Learner Name Md Rezwan Amir

Learner Registration LEV3IT202502009

No.
Study Centre Name BITHM College of Professionals
Qualification Title OTHM Level 3 Foundation Diploma in Information Technology
Unit Reference No. Y/618/6092
Unit Title Networks
Word Count 4357
Submission Date 19/09/2025

Declaration of authenticity:
1. In submitting this assignment I acknowledge that I understand the definition of, and penalties for,
cheating, collusion and plagiarism as set out in the OTHM policy.
2. I declare that the attached submission is my own original work. No significant part of it has been
submitted for any other assignment and I have acknowledged in my notes and bibliography all written
and electronic sources used.
3. I acknowledge that my assignment will be subject to electronic scrutiny for academic honesty.
4. I understand that failure to meet these guidelines may instigate the centre’s malpractice procedures and
risk failure of the unit and / or qualification.
5.

_________________ _________________
Learner signature Tutor signature
Date: Date:

1
 INDEX:
Tasks Topic Page
no.

Networks

1.1 Explain a computer network. 3

1.2 Differentiate between ‘client computers’ and ‘peer computers’ 5

from network services perspective.

1.3 Describe local area network (LAN) and wide area network 7
(WAN).
1.4 Describe the benefits and constraints of different network 9
topologies.

2.1 Explain how hardware, software and addressing combine to 12

support network communications.

2.2 Describe potential issues with computer networks. 14

2.3 Explain the steps required to set up and test a simple local 15
area network.

3.1 Evaluate the features and services provided by a local and a 18

wide area network.

3.2 Identify security issues related to networking and how those 20

security issues can be minimized
3.3 Explain steps to configure security on a local area network. 22

References 25

2
1.1 Explain a computer network:

A computer network is a system of interconnected computers and devices [1] that can
share resources and exchange information. It’s a fundamental part of modern
computing, enabling businesses and individuals to work more efficiently. By connecting
devices, networks allow for a variety of functions that would be impossible with
standalone computers.

Sharing Resources [2]:

One of the primary purposes of a computer network is sharing hardware and software
resources. Instead of every user needing their own printer can serve an entire office,
significantly reducing costs. Similarly, a central server can host a database or
application, which all connected computers can access and use. This not only saves
money on licenses and hardware but also ensures everyone is using the same version
of the software and has access to the most up-to-date information.

Data and Communication:

Networks are vital for sharing common data among users. Files, documents, and
databases can be stored on a central server, allowing multiple people to work on the
same project simultaneously without creating multiple versions. This promotes
collaboration and ensures data consistency. Additionally, networks enable e-mail
communication between users, whether they’re in the same building or across the
globe. E-mail has become the standard for professional and personal communication,
and it wouldn’t be possible without a network infrastructure.

Intranets and Centralized Management [3]:

For businesses, a network can provide intranet, which is a private, internal network that
uses internet technology to share information securely within an organization. An
intranet acts as a central hub for company news, documents and resources, accessible
only to employees. It’s a powerful tool for internal communication and collaboration,
allowing teams to stay aligned and access critical information from a single, secure
location.
All these functions are made more efficient and secure through centralized
management services [11]. This means a single IT administrator or team can manage
the entire network from one location. They can install software updates, enforce security
policies, monitor network performance, and troubleshoot problems without having to
physically visit each computer. Centralized management streamlines IT tasks, improves
security by ensuring consistent policies across all devices, and reduces operational
costs. It makes managing a large, complex network much more feasible.

3
1.2 Differentiate between ‘Client Computers’ and ‘Peer Computers’ from network
services [11] perspective:
While both client computers and peer computers are fundamental components of a
network, their roles and the network architectures they operate within are distinctly
different. The key distinction lies in their relationship to services [11] and the distribution
of tasks within the network. This differentiation forms the basis of two primary network
models: the client-server model [4] and the peer-to-peer (P2P) model.

