Media Description

or
e
USB flash drives USB flash drives come in several form factors, including thumb drives
and pen drives. Thumb drives can be small, from 50 to 70 mm long,
at
17 to 20 mm wide, and 10 to 12 mm thick. Some are as small as the

adapter for a wireless keyboard or mouse. Data storage capacities vary,
from 128 MB up to 128 GB. Data transfer rates also vary, from 700
lic
KBps to 28 MBps for read operations, and from 350 KBps to 15

MBps for write operations.
Compact Flash CompactFlash (CF) cards are flash memory cards that are 43 mm long
up
by 36 mm wide. Due to their compact size, they are typically used in

portable devices. Type I is 3.3 mm thick and Type II is 5 mm thick.
They hold 100 GB or more, and have a 50-pin contact. Transfer
D
speeds of up to 66 MBps are possible. Newer versions of the CF card

offer speeds up to 1 Gbps and can store up to 1 terabyte (TB) of data.
CF cards are commonly used for additional storage in:
ot
• Digital cameras
• Music players
N
• Personal computing devices

• Photo printers
• Digital camera recorders
o
D

ACTIVITY 7-3
Identifying Storage Technologies
Scenario
e
As you continue working on the lab environment you have created, your manager has asked you to
ut
look into researching and testing additional data storage options. You have read about several
storage technologies in the trade publications and have some familiarity with DAS, NAS, SAN,
JBOD, and solid state media. Your manager would also like your opinion on the media for backing
ib
up important data that makes data retrieval fast and easy.
tr
If time permits and you 1. a) If your choices for a storage solution are between DAS, NAS, SAN, and JBOD, and you have a
have access to any of limited budget, which solution would you recommend? Why?
is
the various storage
A: DAS and JBOD would be the least expensive to purchase and implement.
technologies covered in
this lesson, consider
D
2. If access speed and manageability are the most important considerations, which storage technology
taking a field trip to view
would you recommend? Why?
these devices, or if
available, have students A: Answers will vary, but a NAS or SAN would likely be the fastest technology.
set one of the solutions
up.
If time permits, consider
demonstrating
3.
or
An important database that is heavily used needs hourly backups that are kept on site in case anything
needs to be restored at a moments notice. You also perform daily, weekly, and monthly backups of the
database that are sent to off site storage. Which storage solution would you recommend for each of
e
Microsoft's iSCSI
initiator. these backups?
at
A: Answers will vary, but you might use JBOD or a solid state drive for the hourly backups and use a
removable solid state drive or tape for the backups that are stored off site.
lic
up
D
ot
N
o
D

TOPIC D
Configure RAID
The Redundant Array of Independent Disks (RAID) standards are a set of vendor-independent
specifications for improvements in performance and/or fault-tolerant configurations on multiple
disk systems. In a fault-tolerant configuration, if one or more of the disks fails, data may be
e
recovered from the remaining disks. In this topic, you will examine the features or RAID and
ut
implement RAID on your server.
RAID Levels
ib
RAID can be implemented through operating system software, but hardware-based RAID RAID Levels
tr
implementations are more efficient and are more widely deployed. Hardware-based RAID requires a
card, or controller, to show the different disks to the computer as a single drive. These cards are
usually a PCI or PCIe card, but can also be already built into the motherboard. There are several
is
RAID levels, each of which provides a different combination of features and efficiencies. RAID
levels are identified by number; RAID 0, RAID 1, and RAID 5 are the most common.
D
Note: For additional information, check out the LearnTO Select The Appropriate RAID Level
presentation in the LearnTOs for this course on your LogicalCHOICE Course screen.
RAID level
RAID 0
Description or
RAID level 0 implements striping, which is the process of spreading data
LearnTO Select the
Appropriate RAID Level
from the LogicalCHOICE
e
across multiple drives. Striping can dramatically improve read and write Course screen or have
at
performance. Striping provides no fault tolerance, however; because the data students navigate out to
is spread across multiple drives, if any one of the drives fails, you will lose all the Course screen and
of your data. You must have at least two physical disk drives to implement watch it themselves as a
lic
striping, and the largest size RAID-0 partition that can be created is equal to supplement to your
the smallest available individual partition times the number of drives in the instruction. If not, please
set. For instance, combining a 37 GB drive and a 100 MB drive in a RAID 0 the LearnTOs for this
up
set would result in a 200 MB partition; the balance of the 37 GB drive could course on their
not be included in the set (although it would remain available for use in other LogicalCHOICE Course
partitions). screen after class for
supplemental
RAID 1 In RAID level 1, data from an entire partition is duplicated on two identical
D
information and
drives by either mirroring or duplexing. In mirroring, the two disks share a additional resources.
drive controller. In duplexing, each disk has its own drive controller, so the
controller card is not a single point of failure. Data is written to both halves
ot
of the mirror simultaneously. This redundancy provides fault tolerance and

provides for quick failure recovery, but the storage overhead consumes half
N
the available space. The work of reading the data can be split between both
drives, improving performance. However, with the increased read speed, a
RAID 1 implementation loses some write speed.
o
D
Lesson 7: Implementing Storage Solutions | Topic D

RAID level Description

RAID 5 RAID level 5 spreads data byte by byte across multiple drives, with parity
information also spread across multiple drives. You need at least three
physical disk drives that have the same capacity and are the same type. If one
drive fails, the parity information on the remaining drives can be used to
reconstruct the lost data. In the event of a drive failure, data recovery is not
instantaneous (as it is in RAID 1); the bad drive needs to be replaced, and
then the missing data needs to be reconstructed. With RAID 5, disk
e
performance is enhanced because more than one read and write can occur
simultaneously. However, the parity calculations create some write-
ut
performance overhead. Storage overhead is at a ratio of one to the number
of drives in the set (for example, 1/3 overhead in a three-drive set or 1/10
overhead in a 10-drive set), so the more drives that are in the set, the less
ib
overhead, and the better performance. In the event of multiple drive failures,
all data will be irrecoverable.
tr
RAID 6 RAID 6 is nearly identical to RAID 5, except that two parity drives are used
instead of one. This setup permits you to recover from the failure of two
is
drives in a set rather than just one.
RAID 6 offers similar performance benefits as RAID level 5. It offers faster
D
recovery after the failure of a single drive because you can begin operating
again by using the data drives and the remaining parity drive. The rebuilding
of the duplicate parity information can proceed while your system is live and
RAID 10
in use.
or
RAID 10, or RAID 1+0, combines two RAID levels into one. It uses RAID
1 and RAID 0 to provide both mirroring from level 1 and striping from level
e
0. RAID 10 uses a minimum of four disks, in two disk mirrored blocks. This
configuration gives you better performance and system redundancy.
at
Note: The original RAID specifications were titled Redundant Array of Inexpensive Disks. As
lic
the disk cost of RAID implementations has become less of a factor, the term "Independent"
disks has been widely adopted instead.
up
Software vs Hardware RAID

Software vs Hardware You can implement RAID by using software or dedicated hardware solutions. Software-based
D
RAID RAID is typically slower than hardware solutions because the operating system must perform parity
calculations, divide data into blocks for striping, handle recovery operations, and so forth. Dedicated
hardware performs those functions in a hardware-based RAID solution.
ot
Software-based RAID is sometimes called “operating system–based RAID,” as it is typically a

function of the operating system. The RAID levels you can implement vary by operating system, as
described in the following table.
N
Operating systems RAID levels Notes

o
Windows XP and higher client 0, 1, 5 You might need to apply

OS and Windows Server 2008 Service Packs or patches to
D
and higher support all three levels on the

client operating systems.
Additionally, you will need to
use dynamic disks to implement
software-based RAID in
Windows.

Operating systems RAID levels Notes

Linux 0, 1, 4, 5, 6, 0+1, 1+0, 5+0 Check with your distribution’s
publisher to determine the
exact RAID levels it supports.
Mac OS X 0, 1, 1+0, 5
Hardware-based RAID can be implemented with a specialized disk controller that supports the
e
desired RAID level. For larger disk sets, or for more complete and complex solutions, you can
purchase a dedicated RAID unit that features special disk controllers, power supplies, cooling units,
ut
and the necessary bays for installing each of the component drives.
Hardware RAID is more expensive than software RAID, but offers many advantages over software
RAID. Performance considerations include:
ib
• Read and write responses are faster.
• You can place boot and system files on different RAID levels, such as RAID levels 1 and 5.
tr
• You can hot-swap a failed disk with one that works or is new, thus replacing the disk without
shutting down the server. (This option can vary by manufacturer.)
is
• Some hardware-based solutions enable you to implement a hot spare drive. Such drives are
installed in the RAID chassis, powered, and connected to the data bus, but not actively used. If
D
either a data drive or parity drive fails, you can use management software to enable the hot spare
and assign it a role as data or parity drive. Then, when time permits, you can replace the failed
drive, with the replacement becoming the new hot spare.
or
• There are more setup options to retrieve damaged data and to combine different RAID levels
within one array of disks. For example, you can mirror two disks using RAID 1 and set up five
disks for RAID 5 in a seven-disk array. (The RAID options depend on what the manufacturer
offers.)
e
• Many hardware-based RAID systems provide a high-performance cache to improve read and
at
write performance. Typically, this cache is battery-protected so that data in it won’t be lost if a
power failure occurs.
lic
RAID Configuration Specifications

Ideally, all of the drives in the RAID array are identical. If they are not, then the capacity of the RAID Configuration
up
smallest drive is the capacity that will be used on additional drives. The drive RPM should be the Specifications
same across all drives. If it isn't, then you will run into latency issues and writes can be extremely Consider demonstrating
slow. The Fiber Channel SAS and SATA bus types provide the speed and capacity needed for RAID a RAID calculator app.
D
configuration.
Most systems come with RAID support built into the motherboard at this point. If the built-in
RAID does not meet your needs, you can still purchase host-bus adapters to work with the RAID
ot
configuration your organization needs.
Hotswap Support
N
If one of the drives in the RAID array fails, most RAID systems enable you to replace the failed Hotswap Support
o
drive without shutting down the system. This hotswap support is something you should make sure
your RAID system supports. When replacing the failed drive, make sure that the drive has the
D
appropriate capacity and that it is compatible with the other drives in the system. When you
purchase the RAID system initially, consider purchasing additional spare drives so that the
replacement drives match the current drives in the RAID system.

Hot Spare vs Cold Spare

Hot Spare vs Cold Spare The spare drives you have available for your RAID system can be hot spares or cold spares. A hot
spare is installed in the system, unused, and is automatically used if one of the drives fails. A cold
spare is on the shelf, ready to be installed in the system. It requires some manual intervention such
as installing the drive and configuration in the RAID system to let the system know that this other
drive is now to be used.
Array Controller
e
ut
Array Controller An array controller is the device is the RAID system that manages the actual disk drives and enables
the computer to use them as logical units. The array controller communicates with the disks on the
back-end interface and with the host bus adapter in the computer through the front-end interface.
ib
Typically the same protocol is used for both the front-end and back-end communication—PATA,
iSCSI, SATA, Fiber Channel—but, it might use different protocols. Often if Fiber Channel is used
on the front-end, SATA is used on the back end.
tr
The array controller sits between the disks and the host bus adapter. The array communications with
is
the disks through its back end interface and with the computer via its front end interface.
The main purpose of RAID is to attempt to eliminate down time. In addition to providing
additional disks, RAID array controllers also might be equipped with battery backed cache,
D
additional memory, and even redundant controllers. The redundancy controllers are often labeled as
lead and reserve controllers.
or
job aids on How to Configure RAID.
e
at
lic
up
D
ot
N
o
D

ACTIVITY 7-4
Implementing RAID
Scenario
e
Your new drives have not yet arrived, but you want to make sure you know how to create a RAID 5
ut
array so that when they do arrive, you will be able to configure them. For now, you decide to create
additional drives in the virtual environment to practice creating a RAID array. Because it is easier to
do this from the GUI interface, you will switch your server core installation to the GUI interface.
ib
1. Shut down the virtual Windows Server 2012 R2 server and create new drives in the Hyper-V Manager.
tr
a) If your Server 2012 VM server is running, shut it down and close it.
b) In Hyper-V Manager, select the Windows Server 2012 server, then select Settings.
is
c) Select SCSI Controller.
d) Select Hard Drive and then select Add.
D
e) Select New.
f) On the Before You Begin page, select Next.
g) With Dynamically expanding selected, select Next.
h)
i)
j)
k)
or
In the text box, replace the existing text with Disk1 and then select Next.
On the Configure Disk page, accept the default size and select Next.
Select Finish.
Create two additional disks as above, naming them Disk2 and Disk3
e
l) Select OK
at
m) With the server selected, select Connect and then select Start.
2. Create a RAID 5 array on the virtual Windows Server 2012 R2 server. Time permitting, after
lic
a) When the server has restarted, log in as Administrator. students complete this
b) In Server Manager select Tools→Computer Management. step, have them create a
file, disable a drive in the
c) In Computer Management, under Storage, select Disk Management.
up
Hypervisor, then go back

d) Right-click Disk 1 and select Online. Do the same for Disk 2 and Disk 3. into the server and
e) Right-click Disk 1 and select Initialize Disk. access the file.
f) In the Initialize Disk dialog box, verify Disk 1 , Disk 2, and Disk 3 are checked.
D
g) Select MBR and then select OK.

h) Right-click Disk 2 and select New RAID-5 volume.
i) In the New RAID-5 Volume wizard, select Next.
ot
j) On the Select Disks page, from the Available list, select all of the available disks.
k) Select Add. The Selected list should show Disk 1 Disk 2 and Disk 3.
l) In the Select the amount of space in MB text box, enter 100 to specify 100 MB of disk space from
N
each drive.
m) Select Next.
n) Select Next to assign the default drive letter.
o
o) Change the Volume Label to Data and then select Next.

D
p) Select Finish.
q) Select Yes to continue. Drives will be formatted and configured. This might take some time to
complete.
r) Observe the disks in Computer Management. Disks 1, 2, and 3 are all labeled with the same drive
letter Note the size of each drive.
s) Open File Explorer and examine the new Data volume. Notice that the three disks created a volume
that is twice the size of an individual disk, but that it is not the size of all three disks combined.

Summary
In this module, you learned about implementing storage solutions. Figuring out how much disk
space you will need, then selecting the appropriate storage technologies to deploy it are important in
making sure that your users have reliable access to enough space to store their data, and that you
have enough space to deploy applications and services to users.
e
use the social What storage technologies do you currently have deployed in your organization or would you recommend
networking tools for deployment? Do these meet your needs? Why or why not?
ut
provided on the A: Answers will vary. Organizations should make sure that they are using storage technologies designed
LogicalCHOICE Home for server use rather than end-user use. Implementing features such as RAID will help ensure users
have access to their data in the case of disk failure.
ib
course is completed for Do you currently use RAID in your organization? If not why? Which RAID level do you use and why? Would
further discussion and you recommend a different RAID level for your organization? Why?
tr
continued learning. A: Answers will vary. RAID levels offer improved performance and redundancy depending on which RAID
is
You may want to show level is selected. You will need to determine which features are most important to your organization
LearnTO Manage and whether your budget supports newer RAID technologies that enables you to gain both
Storage Volumes using performance and redundancy.
D
iSCSI from the
LogicalCHOICE Course Note: Check your LogicalCHOICE Course screen for opportunities to interact with your
screen or have students classmates, peers, and the larger LogicalCHOICE online community about the topics covered in
navigate out to the
Course screen and
supplement to your
or
Note: For additional information, check out the LearnTO Manage Storage Volumes using iSCSI
e
remind students to visit presentation in the LearnTOs for this course on your LogicalCHOICE Course screen.
at

course on their
lic

supplemental
information and
up
D
ot
N
o
D
Lesson 7: Implementing Storage Solutions |

8 Securing the Server
e
Let students know that if they are interested in more in-depth coverage of security topics, they can take the CompTIA Security+ class.
5 hours
ut
ib
tr
Lesson Objectives
is
In this lesson, you will secure the server. You will:
D
• Configure firewalls.
• Configure security protocols.
• Implement intrusion detection systems.
or
• Implement logical access control methods.
e
• Implement data security methods.
• Apply server hardening techniques.
at
• Identify physical security measures.

lic
• Create a virtual network.
Lesson Introduction
up
Every day the news is full of stories about attackers who have breached another
organization's servers. It is of utmost importance that, as the server administrator, you take
D
every precaution possible to prevent your organization from being next. While there is no
guarantee that you can keep intruders out, configuring security of the network, the data, and
the physical servers goes a long way in at least making it harder from them to gain access. In
ot
this lesson, you will examine some of the ways you can secure the server.
N
o
D
TOPIC A
Configure Firewalls
One of the most popular means of controlling access to network resources from outside the
network is to use firewalls. In this topic, you will install and configure firewalls.
e
While firewalls are a popular means of controlling external access to network resources, they need to
be configured correctly in order to block unwanted traffic while still allowing approved traffic.
ut
Having a solid understanding of how firewalls work and how to configure them will enable you to
increase your network security without blocking traffic that users need.
ib
Firewall
tr
Firewall A firewall is a software program or a hardware device or a combination of both that protects a
system or network from unauthorized data by blocking unsolicited traffic. Firewalls generally are
is
configured to block suspicious or unsolicited incoming traffic, but allow incoming traffic sent as a
response to requests from internal hosts.
D
A network-based firewall is a dedicated hardware/software combination that protects all the computers
on a network behind the firewall. A host-based firewall (also known as a personal firewall) is a software
that is installed directly on a host and filters incoming and outgoing packets to and from that host.
or
Software firewalls can be useful for small home offices and businesses, as well as providing extra
protection to clients and servers on the internal network. The firewall provides many features that
can be configured to suit various computing needs. Some features include:
e
• Enabling or disabling port security on certain ports.
• Filtering inbound and outbound communication. A user can set up rules or exceptions in the
at
firewall settings to limit access to the web.

• Reporting and logging activity.
lic
• Protecting systems from malware and spyware.

• Blocking pop-up messages.
• Assigning, forwarding, and triggering ports.
up
A hardware firewall is a hardware device, either stand-alone or built into a router. A router configured
with an access control list (a packet filtering router) can be used as a simple stateless firewall. By
today’s standards, however, this is considered insufficient to provide any real network security, and
would ordinarily be used by an upstream router to help weed out undesirable traffic before it
D
reaches the firewall.
Windows Firewall
ot
Microsoft includes its software firewall, called Windows Firewall, in Windows Server 2008.
Windows Firewall is turned on by default. Windows Firewall offers many features, such as allowing
N
incoming network connections based on software or services running on a server, and the ability to
block network connections based on the source—the Internet, your local area network, or a specific
range of IP addresses. Also, unlike most firewalls, Windows Firewall can be configured to block
o
only incoming network traffic on your computer. All outgoing network traffic is allowed to travel,
unrestricted, from your computer to its destination.
D
When a software firewall like Windows Firewall filters ports, it prevents software on the outside
from using certain ports on the network, even though those ports have services listening to them.
For example, if you have an intranet website, used only by your employees inside the network, you
can set your firewall to filter port 80. Those on the intranet can access your Web server using port
80 as normal, but those outside can’t reach your web server.
Lesson 8: Securing the Server | Topic A

If a server is having trouble sending or receiving data, it’s possible that the current firewall settings
are preventing the communication from passing through. You might need to allow a specific type of
communication—that’s prohibited by default—to pass through the firewall.
When you need to configure Windows Firewall, open the Control Panel. Double-click Windows
Firewall and then click Change settings to open the Windows Firewall dialog box. You can turn the
firewall on and off, and you can create what are known as exceptions to allow or deny specific types
of network communication. You can also configure firewall protection for multiple network
connections, manage the log file, and configure Internet Control Message Protocol (ICMP) settings.
e
Virtual Firewall
ut
A virtual firewall is a firewall service or appliance running entirely within a virtualized environment.
This can be a software firewall on a guest VM, a virtual security appliance designed for virtual
network security, a virtual switch with additional security capabilities, or a managed kernel process
ib
running within the host hypervisor that sits below all VM activity. Virtual firewalls can operate in
different modes to provide different security services.
tr
• Bridge mode operates by diagnosing and monitoring all incoming and outgoing traffic bound for
other virtual networks or machines. In bridge mode, the firewall does not actively participate in
is
routing the traffic. A bridging firewall does not require any IP routing changes or subnetting to
be inserted into place.
D
• Hypervisor mode resides in the core hypervisor kernel and monitors the virtual host machine's
incoming and outgoing traffic.
Logical Port Security

or
Port security is the process of properly securing ports on a network. The process includes: Logical Port Security
Terminology used for
e
• Disabling unnecessary services.
this course differentiates
• Closing ports that are by default open or have limited functionality.
between logical and
at
• Regularly applying the appropriate security patches. physical port security.

• Hiding responses from ports that indicate their status and allow access to pre-configured
lic
connections only.
Network Access Control (NAC) is a general term for the collected protocols, policies, and hardware
that govern access on device network interconnections. NAC provides an additional security layer
up
that scans systems for conformance and allows or quarantines updates to meet policy standards.
Security professionals will deploy a NAC policy according to an organization's needs based on three
main elements: the authentication method, endpoint vulnerability assessment, and network security
enforcement. Once the NAC policy is determined, professionals must determine where NAC will be
D
deployed within their network structure.

ot
N
o
D

e
ut
ib
tr
is
D
or
e
at
Figure 8-1: NAC governs access on device network interconnections.
IEEE 802.1x is a standard for securing networks by implementing EAP as the authentication
lic
protocol over either a wired or wireless Ethernet LAN, rather than the more traditional
implementation of EAP over PPP. IEEE 802.1x, often referred to as port authentication, employs
an authentication service, such as RADIUS, to secure clients, removing the need to implement
up
security features in APs, which typically do not have the memory or processing resources to support
complex authentication functions.
In 802.1x, the switch or wireless access point puts the client session on hold and does not allow it to
enter the network until either the device or user is authenticated and authorized by a RADIUS
D
server. If you have ever been to a wireless hotspot where you had to enter a user name and
password in a browser before you could access the Internet, you have experienced 802.1x.
ot
An IEEE standard is used to provide a Port-based Network Access Control (PNAC), using the
802.11a and 802.11b protocols. 802.1x uses EAP to provide user authentication against a directory
service.
N
Router Access List

o
Router Access List A router access list, also known as a router access control list, enables you to specify which
protocols specific devices are allows to send or receive. Like a firewall, a router ACL examine
D
Point out to students that

stateless inspection just network traffic and determines whether to allow packets through or not. That is basically all that a
looks at the packet firewall can do. On the other hand, a router ACL can perform other tasks such as filtering routing
header. Decisions are updates, make routing decisions, or identify traffic that should be handled in a specific manner.
made based on IP
address and the The router ACL uses stateless inspection, and examines only the current packet without regard for
transport protocol used. any packets before or after the current packet. A firewall typically uses stateful packet inspection in

which it examines the current packet on the basis of the conversation of which the packet is a part.
A firewall has more control over network traffic, but a router ACL has more control over routing.
In the past, routers and firewalls served separate functions, but with the cost of the router and
firewall hardware coming down, functionality has crossed between the two types of devices. Some
firewalls also function as routers and some routers function as firewalls.
Security Zones
e
Firewall zones are used to create a virtual or physical network topology or architecture that creates Security Zones
separate areas (zones) with differing security levels. For example, web servers may be placed inside Point out firewall rules
ut
firewalls with increased security due to frequent attacks, while a departmental file server might be are needed. Ask
placed in a medium security zone because it is less likely to be directly attacked. students where they
think resources need to
ib
A demilitarized zone (DMZ) is an area between the private network (intranet) and a public network go to implement security
(extranet) such as the Internet. A DMZ isn’t a direct part of either network, but is instead an zones.
additional network between the two networks.
tr
Computers in the DMZ are accessible to nodes on both the Internet and the intranet. Typically,
computers within the DMZ have limited access to nodes on the intranet, but direct connections
is
between the Internet and nodes on the internal network are blocked. For example, you might put
your company’s mail server in a DMZ. Users on both the internal network and the Internet will
D
need access to the mail server. The mail server might need to communicate with internal storage
servers to save files and other data. But Internet users shouldn’t have access to your internal
network.
or
Typically, a router is used to filter all traffic to the private intranet while allowing full access to the
computer in the DMZ. The router is solely responsible for protecting the private network. The IP
address of the DMZ host is entered in the router configuration. This IP address is allowed full
Internet access, but other computers on the network are protected behind the firewall provided by
e
the router. The disadvantage of this setup is that sometimes a router firewall can fail and allow
at
traffic through to the intranet.

lic
up
D
ot
N
o
D

e
ut
ib
tr
is
D
Figure 8-2: A router separates the DMZ and the intranet from the Internet.
or
job aids on How to Configure Firewalls.
e
at
lic
up
D
ot
N
o
D

ACTIVITY 8-1
Configuring Firewalls
Scenario
e
You want to improve the network security by only allowing the types of connections needed for
ut
your test lab environment. To accomplish this you will verify that the Windows Firewall is on and
configured correctly.
ib
1. Turn on Windows Firewall.
a) In the Server Manager window on your physical server, in the Welcome to Server Manager section,
tr
select the Configure this local server link.
b) In the Properties section, select the link to the right of Windows Firewall.
is
c) In the Windows Firewall window, in the left pane, select the Turn Windows Firewall on or off link.
d) In the Customize Settings window, in the each of the three sections—Domain network settings,
D
Private network settings, and Public network settings,— select the Turn off Windows Firewall (not
recommended) option and select OK.
or
e
at
lic
up
D
ot
N
o
D
2. Customize firewall settings.

a) In the Domain networks section, observe the settings summary.
b) In the left pane, select the Advanced Settings link.
c) In the Windows Firewall with Advanced Security window, in the center pane, select Windows
Firewall Properties.

d) In the Windows Firewall with Advanced Security on Local Computer dialog box, verify that the
Domain Profile tab is selected.
e) In the Firewall state section, select Customize.
f) In the Protected Network Connections for the Domain Profile dialog box, verify that all network
connections are selected, and select OK.
g) In the Settings section, select Customize.
h) In the Customize Settings for the Domain Profile dialog box, in the Display a notification drop-down
list, select Yes, and select OK.
i) In the Windows Firewall with Advanced Security on Local Computer dialog box, select OK.
e
j) Close the Windows Firewall with Advanced Security window.
ut
3. Examine firewall functionality.
a)
Point out that ping can Ping another server.
ib
be a vulnerability on b) Select Advanced settings.
networks. c) Select Inbound Rules.
tr
d) Select File and Printer Sharing (Echo Request - ICMP4 -In) for the Domain.
e) Select Disable Rule.
is
f) Try pinging the other server again to see that you can no longer ping.
g) Reset the Inbound Rule.
h) Close the Windows Firewall with Advanced Security, theWindows Firewall, and the Command
D
Prompt windows.
or
e
at
lic
up
D
ot
N
o
D

TOPIC B
Configure Security Protocols
Using and configure secure protocols is a good way to help protect your server and network. Using As you work through the
secure protocols with encryption and digital certificates will help you maintain a secure connection lesson, point out
between the client and the server. In this topic, you will configure security protocols. protocols that cover data
e
in motion, data at rest,
and data in use (in
ut
IPSEC memory).
IPSec (Internet Protocol Security) is a set of open, non-proprietary standards that you can use to IPSEC
ib
secure data as it travels across the network or the Internet through data authentication and
encryption. IPSec in Tunnel mode is often used with Layer Two Tunneling Protocol (L2TP). L2TP
tr
employs IPSec as the transport mode for authentication, integrity, and confidentiality. Data
encryption is accomplished by IPSec, which uses Data Encryption Standard (DES) or Triple DES
(3DES) encryption to provide data confidentiality. IPSec can also be used on its own to provide
is
both tunneling and encryption of data.
D
Note: L2TP has wide vendor support because it addresses the IPSec shortcomings of client-to-
gateway and gateway-to-gateway connections.
or
In site-to-site and client-to-site VPN connections, IPSec is implemented to ensure secure data
transactions. In client-to-site VPN connections, open and closed networks can be used. In the case
of an open VPN, the path between the end node and the IPSec gateway is not secured. In the case
of a closed VPN, the path between the end node and the IPSec gateway is secured.
e
Authentication Protocols
at
Authentication protocols are used to confirm the identity of a user that requests network access. Authentication Protocols
lic
There are a variety of protocols in use, with some being more secure than others. Some The exam objectives list
authentication protocols are used by the network to allow one network to communicate with LDAP as an
another network. authentication protocol,
but technically it is not.
up
Authentication Description Kerberos uses LDAP.

Protocol
Kerberos Kerberos uses Lightweight Directory Access Protocol (LDAP) which is a

D
protocol that defines how a client can access information, perform

operations, and share directory data on a directory server. It was designed
for use specifically over TCP/IP networks and on the Internet in particular.
ot
In most implementations, LDAP relies on the DNS service. First, DNS

enables clients to find the servers that host the LDAP directory, and then
N
the LDAP servers enable clients to find directory objects. Most common
network directories are LDAP-compliant.
o
D
Lesson 8: Securing the Server | Topic B

Authentication Description
Protocol
RADIUS Remote Authentication Dial-In User Service (RADIUS) is a protocol that
enables a server to provide standardized, centralized authentication for
remote users. When a network contains several remote access servers, you
can configure one of them to be a RADIUS server and all of the others as
RADIUS clients. The RADIUS clients will pass all authentication requests
to the RADIUS server for verification. User configuration, remote access
e
policies, and usage logging can be centralized on the RADIUS server.
RADIUS is supported by VPN servers, Ethernet switches requiring
ut
authentication, WAPs, as well as other types of network devices.
RADIUS was originally developed by AT&T as an accounting protocol to
ib
charge customers for network usage. Its role, however, eventually expanded
to include authentication and authorization. RADIUS uses UDP ports 1812
and 1813. Some RADIUS implementations use UDP 1645 and 1646.
tr
In Windows Server 2012 R2, RADIUS implementation is accomplished
through Routing and Remote Access.
is
TACACS and Terminal Access Controller Access Control System (TACACS) and
TACACS+ TACACS Plus (TACACS+) are authentication protocols that provide
D
centralized authentication and authorization services for remote users.
TACACS includes process-wide encryption for authentication, while
or
RADIUS encrypts only passwords. TACACS uses TCP instead of UDP
and supports multiple protocols. Extensions to the TACACS protocols
exist, such as Cisco's TACACS+ and XTACACS.
TACACS+, which is open standard, uses TCP port 49 and also supports
e
multifactor authentication. TACACS+ is considered more secure and more
scalable than RADIUS because it accepts login requests and authenticates
at
the access credentials of the user. TACACS+ is not compatible with

TACACS because it uses an advanced version of the TACACS algorithm.
lic
SSL and TLS

up
SSL Secure Sockets Layer (SSL) is a security protocol that combines digital certificates for authentication
with public key data encryption. SSL is a server-driven process; any web client that supports SSL,
including all current web browsers, can connect securely to an SSL-enabled server.
D
ot
N
o
D
Figure 8-3: SSL combines digital certificates for authentication.
SSL is used specifically to protect network traffic. It works at Layer 6 of the OSI model. Its most
common use is to work in conjunction with HTTPS to encrypt web connections.

The encryption process in SSL consists of the following steps:

1. A client requests a session from a server.
2. The server responds by sending its digital certificate and public key to the client.
3. The server and client then negotiate an encryption level.
4. The client generates and encrypts a session key using the server's public key, and returns it to the
server.
5. The client and server then use the session key for data encryption.
e
ut
ib
tr
is
D
or
e
at
lic
up
Figure 8-4: SSL combines digital certificates with public-key data encryption.
D
ot
N
o
D
Transport Layer Security (TLS) is the successor to SSL. Most modern browsers support both.
TLS is very similar to SSL, but the two protocols are incompatible with each other.
TLS1.2 is the current version of the TLS protocol and 1.3 is in process. TLS1.2 has a variety of
security measures:

• It prevents downgrade of the protocol to a previous (less secure) version or a weaker cipher
suite.
• It uses sequence numbering based on application records in authentication code for messages.
• It uses a message digest upgraded with a key to ensure that MAC can be checked only by a key-
holder.
job aids on Guidelines for Selecting Security Protocols.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 8-2
Implementing Authentication Protocols
Before You Begin
e
You will use the Kali Linux server and your physical Server 2012 R2 server for this activity.
ut
Scenario
Before you recommend the authentication protocols to use, you want to test various protocols in
ib
your test environment.
tr
1. Start your Kali Linux server.
a) In the Hyper-V Manager, start your Kali Linux server.
is
b) When prompted to log in, type toor
D
2. Examine a certificate.
a) Open a web browser to access www.google.com
Notice that this uses an https address.
or
b) In the browser, select Tools→Page Info then select the Security button.
c) Select View Certificate to examine the certificate for the secure site.
d) Close the Certificate Viewer and Page Info windows.
e
3. Using Wireshark, examine the packets related to accessing the site.
at
a) From the Kali Linux Applications menu, select Internet→Wireshark.

b) Select OK to continue.
c) Select OK again.
lic
d) Select the interfaces, then select Start.

e) Access several sites, both http and https, and examine the captured packets.
up
4. Implement IPSec using firewall security rules.

a) On the physical Server 2012 R2 server, in Windows Firewall with Advanced Security, select
Connection Security Rules.
b) In the Actions pane, select New Rule.
D
c) On the Rule Type page, examine the options, then with Isolation selected, select Next.
d) On the Requirements page, examine the options, then with Request authentication for inbound and
outbound connections selected, select Next.
ot
e) On the Authentication Method page, select Next.

f) On the Profile page, verify all check boxes are checked, then select Next.
N
g) In the Name text box, type MyIpSecRule and select Finish.

h) On the Kali Linux VM, access various web pages, then view the results in Wireshark.
i) End the Wireshark capture and close Wireshark.
o
j) Close the browser window on the Kali Linux server.

D

TOPIC C
Implement Intrusion Detection Systems
No matter how many steps you take to secure your network, there is always a chance that it can be
breached. In this topic, you will describe methods of threat detection and prevention.
e
At one time, computers were connected to an internal organization's network and most people did
not access the Internet on a daily basis. The Internet has become an indispensable part of our daily
ut
lives. With millions of connections comes the very real potential for malicious attacks on an
organization's network. As a network administrator, you must be aware of potential threats to your
network and methods you can employ to protect data and resource availability.
ib
Intrusion Detection System
tr
IDSs An Intrusion Detection System (IDS) is software or hardware, or a combination of both, that scans,
is
audits, and monitors the security infrastructure for signs of attacks in progress and automates the
intrusion detection process. It is used to quickly detect malicious behavior that compromises the
integrity of a computer so that appropriate action can be taken. IDS software can also analyze data
D
and alert security administrators to potential infrastructure problems. An IDS can comprise a variety
of hardware sensors, intrusion detection software, and IDS management software. Each
implementation is unique, depending on the security needs and the components chosen.
or
e
at
lic
up
D
ot
N
Figure 8-5: IDS detects an attack.

o
D
Both a firewall and an IDS enforce network policies but the way they accomplish that task is
significantly different. An IDS collects information and will either notify you of a possible intrusion
or block packets based on configuration settings determined by a defined signature. A firewall filters
traffic based on configuration settings alone. It can be helpful to keep in mind that many firewall
and IDS systems have functionality that overlaps, or is integrated into the same device or system.
Lesson 8: Securing the Server | Topic C

Snort is an open-source, free IDS software available for detecting and preventing intrusions. It is
available at www.snort.org. This software has the capability to log data, such as alerts and other log
messages, to a database.
Network Intrusion Detection System

A network intrusion detection system is a network-based IDS that monitors network traffic and Network Intrusion
restricts or alerts when unacceptable traffic is seen in the system. It can be connected to a switch Detection System
e
and is most often referred to as a network intrusion detection system (NIDS). An example of an NIDS is
Snort.
ut
A network-based IDS primarily uses passive hardware sensors to monitor traffic on a specific
segment of the network. A network-based IDS cannot analyze encrypted packets because they have
no method for decrypting the data. They can sniff traffic and send alerts about anomalies or
ib
concerns. Many network-based IDSs allow administrators to customize detection rules so that they
may be tailored to a specific environment.
tr
Host-based Intrusion Detection System
is
A host-based intrusion detection system is IDS capability installed on a workstation or server to Host-based Intrusion
D
protect that device. It monitors the computer internally, and detects which program accesses the Detection System
particular resource(s). It checks the host completely, and gathers information from the file system,
log files, and similar places and detects any deviations from the security policy. This types of IDS is
most often referred to as a host intrusion detection system (HIDS).
or
A host-based system primarily uses software installed on a specific host, such as a web server. Host-
based IDSs can analyze encrypted data if it is decrypted before reaching the target host. However,
host-based IDSs use the resources of the host they are installed on, and this can add to the
e
processing time from other applications or services. Many host-based IDSs allow administrators to
customize detection rules so that they can be tailored to a specific environment.
at
lic
up
D
ot
N
o
D

ACTIVITY 8-3
Researching Intrusion Detection Systems
Scenario
e
You want to remove a potential security vulnerability of your servers by scanning them for open
ut
ports. Develetech has had problems in the past with attackers getting access to applications on
servers by getting through the firewall and accessing open ports on the servers. You are beginning
the process of researching IDSs that might work well for your organization.
ib
1. Open a web browser to your preferred search site.
tr
2. Search for guidelines for implementing IDS on servers.
is
3. Compare features and functions for some of the IDSs available.
D
4. Determine which IDSs you would consider testing.
Be sure to include any 5. Share your results with the class.

remote students in the
discussion. See if the
class comes to a
consensus on which IDS
or
e
they would implement.
at
lic
up
D
ot
N
o
D

TOPIC D
Implement Logical Access Control Methods
You are familiar with the server software fundamentals. The server software comes with many
features that help users and administrators to manage network resources in an efficient manner. In
this topic, you will examine the logical access control method features present in server software.
e
Because resources on a network are shared with multiple users, it is essential to have some
ut
mechanism to ensure their sharing among all users in an efficient manner. All network operating
systems have important user management and resource management features. Knowing these
features is essential to managing users and resources efficiently.
ib
Logical Controls
tr
Logical access control methods are the access methods and protocols used to identify, authenticate, Logical Controls
is
and authorize access to systems, software or data. Logical controls are also used to monitor and for
accounting of the access granted or denied to the requester.
D
Access Control Lists
as a computer, file, or network.

or
An Access Control List (ACL) is a set of data that can include things such as user names, passwords,
time and date, IP addresses, and MAC addresses. ACLs are used to control access to a resource such
ACLs can be assigned to specific users. Usually it is more efficient to use groups. Groups define the
ACLs
Point out that ACLs
control access to the
items listed in objective
e
4.4 of the exam
users who perform a specific role in the organization. ACLs can be used to provide the users or objectives.
at
groups with access to the file system, to network ACLs, peripheral devices, administrative rights,
and distribution lists.
lic
up
D
ot
N
o
D
Figure 8-6: ACLs control access to network resources.
Lesson 8: Securing the Server | Topic D

Permissions
Permissions A permission is a security setting that determines the level of access a user or group account has to a
particular resource. Permissions can be associated with a variety of resources, such as files, printers,
shared folders, and network directory databases. Permissions can typically be configured to allow
different levels of privileges, or to deny privileges to users who should not access a resource.
e
ut
ib
tr
is
D
Figure 8-7: Permissions determine the user access level.
or
Rights and permissions can be assigned to individual user accounts. However, this is an inefficient
security practice, because so many permission assignments must be duplicated for users with similar
roles and because individual users' roles and needs can change frequently. It is more efficient to
e
create groups of users with common needs, and assign the rights and permissions to the user
at
groups. As the needs of individual users change, the users can be placed in groups with the
appropriate security configuration.
lic
NTFS Permissions
On Windows operating systems, file-level security is supported on drives that are formatted to use
the Windows NT File System (NTFS). These permissions can be applied either to folders or to
up
individual files. NTFS permissions on a folder are inherited by the files and subfolders within it.
There are several levels of NTFS permissions, which can determine, for example, whether users can
read files or run applications; write to existing files; and modify, create, or delete files.
D
Permission Allows the User To
Read • Permits viewing and listing of files and subfolders.

ot
• Permits viewing or accessing of the file's contents.

Write • Permits adding of files and subfolders.
N
• Permits writing to a file.

Read & Execute • Permits viewing and listing of files and subfolders as well as
o
executing of files.
• Permits viewing and accessing of the file's contents as well as
D
executing of the file.

List Folder Contents • Permits viewing and listing of files and subfolders as well as
executing of files.
Modify • Permits reading and writing or deletion of files and subfolders.
• Permits reading and writing or deletion of the file.


Full Control • Permits reading, writing, changing, and deleting of files and
subfolders.
Special Permissions • Permits specific actions that a are part of other permissions to
be performed on folders and files. These permissions are
limited to very specific actions.
e
Permission Evaluation
ut
When evaluating permissions on a Windows system, you need to take into consideration whether
the permissions were assigned through shares or through NTFS permissions. Permissions assigned
directly to the user or through a group also needs to be considered as the results can be cumulative.
ib
Source Results
tr
NTFS + NTFS All permissions, but Deny overrides any granted permission.
Share + Share All permissions, but Deny overrides any granted permission.
is
Note: Share permissions are only evaluated over the network.
D
NTFS + Share Most restrictive permission.
UNIX Permissions or
Because UNIX and related systems are multiuser by nature, there is a series of permissions
associated with all files and directories. There are three types of permissions.
e
at
r (read) • View file content.

lic
• See what is in the directory.

w (write) • Modify file contents.
• Create and delete directory contents.
up
x (execute) • Run the file (if it is an executable program and is combined

with read).
D
• Move into the directory. When combined with read, you can
also see a long listing of the contents of the directory.
ot
File vs Share Permissions

N
File-level permissions allow users to set access control to individual files and folders. File-level File-level Permissions
permissions will prevent any unauthorized access to a file or folder both across the network and
locally by prompting all users, including the user who created the file, to enter the correct user namd
o
and password for access. In Windows operating systems, file-level permissions can be implemented
only on those hard disks or partitions that use NTFS file systems.
D
Share-level permissions are permissions set for network shares. A network share is a folder on a Share-level Permissions
computer that can be remotely accessed from other computers through a local area network as if it
were a resource in the local machine. By setting up a share-level permission, a user can prevent the
remote users from accessing or modifying the files in the user's network share. Although share-level
permissions work well across a network, they offer no protection against a user who's logged on
locally to the computer or server containing the shared resource.

