Welcome to ExamNotes by CertBlaster! In this session, we will cover the A+ sub-objective 1.8 “Given a scenario, configure Microsoft Windows networking on a client/desktop.” We have lightly touched on these topics in our previous session. We will now take a deeper look.
Click here for the A+ Practice Test Bundle for A+ Exams 220-1001 & 220-1002
We’ll start by defining the types of networks supported by Microsoft: peer-to-peer (P2P) networks (such as WorkGroup or HomeGroup) and Domain networks.
The HomeGroup is the least secure P2P approach for networking and sharing. This model allows anyone with access to the Homegroup to view all the files shared on any computer in the group. This is an easy but insecure approach since anyone on the HomeGroup network can access anything shared on the network. A single password is used for access to the group, providing equal access to all joined devices.
The WorkGroup describes a P2P network with no centralized authority. Each device on the network controls what is shared from that particular device or workstation in addition to which users or groups can access it. In this model, each workstation controls the database of users and privileges collectively, referred to as the workgroup. Each device that is part the workgroup allows access on a user-by-user or group-by-group basis. Network usernames and passwords control access. Local Users and Groups are used to configure and control access.
The Domain network structure is the most secure design supported. Generally speaking, the Domain network structure is implemented on larger business networks compared to P2P deployments. A degree of administrative overhead is needed here, allowing for all resources on the network to be controlled from a single central server using Active Directory. Active Directory creates and maintains a database of network resources. The client/server model is used and multiple servers are supported.
The Windows domain (client/server) network design uses more robust operating systems on the servers, referred to as Network Operating Systems (NOS). This means that simple operating systems, such as Windows Starter or Home edition, will not be able to join. The flexibility of the Active Directory model allows for a single server to be dedicated to a single discipline. Alternatively, that same server can be configured to provide multiple network services. This allows powerful network configurations to be created using a minimum amount of physical machines. For the test, you will not be expected to know how many servers a particular machine can support.
We will now look at Network shares. This share type allows data to be shared using existing network shares. An existing folder can be shared or a location can be created and subsequently shared.
Additional methods for sharing data are administrative shares and drive mapping. Administrative shares are a useful administrative tool that allows data to be shared invisibly. This method uses the Windows NT operating system in order to create hidden network shares. These shares are only accessible using the full path and folder name and will not appear when browsing. The shares will display locally in the Computer Management console and are identified using the $ as the last character of the Share Name. They can be disabled but not deleted.
Administrative Shares
Mapping drives and printers is a technique which creates a shortcut on the local computer that points to a folder or drive on another PC. A drive letter is assigned to the remote resource and appears as a local drive on the host.
Mapped drives can be assigned to reconnect whenever the local machine has restarted, making them appear consistently as a logical drive on the host and therefore reducing the time it takes to find the resource. Drive mapping can be used on different operating systems utilizing the Network File System (NFS). Any locally available drive letter can be assigned, such as Z: in the example below:
Map Network Drive
There are two ways printers can be accessed on a network: printer sharing and network printer mapping. During printer sharing, a locally attached printer is shared on the network. During network printer mapping, the printer is accessible using its IP address as shown in the example below. You will assign a IP address or use the MAC address. You may also opt to install drivers for other Windows versions, for example Windows 7, Windows 8 or Windows 10, as needed for compatibility.
Network Printer properties
VPN
A VPN connection (Virtual Private Network) establishes a safe secure tunnel over an existing connection (Internet) between the company network and a remote location. The VPN tunnel is encrypted for maximum security. Microsoft includes VPN support and there are numerous third-party programs that also perform this function. The test is vendor neutral so we will discuss the Microsoft implementation here.
Go to the Network and Sharing Center and select Choose your network settings (Windows 7 and earlier) or use the Get Connected Wizard (Windows 8) from the Settings Charm and type vpn in the search bar. Click the Set up a VPN link. You will be prompted for the connection information supplied by your administrator. Enter the information and click Create. In Networks, click the VPN connection and authenticate. Any changes can be made to the connection in Connection Properties. Take note of the Encryption and Authentication protocols and settings.
VPN connection properties
Dialups
Dialups are painfully slow, yet are still effective ways to connect to the internet in a pinch. An analog (POTS) phone line, a V.92 modem, a phone number supplied by the ISP, and the login credentials are needed. Take note of the Encryption and Authentication protocols and settings.
Dial-up connection
Wireless
In order to configure a wireless connection to a router, the Service Set Identifier (SSID) of the wireless router and the passphrase are needed. The encryption, security type of the router, and the channel number are also helpful to know in case of connection issues. Wireless security concerns can be addressed by stopping the router from broadcasting its SSID, filtering the MAC addresses of the devices allowed to connect, and reducing the radio power. Radio power is often overlooked but the range of current routers far exceeds what is needed to cover a SOHO or even a business with an unobstructed floor plan.
