lOMoARcPSD|28432290

Course Careers Information Technology

COMPUTER NETWORKS AND DISTRIBUTED COMPUTING (The University of Texas

at Arlington)

Studocu is not sponsored or endorsed by any college or university

Downloaded by Oli Fel (olivirus1007@gmail.com)
 lOMoARcPSD|28432290

Course Careers
Information TECHNOLOGY
Module 1: Course Overview and Mindset
What is IT?

IT is essentially the use of digital technology, like computers and the internet, to store and process data
into useful information.

What does an IT Support Specialist do?

IT support specialists make sure that an organization's technological equipment is running smoothly. This
includes managing, installing, maintaining, troubleshooting, and configuring office and computing
equipment.

Module 2: Introduction to Information Technology

Hardware Basics – Computer Components
Hardware: External or internal devices and equipment that help you perform major functions.

The computer case is also known as a tower, box, system unit, base unit, enclosure, housing, chassis,
and cabinet. Contains all the hardware components of a computer.

Motherboard: The body or circulatory system of the computer that connects all the pieces together.

CPU: Central processing unit determines the performance of your system. A central processing unit
(CPU), also called a central processor, main processor or just processor, is the electronic circuitry that
executes instructions comprising a computer program. The CPU performs basic arithmetic, logic,
controlling, and input/output (I/O) operations specified by the instructions in the program. Measured in
cycles per second.

Hard drive: It is a long-term memory component that holds all our data, which can include music,
pictures, applications. SSD: Solid State Drive. HDD (Hard disk drive): Hard disk drives, or HDDs, use a
spinning platter and a mechanical arm to read and write information. Gigabytes and Terabytes.

RAM: Random Access Memory temporary storage for computer programs. Loads apps while you’re using
the app for example.

Power supply: Converts electricity from our wall outlet onto a format that our computer can use.

Network Interface Card (NIC) – allows the computer to communicate over the network/Internet via a
RJ45. Possible to have USB versions of both.

Graphics Cards – A graphics card (also called a video card, display card, graphics adapter, VGA card/VGA,
video adapter, display adapter, or colloquially GPU) is a computer expansion card that generates a feed
of graphics output to a display device such as a monitor.

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Hardware Basics – Computer Peripherals

Peripherals: the external devices which we connect to our computer that add functionality, like a mouse,
a keyboard, and a monitor.

Input/Output device: A device that performs input and output, including monitors, keyboards, mice,
hard disk drives, speakers, Bluetooth headsets, webcams, and network adapters.

Ports: Connection points that we can connect devices to that extend the functionality of our computer.

Type-C connector: A type of USB connector meant to replace many peripheral connections.

USB (Universal Serial Bus): A connection standard for connecting peripherals to devices such as
computers.

USB-C adapter: One of the standard power, data and display connector types used in mobile devices.

Docking stations allow you to plug in many different connections. Mostly all have a USB-C.

HDMI: A type of cable that outputs both video and audio.

Display port: Port which also outputs audio and video.

Operating Systems and Software Basics

Operating system: the software that supports a computer's basic functions, such as scheduling tasks,
executing applications, and controlling peripherals.

Microsoft Windows – NFTS (new) and FAT – 32 (Old)

Apple macOS – APFS, MAC OS Extended, ExFAT
Google’s Android OS
Apple iOS
Linus – EXT4, EXT3 (old)

File system: A system used to manage files and data. Different OS use their own file system.

A program is an application that is running on a computer (Word, Excel, Calculator).

A process is a running program that has been loaded into the memory.

Virtual machine (VM): An application that uses physical resources like memory, CPU and storage, but
they offer the added benefit of running multiple operating systems at once.

What is Networking?

Computer networking refers to interconnected computing devices that can exchange data and share
resources with each other. These networked devices use a system of rules, called communications
protocols, to transmit information over physical or wireless technologies.

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Nodes and links are the basic building blocks in computer networking. A network node may be data
communication equipment (DCE) such as a modem, hub or, switch, or data terminal equipment (DTE)
such as two or more computers and printers. A link refers to the transmission media connecting two
nodes. Links may be physical, like cable wires or optical fibers, or free space used by wireless networks.