A downside to share-level security is that the server may eventually contain so many shares that it's
hard for users to remember their folders. If users want to search for information and they don't
know which are it is contained in, they will have to find the server and search each share on the
server for the desired information.
Separate permissions at the share level and file level is unique to Windows environments. In Linux,
the same set of read, write, and delete permissions are valid at both the local level and across the
network.
e
ut
job aids on How to Configure Logical Access Control.
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 8-4
Configuring Logical Access Control
Scenario
e
You want to test out how changing permissions affects users. You will create three users to test
ut
various scenarios. One user will remain without any changes to their permissions. The other two
users will be added to groups, and the users and the groups will be given various permissions to
folders that you will create. You want to see whether you understand how changing the permissions
ib
affects each of the different users.
You want to make sure that only members of the Finance group can view, access, and change files
in the Finance folder. Similarly, you want to test the HR folder. You also want to create a folder for
tr
the various social clubs employees have formed in which anyone can create, change, and view files,
but not delete files.
is
D
1. Create three users.
a) In Server Manager, select Tools→Active Directory Users and Computers.
b) In the navigation pane, expand lab##.develetech.com.
c)
d)
e)
f)
Right-click Users and select New→User.
Enter the User login name jsmythe and then select Next.
or
In the New Object - User dialog box, enter the First name Julius and the Last name Smythe
Enter and confirm the password P@ssw0rd! then uncheck User must change password at next
e
logon and check Password never expires and select Next.
at
g) Select Finish.
h) Create two more users with the names Ali Lund and Charlie Fromme
lic
2. Create two groups.

a) Right-click Users and select New→Group.
b) In the New Object - Group dialog box, enter the Group name Finance then select OK.
up
c) Create another group with the name HR.
3. Add users to groups.

a) Right-click Ali Lund and select Properties.
D
b) Select the Member Of tab.

c) Select Add.
ot
d) In the text box, type finance then select Check Names.

e) Select OK twice.
f) Add Charlie Fromme to the HR group.
N
4. Create three folders on the Windows Server.

a) Open File Explorer.
o
b) Display the contents of the C: drive.

D
Note: If your server was set up as a dual-boot system, your local drive could
be a different drive letter.
c) Create a folder named Finance
d) Create a folder named HR
e) Create a folder named Clubs
5. Assign permissions to the folders you created.

a) Right-click the Finance folder and select Properties.

b) Select the Security tab.
c) Select Edit.
d) Select Add.
e) In the Enter the object names to select text box, type finance and then select Check Names.
f) Add Ali Lund and then in the Allow column, check Full control.
g) Select Apply, then select OK.
h) Select Advanced.
e
i) Select Disable inheritance and then select Remove all inherited permissions from this object.
j) Select OK.
ut
6. Examine the effective permissions.
ib
Note: Effective Permissions only examines NTFS permissions.
tr
a) In the Finance Properties dialog box, with the Security tab selected, select Advanced.
b) Select the Effective Access tab.
is
c) Select the Select a user link.
d) Type Charlie then select Check Names and select OK.
e) Select View effective access.
D
Charlie Fromme should not have any access to this folder.
f) Select OK.
g) Check the effective access for the Finance group and for Ali Lund.
One suggestion for other

combinations of
permissions to
or
7. Test other combinations of permissions for the other folders and users you created.
e
demonstrate or have
at
students is to try include

adding more users to the
group, then explicitly
lic
denying the group a

permission.
up
D
ot
N
o
D

TOPIC E
Implement Data Security Methods
So far in this lesson, you have examined ways to keep intruders out of your network. All of this is in
order to protect the data stored on your servers. In this topic, you will implement various data
security methods.
e
ut
Encryption
Encryption is a cryptographic technique that converts data from plain, or cleartext form, into coded, or Encryption
ib
ciphertext form. Only authorized parties with the necessary decryption information can decode and Technically, one-way
read the data. Encryption can be one-way, which means the encryption is designed to hide only the encryption is hashing.
tr
cleartext and is never decrypted. One-way encryption destroys the original data, leaving just the Give the analogy for
hash. Encryption can also be two-way, in which ciphertext can be decrypted back to cleartext and hashing as a "frog in a
read. blender" and encryption
is
as disguising the frog
Note: Encryption is useless if someone has your username and password. who will later have the
disguise removed to
D
reveal it is indeed a frog.
or
e
at
lic
up
Figure 8-8: Encryption converts plain data into ciphertext.

D
Cryptography is the science of hiding information. The practice of cryptography is thought to be

nearly as old as the written word. Current cryptographic science has its roots in mathematics and
computer science and relies heavily upon technology. Modern communications and computing use
ot
cryptography extensively to protect sensitive information and communications from unauthorized

access.
N
Note: The word cryptography has roots in the Greek words kryptós, meaning hidden, and
gráphein, meaning to write, translating into hidden writing.
A cipher is a specific set of actions used to encrypt data. Plaintext is the original, unencoded data.
o
Once the cipher is applied via enciphering, the obscured data is known as ciphertext. The reverse
D
process of translating ciphertext to cleartext is known as deciphering.

It is becoming common to encrypt many forms of communications and data streams, as well as
entire hard disks. Some operating systems support whole-disk encryption, while some other
commercially available open-source tools are capable of encrypting all or part of the data on a disk
or drive.
An encryption algorithm is the rule, system, or mechanism used to encrypt data. Algorithms can be
simple mechanical substitutions, but in electronic cryptography, they are generally complex
Lesson 8: Securing the Server | Topic E

mathematical functions. The stronger the mathematical function, the more difficult it is to break the
encryption. A letter-substitution cipher, in which each letter of the alphabet is systematically
replaced by another letter, is an example of a simple encryption algorithm.
Digital Certificates
Digital Certificates A digital certificate is an electronic document that associates credentials with a public key. Both users
Point out that digital and devices can hold certificates. The certificate validates the certificate holder’s identity and is also a
e
certificates and way to distribute the holder’s public key. A server called a Certificate Authority (CA) issues certificates
certificates and and the associated public/private key pairs. A root CA is typically the first or only CA installed. A
ut
encryption are not root certificate is an unsigned public key certificate or a self-signed certificate that identifies the root
security protocols, but CA.
are presented here to
ib
facilitate discussion of
SSL and TLS.
tr
is
D
or
e
at
Figure 8-9: Digital certificates associate credentials with a public key.
A CA can issue multiple certificates in the form of a tree structure. A root certificate is at the top of
lic
the tree, and is the private key which is used to sign other certificates. All certificates immediately
below the root certificate inherit the trustworthiness of the root certificate. Certificates further down
the tree also depend on the trustworthiness of the intermediates CAs.
up
An encryption key is a specific piece of information that is used in conjunction with an algorithm to
perform encryption and decryption. A different key can be used with the same algorithm to produce
different ciphertext. Without the correct key, the receiver cannot decrypt the ciphertext even if the
D
algorithm is known. The longer the key, the stronger the encryption.
In a simple letter-substitution algorithm, the key might be replace each letter with the letter that is
two letters following it in the alphabet. If the same algorithm were used on the same cleartext but
ot
with a different key—for example, replace each letter with the one three letters before it—the
resulting ciphertext would be different.
N
Certificates and Encryption

o
Certificates and Certificates can be used for data encryption. The certificate encryption process consists of four
Encryption steps:
D
1. A security principal obtains a certificate and a public/private key pair from a CA.
2. The party that encrypts data obtains the user's public key from the user or from the CA's
certificate repository.
3. The encrypting party then uses the public key to encrypt the data and sends it to the other user.
4. The other user uses the private key to decrypt the data.

e
ut
ib
tr
Figure 8-10: Users share keys and certificates to encrypt and decrypt data.
is
The Encrypting File System (EFS) is a file-encryption tool available on Windows systems that have
D
partitions formatted with NT File System (NTFS). EFS encrypts file data by using digital certificates.
If a CA is not available to issue a file-encryption certificate, the local system can issue a self-signed
encryption certificate to users who want to encrypt files. Unlike NTFS permissions, which control
or
access to the file, EFS protects the contents of the file. With EFS, you can keep data secure even if
NTFS security is breached—for example, if an attacker steals a laptop computer and moves the
laptop's hard drive to another system to bypass the NTFS security implementations.
e
Public Key Infrastructure
at
Public Key Infrastructure (PKI) is an encryption system that is composed of a CA, certificates, software, PKI
services, and other cryptographic components. It is used to verify data authenticity and validate data Explain how public/
lic
and entities. PKI can be implemented in various hierarchical structures, and may be publicly private keys are used for
available or maintained privately by an organization. It can also be used to secure transactions over secure key exchange vs.
the Internet. digital signing.
up
D
ot
N
o
D

e
ut
ib
tr
is
D
or
Figure 8-11: PKI consists of a CA, certificates, software and services.
e
PKI contains several components:
at
• Digital certificates, to verify the identity of entities.

• One or more CAs, to issue digital certificates to computers, users, or applications.
lic
• A Registration Authority (RA), responsible for verifying users' identities and approving or denying
requests for digital certificates.
• A certificate repository database, to store the digital certificates.
up
• A certificate management system, to provide software tools to perform the day-to-day functions of the
PKI.
D
Storage Encryption
Storage Encryption Many technologies can be used to encrypt stored data. The data can be encrypted at several different
ot
levels including full disk encryption, volume and virtual disk encryption, and file/folder encryption.
In storage encryption, the data is encrypted when it is stored and automatically decrypted when the
data is accessed. Only users with the appropriate credentials should be able to access the data, so it
N
will remain encrypted until an authorized user accesses the data and it is decrypted.
Storage encryption does not encrypt the data while it is being transferred from the storage medium
o
to the user. If it is traversing a network, be sure that the data path uses encrypted transmission
methods to keep the data secure during transmission.
D
Storage encryption can be employed on servers and on end-user devices. With the portability of
devices today, it is important that local storage is encrypted. If the data is on a smart phone, tablet,
or laptop, and the device is lost or stolen, it will be more difficult for someone besides the
authorized user to access the data if it is encrypted.
Note: For an in-depth description of the various storage encryption technologies, consider
visiting http://csrc.nist.gov/publications/nistpubs/800-111/SP800-111.pdf.

BitLocker
Windows BitLocker® is a security feature starting with Windows 7 and Windows Server® 2008.
This security feature provides full volume-encryption protection for your operating system, as well
as all the data stored on the operating system volume. BitLocker encrypts all data stored on the
operating system volume and is configured by default to use a Trusted Platform Module. This
feature ensures the protection of early startup components and locks any BitLocker-secured
volumes in order to prevent access or tampering when the operating system is not running.
e
Tape Encryption
ut
You have seen methods that can be used to encrypt files and folders and whole volumes. Another Tape Encryption
storage medium that should be encrypted is tape backups. These are still popular in many
organizations. Due to their portability, it is important that the data on the tapes is secured.
ib
Tape backup encryption can be performed using host-based, in-band appliances, or media-based
encryption solutions.
tr
Encryption solution Description
is
Host-based This is most often employed when the backup is of a single or a
small set of systems. It can be implemented through backup
D
applications, agents on the host, or through cards that perform the
encryption.
In-band appliance
or
This is most often used in larger data centers with the appliance
located between the storage device and the hosts being backed up.
The data is not encrypted while it is being transmitted to the backup
device.
e
Media-based The tape drive encrypts the data as it is written to tape.
at
lic
job aids on How to Encrypt Data.

up
D
ot
N
o
D

ACTIVITY 8-5
Encrypting Data on Storage Devices
Before You Begin
e
If your drives are all dynamically allocated, create a new drive and format it as a volume on your
ut
Windows Server. BitBlocker cannot be enabled on dynamic volumes.
Scenario
ib
Consider asking As part of the security improvements, your manager would like you to implement data encryption
students what some on drives. You want to test out how encryption works and what implications it might have on the
drawbacks to data data and access to the data.
tr
storage encryption might
be. This might include
hiding the data so well
is
1. Encrypt a folder.
you can't access it,
having a fried TPM chip, a) In File Explorer, create a folder named Encrypt on the C: drive.
D
or lost certificates. b) Right-click the Encrypt folder and select Properties.
c) On the General tab, select Advanced.
d) Check Encrypt contents to secure data.
e)
f)
Select OK twice.
or
In the Confirm Attribute Change dialog box, verify that Apply changes to this folder, subfolders, and
files is selected, and then select OK.
g) Select Back up your file encryption key.
e
h) Select Back up later.
at
i) Examine the Encrypt folder. The Encrypt folder name is now green to indicate that it and its contents
are encrypted.
lic
2. Enable BitLocker on Windows Server 2012 R2 server.

a) In Server Manager from the Dashboard, select Add roles and features.
b) Select Next until you are at the Select features page of the wizard.
up
c) Check BitLocker Drive Encryption.

d) Select Add Features and then select Next.
e) Select Restart the destination server automatically if required then select Yes.
f) Select Install.
D
g) When the server reboots, log in and then in the wizard, select Close.
3. Turn on BitLocker for a volume.

ot
a) In File Explorer, right-click a volume on which you will enable BitLocker.

b) Select Turn on BitLocker.
N
c) Check Use a password to unlock the drive and then enter and confirm P@ssw0rd! as the password.
d) Select Next.
e) Select Save to a file to save your recovery key.
o
f) In the Save BitLocker recovery key as change the directory to \Users\Administrator\Documents, then
select Save to accept the default file name.
D
Note: In a production environment you would not save the password to the
local machine.
g) In the BitLocker Drive Encryption dialog box, select Yes.
h) Select Next.
i) With Encrypt used disk space only selected, select Next.
j) Select Start Encrypting.

k) When encryption is complete, select Close.
4. Right-click the encrypted volume and select Manage BitLocker.

Information about the drives that have been encrypted is displayed. You can manage the recovery key,
password, and other BitLocker features from this window.
5. Close all open windows. If time permits, consider

downloading and
demonstrating
Storage Media Disposal Methods cipher.exe to create a
e
user defined PKI. Also
ut
When it is time to dispose of a system, a drive, or removable media, you need to make sure that no consider demonstrating
one can access or recover any of the stored data. Hard drive sanitation is the method used to generating and using
SSH keypair with open
repeatedly delete and overwrite any traces or bits of sensitive data on a hard drive. There are a few
ssh.
ib
different ways you can sanitize a hard drive to ensure the security of the data stored on the drive:
Storage Media Disposal
• Degaussing magnetizes the disk in order to scramble the data. To effectively sanitize the drive, Methods
tr
this process needs to be done multiple times.
• Overwriting, or data wiping, is a process used to repeatedly write over existing data on a hard
is
drive until the original data cannot be recovered. This is the most common method of sanitizing
hard drives. In the simplest version of performing a hard wipe, the entire drive is written with all
zeros. It is often referred to as zero out all sectors. More advanced versions of hard wipe involve
D
filling the drive with random information, performed multiple times, until none of the original
data is recoverable.
• Physically destroying the drive by damaging the platters inside the hard drive. This can be done
or
by burning, breaking, or pulverizing them. You can also hire a third-party to shred the drives.
If you just delete the files, often referred to as a soft wipe, the files can be easily recovered. File
deletion only removes the pointer to the data and does not remove the data.
e
With the increased use of portable devices, and the potential for the theft or loss of those devices,
at
the need to be able to wipe out the data remotely has become very important. There are a variety of
applications that can be used to perform a remote wipe of the storage device. Some of these have to
be installed prior to the loss of the device. Others can remotely wipe the device if you have the
lic
name, IP address, or some other unique information about the device.

up
job aids on Guidelines to Prepare Storage Media for Disposal.
D
ot
N
o
D

ACTIVITY 8-6
Disposing of Storage Media
Scenario
e
For your test lab, you were provided with a variety of older equipment that had been
ut
decommissioned by other departments within Develetech. Some of the equipment is too outdated
for your use, so you need to prepare it for disposal. A computer disposal company Develetech has
contracted with will be coming to pick up the devices next week, so you need to make sure that all
ib
of the storage media has been properly sanitized before then.
You also have several applications that were developed in-house that you tested. Final versions of
the applications have been released and your manager wants to make sure that these preliminary
tr
versions are not deployed by mistake. These were provided to you on various storage media
including DVD, USB drives, and portable hard drives. The USB drives and portable hard drives
is
could come in handy for other purposes, so you want to make sure that the data is removed, but the
devices are still functional.
D
In addition, your manager has asked you to research applications that can be deployed to users with
portable devices so that in the case of loss or theft, the devices can be remotely wiped. There are a
variety of smart phones, laptops, and tablets, running a variety of operating systems.
or
1. What steps will you take to make sure that the storage devices in the equipment being sent for disposal
will be properly sanitized?
e
A: Answers will vary, but should include zeroing out the drive with disk wiping software, possibly
at
physically destroying the platters inside the hard drive, and verifying that the data is unreadable
and unrecoverable.
lic
2. What steps will you take to make sure that the software you were given cannot be accessed?
A: Answers will vary, but might include physically destroying DVDs. For any device that you might
potentially reuse, you can use disk wiping software to destroy the data and preserve use of the
up
drive.
3. Search for remote wipe applications that might be deployed to users with portable devices. If possible,
find applications that can be used on multiple operating systems so that you have fewer applications to
D
support.
ot
N
o
D

TOPIC F
Apply Server Hardening Techniques
You installed and configured a firewall and implemented other security control measures. That's a
good start, but protecting your server will involve additional tasks. In this topic, you will implement
server hardening techniques.
e
Because servers and networks have so many different points of vulnerability, protecting them
ut
requires multiple layers of security. Understanding the techniques used to harden a server is crucial
to increasing the level of security on your network.
ib
Operating System Hardening
tr
Operating system hardening is the process of making the operating system more secure. This Operating System
typically involves installing all updates and patches, disabling any unused physical or logical ports, Hardening
is
and performing any steps to tighten the security of the operating system. Stop any services that are Consider demonstrating
not required on the server and close any unneeded ports. Install only the software that is needed on the Microsoft Best
each system. Practices Analyzer. In
D
Server Manager, select
Local Server. To start
Application Hardening Best Practices Analyzer,
or
As with operating systems, applying the latest patches and updates is an important step in
application hardening. Vulnerabilities in applications are often exploited by attackers as ways to
disrupt business or to gain access to your network. Any applications you are not using should be
from the Tasks menu,
select Start BPA Screen.
Application Hardening
e
removed from the system. Only users with the appropriate authentication to the computer and the
network should be allowed access to specific applications. Using firewalls and content filters will
at
also help keep unauthorized users from accessing applications. Creating a whitelist to identify
applications that are allowed on your network and a blacklist to identify applications that are not
lic
allowed on your network is also a good strategy to assist with application hardening.
Note: In Windows Server 2008 and 2012, you can use AppLocker to create a whitelist.
up
Applications developed in-house need to be thoroughly reviewed and tested for any security Try to get a discussion
vulnerabilities. Access should be tested from within the organization and outside the organization. started about any recent
Again, only those authorized and authenticated users who need access to the application should be application attacks that
D
able to reach the application. have been in the news

or that students or you
Any web applications that are externally faced need to be hardened against outsiders gaining access have experienced.
ot
to your network, your applications, and your databases. The web applications should be
programmed to block hostile inputs. You need to guard against:
• server-side scripting attacks created using script blocks.
N
• parameter exploits in which the attacker using missing, long, or null parameters.
• hostile SQL commands created using parameters containing quotes and semicolons.
o
Endpoint Security
D
Endpoint security protects a network by requiring devices that want to connect to the network to Endpoint Security
meet specific requirements before being granted network access. This might include checking that
the device operating system is no lower than a specific version, that updates and patches have been
applied, that security software is running and up-to-date. The endpoints that are being protected
might include desktop and mobile computers, smart phones, tablets, other servers, point-of-sale
terminals, or any device connecting to the network.
Lesson 8: Securing the Server | Topic F

Endpoint security protection might be implemented using features within the server operating
system that can detect and test for the specified client requirements. It can also be implemented
using security software suites that are similar to anti-virus software, but on a much larger scale that
checks for additional vulnerabilities. In addition to dealing with malware and spyware, it typically
includes ingoing and outgoing firewall, intrusion protection and detection systems, user
management, application control, and control of data input and output.
Note: Endpoint security is also referred to as network access protection.
e
ut
Vulnerability Scanning
Vulnerability Scanning Vulnerability scanning, also known as vulnerability analysis, identifies possible security risks in
ib
networked computers, servers, and the network itself. Vulnerability scanning software assists you in
detected security flaws and provides suggestions on how to patch or resolve the threat. You can use
tr
features built into your server operating system to perform vulnerability scans, but it is more
productive and you are more likely to get better coverage using vulnerability scanning software.
is
As a server administrator, you will use vulnerability scanners to detect and plug any security holes
that are found. On the other side of the table, attackers also use vulnerability scanners to detect and
then exploit the security holes that are found. You need to keep one step, or many steps, ahead of
D
the attackers by constantly monitoring your server and network for security threats.
Hardware Hardening
Hardware Hardening
or
You use various network devices to protect your server, your clients, and your network, but
sometimes you also need to harden those devices you are using to protect your assets. For example,
e
you might need to harden routers, switches, firewalls, as well as server devices. Hardening the
hardware is often a matter of updating the firmware. Also, if there are physical ports on the devices
at
that are not being used, those ports should be disabled, giving a smaller attack surface to would-be
attackers.
lic
Guidelines for Server Hardening

up
Guidelines for Server Server hardening involves securing several areas, including the operating system, applications,
Hardening endpoints, and hardware. You will need to routinely check for vulnerabilities.
• When installing a new server, isolate it from network threats until the system has been hardened.
D
• Set a BIOS/UEFI password.

• After installation, configure the BIOS/UEFI so that it cannot boot from removable media.
• Install service packs, hotfixes, and any updates.
ot
• Enable auditing and logging.

• As part of auditing, document policies and procedures.
• In reviewing your audit, do a reality check to determine whether the server, and the policies and
N
procedures you documented, meet organizational goals.

• Disable anonymous access methods and guest accounts.
o
• Disable or uninstall services that are not used.

• Delete any user accounts that are not used.
D
• Run Windows Server using Server Core to reduce the attack surface.
• Servers should only be accessible from specific IP addresses.
• Administrators should have two separate workstations. One is only used to connect to the
server; the other is used to do everything else.
• Configure user rights and ACL to network resources as tightly as possible without burdening the
user.

• Install and configure anti-virus and anti-spyware software, and be sure it is set to update
whenever new definitions and software are available.
• If you are using a Windows Server, run the Security Configuration Wizard to help you harden the
server.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 8-7
Hardening the Server
Scenario
e
You read about the Windows Server Security Configuration Wizard and think it would help you
ut
make sure that the Windows Server in your test lab environment is as secure as possible. You will
run the wizard and take the recommended actions.
ib
1. Download and install SuperScan.
a) Open a browser on your Windows Server 2012 R2 server and access mcafee.com/us/downloads/
tr
free-tools/superscan.aspx.
b) SelectDownload this tool now.
is
c) Download and extract Superscan.
2. Use SuperScan to scan the default ports on your server.
D
a) Double-click SuperScan4.1 and select Run.
b) In the SuperScan 4.1 window, on the Scan tab, in the IPs section, in the Hostname/IP box, type
Server##
or
c) Select the Host and Service Discovery tab.
d) Verify that the UDP port scan and TCP port scan check boxes are checked, and that a default list of
ports appears in each scan area. The default ports are loaded from a configuration file.
e
e) Select the Scan tab, and select the Start button to start the scan.
at
3. Examine the scan results.

a) When the scan is complete, select View HTML Results.
lic
b) The report opens in the browser window. Scroll down to view a list of open ports. The right column
shows how the server responds to a scan of each port.
c) Close all open dialog boxes and windows.
up
Point out that typically in 4. Start the Security Configuration Wizard on your Windows Server 2012 R2 server.
an enterprise a) In Server Manager, select Tools→Security Configuration Wizard.
organization, these b) On the Welcome to the Security Configuration Wizard page, select Next.
things would be done by
D
c) With Create a new security policy selected, select Next.

an admin using Group
Policy. This is often d) Verify that your server is listed, then select Next.
deployed on a DMZ e) When processing is completed, select Next.
ot
server. Sometimes it is f) On the Role-Based Service Configuration page, read the warning, then select Next.
run just to get a list of g) On the Select Server Roles page, review the selections, then select Next.
what needs to be done. h) On the Select Client Features page, review the selections, then select Next.
N
i) On the Select Administration and Other Options page, review the selections, then select Next.
j) On the Select Additional Services page, review the selections, then select Next.
o
k) With Do not change the startup mode of the service selected, select Next.
l) On the Confirm Service Changes, review the list of service configurations, then select Next.
D
5. Complete the Network Security section of the Security Configuration Wizard.

a) On the Network Security page, select Next.
b) On the Network Security Rules page, review the list of rules, then select Next.
6. Complete the Registry Settings section of the Security Configuration Wizard.

a) On the Registry Settings page, review the warning, then select Next.

b) On the Require SMB Security Signatures page, verify that both options are checked, then select
Next.
c) On the Require LDAP Signing page, leave the checkbox unchecked and select Next.
d) On the Outbound Authentication Methods page, verify that Domain Accounts is checked, then select
Next.
e) On the Outbound Authentication using Domain Accounts page, verify that Windows NT 4.0 Service
Pack 6 or later operating systems is checked, then select Next.
f) Review the Registry Settings Summary and then select Next.
e
7. Complete the Audit Policy section of the Security Configuration Wizard.
a) On the Audit Policy page, review the warning, then select Next.
ut
b) On the System Audit Policy page, with Audit successful activities selected, select Next.
c) Review the Audit Policy Summary and then select Next.
ib
8. Save the security policy.
a) On the Save Security Policy page, select Next.
tr
b) In the Security policy file name text box, to the path, append, Server##_Policy and then select Next.
is
9. Apply the security policy. While the wizard applies
a) On the Apply Security Policy page, select Apply now and then select Next. the security policy,
It will take some time while the security policy you configured is applied to the server. engage students in
D
b) When application is complete, select Next. conversation about
current exploits in the
c) Select Finish.
news.
10. Repeat step 2 to compare how the hardening affected the server.
or
e
at
lic
up
D
ot
N
o
D

TOPIC G
Implement Physical Security
Part of securing a server is to ensure that it is physically secure from threats and disasters, which
includes access to the building and certain areas. The three principals of the CIA triad also apply to
physical security. An understanding of procedures and hardware that increase the physical security
e
of your server and network will help reduce the potential for security issues. In this topic, you will
ut
identify some of the physical security measures you can take to secure your server.
Multifactor Authentication
ib
Multifactor Multifactor authentication is any authentication scheme that requires validation of at least two of the
tr
Authentication possible authentication factors. It can be any combination of who you are, what you have, and what
Point out that the you know.
authentication factors
is
must be from at least Authentication Factor Example
two different categories.
D
A "non-example" would Who you are Finger print, retina, DNA
be username and
password; this is single
Something you have Token, smart card
factor. What you know
or PIN, password
e
at
lic
up
D
ot
Figure 8-12: Multi-factor authentication requires validation of at least two of the authentication
N
factors.
Among the items that you might have are physical tokens. A physical token, also known as a
o
hardware token or cryptographic token, can be required in order to access a computer. This token
might take the form of a smart card and a reader or a USB token. Both of these tokens contain a
D
micro-controller and operating system, a security application, and a secured storage area. The device
stores a cryptographic key, which might be a digital signature or biometric data. Using a physical
token along with a user name and password helps provide strong authentication.
Lesson 8: Securing the Server | Topic G

Physical Security Devices

The data on the network needs to be secured through network access controls. The facility housing Physical Security
the network also needs access control. Physical access security protects the data, the employees, Devices
power sources, utility lines, the equipment, and the building. This control can come in the form of
security guards, ID badges, security cameras (CCTV), lighting, locks, fences, and other physical
barriers. Failure of any of these barriers can result in a breach that compromises the organization’s
information.
Because the server contains important information, such as network configuration, security settings,
e
database access information, and user account information, it is essential to secure the server and its
ut
components from attackers. Though firewalls may offer protection, they are ineffective against
physical theft of the server hardware. Attackers may steal hardware such as hard disks to access the
data stored on them. Therefore, securing the server hardware through physical means is an
ib
important as securing the information it contains through a firewall.
The level and number of physical access controls should be in direct proportion to the importance
tr
of the information and assets you are trying to protect. For example, a government organization
with top-secret information is going to need much stricter security controls than will the local
baseball team league headquarters.
is
Note: In addition the these external devices, be sure to disable unused ports on switches.
D
Physical port security is just as important as implementing other security measures.
Mantraps
or
A mantrap is a two sets of interlocking doors inside a small space, where the first set of doors must
close before the second set opens. If the mantrap is manual, a guard locks and unlocks each door in
Mantraps
e
sequence. In this case, an intercom or video camera is typically used to allow the guard to control
the trap from a remote location. If the mantrap is automatic, identification or a key or some kind
at
may be required for each door, and sometimes different measures may be required for each door.
Metal detectors are often built in, in order to prevent entrance of people carrying weapons. Such use
lic
is particularly frequent in banks and jewelry shops.

up
D
ot
N
Figure 8-13: Mantrap.

o
RFID Chip
D
A Radio Frequency Identification chip, or RFID chip, is a chip placed in a small electronic device RFID Chip
along with an antenna. This is referred to as an RFID tag. An RFID tag can be incorporated into Ask students where they
each component of the server for the purpose of identifying and tracking it. RFID tags emit radio might have encountered
waves that can be read from several meters away. RFID chips in everyday
life.
This technology can be used for inventory purposes and for identifying lost or stolen equipment.
RFID tags can also be incorporated into ID cards Having the RFID chip in an ID card can help

locate employees in the event of a disaster; the cards can be scanned and compared to a list to verify
that all employees are accounted for.
In some organizations, administrators can't get a logon screen if they are not wearing their RFID-
enabled ID card. Another use of RFID ID cards is that if a user gets more than a certain number of
feet away from their workstation, the computer automatically locks.
ID Cards
e
ID Cards ID cards serve multiple purposes in keeping your organization secure. They might be used with a
Point out that it is not proximity reader to allow a person to gain access to the building or to the server room. ID cards
ut
rude, and that it is should be worn and visible at all times so that it is easy for anyone to identify people who should be
expected, to ask anyone in the building or a the server room, and those who should not be.
who is not displaying an
ib
ID card to return to the
Smart IDs containing a magnetic strip or an RFID chip can be used in multifactor authentication as
front desk and obtain the the thing the user has and used with another authentication factor such as a password. The ID can
appropriate ID card. then be programmed to allow the user access to specific areas within the building such as the server
tr
room.
is
Biometrics
D
Biometric Locks A biometric lock is a lock that is activated by biometric features, such as fingerprint, voice, retina, or
signature. Biometric locks make it more difficult for someone to counterfeit the key used to open
the lock. An example of a biometric lock is an optical or thermal scanner that reads and stores the
or
fingerprints of authorized users. The user then places their hand on the scanner to gain access to a
door.
e
at
lic
up
Figure 8-14: Biometric authentication using a fingerprint scanner.

D
Keypads and Cipher Locks

ot
Keypads and Cipher Cipher locks require that a user press buttons in the correct sequence in order to open a door. The
Locks buttons may be mechanical and built into the door handle, or they may be in the form of a keypad.
A cipher lock may have four or five pushbuttons, depending on the manufacturer, and the code may
N
be one to five digits. It can be changed at any time. Some organizations use keyed locks to maintain
physical security, and use cipher locks to control access, limiting unannounced intrusions or
unescorted entry to particular areas of a building.
o
D

e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
Figure 8-15: Cipher lock.

N
Access List
o
Having an access list is central to many security concepts. The access list specifies who is allowed to Access List
access resources on the server and on the network. Access lists are also used to limit access to
D
rooms and buildings.

• A unique PIN might be required for each person using a cipher lock.
• A security guard might have a list of people allowed to access a building or room.

Security Guard
Security Guard Security guards protect the property, people, and assets of an organization. They can be employed
by the organization or through an agency. They act to protect property by maintaining a high-
visibility presence to deter illegal and inappropriate actions. They watch for signs of crime, fire, or
disorder and then take action and report any incidents to the client and emergency services as
appropriate.
e
ut
ib
tr
Figure 8-16: Security guard.
is
Security Camera
D
Security Cameras Video monitoring allows you to increase the visual awareness of your organization. On your video
monitoring system, you can use traditional closed circuit analog cameras with a CCTV network. You
or
can also use IP cameras which are digital video cameras that connect to an IP network. IP cameras
can be accessed across the network or the Internet. Some IP cameras also include local storage in
case the network connection is lost. When the camera is connected to the network again, the data
stored locally is downloaded to the video monitoring network. Video monitoring can take two
e
forms:
at
• A video intercom that has a camera and a monitor so that users can see who is requesting access.
This adds an added level of security when you are visually able to identify the person requesting
lic
entry.
up
D
ot
N
Figure 8-17: Video intercom.

• Video surveillance cameras don't restrict access by themselves but they do provide security. They
allow you to monitor and document who has gained access to the building or sensitive areas.
o
They can also act as a deterrent to those who want to violate your security.
D

Figure 8-18: Video surveillance camera.
e
Your first thought with a camera card might involve connecting your digital camera to download
ut
your family photos. However, such cards can also be used in a server environment. Camera cards
enable you to capture incoming video or to output video. For example, you might use a camera
capture card in your server to support centrally managed security-camera monitoring. Outgoing
ib
video applications could include producing video output for digital signs, closed-circuit TV systems,
or entertainment-video distribution.
tr
Keys and Locks
is
Locks and keys might seem old fashioned, but they are still in use today, helping keep servers and Keys and Locks
systems secure. Servers might have a lock and key that prevents anyone from physically accessing Ask students if their
D
the keyboard unless the lock is opened with a key. Rack mount enclosures often have lock and key organization uses locks
security, locking the front panel door to the enclosure. Wall mounted server cabinets are another and keys or if they have
popular option for securing servers. Physically locked in enclosures are sometimes used to prevent replaced these with
key loggers from being put on systems.
or
Another item you might find in a data center is a safe. The safe might be used to store on-site tape
backups, software disks and license keys. The safe might be secured with a cipher lock or a lock and
key.
other physical access
methods.
e
at
Guidelines for Implementing Physical Security

lic
There are various methods of implementing physical security. Some of the guidelines you should Guidelines for
consider include: Implementing Physical
Security
• Locking the server room to prevent unauthorized access.
up
• Maintaining a list of anyone who has physical keys to any locked devices or rooms.
• Using a door with a lock for each rack of a rack mounted server.
• Installing CCTVs inside the server room to help monitor activities in the room.
• Setting up mantraps that can physically trap any person trying to access the server room using
D
unauthorized access keys or passwords.

• Deploying adequate security personnel for securing the server room.
ot
• Audit periodically to make sure passwords are not posted.

• Create a policy stating that doors must be closed and locked when appropriate.
• Remind everyone that any system connected to the network can access the server, so has to be
N
kept secure.
o
D

ACTIVITY 8-8
Identifying Physical Security Measures
Scenario
e
Your manager has invited you to join the security team as they prepare to update the physical
ut
security measures deployed at Develetech. As you begin preparing to participate in the meeting, you
jot down some of the observations you have made during your time at the organization, and some
areas you think might warrant discussion. These include:
ib
• While some secure areas use cipher locks, you have noticed that some areas still use lock and key
for access.
tr
• You know that Develetech uses video monitoring outside of the building and outside of secure
areas so that access can be monitored, but you haven't seen any evidence of there being video
surveillance inside the server room or any other secure areas.
is
• Not everyone seems to wear their ID badge where it is visible when they are walking around the
building. You know most of the employees in your department, but have wondered if some of
D
the other people you have seen should be allowed where you have seen them.
• You wonder whether it would be prudent to add RFID tags to equipment deployed at the
company.
or
1. Why do you think Develetech should consider replacing lock and key access with cipher or biometric
locks? How much do you think it would cost? Would the cost outweigh the possible loss of data or
e
equipment?
at
A: Answers will vary, but might include that keys can be lost or shared more easily than more secure
access methods. Search the Internet to find the cost for various cipher and biometric locks. The
loss of data is almost always more expensive than the steps and devices you can take to secure
lic
it.
2. If , during the meeting, you suggest adding video cameras inside secure areas including the server
room, you think some people might shoot this idea down. What are the pros and cons of adding
up
surveillance cameras inside secure areas?

A: Answers will vary. Pros are that if someone gets past all other security measures taken to prevent
them from accessing a secure area, you might be able to identify the person from the video. Also,
D
if something happened to a server that at first appears to have been done by someone sitting at
the server, the video might prove that the attack came from elsewhere. Cons are typically that it
costs money and people feel their privacy is threatened.
ot
3. How might you improve the use of ID badges and possibly the ID badges themselves?
A: Answers will vary, but might include adding an HR written policy that employees must sign when
N
they receive their ID badge that they will display it on their person any time they are in the
building. Improvements to ID badges might include making the picture larger, adding smart-card
functions, or including a fingerprint. Or answers might be procedural, such as requiring employees
to wear the badge visibly, obtain new cards when hairstyles or physical appearances change, and
o
so forth.
D
4. If the company was to implement the use of RFID tags on equipment, which devices do you think
should be tagged? What do you think the cost might be?
A: Answers will vary. At a minimum, the actual server, the drives, and networking devices such as
routers and switches should be tagged. Use a search engine to find out the current price for RFID
tags that can be affixed to the equipment. Whatever the price, compare the price with the cost of
lost data and equipment replacement costs.

TOPIC H
Create Virtual Networks
<INSERT TOPIC INTRODUCTION HERE>
e
Virtual Private Network
ut
A virtual private network (VPN) is a private communications network transmitted across a public, VPN
typically insecure, network connection. With a VPN, a company can extend a virtual LAN segment
to employees working from home by transmitting data securely across the Internet. A VPN,
ib
illustrated in Exhibit 9-11, is a means of providing secure communications across the extranet zone.
tr
is
D
or
e
at
lic
up
Figure 8-19: A typical VPN using Point of Presence (POP).

D
With a VPN, TCP/IP communications are encrypted and then packaged within another TCP/IP
packet stream. The VPN hardware or software can encrypt just the underlying data in a packet or
the entire packet itself before wrapping it in another IP packet for delivery. If a packet on the public
ot
network is intercepted along the way, the encrypted contents cannot be read by a hacker. Such
encryption of data or packets is typically implemented by using a protocol suite called Internet
Protocol Security (IPSec).
N
IPSec was initially developed for IPv6, but many current IPv4 devices support it as well. IPSec
enables two types of encryption. With transport encryption, the underlying data in a packet is
encrypted and placed within a new packet on the public network. With tunnel encryption, the entire
o
packet, including its header, is encrypted and then placed in the public network’s packet.
D
With IPSec in place, a VPN can virtually eliminate packet sniffing and identity spoofing. Only the
sending and receiving computers hold the keys to encrypt and decrypt the packets being sent across
the public network. Anyone sniffing the packets would have no idea of their content and might not
even be able to determine the source and destination of the request.
Lesson 8: Securing the Server | Topic H

Virtual LAN
VLAN A virtual LAN (VLAN) is a virtual network segment enabled by a Layer 2–compatible switch.
Nodes on the same physical segment can be made to interoperate as if they were on separate
segments, or various physical network segments can be made to appear as if they were on the same
segment. By formal definition, a VLAN is a distinct broadcast domain within a larger network.
Bridging between virtual segments can be restricted or permitted as needed. In this way, nodes can
co-exist on the same wire, yet be logically separated and protected from each other.
e
Furthermore, broadcasts are limited to a VLAN. A broadcast on one virtual segment is not
transmitted to other segments. This setup reduces overall traffic and enables subsets of nodes to
ut
communicate more efficiently
VLANs increase security by clustering users in smaller groups, thereby making the job of the hacker
ib
harder. Rather than just gaining access to the network, a hacker must now gain access to a specific
virtual LAN as well.
VLAN configurations are often used with VoIP (Voice over IP) telephony systems. Distinct
tr
VLANs are created for voice and data traffic. In this way, traffic on each VLAN is isolated and
protected from the other. For example, if someone launched a denial-of-service attack against one
is
of your servers, your VoIP phones will continue to operate.
D
job aids on How to Create a Virtual Network.
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 8-9
Creating a Virtual Network
Scenario
e
Your manager has asked you to set up a VLAN between the servers in your lab. Eventually
ut
Develetech will be setting up a VLAN on the corporate network, and your manager would like you
to try it out in the lab environment first.
ib
1. If necessary, shut down any running virtual servers.
a) In the Linux virtual server window, select Settings→Shut Down.
tr
b) In the Shut Down dialog box, select Shut Down.
c) In the Windows Server 2012 virtual server window, enter shutdown -s -t 0
is
2. Configure the virtual Windows Server to use a VLAN.
D
a) In the Hyper-V Manager window, select the Server 2012 VM, then select Settings.
b) Select Network Adapter.
c) From the Virtual switchlist, select Private##.
d)
e)
Under VLAN ID check Enable virtual LAN identification.
Select OK.
3. Configure the virtual Linux server to use a VLAN.

or
e
a) In the Hyper-V Manager window, select the Cent)S 7 Linux server, then select Settings.
at
b) Select Network Adapter.

c) Select the Private## switch.
d) Select OK.
lic
4. Start the servers and test the connection.

a) In the Hyper-V Manager window, for the Server 2012 and CentOS 7 Linux servers, change the
up
network adapter to the Internal switch.

b) In the Hyper-V Manager window, connect to and start the Server 2012 R2 server.
c) Connect to and start the CentOS 7 Linux server.
d) Log in to the Windows Server.
D
e) Log in to the Linux server.

f) On the Linux server, select System Settings, then select Network.
ot
g) On the Windows server, from a command prompt window enter ping followed by the IP address of
the Linux server intranet VLAN connection.
N
o
D

Summary
In this lesson, you gained a better understanding of how to prevent security breaches. Ensuring that
your server environment provides the appropriate level of security, without compromising server
performance is very important when maintaining a server.
use the social What physical security controls have been employed at organizations you have worked at?
e
networking tools A: Answers will vary, but may include door access controls such as keypad or proximity card reader,
provided on the video monitoring such as video cameras, emergency procedures in case of fire.
ut
LogicalCHOICE Home
screen to follow up with What type of firewalls have you worked with? Where in the network were they placed?
A: Answers will vary, but may include hardware, software, host-based, network-based, application-aware,
ib
course is completed for
further discussion and context-aware. Placed on the external network perimeter, internal network perimeters.
tr
continued learning.
is
LearnTO Plan for
Defense in Depth from available resources for a more continuous learning experience.
the LogicalCHOICE
D
Course screen or have Note: For additional information, check out the LearnTO Plan for Defense in Depth
students navigate out to presentation in the LearnTOs for this course on your LogicalCHOICE Course screen.
supplement to your
or
e
course on their
at
supplemental
lic
information and
up
D
ot
N
o
D
Lesson 8: Securing the Server |

9 Planning and Testing
Disaster Recovery
e
ut
3 hours, 30 minutes
ib
tr
is
Lesson Objectives
D
In this lesson you will plan and test disaster recovery.
• Implement environmental controls.
or
• Identify the various types of information that should be included in a server's
configuration documentation.
e
• Create a disaster recovery plan.
at
• Perform backup and restoration.

lic
Lesson Introduction
So far in the course, you have taken measures to set up, configure, and secure your server.
up
Unforeseen events damage network resources, including data. In the worst case, these
events will require you to perform disaster recovery. In this lesson, you will describe the
concepts and methodologies related to disaster recovery.
D
Planning and implementing disaster recovery techniques are critical knowledge areas that
you should be familiar with. Server data may be threatened despite all fault tolerance
measures you take. You should, therefore, identify both common and uncommon issues
ot
that might affect your network and then list the measures to take, resources to use, and
guidelines to follow among a host of other essential details before drawing up a robust
recovery plan.
N
o
D
TOPIC A
Implement Environmental Controls
Providing a safe environment in which to run your servers is crucial to keeping them up and
working properly. You will need to make sure that the power source is available, even if the main
power to the building is disrupted. You also need to make sure that the temperature and humidity
e
levels are appropriate for server equipment. In this topic, you will examine the environmental
ut
controls you need to implement and monitor for your server environment.
Environmental Controls
ib
Environmental Controls Having a fully functional, secure, configured server means nothing if the server fails due to
tr
improperly controlled environment. Environmental controls include making sure that you have
backup power in case of electrical failure and that the room is properly cooled and the appropriate
humidity levels are maintained.
is
You also need to ensure safety practices are followed. Make sure that fire suppression for the server
room is appropriate for the equipment housed there.
D
Uninterruptable Power Supply
UPS
or
An uninterruptible power supply (UPS), also referred to as a battery backup, is a device that
continues to provide power to connected circuits when the main source of power becomes
unavailable. Depending on the design, UPSs can be battery operated, AC powered, or both. They
e
are meant for temporary use and are intended to support computer systems until they can be
powered off normally. Power is likely to be interrupted when the batteries or other power sources
at
are discharged.
There are several UPS specifications and features you need to consider when selecting a UPS.
lic
Point out that the

runtime and capacity are UPS feature Description
related. Point out that if
up
files are open and Runtime Run time is how long the UPS provides power for a specific load
haven't been saved, the level. The higher the load, the less time the UPS can provide power.
automated shutdown The load level is measured in volt amps.
might fail due to open
D
dialog box waiting for Capacity Capacity is the maximum power available to run the equipment
user input. connected to the UPS. Capacity is usually measured as volt amps
(VA). Do not try to exceed the highest capacity a UPS is rated for.
ot
It likely will not enable you to power devices at all if you exceed the
rated capacity.
Automated device shutdown Automated device shutdown is a feature you should make sure that
N
your UPS has. This configurable feature enables you to specify at

what percent of battery depletion that a signal should be sent from
the UPS to the computer to initiate an operating system shutdown.
o
Performing a graceful shutdown will help protect the operating

system from being corrupted which could happen if the power is
D
just suddenly shut off.

