提纲2009年版三级网络技术复习提纲—第七章 服务器操作系统(2009 edition three level network technology review outline - Chapter seventh server operating system)

服务器版操作系统  时间:2021-03-11  阅读:()

2009年版三级网络技术复习提纲—第七章服务器操作系统2009edition three level network technology review outline -

Chapter seventh server operating system

The 2009 edition of three network technology review outline -Chapter seventh server operating system.Txt

The seventh chapter is the analysis of network management andnetwork security: this part is the key, the general 6multiple-choice questions and fill in 2~3, about 10-12.Pay attention to the problem:

1, the five functions of network management: configurationmanagement, faul t management, performance management,accounting management and security management, and the role ofmanagement.

2, the level of information security, A1 security standards inthe United States Department of defense is the highest levelof security.

3, the basic elements of network security: confidentiality,integrity, availability and legitimacy, and the correspondingfour basic threat, and the threat can realize the commonknowledge into threats and threats into.

4, security is a concrete manifestation of security threats,interruption, interception, modification and fabrication.5, the introduction of the related knowledge of encryption

technology.

The principle of digital signature and authenticationtechnology in 6, and the difference between it and messageauthentication.

7, the firewall can only prevent violations of external netsintranet.

1, network management includes five functions: configurationmanagement, faul t management, performance management,accounting management and security management.

Configuration management is responsible for networkestablishment, service deployment and configuration datamaintenance function: list management, resource provisioning,service provisioning;

Fault management general steps: find fault, judge fault, faultisolation, fault recording, fault repair; at present is:detection, isolation and correction of fault;

Billing management goal is to use the tracking of individualand group users of the cyber source, charge a reasonable feefor the.

Performance management aims to maintain the quality of serviceand network efficiency. Performance management includingperformance testing, performance analysis, performancemanagement and control function.

Safety management goal is in accordance with certain controlstrategies for cyber source access, ensure that importantinformation will not be unauthorized user access, and preventnetwork by malicious or unintentional attacks.

The target and the network administrator 2, network managementresponsibilities:

Target: A, reduce downtime, shorten the response time andimprove the utilization rate of equipment; B, reduce operatingcosts, improve efficiency; C, reduce or eliminate the networkbottleneck; D, make the network more easy to use, safe andreliable; e network.

Responsibilities: planning, construction, maintenance,expansion, optimization and troubleshooting. Not including thepreparation of applications, it is the programmer' sresponsibility.

3, a manager/agent model : management is essentially a set ofapplications running on the computer operating system,management information collection, from the agency forprocessing, to obtain valuable management information, toachieve the purpose of management. Agent is located in manageddevices, it comes from the management commands or informationrequests into the device specific instruction, completemanagement instructions, or return its equipment information.Between the manager and agent information exchange can bedivided into two types: the agent management operations frommanagers; from agents to managers of the event notification.

4, network management protocol

(1) the concept is: information between network manager andagent specification.

(2) the network management protocol is a high-level networkapplication protocol, it is based on the physical network andcommunication protocol based on network management serviceplatform.

Network management protocol includes: simple networkmanagement protocol SNMP, common management informationservice / protocol CMIS/CMIP (telecommunication managementnetwork commonly used)

The management node is generally workstation class computerapplication oriented, with strong processing ability. Theproxy node can be any type of network node. SNMP is anapplication layer protocol, it uses the service transport layerand network layer to its peer layer information transmission;SNMP uses round robin monitoring method. CMIP has theadvantages of high safety, strong function, not only can be usedfor data transmission management, can also perform certaintasks.

