network plus n10 004 study guide

8/4/2019 Network Plus N10 004 Study Guide

1/38

Network+ Study Guide (N10-004)

This is our study guide for CompTIA's Network+ certification exam (N10-004). We hope youfind this guide useful in your studies.

Domain 1.0: Network Technologies

Domain 1.1: Common Networking Protocols

TCP - TCP breaksdatainto manageable packets and tracks information such as source

and destination of packets. It is able to reroute packets and is responsible for guaranteed

delivery of the data.

IP - This is a connectionless protocol, which means that a session is not created beforesending data. IP is responsible for addressing and routing of packets betweencomputers.

It does not guarantee delivery and does not give acknowledgement of packets that are lost

or sent out of order as this is the responsibility of higher layer protocols such as TCP.UDP - A connectionless, datagram service that provides an unreliable, best-effortdelivery.

ICMP - Internet Control Message Protocol enables systems on a TCP/IP network to

share status and error information such as with the use of PING and TRACERT utilities.

SMTP - Used to reliably send and receive mail over the Internet.

FTP - File transfer protocol is used for transferring files between remote systems. Must

resolve host name to IP address to establish communication. It is connection oriented (i.e.verifies that packets reach destination).

TFTP - Same as FTP but not connection oriented.

ARP - provides IP-address to MAC address resolution for IP packets. A MAC address is

your computer's unique hardware number and appears in the form 00-A0-F1-27-64-E1(for example). Each computer stores an ARP cache of other computers ARP-IP

combinations.

POP3 - Post Office Protocol. A POP3 mailserverholds mail until the workstation isready to receive it.

IMAP - Like POP3, Internet Message Access Protocol is a standard protocol for

accessing e-mailfrom your local server. IMAP (the latest version is IMAP4) is a

client/server protocol in which e-mail is received and held for you by your Internetserver.

TELNET - Provides a virtual terminal or remote login across the network that is

connection-based. The remote server must be running a Telnet service for clients to

connect.HTTP - The Hypertext Transfer Protocol is the set of rules for exchanging files (text,

graphic images, sound, video, and other multimedia files) on the World Wide Web. It is

the protocol controlling the transfer and addressing of HTTP requests and responses.

HTTPS - Signifies that a web page is using the Secure Sockets Layer (SSL) protocol and

is providing a secure connection. This is used for secure internet business transactions.

NTP - Network Time Protocol is a protocol that is used to synchronize computer clocktimes in a network of computers.
http://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtml


2/38

SNMP - Stands for Simple Network Management Protocol and is used for monitoringand status information on a network. SNMP can be used to monitor any device that isSNMP capable and this can include computers, printers,routers, servers, gateways and

many more using agents on the target systems. The agents report information back to the

management systems by the use of traps which capture snapshot data of the system.

This trap information could be system errors, resource information, or other information.The SNMPv2 standard includes enhancements to the SNMPv1 SMI-specific data types,

such as including bit strings, network addresses, and counters. In SNMPv3 security was

addressed. Because all of the trap information sent was in clear text, any monitoringinformation being sent and collected for operational purposes could also be pulled off the

wire by a malicious person

SIPStands for Session Initiation Protocol and is a signaling protocol, widely used forcontrolling multimedia communication sessions such as voice and video calls over

Internet Protocol (IP). Other feasible application examples include video conferencing,

streaming multimedia distribution, instant messaging, presence information and online

games. The protocol can be used for creating, modifying and terminating two-party

(unicast) or multiparty (multicast) sessions consisting of one or several media streams.The modification can involve changing addresses or ports, inviting more participants,

adding or deleting media streams, etc.

RTPReal-time Transport Protocol is the audio and video protocol standard used to

deliver content over the Internet. RTP is used in conjunction with other protocols such as

H.323 and RTSP.

IGMPInternet Group Management Protocol is used to manage Internet Protocolmulticast groups. IP hosts and adjacent multicast routers use IGMP to establish multicast

group memberships. IGMP is only needed for IPv4 networks, as multicast is handled

differently in IPv6 networks.

TLS - Transport Layer Security is a cryptographic protocol that provides security for

communications over networks such as the Internet. TLS and SSL encrypt the segments

of network connections at the Transport Layer end-to-end. Several versions of the

protocols are in wide-spread use in applications like web browsing, electronic mail,Internet faxing, instant messaging and voice-over-IP (VoIP).

Domain 1.2: Identify Commonly Used TCP/UDP Ports

Ports are what an application uses when communicating between a client and server computer.

Some common ports are:

Protocol Type Number

FTP TCP 20,21SSH TCP 22

TELNET TCP 23

SMTP TCP 25

DNS TCP/UDP 53

DHCP UDP 67

TFTP UDP 69
http://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtml


3/38

HTTP TCP 80

POP3 TCP 110

NTP TCP 123

IMAP4 TCP 143

SNMP UDP 161HTTPS TCP 443

Domain 1.3: Identify the Following Address Formats

IPv4 - Every IP address can be broken down into 2 parts, the Network ID(netid) and the Host

ID(hostid). All hosts on the same network must have the same netid. Each of these hosts must

have a hostid that is unique in relation to the netid. IP addresses are divided into 4 octets with

each having a maximum value of 255. We view IPv4 addresses in decimal notation such as124.35.62.181, but it is actually utilized as binary data.

IP addresses are divided into 3 classes as shown below:

ClassRange

A 1-126

B


4/38

Domain 1.4: Proper Use of Addressing Technologies

Subnetting - IP addresses can be class A, B or C. Class A addresses are for networks with a

large number of hosts. The first octet is the netid and the 3 remaining octets are the hostid. Class

B addresses are used in medium to large networks with the first 2 octets making up the netid and

the remaining 2 are the hostid. Class C is for smaller networks with the first 3 octets making upthe netid and the last octet comprising the hostid. The Network ID and the Host ID are

determined by a subnet mask. The default subnet masks are as follows:

Class Default SubnetSubnets Hosts Per Subnet

Class A 255.0.0.0 126 16,777,214

Class B 255.255.0.0 16,384 65,534

Class C 255.255.255.0 2,097,152 254

What if you wanted more than 1 subnet? Subnetting allows you to create multiple logicalnetworks that exist within a single Class A, B, or C network. If you don't subnet, you will only

be able to use one network from your Class A, B, or C network. When subnetting is employed,

the multiple networks are connected with arouterwhich enables data to find its way between

networks. On the client side, a default gateway is assigned in the TCP/IP properties. The defaultgateway tells the client the IP address of the router that will allow their computer to

communicate with clients on other networks.