Maximum load The maximum load is the maximum VA that the UPS components
can safely handle. This is not only the time that the batteries can
support the connected devices, but also the safety of the circutry
and wires inside the UPS. Never exceed the maximum load at which
a UPS is rated.
Lesson 9: Planning and Testing Disaster Recovery | Topic A

UPS feature Description

Bypass Bypass is the path power takes around a UPS. Automated bypass is
used to switch the power load from the UPS to the main power
source in the case of a UPS failure. Manual bypass is used when
maintenance of the UPS is needed; the technician manually changes
the UPS from being able to provide power to devices to devices
only receiving power from the main power source.
Remote management Remote management capabilities is a feature you should look for
e
when procuring a UPS. Using SNMP you can have messages sent
ut
via email or SMS, make an automatic phone call, or provide other
notification of power failure. Software can be installed that enables
you to manage and monitor the UPS device remotely from a PC,
ib
laptop, or smart phone. The UPS needs to be connected to a PC via
a USB cable or directly to the network to take advantage of this
feature.
tr
Bypass procedures are typically used when you need to perform maintenance on a UPS. The specific
is
procedures will vary based on your equipment, but in general, you will need to use the switch on the
UPS to enter bypass mode, then turn off the UPS. After you perform whatever maintenance is
D
needed, you will need to power on the UPS, and switch it out of bypass mode.
Periodic testing should be performed on the UPS to ensure that it will function when the power
does go out. You can use tools that are included with most UPS systems to view the capacity, load
the power plug to simulate a power failure.
Runtime vs. Capacity

or
levels supported, expected up-time, and other values. You can put the UPS into bypass mode or pull
e
Both runtime and capacity are used to figure out the size of the UPS needed to support your servers.
at
There needs to be a balance between the power needed to support the equipment connected to the
UPS and how long the UPS will need to support the equipment. Using the information on the
connected equipment, you can figure out how much capacity is needed. To allow for growth, add at
lic
least 15% to this value. Then, determine how long you will need to keep the connected equipment
running until it can be safely shut down or the power is restored.
One thing to consider is that batteries discharge faster when they are carrying larger loads.
up
Therefore, if you have twice the load, the UPS will last for considerably less than half the time. One
UPS that was tested with a 100 volt amp load the UPS lasted for 49 minutes, but when 200 volt
amps were used, the UPS only lasted for 22 minutes, and when the load was increased to 400 volt
D
amps, it lasted only about 9 minutes.
Power Distribution Unit

ot
Power Distribution Units (PDU) distribute power to data center devices. These are of particular PDU
importance for rack mounted systems. Each PDU is equipped with several outputs to distribute the
N
power to the devices.

PDUs vary in size and complexity. They might be simple power strips that are attached to the rack.
o
More likely, they will be another rack-mounted unit to which other rack devices are connected to
receive power. Still other PDUs are separate devices that stand separate from the rack systems. The
D
larger and more complex PDUs might contain additional functionality such as monitoring power
quality and filtering, and load balancing. Many PDUs can be remotely monitored and controlled
over the network through SNMP protocols.

Redundant Circuits
Redundant Circuits Redundant circuits are two separate power supply lines from the electricity supplier. This is
sometimes referred to as A+B power. An automatic transfer switch (ATS) is connected to each power
supply line. The ATSs continuously monitor power from the utility provider and if service
interruption is detected, the ATS automatically switches to backup power provided by generators,
UPSs and PDUs.
Redundant Power Supplies
e
By some estimates, power-related equipment costs 2% of the price of a computer, yet nearly 30% of
ut
computer problems are power related. If such figures are even close to accurate, they argue strongly
for spending more on high-quality power-related devices, such as power supplies, UPSs, and proper
wiring. One way to improve redundancy, and thus lessen problems, is to use redundant power
ib
supplies.
Redundant power supplies are simply multiple power supplies in a single case. Each power supply is
tr
capable of providing all of the power that the computer requires. Special circuitry monitors the
power output and switches to the backup power supply if the primary one fails.
is
To take full advantage of such a configuration, you would want to plug each power supply into its
own UPS, and plug each UPS into its own electrical circuit. Ultimately, each circuit would be backed
up by its own generator. In such a configuration, failure due to a power outage would be nearly
D
unimaginable.
Capacity Planning
Capacity Planning
or
In order to accurately determine what size UPS or PDU you need for your servers, you will need to
do capacity planning. In capacity planning, you will determine the total potential power draw of all
e
the equipment you will be connecting to the UPS or PDU, then comparing that value to the ratings
listed on the PDU or UPS equipment. Using multiple circuits to spread the load out will help the
at
UPS or PDU provide power for a longer period of time. To further protect your servers, you should
connect redundant power supplies to separate PDUs.
lic
Another number you need to consider is the power factor, or PF. This is the ratio between real
power and apparent power. Most servers have a PF of between 0.95 and 0.99.
When calculating the capacity you will need, take into consideration any growth you might
up
experience during the lifecycle of the UPS or PDU. You might consider increasing the capacity by
20 percent so that your UPS or PDU will have the capacity to support additional or more powerful
equipment down the road.
D
Environmental Safety
ot
Environmental Safety Another aspect of implementing environmental control is the safety of the workers and the
Ask students about the equipment. Be sure that anyone who works on the equipment follows ESD procedures.
environmental safety
N
policies in their Safety Factor Description

organizations.
ESD protection Use the tools found in a typical ESD (electrostatic discharge) kit, such as
o
wrist straps and mats, to remain electrically connected to the devices you’re
servicing. You and the components you’re servicing do not need to be
D
connected to ground; in fact, that can be dangerous.

Safety Factor Description

Fire suppression In case of fire in a server room, use the right type of fire suppressants to
extinguish the fire and minimize damage to the organization's assets and
equipment. Typically, aerosol based fire suppressors are used in server
rooms. Aerosol is a colorless, liquefied compressed gas. It is dispensed as a
colorless electrically nonconductive vapor that does not obscure vision and
has acceptable level of toxicity for use. Its benefits include:
Proper lifting Lifting and moving computer equipment can be one of the more strenuous
e
techniques parts of your job. For example, when you need to work on a CPU, you may
ut
have to lift and relocate the machine to your work area. Always assess the
situation first to determine if you can lift or move items safely.
Rack stability Rack systems use vertical space to allow more components to be placed in
ib
the server room. As you install, remove, or access components in the rack
systems, stability needs to be taken into consideration. Racks should have
tr
adjustable feet to help level the rack. Racks can be physically connected to
each other to improve the stability and help prevent racks from tipping one
is
way or another. If you have heavy equipment in the rack, you might need
special stablizing kits from the rack manufacturer that include wider or
additional feet for the rack, or ballast to add to the rack.
D
Floor load limitations The floor load limitations will depend on the type of flooring in your server
room. If you have an equipment panel access system type of flooring, check
Sharp edges and

pinch points
or
the specifications to see how much weight can be placed in a given area.
As you are working with equipment, be aware of any sharp edges and pinch
points. The edge of the case can be quite sharp, and blood does not bode
well for the functionality of equipment on which you might bleed, and your
e
cut could become infected, causing you pain and possibly put you out of
at
work for a bit. In addition, be aware of areas where you or wires and cables
might be pinched when devices come together.
lic
HVAC Environment
One of the most important things to consider when implementing environmental controls, is the
up
HVAC Environment
HVAC environment. You need to make sure that room and rack temperature and humidity are These concepts have
monitored and any time they are too high or too low, that alert notifications are sent so that the been covered previously
appropriate measures can be taken to bring the temperature and humidity back within appropriate when discussing setting
D
ranges. up racks and servers,

but since they are part of
Proper air flow needs to be maintained within systems, within racks, and within the server room. implementing
Rack fillers, baffles and blanking panels should be used in rack systems to maintain proper air flow. environmental controls,
ot
In addition, the server room should be set up with hot aisle and cold aisle configuration. This will they are mentioned
help keep the HVAC systems from having to work harder than necessary to maintain the briefly here again.
temperature and humidity in the server room.
N
Guidelines for Implementing Environmental Controls

o
There are a few different areas to consider when implementing environmental controls. These Guidelines for
D
include: Implementing
Environmental Controls
• Implementing appropriate power environmental controls for the servers including:
• UPS
• PDU
• Redundant power
• Capacity planning

• Following safety best practices including:

• Following all ESD procedures.
• Ensuring appropriate fire suppression is implemented.
• Using proper lifting techniques.
• Ensuring rack stability.
• Following all recommendations for floor load limitations.
• Watching out for sharp edges and pinch points when working on equipment.
• Implementing and monitoring proper HVAC environmental controls include:
e
• Room and rack temperature and humidity levels.
ut
• Maintaining proper air flow.
• Using hot and cold aisles in the server room.
ib
tr
job aids on How to Calculate UPS and PDU Requirements.
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 9-1
Calculating UPS and PDU Requirements
Scenario
e
You will be procuring a UPS for your lab environment. You need to make sure that its capacity will
ut
allow you to keep the systems up for at least 15 minutes.
ib
1. Using an online calculator, calculate what size UPS you should purchase. Consider offering
a) Open a web browser to your preferred search site. suggestions on which
b) Search for an online tool that calculates UPS requirements. calculator to use. You
tr
might have students use
c)
Referring to the labels on your systems, calculate the kVA your system uses. different calculators and
is
d) Enter the kVA values into the online calculator to determine what size UPS you would need. compare the results.
e) Record your results. You might want to
supply values to
D
2. Recalculate the requirements for keeping systems up for 5 minutes, 30 minutes, or 60 minutes. students rather than
using the values from
3. Record and share your results. classroom equipment.
or Ask students if their

results were what they
expected or if they were
surprised by the results
e
and why.
at
lic
up
D
ot
N
o
D

TOPIC B
Manage Documentation for the Server and the
Network
You are familiar with the basics of installing and configuring a NOS on the server. The last step in
e
server configuration is to document all information related to the hardware and software
configuration for future use. In this topic, you'll identify the various types of information that should
ut
be included in a server's documentation.
Proper documentation can be a priceless asset for the troubleshooter. Searching for configuration
ib
related information at the time of servicing is a waste of time. Striking a balance between recording
information beforehand and rediscovering the information when you need it eases both the creation
and use of server documentation.
tr
is
Documentation
Server Documentation The documentation related to a server's configuration is specific to each organization or user.
D
Generally, a server supporting a large network requires more documentation. The documentation is
Consider the "hit by a
often stored in site books which need to be kept up to date with all of the changes made to the
bus" scenario in which
servers, from the time the bare metal machine was purchased to the latest changes that were made.
the person who made
the changes can no
longer provide
information about the
configuration, the reason
or
The documentation needs to include reasons why decisions were made to implement or configure
items in the way in which they were implemented or configured.
e
behind an
implementation or
at
change, and the need

for someone else to be
lic
able to take over as if

nothing had happened.
up
D
ot
N
o
Figure 9-1: An example of installation documentation for a server.

D
Documentation should include:

• Server name and location.
• Hardware and software upgrades such as server brand, model, hardware configuration
information, network operating system type, NOS version, and serial number information of all
the software.
Lesson 9: Planning and Testing Disaster Recovery | Topic B

• Installation and configuration procedures of the hardware and software such as the server's IP
addresses and subnet masks, gateways, DNS information, and protocols.
• Original hardware configuration of the server.
• Warranty information of the product and expiration dates for the warranty agreement.
• Asset management documentation consisting of service tags and serial numbers for each
component.
• Server role information such as the file, print, mail, application, or database.
• Manufacturer or technical-support phone numbers or service providers' phone numbers.
e
• Repair logs that contain all of the information pertaining to the servicing done on the server and
server-related devices.
ut
Gathering Server Information
ib
There are software packages available that will query your devices for much of the information you
need. You can also print the server configuration files as part of your information-gathering routine.
Once you have all of the information, consider creating a log book, in a three-ring binder, to hold
tr
the information you gathered. The contents should be arranged logically; maybe you could divide
the information into different server and network categories. Each server on a network should have
is
its own log book or on a USB stick, conveniently located near the server or the management station,
and updated as needed to provide an accurate description of the server.
D
Note:
Although it might be somewhat convenient to keep the server information on a computer,
Repair Logs
documented version of the information.
or
would you be able to access it if the network is down? The use of a log book would provide a
e
When performing a server shutdown, the server network operating system will ask you for the
at
reason. If you chose options such as for repairs, hardware maintenance, or hardware
reconfiguration, a new record is added to the Repair Log. This will help the network administrators
when they make a revision to the network topology and/or when making assessments to the whole
lic
network and server’s status.
Service Tags
up
A service tag is used for automatically discovering systems, software, and services and for sharing
information over a local network in a standard XML format. It does not contain any personal
information, but only a list of system and software information. Using service tags helps IT
departments know about what systems and software are installed by various team members at all
D
times.
ot
Document Types
Your documentation library should include all of the following items. Document Types
N
Ask students which of

Document Types Description these documents their
organization includes in
o
Service manuals Service manuals for every piece of equipment should be part of your their disaster recovery
documentation. Knowing where the service manual is for the equipment plan and where they are
D
can cut down on the time needed to get failed equipment up and running stored.
again as quickly as possible.

Document Types Description

Network diagrams A physical network diagram is a graphical representation of the locations
of all network devices and endpoints, and depicts their connections with
one another. A network diagram illustrates the physical relationship
between nodes, but not necessarily their exact location in a building or a
floor.
A logical network diagram documents the protocols and applications
that control the flow of network traffic. Logical network diagrams do not
e
attempt to depict the physical relationship of the nodes; rather, they
ut
show how the data should move, regardless of the physical
implementation.
Architecture diagrams An architecture diagram shows the locations of the devices identified in
ib
the physical network diagram. By separating the two diagrams, you can
provide more detail based on whether you need to know about the
tr
network devices and services or their physical locations.
Dataflow diagrams Dataflow diagrams show how data moves through a network, a server,
is
or another IT system. This might include types of information that
comprise the input and output from systems, the path the data needs to
D
take, and where data is stored.
Recovery Recovery documentation describes the steps to take after a system failure
documentation or catastrophic event.
or
Baseline documentation When you do a baseline analysis of systems, you should keep a record of
the performance levels found during the analysis. Use these to compare
future analyses of the system to see if performance levels have decreased,
e
or in the case of upgrades, if they have improved.
at
Change management Each individual system should have a separate document that describes
policies its initial state and all subsequent changes. This document includes
configuration information, a list of patches applied, backup records, and
lic
even details about suspected breaches. Printouts of hash results, last

modification dates of critical system files, and contents of log files may
up
System maintenance can be made much smoother with a comprehensive

change document. For instance, when a patch is available for an
operating system, it typically applies in only certain situations. Manually
investigating the applicability of a patch on every possible target system
D
can be very time consuming; however, if logs are available for reference,
the process is much faster and more accurate.
ot
Service Level An SLA is a document specifying how clients and support personnel are
Agreements (SLA) to interact, what they can expect from each other, and what timeframes
are acceptable for the resolution of problems.
N
Server configuration Server configuration documentation can be printed from server

configuration files or gathered using third-party utilities that query the
o
servers.
Contact information Contact information documentation includes vendor and internal
D
contact names and numbers. In the midst of a crisis, you don't want to
have to try to remember the name of your service rep at the vendor or
the rep's phone number. Likewise, any internal personnel who need to
be contacted in case of emergency should be listed with all pertinent
contact information including name, job title, internal phone number,
cell or home phone number, and any other contact information.

Secure Storage of Sensitive Documentation

Sensitive documentation should be stored in a securely locked cabinet or safe. If it is stored on disk, Secure Storage of
it should be accessible only to those individuals who absolutely need access to it. Information such Sensitive Documentation
as user names, IP addresses of network components, passwords, or any other information an
attacker could use need to be under some type of secure storage.
Note: Be sure to encrypt the backup media.
e
ut
Guidelines for Managing Server and Network Documentation
However you decide to organize it, your log book should contain not only configuration Guidelines for Managing
ib
information but also a complete record of problems encountered and their solutions. Server and Network
Documentation
• Consider including information describing any preventative maintenance performed on the
tr
server.
• Either with the server documentation or separately, you should also record pertinent network
is
information, such as cabling diagrams and topology maps, to aid you in determining if a reported
problem is due to the server itself or due to the network or segment it resides on.
D
• Store the hardware and software documentation nearby, so that you can access it easily when the
need arises.
• A separate copy of the log book should be stored and maintained off-site for disaster recovery
purposes.
or
• Problem-history information will be most helpful if it's included in the log book in the same
location as the device it's referring to. For example, including records of the problems and
resolutions encountered with a server immediately following the server's configuration
e
information makes it easier to review the history of problems you've faced with that server, and
you can also review its configuration by turning to only one section of your book.
at
lic
up
D
ot
N
o
D

ACTIVITY 9-2
Managing Documentation for the Server and
Network
e
Scenario
ut
You need to gather existing documentation and create any additional documentation for your lab
test environment. You have the service manuals that were provided with most of the equipment.
ib
Some service manuals are missing, so you will need to locate them online and document where they
can be found. In addition, you need to document your network and server configuration. You are
unsure of how you will gather the documentation, so you need to do some research.
tr
is
Allow up to 20 minutes 1. Research tools you can use to document your network and your server.
for this activity. a) Open a web browser, and using your preferred search site, search for free network documentation
tools.
D
b) After looking at two or three of the tools you located, document why you would recommend selecting
one of the tools.
c) Locate a server documentation tool and document why you would recommend using one of the
Encourage remote
students to participate in
d)
tools.
Share your results with the class.

or
e
the discussion. 2. Research ways to keep your documentation secure and accessible.
at
3. Search for the service manuals for your equipment. Determine whether it is available for free or if you
have to pay for it. Record your results and discuss your findings with the class.
lic
up
D
ot
N
o
D

TOPIC C
Create A Disaster Recovery Plan
The most important step in disaster recovery takes place well before any disaster occurs, when you
develop and document a solid recovery plan. In this topic, you will examine disaster recovery plans.
e
Servers are vulnerable to a multitude of threats—not only from hackers, but also from natural
disasters and plain old-fashioned decay. Insurance can replace hardware, but lost data is gone for
ut
good, and many companies can't survive that. Effectively implementing a disaster recovery plan
helps ensure that your organization recovers from any types of disaster.
ib
Disasters and Disaster Recovery
tr
A disaster is any loss of any system functions due to an unavoidable cause. Disasters can affect Disasters and Disaster
personnel, buildings, devices, communications, resources, and data. When a disaster strikes, Recovery
is
organizations employ a disaster recovery strategy for protecting people and resources and try to revive a
failed network or system as quickly as possible. Apart from ensuring the safety of all personnel, an
organization must assure the continuity of its business functions.
D
or
e
at
lic
up
D
ot
Figure 9-2: Disaster recovery protects people and resources and tries to revive a failed network
or system.
N
Note:
Disaster recovery is also referred to as fault recovery.
o
D
Business Impact Analysis

One of the most important processes in disaster recovery planning is to perform a business impact Business Impact
analysis (BIA). A BIA involves analyzing your business functions and determining what effect a Analysis
disruption to the business might have. In the BIA, consider the impact on finances, reputation, and
position within the industry. Also consider the potential of losing staff, data, or facilities.
Lesson 9: Planning and Testing Disaster Recovery | Topic C

To perform the BIA, you will need to gather data, interview those who would be impacted, and
perform the analysis of the data and interviews. Based on the analysis, you can begin to identify the
dependencies for critical business functions, and how long it would take to resume and recover
critical business functions.
Site Types
Site Types Backup site locations and replacement equipment can be classified as hot, warm, or cold, depending
e
on how much configuration would be necessary to bring the location or spare equipment online.
ut
Site Type Description
Hot site An alternate facility already equipped with resources and equipment ready for
ib
immediate disaster recovery. The hot site's size and physical location should be
adequate to handle the equipment and resources your company needs. Hot sites
are also referred to as alternate processing sites, backup sites, recovery sites, or
tr
recovery centers. Hot site would minimize the latency to restart an operation
during any disaster.
is
Warm site A cross between a cold site and a hot site; it's only partially equipped.
Cold site An alternate facility that doesn't have any resources or equipment except for
D
elevated floors and air conditioning. In order to reproduce your company's critical
business functions, all of the equipment and resources would have to be installed.
Basically, a cold site is simply a structure with potential. They can also be referred
or
to as alternative sites, backup sites, recovery sites, or shell-sites.
Distance Requirements for the Site Types

e
Replication/alternative backup arrangements should be far away from the primary site as necessary
at
to avoid being subject to the same set of risks as the primary location and should not rely on the
same infrastructure components used by the primary site. The replication standards does not specify
any specific distance requirements for implementing replication methods. Generally, hot sites are
lic
placed very close to the primary site to provide immediate access data incase of disaster, warm site
are placed few kilometers away from the primary site, and cold sites are placed thousands of miles
away from the primary site.
up
Replication Methods
Replication Methods Disaster recovery planning provides contingency procedures in the event of catastrophic events that
D
you cannot reasonably foresee or prevent. In contrast, fault-tolerance and availability planning is
intended to prevent the negative impact of mishaps that you can reasonably foresee, such as a
temporary power outage or the inevitable failure of a hard disk. Therefore, by implementing a few
ot
replication methods, you can enhance the availability of data in distributed systems and keep these
minor occurrences from turning into disasters for your organization.
N
Replication methods include:

• disk to disk
• server to server
o
• site to site
D
Disk-to-Disk Replication
Disk-to-Disk Replication Disk-to-disk replication is the process of replicating data across multiple storage disks to ensure
consistency among redundant resources. The disk-to-disk replication method functions as a
random-access storage. It allows the device to send and receive multiple concurrent streams of data,
or to recover individual files without the need to scan the entire backup volume. Therefore, this

replication method can enhance the availability of data in a distributed system. The disk-to-disk
replication is usually performed using the disk mirroring technique. The advantage of this type of
replication is its high-speed access to the replicated data.
e
ut
ib
tr
is
Figure 9-3: Disk-to-disk replication functions as a random-access storage.
D
Server-to-Server Replication
or
The server-to-server method is the process of replicating data across multiple servers. The changes
made on one server are replicated simultaneously on different servers. Continuously maintaining
updated copies of the data allows the read activity to be scaled across multiple servers. Sever-to-
server replication is implemented in scenarios that demand high throughput. It includes improving
Server-to-Server
Replication
e
data scalability and availability, data warehousing and reporting, integrating data from multiple sites,
integrating heterogeneous data, and batch processing.
at
lic
up
D
ot
N
Figure 9-4: The changes made on one server is replicated simultaneously on different servers.
o
Clustering
D
Server-to-server replication is achieved by implementing an appropriate clustering technique. Clustering

Clustering is the process of grouping two or more servers with a high-speed channel to share the
workload between them. If one fails, others take over the workload. Clustering is also used in
special-purpose computers, such as array processors, which provide concurrent processing on data
sets. It is primarily used for very large computational problems in the engineering and scientific
fields.

e
ut
ib
Figure 9-5: Clustering groups two or more servers with a high-speed channel to share workload
between them.
tr
Cluster Configurations
is
There are three general cluster configurations that support service failover. Nodes in all of these
clusters need to have access to at least one common storage device.
D
Cluster Configuration Description
Cluster Configuration:
Active/Active
Active/Active
or
e
at
lic
up
A cluster that has all nodes online, constantly providing services. This
cluster type has the greatest resource efficiency because all nodes serve
clients. If a node fails, the cluster resources fail over to one of the
D
remaining nodes. That node will lose some performance as it takes on

the resources and workload of the failed node. Latency in failover can
range from seconds to minutes, depending on cluster configuration and
ot
the services on each cluster.

N
o
D

Cluster Configuration Description

Active/Passive
Cluster Configuration:
Active/Passive
e
ut
ib
A cluster that includes at least two nodes, at least one of which is in
active mode and handles the full workload, while one node is in passive
tr
or standby mode to act as a backup server. The standby node does not
own any resources in the cluster. If an active server fails, the passive
is
node will not receive a heartbeat from the failed node and will take over
the resources from the failed active node. Performance during failover
is relatively unaffected as long as the passive server is equal to the failed
D
active server in performance. Latency in failover can range from
seconds to minutes, depending on cluster configuration and the services
on each cluster.
Fault-Tolerant or High-
availability
or Cluster Configuration:
e
Fault-Tolerant
at
lic
up
A general term for implementations that use clustering, RAID,

D
redundant hardware, and other technologies to achieve 99.999% of

uptime. In “shared everything” clusters, nodes share common hardware
resources such as processors, memory, and disks, and can execute
ot
commands simultaneously so that a node can take over immediately if

one fails. Failover times are in milliseconds, and there is often no
performance degradation at all.
N
High-availability clustering solutions are complicated to set up,

configure, and maintain, and can cost hundreds of thousands of dollars
to implement. However, they offer the highest level of failover
o
performance and are the best choice for organizations, such as banks,
brokerage firms, and airlines, that require “five nines” of uptime for
D
financial or other reasons. Even just a few minutes of downtime in

these organizations can be expensive.

Load Balancing
Load Balancing Load balancing is a method of spreading server tasks over multiple servers in a cluster so that no
particular server gets inundated with too many requests. By sharing the load between the servers, it
can reduce the likelihood of the server failing from being unable to process all of the requests it
receives. Load balancing can also redirect requests to another server if there is a server or device
failure. This allows load balancing to also help with fault tolerance and high availability of servers and
services.
Load Balancing distributes IP traffic in a round-robin fashion to each of the servers in the cluster,
e
distributing the connections evenly throughout the servers in the cluster. Clients see the cluster as a
ut
single server that responds to their requests. If traffic increases to the point that the servers are not
able to handle it efficiently, additional servers can be added to the cluster. Each server in the cluster
emits a heartbeat message to all of the other cluster servers and listens for heartbeat messages from
ib
the other servers. If one of the cluster server fails to send the heartbeat message, the other servers
adjust the workload to redistribute it to the remaining cluster servers, thus providing uninterrupted
client services.
tr
Site-to-Site Replication
is
Site-to-Site Replication Site-to-site replication is the process of replicating data across multiple sites. The disaster recovery
D
plan should include provisions for offsite locations that can be used as temporary offices. In the
event of a disaster, these sites will keep the business up and running.
or
e
at
lic
Figure 9-6: Site-to-site replication provide offsite locations that can be used as temporary
up
offices.
Continuity of Operations
D
Continuity of Operations Continuity of Operations is a plan for government agencies to maintain functionality of essential
Point out that COOP and services during and after an emergency including natural disasters and human-induced disasters,
ot
BCP are essentially the both on a small scale and those of wide-spread impact. A Continuity of Operations Plan (COOP) should
same with COOP ensure reliability, consistent service delivery, minimize chaos, and define how public relations are to
focusing on government be conducted.
N
agencies and BCP

focusing on the private A well designed COOP will enable the agency to continue to perform essential functions both
sector. during and after an emergency. The plan needs to have mechanisms in place to protect all of the
assets needed to support those essential functions including protection of the data, equipment, and
o
facilities. Disruptions to the agency's operations need to be reduced or mitigated as much as possible
D
so that timely and orderly operations continue. Plans for how to resume normal operations or how
to carry out as many of the essential agency functions as possible if normal operations cannot be
resumed are also needed. Other goals of the COOP include minimizing injury or death of personnel
and providing support to agency personnel and their families during the disaster.
A COOP includes these key elements.

Provide examples of
Element Description COOP (city or other
government agency) and
Essential functions The functions that enable the agency to provide vital services, exercise civil BCP (businesses in the
authority, maintain public safety, and sustain industrial and economic base. city).
The plan should specify how to continue the essential functions within 12
hours and how to sustain their functionality for up to 30 days.
Key personnel/ All employees need to have a clear understanding of what to do during an
Human capital emergency. Prior to the disaster, additional training should be provided to
e
increase flexibility to build skills so in case key personnel are unavailable,
other personnel can step into a role. Most importantly, the right people need
ut
to be in the right jobs in order for the agency to perform essential functions
effectively.
ib
Delegation of Document, by position, who is authorized to make policy determinations and
authority/Orders decisions, and what authority is being delegated, any limits to the delegation,
of succession and when the delegation will end. In the case where the personnel in
tr
leadership positions are unavailable or unable to perform their duties,
document who will perform the tasks carried out by the person in that
is
position.
Vital records Identify, protect, and make readily available electronic and hard copy
D
management documents, references, and records needed in support of the essential
functions. This includes any data management software and systems needed
for the electronic access of the vital records during the disaster.
Alternate facilities or
Location(s) other than the primary location where the essential functions can
be carried out. Determine whether it will be a hot, warm, or cold site. Include
provisions for mobile-office and telecommuting (home office).
e
Communications Provide alternate communications methods that are interoperable with other
at
agencies. Communications methods should be redundant, available within 12

hours of activation, and be able to be used for up to 30 days. The main goal is
to perform essential functions, communicate internally and externally and
lic
allow personnel to access data systems.

Tests, training, and Personnel must be trained to ensure that each person knows how to perform
exercises (TT&E) essential functions during the emergency. Testing allows the agency to
up
demonstrate that personnel knows how to correctly operate equipment,

perform procedures and processes, and use systems that support the essential
functions of the agency. Exercises measure the agency's COOP to ensure it
D
can support the essential functions for the duration of an emergency.

Devolution and Devolution is essentially worst case scenario planning. It is the ability to
reconstitution transfer statutory authority and responsibility for essential functions from the
ot
agency's primary operating personnel and facilities to other personnel and

facilities.
N
Reconstitution is the process of the agency personnel, either surviving or

replacements, resuming normal agency operations at the original facility or a
replacement primary operating facility.
o
D
Disaster Recovery Plan

A disaster recovery plan is a policy or a set of procedures that documents how people and resources will Disaster Recovery Plans
be protected in case of a disaster, and how the organization will recover from the disaster and
restore normal functioning. The plan should be developed and implemented cooperatively by
different functional groups.
The disaster recovery plan incorporates many components, including:

• A complete list of responsible individuals.

• A critical hardware and software inventory.
• Detailed instructions on how to reconstruct the network.
Note:
A complete disaster recovery plan will be highly detailed and completely customized to suit the
needs and circumstances of a particular organization.
e
ut
ib
tr
is
D
or
Figure 9-7: Components incorporated in the disaster recovery plan.
e
Business Continuity Plan
at
Business Continuity Plan Business continuity is a defined set of planning and preparatory activities that are used during a
serious incident or disaster to ensure that an organization's critical business functions will continue
lic
to operate or will be recovered to an operational state within a reasonably short period. As such,
business continuity includes three key elements:
1. Resilience: Critical business functions and infrastructure are designed so that they are materially
up
unaffected by most disruptions.

2. Recovery: Arrangements are made to recover or restore critical and less critical business
functions that fail for some reason.
3. Contingency: A generalized capability and readiness to cope effectively with major incidents and
D
disasters. Contingency preparations are a last-resort response in the case where the resilience and
recovery arrangements were inadequate.
ot
Guidelines for Creating a Disaster Recovery Plan

N
Guidelines for Creating a When creating a disaster recovery plan, there are some general guidelines you should follow.
Disaster Recovery Plan • Perform a business impact analysis.
• Determine if you will use an alternate site, and if so, will it be a hot, warm, or cold site.
o
• Determine which replication method you will use

D
• Disk to disk
• Server to server
• Site to site
• Create a continuity of operations or a business continuity plan.

ACTIVITY 9-3
Creating a Disaster Recovery Plan
Scenario
e
You have been invited to be part of the committee for creating a new disaster recovery plan for
ut
Develetech. In preparation for the first meeting, you want to look at some other organization's
disaster recovery plans. You also decide you would like to bring a blank template to the meeting to
help organize the discussion on what to include in the disaster recovery plan.
ib
1. Search the web for examples of disaster recovery plans.
tr
a) Open a web browser to your preferred search page and search for disaster recovery plan examples
b) Select several plans and briefly review their content.
is
c) Determine which items seem to be common between the various plans.
d) Determine if any of them would be a good fit for your organization.
D
e)
Share your results with the class. Encourage remote
students to participate in
2. Search the web for examples of disaster recovery plan templates. the discussion.
a)
b)
c)
Select several templates and briefly review them.
Determine which template you would use.
or
Using your preferred search page, search for disaster recovery plan templates If time permits, you can
have students
collaborate to create a
basic disaster recovery
e
d) Discuss your results.
plan for Develetech, for
their organization, or for
at
the training classroom.

Consider demonstrating
lic
VM replication in Hyper-
V as well as discussing
how live migration is
used in disaster
up
recovery.
D
ot
N
o
D

TOPIC D
Perform Backup and Restoration
Previously, you examined how to implement disaster recovery plans. The disaster recovery plan also
includes fault tolerance measures such as data backup. In this topic, you will examine how to
perform data backup.
e
As part of a fault-tolerant system, you need to consider backup options and make sure you have an
ut
efficient backup plan in place, so that you are able to restore crashed servers to functional capacity
in the event of a critical failure or disaster.
ib
Backup Methods
tr
Backup Types All utilities support several types of backups.
is
Backup Method Description
Full/Normal Backs up all information, regardless of whether it was previously backed
D
up. Also known as a normal backup.
Incremental Backs up files new or modified since the last full or incremental backup.
Differential
Copy or
Backs up files new or modified since the last full backup.
Backs up any selected files, regardless of whether or not the archive bit is
turned on, and leaves the archive bit the same as before the backup.
e
Commonly used between full and incremental backups.
Daily Only backs up files that were changed during the current day and leaves
at
the archive bit unchanged.

Appended An option that backs up files until media runs out of space, then
lic
overwrites from oldest to newest. This relates more to the backup media
than to the specific backup types.
Snapshot A set of pointers to data stored on tape, disk drive, or a SAN. It acts like a
up
table of contents, but the computer treats it is a complete data backup.

Selective Backs up only the files or folders specified by the user.
D
Bare metal A disk image of the entire contents of hard drive including operating
system, applications, and data files
ot
Open Files and Backups

Open files can be a problem for backup software. Files that are opened by an application are locked
N
to ensure that only one client makes changes at a time. It is a nice feature, but also one that causes a
few problems for network backup software. Specifically, the backup software has to deal with a
client making changes during the backup, which can create errors in the backup (remember that
o
backups are relatively slow). It also has to deal with the locked files. To help, you can deploy an
open files agent with the backup software. When the backup software encounters a locked file, it
D
uses the open files agent to take a snapshot of the file. The snapshot temporarily disables the file’s
ability to be edited and copies the file to a temporary location on the drive. The backup software
then backs up the snapshot. This happens very quickly and does not disrupt the client using the file.
Note: Windows uses volume shadow copy for open files.
Lesson 9: Planning and Testing Disaster Recovery | Topic D

Operating System and Their Backup Types

The following table describes backup types for different operating systems.
NOS Backup Type What Gets Backed Reset Time Issues

Up Archive Bit?
Windows Server Normal (Full) All selected data Yes Longest to back up;
2003/2008/2012 shortest to restore
Copy All selected data No Long to back up;
e
short restore
ut
Differential All files created or No Longer to back up
changed since the each day; short
ib
last normal or restore
incremental backup
Incremental All files created or Yes Shortest to back up;
tr
changed since the longest to restore
last normal or
is
incremental backup
Daily All files created or No Depends on the
D
changed on that number of files
day changed that day
UNIX/Linux Full
Differential
All files
All files created or

changed since the
Not
Not
or
applicable
applicable
Longest to back up;
shortest to restore
Longer to back up
each day; short
e
last full backup restore
at
Incremental All files created or Not Shortest to back up;

changed since the applicable longest to restore
lic
last full or
incremental backup
Backup Combinations
up
Typically, the fastest type of backup is an incremental backup combined with a regular full backup,
but it requires that you restore the last full backup and every incremental backup since the last full
backup (in chronological order), which can be extremely time-consuming. What you can do instead
D
is use differential backups combined with a regularly scheduled full backup, because all new or
modified files since the previous full backup are included and you would only need two media sets
for a full restore. Each differential backup following the last full backup will take an increasing
ot
amount of time.
Because differential backups are based on the last backup that cleared the archive bit, you shouldn't
N
mix incremental and differential backups. Differential backups count on the archive bit not being
cleared. Any differential backups following an incremental backup wouldn't back up all modified
files since the last full backup because the incremental backup cleared the archive bit. Keep in mind
o
that the backup methods you implement will also directly impact your restore time.
If you opt to do full backups each time you back up your data, be aware that doing so takes the
D
most time. However, it also includes the fastest full restores because you only need to restore data
from one media set. The following table summarizes backup and restore times for each backup type.
Backup Type Relative Time Necessary for a Relative Time Necessary for a
Full Backup Full Restore
Full backup only Longest Shortest

Backup Type Relative Time Necessary for a Relative Time Necessary for a
Full Backup Full Restore
Combination incremental and Shortest Longest
full
Combination differential and Time increases daily; shorter Shorter than incremental but
full backup than full backup overall but longer than full
longer than incremental
e
Backup Media
ut
Backup Media The backup medium is the device onto which you write the backup data. The backup medium may
ib
include tape drives, disk, WORM, optical drives, and flash drives.
Another medium to consider is cloud backup. Your organization can purchase a subscription to
offsite storage that is maintained by the third-party organization that hosts the backup cloud storage.
tr
Data must be encrypted during transfer to ensure data security and privacy. This is a convenient
backup method that fulfills the need for offsite data storage for disaster recovery. The cost varies
is
based on the amount of storage space needed. It can be slow if you have large quantities of data to
transfer from your servers to cloud storage.
D
Medium Description
Small-capacity removable disks Magnetic disks that hold less than 500 MB and can be
or
removed from disk drives and replaced as they get full.
Although they don't hold a lot of data, they're popular for
partial workstation backup because of their low cost and ease
e
of use, and because many newer computers come equipped
with one or more of them.
at
Large-capacity removable disks The same as small-capacity removable disks except that they
store more than 500 MB of data. They cost more than the
lic
small-capacity disks, but hold more data and can easily be used
for more complete workstation backups. However, they have
limited server use because one disk isn't usually sufficient
backup for most servers.
up
Removable optical disks Use a laser or other light source to read and write information
stored on disk. They tend to have larger capacities (650 MB to
17 GB) than magnetic removable disks, but also tend to be
D
slower. Optical jukeboxes, which can contain hundreds of

disks, can expand capacities into the hundreds of terabytes.
There is also a hybrid category called magneto-optical (MO)
ot
disks that combine the benefits of both magnetic and optical

storage methods.
N
Tape backups Probably the most common, because tape drives are reliable,
inexpensive, and widely supported. Common tape backup
formats include QIC, Travan, DAT, DLT, and 8 mm.
o
Flash drives Stores data using flash memory. These flash drives can be USB
D
drives or memory sticks. A third party tool, which is generally

compatible with the OS, is used to perform backup or
recovery of data whenever a flash drive is connected to the
computer system.

All of the above backup media are random access media except for tape which is a linear medium. It
is much faster to access a particular piece of data randomly rather than needing to access it from a
linear tape, moving forward or backward on the tape as needed to access the data.
Note: When selecting which backup media to use, consider the time it will take to perform the
backup. Time is paramount, as the backup can't overrun the backup time window you gave for
performing the backup.
Rotation Method
e
ut
Backups should be performed systematically and on a regular basis to protect against data loss. Most Rotation Method
large organizations implement a structured backup scheme that includes a backup schedule and
details about which files are backed up, where the backup is stored, and how it can be retrieved. The
ib
backup scheme will specify the backup rotation method, which determines how many backup tapes or
other media sets are needed, and the sequence in which they are used and reused. Designated
administrators will have the responsibility for designing and managing the backup scheme and for
tr
restoring data when needed.
is
D
or
e
at
lic
Figure 9-8: Every backup scheme will specify the backup rotation method.
up
The Grandfather Method

In the Grandfather-Father-Son method, daily tape sets are used Monday through Thursday, weekly The Grandfather-Father-
tape sets every Friday, and monthly tape sets on the last day of each month. It is a usual practice to
D
Son Backup Rotation

rotate daily tape sets weekly, weekly tape sets monthly, and monthly tape sets annually. Method
ot
N
o
D

e
ut
ib
tr
is
Figure 9-9: Grandfather-Father-Son process for securely backing up new and modified data.
D
The Grandfather-Father-Son method is secure and involves assigning one backup set for Mondays,
another for Tuesdays, another for Wednesdays, and another for Thursdays. On each of those days,
you can reuse the assigned set. On Fridays of that month, however, you may use a new set, which
or
you can reuse in the next month too in the same order. It will be helpful if you can label each daily
backup set with the name of the day, weekly tapes with number 1 through 4 for each Friday, and
monthly tapes with the name of the month. At the end of each month, you can replace the backup
sets used from Monday to Thursday. You may then choose to either reuse the old ones the
e
following year or keep them as permanent records.
at
The Leaning Tower Method

Leaning Tower Method In the leaning tower method, also known as the Tower of Hanoi method, tape sets are staggered
lic
with one tape set for every two days, and different sets every four, eight, sixteen, and thirty-two
days, respectively.
up
D
ot
N
o
D
Figure 9-10: Leaning tower process for securely backing up new and modified data.
The leaning tower method involves using five media sets. Media set A is used every two days; media
set B every fourth day; media set C every eighth day; media set D every sixteenth day; and, media set
E is alternated with media set D, doubling the backup history with each media set used—2, 4, 8, or
16 days until the media is overwritten. This way you can have media sets with most recent versions

of the files. It will help if you can label each of the media sets with a letter or number (media set A
or 1). You can apply this rotation method to either a daily or weekly rotation schedule. If you're
doing a daily rotation, you'll need at least five media sets; a weekly rotation requires eight.
Backup Storage
Typically the backups you create are stored offsite. In the event disaster strikes the facility where Backup Storage
your servers are located, you won't lose your backup media as well. You might want to keep a set of
e
backup media on site as well so that you have instant access to the backups in case files are
accidentally deleted or corrupted. For offsite storage, you might use a bank safety deposit box for
ut
small organizations, or you might contract with a firm that specializes in securely storing backups.
For onsite storage, consider using a fireproof safe.
Wherever you decide to keep your backups, environmental considerations must be taken into
ib
account. Do not store the backups where there is high heat or humidity which could damage the
backup medium. Be sure not to store the backups near equipment with strong magnets that could
tr
erase the data and damage the backup media.
is
Media and Restoration Best Practices
D
You need to keep the following in mind if you wish to create and maintain a durable backup file or Backup Best Practices
database:
• Use the appropriate operating system services to identify any open files and then close them.
or
Most backup software gives you the option to back up open files either with or without locks.
• Follow the manufacturer's instructions for maintaining the backup device. For example, if you're
using a tape backup, periodically clean the tape heads (with a cleaning tape) to minimize
intermittent errors caused by dirty recording heads.
e
• Store a copy of the backup media off-site.
at
• Store the on-site copy of the backup in a fireproof safe.