In a working computer network, nodes follow a set of rules or protocols that define how to send and
receive electronic data via the links. The computer network architecture defines the design of these
physical and logical components. It provides the specifications for the network’s physical components,
functional organization, protocols, and procedures.

Routers –

A router is a device that connects two or more packet-switched networks or subnetworks. It serves two
primary functions: managing traffic between these networks by forwarding data packets to their
intended IP addresses and allowing multiple devices to use the same Internet connection.

There are several types of routers, but most routers pass data between LANs (local area networks) and
WANs (wide area networks). A LAN is a group of connected devices restricted to a specific geographic
area. A LAN usually requires a single router.

A WAN, by contrast, is a large network spread out over a vast geographic area. Large organizations and
companies that operate in multiple locations across the country, for instance, will need separate LANs for
each location, which then connect to the other LANs to form a WAN. Because a WAN is distributed over
a large area, it often necessitates multiple routers and switches.

Switches –

A network switch forwards data between devices, unlike routers, which forward data between
networks.

Wireless Access Points –

In computer networking, a wireless access point, or more generally just an access point, is a networking
hardware device that allows other Wi-Fi devices to connect to a wired network.

IPv4 Address Basics

What is an IP Address? An Internet Protocol address is a numerical label such as 192.0.2.1 that is
connected to a computer network that uses the Internet Protocol for communication. An IP address
serves two main functions: network interface identification and location addressing.

IPv4 has 4 octets which means a group of 8.

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Binary code represents text, computer processor instructions, or any other data using a two-symbol
system. The two-symbol system used is often "0" and "1" from the binary number system. The binary
code assigns a pattern of binary digits, also known as bits, to each character, instruction, etc.

Subnet Mask –

IP addresses have 2 parts: the Network ID and Host ID. The Subnet Mask identifies which portion of the
IP address is the Network ID and the remaining Host ID. A subnet mask is a 32-bit number created by
setting host bits to all 0s and setting network bits to all 1s. In this way, the subnet mask separates the IP
address into the network and host addresses. The “255” address is always assigned to a broadcast
address, and the “0” address is always assigned to a network address.

CIDR (Classless Inter-Domain Routing or supernetting) is a method of assigning IP addresses that

improves the efficiency of address distribution and replaces the previous system based on Class A, Class
B and Class C networks.

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Automatic Private IP Addressing (APIPA) is a feature in operating systems (such as Windows) that
enables computers to automatically self-configure an IP address and subnet mask when their DHCP
server isn't reachable. The IP address range for APIPA is 169.254. 0.1 - 169.254.

Loopback Address - The IP address 127.0. 0.1 is called a loopback address. Packets sent to this address
never reach the network but are looped through the network interface card only. This can be used for
diagnostic purposes to verify that the internal path through the TCP/IP protocols is working.

Private IP Addresses - A private IP address is a range of non-internet facing IP addresses used in an

internal network. Private IP addresses are provided by network devices, such as routers, using network
address translation. Internet Protocol (IP) addresses identify a device on either the internet or a local
network.

Ports and Protocols

What are Network Ports? In computer networking, a port or port number is a number assigned to
uniquely identify a connection endpoint and to direct data to a specific service. At the software level,
within an operating system, a port is a logical construct that identifies a specific process or a type of
network service.

A socket is one endpoint of a two-way communication link between two programs running on the
network. A socket is bound to a port number so that the TCP (Transmission Control Protocol) layer can
identify the application that data is destined to be sent to.

What are Network Protocols? A communication protocol is a system of rules that allows two or more
entities of a communications system to transmit information via any kind of variation of a physical
quantity. The protocol defines the rules, syntax, semantics and synchronization of communication and
possible error recovery methods.

TCP is a connection-oriented protocol, whereas UDP is a connectionless protocol. A key difference

between TCP and UDP is speed, as TCP is comparatively slower than UDP. Overall, UDP is a much faster,
simpler, and efficient protocol, however, retransmission of lost data packets is only possible with TCP.

