19003 Integrated Project - 2010 Revision

8/9/2019 19003 Integrated Project - 2010 Revision

1/23

19003 Certificate III in IT, NetworkAdministration

Semester 1, 2010

This project covers Modules:

ICAI3020A Install and Optimise Operating System Software

ICAI3101A Install and Manage Network Protocols

ICAS3024A Provide Basic System Administration

ICAS3032A Provide Network System Administration

ICAS3034A Determine and Action Network Problem

ICAS3120A Configure and Administer a Network OS


2/23

You work for an IT consultancy firm DubboIT.com. You have been engaged toinstall and configure a network system for ABC Agricultural Products. There iscurrently no networking infrastructure in place.

This project has two parts:

1. Background theory complete the questions2. Practical project.

As you work through the practical project, you need to keep track of allnetwork related issues in a helpdesk database. This could be created usingAccess, Excel or a simple word processing document. Details to record wouldinclude date & time, what computer experienced the problem, the problem

itself and what you did to rectify. Details of any diagnostic tests undertakenshould also be recorded (e.g. IPCONFIG, TRACERT, PING).

The database needs to be handed in with your completed portfolio.

Project Submission

Project documentation cover page is to contain DubboIT.com logo and titledProject Documentation for ABC Agricultural Products.

Completed project is to be submitted in .PDF or .DOC format, via email toyour facilitator: [email protected]

Do not submit documentation in .DOCX or .ODT format.

Files may be archived using ZIP format, please do NOT use RAR. All pagesmust be numbered.

Copyright 2005-9 Dubbo TAFE, IT Section Page 1E:\Certificate 3 IT 2010\Handouts\19003 Integrated Project - 2010 revision.docPrinted:16/03/201019:26:42 a3/p3


3/23

Network Protocols.

1) Investigate the following protocols. Describe what they are used for

PROTOCOL PORTNUMBER(s)

DESCRIPTION

FTP

TFTP

TELNET

DNS

Reverse-DNS

DHCP

DHCP IPv6

SMTP

SNMP

NNTP

POP3

IMAP

FINGER

2) What is meant by a well-defined port?

3) Define the following terms in your OWN words:

Scope (DHCP)

C-Name (DNS)



4/23

Alias (DNS)

A record (DNS)

AAAA record(DNS)

Router

Gateway

Hub

Switch

Socket

TCP/IP

Netbios

Appletalk

NAT

ICS



5/23

4) What is the OSI Reference model?

5) What are the 7 layers of the OSI RM, and name 3 protocols at each level?

7

6

5

4

3

2

1



6/23

6) At what layer would the following be, and why?:

Switch

Hub

router

7) What is the advantage of the OSI RM?

8) What is the DOD model? How many layers does it have, and what arethey?

9) In IPv4, TCP/IP has classes. Complete the following table:

Class Address Start Address Finish Used for

A 0.0.0.0 126.255.255.255 Public internet

B 128.0.0.0 191.255.255.255 Public internet

C 192.0.0.0 223.255.255.255 Public internet

D 224.0.0.0 239.255.255.255 Multicasting

E 240.0.0.0 255.255.255.255 Reserved



7/23

10) Each IPv4 class has a private range as well.

Class Address Start Address Finish # Available IPs

A 10.0.0.0 10.255.255.255

LOOPBACK 127.0.0.0 127.255.255.255

B 172.16.0.0 172.31.0.0

C 192.168.0.0 192.168.255.255

D 224.0.0.0 224.?????

11)What is the difference between a public and a private IP address range?

12)Give two advantages of IPv6 over IPv4

13)How many bits in an IPv4 address?

14)How many bits in an IPv6 address?



8/23

15)What are the two special addresses in IPv6?

16) What does the %13 indicate in the following IPv6 address?fe80::3005:2467:88f3:872e%13

17)Define the following IPv6 address types:

Identified By Description

Link Local Unicast

Site-local unicast

Unique-local unicast

Global unicast

Multicast

Anycast

18) Complete the table, identify what each component is, and the number ofbits of each component:

Typical IPv6 Address

fe80:0000:0000: 0000: 8d85:c351:f336:ab8a

bits bits bits

Answers to the following two questions can be found at:

Security Information for IPv6http://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=true

IPv6 address autoconfigurationhttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=true

http://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/904598b2-c3ed-439b-b89a-9f96915013b11033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=truehttp://technet2.microsoft.com/windowsserver/en/library/5a528933-a78d-4588-8aa1-b158957ba2d51033.mspx?mfr=true


9/23

19)What is auto-configuration in IPv6 and what possible security issue doesthis present?

20)What is the difference between IPv6 Stateful and IPv6 Stateless auto-configuration?

21)What is DNS forwarding?



10/23

22)What is the difference between a primary and a secondary DNS server?

23)What is the weakness of the primary/secondary DNS model and how is theAD Integrated model a possibly better solution?