It is important to pay careful attention to detail when you are performing a backup or restoration
lic
process. This is because an incomplete data backup can cause your system to fail and lose a
significant amount of data. A backup system will only be as good as the method used for restoring
data. As a general rule, perform tests after any kind of change to the backup and restore system on
the network. For example: backup and restore some files to check if the system works and then
up
check the content of your backup archive. Even if the change is small or insignificant, it can have
the potency to cause an abnormality in the backup system environment.
D
Backup Verification
Before using a backup device to restore data, test it to make sure it's reliable. To test the backup Backup Verification
ot
device:
• Try restoring from more than one external hard drive if possible, to ensure that the hard drive is
N
properly aligned.
• Try restoring some of the backed-up data into a test directory, making sure you don't overwrite
any data when doing so.
o
• Configure the backup software to verify after it writes.

• Verify that the backup contains all the required files.
D
• Test backup devices on a regular basis.
Backup Storage Security

Backup Storage Security Ask students what steps
their organization takes
The are various best practices for ensuring security of backup data. They include: to secure their backups.

• Authentication of users and backup clients to the backup server.

• Role based access control lists for all backup and recovery operations.
• Data encryption options for both backup transmission and storage.
• Backup of remote clients to a centralized location behind firewalls.
• Default data storage locations must be standardized.
• Create a policy that defines where documents are backed up from.
• Use segregation of duties enforced by policy for all personnel handling backup data.
• Document all access, testing, backup, and restore cycles.
e
ut
Restoration
ib
Restoration When you restore data from a backup, the data is only as current as the backup from which you are
restoring. If your last backup was last night and data was lost this afternoon, the data from today will
tr
be unavailable. In some cases, you might be able to piece together some of the data, but most likely,
users will need to re-enter any data from today.
is
Depending on the type of backup that was performed, it might take a shorter or longer time to
perform a full data restore. For example a full backup takes the longest to backup the data, but it is
the shortest time to restore the data in comparison to differential or incremental backups.
D
Data vs. OS Restore
Data vs. OS Restore
Make sure students are
clear about operating
or
There is no need to back up the server operating system. Make sure to back up all data, including
configuration files. If you need to completely restore a server, reinstall the operating system using
the disk or ISO, and turn restore the data.
e
system restore vs
Data restoration restores lost or damaged data. Data restoration:
system restore vs using
at
a restore point. • Recovers data from former existing partitions.

• Support for various file systems.
lic
• Used to recover deleted files and folders.

• Restores data from bad sectors.
up
Backup Retention
Backup Retention Every organization should have a well defined legal policy concerning the retention and destruction
of data. Corporate policy and legal and regulatory requirements dictate how to retain and destroy
D
data records. Because it is difficult to attain legal and regulatory compliance, corporate legal
departments must assume advisory roles and act as internal consultants to ensure adherence to these
standards. Failing to properly retain information may result in legal issues and fines.
ot
The legal policy should include:

• Standards and guidelines on how long different types of documents should be retained to meet
N
legal or policy requirements.

• Plans for consistent and secure storage, and retrieval of all document types. Storage
recommendations take into account the nature of information, the physical media on which it is
o
stored, and the security measures for documents.

D
• Plans for disposal or destruction of outdated documents. Some documents can simply be
recycled or thrown away. However, confidential information must have an approved destruction
method to ensure that the data cannot be retrieved. The destruction method depends upon the
sensitivity of the data and the media it is stored on, and can range from shredding and burning
paper documents, to reformatting computer disks multiple times.

Material Safeguarding
Safeguarding classified materials entails developing and implementing policies, guidelines, standards,
and procedures that specify how to maintain the confidentiality of classified information. Access
controls, either physical or logical, are at the heart of this process. The first step is deterring
unauthorized individuals from accessing classified materials.
Declassification
As risks associated with the disclosure of classified information are reduced, the information can be
e
declassified. The data owner determines the point in time of declassification. Security administrators
are required to follow the local standards for declassification.
ut
ib
job aids on How to Back Up and Restore Server Data.
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 9-4
Backing Up the Server and Testing Backups
Before You Begin
e
Students can back up to You have a second drive on which you can back up the files.
a second physical drive,
ut
or a second VHD drive. Scenario
Alternatively, they can
back up to a USB device You have been meaning to create a backup of your lab test environment, and decide that today is
ib
or a shared folder on the the day to finally do so. You have a drive available to back up files to, and will use the Windows
virtual server. Server Backup utility. To test the backup, you will delete a file and then restore it.
tr
1. Install the Windows Server Backup utility.
is
a) In Server Manager on the Dashboard page, select Add roles and features.
b) In the Add Roles and Features Wizard, select Next until you are at the Select features page.
D
c) Check Windows Server Backup and then select Next.
d) On the Confirm installation selections page, select Install.
Note:
or
This step will take a while to complete.
e) In the Installation Results page, observe that the Installation succeeded message is displayed and
select Close to close the Add Roles and Features Wizard.
e
at
Windows Remote 2. In Services, verify that Windows Remote Management is enabled and started.
Management may have
been disabled when 3. Back up the disk partition volume of the server.
lic
SCW was used to a) Select Tools→Windows Server Backup.

harden the server. Point b) In the Windows Server Backup window, in the Actions pane, select Backup Once.
out that SCW hardens
c) In the Backup Once Wizard, in the Backup options page, accept the default settings and select Next.
based on existing roles,
up
so adding roles requires d) On the Select backup configuration page, select Custom and select Next.
tweaking the server. e) On the Select Items for Backup page, select Add Items.
If you need to save time, f) On the Select Items page, expand the volume containing the server files, then select several folders
back up a smaller of your choice and select OK.
D
partition. g) Select Next.

h) On the Specify destination type page, verify that the Local drives option is selected and click Next.
i)
ot
Let students know On the Select Destination Type page, select the option specified by your instructor and then select
whether they should Next.
back up to a local drive j) On the Select Backup Destination page, select the appropriate Backup destination and then select
N
or a remote shared Next.

folder. k) In the Confirmation page, select Backup.
o
Note:
This step might take a while to complete depending on the size of the data to
D
be backed up.
l) On the Backup Progress page, when the backup is complete, select Close.
m) Close the Windows Server Backup window.
4. Verify the creation of a backup file.

a) Open File Explorer and navigate to the location where the backup was written to.

b) In the backup location, double-click the WindowsImageBackup folder.

c) In the WindowsImageBackup window, double-click the server name.
d) Double-click the Backup folder that contains the current date.
e) Verify that a Hard Disk Image File is located in your backup location nd close the window.
5. Create a simulation of a user accidentally deleting a folder.

a) In File Explorer on your server hard drive, delete one file or folder that was backed up.
b) Right-click Recycle Bin and select Empty Recycle Bin.
e
c) In the Delete Folder message box, click Yes.
ut
6. Recover the deleted files from the backup.
a) Switch to the Windows Server Backup window.
b) In the Windows Server Backup window, in the Actions pane, select Recover.
ib
c) In the Recovery Wizard, on the Getting started page, verify that This server (SERVER##) is
selected, and select Next.
tr
d) On the Select Backup Date page, verify that the date corresponds to the most recent backup, and
select Next.
e) On the Select Recovery Type page, verify that the Files and folders option is selected and select
is
Next.
f) On the Select Items to Recover page, expand Server## as needed until the item you deleted is
D
listed in the Items to recover pane.
g) Select the deleted item in the right pane and select Next.
h) On the Specify Recovery Options page, in the Recovery destination section, verify that the Original
location option is selected and select Next.
i) On the Confirmation page, select Recover. or
j) When the wizard has finished recovering the deleted item, select Close.
k) Close the Windows Server Backup window.
e
at
lic
up
D
ot
N
o
D

Summary
In this module, you learned about planning for and testing disaster recovery. While you can plan and
ensure that your servers are running in the best possible environment, things can and do, still fail.
Having a disaster recovery plan and backups from which to restore any lost data is just as important.
use the social Do you have a disaster recovery plan documented for your organization? Has it been tested or have you
e
networking tools had to use it? If you don't have one, what are your plans for creating one?
provided on the A: Answers will vary. Having a disaster recovery plan is important, but just as important, is testing it to
ut
LogicalCHOICE Home make sure that it will work as you expect in the event of a disaster.
their peers after the How often do you perform server backups? What medium do you back up to? Where are backups stored?
ib
course is completed for Do you agree with your organization's backup policies? Why or why not?
resources to support A: Answers will vary. The frequency of backups depends on the types of data you need to protect. There
tr
continued learning. are a wide variety of backup media to select from. Some backups might be stored on site for easy
accessibility, but long term off site storage is also important in case the facility is unavailable or
is
unusable.
D
or
e
at
lic
up
D
ot
N
o
D
Lesson 9: Planning and Testing Disaster Recovery |

10 Troubleshooting Server
Issues
e
This lesson is designed to bring everything together that was covered throughout the course.
ut
3 hours
ib
tr
is
Lesson Objectives
D
In this lesson, you will troubleshoot server issues. You will:
• Troubleshoot server hardware.

• Troubleshoot software related issues.
or
• Identify the steps in the troubleshooting process.
e
• Troubleshoot common network problems.
at
• Troubleshoot storage issues.

• Troubleshoot storage issues.
lic
Lesson Introduction
up
You explored environmental issues surrounding servers. Despite it being in a physically

secure and safe environment, every server will experience downtime at some point. In this
D
lesson, you will identify the major issues, tools, and techniques for troubleshooting servers.
A server is not a system that can be simply rebooted in case of a problem. Troubleshooting
a server is a step-by-step process. There are also several types of specialty hardware and
ot
software tools used in server maintenance and repair. In short, troubleshooting a server is a
complex task that requires a systematic approach.
N
o
D
TOPIC A
Troubleshooting Theory and Methods
Some of the material There are various approaches to troubleshooting. You need to select a suitable troubleshooting
covered in this lesson process. In this topic, you will list the components of a troubleshooting process.
will be a review for
e
students who have taken
Because troubleshooting server problems is a vital part of a server technician’s job, you should
the CompTIA A+ course. always use a systematic approach to problem-solving. Learning and using an effective
ut
troubleshooting process will help you to resolve problems efficiently and painlessly.
ib
Troubleshooting a Server
Troubleshooting a Troubleshooting is the recognition, diagnosis, and resolution of problems affecting a server to restore it
tr
Server to its normal operation. You can troubleshoot a server in many ways, but all approaches have the
same goal: solving a problem efficiently with a minimal interruption of service.
is
D
or
Figure 10-1: The parameters of troubleshooting.
e
at
Troubleshooting Model
Troubleshooting Model A troubleshooting model is any standardized step-by-step approach to the troubleshooting process. The
lic
model serves as a framework for correcting a problem efficiently without introducing further
problems or making unnecessary modifications to the system. Models can vary in the sequence,
number, and name of the steps, but all models have the same goal: to move in a methodical and
up
repeatable manner through the troubleshooting process.

Troubleshooting Steps
D

ot
LearnTO Follow the

Troubleshooting Process
from the LogicalCHOICE
Figure 10-2: The troubleshooting model provides a framework for correcting problems.
N

the Course screen and The steps in the troubleshooting process include:
o
1. Identify the problem and determine the scope.

supplement to your
instruction. If not, please • Question users and stakeholders to identify changes to the system or environment.
D
remind students to visit • Collect additional documentation and any log files.
the LearnTOs for this • If possible, replicate the problem.
course on their
• If possible, perform backups before making changes.
screen after class for 2. Establish a theory of probable cause.
supplemental • Question the obvious.
information and
• Determine whether there is a common element of symptom causing multiple problems.
Lesson 10: Troubleshooting Server Issues | Topic A

3. Test the theory to determine the cause.

• Once the theory is confirmed, determine next steps to take to resolve the problem.
• If the theory is not confirmed, establish a new theory or escalate the problem to another tier
for resolution.
4. Establish a plan of action to resolve the problem and notify impacted users.
5. Implement the solution or escalate as appropriate.
• Make one change at a time and test to confirm the change has resolved the problem.
• If the problem is not resolved, reverse the change if appropriate and implement a new
e
change.
ut
6. Verify full system functionality and, if applicable, implement preventative measures.
7. Perform a root cause analysis.
8. Document findings, actions, and outcomes throughout the process.
ib
Note: For additional information, check out the LearnTO Follow the Troubleshooting
Process presentation in the LearnTOs for this course on your LogicalCHOICE Course screen.
tr
is
Identify Problem and Determine Scope
D
To identify the symptoms and potential causes of a server problem, start by gathering as much Identify Problem and
information as you can. Determine Scope
• Ask the user to describe what happened. Ask open-ended questions instead of yes/no questions
to get as much information as you can.
or
• And, look for error messages on the screen or in system and software log files.
Next, re-create the problem. A repeatable problem is easier to solve than an intermittent one.
e
• Have the user try the procedure again, recording all actions taken and all results received. Verify
that the procedure is correct.
at
• Try to perform the task yourself at the user’s workstation and at your workstation.
• Or, have another user try the task at the user’s workstation and on an equivalent workstation.
lic
Perform backups before making changes. Before troubleshooting the problem it is always
recommended to take a backup of the current status of the system. This will enables you to restore
up
the required data or system status in case any disaster occurs during the troubleshooting process.
While you gather the information, make a list of possible causes that could have the same
symptoms.
D
Determine if the problem is limited to one workstation, several workstations, one server, one
segment, or the entire network. If only one person is experiencing a certain problem, the problem is
most likely at the workstation. If groups of users are affected, the problem might lie at a part of the
ot
network or service shared by users, such as a particular software application or database, a server,
the network segment, or the network configuration.
N
Determine what has changed. To determine what has changed, ask questions such as:
• Were you able to do this task earlier? If this is a new task, perhaps the user needs different
system permissions, or additional hardware or software.
o
• If you could do the task before, when did you first notice that you could not do it anymore? Try
D
to discover what happened immediately before the problem arose, or at least pinpoint the time,
since the source of the problem might be related to other changes elsewhere on the network.
• What has changed since the last time you were able to do this task? Users can give you
information about events that might affect their local systems. You can help them with leading
questions such as, “Did someone add something to the server?” or “Did you do something
differently this time?” Be sure not to be judgmental or imply that the user is to blame; it will be
harder for him to report his conditions accurately if you do so.

• Also, check all system and software log files to see if there are any records of recent activities.
For instance, if a user cannot log on to the network, have the user try once again. This time ask the
user to observe exactly what happens and what is displayed onscreen. Think about the possible
causes: a user who suddenly cannot log on could indicate a problem with the network cable or
adapter, local DHCP server, local network connection, or authentication server. A logon problem
can affect one or many users.
• When one user cannot log on to the network, try logging on as that user from another
e
workstation belonging to the same group of users. If the logon is successful, start by checking
ut
the workstation’s NIC and cabling, and then move on to more detailed workstation
troubleshooting.
• When several users cannot log on, find out what they have in common. If all affected users use
ib
the same server, verify that the server is up and running smoothly, and check user connections
and security levels. If several network segments appear to be affected, check for network address
conflicts. If all users are having problems, check any components (such as servers, routers, and
tr
hubs) that they access. Also, remember to check WAN connections by verifying that stations on
both sides of the WAN link can communicate; if they cannot, you will need to check the WAN
is
hardware along with other devices between the sending and receiving stations.
• And, do not forget to check system and software logs for errors or alerts that may provide clues
D
on what the problem is.
Establish Theory of Probable Cause

Establish Theory of
Probable Cause
or
To establish the theory of most probable cause, use a systematic approach. Eliminate possible
causes, starting with the most obvious and simplest one and working back through other causes. Do
not overlook straightforward and simple corrections that can fix a range of problems and do not
e
cost much time or effort to try. You may find that you can resolve the issue on the spot.
at
For example, if a user has lost Internet connectivity, check to make sure that the network cable is
plugged in and that the user's IP configuration is correct, then check the router settings or
connection to the ISP.
lic
Test Theory to Determine Cause

up
Test Theory to
Note: Be sure to only test and change one thing at a time.
Determine Cause
D
Once you establish the most probable cause, determine the steps to resolve them. However, while
troubleshooting a problem, you may find the cause of the problem is not an issue that can be
resolved over the phone or at the user's desktop. It may be necessary to contact a fellow employee
ot
who has specialized knowledge, or a more senior administrator with the appropriate permissions
and authorization. In these cases, the problem should be escalated to the appropriate personnel to
N
be resolved as quickly as possible.

For example, you might determine that a connectivity problem needs to be escalated. Some users in
the finance department have lost connectivity to a workgroup server. It has been determined that
o
there are no problems with the software or hardware at the user end. Error logs on user machines
indicate that there may be a configuration problem on the server side. Because the server in question
D
contains company financial information and only a few highly trusted administrators have the ability
to log onto the server, this issue will have to be escalated to one of them.
Establish Plan of Action

Establish Plan of Action After you have determined the probable cause, you should create an action plan before you start
making changes, detailing each step that you will take while attempting to resolve the issue. You

should also make sure that you will able to restore the system to the condition it existed before the
troubleshooting, in case things do not go as planned. You also need to think about how the action
plan will affect the user or other aspects of the network. If you think ahead, you can help ensure that
productivity does not suffer and that downtime is minimized.
If a user is reporting multiple problems, determine whether there is a common element that could
be causing all of the problems.
For example, if you are rebuilding a user's workstation, think about how this might affect the user's
productivity in the interim. You might need to provide another workstation to the user, and you
e
would need to transfer user data to a safe location before working on the old system. A rule of
thumb is to back up data before working on a user’s machine.
ut
Implement Solution
ib
Implement the action plan step-by-step to fix the problem. If you make multiple changes at once, Implement Solution
you will be unable to verify exactly what effect each adjustment had. Be sure to document each step,
tr
because you can lose sight of what you have tried in complex troubleshooting scenarios.
Test the solution. Make sure that the solution you have implemented actually solved the problem
is
and did not cause any new ones. Use several options and situations to conduct your tests. For
instance, try the task yourself, and then have the user try it while you observe the process, or test the
D
workstation both before and after it is connected to the network. Sometimes, you will need to test
over time to ensure that your solution is the correct one.
For example, some users have all lost Internet connectivity, and all have their desktop workstations
or
connected to the same switch. While the problem could be with the switch, the problem might also
have been due to a faulty cable that connects the switch to a router. After replacing the cable that
attaches the switch to the router, you should attempt to access the Internet from all the affected
machines to check if they work fine.
e
at
Note: It is a good practice to write the steps down that you will perform and check them off the
list as you perform each step.
lic
Verify Full System Functionality

Verify that the user agrees that the problem is solved before you proceed with final documentation
up
Verify Full System

and closing the request. Additionally, even if the problem is solved and your solution was well Functionality
thought-out and documented, there might be cascading effects elsewhere on the local system or on
the network. Think about those potential effects and test for them before you close out the issue.
D
Monitoring system and software logs throughout the testing and monitoring phase can provide
additional visibility into the effects of the solution. If a major change was made, it may be advisable
to continue monitoring and testing the system and network for several days or even weeks after
ot
implementing the solution.

As an example, if you install a software application, you might find that the newly installed
application makes changes that affect other applications, such as changing file associations on the
N
system. You should have identified this potential effect before installing the application and taken
steps to ensure that all applications are functioning the way the user desires.
o
Root Cause Analysis

D
Root cause analysis is an information gathering technique that is used to identify problems, identify Root Cause Analysis
the exact reasons for the problems, and develop corrective actions. It involves an in-depth and Make sure students
comprehensive analysis of the problem and brainstorming over the issue to identify its root cause. realize how important it
Irrespective of the troubleshooting model that you may follow, it is imperative to perform a root is to document their
cause analysis to identify the exact source of the problem. analysis and develop a
plan for correcting the
root cause.

Document Process
Document Process Document the problem and process you used to arrive at the solution. Maintain records as part of
your overall network documentation plan. Not only will this provide you with an ever-growing
database of information specific to your network, but it will also be valuable reference material for
use in future troubleshooting instances—especially, if the problem is specific to the organization.
You might even want to create a troubleshooting template so that you can be sure that necessary
information is included in all reports, and that all reports are consistent, no matter which support
person completes them.
e
Troubleshooting Documentation
ut
Some of the things you might want to include in a troubleshooting documentation template are:
• A description of the initial trouble call, including date, time, who is experiencing the problem,
ib
and who is reporting the problem.
• A description of the conditions surrounding the problem, including the type of server, the type
tr
of NIC, any peripherals, the desktop operating system and version, the network operating system
and version, the version of any applications mentioned in the problem report, and whether or
is
not the user was logged on when the problem occurred.
• Whether or not you could reproduce the problem consistently.
• The possible cause or causes you isolated.
D
• The exact issue you identified.
• The correction or corrections you formulated.
• The results of testing the solution. or

• The results of implementing each correction you tried.
• Any external resources you used, such as vendor documentation, addresses for vendor and other
support websites, names and phone numbers for support personnel, and names and phone
e
numbers for third-party service providers.
at
lic
up
D
ot
N
o
D

ACTIVITY 10-1
Applying Troubleshooting Theory and Methods
Scenario share their experiences
e
The help desk is short staffed today, so your manager has asked you to help with some of the tickets with troubleshooting.
ut
that have come in.
ib
1. You received a call from a user who cannot connect to the Internet. They can log on to the local
network. You initially tried walking the first caller through connecting to the Internet, but she was
unsuccessful in connecting. Another help desk technician overhears your call and lets you know that he
tr
also has a user from the third floor who cannot access the Internet. Looking at the help desk database,
you see that other users from the third floor are also reporting the same issue. Document the
is
troubleshooting steps you would take to come up with an action plan to resolve the users issue.
A: In gathering information and determining the scope, you find that this affects multiple users within
a specific area of the organization. Working with the other help desk technicians you should be
D
able to narrow down the probable cause of the problem. One of the technicians should examine
the equipment on the third floor to see if a router, switch, or cable needs to be replaced. If one of
those components appears to be at fault, it the technician should recommend its replacement.
or
2. The technician found that a cable appears to have been damaged. He also noticed that it appears that
someone had been working on replacing components in the wiring closet for the third floor. What steps
should be taken to implement an action plan and resolve the ticket?
e
A: Answers will vary, but may include: once you have determined the probable cause, you should
create an action plan before you start making changes, detailing each step that you will take while
at
attempting to resolve the issue. You should also make sure that you are able to restore the
system to the condition it was in before you began troubleshooting, in case things do not go as
planned. You also need to think about how the action plan will affect the user or other aspects of
lic
the network. If you think ahead, you can help ensure that productivity does not suffer and that
downtime is minimized.
up
3. A user recently got a new computer delivered to their desk. Some of the files he needs to open won't
open. What are some of the questions you should ask?
A: Ask the user to describe his system and his physical location. What application is he using to open
the file? Can he open other files with that application? If so, the problem is with the file and not the
D
software. Ask him to describe the specific problem he is having. Can he find the file but receives
an error when he opens it? Or does the file open but looks corrupted? To localize the problem,
ask where the file is saved; is it on a local disk or on a network drive? Can he open other files from
ot
that location? If not, it may be a problem with the storage media itself. Or is it in an email
attachment? Find out when he could last open the file, if ever. If he could open the file previously,
find out anything that might have occurred since that time to change the situation. If the file is in a
N
network location, review network activity logs to see if there have been any issues or changes to
that server.
o
D

TOPIC B
Troubleshoot Hardware Issues
In the previous topic, you familiarized yourself with the troubleshooting process. One of the
important tasks of a server technician would be to handle various types of server hardware issues
and troubleshoot them. In this topic, you will explore common server hardware issues and the
e
techniques used to troubleshoot them.
ut
There will be time when the server's internal system components experience problems that cannot
be fixed by users. As a server technician, many of the service calls that you respond to will involve
troubleshooting system components. Therefore, your ability to quickly and effectively diagnose and
ib
solve the problems will be essential in maintaining the satisfaction level of the users you support.
tr
Hardware Maintenance
is
Hardware Maintenance One of the most important parts of troubleshooting hardware issues is to perform regular hardware
maintenance, thus preventing some of the issues that might otherwise arise. By regularly checking
system health indicators, performing preventative maintenance, and using proper shut down
D
procedures, you can often prevent or at least delay, the need to replace failed components.
LEDs
or
A Diagnostic Light Emitting Diode (LED) is an electronic device that lights up when electricity is
passed through it and provides a quick visual notification of the status of the server for some of the
Field Replaceable Units (FRUs). The LED indicates power on and hard disk drive activity. A control
e
circuit drives the LED in on-off state to indicate diagnostic information.Diagnostic Light Emitting
Diodes
at
lic
up
D
ot
N
Figure 10-3: LEDs notifies the status of the server.

o
Error and Beep Codes

D
Power-On Self Test The Power-On Self Test (POST) is a built-in diagnostic program that is run every time a server starts
up. The POST checks your hardware to ensure that everything is present and functioning properly,
before the system BIOS begins the operating system boot process.
Power-On Self Test (POST) makes hardware verification an easy task. All you need to do is observe
the power-on sequence when the server's power is turned on.
Lesson 10: Troubleshooting Server Issues | Topic B

e
ut
Figure 10-4: POST is a built-in diagnostic program that is run every time a server starts up.
ib
The following table lists some common POST codes and their meanings.
tr
Audio Error Code Video Output Problem Solution
One or more DOS prompt None; (normal None.
is
short beeps startup beep)
None None Power Check power cords, wall voltage, server's
D
power supply.
None Cursor Power Check the server's power supply; check for
None
One short, one
DOS prompt
None
Audio
Display
or
sufficient wall voltage.
May be a defective speaker.
Check for monitor power; check video
e
long beep cable; check display adapter.
at
Two short beeps None or Display Check for monitor power; check video
incorrect cable; check display adapter.
display
lic
(garbage)
Two short beeps Error code Refer to a list of Refer to a list of error codes and their
number error codes and interpretations.
up
their
interpretations.
Repeating short Probably none Power Check the server's power supply; check for
D
beeps sufficient wall voltage.

Continuous tone Probably none Power Check the server's power supply; check for
ot
sufficient wall voltage.

One long, one Probably none System board Check to see that all adapters, memory, and
short beep chips are seated firmly; check for proper
N
power connections to the system board; use

diagnostics software or hardware to further
troubleshoot the system board.
o
One long, two Probably none Display Check for monitor power; check video
D
short beeps cable; check display adapter.

One long, three Probably none Display Check for monitor power; check video
short beeps cable; check display adapter.

LCD Messages
Many servers and server-related devices have LCD or LED message panels on the front of the unit.
Messages regarding the settings or errors on the device are displayed on the message panel. Part of
your routine should be to regularly check the displays for any indication of changes to settings,
indications that maintenance is due, or that a component within the device has failed.
Shutting Down and Rebooting a Server
e
Shutting Down and While shutting down a server, it is important to protect the integrity of the data stored on it. Rather
Rebooting a Server than just powering down the server computer to be able to add hardware components or perform
ut
other tasks, each NOS has recommended procedures for properly shutting down the operating
system software. Following these procedures can ensure that the server software will reload properly
without data corruption or error messages. In addition, there are many instances where
ib
configuration changes require you to restart or reboot the server for the new parameters to take
effect.
tr
Shutdown and Reboot Procedures
is
The following table describes the shutdown and reboot procedures for some popular NOSs.
NOS Shutdown Routine Reboot Routine
D
Windows Server 2003/2008 1. From the Start menu, 1. From the Start menu,
choose Shut Down. choose Shut Down and,
or
2. Enter a comment in the
Comment text box and
click OK.
from the What Do You
Want The Computer To
Do drop-down list, select
Restart.
e
2. Enter a comment in the
at
Comment text box and

click OK.
lic
Windows Server 2012 • From the command • From the command prompt,
prompt, enter shutdown -s enter shutdown -r
• In Server Manager with • In Server Manager with
up
Local Server selected, from Local Server selected, from

the Tasks menu, select the Tasks menu, select Sign
Sign out then select out then select Restart. In
Shutdown. In the the Comment text box,
D
Comment text box, enter enter information about the

information about the reason for the shutdown,
reason for the shutdown, then select OK
ot
then select OK
UNIX At the command prompt, enter At the command prompt, enter
N
shutdown with the options or shutdown with the options or

arguments needed for the arguments needed for the
version of UNIX you're using. version of UNIX you're using.
o
For instance, to shut down For instance, to reboot a BSD-

immediately on a BSD-based based system, you would enter
D
system, you would enter shutdown -r now

shutdown -h now

NOS Shutdown Routine Reboot Routine

Linux At the command prompt, enter At the command prompt, enter
shutdown with the options or shutdown with the options or
arguments needed for the arguments needed for the
version of Linux you're using. version of Linux you're using.
For instance, to shut down For instance, to reboot
immediately on a Red Hat immediately on a Red Hat
Linux system, you would enter Linux system, you would enter
e
shutdown -h now shutdown -r now
ut
Shutting Down Multiple Servers
While shutting down multiple servers, it is essential to ensure that servers providing least critical
ib
services are shut down first and servers providing most critical services are shut down in the end.
For example, while shutting down the servers in organization's office, administrators may shut down
the file and print servers first and the domain controller (DC) server in the end. While starting
tr
multiple servers, it is essential to start the domain controller first because no network connection
will be possible without the domain controller being powered on. Because shutting down a server
is
affects all services provided by a server, it is essential that the administrators inform all users or
clients about the scheduled shut down.
D
Domain Controllers (DC)
A domain is a Microsoft client/server network model that groups computers together for security
or
and to centralize administration. Computers that are members of a domain have access to a shared
central user account database, which means that an individual can use a single user account to log on
from any computer within the domain. Administration is centralized because you need to create the
user accounts only in the domain, not on each computer. The shared central user account database
e
is stored on specialized servers called domain controllers.
at
A Domain Controller (DC) is a role assigned to a server in a Windows network to respond to user
access requests. The term “domain” refers to a set of computer resources for a group of users in a
Windows Server network. A user needs to use his/her username and password to log in to the
lic
domain and access the resources, which may be located on different servers in the network. It was
standard to configure one DC per domain as the Primary Domain Controller (PDC), and all others
as Backup Domain Controllers (BDCs). The PDC manages the master user database for a domain,
up
effectively combining some of the advantages of a workgroup and a directory. A BDC steps in if the
PDC server fails.
Shutting Down the Attached Components and Peripherals

D
While shutting down an entire network, it is essential to shut down all the client computers and
connected peripherals first and then the server computer. Shutting down the server computer in the
ot
end is essential to ensure that all the services and applications running on the server are terminated
properly before the entire network is shut down.
N
Common Hardware Issues

o
There are some common issues you might encounter when troubleshooting server hardware Common Hardware
components. Issues
D

Hardware Issue Possible Causes and Solutions
Failed POST Possible Causes:

Improperly seated or faulty internal components.
Faulty KVM device.
Improper connections.
Possible Solutions:
e
Visually inspect the internal hardware components and reinstall
them, if required.
ut
Replace the KVM device.
Visually inspect the internal components and their connections,
ib
and replace them.
Overheating of the CPU Possible Causes:
tr
Failure of the CPU cooling system.
is
Inadequate cooling of the CPU.
Possible Solutions:
D
Replace the existing cooling system unit.
Add additional cooling units to prevent the CPU from getting
overheated.
or
Replace failed components such as any fans that are not working
properly.
e
Memory failure Possible Causes:
Mismatched components, which may be due to the installation of
at
incompatible memory installation. For instance, installing a non-

parity memory instead of a ECC memory will result in memory
lic
failure.
Improper insertion of the memory module into the slot.
ESD or other power-related problems.
up
Possible Solutions:
Check for memory compatibility and replace the appropriate
memory module.
D
Visually inspect the memory components and replace any failed

RAM.
ot
Visually inspect the power supply component and its connections,

and replace them.
N
o
D


Onboard component failure Possible Causes:
Improper power supply to the server onboard components.
Overheating of the components due to the lack of adequate
cooling system.
Backplane failure, which may be due to voltage drops, installation
of faulty components, or improper installation of the components
e
on the backplane.
ut
Possible Solutions:
Repair or replace the power supply to provide adequate power to
the onboard components.
ib
Add additional cooling units to prevent the overheating of the
components.
tr
Check the installation of all the components and replace the
backplane, if required.
is
Processor failure Possible Cause:
D
Overheating of the processor.
Possible Solution:
Power supply failure

clean or replace failed devices.
Possible Causes:
or
Add more cooling devices, upgrade to more efficient devices, or
e
Electrical power lines down.
at
UPS failure.
Overload of electrical power needs.
lic
Possible Solutions:
Visually inspect the main power supply source components and
their connections and replace them if they are damaged.
up
Check the power backup source. If the battery has failed, replace
the battery or the power source as appropriate to the power
backup device.
D
Remove the unnecessary components that are not currently in use.

Incorrect boot sequence Possible Causes:
ot
Drive disconnected, damaged, or not recognized by the BIOS.

Incorrect BIOS startup settings.
N
Possible Solutions:
Visually inspect and reconnect drive.
o
Enable drive in CMOS setup utility and check startup settings.

D


Expansion card failure Possible Causes:
Third-party components or incompatible components, which is
not detected by the OS.
Improper installation of the expansion card.
Installation of improper drivers for the expansion card.
e
Possible Solutions:
Replace the card with the appropriate expansion card that is
ut
compatible with system board.
Visually inspect and reconnect expansion card.
ib
Install an appropriate driver for the expansion card.
OS not found Possible Causes:
tr
BIOS does not detect the hard disk.
is
The hard disk is damaged.
Sector 0 of the physical hard disk drive has an incorrect Master
D
Boot Record (MBR).
Possible Solutions:
Verify the BIOS settings and use the recovery console.
or
Repair or replace the hard disk.
Reformat the hard disk.
e
Hard drive failure Possible Causes:
at
Mismatched components, which may be due to the installation of

different size hard disks.
Hard drive is damaged.
lic
Hard drive is not configured for Master or Cable Select as

appropriate to the system.
up
Data cable is not connected or incorrectly connected to the drive.

Possible Solutions:
Ensure that the size of the hard disks is similar.
D
Replace the failed hard drive.

Visually inspect the hard drive and its connections, and connect
ot
them properly.
Visually inspect the cables and connect them properly.
N
I/O failure Possible Cause:

Application settings stored in the registry are damaged.
o
Backplane has failed

Possible Solution:
D
Reinstall the OS.

Replace the backplane.

Master Boot Record

Master Boot Record (MBR) is a small program that is read into memory and is executed after the
BIOS bootup. The MBR tries to locate a bootable partition in the partition table. The boot sector of
the partition is then loaded and executed. The MBR is located in the first sector of the first hard
disk.
Environmental Issues
e
If you can properly control environmental factors, such as temperature, humidity, dust, and power Environmental Issues
surge you can help ensure optimal performance and extend the life of your device. Affecting Server
ut
Hardware
Environmental Factor Description
ib
Temperature Exposure to high temperatures can cause expansion within
computing devices and compromise circuitry. High
temperature can also lead to the failure of cooling systems to
tr
maintain adequate operating temperatures, leading to the
overheating and failure of internal components such as the
is
processor, video processor, and hard drive.
Rapid changes in temperature, such as those seen when
D
transporting a device from one climate to another, could
result in condensation within the device. Devices should be
allowed to come to room temperature before being powered
High humidity
on after a temperature change.
or
Avoid operating in high humidity as condensation within the
device may occur and promote corrosion. All manufacturers
e
specify operating humidity levels. It is important to follow
manufacturer operating procedures/guidelines at all times.
at
Most systems can operate at high humidity without a

problem, as long as there is no condensation (5 to 95 percent
lic
relative humidity, non-condensing).

Be extra cautious as Electro Static Discharge (ESD) is more
likely to occur in low humidity environments.
up
Dust Dust can be a more subtle hazard. Buildup of dust particles

over time can cause problems with different types of
equipment. Dust buildup causes resistance in moving parts,
D
such as fans, drives, and printer motors. Dust buildup on

circuit boards, heat sinks, and vents creates insulation that
reduces heat dissipation. Dusting equipment often can
ot
prevent these types of issues. Make sure that printers and

paper products are kept in a separate area from server
equipment to prevent paper dust from getting into the server
N
equipment.
o
D

Environmental Factor Description

Power surge/power failure The common reasons for power surge include: lightning
strikes, electrical power lines down, overload of electrical
power needs. Use a power protection system such as an
uninterruptible power supply (UPS) or surge suppressor to
protect each server's power supply (and thus the server) from
power failures, brownouts, surges, and spikes. You should
also make sure that the server's power cord is plugged into a
e
properly grounded electrical outlet. (Three-pronged outlets
include grounding; never use an adapter to plug a server's
ut
power cord into a two-pronged electrical outlet.) You can buy
a socket tester (available at hardware stores) to test your
outlets if you suspect that they are not properly grounded.
ib
Air flow Check for proper air flow. Be sure that vent holes on devices
are not blocked by other devices or office equipment. Make
tr
sure that covers are securely fastened to take advantage of the
way the manufacturer expected air to flow in, out, and around
is
the device. Be sure that hot and cold aisles are being used
properly in server rooms.
D
Hardware Tools for Troubleshooting
Hardware Tools for
Troubleshooting used in server maintenance and repair. or
Because of the complexity of server architecture, there are several types of specialty hardware tools
e
at
lic
up
D
ot
N
o
D

Hardware Troubleshooting Tool Description
Compressed air canister A canister with a nozzle that can be aimed at

components to blow dust out. This is often
used when removing dust from the interior of
a server. Be sure to blow the dust away from
the power supply and drives. It can also be
used to blow dust out of the power supply fan
area, from keyboards, and from the ventilation
e
holes on other peripherals.
ut
Use caution when working with compressed
air. Read the instructions on the can and
follow them carefully. Tipping the can too
ib
much, something easy to do when trying to
maneuver the can into place, can cause the
propellant to leave the can in liquid form and
tr
at sub-freezing temperatures. The freezing
could easily damage components, particularly
is
those which may still be hot from use. There
is also the issue of the corrosiveness of the
D
chemical damaging components later on. Also,
some delicate components on the
motherboard can be damaged (literally blown
component.
or
off the board) if used too close to a
If you use compressed air, take the equipment

to a different location, preferably outside, so
e
that the dust does not simply disperse into the
at
air in the work area and settle back on the

server equipment or other devices.
lic
Power supply tester or multimeter An electronic measuring instrument that takes

a wide variety of electronic measurements
including voltage, current, and resistance. A
multimeter also known as a volt/ohm meter,
up
can be a handheld device for field service

work or a bench-top process for in-house
troubleshooting. Multimeters, like voltmeters,
D
come in both analog and digital (DMM or

DVOM) process.
System board tester An electrical instrument that verifies if there is
ot
a proper flow of electrical pulses in a system

board.
N
o
D

Hardware Troubleshooting Tool Description

ESD equipment Some people who work on server equipment
never use a single piece of ESD safety
equipment. They discharge themselves by
touching an unpainted metal part of the server
case before touching any components. In
other instances, the company policy might
require that you use a properly equipped ESD-
e
free work area. The minimum equipment in
this case would be a grounded wrist strap.
ut
Other ESD protection equipment includes leg
straps, anti-static pads to cover the work
ib
surface, and grounded floor mats to stand on.
The mats contain a snap that you connect to
the wrist or leg strap. Anti-static bags for
tr
storing components can also be included in an
ESD toolkit. If the technician’s clothing has
is
the potential to produce static charges, an
ESD smock, which covers from the waist up,
D
can be helpful. To ensure that the ESD
equipment remains effective, you should test it
frequently. A minor shock that you cannot feel
or can compromise the ESD sensitive

equipment.
e
Guidelines for Troubleshooting Hardware Issues
at
Server hardware problems might be anything from a loose cable to a failed internal component.
There are several general questions you should ask the user or yourself when troubleshooting
hardware issues.
lic
• Did the system work before the problem started?

• Did the problem occur while you were making changes to the system?
up
• Is this a new server?