Client Computers:
In a client server network, a client computer is a machine that requests services [11] [4]
or resources from a central, dedicated server. It acts as a consumer of information and
resources, with its primary function being to connect to the server, send requests, and
receive responses. Clients don’t typically share their own resources with other clients;
their job is to access and utilize what the server provides.
A good real-world example is a web browser like Chrome or Firefox. Your computer,
running the browser, is the client. When you type a URL, your browser sends a request
to the web server that hosts the website. The server then processes this request and
sends the requested web page back to your computer. Other common examples
include email clients accessing a mail server or a company employee’s desktop PC
retrieving files from a central file server. The client-server model [4] is characterized by
its centralized nature, where a single server handles the heavy lifting, security, and
management for all the clients.

Peer Computers:
In a peer-to-peer (P2P) network [5], there is no central server. Instead, all computers, or
peers, are considered equal. Each peer can act as both a client and a server at the
same time. This means a peer can both request resources from another peer and
provide its own resources to others. This creates a distributed network where tasks and
resources are shared among all participants.
Thinking of file-sharing application like BitTorrent. When a movie is downloaded using
BitTorrent, the computer (a peer) requests pieces of the file from other computers on
the network that have those parts. At the same time, that computer is also uploading
pieces of the file already downloaded to other users who need them. Every machine
contributes to the network’s function. P2P networks are decentralized, making them
highly scalable and resilient, as there is no single point of failure. If one peer goes
offline, the network can still function because other peers can continue to provide and
request services [11].

Summary of Differences:
Feature Client Computers Peer Computers

Role Requests services from a Both requests and provides

server services

4
Network Client-server network Peer-to-peer (p2) network
model
Hierarchy A clear distinction between No clear hierarchy; all nodes are
clients and servers exists equal
Resource Do not share their own Share their resources (files,
sharing resources with other clients processing power) with other peers
Management Centralized, with the server Decentralized; each peer manages
handling security and control its own resources
Scalability More scalable and secure for Highly resilient to outages but can
and Security large-scale operations but be less secure and harder to
vulnerable to a server outage manage as they grow

In essence, the role of a computer in a network is defined by its relationship to the

services [11] being exchanged. A client is a consumer, dependent on a server, while a
peer is a dual-purpose participant, both consuming and contributing to the network’s
collective resources

1.3 Describe local area network (LAN) and wide area network (WAN):
Networks are the backbone of modern communication, and they come in many different
forms depending on their scale and purpose. The two most fundamental types are Local
Area Networks (LANs) and Wide Area Networks (WANs), which are primarily
differentiated by their geographical scope.
Local Area Network (LAN) [3]:
A LAN connects computers and devices within a limited physical area, such as home,
school, office building, or a small group of adjacent buildings.
LANs are typically owned and managed by a single organization. They are
characterized by their high data transfer speeds and low latency, thanks to the close
proximity of the connected devices. This makes them ideal for sharing resources like
files, printers, and a single internet connection among multiple users. Technologies like
Ethernet cables and Wi-Fi are the most common methods used to establish a LAN.

Wide Area Network (WAN) [1]:

In contrast, a WAN spans a much larger geographical area, connecting multiple LANs
over cities, countries, or even continents. A WAN is essentially a network of networks.
Unlike LANs, WANs often rely on public or third-party infrastructure, such as fiber-optic
lines, satellite links or leased telephone lines, to transmit data over long distances. The
internet is the largest and most well-known example of public WAN. The data transfer
speeds on a WAN are generally slower on a WAN are generally slower than on a LAN
due to the distance and the nature of the transmission media, and its design and
maintenance are much more complex.

Enhancing Networks: VLAN, WLAN, and VPN [10]:

While LAN and WAN define the physical scope of a network, other technologies like
VLAN, WLAN, and VPN [10] add layers of functionality, flexibility and security.
 Virtual Local Area Network (VLAN) [6]: A VLAN is a logical segmentation of a
physical LAN. It allows you to group devices and manage them as if they were on

