Introduction To Hardware

The interior of a computer looks very complicated at first glance. When the case is removed there is a mass of bits, cables and components that can intimidate the uninitiated. This lesson will seek to dispense some of the mist that may surround the hardware of a computer.

Motherboards

The most important part of any computer is the motherboard. As the name implies a motherboard is the mother of all other components in a computer.

The motherboard brings all the core components together such as the Central Processing Unit (CPU), Memory and Hard Disks. In short, the motherboard connects and allows all of the components in the computer to work together.

There are two different types of Motherboard: AT style and ATX style.

AT Motherboards

The AT-style motherboards represent the classic approach to component placement. AT-motherboards are available in two variations, the baby AT and the full AT. Both variations simply refer to the overall dimensions of the board.

AT Boards are generally found in older systems, typically those that use the now aged Pentium Processor. The Majority of AT motherboards had a single keyboard port soldered to the motherboard

The I/O ports (e.g. USB, COM and PS/2 ports) are separate from the motherboard and are placed on a riser card or separate headers.

To identify an AT motherboard first check the power connectors. AT Motherboards use two sets of 6-pin inline power connectors

Caution it is possible to plug these connectors in the wrong order and fuse the motherboard

ATX Motherboards

The ATX-style motherboards are a result of the industry’s push for standardization and are found in most systems today. Most modern computers contain an ATX motherboard. ATX boards can use Advanced Power Management.

Distinguished by having more than just one external connector ATX boards have Keyboard, Mouse, Serial, Parallel and USB connectors.

ATX boards can also be distinguished by the monoblock power connectors. Also available in micro ATX enabling the use of smaller cases.

Motherboard Components

There are two types of receivers for CPU’s

Zero insertion force or ZIF sockets. With a ZIF socket, before the CPU is inserted, a lever or slider on the side of the socket is moved, pushing all the sprung contacts apart so that the CPU can be inserted with very little force (generally the weight of the CPU itself is sufficient with no external downward force required). The lever is then moved back, allowing the contacts to close and grip the pins of the CPU, often with a fan attached for cooling.

Single Edged Contact (SEC) cartridge slot or Slot 1 seen on PII and PIIIs. Developed by Intel to add Cache memory for the processor cheaply. The processor is mounted on a Single Edge Connector Cartridge (SECC), much like a PCI slot, but with a 242-lead edge-connector.

Bridges

There are two main bridges on a motherboard the Northbridge and the Southbridge. Bridges control access to the processor from the peripherals.

The Northbridge, also known as the Memory Controller Hub (MCH), is traditionally one of the two chips in the core logic chipset on a PC motherboard. The Northbridge typically controls communications between the CPU, RAM, AGP or PCI Express, and the Southbridge.. A Northbridge will typically work with only one or two classes of CPUs and generally only one type of RAM. There are a few chipsets that support two types of RAM (generally these are available when there is a shift to a new standard).

The Southbridge, also known as the I/O Controller Hub (ICH), is a chip that implements the “slower” capabilities of the motherboard in a Northbridge Southbridge chipset computer architecture. The Southbridge can usually be distinguished from the Northbridge by not being directly connected to the CPU. Rather, the Northbridge ties the Southbridge to the CPU. The functionality found on a contemporary Southbridge includes:PCI bus, ISA bus, SMBus, DMA controller, Interrupt controller, IDE, (SATA or PATA) controller ,LPC Bridge, Real Time Clock, Power management (APM and ACPI) and Nonvolatile BIOS memory

BIOS Chips

The [[BIOS( Basic Input Output System)]] refers to the software code run by a computer when first powered on. The primary function of BIOS is to prepare the machine so other software programs stored on various media (such as hard drives, floppies, and CDs) can load, execute, and assume control of the computer. This process is known as booting up.

The BIOS is stored as a ROM (Read-Only Memory) program and is retained when the machine is turned off. Settings within the BIOS may be changed by the user and these changes are stored in the BIOS memory this is maintained by a trickle of charge from the BIOS battery.

Memory

SIMMS- Single Inline Memory Modules. An older type of memory only seen on very old motherboards came in 30 pin modules and 72 pin modules.

SDRAM chips are rated according to their maximum clock rate and their read cycle time. Common clock ratings include 66MHz, 100MHz, and 133MHz. Common read cycle times include 50ns and 60ns.