• If it is new, who set it up?
• Have you tried reseating suspected components that might be causing the problem?
• Has the system been powered down or moved recently?
D
• Has hardware been upgraded? If so, were configuration files or BIOS/UEFI settings changed?
ot
N
o
D

ACTIVITY 10-2
Troubleshooting Hardware Issues
Time permitting, you can
Scenario introduce some actual
e
You are assisting with additional help desk tickets. There haven't been any calls in the past few hardware problems if
students are using
ut
minutes, so you are helping with the backlog of hardware issues that have come in today. Some of
the tickets are tier 2 tickets that have been escalated from the tier 1 help desk staff. physical servers then
have students
troubleshoot and resolve
ib
the issues.
1. The server in the finance department shuts itself down shortly after it boots. They have had power
related problems in the past and have even installed a UPS with software monitoring functions.
tr
share their experiences
Because of the past problems, you suspect a power problem. What should you investigate?
with troubleshooting
A: Try disabling the UPS’s monitoring software. If the UPS is disconnected, its battery has failed, or server hardware issues.
is
the communications with it have been lost, the software might be erroneously shutting down the
PC. Try running without the UPS. Perhaps it has failed. Check power cords and test the wall
voltage. Try plugging the PC into a different outlet on a different circuit.
D
2. You are troubleshooting a computer that’s unstable (it hangs, gets BSODs and memory errors,
spontaneously reboots, etc.). The user states that the symptoms have gotten more frequent. What do
you suspect is the problem?
or
A: As the capacitors on a motherboard age, their ability to collect a charge of electricity decreases
while their impedance increases. The capacitors can no longer filter the DC voltages on the
motherboard, so the system becomes unstable. System hangs, BSODs, memory errors,
e
spontaneous reboots are some common symptoms of motherboard failures.
at
3. One person calls in with an email issue. You overhear one of the other help desk staff talking with
another user who is also calling in with an email issue. Looking at the call log, you see that there were
lic
several other recent calls related to this same email issue. Do you think this is coincidence or do you
think you should examine the email server to determine if there is a hardware-based reason for users
not being able to access their email?
A: Depending on what the issue is, it is likely prudent to make sure that the email server is properly
up
configured, that the network connections are good, and that the hardware is performing as it
should.
4. While examining the network traffic, you see that traffic jumps to over 100% on one of the network
D
segments. What is a likely cause and how would you resolve the problem?
A: There is a system with a network card that is beaconing. Isolate the machine to confirm, and if it is
beaconing, replace the network card.
ot
N
o
D

TOPIC C
Troubleshoot Software Issues
You identified the ways to troubleshoot the hardware issues of a server. Apart form hardware issues,
servers also encounter problems related to the software. In this topic, you will describe the various
software issues and troubleshoot them.
e
It would be best if you could install a system, configure it, verify it, and walk away without ever
ut
touching it again. But systems need attention. You need to look at ongoing maintenance tasks as
well as resolve software problems that can, unfortunately, arise. To resolve software issues, you
should have be familiar with the common software problems and also have knowledge on the
ib
software tools used for troubleshooting.
tr
Common Software Issues
is
Common Software There are many software issues you might encounter while working with a server.
Issues
Software Issues Possible Causes and Solutions
D
User unable to logon Possible Causes:
Incorrect password or improper User account Control (UAC)
or
configuration.
Improper values for the Superuser do (SUDO) command
attributes.
e
The system is not configured to a specific domain or work group.
at
Failure of the encryption service on the system.

Possible Solutions:
lic
Enter the correct password or reconfigure the UAC or the

authentication parameters.
Ensure that the correct values are entered for the SUDO
up
command attributes.
Reconfigure the system to the specific domain.
Enable or configure the encryption service properly to provide the
D
key for the encrypted password.

User cannot access resources Possible Causes:
ot
Improper or insufficient permissions to access the resources.

Unavailability or lack of the target system resources.
N
Possible Solutions:
Enable sufficient permissions to the user.
o
Check and make sure that the resources and the sever are
connected to the network.
D
Lesson 10: Troubleshooting Server Issues | Topic C


Memory leak or unintentional Possible Cause:
memory consumption
A bug in an application that prevents the application from
releasing the memory when it is no longer required.
Possible Solution:
Repair / debug the application using appropriate tools or uninstall
and reinstall the application.
e
Blue Screen of Death Possible Causes:
ut
(BSOD) / stop
Corruption of system files.
If the OS detects an unauthorized device software, which are
ib
explicitly not permitted to be installed on systems.
Possible Solutions:
tr
Reinstall the OS.
Remove the unauthorized device software.
is
OS boot failure Possible Cause:
D
Corrupted boot files which may be due to the corruption of
Master File Table (MFT) in the NTFS volumes.
Possible Solution:
Driver issues
Reinstall the OS.
Possible Causes:
or
e
Incompatible driver software installation.
at
Corrupted driver.
Possible Solution:
lic
Install/reinstall the appropriate driver software.

Runaway process Possible Cause:
up
100% usage of the CPU.

Possible Solutions:
Identify the application that has maximum CPU utilization and
D
terminate the application or set a low priority to the application

that utilizes maximum CPU capability.
Cannot mount drive Possible Cause:
ot
Improper system shutdown.

Corrupted files in hard disk.
N
Possible Solutions:
Ensure your system is shut down properly.
o
Repair the corrupted files by using the checkdisk utility.

D


Cannot write to system log Possible Cause:
Complete usage of the event log viewer.
Insufficient permissions or permissions denied to write event logs
which may be due to a particular feature being disabled.
Possible Solutions:
e
Make a backup of the existing log files into another location and
clear the log files in the event log viewer.
ut
Provide sufficient permissions to write event logs by enabling the
particular feature.
ib
Slow OS performance Possible Causes:
Fragmentation of the disk.
tr
Insufficient RAM capacity.
Malware such as Trojans and spyware affecting the system.
is
Possible Solutions:
D
Defragment the disk.
Install the additional RAM modules as per the requirement.
Use an antivirus program and quarantine the virus.
Patch update failure or
Possible Causes:
Application settings stored in the registry are damaged.
e
Enabling the firewall will restrict the user to update the software.
at
Possible Solutions:
Reinstall the application.
lic
Disable the firewall settings (Temporarily as required).

Service failure Possible Causes:
up
A file missing in an application.

Detection of improper or incompatible drivers on the system.
Corrupted file in an application due to malware.
D
Possible Solutions:
Reinstall the application or the missing file.
ot
Ensure that only appropriate or compatible drivers are installed on

the system.
Reinstall the application.
N
o
D


Hangs on shut down Possible Causes:
Misconfigured or corrupted virtual memory.
Non-availability of space in the hard disk to read or write the log
files during the shutdown process.
High CPU utilization.
e
Possible Solutions:
Reconfigure the virtual memory.
ut
Remove unnecessary data from the hard disk.
Kill the applications that utilizes maximum CPU capability.
ib
Users cannot print Possible Causes:
This table is specifically
tr
Failure of print spooler.
about software issues,
Failure of print server driver or services. but remind students that
is
the first thing they
Possible Solutions:
should check is whether
Debug the print spooler. the printer is offline or
D
out of paper.
Reinstall the print server driver.
Unauthorized Software
or
Any software that is not pre-installed in the computer by the system administrator will be considered
unauthorized. Servers and client systems are estimated to operate at optimal conditions such as disk
space and memory capacity. These conditions will be affected if unauthorized software are installed
e
in the computer. Moreover, installation of unauthorized software can introduce malware in the
at
network. So, installation of unauthorized software are suppressed by installation policies.
Virtual Memory
lic
Virtual memory is extra virtual RAM that the OS creates by using a part of your hard drive storage
space. When there is insufficient space in RAM, or when a program is specifically designed to use
virtual memory to improve efficiency, the virtual space created in the hard disk is used as a buffer.
up
sudo
The sudo command, used in UNIX, provides a computer security feature that helps to control
D
system access and system exploits. It prompts the user for the personal password and confirms the
user request to execute a command by checking a file, called sudoers, which the system
administrator configures.
ot
Fragmentation
Fragmentation is a disk condition in which chunks of a file are scattered around the disk as
N
noncontiguous clusters due to frequent creation, deletion, and modification of files. Fragmentation
will lead to inefficient usage of the storage space. This can be corrected using the defragmentation
tool.
o
Print Spooler
D
Print spooler is a program that enables a user to manage current print tasks.
Software Tools for Troubleshooting

There are various software tools used in troubleshooting. Software Tools Used for
Troubleshooting

Software Troubleshooting Description

Tool
Defragmentation tool This is a useful tool on servers where a high number of transactional
operations occur. The file systems can quickly become fragmented,
dragging down the performance of applications running on your
server. To perform a successful defrag, you should really have at least
15% free space left on your disk, so make sure you don't let critical
system or data disks fill up too much or they'll be harder to maintain.
e
Disk property tools Displaying the disk properties for a given disk provides useful
ut
information for troubleshooting systems. This includes the disk usage,
free space, and volume or drive mapping information. Many problems
are related to not having enough free disk space. Information about
ib
the volume name will help users locate their data. If the drive is
mapped from a network resource, and the drive mapping is not
connected, the user will be unable to access the data on the remote
tr
drive.
is
Monitoring tool A software tool that monitors the state of services or daemons,
processes, and resources on a system. The tool tracks one or more
counters, which are individual statistics about the operation of different
D
objects on the system, such as software processes or hardware
components. Some objects can have more than one instance; for
example, a system can have multiple CPUs.
or
When a counter value reaches a given threshold, it indicates that the
object of the counter may be functioning outside acceptable limits.
Many operating systems include basic performance monitor tools, or
e
you can obtain more complex third-party tools, including network
monitors based on the SNMP protocol and remote monitoring
at
systems designed to handle large clusters or server farms.

System logs It records information, warning, or error messages generated by
lic
system components. For example, system log will show you if a driver
or service has failed to load.
It stores the error log in a non-volatile storage device and uses the log
up
data to analyze the causes of recorded errors after the test. The system
logs tool saves error logs and enables error analysis even if a remote
debugging environment is not available.
D
Guidelines for Troubleshooting Software Issues

ot
Server software problems might be anything from a user needing training on how to use the
software to misinstalled or misconfigured software. There are several general questions you should
N
ask the user or yourself when troubleshooting software issues.

• Did the software work before the problem started?
• Did the problem occur while you were making changes to the software?
o
• Is this a new application or operating system?

D

• Have you tried reinstalling the suspected components that might be causing the problem?
• Has software been upgraded? If so, were configuration files or settings changed?
• Are there any release notes or online information about known problems related to the issue?

ACTIVITY 10-3
Troubleshooting Software Issues
If time permits, introduce
Scenario some software issues
e
Today you are filling in for the person on the help desk team who usually handles software related into student servers and
have them resolve the
ut
issues. You haven't done this before, but you feel that your knowledge of troubleshooting in general
and your experience troubleshooting hardware issues should serve you well in answering users issues.
questions. Encourage students to
ib
share their experiences
with troubleshooting
server software issues.
1. A user calls because he cannot log on to the server. What questions would you ask and what are some
tr
likely reasons that he can't log on?
A: Answers will vary, but you might start by asking whether anyone else around him is also having
is
log on issues to help narrow the scope of the problem. You could ask which operating system his
client is running and which server he is attempting to connect to. You could then verify that the
server is up and available using traceroute. You could ask if he has previously successfully logged
D
in to the computer. Verify that the user is using the correct logon name and password. Verify that
the computer is connected to the network either via cable or wirelessly.
or
2. A user calls because the system is hanging when he tries to shut it down. What questions would you
ask and what are some likely reasons that the system is hanging at shut down?
A: Answers will vary, but you might start by asking whether this has happened before. Ask which
operating system he is using. Ask if any changes have recently been made to the system.
e
Determine if there are applications still open that are awaiting his response. Determine if there is
at
enough disk space available to read and write to log files. Determine if a process is still running
that needs to finish before shut down can occur.
lic
up
D
ot
N
o
D

TOPIC D
Troubleshoot Networking Issues
The information in this You described how to troubleshoot software problems. Even if the hardware components and
topic is just scratching software applications are properly installed and maintained, there are chances that you may
the surface on network encounter a few problems related to the network. In this topic, you will troubleshoot network
e
troubleshooting. For problems.
students interested in
ut
more in-depth coverage Network problems can arise from a variety of sources outside your control. As a server technician
of networking and you will need to identify and resolve those problems efficiently. To do that, you will need a strong
network troubleshooting, fundamental understanding of the tools and processes involved in network troubleshooting.
ib
suggest that they take
the CompTIA Network+
course. Common Network Issues
tr
Common Network There are a few issues you might encounter in a network.
is
Issues
Network Issue Possible Causes and Solutions
D
Internet connectivity failure Possible Causes:
Bad cables.
or
Tightly coiled Ethernet cables.
Cables run above fluorescent light fixtures.
Failure of the NIC card.
e
Improper IP configuration.
at
Failure of ISP.
Possible Solutions:
lic
Check cables and connections and check for diagnostic LEDs on the
network adapter. Replace, uncoil, or reposition cables, if necessary.
Replace or reinstall the NIC as necessary.
up
On the IP network, check for a missing or incorrect IP address. If

the address is manually configured, this could be a data entry error;
reconfigure the connection.
D
Contact the ISP and inform them of the problem.

Email failure Possible Causes:
ot
Upon enabling the port security, users will not be able to access the
email port in the server.
N
Failure of the email protocols such as SMTP or POP3. This may be

due to missing files in the protocol.
Misconfiguration of host files, which may be due to incorrect entry
o
of the workgroup name in the configuration.

D
Possible Solutions:
Disable the port security.
Reinstall the necessary protocols.
Reconfigure the host files in your server by entering the correct
work group name.
Lesson 10: Troubleshooting Server Issues | Topic D


Resource unavailable Possible Causes:
Failure of a component in the resource.
Insufficient permissions.
Improper subnetting, which may be due to incorrect entry of IP
addresses during the IP configuration.
e
Possible Solutions:
Check to make sure the network components are in working
ut
condition.
Check to make sure the user has appropriate permissions.
ib
Enter the correct IP addresses and reconfigure the IP address in
your server.
tr
DHCP server misconfigured Possible Cause:
Improper entry of IP address scope in the DHCP configuration.
is
Possible Solution:
D
Reconfigure the DHCP protocol by entering the appropriate IP
address scope.
Non-functional or Possible Causes:
unreachable domain
or
Misconfigured routers or switches due to improper entry in the
routing table or the switching table.
Misconfiguration of DNS or DHCP protocol due to improper IP
e
addresses and its corresponding host name.
at
Possible Solutions:
Reconfigure the routing table and switching table entries of the
lic
routers and switches.

Reconfigure the DNS or DHCP protocol on the system.
Destination host
up
Possible Causes:
unreachable
Incorrect destination IP address.
Bad cables.
D
Failure of the NIC card.

Improper subnetting due to invalid entry of the IP addresses that are
within the subnets, or either the source or destination device has an
ot
incorrect subnet mask.

Possible Solutions:
N
Enter the correct destination IP address.

Visually inspect and replace the cables.
o
Replace the NIC card.

D
Check the TCP/IP configuration and reconfigure the IP addresses

and their subnet masks.


Unknown host Possible Causes:
Devices are configured to use different VLANs.
Invalid value for the host parameter.
Host is not available on the network.
Possible Solutions:
e
Reconfigure the devices under the same VLAN.
ut
Check the host name value.
Check for the availability of the host on the network. If not found,
configure the host to the network.
ib
Default gateway Possible Causes:
misconfigured
tr
The IP address of the gateway is incorrect for the specified route.
Incorrect OS route tables.
is
Possible Solutions:
Change the IP address of the gateway to the correct address.
D
Reconfigure the OS route table.
Failure of service provider Possible Causes:
or
Damaged cables, power failure, or technical issues at the service
providers end.
Possible Solution:
e
Contact the ISP to find out if there are any problems at their end.
at
Implement alternate Internet connectivity options.

Can reach by IP not by host Possible Causes:
lic
name
Misconfiguration of DNS due to improper mapping of the IP
addresses with their host name.
Misconfigured host files due to improper entry of an IP address for
up
the particular host name.

Possible Solutions:
Check the IP configuration settings and verify that the DNS server
D
is running.
Check the hosts file to make sure it does not contain incorrect
ot
entries.
Firewall Misconfiguration
N
Firewall Misconfiguration Wrongly configured firewalls could cause serious problems on the network and can cause potential
hardware and software issues. A misconfigured firewall could block a website that it should not be
blocking ideally. Sometimes, a misconfigured firewall could allow too much of traffic to pass
o
through. The magnitude of the problem could be worse if the server is located in a remote location.
D
A misconfigured firewall could mean that there will be a system downtime until someone fixes the
problem in the physical server.

Networking Tools for Troubleshooting

Network diagnostic tools are applications or utilities that can help you to monitor and test the Network Diagnostic
functionality of a network and its components. There are various diagnostic tools for Tools
troubleshooting network problems.
Network Operating System Description

Diagnostic
Tool
e
ping Windows 2003/2008 A TCP/IP utility that transmits a datagram to
ut
another host. If network connectivity works
Linux/UNIX
properly, the receiving host sends the
datagram back.
ib
ipconfig Windows 2008/2012 A TCP/IP utility that verifies network settings
and connections.
tr
ifconfig Linux/UNIX A TCP/IP utility that displays current
network interface configuration information
is
and enables you to assign an IP address to a
network interface.
D
tracert Windows 2008/2012 A TCP/IP utility determines the route data
takes to get to a particular destination. The
ICMP protocol sends out Time Exceeded
or
messages to each router to trace the route.
Each time a packet is sent, the TTL value is
reduced before the packet is forwarded. This
e
allows TTL to count how many hops it is to
the destination.
at
traceroute Linux/UNIX Performs the same function as that of

tracert.
lic
nslookup Windows 2008/2012 A DNS utility that displays the IP address of a

host name, or the host name of an IP address.
Linux/UNIX
It gets this information by querying the
up
appropriate name server (DNS server) on the

Internet.
netstat Windows 2008/2012 A TCP/IP utility that shows the status of each
D
active network connection. Netstat will

display statistics for both TCP and UDP,
including protocol, local address, foreign
ot
address, and the TCP connection state.

Because UDP is connectionless, no
connection information will be shown for
N
UDP packets.
nbtstat Windows 2008/2012 Used to view and manage NetBIOS over
o
TCP/IP (NetBT) status information. It can

display NetBIOS name tables for both the
D
local computer and remote computers, and

also the NetBIOS name cache. With nbtstat,
you can refresh the NetBIOS name cache as
well as the names registered with the WINS
server.

Network Operating System Description

Diagnostic
Tool
route Windows 2008/2012 Permits manual updating of the routing table.
The route command also distinguishes
between routes to hosts and routes to
networks by interpreting the network address
of the destination variable, which can be
e
specified either by symbolic name or numeric
address.
ut
dig Linux/UNIX
ib
telnet Windows 2008/2012
Linux/UNIX
tr
ftp Windows 2008/2012
Linux/UNIX
is
net use Windows 2008/2012
D
mount Linux/UNIX
Time To Live
or
Time to Live (TTL) is a numeric value that specifies how many hops or passes through routers that a
packet is allowed to make before it reaches its destination. It also specifies a time limit or span in
milliseconds within which a packet has to be delivered at the required destination, failing which the
e
packet is discarded and a message sent to the originator to re-send the particular packet. TTL is
at
specified in the packet header. Every router hop is deducted from the TTL field. When the count
reaches zero, the router detecting it, discards the packet and sends a message to the originating host.
The default TTL value is 30 hops.
lic
Additional Diagnostic Tools

Additional Diagnostic Although it would be impossible to list every diagnostic tool available for every server, here are
up
Tools some additional Linux tools that you might find useful:
• The ps command enables you to view information about running processes.
• The free command enables you to view information about memory availability and usage.
D
• The vmstat command enables you to view statistics related to virtual memory.
• The df command enables you to view information about disk free space.
• The du command enables you to view information about disk usage.
ot
• The lspci command enables you to view a list of installed PCI devices.
• The sysdiag utility enables you to view device information and test devices.
N
• The sysfsutils utility enables you to manage the file system.

• The lsvpd utility enables you to list the vital product data for each device.
o
Guidelines for Troubleshooting Networking Issues

D
Guidelines for Network issues might be anything from a user needing training on how to connect to resources to
Troubleshooting problems with networking components, server misconfiguration, or failed server components.
Networking Issues There are several general questions you should ask the user or yourself when troubleshooting
network issues.
• Were users able to connect to network resources before the problem started?
• Did the problem occur while you were making changes to the network?

• Is this a new network or network segment?

• Has network device firmware or server operating system been upgraded? If so, were
configuration files or settings changed?
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 10-4
Troubleshooting Networking Issues
share their experiences Scenario
e
with troubleshooting You are continuing to assist at the help desk while they are short staffed. Today you got several
networking issues.
ut
network issue related calls to troubleshoot.
ib
If time permits, you can 1.
A user opens a browser window and tries to contact your intranet server. The user receives a message
introduce some network
that it can’t be found. What TCP/IP utilities might you use to diagnose the problem?
problems for students to
tr
troubleshoot. A: Answers will vary. Ping the server by name from a command prompt. If that fails, ping the server’s
IP address. If that’s successful, you know the problem lies with DNS. Otherwise, the problem lies
is
elsewhere. Try pinging another server to test general connectivity from the user’s computer. You
can use IPConfig or ifconfig to ensure that the computer has valid IP addressing information for
the network segment to which it’s connected. If the IP addressing information is incorrect for the
D
computer’s network segment, you can modify it and try to connect to the intranet server again.
2. A user calls to let you know that the volume that is usually mounted on a server to which she connects
or
is unavailable. She can see the server, but the volume she needs to access is not shown. What
questions might you ask her and what utilities might you use to diagnose the problem?
A: Answers will vary. You might start by asking her what operating system the client she is using
runs. You can try accessing the volume yourself from your system. You can try having her remap
e
her connection to the volume. You can use the net use or mount command depending on which
operating system the server is running.
at
3. A user reports that they are receiving a message that they have a duplicate IP address. What might
have caused this to happen?
lic
A: The user might get a duplicate IP address if they assigned themselves a static IP address that is
already in use. Another reason might be that they have a laptop which was closed, but not shut
down, then reopened.
up
D
ot
N
o
D

TOPIC E
Troubleshoot Storage Issues
In the previous topic, you described the various network issues and their solutions. Storage issues This is just an overview
can impact users if their data or network applications are not available due to a lost drive. In this of the security issues
topic, you will describe various storage problems and their resolutions. that administrators might
e
encounter. If students
When there is a storage device problem, you want to be able to track down and identify the source are interested in more
ut
of the problem as quickly as possible. Having a good understanding of how to locate and resolve in-depth coverage of
issues related to a storage devices will get user data and applications available to them as quickly as security, you can
possible. suggest that they take
ib
the CompTIA Security+,
CASP, or another
Common Storage Issues security course.
tr
There are a few common storage issues you may encounter at your workplace. Common Storage Issues
is
Storage Issue Possible Causes and Solutions
D
Slow file access Possible Causes:
Detection of bad sectors in the hard disk.
media.
Possible Solutions:
or
Insufficient space in the hard disk or in any other the storage
e
Delete the unwanted files in the storage device.
at
OS not found Possible Causes:

lic
Failure of the backplane.

Failure of the drive/HBA/media controller. This occurs
because the synchronization in the timing between the
up
controller and the hard disk is unsuccessful.

Detection of corrupted boot sector files or File Allocation
Table (FAT).
D
Possible Solutions:
Replace the backplane
ot
Replace the drive/HBA/media controller.

N
o
D
Lesson 10: Troubleshooting Server Issues | Topic E


Data not available Possible Causes:
Failure of the drive.
Improper connections.
During the array rebuild process, it is not possible to avail
the data because the hard disks are reconfigured and
formatted.
e
Possible Solutions:
ut
Replace the drive.
Visually inspect the connectors and ensure that they are
ib
connected properly.
Unsuccessful backup Possible Causes:
tr
Failure of the storage media.
Improper or loose connections, or faulty cables.
is
Insufficient storage space in the storage media.
D
Usage of incompatible storage medium that is not supported
by the OS.
Possible Solutions:
or
Visually inspect the media and repair or replace the media.
Visually inspect the connectors and cables and ensure that
they are connected properly.
e
Remove the unwanted files in the storage media.
at
Use an appropriate storage medium that is supported by the

OS.
lic
Error light Causes:

Hard drive has physically crashed, most probably due to
RAID controller failure. RAID controller is the circuit that
up
allows the system to communicate with the hard drive.

Improper hard disk installation or improper connections to
the hard disk.
D
Possible Solutions:
Replace the drive in the RAID array.
ot
Visually inspect and reinstall the hard disk properly.

Unable to mount the drive Possible Cause:
N
Improper disk partition.

A mount utility tool mounts volumes on the virtual disk
o
immediately after the tool successfully mounts a VHD file.

Sometimes, the volume arrival notification may be delayed
D
for a long time. In this situation, the mount utility tool stops
the operation and reports an error.
Possible Solution:
Partition the disk properly using the partitioning tools.
A supported hotfix is available from the respective OS
vendor to fix this issue.


Drive not available Possible Causes:
Improper or loose connections.
Failure of backplane or hard drive.
Possible Solutions:
Visually inspect the connectors and cables ensure that they
e
are connected properly.
Replace the backplane or the hard drive.
ut
Cannot access logical drive Possible Causes:
Improper disk RAID configuration.
ib
Mismatched drive, which is due to the improper
configuration of the hard disk specification in the BIOS
tr
setup program.
The drive overlay programs does not get loaded into
is
memory before your server's startup system files.
Possible Solutions:
D
Reconfigure the RAID.
Reconfigure the hard disk specifications in the BIOS setup
program.
or
Check the documentation included with your drive overlay
software, or contact the hard disk manufacturer for
e
information to access the hard disk.
at
Data corruption Possible Causes:

Improper termination of the system, which may be due to
power leakage on the SCSI bus.
lic
Detection of bad sectors.

The data is affected by a virus or malware.
up
Possible Solutions:
Ensure proper termination on the SCSI bus. Use an active
terminator, instead of passive terminator.
D
Reformat the hard disk or defragment the disk.

Use an antivirus software to remove the virus.
ot
Slow I/O performance Possible Causes:

Drive is too full or fragmented.
N
The hard drive controller is too slow.

An incorrect (and slower) cable was used to connect the
o
drive.
Possible Solutions:
D
Delete all unneeded files.

Defragment the drive.
Verify and replace the hard drive cable if necessary.


Restore failure Possible Cause:
Failure of the storage media due to a malware or improper
handling of the backup media.
Incomplete data backup due to faulty settings when taking a
backup.
Possible Solution:
e
Either repair the affected file or perform a data recovery
ut
process to restore the data.
Ensure that the data has been backed up properly using the
right settings and procedure.
ib
Cache failure Possible Causes:
tr
Failure of the cache battery.
Cache functionality turned off.
is
Possible Solutions:
Replace the cache battery.
D
Manually turn on the cache.
Multiple drive failure Possible Cause:
or
Physical damage to more than one drive in an array.
Improper installation of more hard disks.
e
Installation of multiple drivers for a single device.
Possible Solution:
at
Replace the failed drives.

Reinstall the hard drives.
lic
Install an appropriate driver for a device.

up
Storage and Disk Management Tools

Storage and Disk Apart from system logs and monitoring tools, there are a few more types of storage troubleshooting
D
Management Tools tools.
Storage Troubleshooting Description

ot
Tool
Disk Management It is the primary tool you will use to optimize hard disks on your
system by creating, deleting, or formatting partitions to create the
N
most functional disk configuration. For example, you might want to

break a large hard disk into one operating system partition and a data
o
partition; when users search for files or documents, they can limit the
search to the data partition only and save time.
D
Monitoring Monitors storage devices such as storage arrays, tape libraries. The
storage monitoring tool provides a complete view of your storage
environment thereby reducing the downtime with timely detection of
problems. It saves administrative time with effective reporting and
escalations.

Storage Troubleshooting Description

Tool
Partitioning Divides the storage space of the hard disk into discrete partitions.
Upon partitioning the disk, various files and directories are stored in
different partitions. The partitioning tool prepares hard disks for
installing a new operating system.
RAID array management It is used to protect the data in the array disks by controlling the data
access, preventing unauthorized alteration, and securely deleting data
e
when it is no longer required. The array management tool controls the
ut
drives so that they appear as one or more virtual disk drives to the
host operating software.
net use It either connects or disconnects the server from a shared resource, or
ib
allows to view the information about current server connections. This
command also controls persistent network connections.
tr
mount All files accessible in a Unix system are arranged in one big tree. These
files can be spread out over several devices. The command serves to
is
attach the file system found on some device to the big file tree.
Conversely, the umount command will detach it again.
D
Guidelines for Troubleshooting Storage Issues
or
Storage issues might be anything from a user needing training on how to connect to resources to
problems with storage components, server storage misconfiguration, or failed server storage. There
are several general questions you should ask the user or yourself when troubleshooting storage
e
issues.
• Were users able to connect to storage resources before the problem started?
at
• Did the problem occur while you were making changes to the storage device or array?
• Is this a new storage device?
lic

• Has storage device firmware or server operating system been upgraded? If so, were configuration
up
files or settings changed?

D
ot
N
o
D

ACTIVITY 10-5
Troubleshooting Storage Issues
If time permits, introduce
storage device problems Scenario
e
on student systems and Today you are assisting the help desk team. There seem to be several storage related problems
have them resolve the
ut
reported by users. You decide to try to resolve these help desk tickets for the team.
issues.
ib
share their experiences 1. A new technician was helping to install a new SCSI hard disk as a second drive in a Windows server.
regarding Windows doesn't recognize the new drive. What are possible causes for the drive not being
troubleshooting server recognized?
tr
storage issues.
A: Answers might include that the SCSI ID is incorrectly set, that the power cable is not connected,
that the termination is not set correctly, or that active termination was used when passive
is
termination was required (or vice versa).
2. Users are calling to complain that access to files on the file server is slower than normal. Looking at the
D
help desk tickets related to that server, you see that someone has started rebuilding a failed drive array
member. What should you do?
A: Answers will vary. You’ll have to balance the risk of running with a failed drive in your array against
or
the upset of your users over slow performance. You could cancel or pause the rebuild until after
hours. Doing so would speed disk performance. But another drive failure while you wait could
result in data loss or corruption, along with extended downtime as you restore from backup.
e
3. A user calls saying they cannot find their file. They are sure it was stored on the server. How would you
help the user locate their file?
at
A: Answers will vary, but might include the following. Try going to the folder yourself where the user
thinks they saved the file; the permissions might have been changed preventing the user from
lic
seeing the file. Check the Recycle Bin in case it was deleted. If the file is not found, request
permission to access their local drive and see if it was saved locally. If you confirm that the file is
indeed missing, restore it from backup.
up
D
ot
N
o
D

TOPIC F
Troubleshoot Security Issues
In the previous topic, you described the various network issues and their solutions. Storage issues This is just an overview
can impact users if their data or network applications are not available due to a lost drive. In this of the security issues
topic, you will describe various storage problems and their resolutions. that administrators might
e
encounter. If students
When there is a storage device problem, you want to be able to track down and identify the source are interested in more
ut
of the problem as quickly as possible. Having a good understanding of how to locate and resolve in-depth coverage of
issues related to a storage devices will get user data and applications available to them as quickly as security, you can
possible. suggest that they take
ib
the CompTIA Security+,
CASP, or another
Common Security Issues security course.
tr
There are some common security issues to are likely to encounter. Common Security
is
Issues
Security Issues Possible Causes and Solutions
D
Firewall integrity issue Possible causes:
Open ports.
Firewall rules.
Possible solutions: or
Determine which ports need to be opened and which should be
e
closed.
Configure incoming and outgoing firewall rules as appropriate to
at
your organization.
Privilege escalation Possible causes:
lic
Programming error enables local or remote users to have

unauthorized access privileges.
up
Being a member of a group that receives escalated privileges.

Possible solutions:
Remove the flawed application or apply fixes from the
D
programmer to close the hole through which attacks can be made

Verify that only those users who require elevated privileges are
included in group policies that provide elevated privleges..
ot
Application will not load Possible causes:

N
Anti-malware configuration identifies the application as a threat.

Misconfigured permissions configured for the user to the
application.
o
Possible solutions:
D
Reconfigure the anti-malware to allow the user to load the

application if it is safe; otherwise, advise the user why the
application is not allowed to load.
Configure permissions appropriately for the user to be able to
open the application if appropriate; if the user should not be able
to open the application, explain why to the user.
Lesson 10: Troubleshooting Server Issues | Topic F

Security Issues Possible Causes and Solutions

Can't access network file/ Possible causes:
shares
Improperly configured intrusion detection configurations
Inactive services on the server.
Possible solutions:
Reconfigure the IDS appropriately.
e
Make required services active on the server to allow access to
network files and shares.
ut
Unable to open files Possible causes:
Virus infection of the files.
ib
Local or group policies prevent access to the files.
tr
Possible solutions:
Clean any infected files, or remove the infected files and replace
is
with known good copies from backup.
Change policy settings to allow access to the files, bring client into
D
compliance with policy settings, or explain to user why they are
not allowed to open the files, whichever is appropriate to the
situation.
Excessive access
or
Possible causes:
Misconfigured permissions
Rogue processes or services.
e
Local or group policy membership.
at
Possible solutions:
Configure user permissions with the minimum permissions
lic
required.
Remove rogue processes or services from the server. Establish
firewall rules and IDS to prevent rogue processes or services from
up
being available to users.

Change local or group policy membership if appropriate.
D
Excessive memory utilization Possible causes:

Virus infection.
Rogue processes or services.
ot
Possible solutions:
Clean the server and clients of any infected files.
N
Remove rogue processes or services from the server and take

measures to prevent them from being activated.
o
D
Security Tools
Security Tools There are various tools that can help you identify, locate, and resolve security issues.

Security Tool Description
Port scanners A port scanner is a type of software that searches a network host or a range
of IP addresses for open TCP and UDP ports. A port scanner looks for
open ports on the target system and gathers information including whether
the port is open or closed, what services are running on that port, and any
available information about the operating system. Administrators can use a
port scanner to determine what services are running on the network and
potential areas that are vulnerable. A port scanning attack occurs when an
e
attacker scans your systems to see which ports are listening in an attempt to
find a way to gain unauthorized access.
ut
NMAP is a widely available open source port scanner. It can rapidly scan a
single host or an entire network. It can determine what hosts are available
ib
on a network, what services are offered, what types of operating systems are
being used, what types of firewalls are being used, and numerous other
characteristics of the target.
tr
There are many utilities available that potential attackers can use to scan
is
ports on networks, including NMAP, SuperScan, and Strobe. Many utilities
can be downloaded for free from the Internet. Performing port scanning
attacks is often the first step an attacker takes to identify live systems and
D
open ports to launch further attacks with other tools.
Sniffers A network analyzer, also known as a packet or protocol analyzer, or a packet
or
sniffer, is a software or hardware management tool that integrates diagnostic
and reporting capabilities to provide a comprehensive view of an
organization's network. As data flows across a network, the analyzer can
monitor the packet flow by intercepting it, logging it, and analyzing the
e
information according to baseline specifications.
at
Basic network analyzers enable a technician to analyze network traffic on a

LAN or DSL connection. Network analyzers also have the ability to provide
an administrator with an overview of systems and reports from one location
lic
on the network. Full-featured network analyzers offer a variety of

monitoring, analyzing, and reporting functions. A network analyzer can be
used during troubleshooting to locate problems, but it can also be used as a
up
long-term network monitoring solution or for packet flow monitoring.

Wireshark and Microsoft Network Monitor are software that can analyze
networks.
D
Similar to a packet sniffer, a network sniffer can identify and capture data
packets on a network, record and analyze traffic, and identify open ports on
the network. They can possibly analyze data packets from different
ot
protocols and identify data vulnerabilities on the network.

You can measure the throughput, or goodput, of a network using various
tools available on different operating systems. One of the methods will be
N
to measure maximum data throughput in bits per second of network access

or a communication link. Another method of measuring the network
performance is to transfer a “large” file from one system to another and
o
calculate the time required to complete the transfer the file or copy it. The
D
throughput can be determined by dividing the file size by the total time and
expressed as megabits, kilobits or bits per second.


Cipher.exe The Windows cipher.exe command line tool can be used to encrypt or
decrypt data on NTFS drive. In addition, you can overwrite files to securely
delete data. While a file is being encrypted, Windows creates a backup of the
file in case anything goes wrong during the encryption process; the file is
deleted after the file is successfully encrypted, but data recovery tools can
still recover the deleted file. Using the /w option with cipher.exe enables
you to overwrite the deleted file so that it cannot be recovered.
e
Checksums A value to let the receiver test the integrity of received data.
ut
Telnet client Telecommunications Network (Telnet) is a terminal emulation protocol that
enables users at one site to simulate a session on a remote host as if the
ib
terminal were directly attached. It performs this simulation by translating
keystrokes from the user's terminal into instructions that the remote host
recognizes, and then carrying the output back and displaying it in a format
tr
native to the user's terminal. Telnet operates at the Application layer (Layer
7) of the OSI model and the Application layer of the TCP/IP model. It uses
is
port 23 and runs on TCP.
You can connect to any host that is running a Telnet daemon or service.
D
Connection-oriented, Telnet handles its own session negotiations and assists
network administrators in remote administration such as connecting to a
remote server or to a service such as FTP. However, it is not considered a
or
secure protocol, since it transmits in cleartext.
Many systems, such as a UNIX host or an IBM mainframe running
TCP/IP, include Telnet daemons. There is also a Telnet server service in
older versions of Windows, such as Windows XP and Windows Server
e
2003. Telnet is not installed by default in Windows Server 2012 R2.
at
Microsoft provides directions for installing Telnet; you can view them by
visiting the URL: http:// technet.microsoft.com/en-us/library/
cc770501(WS.10).aspx.
lic
Windows includes a basic Telnet client utility. It is installed when you install
TCP/IP on your Windows system. It includes VT100, VT52, and TTY
terminal emulation. It does not include the Telnet daemon or service, but
up
the Telnet service can be enabled on Windows Server computers.

Telnet is defined in RFC 854, and uses the following defaults:
• Uses TCP Port 23; however, you can specify a different port if the host
D
to which you are connecting is configured to use a different port.

• Uses 25 lines in the buffer, but you can configure it for up to 399 lines.
• Uses Video Terminal 100 (VT100) as the default terminal emulation, but
ot
some versions allow you to configure your system with VT220, VT52,
and TeleTYpe (TTY) terminal emulation support.
N
Note: Telnet is a notoriously insecure tool, but it can be a great tool

for testing email servers. It should be blocked by default and only
unblocked when you need to use it for troubleshooting.
o
D


Anti-malware Anti-malware software is a category of protective software that scans
computers and sometimes networks for known viruses, Trojans, worms,
and other malicious programs. Some anti-malware programs attempt to scan
for unknown harmful software. It is advisable to install anti-malware
software on all computers, and keep it updated according to your
organization's patch management policy. In addition to detection, most anti-
malware software is capable of logging scan and detection information.
e
These logs should be monitored to make sure that scans are taking place
and ensure that infections are reported properly.
ut
Anti-malware can be host-based where the application runs on the host
system and only protects that system. That system also needs to downloads
ib
its own updates. Server-based and cloud-based anti-malware can manage
anti-malware applications installed on other hosts and provide the updates
to them. In some cases they can also run scans on the other hosts. Network-
tr
based anti-malware scans traffic entering and leaving the network for
malware.
is
Anti-malware software vendors maintain and update the libraries of virus
definitions and malware signatures; the customer must periodically update
D
the definitions on all systems where the software is installed. Most vendors
provide an automatic update service that enables customers to obtain and
distribute current virus definitions on a schedule. Periodically,
or
administrators should manually check to verify that the updates are current.
When there is a known active threat, administrators should also manually
update definitions.
e
Some vendors offer enterprise malware suites that include malware
protection for all systems in a company, automatic updating, and the ability
at
to download and distribute updates from a central server. Distributing the

updates from a local server instead of obtaining them directly from the
vendor enables the administrator to review and verify virus definitions
lic
before they are deployed.

Because almost all computer systems today are connected to the Internet,
email is a source of serious virus threats. Companies can implement Internet
up
email virus protection by:

• Screening the Internet gateway computers for viruses.
• Employing reliable desktop antivirus software.
D
• Scanning incoming email between the Internet and the email server.
• Scanning email again at the system-level.
ot
• If a virus attack is detected, disabling all Internet connections and

isolating affected systems.
N
Guidelines for Troubleshooting Security Issues

o
Security issues are of great concern to any network user, administrator, and the organization's
D
management team. There are several general questions you should ask the user or yourself when
troubleshooting security issues.
• When was the security issue first noticed?
• Did the problem occur while you were making changes to the network?
• What is the scope of the security issue? How many users, servers, or resources are affected?
• Can you locate the source of the problem within your network or is it outside of your network?

• What steps are being taken to resolve the issue?