24)What commands do the following:a. Renew a IPv4 DHCP address?

b. Display your MAC address?

c. Flush the DNS cache?

d. Release a IPv4 DHCP address?

25)What is the purpose of an operating system?



11/23

26)Define the following terms:real-time systembatch systemmulti-tasking

27) Once you have installed a computer system for a client, what should youdo (and how often) to ensure the system meets their requirements?



12/23



13/23

Practical Project

Task DateCompleted

DateAssessed

1. Create a network plan (assuming the localroom) of how you will set up the network forthe above organization. Attach supportingdocumentation which shows which protocolsyou will be using and why. If your protocolinvolves address ranges, you need tochoose an address range and justify yourchoice.

2. Obtain specifications for the version ofWindows Server you are using and ensurethe computer you intend to install Server onmeets those requirements. Attach a copy ofthe specifications to your portfolio.

3. Investigate licensing methods of Windows. Ifeach person were to have a computerrunning XP Professional, how many CALswould be required to make the computer set-up legal? Your portfolio needs to include abrief summary of the different licensingmethods of Windows (per server or peruser).

4. Install Windows 2003 Server.

Partition instructions:* Allow room for bitlocker (1.5 gig)* You need 3 partitions of approximate equalsize for your data.

Whilst Windows is installing, locate 3different sites on the Internet which detailvulnerabilities in Windows and/or Linux, andsummarise in your words how these

vulnerabilities work.5. [Optional] Install Windows recovery console.

What command is used to do this?

6. Install Active Directory. Your domain name isto be based on your name (e.g. renee.local).

Create an OU called computers, with 2 childOUs, Desktop PCs and Laptops.

Create an OU for company employees.



14/23

Task DateCompleted

DateAssessed

7. Install loopback adaptor. Configure yournetworks as follows:

Internal:192.168.10.200+your computer number

External:192.168.100+your computer number.0

8. Install Virtual PC on your server, and installWindows XP as a virtual machine. ConfigureVPC to use lookback adaptor.

9. Configure DHCP. Ensure XP gets validaddresses and has proper functionality.

10. [optional] Configure DNS protocol for yourdomain for www and for www2. Setup 2 IISwebsites to use these domains.

11. Join XP to the domain. Move the computeraccount to the correct place in AD.

12. Install administration tools and GPMC onyour XP workstation. Create a console andsave to desktop.

13. Create a group policy and use GPMC toimport WSUS settings from our domain

controller (wilab1-dc).

What do you type to force windows toupdate immediately?

14. Create home data folders for users on the D:drive. Each division of the business requiresa folder for their division. Securitypermissions MUST be configured so thatautomatic folder creation with the correctpermissions occurs when adding users.

15. Create an account creation form on which

requests for user accounts are recorded.The appropriate manager of each divisionmust sign off each form. You need to recordthe type of access granted (which groups,which OUs, etc). For audit purposes it isrequired that you record the date on whichthe account was actually created and bywhom. It is beneficial that you record theinitial password, generated by yourself, onthis form as well.

16. Create appropriate security groups



15/23

Task DateCompleted

DateAssessed

17. Requests have come in for the followingusers:payroll jim, james

accounting monte, karenresearch jack, renee, jennymanufacturing ron, dave, stephen, amySales Kerrie, lizWeb Design Troy, JamesB

Fill in the appropriate formsCreate accounts (create template usersfirst) and place in appropriate groups.

Completed copies of ALL user account

creation forms need to be submitted in yourportfolio (scanned images).

18. Check home folders on the D: drive toensure each user can only access his/herown folder.

19. Ensure each group can only access theirown folders

20. Document file system structure andpermissions for your system (e.g. where isIIS located? Where is SYSVOL located?

Where are the active directory databasefiles? Where are user home and groupfolders?)

21. Configure Windows auditing for the grouphome folders. Access can be verified byreviewing log files.

22. Create a software registry, auditing astandard classroom computer hard disk. Youregistry needs to be thorough, and includedetails of license number and location. If anyillegal software is found, it needs to be

reported to your supervisor.23. Download and configure a software audit

program (e.g AuditWizard, EzAudit). Theprogram needs to be configured to run in anetwork login script. Both your server and atleast 1 workstation attached to your networkneed to be audited.

Your portfolio needs to include:

details on how you created the loginscript

A brief description of what the program



16/23

Task DateCompleted

DateAssessed

does and how it works (in your ownwords)

A screen shot of AuditWizard showing

several computers having been audited

Once completed, update Q20 (document thefile systems) to accommodate fileconfiguration for AuditWizard.

24. If the organization has any existing policiesor procedures for computer usage, theseneed to be examined. If not, createappropriate policies and/or procedures for:

Virus Management

Backup and Restore

Desktop lockdown (e.g. company logo

on background, screensaver, mp3/wmaCD ripping, etc)

Password security

User management, detailing what to do

when a user leaves a company. Is theaccount disabled or deleted? Whatproblems might exist if EFS is being

used? Network use policy e.g. downloading

from the Internet, taking floppy diskshome, installing software, viewingusers emails.