Click here for the A+ Practice Test Bundle for A+ Exams 220-1001 & 220-1002
Wired
As a rule, Wired networks require devices to be plugged into the network using an RJ-45 Ethernet cable. However, accessing resources are subject to the same administrative restrictions as other networks such as usernames and passwords.
WWAN (Cellular)
WWAN networks are generally utilized by internet-capable smartphones or cellphones. These networks are provided by cellular phone companies that have expanded their offerings to include internet access. WWANs are maintained and controlled by the cell service carriers. The carrier requires specific detailed information before it will allow the device access to its network. A SIM card or chip inside the device provides your access information to the cellular carrier. GSM and LTE both require a SIM card. USB WWAN devices are also available that can be plugged into the PC to provide internet access.
Proxy settings are managed in the browser’s Internet Options menu and from the Control Panel. Many corporations and service providers use dedicated proxy servers in order to increase the internet speed. Proxy servers provide a dedicated, controllable resource that caches data locally. Below is an example of a broadband proxy.
Proxy servers are not used with VPN connections. Proxy servers must be configured individually for each connection type used.
Broadband Proxy settings
Using Windows on a network allows users to manage files and folders that are shared on the network, provided the user has permission to do so. This is good when working with documents or other files, however this is not good for checking device settings and other system functions. Windows Remote Desktop fills this void by making the entire desktop and the system available wherever RDP (Remote Desktop Protocol) is available. The process has been around (before the objectives) as Terminal Services and was introduced in Windows XP as Remote Desktop, using port 3389. The port number is important because as seen in the example, the program needs to be permitted access through the Firewall.
RDC and RA setup window
Remote Desktop Connection and Remote Assistance are enabled on the Remote tab in the System Properties window. Once this is set, ensure that the user has remote access privileges on both computers. Use Select Users for this. When this is done, access the program by typing the program name or the filename MTSC (Microsoft Terminal Services Client) in the Start/Search bar.
Once the program is running, identify the target machine using the computer name or IP address and supply the login credentials in the General tab.
First RDC Connection Window
The Display Tab sets the resolution and color depth. Both of these settings are highly reliant on the connection speed and latency. Windows does its best to compensate for quality issues on low-speed connections. This can be found in the experience tab where bandwidth intensive features can be disabled in order to optimize performance. Other features of Remote Desktop include the ability to use local resources during the session as well as the ability to launch specific programs upon connection or at any time during the session.
Remote access to computers by trusted parties is a desirable way to handle system repairs by technicians in addition to providing personal access to the entire desktop and operating system. Windows Remote Assistance was introduced in Windows XP as a way for users to obtain immediate assistance. In the corporate world, this saved countless man-hours of support as it allowed the technician to make a simple repair without having to walk the user through the physical repair process. However, the technician would still need to explain what was done to the user.
Remote Assistance requires access through the Windows Firewall. If a hardware or third-party firewall program is used, Remote Assistance needs access through that as well. Remote Assistance allows the user to send an invitation to a trusted user in order to help resolve a computer issue. If you are able to offer assistance to a user, you can respond to their invitation too. In either case, Remote Assistance invitations work via request and respond. Security is managed through the use of a passcode that the responder will need to know in order to continue. When assistance is requested, a file with your connection properties and the passcode will be sent to the party you ask. The chat feature is available throughout the session and the bandwidth usage is controllable, allowing either party to reduce the number of resources the system is using. When actions are required by either party, they can “Take Control” of the session. Output is visible to both parties at all times.
When setting up a network connection, your Windows machine may use Network Location Awareness in order to automatically configure the Home, Work, or Public network settings. This is crucial because if you are in a coffee shop while using their Wi-Fi, you don’t want your data to be shared with everyone in the shop. Let’s explain each network setting type below.
Home
The Home network setting makes all of your shared data discoverable by other computers on the network. Throughout the various version and editions of Windows, the settings for a private network are identical to those labelled Private or Work. On the Home network setting, the PC cannot be accessed directly from the Internet and relies on the hardware and software protection provided by the gateway, router, or any other objects placed in between the PC and the internet. The Home network setting is good for home and work, but is bad out in a public environment since the PC is essentially unprotected.
Work
The Work network setting implies, but doesn’t guarantee, that a Domain is in use. In this case, all aspects of connection security are handled by the administrator through Group Policy and User Policy. The administrator will also have control over user access and device privileges on the network.
Public
The Public network type is used when there is no security device between the PC and the Internet. The Public network setting is the most restrictive since the only protection available for the PC is Windows Firewall, any AntiVirus programs, and any Malware protection that has been installed.
