Professional Documents
Culture Documents
Build Internet Infrastructure
Build Internet Infrastructure
Ethiopian TVET-System
INFORMATION TECHNOLOGY
HARDWARE AND NETWORK SERVICE
LEVEL IV
LEARNING GUIDE # 12
Unit of Competence : Build Internet Infrastructure
Module Title : Building Internet Infrastructure
LG Code : ICT HNS4 M03 1110
This learning guide is developed to provide you the necessary information regarding the following content coverage
and topics –
This guide will also assist you to attain the learning outcome stated in the cover page.
Specifically, upon completion of this Learning Guide, you will be able to –
Policies and verified Passwords are checked in accordance with business software utility tools.
Learning Activities
1. Read the specific objectives of this Learning Guide.
2. Read the information written in the “Information Sheets 1” in pages 3-4.
3. Accomplish the “Self-check” in page 4.
4. If you earned a satisfactory evaluation proceed to “Information Sheet 2”. However, if your rating is unsatisfactory,
see your teacher for further instructions or go back to Learning Activity # 9.
5. Submit your accomplished Self-check. This will form part of your training portfolio.
6. Read the information written in the “Information Sheet 2” in pages 5-6.
7. Accomplish the “Self-check” in page 6.
4. If you earned a satisfactory evaluation proceed to “Information Sheet 3”. However, if your rating is unsatisfactory,
see your teacher for further instructions or go back to Learning Activity # 9.
5. Submit your accomplished Self-check. This will form part of your training portfolio.
6. Read the information written in the “Information Sheet 3” in pages 7-11.
7. Accomplish the “Self-check” in page 11.
8. However, if your rating is unsatisfactory, see your teacher for further instructions or go back to Learning Activity
#9.
9. Your teacher will evaluate your output either satisfactory or unsatisfactory. If unsatisfactory, your teacher shall
advice you on additional work. But if satisfactory you can proceed to Learning Guide 13.
Your teacher will evaluate your output either satisfactory or unsatisfactory. If unsatisfactory, your teacher
shall advice you on additional work. But if satisfactory you can proceed to the next topic.
• Cryptographic authentication
• Messaging environment
• e-mail
• e-commerce
• Authorization grants access to information
• Read, read-write, no-access
• Indefinite period, finite period, one-time use
Firewalls
• The main purpose of firewall is to protect a network from external attacks.
• It monitors and controls traffic into and out of a secure network.
• It can be implemented in a router, gateway, or special host.
• A firewall is normally located at the gateway to a network, but it may also be located at host access points.
• Implementing a firewall to a network yields numerous benefits .
• It reduces the risk of access to hosts from an external network by filtering insecure services.
• Firewalls involve the use of packet filtering or
• Packet filtering routers can either drop packets or redirect them to specific hosts for further screening, as shown
in the above Figure.
• Some packets never reach the local network
because they are trashed.
• A packet filtering firewall works well when the rules to be implemented are simple.
• However, the more rules introduced, the more difficult it is to implement.
• The rules have to be implemented in the right order or they may produce adverse effects.
• Testing arid, debugging are also difficult in packet filtering .
Application-Level Gateway
• An application-level gateway is used to overcome some of the problems identified for packet filtering.
• From the figure Firewalls I and 2 will forward data only if it is going to or coming from the application
gateway.
• Thus a secured LAN is a gateway LAN.
• An application gateway behaves differently for each application, and filtering is handled by the proxy services
in the gateway.
• Firewalls protect a secure site by checking addresses (e.g., IP address), transport parameters (e.g., as FTP and
SMTP), and applications.
• However, how do we protect access from an external source based on a user who is using false identification?
• Moreover, how do we protect against an intruder manipulating the data while it is traversing the network
between source and destination?
• These concerns are addressed by ensuring secure communication.
Cryptography
• For secure communication we need to ensure integrity protection and authentication validation.
• Integrity protection makes sure that information has not been tampered with as it moves between source and
destination.
• Authentication validation verifies originator identification.
• In other words, when someone receives a message that identifies the sender, can the receiver really be sure who
sent the message?
Cryptographic Communication
• Cryptography means secret (crypto) writing (graphy).
• It deals with techniques of transmitting information from a sender to a receiver without any intermediary being
able to decipher it.
Assignment:-
- Write on SNMP (Simple Network Management Protocol) & its Versions
Self-Check 1 Written Test
Name:____________________ Date:_________________
Instruction: Answer all the questions listed below, if you have some clarifications- feel free to ask your teacher.
1. ________ are just one piece of the picture when it comes to providing security in a network.? (2 point)
2. What is Public Key Cryptography? (2 point)
3. What is Secret key Cryptography? (2 point)
4. What is Authentication and Authorization? (2 point)
5. What is Cryptography? (2 point)
6. What is Application-Level Gateway? (2 point)
7. What is Packet Filters ? (2 point)
8. What is Firewalls ? (2 point)
9. What is Cryptographic Communication? (2 point)
Note: Satisfactory rating – 18 points above / Unsatisfactory - below 12 points
You can ask you teacher for the copy of the correct answers
1. ________ are just one piece of the picture when it comes to providing security in a network.? (2 point)
2. What is Public Key Cryptography?
3. What is Secret key Cryptography?
4. What is Authentication and Authorization?
5. What is Cryptography?
6. What is Application-Level Gateway?
7. What is Packet Filters ?
8. What is Firewalls ?
9. What is Cryptographic Communication?