-

Encryption: mathematical codes (ciphers) used to scramble data into a format that can only be read by reversing the cipher/ decrypting the data for
the purpose fo keeping data private
- last layer of defense against data theft
- CIA (Confidentiality, Integrity & Availability Triad): three principles of the standard security model and evaluation standards for encryption
methods
● Confidentiality: data can only be viewed by its intended recipient/ at intended destination
● Integrity: data is not modified between transmission and receipt
● Availability: data is available and accessible to the intended recipient when needed
↳ sender is responsible for successful delivery of data

- Encryption Methods:
★ Key Encryption: original data’s bits are encoded using a key (random string of characters) to scramble the data
↳ generates a unique and consistently sized data block called ciphertext
↳ key is created according to a specific set of rules (algorithms)
1. Private key encryption / symmetric encryption
- data is encrypted using one single key that only the sender and receiver know
- not the most secure b/c the sender must share the key with the recipient → sharing the key leaves opening for
interception (data is in motion)
2. Public key encryption / asymmetric encryption
- data is encrypted with a private key known only to the user
- data is then decrypted with a public key that is mathematically related to the private key (made available through a
third party source like a public key server)
- ensures data integrity → public key will only work if the data has not been tampered with
- ensures data confidentiality → only the intended recipient can decrypt the data
- key pair: the combination of a public key and a private key
- Can also be done alternatively where the sender encrypts message with a public key and the recipient must decrypt it
using a matching private key

Digital certificate: a small file containing a user’s verified identification information and their public key

Certificate Authority (CA): organization that issues, maintains and validates digital certificates
PKI (public-key infrastructure): the use of certificate authorities to associate public keys with certain users

Authentication: process of ensuring that a user, device, or application is who they say they are

IPsec (Internet Protocol Security)

IPSec (Internet Protocol Security):

- encryption protocol suite
- defines a set of rules for encryption, authentication and key management for TCP/ IP transmissions
- operates on layer 3 (Network layer)
- Adds security information to IP packet headers
- Encrypts the data payload
- Can be used with any type of TCP/IP transmission
- IPsec operates in two modes:
1. Transport mode: connects two hosts
2. Tunnel mode: runs on routers and other connectivity devices in the context of VPNs
- Uses five steps to create secure connection
1. IPsec initiation:
- Noteworthy traffic (as defined by a security policy) triggers the initiation of the IPsec encryption process
2. Key management: two nodes agree on common parameters for the keys they will use
● IKE (Internet Key Exchange):
- negotiates the exchange of keys
- Authentication of keys
● ISAKMP (Intenret Security Association and Key Management Protocol)
- works within the IKE process to establish policies for managing the keys
3. Security negotiations:
- IKE continues to establish security parameters and associations that will protect the data while in transit
4. Data transfer:
- A secure channel is creates
↳ used for secure transmissions until channel is broken
- Data is encrypted using either
➔ AH (Authetication Header)
➔ ESP (Encapsulating Security Payload)
 - Entire packet is then encrypted again using ESP
- Data is then transmitted
5. Termination
- IPsec requires regular re-establishment of a connection (minimizes opportunity for for interference)
- Connection must be renegotiated and re-establishes before session times out to maintaining communication

SSL (Secure Sockets Layer) and TLS (Transport Layer Security)

SSL (Secure Sockets Layer):

- Encryption method
- Operates on application layer (layer 7)
- now deprecated (outdated ) → should be disabled whenever possible
- establishes unique session, defined by a specific set of encryption techniques through which client and server connect and communicate

TLS (Transport Layer Security):

- updated, more secure version of SSL
- operated on transport layer (layer 4)
- establishes unique session, defined by a specific set of encryption techniques through which client and server connect and communicate
- a session is created by a handshake protocol:
● Step 1:
- Browser sends “hello” message to a web server
↳ “hello” message contains the following information:
- what level of security the browser is capable of accepting
- what type of encryption the browser can decipher
- randomly generated number 1 → uniquey identifies the client
- randomly generated number 2 → uniquely identifies the session
● Step 2:
- Server responds with its own “hello” message to the browser
↳ the “hello” reply contains the following info:
- confirmation of the information received from the browser
- agreement to certain terms of encryption
- ** server may issue the browser a public key or a digital certificate
● Step 3:
- if the server issued a certificate to the browser, it would request for it here → browser would send certificate
 - any data the browser sends to the server is encrypted using the server’s public key
- Session keys are established
- Secure channel is now in place → data exchange begins

Remote Access Protocols

Remote Access: service that allows a client to connect with and log onto a server, LAN or WAN in a different geographical location
- remote client can access files, applications, and other shared resources
- client and host need a transmission path + appropriate software to complete remote connection and exchange data
- requires RAS (remote access server):
➔ Software that enables devices to accept a remote connection and grant privileges to the network’s resources
➔ software must be installed on both the remote client and the remote access server
➔ Two types of remote access server
1. Dedicated devices
- devices that are solely dedicated as an RAS to run software that
performs client authentication
- compares and matches a client’s credentials with the credentials in a
client database
- enables client to log onto network or other resource

2. Software running on a server

- remote access service runs under a network operating system to allow
remote logging on to a corporate network

Types of Remote Access Methods:

● Remote File Access:
- allows a remote client to upload and download data and configuration files
● Terminal Emulation / Remote Virtual Computing:
- allows a remote client to take over and command a host computer
- software examples: Telenet, SSH, Remote Desktop, VNC (Virtual Network Computing)
 ● VPN (Virtual Private Network):
- virtual connection that remotely accesses resources between…
➔ A client and a network
➔ Two networks
➔ Two hosts over the internet

Remote File Access

FTPS (FTP Secure or FTP over SSL): added layer of protection for FTP using SSL or TLS
- encrypts both the control (port 21) and data channels (port 20)
- FTPS listens at port 21, but requires two data channels (ports 989 and 990)
- can also be configured to negotiate data channels within a defined port range
- Can be difficult to manage through a firewall

SFTP (Secure FTP): file transfer version of SSH

- ** not to be mistaken as a form of FTP
- ** not compatible with FTP
- Includes encryption and authentication
- An extension of the SSH protocol
- Uses one single connection → incoming and outgoing communications both configured to cross port 22

TFTP (Trivial FTP): similar to FTP but provides no authentication for transferring files
- Uses UDP at the transport layer
- ** not safe for communications over the internet
- Listens at port 69 and negotiates a data channel for each connection
- Can’t give users access to directory information
- Limits file transfers to 4 GB
- Requires little memory
- mainly used behind the scenes by machines to transfer boot and configuration files
- TFTP Server:
➔ Used to remotely boot devices that dont have their own hard drives
➔ Collect log files
 ➔ Back up and update network device configuration files

Terminal Emulation

Terminal Emulator:
- software that allows a user on a client computer to control a host/ server computer across a network connection
- hosts can allow clients a variety of privileges (Ex. viewing, running apps, modifying data files, sending keystrokes and mouse clicks etc)
- Command line (CLI) software that provides terminal emulation
★ Telenet (protocol)
- terminal emulation utility
- Used by Telenet client/server apps
- Allows a user to control a computer remotely
- **provides minimal security when establishing a connecton (poor authentication)(
- ***no security for data transmission (no encryption)
- Connection is created from client computer using telenet command, followed by the IP address of the device you wish to
connect to
↳ Must then enter a password to complete the connection
- close a telenet session using quit command
★ SSH (Secure Shell)
- Listens at port 22
- collection of protocols
- performs authentication and encryption
- Encrypts data exchanged throughout session
- SSH must be running on both client and server to establish secure connection
- allows user to…
➔ Securely log onto host
➔ Execute commands on host
 ➔ Copy files to or from host
- Guards against security threats…
➔ Unauthorized access to a host
➔ Interception of data in transit
➔ IP spoofing: attacker attempts to hide their identity or impersonate another device by changn the IP header
➔ DNS spoofing: hacker forges name server records to falsify thor host’s identity

- SSH allows for password authentication using public and private keys
➔ Step 1: run ssh-keygen command to generate public and private keys → keys saved on 2 different encrypted files
on hard disk
➔ Step 2: transfer public key to an authorization file on the host you want to connect to
➔ Step 3: connect to to host via SSH → exchange public keys → keys match? → connection complete

- (Graphical User Interface) GUI-based software that provides terminal emulation

★ RDP (Remote Desktop Procotol) for Windows: connects to an already running physical or virtual machine
- Microsoft proprietary protocol used to control a remote computer
- provides remote desktop connection
➔ can see on your local computer screen what you would see if you were siting in front of the remote computer instead
➔ windows, icons, sound, shortcut keys, menus
➔ can control the remote host and all its virtual machines (VMs)