Classful versus Classless addressingthe original TCP/IP addressing method described above

was called classful addressing which worked by dividing the IP address space into chunks of

different sizes called classes. Classless addressing is referred to as Classless Inter-Domain

Routing (CIDR) and is done by allocating address space to Internet service providers and endusers on any address bit boundary, instead of on 8-bit segments. So 172.16.50.0 does not have to

use the standard subnet mask of 255.255.0.0 which makes a Class B address space and which

also puts it on the same network as 172.16.51.0 using the subnet mask of 255.255.0.0. (Withclassful addressing, our example has 172.16 as the network name and the 50.0 and 51.0 ranges

are both part of the same host naming convention). Instead, by using classless addressing

172.16.50.0/24 puts these systems on a different network than 172.16.51.0/24 because thenetwork names here are 172.16.50 and 172.16.51 which are different.

NAT - NAT stands for Network Address Translation and is a commonly used IP translation andmapping technology. Using a device (such as a router) or piece of software that implements NAT

allows an entire home or office network to share a single internet connection over a single IP

address. A single cable modem, DSL modem, or even 56k modem could connect all the

computers to the internet simultaneously. Additionally, NAT keeps your home network fairlysecure from hackers. NAT is built in to the most common Internet Connection Sharing

technologies.

PATPort Address Translation is a feature of a network device that translates TCP or UDPcommunications made between hosts on a private network and hosts on a public network. It

allows a single public IP address to be used by many hosts on a private network.


5/38

SNATSecure NetworkAddress Translation an extension of the standard Network Address

Translation (NAT) service. SNAT is done through one to one IP address translation of oneinternal IP address to one external IP address where NAT is effectively one external address to

many internal IP addresses.

DHCP - Dynamic Host Configuration Protocol provides a solution that automatically assigns IPaddresses to computers on a network. When a client is configured to receive an IP address

automatically, It will send out a broadcast to the DHCP server requesting an address. The server

will then issue a "lease" and assign it to that client. Some of the benefits of DHCP include thefollowing:

Prevents users from making up their own IP addresses.

Prevents incorrect gateway or subnet masks from being entered.

Decreases amount of time spent configuring computers especially in environments where

computers get moved around all the time.

APIPAStands for Automatic Private Internet Protocol Addressing. Client systems that areconfigured for automatic IP address assignment / dynamic IP assignment will attempt to useDHCP to make a request for an IP address lease for a given network. When the DHCP server is

unavailable the service on the client will automatically configure the system with an APIPA IP

address in the 169.254.0.1 through 169.254.255.254 address range with a subnet mask of255.255.255.0.

Unicast - the sending of information packets to a single network node. This type of network

transmission is used where a private or unique resource such as media servers are beingrequested for two way connections that are needed to complete the network communication. So

in the media server example, a client system may make the request for streaming content from

the single source and the responding system may leverage unicast as part of the response to thesession request to deliver the content.

Multicasta single source address responding to multiple destination addresses with

information to be sent. In a media server example, the single source address may need to sendthe data to multiple clients; it does this by sending the data with multiple destination IP

addresses. All the clients that see this network traffic will check to see if it is meant for them

with the supplied information. If it is not the client does not receive the data. If a network nodedoes see that the data is intended for them the device will respond by receiving the packet.

Broadcasttraffic sent out from a network node that will reach every other node on the subnet /

broadcast domain because the message is sent with the intent of reaching all nodes. The networknode that is sending the traffic will use the broadcast address for that subnet and every device in

that broadcast domain will receive the broadcast information. Generally the broadcast address is

the last IP address of that segment. As an example, in the IP address range of 192.168.0.0 thisbroadcast address would be 192.168.255.255 and the traffic would reach all available nodes on

the subnet. Additionally 255.255.255.255 could be used which is the broadcast address of the

zero network (0.0.0.0). Internet Protocol standards outline that the zero network stands for the

local network so only those node on the local network would hear the broadcast traffic across the


6/38

255.255.255.255 address.

Domain 1.5: Common IPv4 and IPv6 Routing Protocols

Link State routing protocolsare one of the two main classes of routing protocols used in

packet switching networks and includes protocols such as Open Shortest Path First (OSPF) andIntermediate System to Intermediate System (IS-IS). The link-state protocol is performed on

every router on the network, where every routing node constructs a map of the connectivity to

the network by showing which nodes are connected to each other. Each router calculates the nextbest logical hop from it to every possible known destination which forms the node's routing

table.

Open Shortest Path First (OSPF)is a dynamic routing protocol and is used on

Internet Protocol (IP) based networks of all sizeslarge to small. OSPF is an interior

gateway protocol (IGP) that routes IP packets within a single routing domain and wasdesigned to support variable-length subnet masking (VLSM) and Classless Inter-Domain

Routing (CIDR) addressing.Intermediate System to Intermediate System (IS-IS)a link state protocol that

operates by forwardingnetwork topologyinformation throughout a network of routers.Each router then independently builds a picture of the network's topology based on the

data received and the best topological path through the network to the destination. IS-IS

is an Interior Gateway Protocol (IGP) typically used on larger networks.

Distance-vector routing protocolsare one of the two main classes of routing protocols used

in packet switching networks and includes Routing Information Protocol (RIP) and InteriorGateway Routing Protocol (IGRP). uses distance as one factor and the vector as the other to

determine against the known routing tables to deliver data to source and destination locations.

Routers using the distance-vector routing protocol will update other routers of topology changesperiodically when a change is detected in the topology of a network.

Routing Information Protocol (RIPv1)RIP is a distance-vector routing protocol

using hop count as a routing metric. The maximum number of hops allowed forRIP is

15 which effectively limits the size of networks that RIP can support.