5
 their own separate network, even if they’re physically connected to the same
switch. For example, a company might use VLANs to separate the accounting
department’s traffic from the marketing department’s traffic for enhanced security
and performance, all while using the same physical network infrastructure.
 Wireless Local Area Network (WLAN) [3]: A WLAN is simply a LAN that uses
wireless technology, like Wi-Fi, to connect devices. It provides the same benefits
of a traditional wired LAN but adds the convenience and mobility of wireless
connectivity. Home Wi-Fi network is a perfect example of a WLAN, allowing you
to connect users phone, laptop and other devices without cables.
 Virtual Private Network (VPN [10]) [10]: A VPN [10] extends a private network
across a public network (like the internet), allowing users to send and receive
data securely as if their device were directly connected to the private network. It
creates an encrypted “tunnel” for data, protecting it from prying eyes. For
business, a VPN [10] is crucial for allowing remote employees to securely access
company resources over a WAN. For individual users, a VPN [10] can be used to
protect privacy and access geo-restricted content. While not a type of network
itself, a VPN [10] is a critical service used to secure both LAN and WAN
connections.

1.4 Describe the benefits and constraints of different network

topologies:

Network topologies define the physical or logical arrangement of connected devices in a

network. The choice of topology significantly impacts a network’s performance,
scalability, resilience. Each topology has a unique set of benefits and constraints.

Linear Bus Topology [6]:

A linear bus topology connects all devices to a single communication line with
terminators at each end.
 Benefits: It’s simple to install and requires the least amount cabling, making it
cost-effective for small networks.
 Constraints: A single break in the main cable can bring down the entire network.
Troubleshooting is difficult, as it’s hard to isolate a fault. The performance
degrades with more devices, leading to collisions and slowdowns.

6
Ring Topology:
In a ring topology, devices are connected in a circular loop. Data travels in one
direction, from one device to the next.
 Benefits: Data packets can travel at high speeds without collisions, and it’s
relatively easy to manage. It’s also efficient at handling heavy network loads.
 Constraints: Like the bus topology, a single fault in the cable or a single
device failure can disrupt the entire network. Adding or removing a device
requires taking the whole network offline.

Star Topology [2]:

A star topology [6] connects all devices to a central hub, switch, or router. All data traffic
must pass through this central device.
 Benefits: It’s highly reliable because a failure in one device or cable won’t affect
the rest of the network. It’s easy to troubleshoot, as problems can be isolated to a
single connection. New devices can be added without disrupting the network.
 Constraints: The central device is a single point of failure; if it fails, the entire
network goes down. It also requires more cabling than bus or ring topologies,
which can increase cost.

Mesh Topology [6]:

In a mesh topology, every device s connected to every other device. This creates
multiple paths for data to travel.
 Benefits: It’s the most reliable and fault-tolerant topology. If one path fails, data
can be rerouted through another, ensuring continuous operation. It’s ideal for
mission-critical networks.
 Constraints: It is the most expensive and complex topology to implement due to
the massive amount of cabling and ports required, for which such complexity
makes it difficult to install and manage.

Tree Topology:
A tree topology is a hybrid of bus and star topologies. It features a central cable (like a
bus) from which multiple star-configured branches extended.
 Benefits: It allows for the expansion of an existing network with star topologies.
It’s scalable and easy to manage, as fault isolation is simpler than in a linear bus.
 Constraints: The main trunk line is a single point of failure; break in this central
cable would disrupt all the branches connected to it. And, the overall complexity
is higher than a simple star or bus topology.

Hybrid Topology:
A hybrid topology is a combination of two or more different topologies. For example, a
network could use a star topology [6] to connect devices in an office and a bus topology
to connect different departments.

7
  Benefits: It allows for the integration of existing networks and provides a high
degree of flexibility. It can be designed to maximize benefits and minimize the
constraints of individual topologies.
 Constraints: It is the most complex topology to design and manage. The cost
can be very high depending on the combination of topologies used.

In conclusion, the choice of network topology is a critical design decision. While the
simpler linear bus is cheap, it’s not fault-tolerant. The star topology [6] is reliable but has
a single point of failure. The mesh topology offers the highest reliability at the greatest
cost and complexity. Tree and hybrid topologies offer flexible, scalable solutions by
combining the strengths of different arrangements. A network administrator must weigh
these benefits and constraints to select the most suitable topology for their specific
needs.

8
2.1 Explain how hardware, software and addressing combine to support network
communications:
The ability of devices to communicate over a network is a complex process that relies
on a seamless integration of hardware, software, and a systematic addressing scheme.
Each of these components plays a crucial role, working in concert to ensure data can be
sent, routed, and received efficiently and accurately across a network.