- Remote desktop gateway:

➔ manages several RDP connections to a ntwork’s computers through one single IP address
➔ can link to the Active Directory’s authentication services, manage user authorization, audit activity through all hosted
RDP connections
➔ incorporates SSL/TLS to provice secure connections (no need for additional encryption through VPN)

★ VDI (Virtual Desktop Infrastructure): creates and connects you to a fully virtualized instance of a computer
- Different from traditional RDP connection
- Targets only virtual machines (VMs)
- can use RDP to create the connection to each virtual machine (VM)
- more flexibility → options ot access VMs running on many different OSs + different configurations of installed applications
➔ Persistent instances: changes and files are saved when user logs out of remote desktop → will be there upon return
➔ Non-persistent instances: desktop resets each time someone signs in
★ RDS (Remote Desktop Services):
- uses RDP to allow multiple users to access the same virtual or physical Windows Server system at one time
 - can provide access to entire Server OS or just one single application
- cheaper than VDI
- Harder to manag → limited customization

★ VNC (Virtual Network Computing):

- Similar to RDP but uses RFB (Remote Frame Buffer) protocol to remotely control a workstation or server
- slower than RDP
- Requires more network bandwidth
- Open source
★ join.me
★ TeamViewer

Out-of-Band Management: relies on a dedicated connetion (wired or wireless) between the admin’s computer and each critical network device
(router, firewall, server etc) to establish remote control
- Administrators can remotely
➔ Power on a device
➔ Change firmware settings
➔ Reinstall operating systems
➔ Monitor hardware sensors
➔ Troubleshoot boot problems
➔ Limit ntwrk user’s access to management functions
➔ Manage devices even when other parts of the network are down

- A single device provides centralized management of all linked devices

In-Band Management: relies on existing network infrastructure to establish remote control

- devices must be turned on, configured, software installed in order to establish remote connection
- limits troubleshooting capacity

VPNs (Virtual Private Networks)

VPN (Virtual Private Network): network connection that’s encrypted from end to end, creates a private connection to a remote network
- Likenened to a tunnel
 - Relies on public transmission networks already in place (ex. Internet)
- Cheaper → dont have tp lease private point-to-point connections between each office and national headquarters
- router-based VPN → most common on UNIX networks
- server-based VPN → most common on Windows networks
- Can be tailored to unique distance, user and bandwidth needs → each configuration is unique
- VPN model classifications (3)
1. Site to Site VPN:
- At each site, a VPN gateway (router, firewall, remote access server) on the edge of the LAN establishes a secure conections
- Each site must have a static IP address
- Secure tunnels connect multiple sites on a WAN
- VPN encrypts and encapsulates data exchanged over the tunnels
2. Client to Site VPN:
- hosts/clients establish communication tunnels with a private network through a VPN headend (a gateway at the edge of the
LAN)
- tunnel between client and headend encrypts and encapsulates the
data
- Only the VPN headend must have a static public IP address
- enables remote access

3. Host to Host VPN:

- two computers create a secure VPN tunnel directly between
themselves
- Both computers must have VPN software installed
- Neither computer can be a gateway
- The site that receives the VPN connection needs a static public IP
address

VPN Tunnelling: process by which special VPN protocols encapsulate higher-layer protocols
- Ensures that a VPN can carry all types of data privately over any kind of connection
- Complete frames are encrypted, encapsulated and transported inside normal IP packers and data link layer frames
↳ inner frame travels across the network as a payload inside another frame
- many tunnelling protocols operate at data link layer (layer 2) to encapsulate VPN frame inside a network lawyer packet
- Some work at network layer (layer 3) → enables additional features, particularly for site to site
- Most tunneling protocols rely on additional encryption protocols
● Full Tunnel VPN:
 - Captures all network traffic (whether destined for internet or corporate network)
- Client has no access to local network
- Client is assigned IP address from remote network
● Split Tunnel VPN:
- Only captures traffic destined for corporate network
- Client can communicate directly with local network network resources and internet
- Client is assigned IP address from local network
➔ benefits
- reduces amount of traffic routed through corporate network → increases user privacy and decreases latency
(network delay)

VPN Tunnelling Protocols:

● L2TP (Layer 2 Tunnelling Protocol):
- implemented with IPsec for security
- Uses a mix of equipment types
- can connect…
➔ two routers
➔ A router and a remote access server
➔ A client and a remote access servrr
● GRE (Generic Routing Encapsulation)
- Layer 3 tunneling protocol (network layer)
- Transmits IP & other messages through tunnel
- Used with IPsec to increase security
● OpenVPN
- uses OpenSSL for encryption (custom security protocol)
- Can cross firewalls where IPsec may be blocked
- Highly secure
- Highly configurable
● IKEv2
- Component of IPsec protocol suite
- Recommended as most secure VPN protocol

Multipoint VPNSs
- When multiple branch offices need VPN tunnels to each other, a mix of client-to-site and site-to-site models is used.
IPsec and Tunneling: IPsec often provides encryption for other tunneling protocols, enabling more flexibility in VPN configurations.

GRE (Generic Routing Encapsulation) Tunneling:

- versatile tunneling protocol
- can be paired with IPsec for security
- limited to point-to-point connections.

mGRE (Multipoint GRE):

- Cisco developed mGRE to overcome the limitations of GRE
- supports multiple tunnel destinations from a single interface by using an overlay and underlay network model.
- Underlay network → the internet that is moving the packets from location to location
- Overlay network → the VPN connections that logically connect each location
- In mGRE setups, a hub router at headquarters and spoke routers at branch offices are used
- Only the hub router needs a static public IP, simplifying IP management.

DMVPN (Dynamic Multipoint VPN):

- Creates VPN tunnels between branch offices, making it more scalable for connecting multiple remote sites across the Internet, as spoke
routers communicate with the hub to establish VPN connections when needed
- Ex. mGRE

Remote Access Policies

Common requirements of a good remote access policy:

● Remote access devices must be up to date with patches, anti-malware software, and a firewall
● Device access must be controlled by a strong password or biometric measures
● Passwords must be strong and must be changed periodically
● The device’s internal and external storage devices must be encrypted
● Company and customer data must be kept secure
● The loss or theft of any devices used for remote access must be reported immediately
● Encrypted VPN software must be used to remotely access company network resources
● While remotely connected to the company network, the device must not be connected to the open Internet or any other network not fully
owned or controlled by the employee
● Remote sessions must be terminated when not in use
 Troubleshooting Network Issues

Troublshooting Utlities:

● netstat: displays all TCP/IP statistics and details about TCP/IP components and connections on a host
- displays…
➔ the port on which a TCP/IP service is running
➔ Which network connections are currently established for a client
➔ How many messages have been handles by annetwor interface since it was activated
➔ How many data errors have occurred on a particular network interface

● tracert or tracereoute \
- Both limit the TTL of their probes (repeated tria messages) → triggers routers along route to return specific info
↳ by default, they send three proves with each iteration
- tracert: uses ICMP echo requests to trace the path from one networked node to another
↳ identifies all the intermediate hops in between two nodes
↳ sends an ICMP echo request to the destination node and listened for an echo reply from that node
↳ Windows

- traceroute: uses UDP datagrams or TCP SYN messages for echo requests
↳ sends UDP messages to a random, unused port on the destination node, and listened for an ICMP “Port Unreachable” error
message in response
↳ Linux, UNIX, OS X

● tcpdump: command-line packet sniffer

- Packet sniffer: captures traffic that crosses a computer’s network interface
- Output can be saved to a file that you can filter or play back
- You must either use the sudo command or log in as root to access tcpdump

Some Common Network Problems:

Duplicate MAC Addresses

- Two devices on the same network with the same MAC address is a problem
- MAC addresses can be impersonated, which is a security risk called spoofing
- It happens most often when managing multiple virtual devices on a large network
- Most switches will detect the problem and produce helpful error messages
- Then it’s a matter of tracking down which virtual devices have the same MAC address and update each device’s configuration
Hardware Failure - when a router, switch, NIC, or other hardware goes down:
- Use tracert or traceroute to track down malfunctioning routers and other devices on larger networks
- Get more accurate trace feedback on a questionable router by targeting a node on the other side of that router, rather than aiming for that
router itself
- Use ping to test for network connectivity

MAC spoofing: MAC address being impersonated by hackers

Module 5: (Network) Cabling

Transmission Basics

Frequency: highway analogy → the number of traffic light cycles per minute that allow vehicle traffic to pass

- max frequency is important b/c it affects how quickly one can transfer data over a cable or wireless connection
- max frequency can sometimes be called bandwidth → indicates the possible range of frequencies up to the maximum