Routing Information Protocol (RIPv2)improved upon RIPv1 by having the ability toinclude subnet information with its updates which allows for Classless Inter-Domain

Routing (CIDR) support. The 30 second proactive broadcast has been eliminated in favor

of multicast advertisements for its updates. The 15 hop count limit remains so that the

devices are backwards compatible with RIPv1 devices.

Border Gateway Protocol (BGP)is the core routing protocol of the Internet. It

maintains a table of IP networks and the data that designates where and how to reach

each network through autonomous systems (AS). BGP makes routing decisions based on

path, network policies and / or rule sets.

Enhanced Interior Gateway Routing Protocol (EIGRP)a proprietary hybrid

protocol from Cisco that is a distance vector routing protocol that functions like a link

state routing protocol. EIGRP collects information and stores it in three tables; theNeighbor Table which stores the information about neighboring routers, the Topology


7/38

Table which contains only the information and data regarding the routing tables from

directly connected neighbors and the Routing table which stores the actual routes to alldestinations.

Domain 1.6: The Purpose and Properties of Routing

Interior Gateway Protocol (IGP)routing protocol that is used within an autonomous system

which is sometimes referred to as an administrative domain. One type of Interior GatewayProtocol are the Distance-vector routing protocols such as Routing Information Protocol (RIP),

Interior Gateway Routing Protocol (IGRP) and Enhanced Interior Gateway Routing Protocol

(EIGRP). Another type are the Link-state routing protocols such as Open Shortest Path First(OSPF) and Intermediate system to intermediate system (IS-IS)

Exterior Gateway Protocol (EGP)routing protocol that is used across different autonomous

systems / administrative domains. It was the routing protocol leveraged for Internet connecteddevices in the early 1980s. Border Gateway Protocol (BGP) is the replacement standard for

Internet routing over EGP.

Static Router Updatesa router with manually configured routing tables. For these types ofdevices, a network administrator will manually build and make updates to the routing table for

all routes in the administrative domain. Static routers are best suited for small internetworks; due

to the need of the manual administration, they do not scale well to large networks where routinginformation is often changed, updated and appended. Static routers are not fault tolerant because

when another network device goes down the manually input information may not necessarily

provide alternate pathing to a destination which makes it unreachable (unless quick, manualadministrative updates are made.)

Dynamic Router UpdatesA router with dynamically configured routing tables. This type of

automatic configuration is made up of routing tables that are built and maintained by ongoingcommunication between the routers only (by defaultthis does not include initial setup and

configuration or administrative needs for a persistent route configuration). Dynamic routing is

fault tolerant; if a router or link goes down, the routers sense the change in the network topology

when the learned route expires in the routing table and cannot be renewed due to the outage.

This change is then disseminated to other routers so that all the routers learn of the networkchanges. Routing Information Protocol (RIP) and Open Shortest Path First (OSPF) routing

protocols for IP and RIP for IPX are some of examples of protocols that can be used for thesedynamic updates.

Next Hopdefined as the next place that a data packet needs to go. In most cases, routers do not

need all of the information regarding where the originating source of the data transmission was.

In most cases routers just need to know where there data needs to go next and the next referredto as the next hop because all they are trying to do is deliver it to the specified destination IP

address that is included in the header information of the data being sent. If that router is the lasthop and can deliver it to the specified IP address it does otherwise it refers to its routing tables to

figure out which router to hand it off to in the effort to get the data packet where it needs to go.


8/38

Routing Tablessometimes referred to as a Routing Information Base (RIB), is the database

information that stores all the rout information for the routing network devices. The routing tableholds the route information regarding the topology of the network immediately around the device

to other network destinations and it will often include the metric / cost associated for the route.

There are three main route entries that are generally found in the routing tables - Network Route,

Host Route and the Default Route. The Network Route is route to a specific Network ID on thenetwork. The Host Route is a route to a specific network address. A Default route is the path

used if a physical router or other network routing device cannot find a route for the specified

destination.

Convergenceachieved when all of the available topology information from routing devices

have been passed along to all of the other deceives in totality and all when the informationgathered is not in a contradiction state to any other router's informed topology information.

When all of the network routing devices "agree" on what the network topology looks like it is

said to have full convergence.

Domain 1.7: Characteristics of Wireless Standards

Wireless networksallow computers to comunicate without the use of cables using IEEE 802.11standards, also known as Wi-Fi. A connection is made from a device, which is usually a PC or a

Laptop with awireless networkinterface card (NIC), and an Access Point (AP), which acts as a

bridge between the wireless stations and Distribution System (DS) or wired networks. An 802.11

wireless network adapter can operate in two modes, Ad-Hoc and Infrastructure. In infrastructure

mode, all your traffic passes through a wireless access point. In Ad-hoc mode your computers

talk directly to each other and do not need an access point. The table below shows the various

standards.

StandardSpeed DistanceFrequency802.11a 54 mbps 100 ft 5 GHz

802.11b 11 mbps 300 ft 2.4 GHz

802.11g 54 mbps 300 ft 2.4 GHz

802.11n 540 mbps 600 ft 5 GHz and/or 2.4 GHz

Authentication and Encryption:

WEP - Wired Equivalent Privacy is a security encryption algorithm that is easily

cracked. For this reason, it has been replaced by other technologies.

WPA - The original WPA standard used TKIP, but was later replaced by WPA2 which

uses a more secure AES-based algorithm. WPA uses a 256 bit key to encrypt data. Thiskey may be entered either as a string of 64 hexadecimal digits, or as a passphrase of 8 to

63 characters. It is susceptible to brute force attacks when a weak passphrase is used.

RADIUS - Remote Authentication Dial In User Service (RADIUS) is a networkingprotocol that provides centralized Authentication, Authorization, and Accounting (AAA)

management for computers to connect and use a network service. RADIUS is often used

by ISPs and enterprises to manage access to the Internet or internal networks, and
http://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtmlhttp://www.mcmcse.com/comptia/network/N10004_study_guide.shtml


9/38

wireless networks. Microsoft's answer to corporate wireless security is the use of

RADIUS authentication through its Internet Authentication Services (IAS) product.

TKIP - Temporal Key Integrity Protocol was designed as a solution to replace WEP

without requiring the replacement of legacy hardware. TKIP suffered from similar flaws

as WEP and has been replaced by more secure encryption schemes.