• Has anti-malware and anti-spyware software been deployed on all systems and is it up-to-date?
• Are the firewall settings correctly configured?
• Are local and group policies configured so that only appropriate users and systems are allowed to
connect to the network?
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D

ACTIVITY 10-6
Troubleshooting Security Issues
Scenario share their experiences
e
In helping out on the help desk today, you had to resolve some security issues. with troubleshooting
security issues.
ut
1. It has been discovered that a user in the sales department is able to access resources in the finance
ib
department. It is suspected that the user is disgruntled and may be trying to find sensitive information.
What troubleshooting steps would you take?
A: Answers will vary, but may include: check the user's group membership to verify that they don't
tr
have this kind of access, implement tighter group security to limit the user's access, monitor and
audit the user's network activity, if the user is using another account then lock down that account
is
or simply change the password. They are actually a malicious user then HR or a manager will
need to be notified so that they can determine what steps to take with the user.
D
2. It is suspected that a workstation has malware running on it. What troubleshooting steps would you
take?
A: Answers will vary, but may include: run anti-malware scans with latest definitions on workstation to
or
see if it will detect malware, run scans with different tools to see if they can detect malware,
remove malware using anti-malware tool or recommended steps, apply a previous restore point,
wipe the workstation and reinstall the OS.
e
3. Log files show that someone has attempted to log in with the wrong password many times on several
user accounts. What steps should be taken?
at
A: Answers will vary. Add firewall rules to block the IP address of the user attempting to log in with
the wrong passwords. Determine whether it was someone from within the organization who simply
lic
forgot their password, or if it is someone attempting to breach the network. Configure the server to
lock the account after 3 to 5 failed login attempts.
up
D
ot
N
o
D

Summary
In this module, you learned about various issues that you might encounter while working with
servers and the ways to fix them. Knowledge to isolate and troubleshoot the problem will enable
you to provide a speedy solution for issues you encounter.
use the social In your server environment, what are the most common issues that you have been called on to
e
networking tools troubleshoot? Were you able to resolve the issue, or did you need to call in outside assistance? After
provided on the completing this course, do you feel more prepared to resolve server issues?
ut
LogicalCHOICE Home A: Answers will vary. Depending on your server environment, your experience, and the experience of the
rest of the IT team, you might or might not be able to resolve issues yourselves, or you might need to
call in vendor support.
ib
course is completed for
further discussion and What troubleshooting tools do you use most often when troubleshooting server issues?
tr
continued learning. A: Answers will vary, but might include hardware tools such as compressed air or a multimeter; softwrare
tools such as system logs; monitoring tools such as Performance Monitor; network diagnostic tools
is
such as ping, ipconfig; storage tools such as array management or disk management utilities.
D
or
e
at
lic
up
D
ot
N
o
D
Lesson 10: Troubleshooting Server Issues |

A Mapping Course Content
e
to the CompTIA Server+
ut
Exam (SK0-004)
ib
tr
Obtaining CompTIA® Server+® certification requires candidates to pass exam SK0-004.
is
This table describes where the objectives for exam SK0-004 are covered in this course.
Domain and Objective Covered In
D
Domain 1.0 Server Architecture
1.1 Explain the purpose and function of
server form factors.
• Rack mount
• Dimensions
or Lesson 2, Topic A
e
• 1U, 2U, 4U
at
• Cable management arms

• Rail kits
lic
• Tower Lesson 2, Topic A
• Blade technology Lesson 2, Topic A

up
• Blade enclosure
• Backplane/Midplane
• Power supply sockets
D
• Network modules/switches
• Management modules
• Blade server
ot
1.2 Given a scenario, install, configure and

maintain server components.
N
• CPU Lesson 1, Topic A

• Multiprocessor vs multicore
o
• Socket type
• Cache levels: L1, L2, L3
D
• Speeds - Core, bus, multiplier

• CPU stepping
• Architecture: x86, x64, ARM
• RAM Lesson 1, Topic A

• ECC vs non-ECC
• DDR2, DDR3
• Number of pins
• Static vs dynamic
• Module placement
e
• CAS latecncy
• Timing
ut
• Memory pairing
Lesson 1, Topic A
ib
• Bus types, bus channels, and expansion
slots
• Height differences and bit rate
tr
differences
• PCI
is
• PCIe
• PCI-X
D
• NICs Lesson 1, Topic A
• Hard drives Lesson 1, Topic A
• Riser cards
• RAID controllers
or Lesson 1, Topic A
Lesson 1, Topic A
e
• BIOS-UEFI Lesson 1, Topic A
at
• CMOS battery Lesson 2, Topic B

lic
• Firmware Lesson 2, Topic B
• USB interface/port Lesson 1, Topic A

up
• Hotswap vs non-hotswap components Lesson 1, Topic A

1.3 Compare and contrast power and cooling
components.
D
• Power Lesson 1, Topic B

• Voltage
ot
• 110v vs. 220v vs. -48v

• 208v vs. 440v/460v/480v
• Wattage
N
• Consumption
• Redundancy
o
• 1-phase vs. 3-phase power

• Plug types
D
• NEMA
• Edison
• Twist lock
Appendix A : Mapping Course Content to the CompTIA Server+ Exam (SK0-004) |

• Cooling Lesson 1, Topic C

• Airflow
• Thermal dissipation
• Baffles/shrouds
• Fans
• Liquid cooling
e
ut
2.0 Server Administration
ib
2.1 Install and configure server operating
systems.
tr
• Determine server role/purpose Lesson 4, Topic B
Lesson 2, Topic B
is
• Update firmware
• BIOS/UEFI configuration Lesson 2, Topic B
D
• Boot order
• Disk preparation Lesson 2, Topic B
• RAID setup
• Partitioning
• Formatting
Lesson 7, Topic D
or
e
• File system type
at
• ext2, 3, 4
• NTFS
• FAT32
lic
• ReiserFS
• UFS
• VMFS
up
• ZFS
• Swap
Lesson 5, Topic A
D
• Configure host name

• Local account setup Lesson 5, Topic A
ot
• Connect to network Lesson 5, Topic A
• Join domain/directory Lesson 5, Topic A

N
• Address security concerns Lesson 6, Topic A

• Patching
o
• OS hardening
D
• Compliance to company procedures/

standards
• Enable services Lesson 5, Topic C
• Install features/roles/applications/drivers Lesson 5, Topic B

• Performance baseline Lesson 6, Topic D

• Server optimization
• Swap or pagefile optimization
• Unattended/remote installations Lesson 2, Topic D
• Deploying images and cloning
e
• Scripted installs
• PXE boot
ut
• TFTP
2.2 Compare and contrast server roles and
ib
requirements for each.
• Web server Lesson 2, Topic B
tr
• Application server Lesson 5, Topic B
is
• Directory server Lesson 5, Topic B
D
• Database server Lesson 5, Topic B
• File server Lesson 5, Topic B
• Print server
• Messaging server
or Lesson 5, Topic B
Lesson 5, Topic B
e
• Mail server Lesson 5, Topic B
at
• Routing and remote access server Lesson 5, Topic B
• Network services server Lesson 5, Topic B

lic
• DHCP
• DNS/WINS
• NTP
up
2.3 Given a scenario, use access and control

methods to administer a server.
D
• Local hardware administration Lesson 6, Topic B

• KVM
ot
• Serial
• Virtual Administration console
N
• Network-based hardware administration Lesson 6, Topic B

• KVM over IP
• ILO
o
• iDRAC
D
• Network based operating system Lesson 6, Topic B

administration
• RDP
• SSH
• VNC
• Command line/shell


2.4 Given a scenario, performs proper server
maintenance techniques.
• Change management Lesson 6, Topic A
• Patch management Lesson 6, Topic A

• Operating system updates
e
• Application updates
• Security software updates
ut
• Firmware updates
• Device drivers updates
ib
• Compatibility lists
• Operating systems
tr
• Hardware
• Applications
is
• Testing and validation
• Outages & Service Level Agreements Lesson 6, Topic C
D
• Scheduled downtime
• Unscheduled downtime
• Impact analysis
• Client notification
• MTTR
or
e
• Performance monitoring Lesson 6, Topic D
• CPU utilization
at
• Memory utilization
• Network utilization
lic
• Disk utilization
• Disk IOPS
• Storage capacity
up
• Comparison against performance baseline

• Processes and services monitoring
• Log monitoring
D
ot
N
o
D

• Hardware maintenance Lesson 10, Topic B

• Check system health indicators
• LEDs
• Error codes
• Beep codes
• LCD messages
e
• Replace failed components
ut
• Fans
• Hard drives
• RAM
ib
• Backplanes
• Batteries
tr
• Preventative maintenance
• Clearing dust
is
• Check proper air flow
D
• Fault tolerance and high availability Lesson 9, Topic C
techniques
• Clustering
• Active/active
• Active/passive
• Load balancing
or
e
• Round robin
at
• Heartbeat
2.5 Explain the importance of asset management
lic
and documentation.
• Asset management Lesson 1, Topic D
• Licensing
up
• Labeling
• Warranty
• Life cycle management
D
• Procurement
• Usage
ot
• End of life
• Disposal/recycling
• Inventory
N
• Make
• Model
o
• Serial number
D

• Documentation Lesson 9, Topic B

• Service manuals
• Network diagrams
• Architecture diagrams Lesson 6, Topic C; Lesson 9, Topic B
• Dataflow diagrams
• Recovery documentation
e
• Baseline documentation
• Change management policies
ut
• Secure storage of sensitive documentation Lesson 9, Topic B
ib
2.6 Explain the purpose and operation of
virtualization components.
tr
• Hosts and guests Lesson 4, Topic A
Lesson 4, Topic A
is
• Management interface for virtual machines
• Hypervisor Lesson 4, Topic A
D
• Type I
• Type II
• Hybrid
• Hardware compatibility list
• BIOS/UEFI compatibility and support
or
Lesson 4, Topic A
e
• CPU compatibility support
• AMD-V/Intel VT
at
• Resource allocation between Guest and Host Lesson 4, Topic A

lic
• CPU
• Storage
• Memory
up
• Network connectivity
• Direct Access (bridging) vs. NAT
• Virtual NICs
D
• Virtual switches
• Video
ot
Domain and Objectives Covered In
3.0 Storage
N
3.1 Given a scenario, install and deploy primary

storage devices based on given specifications
o
and interfaces.
D

• Disk specifications Lesson 7, Topic B

• RPM
• Dimensions/form factor
• Capacity
• Bus width
• IOPS
e
• Seek time and latency
• Hotswap vs. non-hotswap components
ut
• Interfaces Lesson 7, Topic B
ib
• SAS
• SATA
• SCSI
tr
• USB
• Fiber Channel
is
• Hard drive vs. SSD Lesson 7, Topic B
D
3.2 Given a scenario, configure RAID using best
practices.
• 0
• 1
or
• RAID levels and performance considerations Lesson 7, Topic D
e
• 5
• 6
at
• 10
• Software vs hardware RAID Lesson 7, Topic D
lic
• Performance considerations
• Configuration specifications Lesson 7, Topic D
up
• Capacity
• Bus types
• Drive RPM
D
• Hotswap support and ramifications Lesson 7, Topic D

ot
• Hot spare vs. cold spare Lesson 7, Topic D
• Array controller Lesson 7, Topic D

N
• Memory
• Battery backed cache
• Redundant controller
o
3.3 Summarize hardware and features of various

D
storage technologies.
• DAS Lesson 7, Topic C
• NAS Lesson 7, Topic C

• iSCSI
• FCoE

• SAN Lesson 7, Topic C

• Fiber Channel
• LUN & LUN masking
• HBAs and fabric switches
• JBOD Lesson 7, Topic C
e
• Tape Lesson 7, Topic C
ut
• Drive
• Libraries
ib
• Optical drive Lesson 7, Topic C
• Flash, compact flash, and USB drive Lesson 7, Topic C
tr
3.4 Given a scenario, calculate appropriate
storage capacity and plan for future growth.
is
• Base 1.0 vs. Base2 disk size calculation (1000 Lesson 7, Topic A
D
vs. 1024)
• Disk quotas Lesson 7, Topic A
• Compression
• Capacity planning considerations
• Operating system growth
or
Lesson 7, Topic A
Lesson 7, Topic A
e
• Patches
at
• Service packs
• Log files
lic
• Temporary directories
• Databases
• Application servers
up
• File servers
• Archival
D
4.0 Security
ot
4.1 Compare and contrast physical security

methods and concepts.
N
• Multifactor authentication Lesson 8, Topic G

• Something you have
• Something you know
o
• Something you are

D

• Security concepts Lesson 8, Topic G

• Mantrap
• RFID chip
• ID card
• Biometrics
• Keypad
e
• Access list
• Security guard
ut
• Security camera
• Keys and locks
ib
• Cabinet
• Rack mount
tr
• Server
• Safe
is
4.2 Given a scenario, apply server hardening
techniques.
D
• OS hardening Lesson 8, Topic F
• Stopping unneeded services/ closing Lesson 8, Topic F

unneeded ports
• Install only required software or
• Install latest operating system patches
e
• Application hardening Lesson 8, Topic F
at
• Install latest patches

• Disabling unneeded services/roles/
lic
features
• Endpoint security Lesson 8, Topic F
up
• HIDS
• Anti-malware
• Remediate security issues based on a Lesson 8, Topic F
D
vulnerability scan
• Hardware hardening Lesson 8, Topic F
ot
• Disabling unneeded hardware and Lesson 2, Topic B

physical ports/devices
• BIOS password
N
• Disable WOL (wake on LAN)

• Setup boot order
o
• Chassis locks/intrusion detection

D
4.3 Explain basic network security systems and

protocols.
• Firewall Lesson 8, Topic A
• Network based
• Host based

• Port security/802.1x/NAC Lesson 8, Topic A
• Router access list Lesson 8, Topic A
• NIDS Lesson 8, Topic C
• Authentication protocols Lesson 8, Topic B
e
• LDAP
• RADIUS
ut
• TACACS
• TACACS+
ib
• PKI Lesson 8, Topic E
• Private key
tr
• Public key
• Certificate authority
is
• SSL/TLS
• VPN Lesson 8, Topic H
D
• IPSEC Lesson 8, Topic B
• VLAN
• Security zones
• DMZ
or
Lesson 8, Topic H
Lesson 8, Topic A
e
• Public and private
at
• Intranet and extranet

4.4 Implement logical access control methods
lic
based on company policy.

• Access control lists Lesson 8, Topic D
• Users
up
• Groups
• Roles
• Resources
D
• File system
• Network ACLs
ot
• Peripheral devices
• Administrative rights
• Distribution lists
N
• Permissions Lesson 8, Topic D

o
• Read
• Write/Modify
D
• Execute
• Delete
• Full control/Superuser
• File vs. share
4.5 Implement data security methods and secure
storage disposal techniques.

• Storage encryption Lesson 8, Topic E

• File level encryption
• Disk encryption
• Tape encryption
• Storage media Lesson 8, Topic E
e
• Soft wipe
• File deletion
ut
• Hard wipe
• Zero out all sectors
ib
• Physical destruction
• Remote wipe
tr
4.6 Given a scenario, implement proper
environmental controls and techniques.
is
• Power concepts and best practices Lesson 9, Topic A
D
• UPS
• Runtime vs capacity
• Automated graceful shutdown of
attached devices
• Period testing of batteries
• Maximum load
or
e
• Bypass procedures
• Remote management
at
• PDU
• Connect redundant rack PDUs to
lic
separate circuits
• Capacity planning
• PDU ratings
up
• UPS ratings
• Total potential power draw
• Multiple circuits
D
• Connect redundant power supplies to

separate PDUs
Lesson 9, Topic A
ot
• Safety
• ESD procedures
• Fire suppression
N
• Proper lifting techniques

• Rack stability
o
• Floor load limitations

• Sharp edges and pinch points
D

• HVAC Lesson 9, Topic A

• Room and rack temperature and humidity
• Monitoring and alert notifications
• Air flow
• Rack filler/baffle/blanking panels
• Hot aisle and cold aisle
e
ut
5.0 Networking
ib
5.1 Given a scenario, configure servers to use IP
addressing and network infrastructure services.
tr
• IPv4 vs. IPv6 Lesson 3, Topic C
is
• Default gateway Lesson 3, Topic C
• CIDR notation and subnetting Lesson 3, Topic C
D
• Public and private IP addressing Lesson 3, Topic C
• Static IP assignment vs DHCP

• DNS
• FQDN
or
Lesson 3, Topic C
Lesson 3, Topic C
e
• Default domain suffix/search domain
at
• WINS Lesson 5, Topic C
• NetBIOS Lesson 5, Topic C

lic
• NAT/PAT Lesson 5, Topic C

Lesson 3, Topic B
up
• Mac addresses
• Network interface card configuration Lesson 3, Topic B
• NIC teaming
D
• Duplexing
• Full
ot
• Half
• Speeds
• 10/100/1000 Mbps
N
• 10 Gbps
5.2 Compare and contrast various ports and
o
protocols.
D
• TCP vs. UDP Lesson 5, Topic C
• SNMP 161 Lesson 5, Topic C
• SMTP 25 Lesson 5, Topic C
• FTP 20/21 Lesson 5, Topic C

• SFTP 22 Lesson 5, Topic C
• SSH 22 Lesson 5, Topic C
• SCP 22 Lesson 5, Topic C
• NTP 123 Lesson 5, Topic C
e
• HTTP 80 Lesson 5, Topic C
ut
• HTPS 443 Lesson 5, Topic C
• TELNET 23 Lesson 5, Topic C
ib
• IMAP 143 Lesson 5, Topic C
tr
• POP3 110 Lesson 5, Topic C
• RDP 3389 Lesson 5, Topic C
is
• FTPS 989/990 Lesson 5, Topic C
D
• LDAP 389/3268 Lesson 5, Topic C
• DNS 53 Lesson 5, Topic C
• DHCP 68
5.3 Given a scenario, install cables and
or Lesson 5, Topic C
e
implement proper cable management
procedures.
at
• Copper Lesson 3, Topic A

• Patch cables
lic
• Crossover
• Straight through
up
• Rollover
• CAT5
• CAT5e
• CAT6
D
• Fiber Lesson 3, Topic A

• Singlemode
ot
• Multimode
• Connectors Lesson 3, Topic A
N
• ST
• LC
o
• SC
• SFP
D
• RJ-45
• RJ-11

• Cable placement and routing Lesson 3, Topic A

• Cable channels
• Cable management trays
• Vertical
• Horizontal
• Bend radius
e
• Labeling Lesson 3, Topic A
ut
• Cable ties Lesson 3, Topic A
ib
tr
6.0 Disaster Recovery
6.1 Explain the importance of disaster recovery
is
principles.
• Site types Lesson 9, Topic C
D
• Hot site
• Cold site
• Warm site
• Replication methods
• Disk to disk
or
Lesson 9, Topic C
e
• Server to server
at
• Site to site
• Continuity of Operations Lesson 9, Topic C
lic
• Disaster recovery plan

• Business continuity plan
• Business impact analysis
up
• Who is affected
• What is affected
• Severity of impact
D
6.2 Given a scenario, implement appropriate

backup techniques.
ot
• Methodology Lesson 9, Topic C

• Full/Normal
N
• Copy
• Incremental
• Differential
o
• Snapshot
D
• Selective
• Bare metal
• Open file
• Data vs OS restore

• Backup media Lesson 9, Topic C

• Linear access
• Tape
• Random access
• Disk
• Removable media
e
• Optical media
ut
• Media and restore best practices Lesson 9, Topic C
• Labeling
ib
• Integrity verification
• Test restorability
tr
• Tape rotation and retention
• Media storage location Lesson 9, Topic C
is
• Offsite
• Onsite
D
• Security considerations
• Environmental considerations
7.0 Troubleshooting
or
e
7.1 Explain troubleshooting theory and
at
methodologies
• Identify the problem and determine the Lesson 10, Topic A
lic
scope
• Question users/stakeholders and identify
changes to the server/ enviroment
up
• Collect additional documentation/logs

• If possible, replicate the problem as
appropriate
D
• If possible, perform backups before

making changes
• Establish a theory of probable cause Lesson 10, Topic A
ot
(question the obvious)

• Determine whether there is a common
N
element of symptom causing multiple

problems
o
• Test the theory to determine cause Lesson 10, Topic A

• Once theory is confirmed, determine next
D
steps to resolve problem

• If theory is not confirmed, establish new
theory or escalate
• Establish a plan of action to resolve the Lesson 10, Topic A
problem and notify impacted users

Implement the solution or escalate as Lesson 10, Topic A

appropriate
• Make one change at a time and test/confirm
the change has resolved the problem
• If the problem is not resolved, reverse the
change if appropriate and implement new
change
e
• Verify full system functionality and if Lesson 10, Topic A
ut
iapplicable implement preventative measures
• Perform a root cause analysis Lesson 10, Topic A
ib
• Document findings, actions, and outcomes Lesson 10, Topic A
throughout the process
tr
7.2 Given a scenario, effectively troubleshoot
is
hardware problems, selecting the appropriate
tools and methods.
D
• Common problems Lesson 10, Topic B
• Failed POST
• Overheating
• Memory failure
• Onboard component failure
• Processor failure
or
e
• Incorrect boot sequence
at
• Expansion card failures

• Operating system not found
• Drive failure
lic
• Power supply failure

• I/O failure
up
• Cause of common problems Lesson 10, Topic B

• Third party components or incompatible
components
D
• Incompatible or incorrect BIOS

• Cooling failure
• Mismatched components
ot
• Backplane failure
• Environmental issues Lesson 10, Topic B
N
• Dust
• Humidity
o
• Temperature
• Power surge/failure
D
• Hardware tools Lesson 10, Topic B

• Power supply tester (multimeter)
• Hardware diagnostics
• Compressed air
• ESD equipment


software problems, selecting the appropriate
tools and methods
• Common problems Lesson 10, Topic C
• User unable to log on
• User cannot access resources
e
• Memory leak
ut
• BSOD/stop
• OS boot failure
• Driver issues
ib
• Runaway process
• Cannot mount drive
tr
• Cannot write to system log
• Slow OS performance
is
• Patch update failure
• Service failure
D
• Hangs/no shutdown
• Users cannot print
Lesson 10, Topic C
• Cause of common problems
• User Account Control (UAC/SUDO)
• Corrupted files
• Lack of hard drive space
or
e
• Lack of system resources
at
• Virtual memory (misconfigured, corrupt)

• Fragmentation
• Print server drivers/services
lic
• Print spooler
• Software Tools Lesson 10, Topic C
up
• System logs
• Monitoring tools
• Resource monitor
D
• Performance monitor
• Defragmentation tools
ot
• Disk property tools

• Usage
• Free space
N
• Volume or drive mapping

7.4 Given a scenario, effectively diagnose
o
network problems, selecting the appropriate

tools and methods.
D

• Common problems Lesson 10, Topic D

• Internet connectivity failure
• Email failure
• Resource unavailable
• DHCP server misconfigured
• Non-functional or unreachable
e
• Destination host unreachable
• Unknown host
ut
• Default gateway misconfigured
• Failure of service provider
ib
• Cannot reach by host name/FQDN
• Cause of common problems Lesson 10, Topic D
tr
• Improper IP configuration
• VLAN configuration
is
• Port security
• Improper subnetting
D
• Component failure
• Incorrect OS route tables
• Bad cables
• Firewall
• Misconfiguration
• Hardware failure
or
e
• Software failure
at
• Misconfigured NIC, routing/switching

issues
• DNS and/or DHCP failure
lic
• Misconfigured hosts file

• IPv4 vs IPv6 misconfigurations
up
• Networking tools Lesson 10, Topic D

• ping
• tracert/traceroute
D
• ipconfig/ifconfig
• nslookup
• net use/mount
ot
• route
• nbstat
N
• netstat
o
storage problems, selecting the appropriate tools

and methods
D

• Common problems Lesson 10, Topic E

• Slow file access
• OS not found
• Data not available
• Unsuccessful backup
• Error lights
e
• Unable to mount the device
• Drive not available
ut
• Cannot access logical drive
• Data corruption
ib
• Slow I/O performance
• Restore failure Lesson 10, Topic E
tr
• Cache failure
• Multiple drive failure
is
• Causes of common problems Lesson 10, Topic E
D
• Media failure
• Drive failure
• Controller failure
• HBA failure
• Loose connectors
• Cable problems
or
e
• Misconfigurations
at
• Improper termination
• Corrupt boot sector
lic
• Corrupt file system table Lesson 10, Topic E

• Array rebuild
• Improper disk partition
up
• Bad sectors
• Cache battery failure
• Cache turned off
D
• Insufficient space
• Improper RAID configuration
• Mismatched drives
ot
• Backplace failure
• Storage tools Lesson 10, Topic E
N
• Partitioning tools
• Disk management
o
• RAID array management

• Array management
D
• System logs
• Net use/mount command
• Monitoring tools
7.6 Given a scenario, effectively diagnose
security issues, selecting the appropriate tools
and methods

• Common problems Lesson 10, Topic F

• Firewall integrity issue
• Privilege escalation
• Application will not load
• Can't access network file/shares
• Unable to open files
e
• Excessive access
• Excessive memory utilization
ut
• Cause of common problems Lesson 10, Topic F
ib
• Open ports
• Active services
• Inactive services
tr
• Intrusion detection configurations
• Anti-malware configurations
is
• Loca/group policies
• Firewall rules
D
• Misconfigured permissions
• Virus infection
• Rogue processes/services
• Security tools
• Port scanners
or
Lesson 10, Topic F
e
• Sniffers
at
• Cipher
• Checksums
• Telnet client
lic
• Anti-malware
up
D
ot
N
o
D

D
o
N
ot
D
up
lic
at
e
or
D
is
tr
ib
ut
e
Mastery Builders
e
ut
ib
Lesson labs are provided for certain lessons as additional learning resources for this course.
tr
Lesson labs are developed for selected lessons within a course in cases when they seem
most instructionally useful as well as technically feasible. In general, labs are supplemental,
is
optional unguided practice and may or may not be performed as part of the classroom
activities. Your instructor will consider setup requirements, classroom timing, and
D
instructional needs to determine which labs are appropriate for you to perform, and at what
point during the class. If you do not perform the labs in class, your instructor can tell you if
you can perform them independently as self-study, and if there are any special setup
requirements.
or
e
at
lic
up
D
ot
N
o
D
D
o
N
ot
D
up
lic
at
e
or
D
is
tr
ib
ut
e
Solutions
e
ut
ib
ACTIVITY 1-4: Managing Server and Network Assets
tr
is
1. What role does labeling play in asset management and why would asset management software
be beneficial in supporting labeling?
A: Labels can help you track and locate equipment. Using bar code or RFID tags can make
D
inventory and asset management faster and more accurate than manually reading a printed
tag.
or
2. What role does the warranty on equipment play in asset management and why would asset
management software be beneficial in supporting warranties?
A: By tracking the warranty dates for equipment in the asset management database, you can
know whether the equipment is still under warranty. This can help you make decisions on
e
whether to repair, replace, or budget for updated equipment.
at
3. What role does inventory play in asset management and why would asset management
software be beneficial in supporting inventory?
lic
A: Knowing what equipment the organization already owns or leases is important in deciding
whether additional equipment needs to be procured or whether there is equipment in storage
that could be used.
up
4. How does asset management software support life cycle management?

A: Having all of the information from initial procurement of the asset, use, maintenance, and
support, you can make sound business decisions on whether to continue using and
D
maintaining the asset or beginning to budget for asset replacement and disposal.
ot
ACTIVITY 7-1: Managing Storage Capacity

N
4. Would you recommend compressing the contents of all available storage spaces? Why or why
not?
o
A: Answers will vary. Not all folders and files can be compressed. For user storage,
compression can greatly improve the capacity for storage.
D
5. At Develetech, some users in the marketing department create video assets to promote
company products. Other users in other departments create few files that are very small.
Still others use a database to track customer orders, customer service requests, and
repair orders. What strategy would you use when making recommendations for disk
quotas for these employees?
A: Answers will vary. Each group of users has different capacity needs, so by using
groups to create the quota limits, you can meet each group's needs.
e
ACTIVITY 7-2: Deploying Primary Storage Devices
ut
1. Based on the stated goals and hardware configuration, would you recommend procuring
ib
an internal hard drive or an external portable hard drive? Why?
A: Answers will vary. Internal hard drive will give a more realistic approximation of the
network environment under which the drive will perform. This can be important if when
tr
testing new applications, you are also testing the speed of the application. External drives
make it easy to swap out a drive configured for one set of applications and replace it with
is
a drive configured with other applications.
2. How many drives do you recommend procuring for the test environment? Why?
D
A: Answers will vary. While you could use a single large drive, it might be more prudent to
procure two or more smaller drives, giving you more flexibility in how the server is
configured for each test scenario.
or
3. What disk specifications will you use when evaluating which drive to procure? What are
your minimum requirements you feel you should request in order to provide valid testing
of the stated goals?
e
A: Answers will vary. You should consider the capacity, the RPMs, the form factor, the
at
seek time, and the IOPS at a minimum. The low end of the recommendation should be no
less than a SATA 500 GB drive at 7200 RPM.
lic
ACTIVITY 7-3: Identifying Storage Technologies

up
1.
D
2. If access speed and manageability are the most important considerations, which storage
technology would you recommend? Why?
A: Answers will vary, but a NAS or SAN would likely be the fastest technology.
ot
3. An important database that is heavily used needs hourly backups that are kept on site in
case anything needs to be restored at a moments notice. You also perform daily, weekly,
N
and monthly backups of the database that are sent to off site storage. Which storage
solution would you recommend for each of these backups?
A: Answers will vary, but you might use JBOD or a solid state drive for the hourly backups
o
and use a removable solid state drive or tape for the backups that are stored off site.
D
Solutions
ACTIVITY 8-6: Disposing of Storage Media
1. What steps will you take to make sure that the storage devices in the equipment being sent for disposal
will be properly sanitized?
A: Answers will vary, but should include zeroing out the drive with disk wiping software, possibly
physically destroying the platters inside the hard drive, and verifying that the data is unreadable and
unrecoverable.
e
2. What steps will you take to make sure that the software you were given cannot be accessed?
ut
A: Answers will vary, but might include physically destroying DVDs. For any device that you might
potentially reuse, you can use disk wiping software to destroy the data and preserve use of the drive.
ib
ACTIVITY 8-8: Identifying Physical Security Measures
tr
is
1. Why do you think Develetech should consider replacing lock and key access with cipher or biometric
locks? How much do you think it would cost? Would the cost outweigh the possible loss of data or
D
equipment?
A: Answers will vary, but might include that keys can be lost or shared more easily than more secure
access methods. Search the Internet to find the cost for various cipher and biometric locks. The loss of
or
data is almost always more expensive than the steps and devices you can take to secure it.
2. If , during the meeting, you suggest adding video cameras inside secure areas including the server
room, you think some people might shoot this idea down. What are the pros and cons of adding
e
surveillance cameras inside secure areas?
A: Answers will vary. Pros are that if someone gets past all other security measures taken to prevent
at
them from accessing a secure area, you might be able to identify the person from the video. Also, if
something happened to a server that at first appears to have been done by someone sitting at the
server, the video might prove that the attack came from elsewhere. Cons are typically that it costs
lic
money and people feel their privacy is threatened.
3. How might you improve the use of ID badges and possibly the ID badges themselves?
up
A: Answers will vary, but might include adding an HR written policy that employees must sign when they
receive their ID badge that they will display it on their person any time they are in the building.
Improvements to ID badges might include making the picture larger, adding smart-card functions, or
including a fingerprint. Or answers might be procedural, such as requiring employees to wear the badge
D
visibly, obtain new cards when hairstyles or physical appearances change, and so forth.
4. If the company was to implement the use of RFID tags on equipment, which devices do you think
ot
should be tagged? What do you think the cost might be?

A: Answers will vary. At a minimum, the actual server, the drives, and networking devices such as
routers and switches should be tagged. Use a search engine to find out the current price for RFID tags
N
that can be affixed to the equipment. Whatever the price, compare the price with the cost of lost data
and equipment replacement costs.
o
D
Solutions
ACTIVITY 10-1: Applying Troubleshooting Theory and

Methods
1. You received a call from a user who cannot connect to the Internet. They can log on to
the local network. You initially tried walking the first caller through connecting to the
Internet, but she was unsuccessful in connecting. Another help desk technician overhears
your call and lets you know that he also has a user from the third floor who cannot access
e
the Internet. Looking at the help desk database, you see that other users from the third
floor are also reporting the same issue. Document the troubleshooting steps you would
ut
take to come up with an action plan to resolve the users issue.
A: In gathering information and determining the scope, you find that this affects multiple
users within a specific area of the organization. Working with the other help desk
ib
technicians you should be able to narrow down the probable cause of the problem. One
of the technicians should examine the equipment on the third floor to see if a router,
switch, or cable needs to be replaced. If one of those components appears to be at fault,
tr
it the technician should recommend its replacement.
is
2. The technician found that a cable appears to have been damaged. He also noticed that it
appears that someone had been working on replacing components in the wiring closet for
the third floor. What steps should be taken to implement an action plan and resolve the
D
ticket?
A: Answers will vary, but may include: once you have determined the probable cause,
you should create an action plan before you start making changes, detailing each step
or
that you will take while attempting to resolve the issue. You should also make sure that
you are able to restore the system to the condition it was in before you began
troubleshooting, in case things do not go as planned. You also need to think about how
the action plan will affect the user or other aspects of the network. If you think ahead, you
e
can help ensure that productivity does not suffer and that downtime is minimized.
at
3. A user recently got a new computer delivered to their desk. Some of the files he needs to
open won't open. What are some of the questions you should ask?
lic
A: Ask the user to describe his system and his physical location. What application is he
using to open the file? Can he open other files with that application? If so, the problem is
with the file and not the software. Ask him to describe the specific problem he is having.
Can he find the file but receives an error when he opens it? Or does the file open but
up
looks corrupted? To localize the problem, ask where the file is saved; is it on a local disk
or on a network drive? Can he open other files from that location? If not, it may be a
problem with the storage media itself. Or is it in an email attachment? Find out when he
could last open the file, if ever. If he could open the file previously, find out anything that
D
might have occurred since that time to change the situation. If the file is in a network
location, review network activity logs to see if there have been any issues or changes to
that server.
ot
N
ACTIVITY 10-2: Troubleshooting Hardware Issues

o
1. The server in the finance department shuts itself down shortly after it boots. They have
had power related problems in the past and have even installed a UPS with software
D
monitoring functions. Because of the past problems, you suspect a power problem. What
should you investigate?
A: Try disabling the UPS’s monitoring software. If the UPS is disconnected, its battery has
failed, or the communications with it have been lost, the software might be erroneously
shutting down the PC. Try running without the UPS. Perhaps it has failed. Check power
cords and test the wall voltage. Try plugging the PC into a different outlet on a different
circuit.
Solutions
2. You are troubleshooting a computer that’s unstable (it hangs, gets BSODs and memory errors,
spontaneously reboots, etc.). The user states that the symptoms have gotten more frequent. What do
you suspect is the problem?
A: As the capacitors on a motherboard age, their ability to collect a charge of electricity decreases while
their impedance increases. The capacitors can no longer filter the DC voltages on the motherboard, so
the system becomes unstable. System hangs, BSODs, memory errors, spontaneous reboots are some
common symptoms of motherboard failures.
3. One person calls in with an email issue. You overhear one of the other help desk staff talking with
e
another user who is also calling in with an email issue. Looking at the call log, you see that there were
several other recent calls related to this same email issue. Do you think this is coincidence or do you
ut
think you should examine the email server to determine if there is a hardware-based reason for users
not being able to access their email?
A: Depending on what the issue is, it is likely prudent to make sure that the email server is properly
ib
configured, that the network connections are good, and that the hardware is performing as it should.
4. While examining the network traffic, you see that traffic jumps to over 100% on one of the network
tr
segments. What is a likely cause and how would you resolve the problem?
A: There is a system with a network card that is beaconing. Isolate the machine to confirm, and if it is
is
beaconing, replace the network card.
D
ACTIVITY 10-3: Troubleshooting Software Issues
or
1. A user calls because he cannot log on to the server. What questions would you ask and what are some
likely reasons that he can't log on?
e
A: Answers will vary, but you might start by asking whether anyone else around him is also having log
on issues to help narrow the scope of the problem. You could ask which operating system his client is
at
running and which server he is attempting to connect to. You could then verify that the server is up and
available using traceroute. You could ask if he has previously successfully logged in to the computer.
Verify that the user is using the correct logon name and password. Verify that the computer is
lic
connected to the network either via cable or wirelessly.
2. A user calls because the system is hanging when he tries to shut it down. What questions would you
ask and what are some likely reasons that the system is hanging at shut down?
up
A: Answers will vary, but you might start by asking whether this has happened before. Ask which
operating system he is using. Ask if any changes have recently been made to the system. Determine if
there are applications still open that are awaiting his response. Determine if there is enough disk space
D
available to read and write to log files. Determine if a process is still running that needs to finish before
shut down can occur.
ot
ACTIVITY 10-4: Troubleshooting Networking Issues

N
1. A user opens a browser window and tries to contact your intranet server. The user receives a message
that it can’t be found. What TCP/IP utilities might you use to diagnose the problem?
o
A: Answers will vary. Ping the server by name from a command prompt. If that fails, ping the server’s IP
D
address. If that’s successful, you know the problem lies with DNS. Otherwise, the problem lies
elsewhere. Try pinging another server to test general connectivity from the user’s computer. You can
use IPConfig or ifconfig to ensure that the computer has valid IP addressing information for the network
segment to which it’s connected. If the IP addressing information is incorrect for the computer’s network
segment, you can modify it and try to connect to the intranet server again.
Solutions
2. A user calls to let you know that the volume that is usually mounted on a server to which
she connects is unavailable. She can see the server, but the volume she needs to access
is not shown. What questions might you ask her and what utilities might you use to
diagnose the problem?
A: Answers will vary. You might start by asking her what operating system the client she
is using runs. You can try accessing the volume yourself from your system. You can try
having her remap her connection to the volume. You can use the net use or mount
command depending on which operating system the server is running.
e
3. A user reports that they are receiving a message that they have a duplicate IP address.
What might have caused this to happen?
ut
A: The user might get a duplicate IP address if they assigned themselves a static IP
address that is already in use. Another reason might be that they have a laptop which
was closed, but not shut down, then reopened.
ib
tr
ACTIVITY 10-5: Troubleshooting Storage Issues
is
1. A new technician was helping to install a new SCSI hard disk as a second drive in a
Windows server. Windows doesn't recognize the new drive. What are possible causes for
D
the drive not being recognized?
A: Answers might include that the SCSI ID is incorrectly set, that the power cable is not
connected, that the termination is not set correctly, or that active termination was used
or
when passive termination was required (or vice versa).
2. Users are calling to complain that access to files on the file server is slower than normal.
Looking at the help desk tickets related to that server, you see that someone has started
e
rebuilding a failed drive array member. What should you do?
at
A: Answers will vary. You’ll have to balance the risk of running with a failed drive in your
array against the upset of your users over slow performance. You could cancel or pause
the rebuild until after hours. Doing so would speed disk performance. But another drive
lic
failure while you wait could result in data loss or corruption, along with extended
downtime as you restore from backup.
3. A user calls saying they cannot find their file. They are sure it was stored on the server.
up
How would you help the user locate their file?

A: Answers will vary, but might include the following. Try going to the folder yourself
where the user thinks they saved the file; the permissions might have been changed
D
preventing the user from seeing the file. Check the Recycle Bin in case it was deleted. If
the file is not found, request permission to access their local drive and see if it was saved
locally. If you confirm that the file is indeed missing, restore it from backup.
ot
ACTIVITY 10-6: Troubleshooting Security Issues

N
1. It has been discovered that a user in the sales department is able to access resources in
o
the finance department. It is suspected that the user is disgruntled and may be trying to
find sensitive information. What troubleshooting steps would you take?
D
A: Answers will vary, but may include: check the user's group membership to verify that
they don't have this kind of access, implement tighter group security to limit the user's
access, monitor and audit the user's network activity, if the user is using another account
then lock down that account or simply change the password. They are actually a
malicious user then HR or a manager will need to be notified so that they can determine
what steps to take with the user.
Solutions
2. It is suspected that a workstation has malware running on it. What troubleshooting steps would you
take?
A: Answers will vary, but may include: run anti-malware scans with latest definitions on workstation to
see if it will detect malware, run scans with different tools to see if they can detect malware, remove
malware using anti-malware tool or recommended steps, apply a previous restore point, wipe the
workstation and reinstall the OS.
3. Log files show that someone has attempted to log in with the wrong password many times on several
user accounts. What steps should be taken?
e
A: Answers will vary. Add firewall rules to block the IP address of the user attempting to log in with the
wrong passwords. Determine whether it was someone from within the organization who simply forgot
ut
their password, or if it is someone attempting to breach the network. Configure the server to lock the
account after 3 to 5 failed login attempts.
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D
Solutions
D
o
N
ot
D
up
lic
at
e
or
D
is
tr
ib
ut
e
Glossary
e
ut
ib
10Base standards 802.x standards
A set of standards that describes the media A family of networking standards
tr
type and the speeds at which each type of developed by IEEE to address networking
media operates. technologies.
is
802.11 standard A
D
An IEEE standard that specifies an over- (Address record) A DNS record that maps
the-air interface between a wireless client the host name to its IP address using a 32-
and a base station or between two wireless bit IPv4 address.
clients.
802.1x
or AAAA
(IPv6 address record) A DNS record that
e
A standard for securing networks by maps the host name to its IP address using
implementing EAP as the authentication a 128-bit IPv6 address.
at
protocol over either a wired or wireless

Ethernet LAN, rather than the more AC
lic
traditional implementation of EAP over (Alternating Current) An electrical current

PPP. that switches its flow back and forth in a
circuit.
802.2 standard
up
An IEEE standard used to address the access control

need for MAC-sub-layer addressing in In security terms, the process of
bridges. determining and assigning privileges to
D
various resources, objects, and data.

802.3 standard
An IEEE standard used to standardize accountability
ot
Ethernet and expand it to include a wide In security terms, the process of

range of cable media. determining who to hold responsible for a
N
particular activity or event.

802.3af standard
ACL
o
802.3at standard (Access Control List) A set of data (user

An IEEE standard used to describe PoE+ names, passwords, time and date, IP
D
technology. address, MAC address, etc.) that is used to

control access to a resource, such as a
device, file, or network.
active IDS AP
(active intrusion detection system) A (Access Point) See WAP.
system that detects a security breach
according to the parameters it has been APC connector
configured with, logs the activity, and then (angled physical contact connector) A fiber
takes the appropriate action to block the optic connector where the end faces are
user from the suspicious activity. curved but are angled at an industry-
standard eight degrees to maintain a tight
e
address bus connection.
Connecting wires from the CPU to main
ut
memory used to identify specific memory application server
locations. A computer in a client/server environment
that performs the business logic (the data
ib
adware processing).
Software that automatically displays or
tr
downloads advertisements when it is used. ARP
(Address Resolution Protocol) A
is
algorithm communications protocol that resolves IP
In encryption, the rule, system, or addresses to MAC addresses.
D
mechanism used to encrypt data.
ARP cache
amps A table used to maintain a correlation
Short for amperage. The amount of
electricity used by a device.
analog signal
or between each MAC address and its
corresponding IP address.
arp utility
e
A signal that carries information as A command that enables an administrator
at
continuous waves of electromagnetic or to view and manipulate the ARP cache,

optical energy. including deleting it or adding an entry to
it.
lic
ANS
(Authoritative Name Server) A name attack
server that responds to name-related Any technique that is used to exploit a
up
queries in one or more zones. vulnerability in any application on a

computing device without authorization.
anti-malware software
attacker
D
A software program that scans a device or

network for known viruses, Trojans, A term for a user who gains unauthorized
worms, and other malicious software. access to devices and networks for
ot
malicious purposes.
antimalware
See antispyware and antivirus software. attenuation
N
The fading or degradation of a signal as it

antispyware travels across a network medium.
Software that is designed for removing or
o
blocking spyware. auditing

D
In security terms, the process of tracking

antivirus software and recording system activities and
An application that scans files for resource access. Also called accounting.
executable code that matches patterns
known to be common to viruses, and
monitors systems for activity associated
with viruses.
Glossary
authentication biometrics
A network security measure in which a user or Authentication schemes based on an
some other network component proves its individual's physical characteristics.
identity to gain access to network resources.
BIOS
backup (Basic Input Output Sequence) A program that
The process of copying files or databases to is run first when a computer is switched on.
another location so that they will be used to
BIOS chip
e
restore data in case of equipment failure or
other catastrophic events. (Basic Input Output System chip) A ROM or
ut
Electrically Erasable Programmable ROM
backup medium (EEPROM) chip that stores the BIOS
The device onto which you write the backup program code, which allows system devices to
ib
data. communicate with each other.
tr
backup utility black hat
A software program that archives data from A hacker who exposes vulnerabilities for
is
fixed storage to a removable medium. financial gain or for some malicious purpose.
baffles blade server
D
Used to direct the airflow around server It consists of a chassis (or backplane) that
equipment and improve the airflow. contains one or more server blades.
bandwidth
The average number of bits of data that can be
transmitted from a source to a destination over
or
block-level storage
A data storage mechanism where raw volumes
are created and every block within every
e
the network in one second. volume can be controlled as if it were an
at
individual hard drive.

base 2 numbering system
See binary numbering system. bluejacking
lic
A method used by attackers to send out

baseline unwanted Bluetooth signals from smartphones,
A record of a device's performance statistics tablets, and laptops to other Bluetooth-enabled
up
under normal operating conditions. devices.
biconic bluesnarfing
A screw-on type connector with a tapered
D
A process in which attackers gain access to

sleeve that is fixed against guided rings and unauthorized information on a wireless device
screws onto the threaded sleeve to secure the using a Bluetooth connection.
ot
connection.
Bluetooth
binary numbering system A wireless technology that facilitates short-
N
The numbering system used by electronic range wireless communication between

machines to perform calculations. Each devices, such as personal computers, laptops,
position, starting from the rightmost, signifies mobile phones, and gaming consoles, thus
o
a higher power of 2. Also called base 2 creating a WPAN.