DDR SDRAM or double-data-rate synchronous dynamic random access memory is a type of memory integrated circuit used in computers. It achieves greater bandwidth than ordinary SDRAM by transferring data on both the rising and falling edges of the clock signal (double pumped). This effectively nearly doubles the transfer rate without increasing the frequency of the front side bus.

Stick/module specification
PC-1600: DDR-SDRAM memory module specified to operate at 100 MHz using DDR-200 chips, 1.600 GByte/s bandwidth
PC-2100: DDR-SDRAM memory module specified to operate at 133 MHz using DDR-266 chips, 2.133 GByte/s bandwidth
PC-2700: DDR-SDRAM memory module specified to operate at 166 MHz using DDR-333 chips, 2.667 GByte/s bandwidth
PC-3200: DDR-SDRAM memory module specified to operate at 200 MHz using DDR-400 chips, 3.200 GByte/s bandwidth

Drive Connectors

Integrated Device Electronic (IDE)

[Integrated Device Electronic (IDE)]] connectors connect the motherboard, via a ribbon cable to various peripherals, the most common being hard drives and CD ROMs. On most boards there are 2 channels/connectors, each can have 2 devices attached giving a total of four IDE devices.

If one device is attached to a cable, it should be configured as the master. If two devices are attached to the same cable then one must be the master device and one the slave. Master and slave are configured by the use of jumpers. Jumpers are small, insulated sleeves with a contact inside used to complete a circuit

Hard Disks

Hard disks are used to store data in a non-volatile form within the machine. I.e. the data remains intact even if the power to the device is cut off. Data is stored as magnetic ones and zeros on a steel platen and is read by pickup arms that scan the drive as the platens spin

Most major hard drive and motherboard vendors now support self-monitoring, analysis, and reporting technology (S.M.A.R.T.), by which impending failures can be predicted, allowing the user to be alerted to prevent data loss.The mostly sealed enclosure protects the drive internals from dust, condensation, and other sources of contamination. The hard disk’s read-write heads fly on an air bearing which is a cushion of air only nanometers above the disk surface. The disk surface and the drive’s internal environment must therefore be kept immaculate to prevent damage from fingerprints, hair, dust, smoke particles, etc., given the submicroscopic gap between the heads and disk.

Floppy Disks

The floppy disc controller is generally situated near the IDE controllers and in fact looks like a small IDE slot

The ribbon has a twist and the first floppy drive (A: drive) should be placed after the twist if the cable has more than three connectors. If the cable is really old it may have a connector for a 5 1/4 Floppy drive.

SCSI

SCSI stands for “Small Computer System Interface”, and is a standard interface and command set for transferring data between devices on both internal and external computer buses. SCSI is most commonly used for hard disks and tape storage devices, but also connects a wide range of other devices, including scanners, printers, CD-ROM drives, CD recorders, and DVD drives. In fact, the entire SCSI standard promotes device independence, which means that theoretically SCSI can be used with any type of computer hardware.

On a parallel SCSI bus, a device (e.g. host adapter, disk drive) is identified by a “SCSI ID”, which is a number in the range 0-7 on a narrow bus and in the range 0-15 on a wide bus.

SATA

Serial ATA (SATA) is a computer bus technology primarily designed for transfer of data to and from a hard disk. It is the successor to the legacy AT Attachment standard (ATA). This older technology was retroactively renamed Parallel ATA (PATA) to distinguish it from Serial ATA. Both SATA and PATA drives are IDE (Integrated Drive Electronics) drives, although IDE is often misused to indicate PATA drives.

The two SATA interfaces, SATA/150, runs at 1.5 GHz resulting in an actual data transfer rate of 1.2 Gigabits per second (Gb/s), or 150 megabytes per second (MB/s). SATA II 3Gb/s resulting in an actual data transfer rate of 2.4 Gb/s, or 300 MB/s.

Motherboard Slots

To add more functionality to a computer, cards such as network or video cards can be added. Sometimes these functions are built into the motherboard. There are several types of expansion slots:

The PCI (Peripheral Component Interconnect) The PCI bus is common in modern PCs, where it has displaced ISA as the standard expansion bus, but it also appears in many other computer types.
PCI 2 33.33 MHz clock with synchronous transfers peak transfer rate of 133 MB per second for 32-bit bus
PCI 2.2 allows for 66 MHz signalling (requires 3.3 volt signalling) (peak transfer rate of 503 MB/s) PCI 2.3 permitted use of 3.3 volt and universal keying, but did not support 5 volt keyed add in cards.
PCI 3.0 is the final official standard of the bus, completely removing 5 volt support.