● cabling frequency
- the number of times in a second that an electrical signal can change states (ex. from positive to negative charge)
- measured in MHz (megahertz) or GHZ (gigahertz)
- dont need to be tightly contained as wireless signals → physical cable limits the dispersion of the signal
● wireless frequency
- the number of times in a second that an electrical signal can change states
- must be contained within a specific range of the electromagnetic spectrum to prevent signal interference from other signals using
nearby frequencies
- measured in MHz (megahertz) or GHZ (gigahertz)
Bandwidth: highway analogy → number of lanes on the highway (can increase bandwidth by adding more lanes)
- the amount of data one could theoretically transmit during a period of time
↳ the number of lanes available for data transfer (highway analogy)
↳ takes into consideration frequency, distance, SNR (signal to noise ratio)
- measured in Mbps (megabits per second)

➔ Bandwidth (Re: Frequencies) = the full range of frequencies (the width

of the band) available for a specific application → the maximum possible
- measured in MHz and GHz
➔ Bandwidth (Re: Data Rates) = the theoretical maximum number of bits
per second
- measured in Mbps and Gbps

- Can increase theoretical bandwidth using…

➔ Modulation: sending data over an analog signal
➔ Encoding: converting data into a digital signal for transmission

Throughput (Payload Rate / Effective Data Rate):

- the number of data bits (0’s and 1’s) that are actually received across a network connection each second
↳ takes into consideration the reality of a network’s environment (ex. delays, noise, possible errors)
- Measured in Mbps (megabit per second) or Gbps (gigabit per second)

Transmission Flaws

Noise: relative measure of dB (decibel) loss over a signal

- Decibel (dB): a relative measure of signal loss (-) or gain (+) over transmission
- Comparison between the signal’s strength at transmission vs. signal’s strength at arrival
↳ signal may weaken (interference) or get stronger (amplifier)
- loss of 3 dB between transmitter and receiver = half of signal lost (50%)
↳ ex. 3db loss on 10-watt signall = 5-watt arrival
 ↳ ex. 3db loss on 1000-watt signal = 500 watt arrival
● EMI (electromagnetic interference)
- caused by sources of electrical activity (ex. motors, power lines, TVs, fluorescent lights, microwaves, machinery, thunderstorm
activity)
➔ RFI (Radio Frequency Interference): EMI caused by radio waves
- caused by strong broadcast signals from radio or TV antennae
● Crosstalk
- when a signal travelling on one wire or cable infringes on a signal travelling over an adjacent wire or cable → causes noise
- noise from the second line’s signal can be heard on the first line
➔ Alien crosstalk: between two cables
➔ NEXT (near enf crosstalk): between a pair of wires near the source of a signal
➔ FEXT (far end crosstalk): far from from the signal (on other end
of the cable)

Attenuation: the loss of a signal’s strength as it travels away from the source
- can be boosted using a repeater: generates a digital signal in its original form w/o the
noise

Latency: the brief delay between the moment when data leaves the source and when it arrives
at the destination → accounted for by the traveling of the electrons
- issues caused by latency
● PDV (Packet Delay Variation) or jitter:
- packets arrive out of order due to varying amounts of delay in the transmission of each packet
● Premature ending of transmission:
- node assumes no more data is coming if it does not receive rest of data within a certain amount of time
- measured by
● RTT (Round Trip Time): the length of time it takes for a packet to go from sender to receiver and then back to receiver again
- measured in milliseconds
- affected by
➔ cable length
➔ Intervening connectivity devices (ex. Modems, switches)
➔ cable limitations
➔ number of transfers between devices
➔ noise
➔ Traffic congestion
➔ Processing delays
➔ collisions from other messages
➔ Conversion from one transmission type to another
 Duplexes

NIC settings that affect network connections (important)

- the direction in which signals travel over the media
- the number of signals that can traverse the media at any given time
● Full duplex (duplex):
- signals can travel in both directions over a medium simultaneously
- Ex. telephone conversation
● Half duplex:
- signals can traver in both directions
- signals can only travel in one direction at a time
- Ex. apartment intercom system
● Simplex:
- signals can only travel in one direction (one-way)
- Ex. broadcast radio

- Device manager:
➔ used in Windows to configure an NIC speed and duplex settings
➔ speed and duplex mismatch: results when a user selects a speed and duplex that is not supported by a neighbouring device

Multiplexing

Multiplexing: form of transmission that allows multiple signals to travel simultaneously over one medium
- increases the amount of data that can be transmitted in a given timespand / over given bandwidth
- medium’s channel is logically separated into many smaller subchannels
- multiplexer (mux): device that combines many signals on a channel → on sender’s end
- demultiplexer (demux): device that separates combined signals → on receiving end

★ common types of multiplexing

● TDM (time division multiplexing):
- divides channel into multiple intervals of time/ time slots
- time slots are reserved for their designated nodes regardless if node needs to transmit data
- Inefficient (saving space for nodes that arent using it)
- doesnt allow multiple signals on a line at the exact same time
● STDM (statistical time division multiplexing):
- Assigned time slots to nodes
- adjusts time slots according to priority and need
 - Uses all slots, instead of leaving some unused → improved efficiency
- doesnt allow multiple signals on a line at the exact same time
● FDM (frequency division muliplexing):
- Assigns different frequencies to create multiple frequency bands that are each used by a subchannel
- Multiple signals can transmit data on the line at the same time
- Signals are modulated into different frequencies, then multiplexed to travel over a single channel simultaneously
- Demultiplexed on receiving end

★ Types of multiplexing technologies

● WDM (wavelength division multiplexing):
- works with fiber optic cable (like a light prism)
- carries multiple light signals simultaneously
↳ divides a light beam into different wavelengths/ colours on a single fiber
- traditionally offers only two wavelengths/ channels per strand of fiber in one direction at a time
- Bidirectional WDM: supports full duplex light transmissions in both directions at same time

● DWDM (dense wavelength division multiplexing):

- increases number of channels provided by normal DWDM to 80-320 channels
- used on high bandwidth and long distance WAN links
- signal can be amplified en route
● CWDM (coarse wavelength division multiplexing):
- Cheaper cost → frequency bands are spaced wider apart to allow for cheaper transceiver equipment
- Can support several channels per fibre
- signals can not be amplified → effective distance is limited

Copper Cable

Coaxial Cable:
- central core can have solid metal wire or several thin strands of metal wire to carry electromagnetic signal
- cable with a central metal core ( often copper) surrounded by
➔ a plastic insulator → protects the core from the metal shielding (wire would short
circuit if they made contact)
- can be made of PVC (polyvinyls chloride)
➔ braided metal shielding → protects signal against noise, acts as s ground
➔ sheath / jacket / outer covering → protects from physical damage
- can be made of PVS or other fire resistant plastic

● RG (radio guide) specification number:

 - rating that represents specifications of coaxial cabling
- each coax type is suited for a different purpose
- ratings measure the materials used for shielding and conducting cores
➔ Transmission cahracteristis (ex. attenuation , throughput,)
↳ impedance: a measure of the opposition to a current’s flow through a cable
↳ impedance rating: efficient of a coax cable at transferring power and data over a distance
- Lower impedance = better power transfer (transmission)
- Higher impedance = less attenuation of signal over a distance
- 50 ohms of impedance = standard compromise for computer networks, CB (citizens band), or ham radio connections
(effictiveness of cable is more focused on ability to transmit a signal)

Type Impedance Core Uses

RG-59 50 or 75 ohms - 20 or 22 AWG core - short connection

- braided copper core (ex. sending video signals from central receiver to monitors in a building)
- less expensive
- high attenuation issues

RG-6 50 or 75 ohms - 18 AWG core - broadband cable internet server

- solid copper core - cable TV (last stretch to consumers location)
- inexpensive

● Coaxial Cable Connector Types

➔ F-connector:
- core in centre of cable extends into the centre of the connector
- attaches to cable by crimping or compression
- connected through nut and bolt assembly
- used mostly with RG-6 cables
➔ BNC connector (Bayonet Neil-Concelman):
- connected via turn and lock mechanism
- attaches to cable by crimpling, compression or twisting
- **male BNC connector provides its own conducting pin
- used mostly with RG-59 cables

● AWG (American Wire Gauge):

- referse inversely to the size of the conducting core
- Larger AWG = smaller diameter of core wire
- Smaller AWG = bigger diameter of core wire
Twinaxial Cable:
- two metal cores/ conductors inside
- cores operate like half duplex to transmit data (signals can travel in both directions but only one at a time)
↳ scan support much higher throughput than coax
- Cheaper option for short high speed connections
- Consumers less power, gives excellent protection from interference
- 26 or 28 AWG copper → resistant to rough handling
- also called DAC (direct attach copper cable): copper cable designed to handle
very high speed connections at very short distances
- Newer twinax cables
↳ can contain multiple pairs of cores to carry even more data