D
numbering system.
BNC coupler
biometric lock (Bayonet-Neill-Concelman coupler) A device
A physical security control that grants access to that enables you to connect two BNC cables
facilities according to biometric features, such together.
as fingerprints, voice prints, retina scans, or
signatures.
Glossary
boot device CA
A device from which the operating system is (Certificate Authority) A server that can issue
loaded into the hard disk during the booting or digital certificates and the associated public/
installation process. private key pairs.
bootloader cable basket

A piece of code that is run before running any A type of cable tray made of wire mesh that is
operating system. primarily used for lightweight cables, such as
e
telephone and network cables.
BOOTP
ut
(Bootstrap Protocol) A legacy UDP network cable Internet access
protocol that helps diskless workstation A WAN connectivity technology that uses a
devices get an IP address before loading an cable television connection and a cable modem
ib
operating system. to provide high-speed Internet access to homes
and small businesses.
tr
botnet
A collection of software robots run by a cable management
is
command and control program that is The practice of neatly securing electrical, data,
controlled by a person. and other cables.
D
bounded media cable modem
A network medium that uses a physical A hardware device that connects a subscriber's
conductor typically made of metal or glass.
brute force attack

A type of password attack where an attacker
or device to a service provider’s cable systems.
cable stripper
A device that enables you to remove the
e
uses an application to exhaustively try every protective coating from wiring to facilitate
at
possible alphanumeric combination to attempt installing a media connector.

to crack encrypted passwords.
cable tester
lic
buffer overflow An electrical instrument that verifies if a signal

An attack that targets a device's vulnerability by is transmitted by a cable. Also called a media
causing the device's operating system to crash tester or line tester.
up
or reboot, which may result in the loss of data

or the execution rogue code on the device. cable tray
A horizontal channel that network cables and
buffered memory
D
electrical wires run through that

It is memory that contains buffer logic chips provides mechanical support and protection.
that re-drive signals through memory chips and
ot
enable modules to include more memory chips. cache memory

A random access memory that is located closer
bus to the processor and allows the processor to
N
An electrical pathway to which various server execute instructions and to read and write data
components are connected in parallel so that at a higher speed than the regular RAM.
signals are transferred among them.
o
cache memory
business continuity
D
A random access memory that is located closer

A collection of planning and preparatory to the processor and allows the processor to
activities that are used during a serious incident execute instructions and to read and write data
or disaster to ensure that an organization's at a higher speed than the regular RAM.
critical business functions will continue to
operate or will be recovered to an operational
state within a reasonably short period.
Glossary
CAN change management policies

(campus area network) A network that covers A set of procedures to be followed whenever
an area equivalent to an academic campus or an IT change is made.
business park.
CHAP
cell (Challenge Handshake Authentication
The area covered by a wireless access point. Protocol) An encrypted remote-access
Alternatively, a cell is a type of network, similar authentication method that enables
e
to a packet switching network, in which data is connections from any authentication method
transmitted as fixed-length packets called cells. requested by the server, except for PAP and
ut
SPAP unencrypted authentication.
cell switching network
A type of network, similar to a packet chip creep
ib
switching network, in which data is transmitted A problem that can occur if equipment is
as fixed-length packets called cells. repeatedly exposed to temperature fluctuations.
tr
The expansion and contraction due to
Central Processing Unit (CPU) temperature variance causes the chips to
is
The main chip on the system board that loosen in their sockets.
executes program instructions that control the
D
server. chipset
The set of chips on the system board that
centralized network support the CPU and other basic functions.
A network in which a single computer or
server controls all network communication and
performs data processing and storage on behalf
of its clients.
CIDR or
(Classless Inter Domain Routing) A subnetting
method that selects a subnet mask that meets
e
an individual network's networking and node
at
centralized network requirements and then treats the mask like a

A network in which a central mainframe 32-bit binary word.
computer controls all network communication
lic
and performs data processing and storage on cipher

behalf of clients. A method for concealing the meaning of text.
up
certificate management system cipher lock

A system that provides the software tools to A physical security control that requires users
perform the day-to-day functions of a PKI. to press keypad buttons in the correct
D
sequence to gain entry to a room or building.

certificate repository
A database containing digital certificates. ciphertext
ot
Data that has been encoded with a cipher and

chain of custody is unreadable.
Documentation that tracks evidence from the
N
time it is collected until it is released back to circuit tester

the owner. An electrical instrument that test whether or
not current is passing through a circuit.
o
change management
CISC
D
A systematic way of approving and executing

change to ensure maximum security, stability, (Complex Instruction Set Computer) A design
and availability of information technology strategy for computer architecture that
services. depends on hardware to perform complicated
instructions.
Glossary
Class A addresses client/server network

A block of IP addresses from 1.0.0.0 to A network in which servers provide resources
127.255.255.255 that provides the largest to clients.
number of nodes (16,777,214) for the smallest
number of networks (126), thus increasing the cloud computing
number of nodes per network. A model for providing or consuming off-
premises computing services over the Internet.
Class B addresses
clustering
e
A block of IP addresses from 128.0.0.0 to
191.255.255.255 that provides a good balance A process of grouping two or more servers
ut
between the number of networks and the with a high-speed channel to share workloads
number of nodes per network—16,382 between them.
ib
networks of 65,534 nodes each.
CMOS
Class C addresses (Complementary Metal-Oxide-Semiconductor)
tr
A block of IP addresses from 192.0.0.0 to An old style of static memory that was used to
223.255.255.255 that provides the largest store information about the computer setup
is
number of networks (2,097,150) and the that the system BIOS refers to each time the
smallest number of nodes per network (254). computer is started.
D
Class D addresses CNAME
A block of IP addresses from 224.0.0.0 to (Canonical name record) A DNS record that
239.255.255.255 used to support multicast
sessions.
Class E addresses
or maps multiple canonical names (aliases) to one
A record.
coax
e
A block of IP addresses from 240.0.0.0 to (coaxial cable) A type of copper cable that
at
255.255.255.255 used for research and features a central conductor surrounded by an

experimentation purposes. insulator and braided or foil shielding.
lic
cleartext codec
The unencrypted form of data. Also called Software or hardware that performs digital
plaintext. compression of audio and video streams for
up
video conferencing.
cleartext credentials
User information, such as passwords that are cold site
D
not encrypted before being stored or A predetermined alternate location where a

transmitted. network can be rebuilt after a disaster.
ot
client cold spare

A network device or process that initiates a A duplicate piece of backup equipment that
connection to a server. can be configured to use as an alternate, if
N
needed.
client operating system
An operating system end-users use to access cold swap
o
network resources. Powering off a system before doing repairs or

D
maintenance.
client/server network
A network in which some nodes act as servers Column Access Strobe (CAS) latency
to provide services to other nodes. The nodes The amount of time taken to retrieve data
that receive services from the servers are from a particular column of a specified row in
known as clients. a memory module. CAS latency is the clock
Glossary
cycles between the issuance of the read core

command and its subsequent data retrieval. An execution unit in the CPU.
compromised system counter

A device that has been infected by malware or An individual statistic about the operation of
otherwise controlled by an outside entity. system objects such as software processes or
hardware components, monitored by a
computer network performance monitor.
e
A group of computers connected to
communicate with each other and share CPU stepping
ut
resources. The revision level of a processor.
configuration management cracker
ib
The process of setting up and changing the A user who breaks encryption codes, defeats
configuration of a network and its software copy protections, or specializes in
tr
components. breaking into systems.
is
connection crossover cable
A virtual link between two nodes established A network cable that connects like devices.
D
for the duration of a communication session.
cryptographic
connection-oriented protocol The process of hiding information using a
A data transmission method where a
connection is established before any data can
be sent, and where a stream of data is delivered
in the same order as it was sent.
cipher system.
cryptography or
The science of hiding information to protect
e
sensitive information and communications
connectionless protocol
at
from unauthorized access.

A data transmission method that does not
establish a connection between devices and CSMA/CA
lic
where data may be delivered out of order and (Carrier Sense Multiple Access/Collision
may be delivered over different paths. Avoidance) A contention-based media access
method where nodes try to avoid data
up
connector collisions by transmitting when they deem the

A metal device at the end of a wire to connect channel to be idle.
video equipment and network nodes in a LAN.
CSMA/CD
D
contention-based media access (Carrier Sense Multiple Access/Collision

A media access method in which nodes Detection) A contention-based media access
ot
compete or cooperate among themselves for method where nodes send data when they
media access time. Also called competitive deem the channel to be idle, but take steps to
media access. retransmit when collisions occur.
N
cooling system custom subnet

A system unit component that prevents A collection of leased IP addresses that are
o
damage to computer parts by dissipating the divided into smaller groups to serve a
D
heat generated inside a computer chassis. network's needs.
copper media custom subnet mask

A type of bounded media that uses one or A number that is applied to an IP address to
more copper conductors surrounded by an divide a single block of addresses into multiple
insulated coating. subnets.
Glossary
DAS DDR memory

(Direct Attached Storage) Storage that is (Double Data Rate memory) SDRAM’s
attached directly to a server without a network replacement, it transfers data twice per clock
between the storage device and the server. cycle.
data breach DDR2 memory

A security incident where sensitive, protected, (Double Data Rate 2 memory) The
or confidential data is copied, transmitted, nextgeneration DDR memory technology that
e
viewed, stolen, or used by an individual who is features faster speeds, higher data bandwidths,
not authorized to do so. lower power consumption, and enhanced
ut
thermal performance.
data bus
The internal bus that connects all internal DDR3 memory
ib
computer components to the motherboard. (Double Data Rate 3 memory) The memory
technology that transfers data at twice the rate
tr
data collector set of DDR2 and uses 30% less power in the
The set of objects or components selected for process.
is
the purpose of baselining.
dedicated line
data deduplication
D
A telecommunication path that is always
Eliminates duplicate files that are similar, with available for use by a designated user. Also
pointer to changes. Works at block or sub-file called a leased line.
level. Compare to single instance storage.
data packet
A unit of data transfer between devices that
or default gateway
An IP address of the router that routes remote
traffic from the device's local subnet to remote
e
communicate on a network. subnets.
at
data theft defense-in-depth

A type of attack in which unauthorized access A security strategy in which multiple layers of
lic
is used to obtain protected network physical security are provided to help reduce
information. the risk of one component or layer of the
defense mechanism being compromised or
up
data transmission circumvented.

The exchange of data among different
computers or other electronic devices through demarc
D
a network. (demarcation point) The physical location

where a building's wiring ends and the
database server telephone company's wiring begins.
ot
A computer in a LAN dedicated to database

storage and retrieval demarcation point
See demarc.
N
DC
(Direct Current) A type of electric current that desktop computer
flows unidirectionally. A general term used to designate any system
o
deployed as a general purpose computer to be

DDoS attack
D
operated directly by a single user.

(Distributed Denial of Service attack) A
software attack in which an attacker hijacks or device driver
manipulates multiple devices (through the use A computer program that acts as an interface
of zombies or drones) on disparate networks between the operating system and a hardware
to carry out a DoS attack. device.
Glossary
DHCP network or failed systems as quickly as

(Dynamic Host Configuration Protocol) A possible.
network service that provides automatic
assignment of IP addresses and other TCP/IP disaster recovery plan
configuration information. A policy and set of procedures that documents
how people and resources will be protected in
dial-up connection a disaster, and how the organization will
A PSTN connection that uses modems, recover from the disaster and restore normal
e
existing phone lines, and long-distance carrier functioning.
services to provide WAN connectivity and
ut
remote network access. disk controller
Circuitry that manages the transfer of data to
dial-up modem and from a disk drive, whether it is a hard disk
ib
A communication device that converts a drive or an optical disk drive. The disk
device's digital signals into analog signals controller provides the communication path
tr
before transmission over telephone lines. between the CPU and the disk drive.
is
dictionary attack disk mirroring
A type of password attack that automates A complete duplication of data on two separate
D
password guessing by comparing encrypted physical drives.
passwords against a predetermined list of
possible password values. disk striping
digital certificate
An electronic document that associates
credentials with a public key.
or
It provides enhanced performance by
interleaving bytes or groups of bytes across
multiple drives, so that several disks can read
and write at the same time.
e
at
digital signal DMA

An electrical signal that can have combinations (Direct Memory Access) Any transfer protocol
of only two values: one and zero. where a peripheral device transfers information
lic
directly to or from memory, without the CPU

digital signature being required to perform the transaction.
An encrypted hash value that is appended to a
up
message to identify the sender and the DMI

message. (Desktop Management Interface) A standard
for managing and tracking components in a
directional antenna
D
desktop or notebook PC or in a server.

A type of antenna that concentrates the signal
beam in a single direction. DMZ
ot
(demilitarized zone) A small section of a

disaster private network that is located between two
A catastrophic loss of system functioning due firewalls and made available for public access.
N
to a cause that cannot reasonably be foreseen

or avoided. DNS
(Domain Name System) The naming service
o
disaster used on the Internet and many TCP/IP-based

D
A catastrophic loss of device functioning due networks.

to a cause that cannot reasonably be foreseen
or avoided. domain
A grouping of devices on the Internet based on
disaster recovery the nature of their operations.
The administrative function of protecting
people and resources while restoring a failed
Glossary
domain name ECC

A unique name that identifies a website on the (Error Checking and Correction memory) A
Internet. A period is used to separate the labels type of RAM that includes a fault detection/
of domain names. correction circuit to test the accuracy of data as
it passes in and out of memory.
domain name space
It consists of information about the hierarchy EFS
of domains and the hosts under each domain, (Encrypting File System) A file encryption tool
e
which is referred by the name servers for available on Windows systems that have
mapping domains. partitions formatted with NTFS.
ut
DoS attack EIA
(Denial of Service attack) A network attack in (Electronic Industries Alliance) A trade
ib
which an attacker disables systems that provide association accredited by ANSI to develop and
network services by consuming a network jointly issue standards for telecommunications
tr
link's available bandwidth, consuming a single and electronics.
device's available resources, or exploiting
is
programming flaws in an application or electrical noise
operating system. Unwanted signals that are introduced into
D
network media and that interfere with the
DRAM proper reception of transmitted signals.
(Dynamic RAM) A type of RAM that needs to
be refreshed.
DSA
(Directory System Agent) Server software
or EMI
(electromagnetic interference) A type of noise
that is caused by electrical radiation or
induction and that disrupts an electrical signal.
e
feature that enables an LDAP server to process
at
queries from the clients and access data from a encryption

database. A security technique that converts data from
plain, or cleartext form, into coded, or
lic
DSL modem ciphertext form, so that only authorized parties

A hardware device that connects a subscriber's with the necessary decryption information can
device to a telephone line that provides the decode and read the data.
up
DSL service for connectivity to the Internet.

encryption devices
DVM A device that provides encryption, decryption,
D
(Digital Volt Meter) An electrical instrument and access control using an HSM.
that uses an analog-to-digital converter to
display numeric voltage readings. encryption key
ot
A specific piece of information that is used

EAP with an algorithm to perform encryption and
(Extensible Authentication Protocol) A decryption in cryptography.
N
protocol that enables systems to use hardware-

based identifiers, such as fingerprint scanners endpoint
A network node that is the source or
o
or smart card readers, for authentication.

destination for data transfer.
D
eavesdropping attack
A network attack that uses special monitoring enterprise network
software to gain access to private A network that includes elements of both
communications on the network wire or across LANs and WANs and is owned and operated
a wireless network. Also called a sniffing by a single organization to interlink its devices
attack. and resources.
Glossary
Ethernet FDDI
A family of LAN technologies developed to (Fiber Distributed Data Interface) A dual-ring,
enable communication between different token-passing fiber network that operates at
computers over a shared broadcasting medium. 100 Mbps.
It is also known as IEEE 802.3.
FDM
Ethernet (Frequency-Division Multiplexing) A
A set of networking technologies and media multiplexing method in which data from
e
access methods specified for LANs. multiple nodes is sent over multiple
frequencies or channels over a network
ut
evil twin medium.
A rogue access point on a network that
appears to be legitimate. ferrule
ib
A tubular structure made of ceramic or metal
expansion card that supports optical fiber.
tr
A circuit board that is inserted into an
expansion slot located on the main fiber coupler
is
motherboard to allow a new feature to be A device that enables you to connect fiber
added to the server. optic cables together when a device has one or
D
more input fibers and one or more output
expansion slot fibers that need to be connected.
A socket on the computer system board that is
designed to hold expansion cards.
extranet
A private network that grants controlled access
or
fiber optic cable
A network cable that has a core surrounded by
one or more glass or plastic strands, along with
extra fiber strands or wraps, which are
e
to users outside of the network. surrounded by a protective outer jacket.
at
Fast Ethernet file quota

An Ethernet technology that can transmit data A disk quota that limits the number of files and
lic
at speeds of 100 Mbps. directories that can be created by a user.
fault tolerance file server

up
The ability of a network or device to withstand It is usually a high-speed computer on a

a foreseeable component failure and still network that stores the programs and data files
continue to provide an acceptable level of shared by users.
D
service.
file system
fax server A database maintained by an operating system
ot
It provides a bank of fax modems, allowing on the storage media for the storage,
users to fax out and remote users to fax in over organization, manipulation, and retrieval of
the next available modem. data.
N
FC file-level permission
(ferrule connector) A connector used in A security feature that allows users to set
o
industrial settings that has a heavy-duty ferrule access control to the individual files instead of
D
in the center for more mechanical stability than the folders.

SMA or ST connectors.
firewall
FC Hardware or software that regulates data flow
(Fibre Channel) A high-speed network to a secured network by filtering data
technology that is primarily used to connect originating from unsecured or untrusted
device data storage at rates of up to 16 Gbps. sources.
Glossary
firewall Gigabit Ethernet

A software program or a hardware device or a An Ethernet technology that can transmit data
combination of both that protects a device or at speeds of 1,000 Mbps and primarily uses
network from unauthorized data by blocking optical fibers for transmission.
unsolicited traffic.
grayware
firmware A type of software that can be either malicious
Specialized software stored in memory chips or non-malicious in nature. Spyware and
e
that stores information whether or not power adware are two notable examples of grayware.
to the computer is on.
ut
grounding
flash storage The connection of a shield or conductor to an
A storage device that stores data using flash electrical ground point, such as a pipe or wire,
ib
memory. that is in contact with the ground.
tr
FQDN group policy
(Fully Qualified Domain Name) The host A centralized configuration management
is
name combined with the host's domain name. feature available for Active Directory on
Windows Server systems.
friendly DoS
D
(friendly denial of service) An attack where a guessing attack
website ends up denied because of a sudden A human-based attack where the goal is to
enormous spike in popularity.
FTP
(File Transfer Protocol) A TCP/IP protocol
or guess a password or PIN through brute force
means or by using deduction.
guideline
e
that allows the transfer of files between a user's A suggestion for meeting the policy standard
at
device and a remote host. or best practices on a network policy.
full duplex hacker

lic
A communication mode that permits A user who excels at programming or

simultaneous two-way communication. managing and configuring computing devices,
and has the skills to gain access to devices
up
gain through unauthorized or unapproved means.

An increase in the amplitude of a radio wave.
half duplex
GAN
D
A communication mode that permits a two-

(global area network) A WAN that includes way transmission, but in only one direction at a
sites and networks around the world. time.
ot
gateway hard quota

A computer that performs conversion between The effective limit of allotted disk quota.
N
different types of networks or applications.

hardware loopback plug
gateway A special connector used for diagnosing
o
A device or software that converts data transmission problems.

between incompatible devices.
D
hash
GBIC The value that results from hashing encryption.
(Gigabit Interface Converter) A transceiver Also called a hash value or message digest.
used to convert electrical signals into optical
signals and vice versa.
Glossary
hashing encryption blocking traffic from a specific host or an

One-way encryption that transforms cleartext attack targeted against a specific device.
into a coded form that is never decrypted.
hoax
HBA Any type of incorrect or misleading
(host bus adapter) An adapter that provides information that is disseminated to multiple
input/output (I/O) processing and physical users through unofficial channels.
connectivity between a server and a storage
hop
e
device.
The action of forwarding a packet from one
ut
HDD router to the next.
(hard disk drive) A personal computer storage
device that uses fixed media and magnetic data host
ib
storage. Any device that is connected to a network.
tr
HDD host name
(Hard Disk Drive) A computer storage device The unique name given to a network node on a
is
that uses fixed media and magnetic data TCP/IP network.
storage.
host-based firewall
D
heat sink A software application that is installed directly
A device, often with metal fins, to absorb or on a host and filters incoming and outgoing
deflect unwanted heat from a processor or
other component.
hertz
or
packets to and from that host. Also called a
personal firewall.
HOSTS file
e
A measure of the number of cycles per second A plaintext file configured on a client machine
at
in an analog signal. One cycle per second containing a list of IP addresses and their
equals one hertz. associated host names, which can be used for
host name resolution as an alternative to DNS.
lic
hexadecimal numbering system

A numbering system where each digit is the hot site
equivalent of four binary digits. Each position, A fully configured alternate network that can
up
starting from the rightmost, signifies a higher be online quickly after a disaster.
power of 16. Also called base 16 numbering
system. hot spare
A fully configured and operational piece of
D
HIDS backup equipment that can be swapped into a

(host intrusion detection system) Software that device with little to no interruption to
ot
monitors the device on which it is installed to functionality.

identify deviations from an established security
policy. hot-swapping
N
The ability to exchange computer hardware

high availability “on the fly” without interrupting the
A rating that expresses how closely systems computer’s service or, at least, minimizing the
o
approach the goal of providing data availability interruption.

D
100 percent of the time.

hotfix
HIPS A patch that is often issued on an emergency
(host-based intrusion prevention system) An basis to address a specific security flaw.
application that monitors the traffic from a
specific host or a list of host addresses,
Glossary
HTTP to govern the use of IP addresses. The Internet

(Hypertext Transfer Protocol) A network Corporation for Assigned Names and
protocol that works on the Application layer of Numbers (ICANN) is now responsible for
the OSI and TCP/IP models and enables leasing IP addresses worldwide.
clients to connect to and retrieve web pages
from a server to interact with websites. ICMP
(Internet Control Message Protocol) A
HTTPS protocol used with IP that attempts to report
e
(HTTP Secure) A secure version of HTTP that on the condition of a connection between two
provides a secure connection between a web nodes.
ut
browser and a server.
IDaaS
hub (Identification as a Service) A cloud computing
ib
A networking device used to connect the drops service that enables consumers to rent an
in a physical star topology network into a authentication infrastructure from a service
tr
logical bus topology. Also called a multiport provider.
repeater.
is
iDRAC
HVAC (Integrated Dell Remote Access Controller) An
D
(heating, ventilating, and air conditioning) A OOB management tool created by Dell.
type of climate control system often found in
large commercial or industrial buildings. IDS
hybrid password attack or

An attack that utilizes multiple attack vectors
including dictionary, rainbow table, and brute
(intrusion detection system) A software and/or
hardware system that scans, audits, and
monitors a security infrastructure for signs of
attacks in progress.
e
force attack methodologies when trying to
at
crack a password. IEEE 1394

(Institute of Electrical and Electronics
hyperthreading Engineers 1394) This standard is used to
lic
A technique that enables a single CPU to act connect up to 63 devices to form a small local
like multiple CPUs. network. Also called FireWire
up
hypervisor mode IGMP

A virtual firewall mode that runs in the core (Internet Group Management Protocol) A
hypervisor kernel and monitors all incoming protocol in the TCP/IP suite that supports
D
and outgoing traffic. multicasting in a routed environment.
I/O bus ILO

ot
Also known as main bus or expansion slot bus. (Integrated Lights-Out) An LOM created by
It handles traffic between hardware HP that can be embedded in or added to HP
components and the processor (via the servers.
N
memory bus).
imaging
IaaS The process of copying the contents of one
o
(Infrastructure as a Service) A cloud computing computer hard disk to another hard disk of
D
service that enables a consumer to outsource identical configuration so as to create an

computing equipment purchases and running identical clone of the source disk.
their own data center.
IMAP4
IANA (Internet Message Access Protocol) A protocol
(Internet Assigned Number Authority) An used for retrieving email messages and folders
international organization established in 1993 from a mail server.
Glossary
impact analysis intranet

A structured method for examining proposed A private network that uses Internet protocols
changes to identify any unforeseen adverse and services to share a company’s information
effects the change might have on an with its employees.
organization.
intrusion detection
impedance A process of monitoring the events occurring
A force that opposes the flow of electricity in on a device or a network and analyzing them to
e
an AC circuit. Impedance is measured in ohms detect possible incidents that are violations or
(Ω). imminent threats of security policy violations
ut
and standard security practices.
impersonation
A type of spoofing in which an attacker IP
ib
pretends to be someone they are not; typically (Internet Protocol) A connectionless Network-
an average user in distress or a help desk layer protocol that is responsible for sending
tr
representative. data packets across a network.
is
implicit deny IP address
The principle that establishes that everything A unique identifier assigned to every node
D
that is not explicitly allowed is denied. connected to a TCP/IP network, such as the
Internet.
incident management
Practices and procedures that govern how an
organization will respond to an incident in
progress.
or
IP spoofing attack
A type of software attack where an attacker
creates IP packets with a forged source IP
address and uses those packets to gain access
e
infrared radiation to a remote device.
at
An electromagnetic wave with wavelengths

longer than visible light. IPS
(Intrusion Prevention System) An active, inline
lic
infrared transmission security device that monitors suspicious

A form of wireless transmission where signals network and/or device traffic and reacts in real
are sent as pulses of infrared light. time to block it. Also called NIPS.
up
insider threat IPSec

A malicious employee who in some fashion (Internet Protocol Security) A set of open,
D
compromises a network or uses their access to non-proprietary standards that you can use to
obtain sensitive company information. secure data as it travels across the network or
the Internet through data authentication and
ot
instruction encryption.
A fundamental operation that the processor
can execute. IPv4 address
N
See IP address.
intelligent switch
See managed switch. IPv6
o
An addressing scheme that uses a 128-bit

Internet
D
binary address space.

The single largest global WAN that virtually
links every country in the world. IPv6 address
A 128-bit hexadecimal number assigned to a
device on a TCP/IP network.
Glossary
iSCSI motor vehicles and in buildings for access to

(Internet SCSI) A protocol that serializes SCSI certain areas.
commands so that they can be transferred over
a TCP/IP network. key-pair encryption
An encryption system in which an individual
iSCSI has two encryption keys: the public key that
(Internet Small Computer System Interface) anyone can use to encode the message, and the
An IP-based storage networking standard for user's private key, which is used to decode
e
linking data storage facilities. messages. Also called asymmetric encryption.
ut
ISDN KVM over IP
(Integrated Services Digital Network) A digital Allows users to access servers located at
circuit switching technology that carries both remote locations through the Internet using
ib
voice and data. the IP addresses of the servers.
tr
IT asset management KVM switch
(information technology asset management) A hardware device that allows a user to control
is
The set of management policies that include multiple computers from a single keyboard,
information about the financial and contractual video unit and mouse.
D
specifications of all the hardware and software
components present in an organization's L2TP
inventory. (Layer Two Tunneling Protocol) The de facto
IT Asset Management (ITAM)

A tracking method used by organizations in
support of life cycle management of hardware
or standard VPN protocol for tunneling PPP
sessions across a variety of network protocols,
such as IP, frame relay, or ATM.
e
and software. LAN
at
(local area network) A self-contained network

iterative query that spans a small area, such as a single
A query used by a DNS server for name building, floor, or room.
lic
resolution when a client requests only the

information the server already has in its cache latency
for a particular domain name. The time delay for a packet to go from a
up
source to a destination and back to the source.

JBOD
(Just a Bunch of Disks) Also referred to as latency sensitivity
D
spanning, it is a storage method that uses a The susceptibility of a device to experience

number of external physical hard drives issues that affect delay within a network.
organized into a single logical drive to store
ot
data. LC
(Local Connector) A small form factor ceramic
jitter ferrule connector for both single mode and
N
The variability of latency over time across a multimode fiber.

network.
LDAP Server
o
Kerberos (Lightweight Directory Access Protocol server)

D
A secure method for authenticating requests It uses Specialized Directory System Agents
for services on a network. (DSAs) that process queries and updates to an
LDAP directory.
key fob
A small device that can be used for activating leased line
such things as remote keyless entry systems on See dedicated line.
Glossary
least privilege LTE

The security principle that establishes that (Long Term Evolution) A radio technology for
users and software should only have the wireless broadband access.
minimal level of access that is necessary for
them to perform the duties required of them. MAC address
(Media Access Control address) A unique,
legacy system hardware-level address assigned to every
A device running an older OS that is no longer networking device by its manufacturer. MAC
e
supported by the manufacturer. addresses are six bytes long. Also called a
physical address.
ut
life cycle management
Administration of assets from time of purchase mail server
through disposition. A computer in a network that provides “post
ib
office” facilities by storing incoming mail for
line tester distribution to users and forwards outgoing
tr
See cable tester. mail through appropriate channels. It is also
known as message server.
is
Linux
A UNIX-like operating system originally mainframe computer
D
developed by Linus Torvalds. A powerful, centralized computer that
performs data storage and processing tasks on
liquid-based cooling behalf of clients and other network devices.
Cooling methods that circulate a liquid or
liquefied gas, such as water or freon, past the
CPU to keep it cool.
malware or
Malicious code, such as viruses, Trojans, or
worms,designed to gain unauthorized access
e
log file to, make unauthorized use of, or damage
at
A record of actions and events performed on devices and networks.

an operating system.
malware attack
lic
logic bomb A type of software attack where an attacker

Code that sits dormant on a target device until inserts some type of undesired or unauthorized
it is triggered by the occurrence of specific software into a target device.
up
conditions, such as a specific date and time.

Once the code is triggered, the logic MAN
bomb “detonates,” performing whatever action (metropolitan area network) A network that
D
it was programmed to do. covers an area equivalent to a city or a

municipality.
logical network diagram
ot
A network diagram that documents the man-in-the-middle attack

protocols and applications that control the A form of eavesdropping where the attacker
flow of network traffic. makes an independent connection between
N
two victims and steals information to use

LOM fraudulently.
(Lights-Out Management) A type of OOB
o
management in which the devices can be mantrap

D
managed remotely whether or not they are A physical security control that consists of two
turned on. sets of interlocking doors inside a small space,
where the first set of doors must close before
loopback interface the second set opens.
A virtual network interface that network
applications can communicate with when
executing on the local device.
Glossary
media access method modem

A network communications mechanism that A device that enables digital data to be sent
determines whether or not a particular node over an analog medium, such as a telephone
can transmit data on a network at a given time. wire or cable provider's line.
media converter motherboard

A network device that enables networks Another term for the system board.
running on different media to interconnect and
MS-CHAPv2
e
exchange signals.
(Microsoft Challenge Handshake
ut
media tester Authentication Protocol v2) A protocol that
See cable tester. strengthens the password authentication
provided by Protected Extensible
ib
medianet Authentication Protocol (PEAP).
A network optimized for rich media, such as
tr
voice and video, which is designed to transport MT-RJ
a mixture of rich media and other content, (Mechanical Transfer Registered Jack) A
is
such as text. compact snap-to-lock connector used with
multimode fiber. Also called a Fiber Jack
memory
D
connector.
A repository that allows temporary storage of
information that your processor needs to make MTTR
calculations, run programs, open documents.
Memory bus
or
Also known as system bus, front side bus, local
(Mean Time To Resolution) The average
amount of time it takes to resolve a particular
issue.
e
bus, or host bus. It handles traffic between the multicore processor
at
CPU, the chipset, and RAM. A CPU in which system resources are shared
and all cores reside on the same chip.
memory interleaving
lic
The process of splitting main memory into multifactor authentication

several physically separate components called Any authentication scheme that requires
banks or modules. validation of at least two of the possible
up
authentication factors.
memory pairing
A technique to couple two physical memory multimeter
D
banks and enhance server performance. An electronic measuring instrument that takes
electronic measurements, such as voltage,
memory timing current, and resistance.
ot
The time taken by memory to produce the

required data from the start of the access until multimode fiber
the data is available for use. A type of fiber optic cable that carries multiple
N
light signals on a single strand.

microwaves
An electromagnetic wave with wavelengths multiplexer
o
shorter than radio waves. See mux.

D
mixed mode network multiplexing

A network that incorporates elements from A controlled media access method in which a
more than one of the three standard network central device called a multiplexer combines
configurations. signals from multiple nodes and transmits the
combined signal across a medium.
Glossary
multiprocessing NEMA
The concurrent execution of instructions by (National Electrical Manufacturers
more than one processor. Association) Defines specifications for power
cords and plugs.
multiprocessor
In a multiprocessor system, there are two NETSTAT
separate processors, each with its own system
resources. network
e
A group of devices that are connected together
mutual authentication to communicate and share network resources.
ut
A security mechanism that requires that each
party in a communication verify their identity. network analyzer
A software or hardware tool that integrates
ib
MX diagnostic and reporting capabilities to provide
(Mail Exchanger) A DNS record that maps a a comprehensive view of an organization's
tr
domain name to a mail exchange server list. network.
is
NaaS network backbone
(Network as a Service) A cloud computing The highest-speed transmission path that
D
service that provides network-based services carries the majority of network data.
through the cloud, including monitoring and
QoS management. network configuration
NAC
(Network Access Control ) A general term for
the collected protocols, policies, and hardware
or
A design specification for how the nodes on a
network are constructed to interact and
communicate.
e
that govern access on device network network management
at
interconnections. Management of systems on the network using

various activities, methods, procedures, and
name resolution tools that relate to the operation,
lic
The process of identifying a network node by administration, maintenance, and provisioning

translating its host or domain name to the of these systems.
corresponding IP address.
up
network media
NAS The bounded or unbounded conduit through
(Network-Attached Storage) A specialized file which signals flow.
D
server that is designed and dedicated to

support only data storage needs. Network Operating System (NOS)
An operating system that controls the
ot
NAS functioning of various network components by

(network attached storage) A device or implementing necessary protocol stacks and
appliance that provides only file-based data device drivers appropriate for the hardware.
N
storage services to other network devices.

network policy
NAT A formalized statement that defines network
o
(Network Address Translation) A form of functions and establishes expectations for

D
Internet security that conceals internal users, management, and IT personnel.

addressing schemes from external networks,
such as the Internet. network-based firewall
A dedicated hardware/software combination
NBTSTAT that protects all the devices on a network by
A Windows utility that is used to view and blocking unsolicited traffic.
manage NetBIOS name cache information.
Glossary
networking standard NS
A set of specifications, guidelines, or (Name Server) A DNS record that delegates a
characteristics applied to network components DNS zone to use the given authoritative name
to ensure interoperability and consistency servers.
among them.
nslookup
NIC A utility that is used to test and troubleshoot
(network interface card) A device that serves as domain name servers.
e
an interface between the device and the
network. Also called a network adapter or NTP
ut
network card. (Network Time Protocol) A protocol for
synchronizing the clocks of computer systems
NIDS over packet-switched, variable-latency data
ib
(network intrusion detection system) A system networks.
that monitors network traffic and restricts or
tr
alerts when unacceptable traffic is seen in a NTP
system. (Network Time Protocol) An Internet protocol
is
that enables synchronization of device clock
NIPS times in a network of devices by exchanging
D
(network-based intrusion prevention system) time signals.
An application that monitors the entire
network and analyzes its activity, detects ohm
malicious code and unsolicited traffic, and
takes the necessary action to protect the
network. Also called an IPS.
or The value of electrical resistance through
which one volt will maintain a current of one
ampere.
e
node omni-directional antenna
at
Any device that can connect to the network A type of antenna that radiates the signal beam
and generate, process, or transfer data. out in all directions and has lower gain but a
wider coverage area. Also called a
lic
noise unidirectional antenna.

In electronics, random changes and
disturbances in an electrical signal, such as OOB management
up
EMI or RFI. (out-of-band management) Refers to server

management tasks that are accomplished
non-repudiation without using the production network.
D
The security goal of ensuring that data remains

associated with the party that creates it or open port
sends a transmission. A TCP or UDP port number that is configured
ot
to accept packets.
Northbridge
A component of the chipset that controls the optical disk
N
system memory and the AGP video ports, and An internal storage device that stores data
sometimes the cache memory. optically, rather than magnetically.
o
NOS OS
D
(Network Operating System) An operating (Operating System) A software package that

system that controls the functioning of a enables a computer to function.
network by implementing necessary protocol
stacks and device drivers appropriate for the OSI model
network hardware. (Open Systems Interconnection model) A
standard means of describing network
Glossary
communication by defining it as a series of PATA

layers, each with a specific input and output. Parallel AT Attachment is an older type of
hard drive. Still used in CompactFlash storage.
PaaS
(Platform as a Service) A cloud computing patch
service that enables consumers to rent fully A small unit of supplemental code meant to
configured systems that are set up for specific address either a security problem or a
purposes. functionality flaw in a software package or
e
operating system.
packet
ut
See data packet. patch management
The practice of monitoring for, evaluating,
packet loss testing, and installing software patches and
ib
The number of packets that are lost or updates.
damaged during transmission.
tr
pathping
packet sniffer A TCP/IP command that provides
is
A device or program that monitors network information about latency and packet loss on a
communications and captures data. network.
D
packet sniffing PC connector
An attack on a network where an attacker (physical contact connector) A fiber optic
captures network traffic, allowing data to be
extracted from the packets.
PAN
or
connector that has end faces that are polished
to be slightly curved or spherical to eliminate
any air gap and force the fibers into contact.
e
(personal area network) A network that PCI
at
connects two to three devices with cables and (Peripheral Component Interconnect) See PCI
is most often seen in small or home offices. bus.
lic
PAP PCI bus

(Password Authentication Protocol) A remote- (Peripheral Component Interconnect bus) A
access authentication method that sends client peripheral bus commonly used in PCs that
up
IDs and passwords as cleartext. provides a high-speed data path between the
CPU and peripheral devices.
passive IDS
(passive intrusion detection system) A system PCI Express
D
that detects potential security breaches, logs (Peripheral Component Interconnect Express)
the activity, and alerts security personnel. A video adapter bus that is based on the PCI
ot
computer bus. PCIe supports significantly

password attack enhanced performance over that of AGP.
Any type of attack in which the attacker
N
attempts to obtain and make use of passwords PCIe

illegitimately. (Peripheral Component Interconnect Express)
See PCI Express.
o
PAT
(Port Address Translation) A subset of PDU
D
dynamic NAT functionality that maps either (protocol data unit) An umbrella term that
one or multiple unregistered addresses to a refers to the data packets, frames, packets,
single registered address using multiple ports. segments, and datagrams that carry
Also called overloading. information across a network.
Glossary
peer physical port

A self-sufficient device that acts as both a A hardware interface that enables external
server and a client. devices to communicate with servers.
peer-to-peer network physical topology

A network in which resource sharing, A topology that describes a network's physical
processing, and communications control are layout and shape.
completely decentralized.
ping
e
peer-to-peer network A TCP/IP command used to verify the
ut
A network in which resource sharing, network connectivity of a device, and also to
processing, and communications control are check if the target device is active.
completely decentralized. Also called a
ib
workgroup. PKI
(Public Key Infrastructure) An encryption
tr
performance counters system that is composed of a CA, certificates,
The performance parameters associated with software, services, and other cryptographic
is
an object or a server component. components for the purpose of verifying
authenticity and enabling the validation of data
performance monitor
D
and entities.
A software tool that monitors the state of
services or daemons, processes, and resources plaintext
on a device.
permanent DoS
or
(permanent denial of service) An attack that
Unencoded data. Also called cleartext.
plenum
An air handling space, including ducts and
e
damages a device so badly that it must be other parts of the HVAC system in a building.
at
replaced or hardware must be reinstalled.

plenum cable
permission A grade of cable that does not give off noxious
lic
A security setting that determines the level of or poisonous gases when burned.
access a user or group account has to a
particular resource. PoE
up
(Power over Ethernet) A standard that

personal firewall specifies a method for supplying electrical
See host-based firewall. power over Ethernet connections.
D
pharming PoE+
An attack in which a request for a website, (Power over Ethernet Plus) An updated
ot
typically an e-commerce site, is redirected to a standard that specifies a method for supplying
similar-looking, but fake, website. electrical power over Ethernet connections.
N
phishing policy statement

A type of email-based social engineering attack An outline of the plan for the individual
in which the attacker sends email from a component on a network policy.
o
spoofed source, such as a bank, to try to elicit

polling
D
private information from the victim.

A controlled media access method in which a
physical bus topology central device contacts each node to check
A physical topology in which network nodes whether it has data to transmit.
are arranged in a linear format.
Glossary
POP3 used to send IP datagrams over serial point-to-

(Post Office Protocol version 3) A protocol point links.
used for retrieving email from a mailbox on the
mail server. PPTP
(Point-to-Point Tunneling Protocol) A
port Microsoft VPN layer 2 protocol that increases
The endpoint of a logical connection that the security of PPP by providing tunneling and
client devices use to connect to specific server data encryption for PPP packets and uses the
e
programs. same authentication methods as PPP.
ut
port filtering premise wiring
A technique of selectively enabling or disabling The collection of drop cables, patch panels,
TCP and UDP ports on devices or network and patch cables that together make a
ib
devices. functional network.
tr
port number print server
A 16-bit nonnegative integer, ranging from 0 to It enables many network users to share
is
65535 that is used to identify a specific port. printers.
port scanner private IP address
D
A type of software that searches a network An address used for a node that needs IP
host or a range of IP addresses for open TCP connectivity only within the enterprise
and UDP ports.
port security
The process of protecting ports on a network
Internet.
private key
or
network, but not external connections to the
e
from unauthorized access. In key-pair encryption, the key that is known
at
only to an individual and is used to decode

POST data.
(Power-On Self Test) A built-in diagnostic
lic
program that is run every time a server starts privilege bracketing

up. The security method of allowing privileges to a
user only when needed and revoking them as
up
power connector soon as the task is complete.