ISA/EISA; Industry Standard Architecture and Extended Industry Standard Architecture An older type of bus connector. Considered obsolete

PCI Express, PCIe, or PCI-E is an implementation of the PCI computer bus that uses existing PCI programming concepts, but bases it on a completely different and much faster serial physical-layer communications protocol. PCIe transfers data at 250 MB/s (238 MiB/s), per channel to a maximum of 16 channels, a total combined transfer rate of 4GB/s (3.7 GiB/s). Almost all of the high end graphics cards being released today use PCI Express. NVIDIA uses the high-speed data transfer of PCIe for its newly developed Scalable Link Interface (SLI) technology, which allows two graphics cards of the same chipset and model number to be run at the same time, allowing increased performance.

The Accelerated Graphics Port (also called Advanced Graphics Port) is a high-speed point-to-point channel for attaching a graphics card to a computer’s motherboard, primarily to assist in the acceleration of 3D computer graphics. Some motherboards have been built with multiple independent AGP slots. AGP is slowly being phased out in favour of PCI Express.

AGP 1x, using a 32-bit channel operating at 66 MHz resulting in a maximum data rate of 266 megabytes per second (MB/s), doubled from the 133 MB/s transfer rate of PCI bus 33 MHz / 32-bit; 3.3 V signaling.
AGP 2x, using a 32-bit channel operating at 66 MHz double pumped to an effective 133 MHz resulting in a maximum data rate of 533 MB/s; signaling voltages the same as AGP 1x;
AGP 4x, using a 32-bit channel operating at 66 MHz quad pumped to an effective 266 MHz resulting in a maximum data rate of 1066 MB/s (1 GB/s); 1.5 V signaling;
AGP 8x, using a 32-bit channel operating at 66 MHz, strobing eight times per clock, delivering an effective 533 MHz resulting in a maximum data rate of 2133 MB/s (2 GB/s); 0.8 V signaling.

Peripheral Connections

There are a number of ports on the motherboard for the connection of additional devices:.

Serial ports connected the computer to devices such as terminals or modems. Mice, keyboards, and other peripheral devices also connected in this way.

Parallel ports are most often used to communicate with peripheral devices. The most common kind of parallel port is a printer port, such as a Centronics connector based port which transfers eight bits at a time. Disk drives are also connected via special parallel ports, such as those used by the SCSI and ATA technlogies. However, when people refer to a parallel port, they are usually referring to a printer port, either on a printer or a PC.

A USB system has an asymmetric design, consisting of a host controller and multiple daisy-chained devices. Additional USB hubs may be included in the chain, allowing branching into a tree structure, subject to a limit of 5 levels of branching per controller. No more than 127 devices, including the bus devices, may be connected to a single host controller. Modern computers often have several host controllers, allowing a very large number of USB devices to be connected. USB cables do not need to be terminated.

USB supports three data rates.
A Low Speed rate of 1.5 Mbit/s (183 KiB/s) that is mostly used for Human Interface Devices (HID) such as keyboards, mice, and joysticks.
A Full Speed rate of 12 Mbit/s (1.5 MiB/s). Full Speed was the fastest rate before the USB 2.0 specification and many devices fall back to Full Speed. Full Speed devices divide the USB bandwidth between them in a first-come first-served basis and it is not uncommon to run out of bandwidth with several isochronous devices. All USB Hubs support Full Speed.
A Hi-Speed rate of 480 Mbit/s (57 MiB/s).

Security Overview

The object  of security is to protect data and it’s availability being compromised by malice or by accident.  In Windows there are two main strands to security – specific access permissions and authentication.  Specific permissions can be applied to users, groups, or resources. Authentication confirms to the machine or network that a user has an account with permissions to log on.

Individual servers and workstations need protection. As do the connections between them – especially if the connection is over the internet. In addition to making organisational precautions through software settings, attention should be given to the physical security of the system. The items illustrated can all be physically removed from a machine or indeed a building and therefore may require physical security.

A last theme of security is that of Auditing. This allows the administrator to view the history of who has attempted to access a resource and whether they succeeded.  Security can be set at the level of the individual machine or across a wider unit such as a domain. In each case the principles of securing the hardware, software and user access apply.