- Twinax cable types

● Passive:
- Doesnt contain electrical components
- Works for shortest distances (5 - 7 metres)
● Active:
- Contains internal electrical components
- can strengthen signals’ strength over slightly longer distances (10
metres)

- Factory terminated with same types of modular transceivers as fiber terminations

- twinax cables are fixed with a pre-installed transceiver on each end
- Can support throughput of up to 100 Gbps depending on twinax cable type

Twisted Pair Cable: *Ethernet is a layer 2 protocol

- colour-coded pairs of plastic insulated copper wires (diameter of 0.4-0.8)
- every two wires are twisted around each other to form pairs
- pairs are encased in plastic sheath
● Fast Ethernet
- Four wire pairs
- max data rate of 100 Mbps
- one pair sends data (transmits Tx) and the second pair receives the data (receives Rx)
- Third and fourth pairs are not used
- only orange and green pinout pairs are used for T568A and T568B
● Gigabig Ethernet
- Four wires pairs
- Max data rate of 1000 Mbps
- All four pairs are used for sending and receiving
Twisted Pair Cabling Standards
- separated into categories (cat)

Standard Max bandwidth Max rated frequency Description

Cat 3 10 mbps 16 MHz - used for wired phone connections

- shouldnt be used for modern computer network

Cat 5 100 mbps 100 MHz - minimum standard requirement for Fast Ethernet
(Fast Ethernet)

Cat 5e 1000 mbps 350 MHz - higher grade of Cat5

(enhanced) (Gigabit - high quality copper, higher twist ratio,
Ethernet) - advanced methods to reduce crosstalk

Cat 6 - 1 Gbps 250 MHz - plastic core added to prevent crosstalk between twisted pairs in the cable
- 10 Gbps (only - foil insulation covering each bundle of wire pairs
on shorted - fire resistant plastic sheath
distances)

Cat 6a 10 Gbps 500 MHz - reduces attenuation and cross talk

(augmented) - exceeds traditional network segment length limits
- reliably transmits data at multigigabit per second rates
- backward compatible with Cat 5, 5e and 6 cabling

Cat 7 - 10 Gbps 600 MHz - each pair is wrapped in its own shielding, then packaged in additional shielding
- 100 Gbps (only beneath the sheath
on shorter - supports higher frequencies
distances) - needs sophisticated connectors (GG45 or TERA)
- thicker and less flexible

Cat 7a 40-100 Gbps at 1000 MHx - uses increased bandwidth to offer higher data rates
(augmented) very short - needs specialized connectors
distances

Cat 8 - 25 Gbps 2 GHz - already widely available for consumers to use in their home networks
- 40 Gbps - further improved and extensive shielding
(longer - best for short distance backbone connections within data centre
distances than - up to 40 Gbps over 30 metres
Cat 7) - connectors are backward compatible with Cat 5e and Cat 6
 ★ STP (Shielded Twisted Pair)
- has braided copper shielding
↳ shielding acts as barrier against external electromagnetic interference
↳ shielding contains the electrical energy of the signals inside
↳ must be grounded → enhances protective effects, prevents reflection issues

- Effectiveness of shielding depends on…

➔ Environmental noise (level and type)
➔ Shield material and thickness
➔ Grounding mechanism
➔ Shielding symmetry and consistency

- uses RJ-45 (registered jack 45) modular connectors and data jacks
- can transmit at rates faster than 10 Gbps
- max segment length 100 metres (1 Mbps – 10 Gbps)

★ UTP (Unshielded Twisted Pair)

- no additional shielding for twisted pairs
- less expensive (less materials than STP and doesnt require grounding installation)
- less noise resistant
- uses RJ-45 (registered jack 45) modular connectors and data jacks
- can NOT transmit at rates faster than 10 Gbps
- max segment length 100 metres (1 Mbps – 10 Gbps)

Cable Pinouts

Two methods of inserting twisted wire pairs into RJ-45 plugs:

- functionally very little difference between the two
- only must make sure that you use the same standard on
every plug and jack in the network
- federal government requires T568A on federal contracts for
backwards compatibility
● T568A (TIA/EIA - 568A)
● T568B (TIA/EIA - 568B)
 - Tx = transmit
- Rx = receive

Straight through cable (patch cable):

- Most common type of networking cable
- to make one → terminate RJ-45 plugs at both ends of the cable identically using one of the T568 standards
- allows signals to pass “straight through” from one end to the other
- designed for most connections you might need in a network (ex. Connecting a switch to a router)
➔ MDI (medium dependent interface): port configuration for straight through cables through which computers and rounters are
intnded to send and receive signals

MDI-X (MDI crossover): alternate port configuratio used by switches

- Ensures switches are listening on the MDI transmission wires and are trsnamitting on the MDI receive wires

Auto-MDI-X ports: ports on newer devices that automatically negotiate the transmit and receive wires between devices
- Will still work even if youre not using the correct cable (may be subject to performance issues though)

Loopback adapter: attaches to a port and crosses the transmit line with the receive line to create a closed loop
- Tricks computer into thinking its connected to a network
- used to tests a port or cable for connectivity

PoE (Power over Ethernet)

PoE (Power over Ethernet):

- PoE 802.3af standard →supplies 15.4 watts of power
- PoE+ → supplies 25.5 watts of power (newer devices)
- Method for supplying electrical power over twisted-pair Ethernet connections
- Requires Cat 5 or higher copper cabling
- Electric current can run over unused wires or wired uses for transmission
- Two types of devices
● PSE (power sourcing equipment): the device that supplies the
power
● PDs (powered devices): devices that receive the power form the
PSE
- end node must be capable of receiving PoE
↳ if not, adapters can be used to make it compatible
 ➔ injector/ midspan: adapter that connects to a non-PoE switch or router to inject power into the network
➔ Splitter: adapter that attaches to a non PoE client to receive power over the Ethernet connection

Ethernet Standards for Twisted Pair Cable

Fiber-Optic Cable

Fiber optic cable:

- Microscopic core contains one or several glass or plastic fibers
- fibers are surrounded by a layer of glss or plastic cladding
↳ cladding is less dense than the plastic in the strands so it reflects the liht back to the core in patterns
↳ reflection allows fiber to bend around corners without affecting the signal

- Plastic buffer outside the cladding → protects both the cladding and the core
↳ buffer is opaque and absorbs any light that may escape
- Strands of Kevlar (polymeric fiber) current the plastic buffer for further protection
- Plastic sheath covers strands of Kevlar

- data is transmitted through the central fibers via pulsin flight sent from one of two sources
● Laser: intense, focused light → travels very long distances, high throughput
 ● LED (light emitting diode) → cool-burning, long lasting technology → used on shorted distances

- operates in simplex fashion → each strand of glass usually transmits in one direction only
↳ two strands needed for full-duplex communication
➔ Zipcord cable:
- two strands of glass are are combined side-by-side in conjoined jackets
- spans short distances (ex. Connecting server and switch)
- sends data on one port and receives data through another port
➔ Bidirectional transmission:
- Each fiber cable carries data in both directions
- uses newer WDM technology to separate the data travelling in each direction on different wavelengths of light/ colours
- Requires BiDi / WDM transceiver: special end connection equipment for bidirectional transmission on fiber optic cabling
↳ more expensive
↳ reduce amount of fiber cabling needed by half
Characteristics of Fiber Optic Cable
● Throughput
- can transmit data at rates up to 100 gigabits per second per chanel
- amazing throughput because light experiences almost no resistance
- light based signals can be transmitted at faster rates with fewer errors compared to electrical pulses
● Cost
- most expensive wired transmission medium
- Expensive equipment (5x more $)
- Expensive installation (skilled installers required)
● Noise Immunity:
- Light is immune to EMI (electromagnetic interference)
● Size and Scalability
- Fiber optic cable segment lengths range from 2 to 40, 000 meters
- Optical loss:
↳ degradation of a light signal after it travels a certain distance away from it source (reason for max limit)
↳ imagine flashlight getting dimmer in the distance
● Excellent security
● Can carry signals for much longer distances before needed repeaters

SMF (Single Mode Fiber):

