Network Plus N10-007 Objective 3.4
3.4 Given a scenario, use remote access methods.
Welcome to Exam Notes by CertBlaster! In this edition, we will address topics covered in Network Plus N10-007 Objective 3.4 “Given a scenario, use remote access methods.” All remote access technology brings with it a certain amount of risk. Be aware of any risks before deploying any remote access software.
Virtual Private Networks (VPN) provide a secure, private, encrypted, host-to-host connection called a tunnel. The tunnel is established between a host and a network server in a client to site configuration or as a site to client tunnel.
Secure Sockets Handling (SSH) can be used to initiate console screens on routers, switches and other network devices for analysis or configuration. Consider the SSH key as a substitute for your username and password for authentication. The SSH protocol provides a secure cryptographic connection at both ends.
IPsec is a Layer 3 network protocol that can provide encryption, authentication and key management for every packet transmitted.
Many browser-based communications are protected using the SSL (Secure Socket Layer) TLS (Transport Layer Security (TLS). Your browser address bar will display. Look for this padlock in the address bar before entering any information.
Secure browser padlock
Remote file access
Basically FTP (File Transport Protocol) is used to transfer files between devices.
FTP/FTPS FTP uses either open unauthenticated connections or those that require credentials.
SFTP Is an extension of the SSH protocol that uses SSH to Secure FTP connections. Remember that FTPS and FTP Secure and not compatible with each other.
TFTP is the least secure of the FTP options. It provides fast file transfers on the local network but it is not suited to transfers across the public internet.
Microsoft’s implementation of the Remote Desktop Protocol (RDP) dates back to some of the OS’s earlier releases that provided a Terminal interface that required extensive knowledge of commands. Features were added to create more effective control with each release. It is now possible to view and control the host you are connected to. VNC (Virtual Network Computing) is the open-source version of this technology allowing vendors and manufacturers to modify the app as needed.
Remote users can still “remote in” to computers using the Telnet command. While this is fast and efficient it is not secure. It has largely been replaced by more secure transfer methods.
Our network devices once required individual command line configuration. Today’s devices often provide access to all settings through an SSL secured management URL.
In-band management requires that the program be installed on each device being configured. The device (s) being configured must be powered on limiting some of your options.
Out-of-band management provides the capability of managing your network from an external connection. Your connection can be initiated with a dial-up connection or a cable modem. A console router on the server side can centralize the management of these devices. Here is a look at the management console from a SOHO router.
Well, that’s all for objective 3.4 and main domain 3! See you in domain 4!