Security Considerations

Passwords are a principal device for restricting access to a machine or network. However, passwords can be guessed or stolen. To guard against theft or discovery, passwords should be changed frequently. Windows can enforce a password changing policy upon its users.  To counter guessing, quite simply, the passwords need to be made as long and as complex as is practicable.

A single letter password chosen from a…z might be guessed after 26 attempts. A two – letter password  has 26 times more possibilities (676). The following table shows this sequence of increasing complexity:

1 – 26 possibilities
2 – 676 possibilities
4 – 456976 possibilities
8 – 208827064576 possibilities

For passwords using a…z

Windows permits passwords of up to 127 characters, but recommends at least 7 for a password.

A single letter password chosen from a to z gives a base of 26 elements, but if the choice of elements includes upper-case letters and other symbols, thus the complexity level is increased significantly, and the password integrity is strengthened.  The length and the composition of a user’s password can be specified in a security policy, either for an individual machine or for a domain.  The lifetime of a password can also be set by this policy and the reuse of old passwords may also be prevented.

In summary, for a password to be strong and difficult to crack, it should:

• Be at least seven characters long.
• Be significantly different from your previous passwords.
• Not contain your own name or user name. (Nor the name of spouse, children, pets etc.)
• Not be a common word or name.
• Have at least one symbol character in the second through sixth positions.
• Contain Letters a-z, A-Z, Numerals 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 and Symbols` ~ ! @ # $ % ^ & * ( ) _ + – = { } | [ ] \ : ” ; ‘ < > ? , . /

There are many facets of computer operation which need protection from unwarranted interference.

Files

Files need to be read by some users, modified by other users, backed up by yet other users, encrypted by owners and hidden from most! This is apart from needing to create files, delete files and share them across a network. Each of these is possible simultaneously in Windows because of the facility to set individual detailed permissions.

Granting Permissions

There is a permission for viewing and changing permissions on files and folders. When new resources are created, this permission needs to be configured carefully.

Domains And Sites

Permissions for access to larger units  such as  a domain are separate from those granted for local resources. Changes to one aren’t reflected in the other. For example if a user’s account is disabled for a local resource, the domain account may still be active.

Configuration

Settings for users or sites can be made so that such things as Control Panel and Administrative Tools are not available to a user or range of users. This is used to enhance security, but it can also be used to enforce corporate themes and identities across users’ desktops.

Installing Applications

The facility to install applications should not be distributed lightly. Non-standard, unsupported or defective applications can be a drain upon available technical support time, and interfere with multi-layer processes. This facility can be controlled quite closely with Windows.

Network Access

Rogue servers and users can attach themselves to a network, pretending to be something they’re not and gain access to private data. Long cable runs and internet links are weak points for the monitoring of traffic – hence a need for encryption.

Kerberos v5

Kerberos V5 is the primary security protocol for authentication within a domain. (Windows can use others such as SSL, TLS & NTLM.) The Kerberos V5 protocol verifies both the identity of the user to the network services and the service to the user. This form of verification is known as mutual authentication. Kerberos is named after the legendary 3-headed hound which guarded the gateway to Hades, the ancient Greek version of Hell.

The Kerberos V5 authentication mechanism issues tickets for accessing network services. These tickets contain encrypted data, including a users encrypted password and unique SID  that confirms the user’s identity to the requested service. Except for possibly entering an additional password or smart card credentials, the entire authentication process is invisible to the user.  Kerberos v5 authentication is automatically enabled when you install Windows 2000/XP and Server 2003.  For Kerberos to work, both the client and the machine the resource resides upon must be running Windows 2000 or later.

Tickets that are successfully Authenticated against the records in Active Directory grants the user access to the various resources in the domain for which he has permission without him having to identify himself with a user name and password each time.  All this is invisible to the user and also largely, to the administrator. However, it is useful to be able to understand the authentication procedure Kerberos uses.

NTLM Authentication

Pre-Windows 2000 clients use a protocol called NTLM (NT LAN Manager) to authenticate on the network. For backward compatibility Windows Server 2003 continues to support NTLM authentication.  NTLM uses less secure authentication and is not as preferable as Kerberos however for NT 4.0 and Windows 9x/Me it is the only available authentication protocol.

Data Communications & Security Terms

Data Communications & Security Terms

Intruder
An Intruder is a person who attempts to gain unauthorized access to a system, to damage that system, or to disturb data on that system. In summary, this person attempts to violate Security by interfering with system Availability, data Integrity or data Confidentiality. 