- narrow core → 8-10 microns diameter
- laser-generated light travels a single path over the core
↳ very little reflecting → light doesnt disperse as signal travels
↳ continuity accommodates highest bandwidths and the longest distances without the
need for repeaters
- supports Internet backbone
- rarely used for short distances
MMF (Multimode Fiber):
- wider core → 50–62.5 microns
- many pulses of light generated by laser or LED travel at various angles
- signals experience more attenuation
↳ not idea for long distances (more than a few kilometers)
- less expensive → used to connect routers, switches, servers on the backbone of a
network

FDP (Fiber Distribution Panel):

- the point of transition between SMF and MMF
- usually a case on a rack where…
● fiber cables converge
● connect with each other
● connect with fiber optic terminal equipment from the ISP

- Fusion splicer: melts the tip of two fibers together so light can pass cleanly through the joining (creates splices)
- Fiber stripper: strips off the outer layers of a fiber optic cable
- Fiber cleaver: cuts a clean slice through fiber strands

Fiber Connectors

MMF Connectors
- classified by number of fibers they connect

SMF Connectors
- classified by the size and shape of the ferrule
● Ferrule: extended tip of a connector that makes contact with the
receptacle in the jack or with another connector
- designed to reduce back reflection using shapes and polishes on the ferrule
● Back reflection: when the light signal returns back into the fiber
that is transmitting the signal
- measures as optical loss in dB (decibels)
- reduced by shapes on SMF ferrules
➔ UPC (ultra physical contact)
 - tips polished into a round surface
- ↳ shape worsens back reflection (light reflects directly back into the transmitting signal)
↳ allows two internal fibers to meet
↳ increases efficiency over older types of connections

➔ APC (angled physical contact)

- tips polished into an angled surface
- end faces are places at an 8 degree angle to each other
↳ shape reflects any signal loss in the opposite direction from the signal source
↳ minimizes back reflection

Types of Fiber Connectors

Photo Connector Type Polish Ferrule Duplex?

LC (Local Connector) UPC, APC 1.25 mm Full duplex

- more common b/c of
small size → high density
connections on either point

ST (Straight Tip) UPC 2.5 mm Not dull duplex

- older

SC (Subscriber UPC, APC 2.5 mm Can be full duplex

Connector)
- older

MT-RJ (Mechanical N/A 2 fibers Full duplex

Transfer-Registered
Jack)
- more common b/c of
smaller size → high
density connections on
either point
 Media Converters

Media Converter:
- hardware that enables networks or segments running on
different media to interconnect and exchange signals
- completes the physical connection between two different
media → converts one to the other
- must select the correct type of media converter for network

Fiber Transceivers

Transceiver:
- modular interfaces that can be plugged into switches to upgrade its interface at any time
- Hot-swappable: describes component that can easily inserted without disruption operations
- types of transceivers include…
● GBIC (Gigabit interface converter)
- obsolete
- older standard for transceivers
- contained RJ-45 ports (copper cables) and SC ports (fiber optic)
● SFP (small form-factor pluggable)
- same function as GBIC but smaller size
- More ports on body
- Supports 1 - 5 Gbps connections
-
● XFP (10 Gigabit small form-factor pluggable)
- Supports up to 10 Gbps
 - Slightly bigger than SFP
- lower power consumption than SFP+

● SFP+
- same size as SFP
- Supports 16 Gbps
- widely used today

● QSFP (quad small form-factor pluggable)

- Complies with 802.3ba standard
- 4 data channels
- Supports 40 Gbps (10 Gbps x 4)

● QSFP+
- 8 data channels
- Supports up to 400 Gbps (8 x 50 Gbps)
- highest speed format is QSFP56-DD

● CFP (centum form-factor pluggable)

- 100 Gbps

- To avoid using the incorrect transceiver, you must pair these devices based on supported speeds and protocols
- Installing a transceiver can be achieved by sliding the transceiver into a socket on the back of the connectivity device
- Most transceivers come with a tab or latch system and keyed so that they will slide into the socket when aligned properly

Ethernet Standards for Fiber-Optic Cable

Standard Ethernet Type Max Bandwidth Max Segment Distance Physical media
(transmission)

100 BASE-SX Fast Ethernet 100 30 metres MMF

100 BASE-FX Fast Ethernet 100 2000 metres MMF

1000 BASE-SX Gigabit Ethernet 1000 550 metres MMF

1000 BASE-LX Gigabit Ethernet 1000 550 meters for MMF MMF or SMF
 5000 meters for SMF

10G BASE- SR 10-Gigabit Ethernet 10, 000 300 meters MMF

10G BASE-LR 10-Gigabit Ethernet 10, 000 10, 000 meters SMF

Common Fiber-Cable Problems

Fiber type mismatch

- is actually more of a fiber core mismatch
- Even same-mode cables can be mismatched if the cores have different widths

Wavelength mismatch
- occurs when transmissions are optimized for one type of cable but sent over a different type of cable

Dirty connectors
- If fiber connectors get dirty, signal loss and other errors can start to cause problems

Link loss
- the power of a light signal emitted at one end of a connection is subjected to many losses along its way to the other end
- These include losses from distance along the cable, losses from multiplexing, and losses from imperfect connections, patches, or splices
- optical link budget: the calculation of all anticipated losses along the length of a connection

Cable Troubleshooting Tools

● You can start troubleshooting a network connection problem by checking the network connection LED status indicator lights
- A steady light indicates connectivity
- A blinking light indicates activity
- A red or amber light might indicate a problem

● If a cabling issue is suspected, you need to know which tools are designed to analyze and isolate
problems

Toner and Probe Kit:

- used together to help you determine where a wire is
➔ Tone generator (toner)
 - Small electronic device that issues a signal on a wire
- placed at the end of the wire
➔ Tone locator (probe)
- A device that emits an audible tone when it detects electrical activity on a wire
- swiped over each of the erminations where you suspect the target wire to be

Multimeter: instrument used to measure characteristics of an electrical circuit including..

- voltage
- presence of noise (detects extraneous voltage)
- test for short or open circuits in the wire (detects unexpected resistance or loss of voltage)
● short circuit: an unwanted connection (Ex. exposed wires touching each other)
● open circuit: a circuit where needed connections are missing (ex. Broken wire)

Cable Continuity Tester:

- Continuity: whether a cabe is carrying a signal to its destination
- Cable continuity testers have two parts
1. Base unit → connects to one end of the cable and generates voltage
2. Remote unit → connects to the other end of cable and detects voltage
- provides series of lights that signal pass/fail and other info
- May also emit audible tone
- Performs wire map test
↳ Verifies if wires in a cable are paired correctly following proper standards
↳ checks for exposed shorted and/or crossed wires
↳ common detected issues include…
● Reversed pair: wires of a single pair are reversed with each other → attached to
the wrong pins
● Crossed pair: two pairs are reversed with each other → ex. blue wire pairs are inserted where orange wire pairs
should be
● Split pair: one wire from each of two pairs are reversed with each other

Cable Performance Tester:

- expensive
- device used for sophisticated measurement of the overall performance of a cabling structure
- can perform the same continuity and fault tests as a continuity tester with added capacities…
● Measure the distance to a connectivity device
● Measure cable attenuation
● Measure near end crosstalk (NEXT) and alien crosstalk
● Measure resistance and impedance
● issue pass or fail ratings for cabling standards
 ● Store and print cable testing results
● Graphically depict a cables attenuation andn crosstalk characteristics
● TDR (Time Domain Reflectometer)
- Issues a signal on the cable and then measures the way it reflects/ bounces back to the TDR
- determines imperfections that may exist on the cable
● OTDRs (Optical Time Domain refletometers)
- Transmits light-based signals of different wavelengths over the fiber
- based on the type of return light signal, it can..
➔ Measure the fiber length
➔ Determine location issues (faulty splices, breaks, mismatched connectors)
➔ Measure attenuation

OPM (Optical Power Meter):

- Measures the amount of light power transmitted on a fiber-optic line
- must be calibrated precisely, following highly accurate optical power standards
- Final results are affected by…
● Surrounding room temperature
● Connection type
● Skill of the technician

Baseband: transmission form where digital signals are sent through direct current (DC) pulses applies to the wire
- can only transmit one signal or channel at a time
- every device on a baseband system shares the same channel → must wait their turn

Broadband: transmission form where signals are modulated as radio frequency (RF) anaolog waves that uses frequency ranges
-
- can carry multiple signals simultaneously
- span longer distances than baseband
- used for home cable TV
- wireless

Module 6: Wireless Networking

The Wireless Spectrum

wireless spectrum:
- the frequency range of electromagnetic waves used for
data and voice communication
- airwaves
- spans bands (frequency ranges) from 9 kHz and 300 GHz
- uses some of the same layer 3 and higher protocols

Technologies Band (frequency Description

range)