Domain 2.0: Network Media and Topologies

Domain 2.1: Standard Cable Types and Their Properties

Cable Types:

Type Description

CAT3Unshielded twisted pair capable of speeds up to 10Mbit/s. Used with 10Base-T,100Base-T4, and 100Base-T2 Ethernet.

CAT4 Unshielded twisted pair capable of speeds up to 20Mbit/s. Not widely used. Usedwith 10Base-T, 100Base-T4, and 100Base-T2 Ethernet.

CAT5Unshielded twisted pair capable of speeds up to 100Mbit/s. May be used with10Base-T, 100Base-T4, 100Base-T2, and 100Base-TX Ethernet.

CAT5e

Enhanced Cat 5 is similar to CAT5, but exceeds its performance. Improved

distance over previous categories from 100m to 350m. May be used for 10Base-T,

100Base-T4, 100Base-T2, 100BaseTX and 1000Base-T Ethernet.

CAT6

Can transmit data up to 220m at gigabit speeds. It has improved specifications for

NEXT (Near End Cross Talk), PSELFEXT (Power Sum Equal Level Far End

Cross Talk), and Attenuation. Cat 6 is backward compatible with lower Category

grades and supports the same Ethernet standards as Cat 5e.

MultimodeFiber

Multimode fibers have large cores. They are able to carry more data than single

mode fibers though they are best for shorter distances because of their higher

attenuation levels.

Single Mode

Fiber

Single Mode fibers have a small glass core. Single Mode fibers are used for highspeed data transmission over long distances. They are less susceptible to

attenuation than multimode fibers.

RG59 and

RG6

These are both shielded coaxial cables used for broadband networking, cable

television, and other uses.

Serial

A serial cable is a cable that can be used to transfer information between two

devices using serial communication, often using the RS-232 standard. Typically useD-subminiature connectors with 9 or 25 pins. Cables are often unshielded, although

shielding cables may reduce electrical noise radiated by the cable.

Shielded twisted pair (STP) - differs from UTP in that it has a foil jacket that helps prevent

cross talk. Cross talk is signal overflow from an adjacent wire.

EMI - Electrical devices such as printers, air conditioning units, and television monitors can be


10/38

sources of electromagnetic interference, or EMI. Some types of network media have more

resistance to EMI than others. Standard UTP cable has minimal resistance to EMI, while fiberoptic cable is highly resistant.

Plenum grade cabling - is required if the cabling will be run between the ceiling and the next

floor (this is called the plenum). Plenum grade cabling is resistant to fire and does not emitpoisonous gasses when burned.

Simplex - Signals can be passed in one direction only.

Half Duplex - Half duplex means that signals can be passed in either direction, but not in both

simultaneously.

Full Duplex - Full duplex means that signals can be passed in either direction simultaneously.

Domain 2.2: Common Connector Types

BNC - This connector has found uses with both broadcast television

equipment and computer networks. With regards to networking, thisconnector was used on early 10Base-2 (Thinnet) Ethernet networks. It

has a center pin connected to the center coaxial cable conductor and ametal tube connected to the outer cable shield. A rotating ring outside the tube locks the cable to

the female connector.

RJ-11 - Short for Registered Jack-11, a four or six-wire connector usedprimarily to connect telephone equipment in the United States (POTS).

The cable itself is called category 1 (Cat 1) and is used for dial-up

connections. Modems have rj-11 jacks that connect them to the wall

outlet.

RJ-45 - Short for Registered Jack-45, it is an eight-wire connector

used commonly to connect devices on Ethernet LANs. RJ-45connectors look similar to RJ-11 connectors used for connecting

telephone equipment, but they are larger.

ST - The ST connector is a fiber optic connector which uses a plug and

socket which is locked in place with a half-twist bayonet lock. The ST

connector was the first standard for fiber optic cabling. ST Connectors

are half-duplex.


11/38

SC - The SC connector is a fiber optic connector with a push-pull

latching mechanism which provides quick insertion and removal whilealso ensuring a positive connection. SC Connectors are half-duplex.

LC - The LC connector is just like a SC connector only it is half thesize. Like SC connectors, LC connectors are half-duplex.

RS-232 - A standard for serial binary data interconnection between a

DTE (Data terminal equipment) and a DCE (Data communication

equipment). Commonly found in use with bar code scanners, measuringtools, and laboratory instruments are designed to interface to a computer

using a standard RS232 serial cable connection. Many of these uses are being replaced with USB

enabled devices. The connector is a DB-9 or DB-25 connector.

Domain 2.3: Common Physical Network Topologies

Star - The star topology uses twisted pair (10baseT or 100baseT) cabling andrequires that all devices are connected to a hub. Advantages are centralized

monitoring, and failures do not affect others unless it is the hub, easy to modify.

The disadvantage is that the hub is a single point of failure. If it goes down, there

are no communications possible.

Mesh - In a true mesh topology every node has a connection to every other nodein the network. A full mesh provides redundancy in case of a failure between

links, but is impractical due the complexity and the expensive amount of cabling

required.

Bus - This topology is an old one and essentially has each of the computers onthe network daisy-chained to each other. Packets must pass through all

computers on the bus. This type is cheap, and simple to set up, but causes excess

network traffic, a failure may affect many users, and problems are difficult totroubleshoot.

Ring - A ring topology has a physical and logical ring and is used on SONETand FDDI networks (note that Token Ring networks are actually a hybrid star ring topology).

Any station can send a packet around the ring but only the station with the token can do so. The

token is passed around the ring giving all stations an opportunity to communicate. This is a very

fast and simple network. However if any part of the ring goes down, the entire LAN goes down.If there is a problem at a station, it may be difficult to locate it. Ring networks are not very

common.


12/38

Point-to-point - This topology generally refers to a connection restricted to twoendpoints. Point-to-point is sometimes referred to as P2P (not the same as peer-

to-peer file sharing networks), or Pt2Pt, or variations of this. Examples of this

topology include RS-232 serial connections as well as laser network connections

between buildings.

Point-to-Multipoint - Also known as P2MP, this is a method of communicationbetween a series of receivers and transmitters to a central location. The most

common example of this is the use of a wireless access point that provides a

connection to multiple devices.