Hardware Components:
At the most basic level, network communication is facilitated by various hardware
components. Workstations and servers (such as file, printer, and web servers) are the
endpoints of the network-the sources and destinations of data. To connect to a network,
these devices require a network card, like an ethernet card for a wired connection or a
wireless network card for a Wi-Fi connection. These cards translate the data from the
computer into a format that can be transmitted over the physical medium.
The physical layer of the network is built with network cabling, such as twisted-pair
(UTP, STP), coaxial or high-speed fiber-optic cables, which act as the pathways for
data. Connectors like RJ45 are used to terminate these cables and plug into network
cards and other devices. For a wired network to function, these cables connect to
central points like switches or routers. A switch is a device that forwards data packets to
the correct device within a local network, while a router is a more intelligent device that
directs traffic between different networks, such as personal home network and the
internet. For wireless communication, wireless devices like access points broadcast and
receive radio signals to connect to the network.

Communication and Addressing:

The flow of data is governed by the communication medium and an organized
addressing system. The physical medium (the cables or wireless signals) carries the
raw data. At the same time addressing provides the crucial “to” and “from” information
for every data packet. The two primary types of addresses are the MAC [8] (Media
Access Control) address [8], which is a unique hardware address hardcoded into a
network card, and the IP (Internet Protocol) address [7], which is a logical address
assigned to a device on a network. The IP address [7] allows routers to direct data
across the vast and interconnected web of networks, forming a WAN connectivity like
ADSL or broadband.

Software Integration:
Hardware and addressing would be useless without the controlling and coordinating
functions of software. The operating system (OS) provides the underlying software
stack that manages the network card and communication protocols. It handles the low-
level tasks of packaging data into packets, adding the necessary addressing
information, and handling it off to the hardware. Utility Software, such as network
configuration tools, helps users manage their connections.
Finally, application-based software is what we interact with directly. Programs like
internet browsers and email clients use the network stack provided by the OS to send

9
and receive information, A firewall [12], another crucial piece of software (or sometimes
hardware) acts as a gatekeeper, monitoring and controlling incoming and outgoing
network traffic based on a set of rules, protecting the system from security threats. All
these software layers, from the OS to the applications, abstract away the complexity of
the hardware and addressing, allowing us to use network intuitively.
In summary, network communications are a sophisticated collaboration between
hardware that transmits and routes data, an addressing system that provides a logical
map for that data, and a layered software structure that prepares the data for
transmission and allows users to interact with the network. Each part is essential for the
entire system to function.

2.2 Describe potential issues with computer networks:

Computer networks are very important for businesses and schools, but they can face
several problems that affect how well they work. One common issue is network speed
[1], which depends on bandwidth and how many people are using the network at the
same time. If too many users are online, the network can get slow, causing delays.
Another problem is cost. Setting up a network can be expensive because of the need
for hardware, software, and maintenance. Staff skills are also important because
networks need trained people to manage, fix, and monitor them. Without skilled staff,
problems may take longer to solve, and downtime can increase.

Downtime is another major concern [11]. If a network stops working, it can disrupt work,
lead to financial loss, or affect the reputation of an organization. Security issues are very
serious too [11]. Networks can face unauthorized access [11], data loss, viruses,
malware, and hacking. To prevent these risks, networks should have firewall [12]s,
antivirus software, and regular updates. Backups are also necessary so that data can
be recovered if something goes wrong, like a system crash or cyberattack.

In conclusion, while computer networks are essential, they also come with challenges
such as slow speeds, high costs, lack of skilled staff, downtime, and security threats.
Organizations need to plan carefully, use skilled staff, protect against security risks, and
maintain regular backups. Doing this helps networks run smoothly and keeps data safe,
making sure users can rely on them every day.