RFID 125 - 134.2 kHz **the lowest of several frequency ranged for RFID
(Radio Frequency - electromagnetic fields used to store data on a small chip → RFID tag
Identification) ↳ include antenna that can transmit and receive
↳ included battery
- tag holds 1–8 KB of data
↳ ex. Serial number, credit card info, medical data
- used for inventory managment

RFID Tag and Reader Combinations

● ARPT (Active Reader Passive Tag)
● PRAT (Passive Reader Active Tag)
● ARAT (Active Reader Active Tag)

NFC 13.56 MHz Fixed frequency

(Near Field - form of RFIC
Communication) - transfers data wirelessly over short distances (<= 10 cm)
↳ ex. Ticketing, cashless payment
- can be pogrammed to transmit stored data, direct a browser to a webpage, change device
settings
Z-Wave 90.842 MHz Fixed frequency
- offers range of 100m per hop
- can tolerate 4 hops through repeaters
- smart home protocol
- provides two basic functions
1. Manage wireless connections
2. Transmit data and commands between devices

- hub: network controller that receives commands from a device and relays the commands to
other smart devices on the network
- Node ID: 1-byte ID that identifies devices on the network
- Network ID: 4-byte ID that identifies entire network

Cellular 824 – 896 MHz commonly called the 800 band

RFID 858 – 930 MHZ one of several bands assigned to RFID

(Radio Frequency
Identification)

Cellular 1850 – 1990 MHz commonly called the 1900 band

Wi-Fi – 802.11 b/g/n/ax 2.4 – 2.4835 GHz 11 or 14 20-MHz channels

- uses DSSS (direct sequence spread spectrum)

- access point:
↳ the central connectivity device for Wi-Fi clients on a network

ZigBee 2.4 – 2.4835 GHz 16 channels

- 802.15.4 standard
- uses DSSS (direct sequence spread spectrum)
- low-powered, battery conserving wireless technology
- handles small amounts of data
 ↳ idea for use in ISM (industrial, scientific, medical) sensors
- simple, reliable, secure
- uses 128 bit AES encryption for security

Bluetooth 2.4 – 2.4835 GHz 79 channels

- 802.15.1 standard
- uses FHSS (frequency hopping spread spectrum)
- unites separate devices and accessories under a single communications standard
- hops between frequencies up to 1600 hops/sec to reduce interference
- devices need proximity to make connection
- named after medeival king of Denmark named Harald Bluetooth
Piconet:
↳ a network of bluetooth devices
↳ one device is designated as the master
↳ master device provides the clock which the other devices use to coordinate their channel
hopping

RFID 2.446 - 2.454 GHz Highest frequency range for RFID

(Radio Frequency
Identification)

ANT+ 2.457 GHz Fixed frequency

- ANT protocol
↳ ad hoc wireless protocol
↳ refers to the insect b/c its a hard worker

- gathers and tracks info from sensors embedded in heart rate monitors, GPS devices and
activity monitoring devices
- can sync data from multiple devices for the same activity (Ex. smart watch, smartphone,
fitness equipment)

Wi-Fi – 802.11 a/n/ac/ax 5.1 - 5.8 GHz 802.11n and above

↳ 24 channels of 20 MHz each

802.11ac and above

↳ 6 channels of 80 MHz each
OR
↳ 2 channels of 160 MHz each

- uses DSSS (direct sequence spread spectrum)

 - access point:
↳ the central connectivity device for Wi-Fi clients on a network

Wi-Fi – 5.925 - 7.125 GHz 59 channels of 20-MHz each OR

802.11 ax (Wi-Fi 6E) 29 channels of 40-MHz each OR
14 channels of 80-MHz each OR
7 channels of 160-MHz each

- uses DSSS (direct sequence spread spectrum)

- access point:
↳ the central connectivity device for Wi-Fi clients on a network

IR (Infrared) 300 - 300,000 GHz 10 channels + 4 near-infrared channels

- commonly used in remote controls

- exists just below the spectrum that is visible to the human eye → longer wavelengths than
red light
- form of light
↳ requires unobstructed line of sight (LOS) between transmitter and receiver
- IR sensors used to collect info like…
● presence or level of liquid (based on reflections)
● Variations in skin caused by blood flow variations (monitor heart rate)
● Proximity to a device (smart car steering away from another vehicle → avoid crash)
● commands from a control device (tv remote)

Channel Management

- Bands used by wireless devices are defined by overall frequency ranges

 ↳ subdivided into channels → further subdivided into narrowband channels

Technologies that take advantage of frequencies within bands

- help to avoid interference
● FHSS (frequency hopping spread spectrum)
- A short burst of data is transmitted on a particular frequency within the band
- The next burst of data will be transmitted on the next/adjacent frequency to the first
↳ frequency hopping
- cheaper than DSSS
- Works better than DSSS in crowded indoor environments

● DSSS (direct sequence spread spectrum)

- data streams are divided into chips (small chunks of data)
- chips are then spread over all available frequencies within one of three wide channels simultaneously
- Chipping: dividing and encoding the data
- Chipping code: the ratio of data spreading used to transform the data
- uses available bandwidth more effectively than FHSS
- Higher throughput than FHSS

Antennas

- air provides no fixed path for wireless signals to follow → signals travel without guidance
- Wireless signals are transmitted, receives and controlled differently than wired
↳ starts at the hardware level

- wireless signals originate from electrical current travelling through a conductor

- signals travel from the transmitter to an antenna

Antenna:
- Used for both transmitting and receiving wireless signals
- Two antennas must be tuned to the same frequency to communicate
- receives electrical signals passed to it from a wired conductor and emits them as a series of electromagnetic waves into the atmosphere
- signal moves through the air and eventually reaches its destination where another antenna detects the signal and coverts it back to
current

Antenna’s radiation patterns:

- Describes the relative strength of all the electromagnetic energy the antenna sends or receives over a 3-dimensional area
- two basic categories/ classifications:
● Directional antenna (unidirectional):
 - issues wireless signals in one direction
- uses when the source needs to communicate with one destination
- ex. Satellite down link
- Can apply more energy towards transmission than an omnidirectional antenna (energy only going out one way)
● Omnidirectional antenna:
- Issues and receives wireless signals with (somewhat) equal strength and clarity in all directions
- Used when many receivers need to be able to pick up a signal in different directions
- Ex. TVs and radios

Range: the geopgraphica area that an antenna or wireless system ca reach

- Receivers must be located within range

EIRP (effective isotropic radiated power): theoretical ratio used to measure antenna performance
- Measured in decibels relative to one miliwatt dBm

ERP = transmission power (dBm) — cable loss (dB) + antenna gain (dBi)

RSSI (received signal strength indicator): measures the power of the signal on the receivers end
- Measured in dBm
- Expressed as negative numbers
- Numbers closest to 0 are best (Ex -30 is excellent and -50 is good)

Signal Propagation

Propagation: the way that a wave travels from one point to another
➔ LOS (line of sight): propagation in a straight line
- maximizes the distance for energy used
- Clearest posible signal

➔ propagation can be affected in the following ways

● Attenuation
- wireless signal gets weaker as it moved further away from the
source of transmission
- signal can be amplified by a repeater also called a wireless
range extender
- distance
 ● Fading
- the strength of the signal that reaches the receiver is lower than the signal that was transmitted
- signal runs into obstacles that fade its strength
● Interference
- signal is affected by EMI (electromagnetic interference)
- Wireless signals more vulnerable to EMI and noise than wired signal
- SNR (signal-to-noise ratio): proportion of noise to the strength of the signal
● Refraction
- wave length travels into a different transmission medium and it’s speed, direction or wavelength are altered
- (Ex. glass, or another solid)
● Reflection
- wave encountered an obstacle and bounces back (reflects) towards the source
- typically bounces off larger surfaces than its wavelength
- most likely with conductive materials (ex. metal)
- (Ex. wall, ceiling, ground)
● Scattering
- wireless signal is diffused/ scattered in multiple directions
- Happens when wavelength travels into another medium
- typically when medium is smaller surface than its wavelength
- Also caused by precipitation (rain, mist) for outdoor signals
● Diffraction
- wave is split into secondary waves when it encounters an obstruction
- Secondary waves continuen to propagate in the direction where they were split
- Wave almost “bends around” obstacle

802.11 WLAN Standards - Wi-Fi

- WLANs define operations at OSI layers 1 and two (physical and data link)
- Support the same TCP/IP higher layer protocols (IP, TCP, UDP)

Wi-Fi (wireless fidelity):

- Collection of wireless standards and their amendments, extensions and corrections
- Developed by IEEE