5, information security includes 3 aspects: physical security,security control, security service,

To achieve authenticity, confidentiality, integrity andavailability of the target;

6, the information security level:

(1) the United States Department of defense Orange BookStandards (_STD) : D1 (standard level computer system withoutverification, such as DOS, Windows3.X, users of Windows95 (notin the working group in Apple, System7.X) ; C1 providesindependent safety protection, it makes users and dataseparation, to meet the needs of independent. The minimumsecurity level C2 level required for handling of sensitiveinformation, further restrict the user to execute commands oraccess to certain file permissions, but also the authenticationlevel, such as UNIX, XENIX, Novell, NetWare system version 3or higher, Windows NT; B1 is the first need a lot of accesscontrol support level. The level of security are confidential,secret level. The B2 level of all objects in a computer systemto add tags, and to the security level distribution equipment.B3 requires the user workstation or terminal through trustedway to connect to the network system, and the level of securitysystem to protect the hardware store, security key componentsof B3 system must understand the access to all of the objectto the subject. The highest level of security A1, show that thesystem provides the most comprehensive security) .

(2) the computer information security level in China: selfprotection, guidance, supervision and protection levelprotection, mandatory protection level, the control level ofprotection.

8, network security

(1) objective: transmission security storage security and

information; the basic elements of the realization ofinformation confidentiality, integrity, availability andlegitimacy.

(2) security threats is the damage caused by a person, thing,thing or concept of a resource of confidentiality, integrity,availability or legitimacy.

(3) security threats are divided into two types of intentionaland accidental. Intentional threats can be divided into twotypes of passive and active.

Basic threat: information disclosure or loss -confidentiality,data integrity, integrity, availability, non - denial ofservice access legitimacy;

Infiltration of threat: counterfeiting, bypass control,authorization assault;

Implant threat: Troy Trojan, trapdoor;

The potential threat of eavesdropping, traffic analysis,personnel negligence, cleaning media.

(4) security attacks: from unauthorized entities have accessto resources, confidentiality of the attack; modification isunauthorized entities not only get access, but alsoaltered theresources of the integrity of the attack; interruption isdestroyed or become the system resources can not be used, isthe availability of the attack; it is unauthorized entitiesinto the fake object to the system, is on the legitimacy of the

attack.

(5) active attack and passive attack:

The characteristics of passive attacks is to monitor or monitor.The aim is to obtainthe information beingtransmitted. Passiveattacks: disclosure of information content and trafficanalysis etc. .

Active attack involves modifying the data stream or create thewrong data flow, it includes camouflage, replay, modifyinformation, denial of service, distributed denial of service.From the perspective of network protocol, the attack methodscan be summarized as: service attack and non attack service.Service attack is for a specific network services (such asE-mail (Telnet, FTP, mail bomb) , HTTP attacks) . Non serviceattack is not for a specific application service, but the lowlayer network layer protocol based on the. Non service attackby agreement or protocol when the operating systemvulnerabilities to achieve the purpose of attack, is a moreeffective means of attack, such as source routing attacks andNetXBay spoofing, etc. .

(9) safety strategy: the majesty of the law, advancedtechnology, strict management (10) safety managementprinciples: the principle of people is responsible for alimited term, the principle, the principle of separation ofduties

9, encryption technology

(1) several related concepts: called plaintext messages needto be hidden. The plaintext is transformed into another hiddenform called ciphertext,

This transformation is called encryption, the reverse processof encryption of plaintext is called decryption; a set of rulesfor encryption is called the encryption algorithm, a set ofrules by the cipher decryption called decryption algorithm;encryption algorithm and decryption algorithm is usuallycarried out in a group under the control of the key, theencryption algorithm used by the key as the encryption key,using the decryption key is called the decryption key encodingis used; password encryption, cryptanalysis (exhaustiveanalysis, to try all possible half) is used to decrypt, is acategory of cryptography.

(4) classification system password:

According to the plaintext into ciphertext operation type isdivided into: substitution or replacement of the password andthe password.

According to the number of keys is divided into: symmetriccryptography and asymmetric cryptography.

(5) the data encryption technology can be divided into 3categories: symmetric encryption, asymmetric encryption andnon reversible encryption.

Symmetric encryption for data encryption or decryption using

a single key, also known as single key encryption, passwordencryption, or conventional secret key encryption algorithm,such as DES.