Active Intruder and Passive Intruder
A passive intruder just listens and records the control and data messages on the channel and doesn’t make any modification to the message, while the active intruder can remove messages from the channel and/or add messages into the channel. An active intruder threat involves a situation where an individual or individuals access a system with the intention to cause serious harm.

Intruder Lockout
Some systems monitor failed Authentication attempts, and if too many attempts to sign on with a single account are detected, the Account is locked. This mechanism is intended to deter an Intruder, who may attempt to guess the password for one or more Accounts.

Audit Trail
An Audit Trail documents all security events. These include authentication attempts, change request input and authorization, access provisioning and deactivation events, Password Synchronization and reset, profile updates, etc.

Biometric Authentication
Biometric Authentication is any process that validates the identity of a user who wishes to sign into a system by measuring some intrinsic characteristic of that user. Biometric samples include finger prints, retinal scans, face recognition, voice prints and even typing patterns.

Breach of Confidentiality
A Breach of Confidentiality is a Security violation where the Confidentiality of some data was lost.
Cryptographic Certificate
A Cryptographic Certificate is a user's Public Key, which has been signed and encrypted using the private key of a well-known Certificate Authority. This allows the user to give out his or her Public Key to others, and allows those others to trust that it is, in fact, the user's correct Public Key. Ex. www.verisign.com

Encryption
Encryption is a process of translating a message, called the Plaintext, into an encoded message, called the Ciphertext. This is usually accomplished using a secret Encryption Key and a cryptographic Cipher. 

Two basic types of Encryption are commonly used:
Symmetric Encryption, where a single secret key is used for both encryption and decryption.
Asymmetric Encryption, where a pair of keys is used -- one for Encryption and the other for Decryption.

Decryption
Decryption is the reverse process to Encryption. Frequently, the same Cipher is used for both Encryption and Decryption. While Encryption creates a Ciphertext from a Plaintext, Decryption creates a Plaintext from a Ciphertext.

Encryption Key
An Encryption Key is a sequence of numbers used to encrypt or decrypt data.

Private Key
A Private Key is a secret key, used in Asymmetric Encryption. It is mathematically equivalent to a Public Key, but is kept secret. This is one half of a matching key-pair.

Public Key
A Public Key is a publicly distributed key, used in Asymmetric Encryption. It is mathematically equivalent to a Private Key, but is widely distributed. Public Key's are frequently certified by a Certificate Authority, so that users of this key can verify its authenticity. 

Public key encryption system
AKA as Asymmetric Encryption. It uses two keys where, one key encrypts, only the other can decrypt. The keys are interchangeable, in the sense that if key A encrypts a message, then B can decrypt it, and if key B encrypts a message, then key A can decrypt it. 
In public key encryption, one of the keys is known to both receiver and sender. The key is public in other word. The other key is known only by sender.

Hash
A Hash is a code, calculated based on the contents of a message. This code should have the property that it is extremely difficult to construct a message so that its Hash comes to a specific value. Hash's are useful because they can be attached to a message, and demonstrate that it has not been modified. If a message were to be modified, then its hash would have changed, and would no longer match the original hash value.

Denial of Service
A Security intrusion which causes a system to be damaged, and where the damage is sufficient to disable at least one of the services offered by that system, is called a Denial of Service.

Fault Tolerance
Sytem includes multiple, redundant servers, and continues to offer full functionality even when one of those servers ceases to function.
It detects failures in updates to target systems, and automatically retries failed operations until they succeed.

Loss of Integrity
A set of data is said to have suffered a Loss of Integrity if some event has caused it to be corrupted or incorrectly altered. This constitutes a Security violation.

Session Hijacking
Session Hijacking is any Security attack, carried out by an Intruder, which attempts to insert commands into an active Login Session. On wide-area TCP/IP networks, this is frequently attempted using IP Spoofing. On local TCP/IP networks, this might be attempted with the help of a Packet Sniffer. 

Firewall
A Firewall is a system which limits network access between two or more networks. Normally, a Firewall is deployed between a trusted, protected private network and an untrusted public network. For example, the trusted network might be a corporate network, and the public network might be the Internet. A Firewall might grant or revoke access based on user Authentication, source and destination network addresses, network protocol, time of day, network service 
or any combination of these. It might be implemented as an Application Level Firewall or a Packet Level Firewall. It might also implement a Content Filter, such as a Virus Wall.