Standard Frequency Band Max Theoretical throughput Geographical range

802.11b (Wi-Fi 1) 2.4 GHz 11 Mbps 100 m

802.11a (Wi-Fi 2) 5 GHz 54 Mbps 50 m

802.11g (Wi-Fi 3) 2.4 GHz 54 Mbps 100 m

802.11n (Wi-Fi 4) 2.4 GHz or 5 GHz 600 Mbps Indoor: 70 m

* start of channel bonding Outdoor: 250 m
* start of MIMO

802.11ac (Wi-Fi 5) 5 GHz Wave 1 (3 data streams): 1.3 Gbps Indoor: 70 m

Wave 2 (4 data streams): 3.47 Gbps Outdoor: 250 m
- * start of MU-MIMO
Wave 3 (8 data streams): 6.93 Gbps

802.11ax (Wi-Fi 6 and Wi-Fi 6E) 2.4 GHz or 5 GHz 9.6 Gbps Indoor: 70 m
* start of OFDMA Outdoor: 250 m
or 6 GHz (for Wi-Fi 6E only)

802.11 Innovations (Wi-Fi)

- all 802.11 (Wi-Fi) standards use half-duplex signalling

↳ an antenna can either transmit or receive but not do both simultaneously

- several innovations have been made to make 802.11 faster

● Channel bonding
- starts with 802.11n
- Two adjacent channels can be combined/ bonded to make a 40-MHz channel \
- More than doubles bandwidth available for a channel
- 5-GHz band is better suited to channel bonding than 2.4 GHz band
● MIMO (multiple input-output point)
- First available in 802.11n
- Multiple antennas on the access point and on a client device process incoming and outgoing data simultaneously
- Multiple signals dont arrive at the same receiver at the same time
- Methods to improve transmission
➔ signal quality and range
- Spacial diversity of different antennas
- Improves noise
- each antenna receives a slightly different version of the signal and the strengths of each signal are summed
 ➔ Signal capacity
- Spacial multiplexing
- Adds a new data stream in between each additional pair of antennas
- Increases the amount of data being transmitted and received
● MU-MIMO (multiuser MIMO)
- used by 802.11ac Wave 2 and newer
- allows multiple antennas to service multiple clients simultaneously
- Antennas use different spatial streams
↳ relies on clients being positioned far apart from each other
- Reduces congestion
- Only available for downstream
● OFDMA (orthogonal frequency division multiple acces)
- support s a more efficient multiuser functionality
↳ for 802.11ax devices only
- Subdivides each channel into smaller frequency allocations for each client
- AP then transmits multiple small framed to multiple clients at one time using parts of the channel
➔ Data frame aggregation
- begins with 802.11n
- combining multiple data frames into one larger
frame
- Two techniques
1. A-MDSU ( aggregated Mc service data
unit)

2. A-MPDU (aggregated Mac protocol data unit)

- used by 802.11ac
- used by 802.11ax
- each frame addes to the mix retains some of its error checking data → more reliable

Access Method

- MAC sublayer appenfs physical addresses to a data frame

- 802.11 appends a 48-bit physical address to a frame → identifies its source and
destination

CSMA/CA (carrier sense multiple access with collision avoidance)

- 802.11 standards use these procedures to access shared mediums
- minimises potential for collisions
- Cannot detect the occurrence of a collison → simply restarts if it encounters an
issue
 ● Step 1
- node checks for existing wireless transmissions before sending data
- if no existing transmission, → brief pause → sends
data
● Step 2
- Destination node receives transmission → sends
ACK (acknowledgement) packet to source
- If no ACK packet sent or issue arrises, → node
restarts CSMA /CA process

RTS/ CTS (Request to Send / Clear to Send) protocol:

- source node issues RTS signal to access point → request to have
the exclusive opportunity to transmit
- If access point responds with CTS signal → access point temporarily suspends communication will all nodes in its range and waits for node
to compete transmission
- Decreases network efficiency
- solves hidden node problem: nodes situated too far apart that they arent visible to other nodes in the area

Association and Wireless Technologies

Association: process by which a wireless device (such as a laptop, smartphone, or any Wi-Fi-enabled
device) connects to a specific wireless access point (AP) to become part of a network
- Function of the MAC sublayer in 802.11 standard
- Works by means of scanning
- Scanning: when a wireless device is on and periodically surveys it surroundings for evidence of
an access point
● Active scanning:
- Wireless client takes initiative
- client device transmits a probe on all available channels
- AP detect the probe and issues its own probe back with all the info the client
needs to associate with the AP
● Passive scanning:
- AP takes initiative
- Wireless client device listens on all channels for a beacon frame (special signal
that the AP issues periodically)
- Beacon frame contains info that a wireless node needs to associate with the AP
including…
 ↳ SSID (service set identifier): a character string used to identify an access point
- Default manufacturer SSIDs should be replaced with a custom ID for security purposes
- Disguise the nature of the network identified by the SSID
- Minimize confusion for employees using an easily recognised but uncommon SSID

Wireless Service Set Condigurations:

● IBSS (independent basic service set) – ad hoc topology
- small number of nodes closely positioned to transmit directly to each other
- No intervening connectivity device
● BSS (basic service set) – infrastructure topology
- A group of nodes share an access point
- AP accepts wireless signals from multiple nodes and retransmits them to the rest of the network (usuallt on a wired connection)
- BSSID (basic service set identifier) is used to identify the group of nodes
● ESS (extended service set) — mesh topology
- Several access points work as peer devices on the same network
- APs are configured and managed by a wireless LAN controller
- Wireless LAN controller
↳ can be a physical device installed locally or a virtual device
↳ uses LWAPP (lightweight access point protocol) to direct all wireless frames to the controller by adding headers to them
↳ provides centralized authentication for wireless clients
↳ can detect rogue access points: unauthorized APs
- ESSID (extended service set identifier) used to identify groups of nodes
- Clients can freely roam and associate with any AP in the ESS using the same ESSID
- Enabled by reassociation which occurs automatically when
● Device moves out of range of initial AP
● Initial AP is experiencing issues

IEEE 802.11 Frames

- 802.11 Wi-Fi standard specifies a frame type at the MAC sublayer

- Frame types divided into three groups
● Managment frames
- Association and reassociation
- Ex. probe frame, beacon frame
● Control Frames
- Medium access and data delivery
- Ex. ACk frame, RTS/CTS frame
● Data frames
- Carry data between frames
 - large quantity of fields in 802.11 frame
➔ Address 1: source address
➔ Address 2: transmitter address
➔ Address 3: receiver address
➔ Address 4: destination address

Implementing a Wi-Fi Network

SOHO networks:
- Small office, home office network
- One central AP and some rang eextenders
- AP device often combines switching, routing and other network functions
- can be wireless or wired
- Can be a gateway to the internet
- Can include many different IoT (Internet of Things) devices
↳ all these connected devices in a home create a HAN (home area network)
● Smart speakers:
- Amazon echo, Apple home pod, google home
- Can have personal assistants embedded (siri, alexa)
● Smart thermostat:
- can control temperature remotely from phone
- Program specific settings based on schedule, activity level and weather
● Smart doorbell:
- Monitors entryway for movement
- Can be filtered to nly recognize certain types of movement
- Can talk to visitors remotely by video mic
● Smart fridge
- Used RFID or barcode tracking to detect items stored inside fridge
- alerts users when items running low
● Securtiy camera
- Sends alerts and video feeds through wifi to a smartphone app
- User can remotely monito areas

Where to install a SOHO WLAN access point:

● Consider distance between AP and clients
● Consider type and number of possible obstacles
● Place AP in a high spot
● Make sure AP not near possible sources of interference
Where to install a Corporat Network WLAN access point:
● Conduct a site survey to assess environment for best place to put it
● Study bleuprints and identify obstacles
● Consider if any of the APs will be used as wireless bridge to connect two networks or remote portions of network
● Determine if some floors require several APs
● Measure signal coverage and length from other WLANs to inform decision
● Test proposed AP locations
● Test wireless access from farthest corners in space
● Consider materials that arent always present in the spac e
● Consider how wireless portions will integrate with wired portions of network
● Can use wireless survey software
- Heat map feature: maps wifi signals and noise in location, can pinpoint dead zones

Configuring Wi-Fi Connectivity Devices:

● set up admin password
- Make it different from the wifi client password
● Set up SSID
- Determine if its broadcasted or not
● Set up security options
- Ex. credentials needed to associate with the AP
● Potentially set up DHCP options
- **most admin dont configure AP as a DHCP server

Configuring Wi-Fi Clients:

● Onboarding
- users install an app or agent on device
- Gives device trusted access to certain portions of the network

● Offoardng
- Removing the agent from the device
- Admin would do this for security reasons if device is lost or stolen
- Can do so remotely → clear device of important info, permissions and apps without having it physically