Hybrid - Hybrid topologies are combinations of the above and are common on very large

networks. For example, a star bus network has hubs connected in a row (like a bus network) and

has computers connected to each hub as in the star topology.

Domain 2.4: Wiring Standards

568A and 568B - The number 568 refers to the order in which the individual wires inside a CAT

5 cable are terminated. The only difference between the two standards is that the green and

orange pins are terminated to different pins. There is no difference in signal and both the 568A

and 568B are used as patch cords for Ethernet connections.

Straight through vs Crossover - A straight through cable uses either the 568A or 568B wiring

standard and is used for connecting devices to routers, hubs, switches, etc. An crossover cable isused to connect computing devices together directly (i.e. connecting 2 computers directly

together). A crossover cable uses the 568A standard on one end and 568B on the other end.

Rollover - Rollover cable (also known as Cisco console cable) is a type of null-modem cablethat is most commonly used to connect a computer terminal to a router's console port. This cable

is typically flat and has a light blue color. It gets the name rollover because the pinouts on one

end are reversed from the other, as if the wire had been rolled over and you were viewing it fromthe other side.

Loopback - A loopback cable redirects the output back into itself and is used for troubleshootingpurposes (loopback test). This effectively gives the NIC the impression that it is communicating

on a network, since its able to transmit and receive communications.

Domain 2.5: WAN Technology Types and Properties

Frame Relay - Frame relay is a secure, private network that utilizes a logical path or virtualcircuit to allocate bandwidth for high performance transmissions. Frame relay is the premierhigh-speed packet-switching protocol communicating data, imaging, and voice between multiple

locations. Frame relay is available in a range of bandwidths from 56 Kbps to full T1 (1.54

Mbps).


13/38

T-1/T-3 - A T-1 is a dedicated phone connection supporting data rates of 1.544Mbps. A T-1

line actually consists of 24 individual channels, each of which supports 64Kbits per second. Each64Kbit/second channel can be configured to carry voice or data traffic. Most telephonecompanies allow you to buy just some of these individual channels, known as fractional T-1

access. T-1 lines are a popular leased line option for businesses connecting to the Internet and for

Internet Service Providers (ISPs) connecting to the Internet backbone. The Internet backboneitself consists of faster T-3 connections. T-1 comes in either copper or fiber optics.

ATM - ATM stands for Asynchronous Transfer Mode and is a high-speed, packet-switching

technique that uses short fixed length packets called cells. ATM can transmit voice, video, and

data over a variable-speed LAN and WAN connections at speeds ranging from 1.544Mbps to ashigh as 622Mbps. ATM is capable of supporting a wide range of traffic types such as voice,

video, image and data.

SONET - SONET and SDH are a set of related standards for synchronous data transmissionover fiber optic networks. SONET is short for Synchronous Optical NETwork and SDH is anacronym for Synchronous Digital Hierarchy. SONET is the United States version of the standard

and SDH is the international version. SONET defines a base rate of 51.84 Mbps and a set of

multiples of the base rate known as "Optical Carrier levels." (OCx). Speeds approaching 40gigabits per second are possible.

ISDN - Integrated Services Digital Network (ISDN) is comprised of digital telephony and

data-transport services offered by regional telephone carriers. ISDN involves the digitalization of

the telephone network, which permits voice, data, text, graphics, music, video, and other sourcematerials to be transmitted over existing telephone wires. There are 2 types of ISDN channels:

B (bearer) - Transfers data at 64Kbps. An ISDN usually contains 2 B channels for a totalof 128kbps.

D (data) - Handles signalling at either 16Kbps or 64Kbps(sometimes limited to 56Kbps)

which enables the B channel to strictly pass data

Connection Speed Medium

ISDN BRI 64kbps/channel Twisted-pair

ISDN PRI 1,544kbps Twisted-pair

POTS Up to 56 Kbps Twisted pair

PSTN 64kbps/channel Twisted-pair

Frame Relay 56kbps-45mbps Varies

T-1 1.544 Mbps Twisted-pair, coaxial, or optical fiber

ADSL 256Kbps to 24Mbps (ADSL 2+) Twisted-pair

SDSL 1.544mbps Twisted-pairVDSL 100mbps Twisted-pair

Cable modem 512 Kbps to 52 Mbps Coaxial

Satellite 1gbps (avg 1-5mbps) Air

T-3 44.736 Mbps Twisted-pair, coaxial, or optical fiber

OC-1 51.84 Mbps Optical fiber

OC-3 155.52 Mbps Optical fiber


14/38

Wireless 1gbps Air

ATM 10gbps Optical fiber

SONET 10gbps Optical fiber

Packet and Circuit Switching - Packet switching refers to protocols in which messages are

divided into packets before they are sent. Each packet is then transmitted individually and can

even follow different routes to its destination. Once all the packets forming a message arrive atthe destination, they are recompiled into the original message. Most modern Wide Area Network

(WAN) protocols, including TCP/IP and Frame Relay are based on packet-switching

technologies. In contrast, normal telephone service is based on a circuit-switching technology, in

which a dedicated line is allocated for transmission between two parties. Circuit-switching isideal when data must be transmitted quickly and must arrive in the same order in which it is sent.

This is the case with most real-time data, such as live audio and video. Packet switching is more

efficient and robust for data that can withstand some delays in transmission, such as e-mail

messages and Web pages.

Domain 2.6: LAN Technology Types and Properties

Ethernet - Ethernet is the most widely-installed local area network ( LAN) technology.

Specified in a standard, IEEE 802.3, Ethernet was originally developed by Xerox from an earlier

specification called Alohanet (for the Palo Alto Research Center Aloha network) and thendeveloped further by Xerox, DEC, and Intel. Early ethernet networks uses coaxial connections.