Packet Level Firewall
A Packet Level Firewall protects an internal network against unauthorized access and attack from a public or external network by blocking some packets. Packets may be blocked based on source IP address, destination IP address, source or destination TCP port number, other packet header fields, time of day or user authentication. Filtering is carried out on a packet-by-packet basis, and the entire Packet Level Firewall may be implemented on a Router. Normally all filtering happens inside the Operating System, which makes this type of Firewall very fast.

IP
IP is the Internet Protocol. It is a mechanism by which packets may be routed between computers on a network-of-networks. IP allows computers to be connected using various physical media, ranging from modems to Ethernet cabling, fiber-optic cables and even satellite and radio links. IP is designed to be robust, and to gracefully handle the loss of some connections. Individual packets of data are routed by hosts with little knowledge of the overall network structure - just a few local routing rules. The global Internet is constructed using the IP network protocol.

IP Spoofing
IP Spoofing is a security exploit where an Intruder attempts to send packets to a system which appear to originate from a source other than the Intruder's own. If the target system already has an authenticated TCP session with another system on the same IP network, and it mistakenly accepts a spoofed IP packet, then it 
may be induced to execute commands in that packet, as though they came from the authenticated connection. Improved reliability and routing filters in major Internet routers make this attack largely obsolete on the Internet in cases where the Intruder and target system are topologically distant.

Packet Sniffer
A Packet Sniffer is a program that can record all network packets that travel past a given network interface, on a given computer, on a network. It can be used to troubleshoot network problems, as well as to extract sensitive information such as Credentials from unencrypted Login Session's.

HTTP
HTTP is the Hyper-Text Transfer Protocol. It is the most popular network protocol for exchanging documents on the World-Wide Web. Uses port 80.

FTP
Ftp is the file transfer protocol. It is based on the TCP/IP network protocols. Ftp allows a user on one machine to send files to or retrieve files from an Ftp server. FTP uses User ID / Password Credentials, sent as Plaintext over the network, with no Encryption, for Authentication. Uses port 21.

HTTPS
HTTPS is the Hyper-Text Transfer Protocol with SSL Encryption. It is the most popular network protocol for establishiing secure connections for exchanging documents on the World-Wide Web. It is basically HTTP carried over a TCP socket, which has been secured using SSL. (Uses port 443)

SSL
SSL is the Secure Socket Layer. It is a protocol that encrypts a single TCP session. Using this Asymmetric Encryption, all data exchanged over a TCP socket can be cryptographically protected. SSL is the base of HTTPS - the secure WWW protocol. 

TCP
TCP is the Transmission Control Protocol. It is used to establish connection-oriented, sequenced and error-free sessions over IP networks.

UDP
UDP is the User Datagram Protocol. It is used to send individual packets across an IP network, in an unreliable fashion. This means that successful, error-free delivery of a message is not guaranteed. 

SMTP
SMTP is the Simple Mail Transfer Protocol. It is the most popular protocol for transferring electronic mail on the Internet. SMTP is quite robust, but provides no facilities for Authentication of the sender or recipient; for encryption; or for attaching non-ASCII data. (Port 25)

SNMP
SNMP is the simple network management protocol. It is used by network management frameworks to manage and monitor network devices, such as hubs and routers. Some computer systems also respond to SNMP queries.  (Port 161)

Telnet
Telnet is a TCP/IP protocol that allows a User to remotely Login to a Unix, VMS or mainframe system, and execute commands in that Login Session. Telnet does not use Encryption. However, Ssh is functionally equivalent and secure. (Port 23)

POP3 
POP is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. (Port 110)

SMTP
Simple Mail Transfer Protocol (SMTP)—used for e-mail routing between mail servers. The Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks. (Port 25)

SSH
Ssh is the Secure Shell and improves on them by incorporating Asymmetric Encryption and a simple Public Key Infrastructure. 

IMAP
Internet Message Access Protocol (IMAP)—management of email messages. (Port 143)

Virtual Private Network
A Virtual Private Network is software hosted on two machines, which forwards network traffic between them. The packets exchanged between the machines is protected against Intruder's equipped with Packet Sniffer's using Encryption. All packets that pass through the network are encrypted, and so provide little or no 

value to an Intruder.A Virtual Private Network makes it possible to pass private data over a public network, thus simulating a private network without the expense of separate, protected communication media.

Proxy Server
A Proxy is a server that forwards requests from a community of users to the Internet, and retrieves those documents from the World-Wide Web. WWW Proxies are useful since they can cache documents (and avoid downloading them repeatedly), control access to documents (thus acting as a Content Filter) and scan for 
Viruses (thus acting as a Virus Wall). They also can be used to access wesites annonymously hiding your IP.