2.3 Explain the steps required to set up and test a simple local area network:

Setting up a Local Area Network (LAN) [3] is an important skill in computer networking
because it allows multiple devices to connect and share resources like files, printers,
and internet access. A LAN can be as simple as a few computers in a home or school,

10
or more complex in an office environment. To build and test a simple LAN, several steps
need to be followed carefully, including preparation, setup, testing, and troubleshooting.
Preparation is the first step. Before connecting any devices, it is essential to gather all
the required components. These usually include computers or laptops, network
interface cards (NICs), switches or hubs, routers, and cabling such as Ethernet cables.
You will also need the right software for managing the network and ensuring
connectivity. Preparing the area for installation is important, including checking that
there are enough power outlets and making sure cables will not create a trip hazard.
Awareness of health and safety is crucial during this stage to prevent accidents.
Setting up the LAN involves connecting the hardware first. Devices are linked using
Ethernet cables to a switch or hub. Each computer must have a network interface card
properly installed and configured. If a router is used, it should be set up to assign IP
address [7]es automatically using DHCP [9]. Once the hardware is ready, the software
is configured. This includes setting up the operating system network settings, ensuring
all devices are on the same subnet, and creating shared folders or printers. Security
should also be considered at this stage. Basic steps include configuring a firewall [12],
setting passwords for shared resources, and deciding user access rights.
A simple LAN can be either peer-to-peer or client-server. In a peer-to-peer network,
each computer can share files directly with the others. This type of network is easier to
set up for a small number of computers. In a client-server setup, one computer acts as a
server, managing shared files, printers, and user access, while the other computers act
as clients. Client-server networks provide better control and security, which is helpful in
a school or office environment.
Common faults can occur in a LAN. Address conflicts, where two devices try to use the
same IP address [7], are common. Network cards may fail or cabling can become faulty,
causing devices to lose connectivity. Problems may also affect specific services [11]
such as printers, file sharing, or email servers. Being able to recognize and address
these issues is essential for smooth operation.
Testing the network is an important step to ensure everything works correctly.
Functionality testing involves checking that devices can communicate with each other.
Connectivity testing ensures each computer can access shared resources and that the
server (if used) is reachable. IP address [7]ing should also be verified to make sure no
conflicts exist and that all devices are on the correct subnet. Simple tests include
pinging other devices or accessing shared folders and printers.
Security must be continually maintained. This includes configuring firewall [12]s to block
unauthorized access [11], setting file and folder permissions [2] to control who can read,
write, or delete files, and managing user rights to limit access to sensitive information.
Regular checks help prevent malware or hacking attempts.
Once the network is set up and secure, it can be used for various purposes. Users can
communicate through messaging or email, transfer files between computers, and
allocate file space for each user. Properly assigning user rights ensures that only
authorized users can access specific resources.
Troubleshooting is the final step in managing a LAN. Problems can arise due to
connectivity issues, incorrect IP address [7]es, or hardware failures. Diagnosing these
issues involves checking cables, testing network cards, reviewing IP configurations, and

11
verifying firewall [12] settings. Solving these problems quickly helps keep the network
running efficiently and reduces downtime.
In conclusion, setting up a simple LAN requires careful preparation, correct installation
of hardware and software, testing, and ongoing maintenance. Considering security, user
access, and potential faults ensures that the network runs smoothly and safely. By
following these steps, students and small organizations can create a reliable network for
communication, file sharing, and resource management. Learning these processes also
helps develop problem-solving skills for managing real-world computer networks.

