提纲2009年版三级网络技术复习提纲—第七章 服务器操作系统(2009 edition three level network technology review outline - Chapter seventh server operating system)

服务器版操作系统  时间:2021-03-11  阅读:()

2009年版三级网络技术复习提纲—第七章服务器操作系统2009edition three level network technology review outline -

Chapter seventh server operating system

The 2009 edition of three network technology review outline -Chapter seventh server operating system.Txt

The seventh chapter is the analysis of network management andnetwork security: this part is the key, the general 6multiple-choice questions and fill in 2~3, about 10-12.Pay attention to the problem:

1, the five functions of network management: configurationmanagement, faul t management, performance management,accounting management and security management, and the role ofmanagement.

2, the level of information security, A1 security standards inthe United States Department of defense is the highest levelof security.

3, the basic elements of network security: confidentiality,integrity, availability and legitimacy, and the correspondingfour basic threat, and the threat can realize the commonknowledge into threats and threats into.

4, security is a concrete manifestation of security threats,interruption, interception, modification and fabrication.5, the introduction of the related knowledge of encryption

technology.

The principle of digital signature and authenticationtechnology in 6, and the difference between it and messageauthentication.

7, the firewall can only prevent violations of external netsintranet.

1, network management includes five functions: configurationmanagement, faul t management, performance management,accounting management and security management.

Configuration management is responsible for networkestablishment, service deployment and configuration datamaintenance function: list management, resource provisioning,service provisioning;

Fault management general steps: find fault, judge fault, faultisolation, fault recording, fault repair; at present is:detection, isolation and correction of fault;

Billing management goal is to use the tracking of individualand group users of the cyber source, charge a reasonable feefor the.

Performance management aims to maintain the quality of serviceand network efficiency. Performance management includingperformance testing, performance analysis, performancemanagement and control function.

Safety management goal is in accordance with certain controlstrategies for cyber source access, ensure that importantinformation will not be unauthorized user access, and preventnetwork by malicious or unintentional attacks.

The target and the network administrator 2, network managementresponsibilities:

Target: A, reduce downtime, shorten the response time andimprove the utilization rate of equipment; B, reduce operatingcosts, improve efficiency; C, reduce or eliminate the networkbottleneck; D, make the network more easy to use, safe andreliable; e network.

Responsibilities: planning, construction, maintenance,expansion, optimization and troubleshooting. Not including thepreparation of applications, it is the programmer' sresponsibility.

3, a manager/agent model : management is essentially a set ofapplications running on the computer operating system,management information collection, from the agency forprocessing, to obtain valuable management information, toachieve the purpose of management. Agent is located in manageddevices, it comes from the management commands or informationrequests into the device specific instruction, completemanagement instructions, or return its equipment information.Between the manager and agent information exchange can bedivided into two types: the agent management operations frommanagers; from agents to managers of the event notification.

4, network management protocol

(1) the concept is: information between network manager andagent specification.

(2) the network management protocol is a high-level networkapplication protocol, it is based on the physical network andcommunication protocol based on network management serviceplatform.

Network management protocol includes: simple networkmanagement protocol SNMP, common management informationservice / protocol CMIS/CMIP (telecommunication managementnetwork commonly used)

The management node is generally workstation class computerapplication oriented, with strong processing ability. Theproxy node can be any type of network node. SNMP is anapplication layer protocol, it uses the service transport layerand network layer to its peer layer information transmission;SNMP uses round robin monitoring method. CMIP has theadvantages of high safety, strong function, not only can be usedfor data transmission management, can also perform certaintasks.