The most common types currently use twisted pair cabling, however, fiber optic cabling is

becoming much more common as standards and speeds increase. Below are some of the ethernet

standards:

Connection

Type Cable Type Connector

Maximum

Length Speed

10Base-TCategory 3 or better

UTP cableRJ-45

100 meters

(328 ft)

10

mbps

100Base-TX Cat 5 twisted pair RJ-45100 meters(328 ft)

100mbps

100Base-FX Fiber Optic ST, SC 2000 meters100

mbps

1000Base-T CAT5e or higher RJ-45100 meters(328 ft)

1 gbps

1000Base-LX Laser over fiber SC

Up to 5000

meters 1 gbps

1000Base-SXShort wavelength

laser over fiberSC

Up to 550

meters1 gbps

1000Base-CX

Twinax or short haulcopper

9-Pin shielded D-subminiature

connector, or 8-pin ANSI fiber

channel type 2 (HSSC) connector.

25 meters 1 gbps

10GBASE- Shortwave laser over LC, SC 300 meters 10


15/38

SR multi-mode fiberoptics

Gbps

10GBASE-

LR

Laser over single-

mode fiber opticsLC, SC 2000 meters

10

Gbps

10GBASE-ER

Laser over either

single or multi-modefiber

LC, SC 40kilometers 10Gbps

10GBASE-

SW

Shortwave laser overmulti-mode fiber

optics

LC, SC 300 meters10

Gbps

10GBASE-

LW

Laser over single-

mode fiber opticsLC, SC 2000 meters

10

Gbps

10GBASE-

EW

Laser over eithersingle or multi-mode

fiber

LC, SC40

kilometers

10

Gbps

10GBASE-T Cat 5e (or higher)twisted pair

RJ-45 100 meters(328 ft)

10Gbps

CSMA/CD (Carrier Sense Multiple Access with Collision Detection) - In the early days ofethernet, when two hosts would send packets at the same time, a collision would occur. A

standard had to be created that would have the hosts follow rules relating to when they could

send data and when they could not. This standard is Carrier Sense Multiple Access with

Collision Detection, referred to as CSMA/CD. CSMA/CD forces computers to listen to thewire before sending in order to make sure that no other host on the wire is sending. If a collision

is detected, both of the senders will send a jam signal over the Ethernet. This jam signal indicates

to all other devices on the Ethernet segment that there has been a collision, and they should not

send data onto the wire.How Ethernet CSMA/CD Works

Bonding (AKA Link Aggregation, Port Trunking, EtherChannel, etc.) - Uses multiplenetwork cables/ports in parallel to increase the link speed beyond the limits of any one single

cable or port, and to increase the redundancy for higher availability.

Domain 2.7: Common Logical Network Topologies

Peer to Peer - A peer to peer network is one in which lacks a dedicated server and everycomputer acts as both a client and a server. This is a good networking solution when there are 10

or less users that are in close proximity to each other. A peer to peer network can be a securitynightmare, because the people setting permissions for shared resources will be users rather than

administrators and the right people may not have access to the right resources. More importantlythe wrong people may have access to the wrong resources, thus, this is only recommended in

situations where security is not an issue. P2P file sharing networks work under a similar

architecture, however, there are differences between them and the LAN networking architecture.

Client/Server - This type of network is designed to support a large number of users and uses
http://www.mcmcse.com/cisco/guides/csma.shtml#_blankhttp://www.mcmcse.com/cisco/guides/csma.shtml#_blankhttp://www.mcmcse.com/cisco/guides/csma.shtml#_blank


16/38

dedicated server/s to accomplish this. Clients log in to the server/s in order to run applications or

obtain files. Security and permissions can be managed by 1 or more administrators which whoset permissions to the servers' resources. This type of network also allows for convenient backup

services, reduces network traffic and provides a host of other services that come with the

network operating system.

VPN - A virtual private network is one that uses a public network (usually the Internet) to

connect remote sites or users together. Instead of using a dedicated, real-world connection such

as leased line, a VPN uses "virtual" connections routed through the Internet from the company'sprivate network to the remote site or employee.

VLAN - A virtual LAN is a local area network with a definition that maps workstations on abasis other than geographic location (for example, by department, type of user, or primary

application). The virtual LAN controller can change or add workstations and manage load-

balancing and bandwidth allocation more easily than with a physical picture of the LAN.

Network management software keeps track of relating the virtual picture of the local area

network with the actual physical picture.

Domain 2.8: Install components of Wiring Distribution

Vertical Cross Connectis a location within a building where cables originate and / or are

terminated, reconnected using jumpers or pass throughs or are connected to patch panels or other

similar devices where the locations are from upper or lower floors in the building. These cablescould be of multiple different types and mediums such as phone networks, data lines, copper

based, fiber channel, etc.

Horizontal Cross Connectsimilar to Vertical Cross Connect locations; these are within a

building where cables originate and / or are terminated but these locations are all on the same

floor or building level. As with Vertical Cross Connect configurations, these locations can be of

multiple different network types and mediums.

Patch Panelwall or rack mounted collection of data connections where all of the network

media converges. These rooms are generally some form of telecommunications closet in afacility and it is used to connect all of the different types of incoming and outgoing media types

on the LAN. When they all span the same floor of a building they are sometimes referred to as

Horizontal Cross Connect locations and when they span different levels of a location / differentfloors of a building they are sometimes referred to as Vertical Cross Connect locations. The main

Patch Panel room will often be the connection point for the LAN to be connected to the WAN

and / or the internet.

66 Blockis a legacy type of punch down block used to connect sets of 22 through 26 American

Wire Gauge (AWG) solid copper wire in a telephone system. They have a 25-pair standard non-

split capacity and generally are unsuited for traffic and data network communications above 10

megabits per second (Mbps).

Main Distribution Frame (MDF)is a wire distribution frame for connecting equipment


17/38

inside a facility to cables and subscriber carrier equipment outside of the facility. One example of

this is where all of the phone cabling inside a facility is run to planned phone locations (e.g.offices) back to the MDF. When the local telephone company makes the external connections

then all circuits are completed.

Intermediate Distribution Frame (IDF)is another place much like a Horizontal CrossConnect location or a Vertical Cross Connect location where network administrators can

physically change the network media around and where they can house other needed network

equipment such as routers, switches, repeaters and so forth.

25 Pairis a grouping of 25 pairs of wires all inside a single covering / housing or outer

insulation casing. It is best suited for telephone / voice cable runs rather than data cable runs andis generally used as a feeder cable.