Copies of above policies &/or proceduresneed to be included in your portfolio. If nopolicies exist, write some.

Where possible, use operating systemtools to enforce the above policies.

25. Create a log-on banner which advises usersthat use of the system is subject to thecomputer usage policy.

26. Identify and implement methods of enforcingdesktop settings (company logo on desktop).

27. Run a password audit tool (e.g. LCP504en,LC5, ophcrack, Pro-active PasswordAuditor) to check password strengths. Your

portfolio should include screen shots of this.



17/23

Task DateCompleted

DateAssessed

28. Create a backup schedule for your network.Also provide details of media rotationschemes.

29. Create a backup log register, which detailswhen back-ups were done, what was backedup, who did the backup and the ID of thetape or disk or DVD containing the backup.

30. Create a restore log register. This detailswhen a restore is made, who requested it,why it was necessary, what was needed tobe restore and who restored it.

31. Use MS-BACKUP to create a system statebackup. Create a complete system back-up.(Use MS BACKUP, Acronis true-image, orGhost to backup the C: drive to the E:).

For a more challenging experience, useDriveImage XML and create a Bart PE bootdisk for recovery purposes.

Once you have worked out the procedure,document it, including screen shots.

Ensure you know the difference between the

following backup types: Differential

Complete

Incremental

32. Call your facilitator now to corrupt your C:drive, thereby necessitating a systemrestore. Once you have perfected theprocedure, document it using step-by-stepinstructions and screen shots if necessary.

33. Infect your computer with viruses. (askteacher for disk). Research each virus,

providing BRIEF details, in your OWNwords, on what it damages, how it spreadsand how to control it. Include references toany websites used.

34. Follow removal instructions to clean yoursystem.

35. Install Norton Anti-Virus corporate edition onyour computer. Configure it to deploysoftware and updates to workstations on thenetwork.

36. Prepare a disaster recovery plan for yournetwork. You dont need to go into a lot of

http://www.runtime.org/dixml.htmhttp://www.runtime.org/dixml.htm


18/23


19/23

Task DateCompleted

DateAssessed

system. A balanced conclusion is expected.



20/23

Linux Presentation Choices:

Users and Groups (how to add, how they differ from windows, thepasswd file)

Samba (What is it, history, configuration and usage)

Integrating Linux and Windows

WINE and Virtualisation EXT2/EXT3/Reiser FS/NFS

Updating your Linux

What is Linux?

Microsoft Windows Services for UNIX, Interix (SUA), Cygwin(What are they, how to install and usage)

SELinux, Linux Firewall and IPTables

Telnet, SSH, and Tunelling X through SSH

The portfolio to be handed in needs to include:

Assessment cover sheet

Network map

Server portfolio:* hardware configuration* software configuration* any settings in Group Policy required to enforce corporate policy(RSOP and/or GPMC will be useful for this).

Completed and signed off account creation forms

Network timing baselines

Disaster Recovery Plan

Helpdesk database printout listed all network problems encountered

Backup schedule and logs

Restore schedule and logs

Screenshots of password audit tool

Computer virus research

Details of Windows licensing (per server/per seat)

Windows system requirements for the version of Server you haveinstalled.

Comparison of Windows Vs. Linux



21/23

Marking Grid Name: _____________

1 Network Map

2 Slipstream Windows

3 Install Server, AD, Service Packs.

Locate 3 security sites

Install recovery console

4 Create folders to be shared for eachgroup

5 Create security groups

6 Group folder permissions

7 Account Creation Form

8 and 9 Create user accounts

Use template account for copying.

User folders created using permissionsas recommended by Microsoft

10 Audit access to folders

11 CALs

12 Software Registry

13 Audit Wizard installed.

Network logon script created and testedfunctional.

Workstations showable in AuditWizard.

14 Policies/Procedures

15 Creation of log-on banner

16 Enforce desktop settings

17 Password audit tool

18 Backup register



22/23

19 Restore log register

20 Complete system backup

21 Complete system restore

22 Infect with virus

23 Virus removal

24 Install NAV corporate

25 Disaster recovery plan

26 Automatic enforcement of policies

27 Benchmarking Windows

28 Install and configure Linux

Create 5 Users

29 Install Windows based X-Server/Tunnelinto Linux

30 Compare Linux Vs. Windows

Install Software to Network Computers

1 Identify and obtain required software

2 Obtain hardware requirements for software

3 Create MSI for office

Office is slipstreamed

4 Download/Configure firefox as MSI

5 Install Dreamweaver

6 Project/Visio installation

7 RIS/MSI comparison pros and cons

8 One on One instruction



23/23

Copyright 2005-9 Dubbo TAFE, IT Section Page 22

Documents

19003 Integrated Project - 2010 Revision