5, information security includes 3 aspects: physical security,security control, security service,

To achieve authenticity, confidentiality, integrity andavailability of the target;

6, the information security level:

(1) the United States Department of defense Orange BookStandards (_STD) : D1 (standard level computer system withoutverification, such as DOS, Windows3.X, users of Windows95 (notin the working group in Apple, System7.X) ; C1 providesindependent safety protection, it makes users and dataseparation, to meet the needs of independent. The minimumsecurity level C2 level required for handling of sensitiveinformation, further restrict the user to execute commands oraccess to certain file permissions, but also the authenticationlevel, such as UNIX, XENIX, Novell, NetWare system version 3or higher, Windows NT; B1 is the first need a lot of accesscontrol support level. The level of security are confidential,secret level. The B2 level of all objects in a computer systemto add tags, and to the security level distribution equipment.B3 requires the user workstation or terminal through trustedway to connect to the network system, and the level of securitysystem to protect the hardware store, security key componentsof B3 system must understand the access to all of the objectto the subject. The highest level of security A1, show that thesystem provides the most comprehensive security) .

(2) the computer information security level in China: selfprotection, guidance, supervision and protection levelprotection, mandatory protection level, the control level ofprotection.

8, network security

(1) objective: transmission security storage security and

information; the basic elements of the realization ofinformation confidentiality, integrity, availability andlegitimacy.

(2) security threats is the damage caused by a person, thing,thing or concept of a resource of confidentiality, integrity,availability or legitimacy.

(3) security threats are divided into two types of intentionaland accidental. Intentional threats can be divided into twotypes of passive and active.

Basic threat: information disclosure or loss -confidentiality,data integrity, integrity, availability, non - denial ofservice access legitimacy;

Infiltration of threat: counterfeiting, bypass control,authorization assault;

Implant threat: Troy Trojan, trapdoor;

The potential threat of eavesdropping, traffic analysis,personnel negligence, cleaning media.

(4) security attacks: from unauthorized entities have accessto resources, confidentiality of the attack; modification isunauthorized entities not only get access, but alsoaltered theresources of the integrity of the attack; interruption isdestroyed or become the system resources can not be used, isthe availability of the attack; it is unauthorized entitiesinto the fake object to the system, is on the legitimacy of the

attack.

(5) active attack and passive attack:

The characteristics of passive attacks is to monitor or monitor.The aim is to obtainthe information beingtransmitted. Passiveattacks: disclosure of information content and trafficanalysis etc. .

Active attack involves modifying the data stream or create thewrong data flow, it includes camouflage, replay, modifyinformation, denial of service, distributed denial of service.From the perspective of network protocol, the attack methodscan be summarized as: service attack and non attack service.Service attack is for a specific network services (such asE-mail (Telnet, FTP, mail bomb) , HTTP attacks) . Non serviceattack is not for a specific application service, but the lowlayer network layer protocol based on the. Non service attackby agreement or protocol when the operating systemvulnerabilities to achieve the purpose of attack, is a moreeffective means of attack, such as source routing attacks andNetXBay spoofing, etc. .

(9) safety strategy: the majesty of the law, advancedtechnology, strict management (10) safety managementprinciples: the principle of people is responsible for alimited term, the principle, the principle of separation ofduties

9, encryption technology

(1) several related concepts: called plaintext messages needto be hidden. The plaintext is transformed into another hiddenform called ciphertext,

This transformation is called encryption, the reverse processof encryption of plaintext is called decryption; a set of rulesfor encryption is called the encryption algorithm, a set ofrules by the cipher decryption called decryption algorithm;encryption algorithm and decryption algorithm is usuallycarried out in a group under the control of the key, theencryption algorithm used by the key as the encryption key,using the decryption key is called the decryption key encodingis used; password encryption, cryptanalysis (exhaustiveanalysis, to try all possible half) is used to decrypt, is acategory of cryptography.

(4) classification system password:

According to the plaintext into ciphertext operation type isdivided into: substitution or replacement of the password andthe password.

According to the number of keys is divided into: symmetriccryptography and asymmetric cryptography.

(5) the data encryption technology can be divided into 3categories: symmetric encryption, asymmetric encryption andnon reversible encryption.