100 Pairis a larger cabling segment to its 25 pair cousin but used in the same manner; all of

the 100 pairs of wires are inside a single covering / housing or outer insulation casing. It is best

suited for telephone / voice cable runs rather than data cable runs and is generally used as afeeder cable.

110 Blockis the more modern replacement of the legacy 66 Block and is used as a wiring

distribution point for wired telephone systems (voice) and other types of wired networking

(data). On one side of the block wires are punched down into RJ-11 connectors for voice and RJ-

45 connectors for data communications.

Demarcis the point of operational and administrative control change in a network. One

example of this is the Main Distribution Frame (MDF) point in a facility. This is where the wiredistribution frame for connecting equipment inside a facility to cables and subscriber carrier

equipment outside of the facility occurs and this is considered a demarcation point of the

operational control of the internal systems where it changes over to the control of the external

presence.

Demarc Extensionwhere the end of the line of the external administrative control is extended

beyond that actual endpoint. Exampleyou are one business inside of a large high rise buildingon the 15th floor only and the Main Distribution Frame (MDF) point is on the ground floor. Your

responsibility probably ends at the Intermediate Distribution Frame (IDF) on your floor and the

external administration (examplePhone Company) ends at the Main Distribution Frame(MDF) on the ground floor. The building administration owns all the cabling responsibility

between the Main Distribution Frame (MDF) on the ground floor and your Intermediate

Distribution Frame (IDF) on your floor. That cabling is effectively the Demarc Extension

Smart Jackis a network connection device that is used to connect your internal network to an

external service provider network. The device handles all of the code and protocol differences

between the two networks and is often the actual demarcation point between the two service

entities.

Wiring Installationis the physical installation of internal wiring in a facility. This may be the


18/38

pulls of copper phone and data lines to the running of fiber optic medium from the different cross

connect locations.

Wiring Terminationis the end point of networked cable runs that will generally end either in

a patch panel or a jack location in an office. This has historically been the copper wire runs

associated with phone lines to the RJ-11 jacks / blocks to the data lines on the RJ-45 connections.Wire termination is also a consideration on fiber optic pulls as well which requires a higher set of

skill level.

Domain 3.0: Network Devices

Domain 3.1: Common Network Devices

Hub - A physical layer network device used to connect multiple Ethernet

devices together. Active hubs act as a repeater and boost the signal in order toallow for it to travel farther, while passive hubs simply pass the signal

through. Most hubs have an uplink port that allows them to connect to otherhubs, a router, or other network devices.

Repeater: - A physical layer device that boosts signals in order

to allow a signal to travel farther and prevent attenuation.Attentuation is the degradation of a signal as it travels farther

from its origination. Repeaters do not filter packets and will forward broadcasts. Both segments

must use the same access method, which means that you can't connect a tokenring segment to an Ethernet segment. Repeaters can connect different cable

types as shown in the image.

Modem - The modem is a device that converts digital information to analog byMODulating it on the sending end and DEModulating the analog information into digital

information at the receiving end. Most modern modems are internal, however, they can be

internal or external. External modems are connected to the back of the system board via a RS-232 serial connection. Internal modems are installed in one of the motherboard's PCI or ISA

expansion slots depending on the modem. The modem contains an RJ-11 connection that is used

to plug in the telephone line. Modems have different transmission modes as follows:

Simplex - Signals can be passed in one direction only.Half Duplex - Half duplex means that signals can be passed in either direction, but not in

both simultaneously. Half-duplex modems can work in full-duplex mode.Full Duplex - Full duplex means that signals can be passed in either direction

simultaneously.

Modems can also be classified by their speed which is measured by the BAUD rate. One baud is

one electronic state change per second. Since a single state change can involve more than a

single bit of data, the Bits Per Second(BPS) unit of measurement has replaced it as a better


19/38

expression of data transmission speed. Common modem speeds are V.34 at 28.8 kbps, V.34+ at

33.6 kbps and V.90 at 56 Kbps.

Network Interface Card - A Network Interface Card, often abbreviated

as NIC, is an expansion board you insert into a computer so the computer

can be connected to a network. Most NICs are designed for a particulartype of network, protocol and media, although some can serve multiple

networks.

Media Converters - simple networking devices that make it possible to

connect two dissimilar media types such as twisted pair with fiber optic

cabling. They were introduced to the industry nearly two decades ago,and are important in interconnecting fiber optic cabling-based systems

with existing copper-based, structured cabling systems. They are also

used in MAN access and data transport services to enterprise customers. Fiber media converters

support many different data communication protocols including Ethernet, Fast Ethernet, Gigabit

Ethernet, T1/E1/J1, DS3/E3, as well as multiple cabling types such as coax, twisted pair, multi-mode and single-mode fiber optics. Media converter types range from small standalone devices

and PC card converters to high port-density chassis systems that offer many advanced featuresfor network management.

Switch - A switch is a network device that filters and forwards

packets between LAN segments and ensures that data goes straightfrom its origin to its proper destination. Switches remember the address of every node on the

network, and anticipate where data needs to go. A switch only operates with the computers on

the same LAN. This reduces competition for bandwidth between deviceson the network. It isn't smart enough to send data out to the internet, or

across a WAN. These functions require a router.

Bridge - Functions the same as a repeater, but can also divide a networkin order to reduce traffic problems. A bridge can also connect unlike network segments (ie. token

ring and ethernet). Bridges create routing tables based on the source address. If the bridge can't

find the source address it will forward the packets to all segments. Bridging methods:

Transparent - Only one bridge is used.Source-Route - Bridging address tables are stored on each PC on the networkSpanning Tree - Prevents looping where there exists more than one path between

segments

Wireless Access Point - A Wireless Access Point is a radio frequency transceiver

which allows your wireless devices to connect to a network. The WAP usually

connects to a wired network, and can relay data between the wireless devices(such as computers or printers) and wired devices on the network. A wireless

access point will support up to 32 wireless devices. The range of the wireless

signal depends greatly on obstructions such as walls. For more information about wireless

standards, see domain 1.7.


20/38

Router - Functioning at the network later of the OSImodel, a router is similar to a switch, but it can also

connect different logical networks or subnets and enable

traffic that is destined for the networks on the other side of the router to pass through. Routers

create or maintain a table of the available routes and can be configured to use various routingprotocols to determine the best route for a given data packet. Routers can connect networks that

use disimilar protocols. Routers also typically provide improved security functions over a switch.