Wi-Fi Network Security

 - 802.11 standard does not offer security on its own
● Authentication:
- wireless client logs onto network by providing the correct password for the SSID or providing user credentials to be processed
by an authentication server
- MAC filtering: prevents AP from authenticating any device with a MAC address not listed by the network admin
➔ not most secure b/c MAC addresses are easily spoofed impersonated
● Encryption algorithms:
- Data transmitted over airwaves is scrambles intoa format thay cannot be easily interpreted if the signal is intercepted

Security option Description Message integrity/ Key distribution Encryption

packet authentication

WPA - dynamically assigns each - uses Micheal message - assigns every uses widely used
(Wi-Fi Protected transmission its own kwy integrity code to ensure transmission its own key encryption cipher RC4
Access) - uses TKIP (temporal key that upcoming packets are (Rivest Cipher 4)
integrity) scheme for encryption coming from the source
key generation and management they say they are

WPA2 - stronger sta confidentiality - CBC-MAC uses block none Uses AES (Advanced
(Wi-Fi Protected methods thna WPA cipher algorithm to Encryption Standard) to
Access, version 2) - uses CCMP (Counter Mode ensure packets are coming provide faster and more
with CBC [Cipher Block from the source they say secure encryption than
Chaining]) Protocol they are TKIP
↳ improves wireless security for
newer devices
 Personal and Enterprise

Personal versions of WPA and WPA2:

- WPA-PSK
- WPA2- PSK
- PSK (Pre-Shared Key)
➢ need to enter a passphrase for device to authenticate to the network
➢ Passphrase and SSID are used to calculate a unique encryption key
for each device

RADIUS (Remote Authentication Dial-In User Service)

- open source authentication and authorization service
- offers a central authentication point for wireless, mobile and remote users
- Used to make Wi-Fi communication as secure as possible

EAP (Extensivle Authentication Protocol):

- Only provides the framework for authenticating clients and server → doesnt
perform encryption or authentication by itself
- works with other schemes (like RADIUS) to verify the credentials of users and
devices
- Flexible
- works with RADIUS by organizing communications with the network client devices while radius does the actual authentication
- EAP messages are encapsulated inside RADIUS messages
- 3 main EAP entities
● Supplicant: device requesting authentication
● Authenticator: the network device that initiatives the process of authentication
● Authentication server: the server that performs the authentication
➢ Step 0:
- Wireless device associated with AP
➢ Step 1
- Supplicant requests authentication
- Authenticator initiates process by asking supplicant to verify itself
➢ Step 2:
- Supplicant responds
 - Authenticator forwared information to the server (RADIUS)
➢ Step 3
- Server makes multiple requests to supplicant asking to verify information
➢ Step 4
- If responses match → server authenticates supplicant
- If not → authentication fails

EAPoL (EAP over LAN):

- EAP adapted to work on wired and wireless LANs in the 802.1X standard (new)
- Allows only EAPoL traffic over any switch or AP port connected to a client untilt eh client has authenticated with the server
- Called PNAC (port based network access control)

Adaptations of EAP:
● EAP-TLS:
- EAP using TLS to protect and encrypt communication
- also used PKI (public key infrastructure) certificated to exchange public keys and authenticate supplicant and server
 ● PEAP (Protected EAP)
- Tunnel based encryption
- Creates an encrypted TLS tunnel between supplicant and server before proceeding with EAP process
- Also called the ‘outer method’

● EAP-FAST (EAP–Flexible Authentication via Secure Tunneling)

- Another form of tunneled EAP
- Simialr to PEAP but faster
- Uses PACs (Protected Access Credentials) similar to browser cookies
➔ PACs are stored on supplicant device to make it faster to creat the TLS tunnel in future sessions

Other Security Configurations

● AP and antenna placement

- Position AP and antenna in placed that are ideal for security and efficiency
- Ex. if you place it near an outer wall, network may be vulnerable to attack from someone parked outside nearby
● Geofencing
- Security technique that detects a Wi-Fi client’s geographical position
- Activates resources or access according to location
● Guest network
- set up an isolated network for guests through the Wi-Fi router/ AP
- Guest network has separate SSIF and passphrase and can be managed with different restrictions
● Wireless client association
- Stricter guest network
 - Allows wireless client onto network but imposes firewall rules to restrict client to only be able to communicate with the default
gateway
- Restricted client cannot communicate with other devices on network
● Captive portal
- First page a new client see when connecting to the guest network
- Should set terms and condition for user to agree too
- Should remind them…
➢ Network is not secure
➢ Be careful about what they chose to transmit
➢ Avoid engaging in illegal activity

● IoT acces considerations:

- Think about how best to give network access to IoT devices
- Use two factor authentication
- Create entirely separate Wi-Fi network for all IoT devices
- Disable features youre not using

Other Security Configurations

● War Driving
- Hacker drives around with a laptop or phone configured to receive and capture wireless transmissions
- Effective for obtaining private info
● War Chalking
- One hacker discovered vulnerable acces points and make the info public by drawing symbols on the sidewalk in chalk
- Symbols could indicate the access points SSID and whether its secured or not
● Evil Twin
- Device connects to a network and sets up a rogue access point that impersonates the actual AP
- When other users try to associate to the network, they may connect to the rogue access point/ evil twin AP without your knowledgd
and gain access to steal your data or access a network that trusts your system
● WPA Attack
- Intereption of network keys communicated between clients and accep points
● WPS Attack
- attack facilitated by the WPS (Wi-Fi Protected Setup) security setting that is available on some consumer-grade APs
- WPS rewures a PIN that can be easily cracked using a brute force attack that attempts as many possible character combinations to
find the right one
- The PIN feature in WPS should always be disabled
● Bluejacking
- A connection is used to send unsolicited data
● Bluesnarfing
 - A connection is used to download data without permission

Troubleshooting Wi-Fi Networks

Spectrum analyzer:
- Device that assess the quality of a wireles signal by scanning a band of frequencies for signals and noise
- can determine when interference is the greatest

Wi-Fi analyzer:
- software that evaluates the Wi-Fi network availability
- Helps to optimize the Wi-Fi signal settings and identify threats

Network testing tool capabilities:

- Identify transmitting APs, nodes, and the channels theyre using to communicate
- Measure signal strength and AP range
- Indicate effects of attenuation noise and signal loss
- Interpret signal strength in diff locations
- Ensure proper association and reassociation with APs
- Capture and interpret traffic exchanged between AP and nodes
- Measure throughput
- Assess data transmission errors
- Analyze characteristics of each channel → indicate clearest

Avoid Pitfalls

When you cant get the Wi-Fi client to connect to the AP…
● Wrong SSID
- The client must select the correct SSID
- AP may not broadcast SSID
- Workstation may not be configured to look for access points
- May have to entwer SSID manually → SSIDs are case sensitive!
● Encryption protocol mismatch
- Wireless client must be configured to use and allow the same encryption protocol that AP uses
 ● Incorrect passphrase
● Static Channel utilization
- Some client devices are configured to use only a certain channel or frequency
- Client will be unable to connect to AP on different frequency or channel
● Mismatched RF band
- Some wireless devices are designed to only use one specific Wi-Fi band
- Need to use an AP that offers Wi-Fi on that band (Ex. 5 GHz band)
● Mismatched 802.11 standards
- Access point and clients must both be set to communicate on the same Wi-Fi standard
● Long AP association time
- user may be trying to connect from the very edge of the networks covered range
- user may be moving throughout the area while trying to connect and forcing their device to frequently reassociate with a new AP

When the connection is slow….

● Insufficient wireless coverage
- client may be too far from any AP
- May be may obstacles
● RF attenuation/ signal loss
- Maxed out power levels for signals can cause too much overlap between AP
coverage areas → causes clients to connect to APs that are farther away but
emitting the strongest signal
- Strength of signal should be optimized for that specific area
● Interference
- Sources of EMI, fluorescent lights, heavy machinery, cordless phones
● Channel overlap
- Using channels too close to each other on the frequency spectrum can cause
interference with each other
● Wireless standard specifications
- Choose the correct wireless standard for a specific network’s needs
● Simultaneous wired and wireless connections
- Workstations cannot transmit both wired and wireless transmission at the same tinme
● Firmware update problems
- test updates to firmware and NIC’s before rolling them out
● Incorrect antenna type
- Double check if the idea antenna type for the space is omindirectional or unidirectional
● Mismatched antenna polarization
- Polarization: the axis (horizontal or vertical) along which an antennas radio waves emanate from
- Important to know so you can position the antenna for maximum coverage through the intended range