Symmetric encryption for data encryption or decryption using

a single key, also known as single key encryption, passwordencryption, or conventional secret key encryption algorithm,such as DES.

Asymmetric encryption algorithm is characterized by two keys,only two collocation use to complete the encryption anddecryption process. Another usage of asymmetric encryption iscalled a"digital signature" is the commonly used RSA algorithmand digital signature algorithm DSA.

Irreversible encryption algorithm is a one-way hash algorithm,feature is encryption process does not require a key, and theencrypted data cannot be decrypted, only the same input datathrough the irreversible algorithm to the same encrypted datathe same.

(6) encryption scheme is that the two situations of safety:One is to decipher the ciphertext encrypted information exceedsthe cost of the value; two is valid to decipher the confidentialinformation over time.

(7) part of the symmetric encryption system model: encryptionalgorithm, encryption key, plaintext, ciphertext anddecryption algorithm.

Symmetric encryption is also called conventional encryption,single key encryption, secret key encryption, there are twosecurity requirements: need a strong encryption algorithm; thesender and recipient must be in a safe way to obtain a copy ofthe secret key, must ensure the security of the key. Its

friendhosting:(优惠55%)大促销,全场VPS降价55%,9个机房,不限流量

每年的7月的最后一个周五是全球性质的“系统管理员日”,据说是为了感谢系统管理员的辛苦工作....friendhosting决定从现在开始一直到9月8日对其全球9个数据中心的VPS进行4.5折(优惠55%)大促销。所有VPS基于KVM虚拟,给100M带宽,不限制流量,允许自定义上传ISO...官方网站:https://friendhosting.net比特币、信用卡、PayPal、支付宝、微信、we...

Sharktech$129/月,1Gbps不限流量,E5-2678v3(24核48线程)

Sharktech最近洛杉矶和丹佛低价配置大部分都无货了,只有荷兰机房还有少量库存,商家又提供了两款洛杉矶特价独立服务器,价格不错,CPU/内存/硬盘都是高配,1-10Gbps带宽不限流量最低129美元/月起。鲨鱼机房(Sharktech)我们也叫它SK机房,是一家成立于2003年的老牌国外主机商,提供的产品包括独立服务器租用、VPS主机等,自营机房在美国洛杉矶、丹佛、芝加哥和荷兰阿姆斯特丹等,主...

安徽BGP云服务器 1核 1G 5M 29元/月 香港云服务器 1核 1G 19元首月 麻花云

麻花云怎么样?麻花云公司成立于2007年,当前主打产品为安徽移动BGP线路,数据中心连入移动骨干网。提供5M,10M大带宽云主机,香港云服务器产品,数据中心为香港将军澳机房,香港宽频机房 cn2-GIA优质线路、采用HYPER-V,KVM虚拟技术架构一、麻花云官网点击直达麻花云官方网站合肥网联网络科技有限公司优惠码: 专属优惠码:F1B07B 享受85折优惠。最新活动 :双11 云上嗨购 香港云主...

服务器版操作系统为你推荐
梦之队官网梦之队是哪个国家的?留学生认证留学生前阶段双认证认证什么内容?firetrap牛仔裤的四大品牌是那几个啊?百度关键词价格查询百度关键词排名价格是多少lunwenjiancepaperfree论文检测怎样算合格haokandianyingwang谁给个好看的电影网站看看。www.zjs.com.cn怎么查询我的平安信用卡寄送情况www.5any.com重庆哪里有不是全日制的大学?www.toutoulu.com外链方案到底应该怎么弄呢www.toutoulu.com安装好派克滤芯后要检查其是否漏气
最新代理服务器地址 enzu 息壤主机 域名优惠码 gomezpeer xen 网页背景图片 dropbox网盘 申请空间 免费smtp服务器 150邮箱 帽子云 国外免费全能空间 可外链网盘 web服务器是什么 金主 supercache 服务器硬件配置 七十九刀 删除域名 更多