3.1 Evaluate the features and services [11] provided by a local and a wide area
network:

Computer networks are everywhere in modern life, and they are mainly divided into
Local Area Networks (LANs) and Wide Area Networks (WANs). Both allow devices to
connect and share data, but they work at very different scales. To understand them
better, it is important to look at their main features like topology, types of networks,
addressing, and also the services [11] they provide such as communication, security,
and file transfer.
Features of LAN and WAN A key feature of any network is its topology. This basically
means the way devices are linked together. In a star topology [6], every computer
connects to a central hub or switch. This makes management easier, but if the central
device fails, the whole network can go down. A bus topology connects all devices
through one main cable. It is cheaper but can easily get overloaded when many devices
try to send data. A ring (or circle) topology connects each device in a loop, so the data
goes around until it reaches the right computer. The problem here is if one device fails,
it may affect the rest of the loop.
Another feature is the type of network. In a peer-to-peer LAN [5], computers can share
files and resources directly with each other. This is simple and works fine in small
networks like home setups. However, in bigger organizations, the client-server model [4]
is used. In this setup, one or more servers control access, files, and applications, which
makes it more secure and efficient for larger numbers of users.
Data rate [3] is also important. LANs usually have much higher speeds, often reaching
up to gigabits per second, because the devices are close together. WANs cover much
larger areas, sometimes even across countries, so they depend on public infrastructure
like the internet. This usually makes WANs slower and less reliable compared to LANs.
Addressing is another technical feature. Every device has an IP address [7] which is
used for identifying and routing data. There is also some MAC [8] addresses built into
the hardware. Both are important because they make sure the data reaches the correct
destination in a network.
Services of LAN and WAN Networks are not just about connections; they also provide
important services [11]. Communication is one of the most obvious. Services like email,
instant messaging, and video conferencing depend on networks. Within a LAN, people
in the same office can share files quickly, while a WAN allows communication between
different offices or even countries.

12
Login and security services [11] are another key part. Networks often require users to
log in with usernames and passwords to keep data secure. Security can include firewall
[12]s, encryption, and access controls. This is especially critical in WANs where data
may pass through public networks.
Software deployment is also an important service. In a LAN, an administrator can install
updates on all computers from one server, saving time. In WANs, companies can push
software updates to remote offices as well, making sure everyone is using the same
tools and versions.

Conclusion:
To sum up, LANs and WANs share many basic features but are used differently
depending on scale. LANs are faster and easier to set up for smaller areas, while WANs
allow global communication and access but usually at slower speeds. Both networks
provide essential services [11] such as communication, security, file transfer, and
software deployment, which are all crucial in today’s digital world.

3.2 Identify security issues related to networking and how those security issues
can be minimized:

In today’s world, networks are an important part of everyday life. Whether it is a small
home network, a school computer lab, or a large business network, all of them face
different kinds of security issues. Since networks are designed to share information
between devices, they can also become targets for hackers, viruses, and other threats.
If these issues are not handled properly, important data can be stolen, damaged, or
completely lost. That is why network security is such an important topic. In this
assignment, I will explain some of the main security issues in networking and then look
at how these issues can be minimized using methods like firewall [12] configuration, file
and folder permissions [2], access control, and user rights.

Common Security Issues in Networking:

One of the most common problems in networking is unauthorized access [11]. This
happens when someone who is not supposed to use the network manages to get in.
For example, if a school’s Wi-Fi password is shared outside, strangers could connect to
the network and possibly access files. In bigger organizations, hackers may try to break
into a network to steal private information such as passwords, bank details, or business
secrets.

Another major security issue is malware. Malware includes viruses, worms,

ransomware, and spyware. These can spread quickly through a network and cause
damage to files or even lock people out of their systems. Ransomware, for example,
can encrypt files and then demand money to unlock them.

Phishing attacks are also a big risk. This is when attackers trick users into giving away
personal information by pretending to be someone they trust, often through emails or
fake websites. Once they gain access, they can use the information to log in to the
network or install malicious software.

13
Data theft is another problem. Without proper protection, sensitive data such as exam
results in a school or financial records in a company can be stolen and misused.
Sometimes this is done by outside hackers, but it can also be an “insider threat,” where
someone within the organization uses their access for the wrong reasons.

Minimizing Security Issues:

The good news is that there are many ways to reduce these risks. The first and most
common method is using a firewall [12]. A firewall [12] acts like a barrier between the
internal network and the outside world. By configuring a firewall [12] properly,
administrators can control what kind of traffic is allowed in or out. For example, they can
block suspicious websites or stop unknown devices from connecting. Both hardware
and software firewall [12]s are used to prevent unauthorized access [11].

File and folder permissions [2] are also very important in keeping data safe.
Permissions decide who can read, write, or delete a file. For example, in a school
network, a teacher may have permission to edit exam papers, but students can only
view their own grades without making changes. By setting these permissions [2]
correctly, organisations can reduce the chance of data being accidentally or intentionally
changed by the wrong person.

