Dr. Steve Gardner Sp 2020 Bonus Question Sp 20 Mis

2dr Steve Gardner Sp2020 April 22 2020bonus Question Sp20 Mis3613

You are an electrical engineer and the IT Director of Therall Industries, a small company that makes a very intricate high technology device, the metapolar refractive pilfrometer for Rockwell Industries Turboencabulator. The company has two small locations in different cities, approximately 600 feet long and 400 feet wide, almost identical externally.

The first location, Headquarters, houses Executive Management and R&D Engineering. The second, Remote, is where other engineering and production take place. Your boss, Tom Frantype, has asked you to develop an internal network leading to a secure wired communication system between the two offices and install wireless networks in each facility. The facility layouts are available in the provided materials.

Paper For Above instruction

The task of designing robust, secure, and efficient network systems for Therall Industries necessitates detailed planning and implementation across multiple layers of communication infrastructure, spatial arrangements, and security protocols. This essay discusses the design and configuration of intrabuilding networks, secure VPN setups for inter-office communication, WAN technologies, wireless implementations, small-area PANs, troubleshooting protocols, cybersecurity threats, and fundamental networking models to ensure seamless and protected operations.

1. Intrabuilding Networks at Headquarters

At the Headquarters, the network must encompass diverse areas, each with vital hosts requiring wired connectivity for operational stability and security. The following distribution is proposed:

• Two hosts in the Executive offices, likely for senior management and executive assistants. These stations require high-speed wired Ethernet connections, ideally CAT6 or CAT6A cabling, suitable for gigabit or ten-gigabit speeds, to handle data-intensive tasks and VoIP services.
• Four hosts in R&D, which involve heavy data processing; hence, high-grade structured cabling such as CAT6A should be used, with cable runs mapped from the telecom room to designated workstations, terminating at faceplate jacks in each office area. The logical topology is a star, connecting all hosts to a central switch.
• One host in Reception, linked via a dedicated jack near the reception desk for quick access and security.
• Four hosts in Guest Offices, with cabling runs from the core switch to each guest workstation, maintaining a star topology for ease of management.
• Two hosts in Accounting, connected directly to the primary switch or a dedicated segment for financial data security.

  The building connection to the ISP will use a telecom room housing a high-quality POE-capable network switch, connected via fiber optic patch panels to the ISP's demarcation point. The demarc, likely a fiber-optic wall jack or panel, serves as the first point of entry, providing physical security and separation of the internal LAN from external networks.

  Physical cabling will be neatly organized with labeled patch panels—preferably modular, fiber-rich for backbone connections and copper for end-user devices—facilitating future upgrades and maintenance. The logical topology will adopt a star configuration, ensuring central management and fault isolation.

  2. Intrabuilding Networks at Remote

  The Remote facility's layout encompasses:

  • Sixteen hosts in Engineering, likely distributed across multiple workstations, all connected via high-grade CAT6A cabling, laid out from the telecom room to each station in a star topology.
  • Four hosts in each production area, with dedicated cabling and jacks located near manufacturing machinery and monitoring stations to facilitate real-time data exchange and machine control.
  • One host in Reception, connected via standard Ethernet cabling directly to the core switch.
  • POTS service throughout the facility, routed via traditional copper wiring from the telecom room to station outlets, supporting analog telephony services.

  The building's network infrastructure will mirror that of Headquarters, with fiber optic patches connecting the telecom room to the ISP's demarc—protecting high-speed backbone connections and latency optimization. The logical topology again adopts a star configuration, favoring simplicity and fault tolerance.

  3. Secure Inter-Office Communication

  To facilitate secure communication between Headquarters and Remote, a Virtual Private Network (VPN) is essential. A VPN creates an encrypted tunnel over the Internet, ensuring data confidentiality and integrity. Protocols such as IPsec or SSL/TLS are employed; IPsec, in particular, operates at the network layer, providing robust security features suitable for site-to-site VPNs. This setup involves configuring dedicated VPN gateways at each site, connected to the internal routers or firewalls.

  Employees can securely access shared resources and communicate with colleagues through encrypted channels, preventing interception by malicious actors. Remote access VPNs also enable authorized distant employees to work securely outside the corporate network. Proper authentication methods, such as multi-factor authentication, and strict policy enforcement ensure that only legitimate users gain access.

  Implementing VPNs exemplifies layered security, leveraging encryption, authentication, and access controls. Using protocols like IPsec provides security at the IP layer, encrypting data packets, while SSL/TLS can secure application-specific traffic, such as HTTPS web browsing or VoIP calls. As a result, the network is fortified against eavesdropping, spoofing, and man-in-the-middle attacks.

  4. WAN Technologies Using T3 Lines

  The Wide Area Network (WAN) connectivity between the sites employs T3 lines, which are digital communication channels capable of transmitting data at 44.736 Mbps. T3 lines use time-division multiplexing (TDM) to divide the bandwidth into 672 channels, each capable of carrying 64 Kbps, providing substantial capacity for voice, data, and video traffic.

  Communication over long distances such as Houston to Ada involves leased lines through telecom providers, with T3 circuits often provisioned over fiber optic infrastructure, enabling high-speed, reliable links. Protocols such as PPP (Point-to-Point Protocol) or Frame Relay may be used to manage data frames over T3 lines, with MPLS (Multiprotocol Label Switching) often serving to prioritize traffic and enhance routing efficiency.