The Transmission Control Protocol is one of the main protocols of the Internet protocol suite. It
originated in the initial network implementation in which it complemented the Internet Protocol.
Therefore, the entire suite is commonly referred to as TCP/IP. In computer networking, the User

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Datagram Protocol is one of the core communication protocols of the Internet protocol suite used to
send messages to other hosts on an Internet Protocol network. Within an IP network, UDP does not
require prior communication to set up communication channels or data paths.

Common TCP/UDP Port Numbers

The Internet Assigned Numbers Authority (IANA) has assigned port numbers to commonly used services
like SSH, FTP, HTTP, HTTPS, and others. Here are some of the most common ones:

DNS (Domain Name System)

The Domain Name System is a hierarchical and distributed naming system for computers, services, and
other resources on the Internet or other Internet Protocol networks. It associates various information
with domain names assigned to each of the associated entities.

ICMP (No Port) Internet Control Message Protocol this is the protocol that PING uses. Ping is a
command tool used to check if another computer is reachable on the network line.

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Module 3: Day-to-Day
Working Tickets

A helpdesk ticket is an automated request for tracking and logging customer service requests. These
requests are generated when somebody needs assistance from a support team or technician in resolving
a technical issue, problem, or question related to their product or service.

An end-user, manager, service desk technician or you can create a ticket.

Ticket Prioritization & Severity

Service Level Agreement (SLA) A service-level agreement is a commitment between a service provider
and a customer. Aspects of the service – quality, availability, responsibilities – are agreed between the
service provider and the service user. This will address time of resolution, how fast you reach out initially,
how often you communicate, etc.

Common Help Desk Issues

Blue Screen of Death

Password Predicaments
Slow Internet
Lost Wireless Signal
Failure to Recognize a USB Device
Printer Problems
Slow Operations
Deleted/Unsaved Files
VPN Connection/Login Difficulties
Malware/Bad links

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Common Tools & Commands

Active Directory System software

Active Directory is a directory service developed by Microsoft for Windows domain networks. It is
included in most Windows Server operating systems as a set of processes and services. Initially, Active
Directory was used only for centralized domain management.

Remote Desktop Services, known as Terminal Services in Windows Server 2008 and earlier, is one of the
components of Microsoft Windows that allow a user to initiate and control an interactive session on a
remote computer or virtual machine over a network connection.

Customer Service & Soft Skills

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Module 4: Labs
Lab 1 – Azure Crash Course
What is the Cloud?

"The cloud" refers to servers that are accessed over the Internet, and the software and databases that
run on those servers. Cloud servers are in data centers all over the world. By using cloud computing,
users and companies do not have to manage physical servers themselves or run software applications on
their own machines.

How does cloud computing work?

Cloud computing is possible because of a technology called virtualization. Virtualization allows for the
creation of a simulated, digital-only "virtual" computer that behaves as if it were a physical computer
with its own hardware. The technical term for such a computer is virtual machine. When properly
implemented, virtual machines on the same host machine are sandboxed from one another, so they do
not interact with each other at all, and the files and applications from one virtual machine are not visible
to the other virtual machines even though they are on the same physical machine.

Virtual machines also make more efficient use of the hardware hosting them. By running many virtual
machines at once, one server can run many virtual "servers," and a data center becomes like a whole
host of data centers, able to serve many organizations. Thus, cloud providers can offer the use of their
servers to far more customers at once than they would be able to otherwise, and they can do so at a low
cost.

Even if individual servers go down, cloud servers in general should be always online and always available.
Cloud vendors generally back up their services on multiple machines and across multiple regions.

Users access cloud services either through a browser or through an app, connecting to the cloud over
the Internet — that is, through many interconnected networks — regardless of what device they are
using.

What are the main service models of cloud computing?

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Software-as-a-Service (SaaS): Instead of users installing an application on their device, SaaS applications
are hosted on cloud servers, and users access them over the Internet. SaaS is like renting a house: the
landlord maintains the house, but the tenant mostly gets to use it as if they owned it. Examples of SaaS
applications include Salesforce, MailChimp, and Slack.