Asymmetric encryption algorithm is characterized by two keys,only two collocation use to complete the encryption anddecryption process. Another usage of asymmetric encryption iscalled a"digital signature" is the commonly used RSA algorithmand digital signature algorithm DSA.

Irreversible encryption algorithm is a one-way hash algorithm,feature is encryption process does not require a key, and theencrypted data cannot be decrypted, only the same input datathrough the irreversible algorithm to the same encrypted datathe same.

(6) encryption scheme is that the two situations of safety:One is to decipher the ciphertext encrypted information exceedsthe cost of the value; two is valid to decipher the confidentialinformation over time.

(7) part of the symmetric encryption system model: encryptionalgorithm, encryption key, plaintext, ciphertext anddecryption algorithm.

Symmetric encryption is also called conventional encryption,single key encryption, secret key encryption, there are twosecurity requirements: need a strong encryption algorithm; thesender and recipient must be in a safe way to obtain a copy ofthe secret key, must ensure the security of the key. Its

pacificrack:2021年七夕VPS特别促销,$13.14/年,2G内存/2核/60gSSD/1T流量,支持Windows

pacificrack官方在搞2021年七夕促销,两款便宜vps给的配置都是挺不错的,依旧是接入1Gbps带宽,KVM虚拟、纯SSD raid10阵列,支持包括Linux、Windows 7、10、server2003、2008、2012、2016、2019在内多种操作系统。本次促销的VPS请特别注意限制条件,见本文末尾!官方网站:https://pacificrack.com支持PayPal、支...

云步云72.5元/月起云服务器,香港安畅/葵湾/将军澳/沙田/大浦CN2机房,2核2G5M

云步云怎么样?云步云是创建于2021年的品牌,主要从事出售香港vps、美国VPS、日本VPS、香港独立服务器、香港站群服务器等,机房有香港、美国、日本东京等机房,目前在售VPS线路有CN2+BGP、CN2 GIA,香港的线路也是CN2直连大陆,该公司旗下产品均采用KVM虚拟化架构。目前,云步云提供香港安畅、沙田、大浦、葵湾、将军澳、新世界等CN2机房云服务器,2核2G5M仅72.5元/月起。点击进...

无忧云(25元/月),国内BGP高防云服务器 2核2G5M

无忧云官网无忧云怎么样 无忧云服务器好不好 无忧云值不值得购买 无忧云,无忧云是一家成立于2017年的老牌商家旗下的服务器销售品牌,现由深圳市云上无忧网络科技有限公司运营,是正规持证IDC/ISP/IRCS商家,主要销售国内、中国香港、国外服务器产品,线路有腾讯云国外线路、自营香港CN2线路等,都是中国大陆直连线路,非常适合免北岸建站业务需求和各种负载较高的项目,同时国内服务器也有多个BGP以及高...

服务器版操作系统为你推荐
.cn域名cn域名有什么用啊?.cn域名cn域名和com域名有什么不同?哪个更好?好在哪里?sherylsandberg谷歌怎么看自己的详细资料百度商城百度商城里抽奖全是假的xyq.163.cbg.com梦幻CBG的网站是什么。mole.61.com谁知道摩尔庄园的网址啊www.vtigu.com初三了,为什么考试的数学题都那么难,我最多也就135,最后一道选择,填空啊根本没法做,最后几道大题倒www.ijinshan.com金山毒霸的网站是多少baqizi.cc徐悲鸿到其中一张很美的女人体画www.97yes.comwww.moyigui88.com是不是一个好网站呢
域名空间购买 128m内存 免备案cdn ntfs格式分区 lol台服官网 国外代理服务器软件 电信虚拟主机 昆明蜗牛家 双线机房 腾讯总部在哪 主机管理系统 数据库空间 xuni 免费个人网页 免费网络空间 乐视会员免费领取 博客域名 中美互联网论坛 美国十大啦 阿里云宕机故障 更多