  The T3 demarcation point is typically a CSU/DSU (Channel Service Unit/Data Service Unit), which terminates the T3 circuit at each site. This device manages the interface between the provider’s network and the internal local network, providing synchronization, error checking, and framing functions necessary to maintain data integrity over long distances.

  5. Wireless Network Setup

  Wireless networks at each facility will be established using enterprise-grade Wi-Fi access points (APs), supporting IEEE 802.11ac or 802.11ax standards, operating in dual bands (2.4 GHz and 5 GHz). Placement of APs will be strategic: high, central locations within each building to maximize coverage and minimize dead zones.

  In Headquarters, a particularly high-speed, low-latency Wi-Fi link between the Reception area and the Executive Suite is critical—this can be achieved with a dedicated, high-performance AP or a Wi-Fi mesh system with beamforming capabilities and dynamic channel management, ensuring a reliable, fast connection. The expected throughput would be in excess of 300 Mbps on the 5 GHz band, suitable for VoIP, video calls, and data sharing.

  6. PAN for Production Machines

  The production areas house portable presser stops managed from central control booths. These machines are monitored via Personal Area Networks (PANs) employing Bluetooth Low Energy (BLE) or Zigbee protocols operating in the 2.4 GHz ISM band. These networks manage low-power, short-range device communication, typically within a radius of 10–30 meters. The PANs enable real-time monitoring, configuration, and status updates of the machines, ensuring operational efficiency.

  Anticipating questions, they operate on standardized wireless protocols recognized for their interoperability, security features, and low power consumption. Devices are configured to communicate at specific frequencies with encryption enabled to prevent unauthorized access.

  7. Troubleshooting Interbuilding Communication Failure

  When communication between Headquarters and Remote fails, systematic troubleshooting steps include:

  • Checking physical links—ensuring fiber or copper cables are intact, connectors are secure, and equipment powered on.
  • Verifying the status LEDs on switches, routers, and CSU/DSU devices for fault indications.
  • Using network diagnostic tools like ping and traceroute to identify where packets are being lost.
  • Examining firewall and VPN configurations to ensure tunnels are active and not blocked.
  • Consulting service provider reports if an external outage is suspected.
  • Inspecting the T3 circuit status and reconnecting or resetting the CSU/DSU as necessary.

  Failure could stem from physical damage, misconfiguration, or provider issues, requiring coordinated fixes including cable repairs, configuration updates, or service restoration requests.

  8. Ransomware Attack Explanation and Recovery

  The incident on the engineer’s monitor indicates a ransomware attack—a malicious program encrypts files and demands payment for a decryption key. The message demanding £500,000 is typical of ransomware extortion schemes. The inability to access proprietary data suggests files have been encrypted, and the system is now compromised.

  To mitigate this, immediate steps include disconnecting the affected system from the network to prevent further spread, informing cybersecurity personnel, restoring data from recent backups if available, and conducting forensic analysis to identify vulnerabilities exploited.

  Preventative measures involve maintaining updated antivirus software, patching systems regularly, employing intrusion detection systems, and educating staff about phishing and security protocols. Paying ransom is discouraged as it incentivizes attackers; instead, recovery should focus on backups and cybersecurity best practices.

  9. Explaining the OSI and TCP/IP Models

  To clarify network operations to Tom Frantype, the OSI (Open Systems Interconnection) model conceptualizes a network into seven layers, each responsible for specific functions: Physical, Data Link, Network, Transport, Session, Presentation, and Application. Headers and footers encapsulate data at each layer, adding context necessary for proper data exchange. For example, data from an application is wrapped in a TCP/UDP header atTransport layer, then in an IP header at Network layer, and so forth.

  The TCP/IP (Transmission Control Protocol/Internet Protocol) model condenses these functions into four layers: Link, Internet, Transport, and Application. It is more practical and widely implemented, particularly on the Internet. For example, when requesting a webpage, the browser (Application) sends a request via HTTP, which is encapsulated with TCP headers (Transport), IP headers (Internet), and link-layer protocols (Link). The server responds similarly, enabling the browser to display the webpage, effectively demonstrating encapsulation and the layered approach.

  10. Final Remarks

  This comprehensive plan integrates physical infrastructure, logical topologies, security measures, WAN and wireless technologies, troubleshooting protocols, cybersecurity awareness, and fundamental networking models. Effective implementation will ensure Therall Industries maintains secure, reliable communication channels aligned with operational priorities and technological best practices.

  References

  • Odom, W. (2018). CCNA 200-301 Official Cert Guide, Volume 1. Cisco Press.
  • Tanenbaum, A. S., & Wetherall, D. J. (2013). Computer Networks (5th ed.). Pearson.
  • Kurose, J. F., & Ross, K. W. (2017). Computer Networking: A Top-Down Approach (7th ed.). Pearson.
  • Stanford University. (2020). OSI Model and TCP/IP Model. Retrieved from https://cs.stanford.edu/projects/CSC251/2019/lectures/lecture2.pdf
  • Cisco Systems. (2020). Wireless LAN Design Guide. Cisco.
  • National Cyber Security Centre. (2021). Ransomware Guidance. NCSC.
  • ITU-T Recommendations. (2022). G.8260: Characteristics of SDH and SONET. ITU.
  • Comer, D. E. (2018). Internetworking with TCP/IP (6th ed.). Pearson.
  • Fiber Optic Association. (2023). Introduction to Fiber Optic Communications. FOA.
  • IEEE Standards Association. (2022). IEEE 802.11ax-2021: Wireless LANs - Enhancements for High Efficiency. IEEE.