Platform-as-a-Service (PaaS): In this model, companies don't pay for hosted applications; instead they
pay for the things they need to build their own applications. PaaS vendors offer everything necessary for
building an application, including development tools, infrastructure, and operating systems, over the
Internet. PaaS can be compared to renting all the tools and equipment necessary for building a house,
instead of renting the house itself. PaaS examples include Heroku and Microsoft Azure.

Infrastructure-as-a-Service (IaaS): In this model, a company rents the servers and storage they need
from a cloud provider. They then use that cloud infrastructure to build their applications. IaaS is like a
company leasing a plot of land on which they can build whatever they want — but they need to provide
their own building equipment and materials. IaaS providers include DigitalOcean, Google Compute
Engine, and OpenStack.

Formerly, SaaS, PaaS, and IaaS were the three main models of cloud computing, and essentially all cloud
services fit into one of these categories. However, in recent years a fourth model has emerged:

Function-as-a-Service (FaaS): FaaS, also known as serverless computing, breaks cloud applications down
into even smaller components that only run when they are needed. Imagine if it were possible to rent a
house one little bit at a time: for instance, the tenant only pays for the dining room at dinner time, the
bedroom while they are sleeping, the living room while they are watching TV, and when they are not
using those rooms, they don't have to pay rent on them.

FaaS or serverless applications still run on servers, as do all these models of cloud computing. But they
are called "serverless" because they do not run on dedicated machines, and because the companies
building the applications do not have to manage any servers.

Also, serverless functions scale up, or duplicate, as more people use the application — imagine if the
tenant's dining room could expand on demand when more people come over for dinner!

What are the different types of cloud deployments?

In contrast to the models discussed above, which define how services are offered via the cloud, these
different cloud deployment types have to do with where the cloud servers are and who manages them.

The most common cloud deployments are:

Private cloud: A private cloud is a server, data center, or distributed network wholly dedicated to one
organization.

Public cloud: A public cloud is a service run by an external vendor that may include servers in one or
multiple data centers. Unlike a private cloud, public clouds are shared by multiple organizations. Using

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

virtual machines and individual servers may be shared by different companies, a situation that is called
"multitenancy" because multiple tenants are renting server space within the same server.

Hybrid cloud: hybrid cloud deployments combine public and private clouds and may even include on-
premises legacy servers. An organization may use their private cloud for some services and their public
cloud for others, or they may use the public cloud as backup for their private cloud.

Multi-cloud: multi-cloud is a type of cloud deployment that involves using multiple public clouds. In
other words, an organization with a multi-cloud deployment rents virtual servers and services from
several external vendors — to continue the analogy used above, this is like leasing several adjacent plots
of land from different landlords. Multi-cloud deployments can also be hybrid cloud, and vice versa.

Creating Azure Subscription & First Resource Group -

Note: You only must create your Azure account (Tenant) and Subscription once, though technically you
could create multiple “Pay-As-You-Go” subscriptions if you wanted. The steps below assume you
already have your Azure account setup.

1. Within the Azure Portal, Create a Resource Group

2. Create a Storage Account within the Resource Group created in Step 1
3. Create a file on your local desktop and upload it into the Storage Account
4. Edit the file within the Storage Account (within the Azure Portal)
5. Download the file and observe the changes.
6. Delete the Resource Group created in step 1 (to ensure you don’t incur “cost”)
7. Verify that the Resource Group has been deleted. Finish.

Lab 2 – Azure Compute and Networking

Links:

Azure Network Security Groups - https://docs.microsoft.com/en-us/azure/virtual-network/network-

security-groups-overview

Part 1 (Create our Resources)

1. Create a Resource Group
2. Create a Windows 10 Virtual Machine (VM)
1. While creating the VM, select the previously created Resource Group
1. While creating the VM, allow it to create a new Virtual Network (Vnet) and Subnet
3. Create a Linux (Ubuntu) VM
1. While create the VM, select the previously created Resource Group and Vnet
4. Observe Your Virtual Network within Network Watcher

Part 2 (Observe ICMP Traffic)

