CHAPTER 4: Switching 166 C. Install a bridge to break the larger LAN into two smaller ones, and then connect these to the other LAN using a switch. D. Install a switch to break the larger LAN into two smaller ones, and then connect these to the other LAN using a switch. A small network consists of three computers named Alpha, Beta, 6. and Omega. Alpha sends a message to Omega, and the data is passed through a switch. When it reaches the hub, which of the following will occur? A. The message is broadcast to all of the computers on the network. B. The message is sent out on all of the ports. Beta will ignore the message because it isn’t intended for that computer. C. The message will only be sent out on the port connecting to Beta. D. The message will only be sent out on the port connecting to Omega. You are the network administrator of a large company that has 7. experienced several hacking attempts in the past. You decide to install a new IDS on your network. Which of the following will be required so that the IDS can view data going across a switch? A. Port authentication B. Port mirroring C. VLAN D. Trunking Your company is looking at replacing all of the standard 8. telephones used in its offices with IP telephones. The initial analysis shows that there would be a cost savings to the company using IP telephones, but there is a concern that there would be a high initial cost of having to install new electrical outlets to power these devices. Which of the following could be used to power the IP telephones without needing to install additional power outlets? A. PoE B. STP C. Trunking D. VLAN Self Test 167 You have decided to implement redundant switches on your net-9. work that will enable packets of data to take the best possible route to their destination. Which of the following features will you want on the switches that will be used on this network so that looping doesn’t occur? A. STP B. UDP C. TCP D. IDS You have installed new cabling to accommodate a new section of 10. the building that is being networked. Once computers are installed, you find that they are unable to connect to the network. You believe the problem is that the length of the cabling has exceeded the maximum distance allowed. You want to fix the problem with the least amount of cost and work. Which of the following will you do? A. Remove the cabling and install cable that supports a longer distance. B. Install a passive hub to increase the distance that data can travel along the cable. C. Install a NIC to increase the distance that data can travel along the cable. D. Install a switch to increase the distance that data can travel along the cable. A computer wants to send data to another computer on the 11. network. Before it can send the data, it must send its credentials to a server that verifies that it has access. Which of the following is being used? A. Port authentication B. Port mirroring C. VLAN D. Trunking You want to have computers in different buildings to be part of the 12. same broadcast domain, so that when a computer sends a broad- cast message, all of the computers in that domain will receive it. What will you do to achieve this? CHAPTER 4: Switching 168 A. Use a switch to establish a bridge between the two networks. B. Use port mirroring to have the broadcast sent to computers in the other building. C. Implement a VLAN so that all computers can be part of the same VLAN and receive broadcasts. D. Use trunking to connect the two networks together. A client is attempting to send data across a port that requires 13. authentication. In attempting to send data across the network in this situation, what role does the client play? A. Supplicant B. Authenticator C. Authentication server D. File server You have set up several VLANs on your network. You want to have 14. computers that are part of the same VLAN that are in different buildings connected by a single network link. Which of the follow- ing will you use to implement this? A. Multiport bridging B. STP C. Create a new VLAN that will incorporate the different computers you want connected together as part of the same VLAN. D. Use trunking to connect the two virtual networks together. A client is attempting to send data across a port that requires 15. authentication. In attempting to send data across the network in this situation, what role does the port play? A. Supplicant B. Authenticator C. Authentication server D. File server Self Test Quick Answer Key 169 SELF TEST QUICK ANSWER KEY A1. B2. D3. B4. B5. D6. B7. A8. A9. D10. A11. C12. A13. D14. B15. This page intentionally left blank 171 CHAPTER 5 EXAM OBJECTIVES IN THIS CHAPTER RADIO FREQUENCY AND ANTENNA BEHAVIORS AND CHARACTERISTICS 175 WIRELESS NETWORK CONCEPTS 179 COMMON EXPLOITS OF WIRELESS NETWORKS 200 CONFIGURING WINDOWS CLIENT COMPUTERS FOR WIRELESS NETWORK SECURITY 216 SITE SURVEYS 220 INTRODUCTION Wireless networking has provided a new era of data connectivity unmatched by cabled networks. Increases in the speed of deployment, access to data, and scalability mean that the needs of specific user communities can be addressed in ways that were unavailable to network architects a few years ago. New streams of end user applications and services are being developed to provide businesses and consumers with advanced data access and manipula- tion. The main benefits of wireless integration will fall primarily into two major categories: Convenience Productivity Convenience First and foremost in the minds of Information Technology (IT) professionals, business leaders, and end consumers when discussing wireless networking is the aspect of convenience. This basic benefit more or less outweighs all other benefits combined in