An electrical connector that carry electrical
power from the power supply to every server procedure
D
component. Instructions that detail specifically how to

implement a network policy.
power management
ot
The practice of ensuring sufficient electrical processor

power to electronic and other devices. The main chip on the system board that
executes program instructions that drive the
N
power supply computer. It is also called the Central

An internal server component that converts Processing Unit (CPU).
line voltage AC power from an electrical outlet
o
to the low-voltage DC power needed by Processor bus

D
system components. Handles traffic between the CPU and the

chipset.
PPP
(Point-to-Point Protocol) A remote networking processor cache
protocol that works on the Data Link layer A type of high-speed memory that is directly
(Layer 2) of the TCP/IP protocol suite and is linked to the CPU.
Glossary
processor speed punch down tool

The number of processing cycles that a A tool used in a wiring closet to connect cable
microprocessor can perform in a given second. wires directly to a patch panel or punch down
block.
protocol analyzer
A type of diagnostic software that can examine PVC
and display data packets that are being (polyvinyl chloride) A flexible rubber-like
transmitted over a network. Also called a plastic used to surround some twisted pair
e
network analyzer. cabling.
ut
protocol binding PXE
The assignment of a protocol to a NIC. (Preboot Execution Environment) A booting
or installation technique in which a computer
ib
protocols loads the operating system from a connected
Rules that govern the transfer of information network rather than from a boot device. Also
tr
among computing devices. known as network share booting.
is
proximity reader rack system
A card reader that can read a smart card when A standardized frame or enclosure for
D
the card is held near it. mounting multiple electronic equipment and
devices.
proxy
An application that enables a sender and a
receiver to communicate without actually
setting up a direct connection between the
or
computers. It acts as a go-between to provide
rackmount server
It provides sliding rails and hinged cases for
easy access, and many components such as
hard drives, power supplies, expansion cards,
e
security. and fans are usually hot-swappable, enabling
at
you to replace faulty parts without downing the

proxy server server.
A device that isolates internal networks from
lic
the servers by downloading and storing files on radio networking

behalf of clients. A form of wireless communications in which
signals are sent via RF waves. Also called RF
up
PSTN networking.
(Public Switched Telephone Network) An
international telephone system that carries radio waves
D
analog voice data. An electromagnetic wave with wavelengths

longer than infrared light.
PTR
ot
(Pointer) A DNS record that maps the IP RADIUS

address to a host name for reverse lookup (Remote Authentication Dial-In User Service)
functionality. A protocol that enables a server to provide
N
standardized, centralized authentication for

public key remote users.
In key-pair encryption, the key that is available
o
to all and is used to encode data. RADIUS server

D
(Remote Authentication Dial-In User Service

punch down block server) It stores permissions and configuration
A device that connects groups of telephone or information for RADIUS-compatible hardware
network wires within a wiring closet. to authenticate remote network users.
Glossary
RAID reflective DoS

(Redundant Array of Independent or (reflective denial of service) An attack that
Inexpensive Disks) A set of vendor- involves sending forged requests of some type
independent specifications for fault-tolerant to a very large number of devices that will reply
configurations on multiple-disk systems. to the requests.
RAID refraction
(Redundant Array of Independent/ The phenomenon of light rays bending due to
e
Inexpensive Disks) A set of vendor- a change in speed when passing from one
independent specifications for fault-tolerant transparent medium to another.
ut
configurations on multiple-disk systems.
registered memory
RAID cache A special type of buffered memory, the
ib
A form of disk or peripheral cache. Synchronous DRAM (SDRAM) version of
buffered memory.
tr
RAM (random access memory)
The hardware component that stores data as Remote Access
is
the CPU works with it. A feature that allows an administrator to access
client systems from any location on the
RAS server
D
network.
(Remote Access Service server) A server that
provides a subset of wide area networking remote access protocol
services, including packet forwarding and
remote connections for Windows-based
clients, and enables you to implement VPNs
over the Internet or other public network.
or
A type of protocol that enables users to access
a remote access server and transfer data.
remote desktop
e
A connection mode that enables a user to
at
RAS server access any network device from their

(Remote Access Services server) A server that workstation and perform tasks on the remote
enables a user to dial in and authenticate with device.
lic
the same account he or she uses at the office.

remote desktop assistance
RDP Software that enables a remote client to control
up
(Remote Desktop Protocol) The proprietary a host device on the network or run
protocol created by Microsoft for connecting applications from a server, while both the local
to and managing devices that are not and remote user see the same screen and can
D
necessarily located at the same place as the have control of the device.
administrator.
remote desktop control
ot
recursive query Software that enables a remote client to control

A query used by a DNS server for name a host device on the network or run
resolution when a client requests that its applications from a server.
N
preferred DNS server find data on other DNS

servers. remote management
A feature of NOS that allows the server
o
redundancy power hardware and applications on it to be managed

D
The ability of the power supply to provide fault from any remote location in the network.
tolerance for the system’s power and to
prevent server shutdown due to a power remote networking
supply failure. A type of network communication that enables
users who are not at the same physical
locations to access network resources.
Glossary
repeater and the sequence in which they are used and

A device that regenerates a signal to improve reused.
transmission distances.
routable protocol
replication A network protocol which provides separate
The process of sharing and synchronizing data network and node addresses to work with
across multiple devices or servers. routers.
RF route
e
(radio frequency) A frequency in which The path used by data packets to reach a
ut
network or other communications take place specified destination.
using radio waves in the 10 KHz to 1 GHz
range. router
ib
A networking device that connects multiple
RFI networks that use the same protocol.
tr
(radio frequency interference) A type of noise
that is caused by electrical radiation or routing
is
induction and that disrupts an electrical signal The process of selecting the best route for
in wireless communication. moving a packet from its source to destination
D
on a network.
RISC
(Reduced Instruction Set Computer) A design routing table
strategy for computer architecture that
depends on a combination of hardware and or
software to perform complicated instructions.
A database created manually or by a route-
discovery protocol that contains network
addresses as perceived by a specific router. A
router uses its route table to forward packets to
e
riser card another network or router.
at
A board that is plugged into the system board

and provides additional slots for adapter cards. SaaS
(Software as a Service) A cloud computing
lic
rogue access point service that enables a service provider to make

An unauthorized wireless access point on a applications available over the Internet.
corporate or private network, which allows
up
unauthorized individuals to connect to the SAN

network. (storage area network) A special-purpose high-
speed network that is dedicated to data storage.
rollover cable
D
A network cable that connects a device to a SAN

router's console port. (storage area network) A high-speed data
ot
transfer network that provides access to

rollup consolidated block-level storage.
A collection of previously issued patches and
N
hotfixes, usually meant to be applied to one SAS

component of a device, such as a web browser (Serial Attached SCSI) A serial version of the
or a particular service. SCSI interfaces. SAS is a point-to-point
o
architecture that uses a disk controller with

rootkit
D
four or more channels operating

Software that is intended to take full or partial simultaneously. SAS also supports serial ATA
control of a device at the lowest levels. (SATA) drives, which can be mixed with SAS
drives in a variety of configurations.
rotation method
The schedule that determines how many
backup tapes or other media sets are needed,
Glossary
SATA server
(Serial Advanced Technology Attachment) A A network device or process that shares
type of hard drive that requires a serial data resources with and responds to requests from
channel to connect the drive controller and the computers, devices, and other servers on the
disk drives. network.
SC server baselining
(Subscriber Connector or Standard Connector) The method of analyzing the performance of a
e
A connector used in a duplex configuration sever by comparing its current performance
where two fibers are terminated into two SC with the performance before an upgrade or
ut
connectors that are molded together. modification.
SCSI server blade
ib
(Small Computer System Interface) An older It consists of a single circuit board holding
personal computer connection standard that components such as processors, memory, and
tr
provides high-performance data transfer network connections that are usually found on
between the SCSI device and the other multiple boards.
is
components of the computer. SCSI is
pronounced "scuzzy." server rack diagram
D
A graphical representation of the location of
SDRAM individual server racks, electrical power
(Synchronous DRAM) Runs at high clock connections, and network connections to be
speeds and is synchronized with the CPU bus.
secure protocol
A protocol that does not expose data and/or
or
used for a server.
server virtualization
A resource management feature that allows the
e
credentials in cleartext, so it is less likely to operating system to isolate the physical
at
allow for the credentials or data to be viewed characteristics of the server hardware from
and captured by someone else. users.
lic
security incident service pack

A specific instance of a risk event occurring, A collection of operating system updates that
whether or not it causes damage. can include functionality enhancements, new
up
features, and typically, all patches, updates, and

security policy hotfixes issued up to the point of the service
A formalized statement that defines how pack release.
D
security will be implemented within a particular

organization. SFP
(Small Form Factor Pluggable) A transceiver
ot
segment used to convert electrical signals to optical

A physical subdivision of a network that links signals.
multiple devices or serves as a connection
N
between two nodes. SFTP

(Secure File Transfer Protocol) A protocol
serial cable
o
based on SSH2 that provides for secure file

A type of bounded network media that transfers on an IP network.
D
transfers information between two devices

using serial transmission. shadow copy
A feature that allows users to make manual or
server automatic backup copies or snapshots of a file
A computer that provides services to client or folder on a specific volume at a specific
computers as well as to other servers on a point in time.
network.
Glossary
share-level permissions SLAs

Permissions set for network shares (Service Level Agreements). The various
agreements made with the vendors of server
shell components to ensure a reliable post
A command language interpreter in which you installation servicing and maintenance of the
enter commands. components.
shielding SMA
e
A method of placing grounded conductive (Sub Multi Assembly or Sub Miniature type A)
material around bounded media to prevent the A connector with a threaded ferrule on the
ut
introduction of noise into the media. outside used when water or other
environmental factors necessitate a waterproof
shroud
ib
connection.
A device that serves as a standoff between the
fans and the heat source. smart card
tr
A plastic card containing an embedded
signal computer chip that can store different types of
is
The electromagnetic pulses that are transmitted electronic information.
across a network medium.
D
SMB
simplex (Server Message Block) A protocol that works
A communication mode that provides the one- on the Application layer and is used to share
way transfer of information.
single instance storage or

Eliminates duplicate files that are exactly the
files, serial ports, printers, and communications
devices—including mail slots and named pipes
—between devices.
e
same, with a pointer to a single file. Works at SMTP
at
the file level. Compare to data deduplication. (Simple Mail Transfer Protocol) A
communications protocol that enables sending
single mode fiber
email from a client to a server or between
lic
A type of fiber optic cable that carries a single

servers.
optical signal.
sniffing attack
up
single point of failure

See eavesdropping attack.
A portion of a network, which can be a cable, a
network device, a server, or any other device, SNMP
that will cause the entire network to stop
D
(Simple Network Management Protocol) The

functioning if it fails. Internet standard protocol developed to
manage nodes on an IP network. It can be
single-phase electricity
ot
used to monitor network devices and their

AC power where all voltages in the power
functions.
supply vary simultaneously.
N
SNMP
site survey
(Simple Network Management Protocol) An
An analysis technique that determines the
o
Application-layer protocol used to exchange

coverage area of a wireless network, identifies
information between network devices.
any sources of interference, and establishes
D
other characteristics of the coverage area. SOA

(Start of Authority) A DNS record that
SLA
specifies authoritative information about a
(Service Level Agreement) An agreement
DNS zone.
entered into by the transmitter/ISP and the
receiver/subscriber.
Glossary
social engineering attack spread spectrum

A type of attack that uses deception and A form of radio transmission in which the
trickery to convince unsuspecting users to signal is sent over more than one frequency to
provide sensitive data or to violate security discourage eavesdropping.
guidelines.
spyware
socket Surreptitiously installed malicious software that
Motherboard connector into which a CPU is is intended to track and report on the usage of
e
inserted. a target device or collect other data the author
wishes to obtain.
ut
socket
An identifier for an application process on a SRV
TCP/IP network. (Service Locator) A DNS record that specifies
ib
a generic service location record for newer
soft quota protocols.
tr
A warning level of the disk quota, at which
users are informed that they are nearing their SSA
is
allotted limit. (Serial Storage Architecture) A fault-tolerant
peripheral interface that transfers data at 80
software attack
D
and 160 MB/s. SSA uses SCSI commands,
Any attack that targets software resources allowing existing software to drive SSA
including operating systems, applications, peripherals such as disk drives.
protocols, and files.
SOHO
(small office home office) A description used
SSD or
(solid state drive) A personal computer storage
device that stores data in non-volatile special
e
for a small network that contains up to 10 memory instead of on disks or tape.
at
nodes.
SSH
Southbridge (Secure Shell) A program that enables a user or
lic
A component of the chipset that controls an application to log on to another device over
input/output functions, the system clock, a network, run commands in a remote
drives and buses, APM power management, machine, and transfer files from one machine
up
and various other devices. to the other.
spam SSHD
D
An email-based threat that floods the user's (solid state hybrid drive) A personal computer
inbox with emails that typically carry storage device that offers the best features of
unsolicited advertising material for products or solid state and magnetic data storage by
ot
other spurious content, and which sometimes combining the traditional rotating platters of a
delivers viruses. magnetic HDD and a small amount of high-
speed flash memory on a single drive.
N
spim
An IM-based attack similar to spam, but is SSID
propagated through instant messaging instead
o
(Service Set Identifier) A 32-bit alphanumeric

of through email. string that identifies a WAP and all devices
D
attached to it.
spoofing
A human- or software-based attack where the SSID broadcast
goal is to pretend to be someone else for the (service set identifier) A continuous
purpose of identity concealment. announcement by a WAP that transmits its
name so that wireless devices can discover it.
Glossary
SSL STP
(Secure Sockets Layer) A security protocol that (shielded twisted pair) A type of twisted pair
uses certificates for authentication and cabling that includes shielding around its
encryption to protect web communication. conductors.
SSO STP
(Single Sign-On) A session/user authentication (Spanning Tree Protocol) A Layer 2 protocol
process that permits a user to enter one name that is used for routing and prevents network
e
and password to access multiple applications. loops by adopting a dynamic routing method.
Replaced by the Rapid Spanning Tree Protocol
ut
ST (RSTP), IEEE 802.1w, and Shortest Path
(Straight Tip) A connector used to connect Bridging (SPB).
multimode fiber.
ib
straight-blades
standalone operating systems Power plugs with straight prongs.
tr
An operating system that is designed for
supporting a single computer. straight-through cable
is
A network cable that connects unlike devices.
standard Also called a patch cable.
D
A measure of adherence to the network policy.
strong password
stateful firewall A password that meets the complexity
and monitors entire conversations.
stateful inspection
or
A firewall that performs stateful inspections requirements that are set by a system
administrator and documented in a password
policy.
e
The process of examining data within a packet subnet
at
as well as the state of the connection between A logical subset of a larger network created by
the internal and external devices. an administrator to improve network
performance or to provide security.
lic
stateless firewall
A firewall that manages and maintains the subnet mask
connection state of a session using the filter, A number assigned to each host for dividing
up
and ensures that only authorized packets are the IP address into network and node portions.
permitted in sequence.
subnetting
stateless inspection
D
The technique of dividing a large network into

The process of comparing each individual smaller interconnected domains to prevent
packet to a rule set to see if there is a match, excessive rates of packet collision.
ot
and then if there is a match, acting on that

packet (permits or denies) based on the rule. subnetting
The process of logically dividing a network
N
static routing into smaller subnetworks or subnets.

A type of routing used by a network
administrator to manually specify the mappings switch
o
in the routing table. A network device that acts as a common

D
connecting point for various nodes or

storage device segments.
A hardware device that is used to store data.
switched Ethernet
A LAN technology that connects devices using
switches, enabling the devices on each
Glossary
switched connection to utilize the full TCP/IP protocol stack

bandwidth of the medium. The collection of protocols that work together
to provide communications on IP networks.
system BIOS
The BIOS that sets the computer’s TDM
configuration and environment when the (Time-Division Multiplexing) A multiplexing
system is powered on. method in which the communication channel
is divided into discrete time slots that are
system board
e
assigned to each node on a network.
A printed circuit board that houses processor
ut
or memory chips, controller circuits, buses, Telnet
slots, and sockets. It is also referred as A terminal emulation protocol that allows
motherboard. users at one site to simulate a session on a
ib
remote host.
TACACS
tr
(Terminal Access Controller Access Control terminal
System) An authentication protocol that An end user's device on a host-based network,
is
provides centralized authentication and dedicated to transmitting data to a host for
authorization services for remote users. processing and displaying the results to the
D
user.
TACACS+
(Terminal Access Controller Access Control terminal emulator
System Plus) An authentication protocol that
uses TCP port 49, supports multifactor
authentication, and is considered more secure
and scalable than RADIUS.
or
Software that enables a standard client device
to appear as a dedicated terminal to a
mainframe computer .
e
terminal server
at
tape drive A specialized server that aggregates multiple

A personal computer storage device that stores communication channels together.
data magnetically on a removable tape.
lic
termination
tape libraries Adding a resistor to the ends of a coax
An external storage device that stores, network segment to prevent reflections that
up
retrieves, reads, and writes data on multiple would interfere with the proper reception of
magnetic tape cartridges. signals.
TCP terminator
D
(Transmission Control Protocol) A A network component attached to the ends of

connection-oriented, guaranteed-delivery a network cable that can impede or absorb
ot
protocol used to send data packets between signals so they cannot reflect onto the cable.
devices over a network, like the Internet.
TFTP
N
TCP/IP (Trivial File Transfer Protocol) A protocol

(Transmission Control Protocol/Internet used for loading the operating system on a
Protocol) A network protocol suite that is PXE client from a PXE server on TCP/IP
o
routable and allows devices to communicate based networks.

D
across all types of networks.

TFTP
TCP/IP model (Trivial File Transfer Protocol) A simple
A four-layer data communication model version of FTP that uses UDP as the transport
developed by the United States Department of protocol and does not require a logon to the
Defense. To some extent, it is similar to the remote host.
OSI model.
Glossary
thermal dissipation cryptography for mutual authentication and

Items such as heat sinks, liquid coolant, and data encryption over a TCP/IP connection.
thermal compound used to draw heat away
from components. token
A physical or virtual object that stores
thermal paste authentication information.
A paste that is used to connect a heat sink to a
CPU to provide a liquid thermally conductive token ring
e
compound gel that fills any gaps between the A type of technology used on ring networks in
CPU and the heat sink to permit a more which devices pass a special sequence of bits
ut
efficient transference of heat from the called a token between them.
processor to the heat sink.
tone generator
ib
ThickNet An electronic device that sends an electrical
Ethernet networking over RG8 cabling. signal through one set of UTP cables.
tr
thin client tone locator
is
A device or process that depends on a server An electronic device that emits an audible tone
to fulfill its computational needs. when it detects a signal in a set of wires.
D
ThinNet top
Ethernet networking over RG58/U or A CPU usage monitoring tool offered in
RG58A/U cabling.
threat
or
Any potential violation of security policies or
UNIX and Linux systems that provides a static
snapshot or a real-time display of the processes
currently running on a CPU.
e
procedures. topology
at
A network specification that determines the

three-phase system network's overall layout, signaling, and data-
AC power where current in each conductor flow patterns.
lic
reaches peak values sequentially rather than

simultaneously. tower server
It looks like a traditional desktop PC but
up
threshold includes more opportunities for expansion.

It is the value that signals that an object or a Tower servers take up more physical space
component functioning outside the acceptable than newer form factors, but they often
D
performance limits. provide the best value for smaller companies

and departmental networks.
threshold
ot
When monitoring network performance, the tracert

value that signals that an object or component A command that determines the route data
is functioning outside acceptable performance takes to get to a particular destination.
N
limits.
traffic filtering
TIA A method that allows only legitimate traffic
o
(Telecommunications Industry Association) through to the network.

D
Developed the 568 Commercial Building

Telecommunication Cabling standard in transceiver
association with EIA. A device that has a transmitter and a receiver
integrated into it to send and receive data.
TLS
(Transport Layer Security) A security protocol
that uses certificates and public key
Glossary
Trojan horse designed to improve software interoperability

An insidious type of malware that is itself a and address the limitations in BIOSs.
software attack and can pave the way for a
number of other types of attacks. unauthorized access
Any type of network or data access that is not
troubleshooting explicitly approved by an organization.
The recognition, diagnosis, and resolution of
problems on a network. unbounded media
e
A network medium that does not use a
troubleshooting model physical connection between devices and can
ut
A standardized step-by-step approach to the transmit electromagnetic signals through the
troubleshooting process. air using radio waves, microwaves, or infrared
radiation.
ib
TTL
(Time to Live) A numeric value that specifies unidirectional antenna
tr
how many hops or passes through routers that See omni-directional antenna.
a packet is allow
is
UNIX
tunnel A trademark for a family of operating systems
D
A logical path through the network that originally developed at Bell Laboratories
appears as a point-to-point connection. beginning in the late 1960s.
tunneling UPC connector

A data transport technique in which a data
packet is transferred inside the frame or packet
of another protocol, enabling the infrastructure
or
(ultra physical contact connector) A fiber optic
connector where the end faces are given an
extended polishing for a better surface finish.
e
of one network to be used to travel to another
UPS
at
network.
(uninterruptible power supply) A device that
twist-lock connectors provides backup power when the electrical
lic
Power plugs with connectors that you twist to power fails or drops to an unacceptable voltage
lock in place. level.
up
twisted pair usage quota

A type of cable in which two conductors or A disk quota that limits the amount of disk
pairs of copper wires are twisted around each space that can be used by a user. Also known
D
other and clad in a color-coded, protective as block quota.

insulating plastic sheath or jacket.
USB
ot
two-factor authentication (universal serial bus) A hardware interface

An authentication scheme that requires standard designed to provide connections for
validation of two authentication factors. numerous peripherals.
N
UDP USB
(User Datagram Protocol) A connectionless (Universal Serial Bus) A hardware interface
o
Transport-layer protocol that is one of the standard designed to provide connections for
D
protocols in the Internet protocol suite and is numerous peripherals.

used with IP. It is also called the Universal
Datagram Protocol. USB connection
A personal computer connection that enables
UEFI you to connect multiple peripherals to a single
(Unified Extensible Firmware Interface) A port with high performance and minimal
standard firmware interface for PCs that was device configuration.
Glossary
USB connection VLAN

(Universal Serial Bus connection) A personal (Virtual LAN) A logical grouping of ports on a
computer connection that enables you to switch.
connect multiple peripherals to a single port
with high performance and minimal device VNC
configuration. (Virtual Network Computing) A platform-
independent desktop sharing system.
UTP
VNIC
e
(unshielded twisted pair) A type of twisted pair
cabling that does not include shielding around (virtual network interface card) A software
ut
its conductors. program that enables a VM to communicate
with other VMs on the shared host.
video conferencing
ib
A UC technology that enables users at two or voice over data system
more geographic locations to communicate by A communications system that replaces
tr
simultaneous two-way audio and video traditional telephone links by transmitting
transmission. analog voice communications over digital
is
WAN networking technologies.
virtual firewall
VoIP
D
A firewall service or appliance that runs
entirely within a virtualized environment. (Voice over IP) A voice over data
implementation in which voice signals are
virtual router
A software-based routing framework that
enables the host device to act as a hardware
router over a LAN.
or transmitted over IP networks.
voltage
The force of electricity caused by a difference
e
in charge, or electric
at
virtual switch
A software application that enables voltmeter
communication between VMs. An electrical instrument that measures voltage
lic
and resistance between two points in a circuit.

virtualization
Technology that enables one or more VPN
up
simulated devices to run within one physical (Virtual Private Network) A network that uses
device. a public telecommunication infrastructure,
such as the Internet, to provide remote offices
virus
D
or individual users with secure access to their

A sample of code that spreads from one device organization’s network.
to another by attaching itself to other files.
ot
VPN
vishing (Virtual Private Network) A private network
(voice phishing) A human-based attack where that is configured within a public network,
N
the attacker extracts information while such as the Internet.

speaking over the phone or leveraging IP-
based voice messaging services, such as VoIP. VSS
o
(Volume Snapshot Service) An implementation

VLAN
D
of the shadow copy feature in the releases of

(Virtual LAN) A logical subgroup within a Microsoft Windows server operating systems.
local area network established via software
rather than manually shifting cables in the VT
wiring closet. (Virtualization Technology) A feature to
enhance the processor design by implementing
Glossary
virtualization on it. It is also known as AMD WBEM

Virtualization (AMD-V). (Web-Based Enterprise Management)
Management of a network performed using
vulnerability web browsers that retrieve information from
Any condition that leaves a device open to web servers and display it using web pages.
attack.
web server
wait state A computer that provides World Wide Web
e
A period during which a CPU or bus remains services on IP networks, including the Internet.
idle, often due to differences in clock speeds
ut
among various components. WEP
(Wired Equivalent Privacy) A protocol that
Wake-on-LAN provides 64-bit, 128-bit, and 256-bit encryption
ib
A concept that enables users to remotely using the Rivest Cipher 4 (RC4) algorithm for
power-on client systems simply by sending a wireless communication that uses the 802.11a
tr
specially formatted network packet known as a and 802.11b protocols.
magic packet.
is
WEP cracking
WAN (Wired Equivalent Privacy cracking) An attack
D
(wide area network) A network that spans that attempts to gain access to private wireless
multiple geographic locations connecting networks by cracking WEP encryption keys.
multiple LANs using long-range transmission
media.
WAP
(Wireless Access Point) A device that provides
whaling
or
An email- or web-based form of phishing that
targets individuals who are known to be upper-
level executives or other high-profile
e
a connection between wireless devices and can employees, with the goal of obtaining sensitive
at
connect to wired networks. information. Also called spear phishing.
war chalking white hat

lic
Using symbols to mark off a sidewalk or wall A hacker who exposes security flaws in
to indicate that there is an open wireless applications and operating systems so
network which may be offering Internet access. manufacturers can fix them before they
up
become widespread problems.

war driving
The act of searching for instances of wireless Windows security policy
D
LAN networks while in motion, using wireless A group of configuration settings within
tracking devices like smartphones, tablets, or Windows operating systems that control the
laptops. overall security behavior of a device.
ot
warm site Windows Server

A business site that performs noncritical A family of NOSs from Microsoft.
N
functions under normal conditions, but which

can be rapidly converted to a key operations WINS
site, if needed. (Windows Internet Naming Service server) It
o
provides name resolution for Windows-based

watts
D
networks.
Amps multiple by volts. A measurement of the
electrical work done in one second. wire crimper
A tool that attaches media connectors to the
waveform ends of cables.
The graphical representation of a signal.
Glossary
wireless antenna WPA cracking

A device that converts high-frequency signals (Wi-Fi Protected Access cracking) An attack
on a cable into wireless electromagnetic waves that attempts to gain access to private wireless
and vice versa. networks by cracking WPA encryption keys.
wireless communication WPA2

A type of communication in which signals are (Wi-Fi Protected Access version 2) A security
transmitted over a distance without the use of protocol that provides WPA with AES cipher-
e
a physical medium. based CCMP encryption for even greater
security and to replace TKIP.
ut
wireless security
Any method of securing a WLAN network to WPAN
prevent unauthorized network access and (wireless personal area network) A network
ib
network data theft while ensuring that that connects devices in very close proximity
authorized users can connect to the network. but not through a WAP.
tr
wiring closet WPS cracking
is
A small room that contains patch panels. Also (Wi-Fi Protected Setup cracking) An attack
called a network closet or telecommunication that attempts to gain access to private wireless
D
closet. networks by cracking WPS encryption keys.
WLAN write-back cache
network of two or more devices connected

using a wireless connection.
or
(wireless local area network) A self-contained A caching method where changes to data
stored in L1 cache aren’t copied to the main
memory until absolutely necessary.
e
workgroup write-through cache
at
See peer-to-peer network. It performs all write operations in parallel; data

is simultaneously written to the main memory
workstation and the L1 cache.
lic
A class of high-end computers designed for

technical, scientific, and commercial X Window system
applications. A remote control protocol that uses a client-
up
server relationship to provide GUI and input

WORM device management functionality to
(Write Once Read Many) A storage system that applications.
D
allows information to be written once on

storage media, however the data can be read XD
several times. (Execute Disable) A security feature to provide
ot
protection against buffer overflow attacks by

worm preventing the execution of code in the
Code that spreads from one device to another segregated memory space. This is called No
N
on its own, not by attaching itself to another Execute (NX).

file.
zero day attack
o
WPA An attack that exploits a previously unknown

D
(Wi-Fi Protected Access) A security protocol vulnerability in an application or operating

introduced to address some of the system.
shortcomings in WEP, WEP, WPA2, and Wi-
Fi. ZIF socket
(Zero Insertion Force socket) A type of
processor socket that uses a lever to tighten or
Glossary
loosen pin connections between the processor

chip and the socket.
zone
A file that physically divides the DNS database
and contains the actual IP-to-host name
mappings for one or more domains.
e
ut
ib
tr
is
D
or
e
at
lic
up
D
ot
N
o
D
Glossary
D
o
N
ot
D
up
lic
at
e
or
D
is
tr
ib
ut
e
Index
e
ut
ib
tr
A storage 267
storage security 267
is
Access Control List, See ACL
types of 262
access list 233
verification 267
access point 125
D
backup sites
ACL 211
and distance requirements 254
address bus 3
types of 254
airflow 24
air flow 56
algorithms
for encryption 218
or
baffles 25
baseline 160
baselines 157
e
Basic Input Output Sequence, See BIOS
antivirus software 315
binary numbering system
at
application
conversion to decimal 79
hardening 225
biometric lock 232
updates 139
lic
biometrics 232
Application layer 145
BIOS
application server 116
configuration data 49
armor 69
up
blade server 37
authentication
blade servers 41
multifactor 230
bridge 125
authentication protocols 203
bus
D
types 7
B business impact analysis 253
ot
backup devices
testing 267 C
backups
N
CA 218
and open files 262
cables
and types of media used 264
crossover 69
o
best practices for 267

fiber optic 69
by OS 263
management 72
D
combining different types of 263

patch 68
data vs. OS restore 268
patch panel 72
restoration 268
rollover 69
retention 268
straight-through 69
securing 268
cache 3
Campus Area Network, See CAN voltage 18

CAN 36 CPU stepping 3
capacity planning crossover cables 69
considerations 175 cryptographic techniques
cat 1 cables 68 encryption as 217
Central Processing Unit, See CPU cryptography 217
certificate authority, See CA
certificate management system 220 D
e
certificate repository database 220
certificates DAS 185
ut
self-signed 219 data
change management declassifying 269
retaining and disposing of 268
ib
benefits 136
documenation 152 database server 116
documentation 137 data bus 3
tr
patch 137 data deduplication 176
policies 152 daughter board 11
is
process benefits 152 DDR2 5
cipher locks 232 DDR3 SDRAM 5
D
ciphers decimal numbering system
letter-substitution 218 conversion to binary 79
ciphertext 217 default gateways 81
classified data
access controls for 269
cleartext 217
or demilitarized zone, See DMZ
device drivers
updates 140
e
client notification 151 DHCP 130
digital certificate 218
at
client-server network 36
clock multiplier 3 direct attached storage, See DAS
cloning 61 directory server 116
lic
clustering disaster
and configurations 256 defined 253
CMOS 49 disaster recovery
up
Column Access Strobe latency, See CAS backup sites 254

latency business continuity plan 260
command line 146 business impact analysis 253
capacity planning 244
D
commands
slogin 145 continuity of operations 258
connection COOP 258
ot
duplexing 76 environmental controls 242

connectors environmental safety 244
and wiring schemes 68 HVAC environment 245
N
RJ-11 68 power distribution unit 243

RJ-45 67 redundant circuits 244
redundant power supplies 244
o
small form-factor pluggable 72

continuity of operations 258 replication methods 254
D
Continuity of Operations Plan, See COOP uninterruptable power supply 242

cooling system 23 disaster recovery plan 259
COOP 258 disaster recovery plans
core 3 components of 260
counters 296 disk quotas 172
CPU disk size
calculation 172
Index
disk specifications 181 connector types 70

DMZ 199 fiber optic connectors
DNS biconic 70
top-level domains 129 ferrule 70
domain name system, See DNS local 70
domains MT-RJ 70
top-level 129 standard 70
Double Data Rate SDRAM2, See DDR2 straight tip 70
e
downtime sub multi assembly 70
scheduled 150 file compression 175
ut
unscheduled 151 file server 116
DRAM 4 firewall
ib
drive components hardware 196
hotswappable 182 network-based 196
drive interfaces 181 software 196
tr
duplex connection virtual 197
full duplex 76 Windows 196
is
half duplex 76 firewalls
Dynamic IP addressing 84 vs. IDSs 208
D
fireware
E misconfiguration 300
firmware
eavesdropping 146
ECC
cost 6
or
updates 48, 139
fragmentation 295
e
error correcting code 6
recovery 6 G
at
Edison plug 21 GAN 36

EFS 219 gateway 86
lic
encryption Global Area Network, See GAN

of certificates 218
of stored data 220 H
up
of tape backup 221

using SSL 205 hard disk drive 179
encryption keys 218 See also HDD
endpoint security 225 hard drive
D
environmental controls 242 firmware 10, 180

environmental safety 244 partition 50
preparation 50
ot
extended file system 50

external storage hard drives 9
problems with 305 hardware
N
hardening 226
hardware maintenance
F LEDs 280
o
fans 26 Power-On Self Test 280

FAT32 50 hardware troubleshooting
D
fault tolerance 258 environmental issues 287

fiber coupler 71 HDD 9, 179
fiber optic cable heartbeat message 258
multimode 70 heat sink 24
singlemode 70 HIDS 209
fiber optic cables high availability 258
Index
hijacking 146 public 85

host-based intrusion detection system, See static 85
HIDS IPSec 203
host name 112 IPv4 79
hosts 92 IPv6
hotfix 138 address types 82
hotswap overview 82
support 191 ITAM 28
e
Hot-swap 13 IT Asset Management, See ITAM
hub 125
ut
HVAC J
monitoring 55
JBOD 186
ib
requirements 55
HVAC environment 245 just a bunch of disks, See JBOD
hypervisor
tr
bare metal 95, 96 K
host-based 95, 96
is
KVM switch 57, 142
Hyper-V Server
virtualization 103
L
D
I labeling 28
LAN 36
I/O bus 7
ICANN 129
ID cards 232
or laser light pulses 69
layers
Application 145
e
IDS 208 legacy addressing 127
IEEE 1394 179 life cycle management 29
at
IEEE 802.1x 198 lights-out management, See LOM

ILO 144 Linux
lic
impact analysis 151 monitoring tools 158

installation liquid cooling 25
compatibility lists 140 load balancing 258
up
Installation local accounts 113

OS 60 Local Area Network, See LAN
insulating plastic sheaths 66 logical access control 211
Integrated Dell Remote Access Controller, See
D
log monitoring 165

iDRAC LOM 144
Integrated Lights-Out, See ILO
ot
Internet appliances 125

Internet email
M
protecting against viruses 315 MAC address 76
N
Internet Protocol, See IP MAC addresses 104

Internet Protocol Secturity, See IPSec mail server 117
Intrusion Detection System, See IDS MAN 36
o
inventory 30 mantraps 231

D
IP 123 mathematical functions 218

IP addresses mean time to resolution, See MTTR
introduction 79 memory
IP addressing virtual 295
APIPA 86 memory bus 7
dynamic 84 memory timing 5
private 85 messaging server 117
Index
Metropolitan Area Network, See MAN onboard card 11

modem 125 Open Systems Interconnection model, See OSI
MTTR 151 model
multicore processor 2 operating systems, See OS
multifactor authentication 230 optical drive 186
multiprocessor 2 organizationally unique identifier, See OUI
OS
N client 42
e
guest 92
NAC 197 hardening 225
ut
NAS 125, 185 installation media 60
NAT 130 network 42
NEMA plug
ib
remote installation 60
straight blades 21 requirements 48
twist lock connection 21 updates 138
tr
NetBIOS 127 OS administration
Network Access Control, See NAC network based 144
is
network adapters OSI model
virtual 105 overview 121
D
network addressing 125 OUI 76
Network Address Tranlsation, See NAT
network attached storage, See NAS
P
network hardware
access point 125
bridge 125
or
parity checking 6
partition 50
e
firewall 125 PAT 131
hub 125 PATA 179
at
Internet appliances 125 patch 137, 138

modem 125 patch cables 68
lic
NAS 125 patch management 137

router 125 patch panel 72
switch 125 PCI 7
up
VoIP phones 125 PCIe 7

network interface card, See NIC PCI eXtended 7
network intrusion detection system, See NIDS PCIx 7
networks peer-to-peer network 36
D
and diagnostic tools 301 performance

common problems with 298 current vs. baseline 163
ot
network virtualization 103 Performance Monitor 156

netwrok services server 117 performance monitoring
NIC 8 Windows tools 155
N
NIC speeds 75 permissions

NIC teaming 76 file-level 213
NIDS 209 in NFTS 212
o
nodes in Unix 213

D
communicating with 81 share-level 213

Non-ECC 6 physical address 76
NTFS 50, 219 physical security
access list 233
O biometrics 232
cipher locks 232
offline images 61 devices 231
Index
ID cards 232 redundancy power 19

locks and keys 235 Registration Authority 220
mantraps 231 Reliability Monitor 157
multifactor authentication 230 remote desktop protocol, See RDP
RFID chip 231 remote services 117
security camera 234 replication methods
security guard 234 disk-to-disk 254
PKI server-to-server 255
e
certificate management system 220 site-to-site 258
certificate repository database 220 request for change, See RFC
ut
registration authority 220 resource monitor 155
plug types RFC 136
ib
Edison plug 21 RFID chip 231
NEMA plug 21 riser card
Port Address Translation, See PAT vs. onboard card 11
tr
ports rollover cable 69
commonly used 124 root cause analysis 277
is
port security 197 rotation methods
power consumption 19 Grandfather-Father-Son 265
D
Power-On Self Test Leaning Tower 266
common codes in 281 round-robin 258
power requirements router 125
common 19
power supply
1-phase power 20
or
router access list 198
routing and remote access server 117
e
3-phase power 20 S
at
color coding used in 17

distribution unit 243 safety
print server 116 electricity 51
lic
print spoolers 295 precautions 51

private IPv4 address 85 SAN 185
processor bus 7 SATA 179
up
public IPv4 address 85 SCSI 179

Public Key Infrastructure, See PKI Secure File Transfer Protocol, See SFTP
Secure Shell, See SSH
Secure Sockets Layer, See SSL
D
R security
rackmount server 37 software updates 139
ot
rack mount servers 39 security guard 234

RAID security issues
array controller 192 common 311
N
bus-based tools 312

cold spare 192 security zones 199
configuration specifications 191 sensitive documentation
o
controller 11 secure storage of 251

D
external 11 server
hot spare 192 access and control 142
levels 189 administration 142
software vs hardware 190 application 116
RAM 4 application hardening 225
random access memory, See RAM database 116
RDP 144 directory 116
Index
file 116 server security

form factors 37 using the SUDO command 295
hardware hardening 226 server software
installation 61 and troubleshooting tools 295
mail 117 troubleshooting problems with 292
messaging 117 service level agreement, See SLA
mirror copy 61 service tags 249
network services 117 SFTP 146
e
optimization 161 shell 146
OS hardening 225 shroud 25
ut
print 116 single instance storage 176
process monitoring 163 single-phase electricity 20
ib
remote access 117 sites
routing 117 number of 41
services monitoring 163 SLA 149
tr
types 37 slogin command 145
server administration socket 2
is
iDRAC 143, 144 software
integrated lights-out 144 operating systems 42
D
Integrated Lights-Out 143 security updates 139
KVM over IP 143, 144 update testing 140
lights-out management 144 validation 140
network-based hardware 143
RDP 144
serial connections 142
or
solid state drives 180
solid state media 187
spoofing 146
e
virtual console 143 SRAM 4
at
server documentation SSH 145

repair logs 249 SSL 204
secure storage of 251 static IP addressing 85
lic
types 249 storage area network, See SAN

server hardware troubleshooting storage encryption 220
common issues 283 storage media
up
rebooting server 282 disposal methods 223

tools 288 straight-through cables 69
server information subnet masks
D
gathering 249 defined 80

server location 54 switch
server management KVM 142
ot
in-band 143
out-of-band 143 T
plan 143
N
server properties 112 tape drive 186

server room tape encryption 221
TCP
o
cold aisle 56
hot aisle 56 common ports 124
D
server rooms vs. UDP 123

and fire suppressants 245 thermal compound 25
servers thermal dissipation 24
local hardware administration 142 threshold 296
shutting down and rebooting 282 Time to Live, See TTL
shutting down simultaneously 283 TLS 205
tools
Index
for file encryption 219 virtualization

network analyzers 313 hardware requirements 93
tower server 37 management interface 94
tower servers 38 network 103
Transmission Control Protocol, See TCP resource allocation 94
Transport Layer Security, See TLS virtual machines 92
troubleshooting virtual managers 160
1st step 275 virtual memory
e
2nd step 275 pagefile optimization 162
3rd step 276 swap space 162
ut
4th step 276 virtual network adapters 105
5th step 276 Virtual Network Computing, See VNC
ib
6th step 277 virtual private network, See VPN
7th step 277 virtual servers
8th step 277 hardware requirements 93
tr
9th step 278 virtual switch 103
defined 274 VLAN 238
is
determine scope 275 VNC 146
identify problem 275 VoIP phones 125
D
models of 274 voltage 18
troubleshooting problems with 308 VPN 237
TTL 302 vulnerability scanning 226
twisted pair cables
categories of 67
color schemes 67
or W
e
types of 66 WAN 36
warranty 29
at
wattage 18
U watts 18
lic
UDP web server 116

common ports 124 Wide Area Network, See WAN
vs. TCP 123 Windows
up
UEFI BitLocker 221

configuration data 49 update 138
Unified Extensible Firmware Interface, See Windows Internet Name Service, See WINS
UEFI Windows Server 45
D
uninterruptable power supply Windows Server 2012

capacity 242, 243 install using offline images 61
ot
runtime 242, 243 WINS 127

universal serial bus, See USB wiring diagrams 67
UNIX 42 WORM drives 187
N
USB 13, 179

user groups
creating 212
o
UTP coupler 68
D
V
virtual applications 93
VirtualBox
network modes 106
virtual desktop 93
Index

Comptia Server+ Student Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Comptia Server+ Student Guide

Uploaded by

Copyright:

Available Formats

e

Lesson 2: Installing a Server..........................................35

Topic A: Prepare an Installation Plan.............................................36

Topic C: Set Up the Server Hardware.............................................54

Lesson 3: Configuring Networking................................ 65

Topic A: Manage Network Cabling................................................ 66

Topic B: Configure Network Interface Cards..................................75

Lesson 4: Creating a Virtual Environment......................91

Topic B: Create Virtual Switches............................................................103

Lesson 5: Performing Basic Server Configuration................ 111

Topic C: Storage Technologies............................................................. 185

Topic D: Configure RAID.......................................................................189

Lesson 8: Securing the Server............................................. 195

Topic B: Configure Security Protocols................................................... 203

Topic D: Implement Logical Access Control Methods............................ 211

Topic E: Implement Data Security Methods........................................... 217

Topic G: Implement Physical Security....................................................230

Topic H: Create Virtual Networks.......................................................... 237

Lesson 9: Planning and Testing Disaster Recovery.............. 241

Topic A: Implement Environmental Controls......................................... 242

CompTIA A+ Certification: A Comprehensive Approach

• Manage server hardware.

• Configure networking hardware and protocols.

• Secure the server.

• Troubleshoot server issues.

The Logical Choice Dashboard

• A link to the website of your training provider

How To Use This Book

| About This Course |

| About This Course |

administer the server environment.

A multicore processor is different from a multiprocessor system. In a multicore processor, system

Lesson 1: Managing Server Hardware | Topic A

Point out the differences

Cache Level Description

calculation. Level 1 is also referred to as internal or primary cache

on the motherboard is called the level 3 or L3 cache.

Lesson 1: Managing Server Hardware | Topic A

circuit board, but more often it is attached to a specialized socket.

Figure 1-2: Example of RAM.

Lesson 1: Managing Server Hardware | Topic A

RAM Memory Type Description

Double Data Rate SDRAM 2 (DDR2)

registered ECC DIMMs (240 pin) module.

incompatible pin configurations, core voltage,

both the rise and fall of a 400–800 MHz I/O

allows for chip capacities of 512 MB to 8 GB,

and uses 30% less power in the process. Like

differences in notch location and electrical

Lesson 1: Managing Server Hardware | Topic A

ECC Cost and Recovery

Lesson 1: Managing Server Hardware | Topic A

I/O bus Also known as main bus or expansion slot bus.

servers have at least two I/O buses: local and

systems, video cards, and high-speed NICs,

bottlenecks in many circumstances, such as

cards are overloaded.

Lesson 1: Managing Server Hardware | Topic A

Expansion Bus Type Description

PCI eXtended or PCIx

• Used for high-speed graphics cards and high-speed network

consisting of one or more lanes. Each lane offers up to 250 Mb/s

• Communication method: Local serial interconnection.