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

5. Use Remote Desktop to connect to your Windows 10 Virtual Machine

5. Within your Windows 10 Virtual Machine, Install Wireshark
5. Open Wireshark and filter for ICMP traffic only
5. Retrieve the private IP address of the Ubuntu VM and attempt to ping it from within the
Windows 10 VM
1. Observe ping requests and replies within WireShark
5. From The Windows 10 VM, open command line or PowerShell and attempt to ping a public
website (such as www.google.com) and observe the traffic in WireShark
5. Initiate a perpetual/non-stop ping from your Windows 10 VM to your Ubuntu VM
1. Open the Network Security Group your Ubuntu VM is using and disable incoming
(inbound) ICMP traffic
1. Back in the Windows 10 VM, observe the ICMP traffic in WireShark and the command
line Ping activity
1. Re-enable ICMP traffic for the Network Security Group your Ubuntu VM is using
1. Back in the Windows 10 VM, observe the ICMP traffic in WireShark and the command
line Ping activity (should start working)
1. Stop the ping activity

Part 2 (Observe SSH Traffic)

11. Back in Wireshark, filter for SSH traffic only
11. From your Windows 10 VM, “SSH into” your Ubuntu Virtual Machine (via its private IP address)
1. Type commands (username, pwd, etc) into the linux SSH connection and observe SSH
traffic spam in WireShark
1. Exit the SSH connection by typing ‘exit’ and pressing [Enter]

Part 2 (Observe DHCP Traffic)

13. Back in Wireshark, filter for DHCP traffic only
13. From your Windows 10 VM, attempt to issue your VM a new IP address from the command line
(ipconfig /renew)
1. Observe the DHCP traffic appearing in WireShark

Part 2 (Observe DNS Traffic)

15. Back in Wireshark, filter for DNS traffic only
15. From your Windows 10 VM within a command line, use nslookup to see what google.com and
disney.com’s IP addresses are
1. Observe the DNS traffic being show in WireShark

Part 2 (Observe RDP Traffic)

17. Back in Wireshark, filter for RDP traffic only (tcp.port == 3389)
17. Oserve the immediate non-stop spam of traffic? Why do you think it’s non-stop spamming vs
only showing traffic when you do an activity?
1. Answer: because the RDP (protocol) is constantly showing you a live stream from one
computer to another, therefor traffic is always being transmitted

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Lab Cleanup (DON’T FORGET THIS)

19. Close your Remote Desktop connection.
19. Delete the Resource Group(s) created at the beginning of this lab
19. Verify Resource Group Deletion

Lab 3 – Ticketing Systems (osTicket)

osTicket Overview & Virtual Machine Creation Part 1

Links:
osTicket Installation Files:
https://drive.google.com/drive/u/1/folders/1APMfNyfNzcxZC6EzdaNfdZsUwxWYChf6

Part 1 (Create Virtual Machine in Azure)

 Create a Resource Group
 Create a Windows 10 Virtual Machine (VM) with 2-4 Virtual CPUs
1. When creating the VM, allow it to create a new Virtual Network (Vnet)
Part 2 (Installation)
Note: I wouldn't really consider this a “simple list” because the steps are just installing a bunch of
prerequisite software, but you can use it as a guide to work through the lab. No need to try to memorize
everything.
Create an Azure Virtual Machine Windows 10, 4 vCPUs
 Name: Vm-osticket
 Username: labuser (for example/whatever you chose)
 Password: osTicketPassword1! (for example/whatever you chose)

Open this: Installation Files

 We will use these files to install osTicket and some of the dependencies. I’m using this offline
version to make sure everyone is using the same version of all the files :)

Install / Enable IIS in Windows WITH CGI

 World Wide Web Services -> Application Development Features -> [X] CGI

From the Installation Files, download and install PHP Manager for IIS (PHPManagerForIIS_V1.5.0.msi)

From the Installation Files, download and install the Rewrite Module (rewrite_amd64_en-US.msi)

Create the directory C:\PHP

From the Installation Files, download PHP 7.3.8 (php-7.3.8-nts-Win32-VC15-x86.zip) and unzip the
contents into C:\PHP

From the Installation Files, download and install VC_redist.x86.exe.