Spam
Spam is unsolicited electronic mail, usually delivered over the Internet. Some SMTP servers can filter out Spam (thus making a Spam Filter). Some jurisdictions are trying to make Spam illegal. 

Spam Filter
A Spam Filter is software that processes electronic mail messages, either for a single user or an entire network. While processing these messages, the Spam Filter attempts to identify Spam messages, and deletes them. 

WHOIS
Whis is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system. Ex. whois kaputa.com gives information on kaputa.com

Domain Name System (DNS)
The Domain Name System (DNS) is a hierarchical distributed naming system used in internet. DNS translates domain names to IP addresses needed by users of internet.

Cisco CCENT Introduction

Cisco CCENT Introduction

Foundations: What is a Network?
Why do we need a network? 
What does the network accomplish for us? 

Foundations: OSI
The OSI Model and layers of network functionality.

TCP/IP: Addressing Fundamentals
TCP/IP concepts, IP address format, public and private addressing, and address classes. 
Why having TWO addresses is the key to successful network communication?

TCP and UDP 
When it communicates across the network using TCP or UDP? 
This decision determines how reliable the data transfer will be. 

Port Numbers
Port numbers help network communication between devices, allowing you to dictate what service you are trying to reach. 

Two Packets
Big picture perspective of packets on a local network communication and remote network communication using packets

Ethernet
Ethernet defines the standard for LAN communication around the world. 
Undersand how networks operates. Ethernet standard, CSMA/CD (the rules of communication), and the architecture of a MAC address.

LANs Physical Connections
crimping Ethernet cables, primary physical standards of Ethernet: UTP and Fiber Optics, straight-through vs. crossover cables, and an end-to-end picture of cabling in a corporate environment.

LAN Switches
Ethernet's use of CSMA/CD allowed it to obtain much faster speeds than its competitor (token ring); however, it also led to many problems with collisions in larger networks. Understanding of how the network switch fits into our network environments.

Working with the Cisco Switch IOS
How to work with IOS, Cisco's operating system: 
general navigation and help features of the IOS.

Setup of a Cisco Switch
IOS initial configuration of a Cisco switch. meaning of the physical LEDs on a switch, 
the initial boot process and configuration dialog, and the configuration of a VLAN interface.

Configuring Switch Security
Initial security of your switch, primarily focusing on configuring passwords, logon banners, and SSH.
Enabling port security for your network, control of the number and type of devices that attach to your network.

Optimizing and Troubleshooting Switches
common problems in a LAN environment.
improving your efficiency on Cisco devices.

Wireless Networking
foundations of wireless networks including radio frequency, wireless channels and standards, 
and the best way to design wireless for your organization.

Wireless Security and Implementation
Security vulnerabilities
steps to take to successfully implement and secure a wireless network.

Advanced TCP/IP
converting from decimal to binary and back
advanced TCP/IP addressing, IP subnetting
the ability to separate IP addresses into subnets based on the number of networks an organization needs
ability to separate IP addresses into subnets based on the number of hosts an organization needs in each network the ability to reverse engineer subnets based on the IP address and subnet mask that has been given

Routing: Initial Router Configuration
initial configuration of a Cisco router.

Routing: SDM and DHCP Server Configuration
graphic user interface (GUI) based Cisco Security Device Manager, or SDM
Cisco router management through the SDM.

Routing: SDM and DHCP Server Configuration
Dynamic Host Configuration Protocol (DHCP) 
configuring a DHCP server using SDM.

Routing: Implementing Static Routing
configuring the foundational form of routing known as static routing.

Routing: Implementing Dynamic Routing with RIP
dynamic routing works much better when you want to get the job done fast.
configuration of the RIP routing protocol  for small network environments

Routing: Internet Access with NAT and PAT
Network Address Translation (NAT) 
how to use the Cisco SDM to configure your router to support NAT Overload 

Routing: WAN Connectivity
types of WAN connections and configuration

Management and Security: Telnet, SSH, and CDP
management and security strategies for Cisco devices
configure and monitor our devices are Telnet and SSH. 
how to navigate through Cisco devices
Cisco Discovery Protocol (CDP) to unveil an undocumented network.

Management and Security: File Management
ability to copy files to and from your routers and switches 
to back up configurations and IOS versions
moving files to and from these file systems.