Access control [11] is another key measure. This means controlling who can enter the
network in the first place. Strong password policies, two-factor authentication, and
biometric methods like fingerprints can make it harder for attackers to log in. Access
control [11] can also mean separating parts of the network. For instance, guests might
be given access only to the internet, but not to internal files.

User rights are related to permissions [2] but are broader. They define what tasks each
user can do within the system. For example, an administrator has the right to install
software, change settings, or add new users. Normal users, on the other hand, only
have the right to use applications and save their own work. By limiting user rights, the
chances of accidental changes or misuse of the system are reduced.

Education and awareness are also important for minimizing risks. Even if the best
security systems are in place, users can still make mistakes, like clicking on suspicious
links or sharing their passwords. Training students, staff, or employees about safe
online practices can prevent many problems.

Conclusion:

To conclude, networking security issues such as unauthorized access [11], malware,

phishing, and data theft can cause serious problems if left unmanaged. However, these
risks can be minimized through several methods. Configuring firewall [12]s, setting
proper file and folder permissions [2], using strong access control systems, and

14
carefully assigning user rights all play an important role in protecting networks. In
addition, educating users on how to behave safely in online adds another layer of
defense. Overall, network security is not about using just one method, but about
combining different techniques to make sure data and systems stay protected.

3.3 Explain steps to configure security on a local area network:

A Local Area Network (LAN) [3] allows computers and devices to communicate and
share resources within a limited area such as a school, office, or home. Because LANs
usually connect many users, keeping them secure is a very important task. Without
proper security, outsiders may gain access, data could be stolen, and the performance
of the network may be affected. Configuring security on a LAN involves several steps,
and each step focuses on preventing risks and ensuring that only authorized users can
connect. In this assignment, I will explain the main steps to secure a LAN, covering
wireless encryption methods like WEP [13], WPA [13], and WPA [13]2, the use of
DHCP [9], and the role of remote access.

Step 1: Securing Wireless Connections with Encryption

Most LANs today include wireless access points so that laptops, phones, and tablets
can connect without cables. While this is convenient, it is also one of the most
vulnerable points of a network. Wireless signals can travel outside a building, which
means that anyone nearby could attempt to connect. To stop this, wireless encryption is
used.

The oldest common method is WEP [13] (Wired Equivalent Privacy). WEP [13] was
designed to protect wireless connections by encrypting data between the device and the
access point. However, it is now considered weak because hackers found ways to
break the encryption quite easily. For that reason, WEP [13] is rarely used today except
on very old devices.

A more secure method is WPA [13] (Wi-Fi Protected Access). WPA [13] improved on
WEP [13] by using stronger encryption and a system called TKIP (Temporal Key
Integrity Protocol), which changes the encryption key frequently. This made it much
harder for attackers to crack.

The most widely used and recommended standard today is WPA [13]2. This method
uses AES (Advanced Encryption Standard), which is considered highly secure. In most
modern routers and access points, WPA [13]2 is the default option. Configuring security
on a LAN usually means logging into the wireless router’s settings, disabling WEP [13],
and enabling WPA [13]2 with a strong password that is not easy to guess.

Step 2: Configuring DHCP [9]

Another important step in securing a LAN is controlling how devices receive IP address
[7]es. The Dynamic Host Configuration Protocol [9] (DHCP [9]) automatically assigns IP

15
address [7]es to devices when they connect. While this is convenient, if not configured
correctly, it can also create risks.

For example, an attacker could set up a “rogue” DHCP [9] server and assign fake
addresses, redirecting traffic to their own system. To prevent this, administrators should
make sure there is only one DHCP [9] server active on the LAN. DHCP [9] can also be
configured to give out addresses only within a specific range. Some networks use static
DHCP [9] assignments, which means that each device always receives the same IP
address [7]. This makes monitoring and managing the network easier and safer.

Step 3: Controlling Access with Remote Access Settings

Remote access [10] is another important feature to consider. Many networks allow
users to connect from outside, for example employees working from home or students
accessing school resources. While useful, this can also open the door to security
threats if not configured properly.