From the Installation Files, download and install MySQL 5.5.62 (mysql-5.5.62-win32.msi)
 Typical Setup ->
 Launch Configuration Wizard (after install) ->

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

 Standard Configuration ->

 Password1

Open IIS as an Admin

Register PHP from within IIS

Reload IIS (Open IIS, Stop and Start the server)

Install osTicket v1.15.8

 Download osTicket from the Installation Files Folder
 Extract and copy “upload” folder to c:\inetpub\wwwroot
 Within c:\inetpub\wwwroot, Rename “upload” to “osTicket”

Reload IIS (Open IIS, Stop and Start the server)

Go to sites -> Default -> osTicket

 On the right, click “Browse *:80”

Note that some extensions are not enabled

 Go back to IIS, sites -> Default -> osTicket
 Double-click PHP Manager
 Click “Enable or disable an extension”
o Enable: php_imap.dll
o Enable: php_intl.dll
o Enable: php_opcache.dll
 Refresh the osTicket site in your browse, observe the changes

Rename: ost-config.php
 From: C:\inetpub\wwwroot\osTicket\include\ost-sampleconfig.php
 To: C:\inetpub\wwwroot\osTicket\include\ost-config.php

Assign Permissions: ost-config.php

 Disable inheritance -> Remove All
 New Permissions -> Everyone -> All

Continue Setting up osTicket in the browser (click Continue)

 Name Helpdesk
 Default email (receives email from customers)

From the Installation Files, download and install HeidiSQL.

 Open Heidi SQL
 Create a new session, root/Password1
 Connect to the session
 Create a database called “osTicket”

Continue Setting up osticket in the browser

 MySQL Database: osTicket

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

 MySQL Username: root

 MySQL Password: Password1
 Click “Install Now!”

Congratulations, hopefully it is installed with no errors!

 Browse to your help desk login page: http://localhost/osTicket/scp/login.php

End Users osTicket URL:

 http://localhost/osTicket/

Clean up
 Delete: C:\inetpub\wwwroot\osTicket\setup
 Set Permissions to “Read” only: C:\inetpub\wwwroot\osTicket\include\ost-config.php

Notes:
 Browse to your help desk login page: http://localhost/osTicket/scp/login.php
 End Users osTicket URL: http://localhost/osTicket/

Part 3 (Post Installation Setup)

 Configure Roles
1. Admin Panel -> Agents -> Roles
1. Supreme Admin
 Configure Departments
1. Admin Panel -> Agents -> Departments
1. System Administrators
 Configure Teams
1. Admin Panel -> Agents -> Teams
1. Level I Support
1. Level II Support
 Allow anyone to create tickets
1. Admin Panel -> Settings -> User Settings
1. Registration Required: Require registration and login to create tickets
 Configure Agents (workers)
1. Admin Panel -> Agents -> Add New
1. Jane
1. John
 Configure Users (customers)
1. Agent Panel -> Users -> Add New
1. Karen
1. Ken
 Configure SLA
1. Admin Panel -> Manage -> SLA
1. Sev-A (1 hour, 24/7)
1. Sev-B (4 hours, 24/7)
1. Sev-C (8 hours, business hours)
 Configure Help Topics
1. Admin Panel -> Manage -> Help Topics
1. Business Critical Outage

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

1. Personal Computer Issues

1. Equipment Request
1. Password Reset
Part 4 (Tickets and Ticket Lifecycle)
 Just practice creating, triaging, and solving tickets. I recommend watching the video to learn
about triaging multiple tickets.
 Ticket examples:
1. Sev-A (1 hour, 24/7) [entire mobile/online banking system is down] -> SysAdmins
1. Sev-B (4 hours, 24/7) [accounting department needs adobe upgrade, broken]
1. Sev-B/C (2 hours, business hours) [CFO’s laptop seems a bit slow]

Lab 4 – Virtual Private Networks (VPN)

What is a VPN?