Understanding CSS Selectors

We have seen that CSS is a list of rules that tell our browser how to display the HTML, and we have looked at how rules are formed. Let’s look in more detail now at selectors.
In this lesson we learn about one of the main parts of a CSS rule: CSS selectors.

Use the buttons below to navigate through the lesson

Remember, a selector is the part of a CSS rule that goes outside of the curly braces “{” and “}”. This tells the browser which elements the rule acts upon.

For example a selector a applies to ALL <a> tags. The selector html applies to all <html> tags.

What about this selector that is in our example?

.important

Remember when we learned about classes and ids earlier in the course? If not, you should go and review the lesson “Class, ID and <div> and <span> in HTML” which came in the last part of the course.

Just in case, here’s a reminder. Class and id are both attributes we can put on our HTML tags. We put a class on any tags we want to share particular CSS rules, and we put an ID on any tags we want to be unique.

For example:

<h1 id=”mainHeading”> We only want ONE main heading, so we give this tag a unique name. We only have ONE element with any ID on a page.

<li class=”important”> We might want lots of elements to be marked as ‘important’ so we make a class called important and apply it to LOTS of elements.

To put a CSS selector via ID we use the “#” symbol, and for a class we use the “.” symbol.

So our rule .important applies to any element with a class of “important”.

If we wanted to apply a rule to only one element, then we give that element an ID, e.g. id=”myElement” and then create a rule for it:

#myElement { … }

What if we had a lot of elements that we had marked with a class, but we only wanted some of them to have a particular rule? For example, imagine this HTML:

<li class=”important”>Some list item</li>
<li>Another list item</li>
<a class=”important”>Here’s a link!</a>

We don’t want to change the way our ‘important’ things appear everywhere, but we do want our link to have something extra, maybe be in bold.

We can do this by combining parts of our selectors. We can specify BOTH a type of element and a class, like this:

a.important { font-weight:bold; }

This means that this rule only applies to elements <a> that have a class “important”.

Similarly, we could use an ID in the same way:

a#myUniqueLink { font-weight:bold; }

Of course, since there should only be ONE id #myUniqueLink on the page then we can have the same effect without the “a”.

Inherited Selectors

What about the very long selectors we have in our example CSS file? Look at this one:

nav ul li a { color: white; }

This specifies FOUR tags.

When we list tags like this, we are saying that we only want this rule to apply to tags that are inside the preceding tag. So we would translate our rule as saying “apply this rule to any <a> tag that is inside an <li> that is inside a <ul> that is inside a <nav>”.

So only links inside our <nav> get colored white!

This means we can have different rules for different parts of the page, like this:

#mainSection a { color: orange; }
#otherSection a { color: green; }

Now any <a> tags inside the tag with ID #mainSection will appear orange, while any <a> tags inside the tag with ID #otherSection will appear green!

Pseudo Selectors

Finally there are some selectors called ‘pseudo selectors’. These apply to elements that are in certain states. For example:

a:visited { color:purple; }
a:hover { color: orange; }

This kind of selector is mostly seen with the <a> tag. Remember, <a> is a link. Links can be visited or unvisited. Often websites show you a different colored link when you click it – that is achieved using the a:visited pseudoselector. Now when you click a link on our page, it shows as purple so you know you’ve already been to it.

Similarly, :hover allows you to change an element when your mouse hovers over it – so we get a nice visual effect on our links by changing their color when we hover them.

Selector Specificity

This is a complex topic, but it’s important to understand how different rules apply. Remember the golden rule is:

The most specific rule always wins

For example:

<p id=”someParagraph” class=”superSpecial”>What colour is this text?</p>
<style>

#someParagraph { color: red; }
.superSpecial { color: blue; }

</style>

What colour will our paragraph be?

It has BOTH a class and an ID. And one tells it to be red, and the other tells it to be blue.

Since the most specific rule always wins, and an ID is more specific than a class (because you can only have ONE ID) we know that the #someParagraph rule will “win” and it will be red.

Similarly, any rule that specifies a type of element is more specific than one that does not:

p.superSpecial { color: yellow; }
.superSpecial { color: green; }

In this case the colour will be yellow because the first rule is more specific: it only applies to <p> elements whereas the second rule applies to any element with the class .superSpecial.

It can be very difficult to understand specificity – the best way is to practice and experiment with your own website. We want to give you the ability to start experimenting for yourself so you can learn by experience!