Windows Firewall is accessible from the Control Panel, Search, or run line. Windows Firewall can also be accessed through some of the applets used to change network settings such as the Network and Sharing Center. Windows Firewall is accessible at the bottom left corner.
A firewall filters web traffic using TCP port numbers. The Windows Firewall is quite user friendly and has an extensive list of preset programs that can be modified using checkboxes.
Rules
It easy to understand why blocking all web traffic is counterproductive and there is a very real need to allow some traffic to pass-through unrestricted. Rules are defined to establish the directions for controlling the activity between the network and the internet.
Exceptions
The firewall comes preset with a basic set of rules allowing for basic connectivity. Often, a user will use their device for years and not have to make any changes to it. If any changes need to be made to a rule, this is referred to as an Exception. After installing a new multiplayer game for example, you may find that the game cannot connect to the internet servers. In this case, an exception would need to be made for this game in the firewall settings.
Click here for the A+ Practice Test Bundle for A+ Exams 220-1001 & 220-1002
Enabling/disabling Windows firewall
If you are having problems connecting to the Internet or even the local network, quickly test the firewall by disabling it and then immediately checking your connections. If the connectivity problem disappears, then you have zeroed in on the issue. Be sure to turn the firewall back on as quickly as possible and then look for the contributing factors. It is very important that you minimize the time that the firewall is off.
Most networks use DHCP for network configurations. DHCP is fast, efficient, and has very little administrative overhead. DHCP servers ensure that addresses are issued without duplication and that the client receives the correct 32-bit IP Address, a valid 32-bit subnet mask, the address(es) of DNS servers, and a gateway address to use when using addresses off the local network. Addresses for WINS servers should also be provided. Windows IPv4 or IPv6 addresses can be configured manually or automatically using DHCP. Here is a summary:
Alternate IP Config
Here is a look at a typical alternate IPv4 configuration. An IPv4 configuration’s constituent parts are described below.
IP addressing
IP Addressing is a blanket term that covers all of the items that follow.
An IP Address is a 32-bit address that is segmented into four eight-bit sections called octets. The maximum value of any octet is 255 or 11111111 (binary). Usually, the first two or three octets will identify the network and the remainder will identify the host or device.
Subnet mask
Subnet masks are used to identify the network and which of the remaining octets are used to identify the host. For example if using a subnet mask of 255.255.255.0, this provides 24-bits (three octets) for the network and eight-bits for the host.
DNS
DNS (Domain Name System) is a naming system for network connected devices. DNS works well for human users because it is far easier to remember a few words rather than a 32-bit string of numbers. DNS maintains a constantly refreshing list of domain names with their corresponding IP addresses.
Gateway
A Gateway is a device on the network designated to provide access to the Internet through the local LAN. A part of each machine’s IP configuration includes the Default Gateway, an address to be used first when accessing data that is not on the local LAN.
Network card properties belong to whichever device is being used to access the network. A network card is required for each and every device that will access the network. The term network card can be used to describe any device which provides access at the physical layer regardless of the method (wired, wireless, and all that follow). Interestingly, each connection possesses these qualities with one exception. Let’s take a look.
Half duplex/full duplex/auto
When we talk about Network speed, we’re usually referring to throughput, more specifically Ethernet throughput. “Your results may vary” has never been truer than in this case. Let’s start with a definition that will help clarify additional items.
Duplex is not an apartment network. Duplex refers to the transmission of data and what amount of time each user is allotted for transmission and receiving. Duplex defines when a user can send and when a user can receive.
Half duplex
Half duplex refers to a situation where only two devices are present. In this case, one device transmits while the other receives. The second device can then send data back or remain silent. Image half duplex as how a walkie-talkie works. At the end of each transmission, the sending unit will transmit a Clear to send (CTS) message, indicating to all parties that the line is open. This is the walkie-talkie equivalent of saying “over.”
Full duplex
Full duplex is the best way for data to travel over Ethernet. Using the same two device example above, full duplex mode allows both of the devices to transmit and receive at will. With full duplex, the speed is getting very close to the advertised speed (more on that in a bit). For now, think of half duplex as one way at a time and full duplex as anything anytime.
The best way to manage the network interface’s settings is through Device Manager. The adapter’s properties sheet has an Advanced tab that contains close to 30 elements that can be tweaked. The first element we’ll look at is Speed and Duplex. Here you can set the interface to its maximum speed, the speed the network is running at, or to auto-negotiate.
Auto-negotiation
Auto-negotiation allows the network devices to send and receive packets to each other very quickly in order to determine the best transmission and reception settings for the connection. This occurs all in the blink of an eye.
Network speed properties
Speed
Here, we will talk about the rated speed which is not the speed you will get when you get home with the device. In fairness, the standard speed does not account for administrative overhead and the retransmission of dropped packets. We will start with wireless and confine it to what you can expect to see on the test.