VPN Setup and Usage (Proton VPN)

(Create Virtual Machine in Azure)

1. Browse to https://whatismyipaddress.com/ and take note of this in a text file

2. Create a Resource Group
3. Create a Windows 10 Virtual Machine in another geographic location (try a different country)
1. Log into the VM with Remote Desktop
1. Browse to https://whatismyipaddress.com/ and take note of this in a text file

(Sign up for ProtonVPN and test the VPN connection)

4. On your actual computer, sign up for the free version of Proton VPN
https://account.protonvpn.com/signup?plan=free&language=en
4. Back within your VM, download the Proton VPN client
1. Login to the VPN and choose a VPN server in yet another country (such as Japan)
1. Browse to https://whatismyipaddress.com/ and take note of this in a text file
4. Try browsing to Google, Disney, and/or Amazon and see if there is anything different about the
sites in relation to the location of your VPN server. For example, the language or URL may be
different

(Clean up Azure resources)

7. Delete the resource group you created in Step 2
7. Ensure the resources/Resource Group has been deleted.

Lab 5 – Active Directory

Active Directory Lab Overview

Deploying Active Directory and Creating Users

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

Setup Resources in Azure

1. Create the Domain Controller VM (Windows Server 2022) named “DC-1”
1. Take note of the Resource Group and Virtual Network (Vnet) that get created at this
time
2. Set Domain Controller’s NIC Private IP address to be static
3. Create the Client VM (Windows 10) named “Client-1”. Use the same Resource Group and Vnet
that was created in Step 1.a
4. Ensure that both VMs are in the same Vnet (you can check the topology with Network
Watcher

Ensure Connectivity between the client and Domain Controller

5. Login to Client-1 with Remote Desktop and ping DC-1’s private IP address with ping -t <ip
address> (perpetual ping)
5. Login to the Domain Controller and enable ICMPv4 in on the local windows Firewall
5. Check back at Client-1 to see the ping succeed

Install Active Directory

8. Login to DC-1 and install Active Directory Domain Services
8. Promote as a DC: Setup a new forest as mydomain.com (can be anything, just remember what
it is)
8. Restart and then log back into DC-1 as user: mydomain.com\labuser

Create an Admin and Normal User Account in AD

11. In Active Directory Users and Computers (ADUC), create an Organizational Unit (OU) called
“_EMPLOYEES”
11. Create a new OU named “_ADMINS”
11. Create a new employee named “Jane Doe” (same password) with the username of
“jane_admin”
11. Add jane_admin to the “Domain Admins” Security Group
11. Log out/close the Remote Desktop connection to DC-1 and log back in as
“mydomain.com\jane_admin”
11. User jane_admin as your admin account from now on

Join Client-1 to your domain (mydomain.com)

17. From the Azure Portal, set Client-1’s DNS settings to the DC’s Private IP address
17. From the Azure Portal, restart Client-1
17. Login to Client-1 (Remote Desktop) as the original local admin (labuser) and join it to the
domain (computer will restart)
17. Login to the Domain Controller (Remote Desktop) and verify Client-1 shows up in Active
Directory Users and Computers (ADUC) inside the “Computers” container on the root of the
domain
17. Create a new OU named “_CLIENTS” and drag Client-1 into there

Setup Remote Desktop for non-administrative users on Client-1

Downloaded by Oli Fel (olivirus1007@gmail.com)

 lOMoARcPSD|28432290

22. Log into Client-1 as mydomain.com\jane_admin and open system properties

22. Click “Remote Desktop”
22. Allow “domain users” access to remote desktop
22. You can now log into Client-1 as a normal, non-administrative user now
22. Normally you’d want to do this with Group Policy that allows you to change MANY systems at
once (maybe a future lab)

Create a bunch of additional users and attempt to log into client-1 with one of the users
27. Login to DC-1 as jane_admin
27. Open PowerShell_ise as an administrator
27. Create a new File and paste the contents of the script into it
(https://github.com/joshmadakor1/AD_PS/blob/master/Generate-Names-Create-Users.ps1)
27. Run the script and observe the accounts being created
27. When finished, open ADUC and observe the accounts in the appropriate OU
27. attempt to log into Client-1 with one of the accounts (take note of the password in the script)

Finish.

Lab 6 – DNS
Building Intuition for DNS

Lab 7 – Network File Shares and Permissions

Downloaded by Oli Fel (olivirus1007@gmail.com)