terms of user interest in wireless and is predominantly Wireless Networking CHAPTER 5: Wireless Networking 172 the main reason for their deployments. Convenience can be broken down into three areas of interest: Flexibility Roaming Mobility Flexibility Wireless technologies provide the greatest flexibility of design, integration, and deployment of any networking solution available. With only transceiv- ers (wireless network adapters) to install in the local station and a wireless hub or access point (AP) to be configured for local access, it is simple to retro- fit wireless networking within existing structures, or to create access services where traditional networking infrastructures cannot go. With traditional networking infrastructures that mostly rely on copper or fiber-optic cabling, a physical path is required between the access concentra- tor (a hub or switch) and each of the end users of the network. This means that a cabling run has to be created from one end of the network to the other for users to communicate with each other, whether they are using worksta- tions or servers. Wired access drops are generally static in location in that the access is provided from a specified point that cannot easily be moved from one physi- cal location to another. This also implies that if an existing access drop is in use, other users must wait their turn to gain access to the network if the next closest available drop is not conveniently located. The only other way to nav- igate this issue would be to install yet another concentrator (hub or switch) so that more users can share that preexisting cable drop. Existing environ- ments may not always be “new installation friendly”. Many older buildings, houses, and apartments do not provide facilities for installing new cabling. In these environments, building contractors and engineers may need to get involved to devise ways of running new cabling systems. When existing cable run facilities are available, they do not always offer the most optimum path between existing local area network (LAN) resources and new users. Security concerns also have to be addressed if a common wiring closet or riser is to be shared with other tenants. As such, the cost involved in installing new cabling can be prohibitive in terms of time, materials, or installation costs. Another factor involved in the installation of new cabling is loss of rev- enue due to the unavailability of facilities during the installation itself. Hotel chains, convention centers, and airports stand to lose revenues during a cable installation retrofit project if a section of the building has to be closed off to customer access for safety reasons during the installation. Introduction 173 Intangible costs have to be explored as well when investigating the instal- lation of new cable runs. These include customer dissatisfaction and loss of customer goodwill during and after the retrofit project. With wireless networking all that is required to create a new network is unrestricted radio wave access between end nodes and/or between an end node and a wireless AP within the vicinity of the end nodes. Radio waves can travel through walls, floors, and windows, which gives wireless network designers the flexibility to design wireless networks and install APs where needed. This means that a wireless AP, when properly placed, can be used to support multiple user environments at the same time. An example of this in a wireless LAN configuration would consist of locating a wireless AP on the inner side of an eastern-facing exterior wall on the second floor of an office building. This one wireless AP could simultane- ously serve the needs of a group of users on the eastern corner of the first floor, second floor, and third floor, along with those on the terrace located outside the first floor eastern corner. In this configuration, access is provided to users located on different floors inside and outside the building with a minimal commitment in terms of equipment and resources. Another example of a wireless LAN configuration would consist of pro- viding networking access within a large public area such as a library. In this scenario, properly placed APs could provide network coverage for the entire floor area without impacting the day-to-day use of the facilities. In addition, the APs could be located in an area of the library that has restricted access and is physically secure from daily activities. Roaming A wireless network access zone is an area of wireless network coverage. Compared to traditional wire-based networks, a wireless user is not required to be located at a specific spot to gain access to the network, although the user must be in range of the AP. A user can gain access to the wireless net- work, provided he or she is within the area of wireless coverage where the radio signal transmissions to and from the AP are of enough strength to support communications. For a more flexible and robust solution, you can organize multiple APs to overlap coverage in a single area, thus allowing users to roam seamlessly between APs without a loss of connection. With the always-on connectivity provided by wireless LANs, a roaming user is one that has the ability to: Physically roam from one location to another within the wireless access zone. Logically roam a session from one wireless AP to another. CHAPTER 5: Wireless Networking 174 When discussing physical roaming, we would include both the movement of a user within a single AP’s wireless network access zone or within the combined network access zones for all the APs that are part of this network. When discussing logical roaming we refer to the transference of a network- ing