To secure remote access, administrators can use VPN [10]s (Virtual Private Networks).
A VPN [10] encrypts the connection between the remote user and the LAN, which
prevents outsiders from intercepting the data. Another method is to use secure remote
desktop software that requires strong authentication before access is granted.

It is also important to limit remote access to only those users who actually need it. Not
every user should be able to log in from outside the LAN. By restricting access rights
and requiring strong passwords [11] or two-factor authentication, the network becomes
much safer.

Step 4: Setting Strong Passwords and Policies

Although not specific to just one protocol, another step in configuring LAN security is
setting strong passwords [11] for all devices, including routers, switches, and access
points. Default passwords are often very weak, and hackers can guess them easily.
Changing them to unique, complex passwords is a simple but effective step.

Policies should also be put in place to make sure users create strong passwords [11] for
their own accounts. For example, requiring at least eight characters with a mix of letters,
numbers, and symbols makes it harder for attackers to break into accounts.

Step 5: Monitoring and Updating [11]

Finally, LAN security is not just about the initial setup. It requires ongoing monitoring
and updates. Network devices like routers and switches should have their firmware
updated regularly to fix security holes. Logs should be checked to identify unusual
activity, such as repeated failed login attempts. DHCP [9] logs can also help identify
unfamiliar devices trying to connect.

Conclusion
In conclusion, configuring security on a local area network involves several important
steps. Wireless encryption is one of the first lines of defense, and using WPA [13]2

16
instead of older methods like WEP [13] makes the network far more secure. Configuring
DHCP [9] correctly ensures devices receive proper addresses without interference.
Remote access [10] should be protected with VPN [10]s or secure authentication, and
only allowed to users who really need it. Strong passwords and regular monitoring
further strengthen the LAN. By combining these steps, administrators can create a
secure network environment that protects data and ensures only authorized users are
able to connect.
References:

References
[1] A. Tanenbaum and D. Wetherall, *Computer Networks*, 5th ed. Harlow, U.K.:
Pearson, 2010.
[2] T. Lammle, *CompTIA Network+ Study Guide: Exam N10-008*, 5th ed. Hoboken,
NJ, USA: Wiley, 2022.
[3] “Types of computer networks: LAN, MAN, WAN, VPN, WLAN, SAN, PAN, EPN,”
*GeeksforGeeks*, 2023. [Online]. Available: [Link]
computer-networks/ [Accessed: 19-Sep-2025].
[4] “What is a client-server network?” *Cisco*, 2024. [Online]. Available:
[Link] [Accessed: 19-Sep-2025].
[5] “Peer-to-peer networking,” *Microsoft Learn*, 2024. [Online]. Available:
[Link]
[Accessed: 19-Sep-2025].
[6] “Computer network topologies explained,” *TechTarget*, 2023. [Online]. Available:
[Link] [Accessed:
19-Sep-2025].
[7] “IP addresses explained,” *Internet Assigned Numbers Authority (IANA)*, 2023.
[Online]. Available: [Link] [Accessed: 19-Sep-2025].
[8] “MAC address and IP address – what’s the difference?” *Kaspersky*, 2023. [Online].
Available: [Link]
address [Accessed: 19-Sep-2025].
[9] “What is DHCP (Dynamic Host Configuration Protocol)?” *Cloudflare*, 2024.
[Online]. Available: [Link]
[Accessed: 19-Sep-2025].
[10] “What is VPN? Virtual private networks explained,” *Cisco*, 2024. [Online].
Available: [Link]
clients/[Link] [Accessed: 19-Sep-2025].
[11] “What is network security?” *IBM Security*, 2024. [Online]. Available:
[Link] [Accessed: 19-Sep-2025].
[12] “Firewalls explained,” *National Institute of Standards and Technology (NIST)*,
2023. [Online]. Available: [Link] [Accessed: 19-Sep-
2025].
[13] “Wireless security protocols: WEP, WPA, WPA2 and WPA3,” *Wi-Fi Alliance*,
2023. [Online]. Available: [Link] [Accessed: 19-
Sep-2025].

17
[14] “Understanding remote access security,” *National Cyber Security Centre (NCSC)*,
2024. [Online]. Available: [Link] [Accessed:
19-Sep-2025].

18