The following standards are all sanctioned by the IEEE and fall under section 802.11. They are differentiated by their alpha designation. We will list the standard, the radio frequency band it operates in, its speed, and its range. We are only concerned with four of the wired IEEE standards.
Do your best to really know this. It helps with the “big picture” types of questions.
802.11a – 5.0 GHz frequency – speed up to 54 Mbps – Range of 50 meters
802.11b – 2.4 GHz frequency – speed up to 11 Mbps – Range of100 meters
802.11g – 2.4 GHz frequency – speed up to 54 Mbps – Range of 100 meters
802.11n – 2.4 or 5.0 GHz frequency – speed 300 to 600Mbps – Range outdoors of 250 meters*
802.11ac – 5.0 GHz frequency – speed of just under 7Gbps – Range outdoors of 250 meters
*) Uses MIMO (Multiple In Multiple Out) to bond channels together and increase speed
Wired
For wired networking, speeds are faster than wireless networking, even with legacy connection types. This speed increase comes at the expense of the portability that wireless connections provide. Wired connections adhere to the IEEE 802.3 standard.
Types
CAT5 – This is getting harder to find and is no longer installed. This cable rating uses four pairs and can support up to 100Mbps transmission speeds with a maximum cable length of 100 meters (328 feet). Higher speeds can be seen in real-world applications but remember that you are not in the real world. You are in the A+ and that’s the specification.
CAT5e – This is CAT5 Enhanced. The enhancement is due to reduced crosstalk. That doesn’t sound like a big deal until you look at the specifications. How does 10 times faster sound? Got your attention now, I’ll bet. CAT5e supports gigabit Ethernet (1000Mbps)! This can be attributed to a stricter attention to the number of twists per inch in the pairs. In order to fully utilize the CAT5e cable, remember that the hardware has to support the speed. CAT5e supports 1Gbps with a maximum cable length of 90 meters (295 feet).
CAT6 – Okay, now we’re cooking! CAT6 supports 10Gbps at a frequency of 250 Mhz. This speed increase can also be attributed to a reduction in crosstalk. While maintaining the same external RJ-45 form, the connector and cable are engineered to further isolate the cables from each other, resulting in the higher throughput. The wires are arranged in the connector in such a way to allow for a slight but significant separation over CAT5 wires, which run straightly horizontal and adjacent to each other. As you know, parallel cables will practically guarantee crosstalk. The maximum length is 90 meters with an additional 10 meters for a patch cable.
CAT6e – This enhancement doubles the transmission frequency to 500 MHz and restores the traditional segment length to 100 meters (328 feet). This is not technically a standard but it is widely recognized and observed.
CAT7 – This performance standard increases the performance to 600 MHz and provides a more reliable and durable cable than its predecessors. Most importantly, CAT7 uses an additional layer of shielding by wrapping the entire individually insulated pair with an additional layer, wrapping the whole cable bundle.
Coaxial – RG-6 (Radio Grade-6) cables have a variety of uses, but are mainly used in communication. The construction can vary slightly by manufacturer, but all cables consist of a solid copper core encased in a plastic insulating sleeve. The cable is covered by a wire mesh (sometimes foil) that insulates the cable from noise and provides grounding. The entire cable is inside a plastic jacket and is terminated with an F-type connector, used on RG-6 and RG-59 cables. RG-6 is becoming the preferred cable type for cable television (CATV).
Wake on LAN
Last but not least, in our exhaustive list of content that would be good to be comfortable with, is Wake on LAN. This handy little feature has been around forever and is available on most motherboards that have an onboard NIC. This feature is useful when you are trying to access a PC on your network or elsewhere that has gone to sleep. Normally, you would have someone go to the workstation and press a key or shake the mouse to wake the machine. The Wake on LAN feature works by simply attempting to access the PC. This feature should be listed on the Network. Double-clicking a folder will be met initially with an error, but wait a few seconds and you will have access to anything shared.
QoS
Quality of Service (QoS) settings are also on the Device Manager’s Properties Sheet under Priority and VLAN. Simply click to enable the priority. This is simple but so much more happens.
If you want QoS to work at its absolute maximum, QoS must be configured on all routers, switches, and computers that you anticipate will be using the program you are implementing.
Click here for the A+ Practice Test Bundle for A+ Exams 220-1001 & 220-1002
BIOS (on-board NIC)
This technology is used when the network connection device is built into the Motherboard and is controlled by the UFEI or BIOS. In addition to the operating system settings, much of what follows is configurable in the BIOS.
Well, that’s it for 220-1002 objective 1.8! Hopefully, you had as much fun reading it as we did writing it. See you next time.
By continuing to browse this site, you accept the use of cookies and similar technologies that will allow the use of your data by CertBlaster in order to produce audience statistics- see our privacy policy.