session from one wireless AP to another without the need for any user interaction during the session reassociation process. When a user moves from one wireless AP’s area of coverage to another AP’s area of coverage, the user’s transmission signal strength is assessed. As the signal reaches a threshold, the user credentials are carried over from the old “home base” AP to the new “home base” AP using a session token or other transparent authentication scheme. This combination of physical and logical roaming allows users to keep data sessions active as they move freely around the area of coverage. This is of great benefit to users who require maintaining a data session with net- worked resources as they move about a building or facility. An example of this would be an internal technical service agent. In their day-to-day activities, these agents may be called upon to service end stations where access to technical troubleshooting databases, call tickets, and other sup- port resources may be required. By having access to these services over the wire- less network, the technicians can move from one call ticket to another without being forced to reconnect to the wire line network as they move about. Another benefit to maintain an always-on session is that they could provide live updates to the ticketing databases or order replacement supplies at the time of service. Next, we take a look at a senior manager who is attending a status meeting in a conference room where a limited number of data ports will be available to access e-mail, databases, and other information stores. If this manager had access to wireless networking capabilities on their laptop, he or she could maintain a connection to the same services that are available at the local desktop. Real-time reports with up-to-the-minute metrics on business activities and critical information flows could be accessed more efficiently. The road to the top might actually be a little simpler. As we mentioned earlier, the lack of wired lines provides the network archi- tect with the ability to design networking solutions that are available anytime and anywhere through always-on connectivity. As noted in the previous exam- ples, any networking solution using traditional wired line media would hit a hard limitation when exposed to the same requirements of access coverage. The costs in cabling materials alone would preclude any such contemplation. Mobility The last concept dealing with convenience is that of mobility. This benefit alone is often the biggest factor in an organization’s decision to go for a wireless-based networking solution. Radio Frequency and Antenna Behaviors and Characteristics 175 In traditional wired networking environments, once a cabling infrastruc- ture is set in place, rarely does it move with tenants when they leave to a new facility or area of a building. Cabling installations are considered part of the cost of the move and are essentially tossed out. With a wireless networking environment, the wireless APs can be unplugged from the electrical outlet and redeployed in the new facility. Very few cables, if any, are left behind as a going away present to the building owner. This allows the network architects to reuse networking equipment as required to address the networking realities of each environment. For example, it is possible to move part or all of a network from one func- tional area to another or from one building to another. This facilitates the job of IT managers who are constantly faced with network resource rational- izations and optimizations such as the decommissioning of access ports, or the moving of equipment and personnel from one area to another. Test Day Tip Mobility, roaming, and all the benefits of wireless network over that of wired networks covered in this chapter are all background information for you so that when items such as Wired Equivalent Privacy (WEP), frequency hopping spread spectrum (FHSS), and Fresnel Zone are covered, you understand them well enough to sit the Network exam. It’s very important to have a good background on wireless technologies. Even though this is not a wireless test, wireless technologies are spreading in use so quickly … it would be a career-limiting move not to understand the fundamentals. Productivity The net result of the increased level of flexibility, mobility, and convenience provided through wireless networking is increased productivity. Networked resources can become accessible from any location, thus providing the ability to design and integrate environments where users and services can be located where best suited. Wireless networking can provide opportunities for higher levels of service and productivity unmatched through cabled networking. RADIO FREQUENCY AND ANTENNA BEHAVIORS AND CHARACTERISTICS Before actually getting into the specifications and standards that define how wireless networks are constructed and operate, one must first have a good understanding of basic radio frequency (RF) behaviors and antenna characteristics. In the following sections, we will briefly examine these topics. . authentication B. Port mirroring C. VLAN D. Trunking You want to have computers in different buildings to be part of the 12. same broadcast domain, so that when a computer sends a broad- cast message, all. broadcast sent to computers in the other building. C. Implement a VLAN so that all computers can be part of the same VLAN and receive broadcasts. D. Use trunking to connect the two networks together. A. server You have set up several VLANs on your network. You want to have 14. computers that are part of the same VLAN that are in different buildings connected by a single network link. Which