Firewall - Either a hardware or software entity (or a combination

of both) that protects a network by stopping network traffic from

passing through it. In most cases, a firewall is placed on thenetwork to allow all internal traffic to leave the network (email to

the outside world, web access, etc.), but stop unwanted traffic

from the outside world from entering the internal network. This is

achieved by granting and denying access to resources based on a

set of configurable rules.

DHCP Server - A server that is responsible for assiging unique IP address to the computers on anetwork. A DHCP server prevents the assignment of duplicate IP addresses to clients and

reduces administrative effort in network configuration. A DHCP server is actually more of a

service that is found on network operating systems such as Windows 2002/2008 server, or on

network devices such as routers.

Domain 3.2: Specialized Network Devices

Multilayer Switch - A multilayer switch (MLS) is a computer networking device that switches

on OSI layer 2 like an ordinary network switch and provides extra functions on higher OSI

layers. Some MLSs are also able to route between VLAN and/or ports like a common router. The

routing is normally as quick as switching (at wirespeed). Some switches can use up to OSI layer7 packet information; they are called layer 4-7 switches, content-switches, web-switches or

application-switches.

Content Switch - The main function of a content switch is to inspect the network data that it

receives so that it can decide where on the network that data (or request) needs to be forwarded

to. Once this is determined the data is sent to the appropriate server which can handle the data. Inmost cases the switch looks to see what type of application or software the request is targeted at.

It does this by looking to see what port the requests is directed at. For example if the data is

targeted at an ftp port then the request will be sent to an ftp sever. The main benefit of this

approach is that the switch acts as a load balancer as it can balance data or requests across thedifferent type of application servers used by the business. A second major function that this type

of switch can perform is to look at the incoming requests and see which websites are targeted.

This is important for large enterprises or hosting companies. If for example a web hosting

company was hosting several thousand websites the switch could direct requests to the specificservers that the websites are running on. These devices tend to be very expensive.


21/38

IDS/IPS - These terms stand for Intrusion Detection System and Intrusion Prevention System

respectively. IDS is a device (or application) that monitors network and/or system activities formalicious activities or policy violations. IDS is a passive system that gives alerts when

something suspicious is detected and logs the events into a database for reporting. IPS, on the

other hand, sits inline with traffic flows on a network, actively shutting down attempted attacks

as theyre sent over the wire. It can stop the attack by terminating the network connection or usersession originating the attack, by blocking access to the target from the user account, IP address,

or other attribute associated with that attacker, or by blocking all access to the targeted host,

service, or application. Vendors are increasingly combining the two technologies into a singlebox, now referred to as IDPS. These devices are used with, not instead of, a firewall.

Load Balancer - A load balancer is a hardware and/or software solution that provides loadbalancing services. Load balancing is used to distribute workloads evenly across two or more

computers, network links, CPUs, hard drives, or other resources, in order to get optimal resource

utilization, maximize throughput, minimize response time, and avoid overload. Using multiple

components with load balancing, instead of a single component, may increase reliability through

redundancy. As an example, Google receives many, many more search requests than a singleserver could handle, so they distribute the requests across a massive array of servers.

Mutlifunction Network Devices - As you might guess, multifunction network devices combine

the function of individual devices into a single unit. An example is wireless access points which

often include one or more of the following: firewall, DHCP server, wireless access point, switch,

gateway, and router.

DNS Server - DNS is an Internet and networking service that translates domain names into IP

addresses. The internet is based on numerical IP addresses, but we use domain names becausethey are easier to remember. DNS is the service that looks up the IP address for a domain name

allowing a connection to be made. This process is very similar to calling information. You call

them with a name, they check their database and give you the phone number. The DNS service is

included with server operating systems (Windows 2003/2008, Linux, etc.) and network devicessuch as routers.

Bandwidth Shaper - Describes the mechanisms used to control bandwidth usage on thenetwork. Bandwidth shaping is typically done using software installed on a network server. From

this server, administrators can control who uses bandwidth, for what, and when. Bandwidth

shaping establishes priorities to data traveling to and from the Internet and within the network. Abandwidth shaper essentially performs two key functions: monitoring and shaping. Monitoring

includes identifying where bandwidth usage is high and at what time of day. After that

information is obtained, administrators can customize or shape bandwidth usage for the best

needs of the network. I am unaware why CompTIA listed this in the "network devices" sectionof their objectives, but bandwidth shapers are typicallysoftware.

Proxy Server - A proxy server acts as a middle-man between clients and the Internet providing

security, administrative control, and caching services. When a user makes a request for aninternet service and it passes filtering requirements, the proxy server looks in its local cache of

previously downloaded web pages. If the item is found in cache, the proxy server forwards it to
http://www.softperfect.com/products/bandwidth/mainwindow.gif#_blankhttp://www.softperfect.com/products/bandwidth/mainwindow.gif#_blankhttp://www.softperfect.com/products/bandwidth/mainwindow.gif#_blankhttp://www.softperfect.com/products/bandwidth/mainwindow.gif#_blank


22/38

the client. This reduces bandwidth through the gateway. If the page is not in the cache, the proxy

server will request the page from the appropriate server. Nowadays, the functions of proxyservers are often built into firewalls.

CSU/DSU - A Channel Service Unit/Data Service Unit (CSU/DSU) acts as a translator between

the LAN data format and the WAN data format. Such a conversion is necessary because thetechnologies used on WAN links are different from those used on LANs. Although CSU/DSU's

look similar to modems, they are not modems, and they don't modulate or demodulate between

analog and digital. All they really do is interface between a 56K, T1, or T3 line and serialinterface (typically a V.35 connector) that connects to the router. Many newer routers have

CSU/DSUs built into them.

Domain 3.3: Advanced Features of a Switch

PoE - Generally speaking, Power over Ethernet technology describes a system to safely pass

electrical power, along with data, on Ethernet cabling. Standard versions of PoE specify category

5 cable or higher. Power can come from a power supply within a PoE-enabled networking devicesuch as an Ethernet switch or from a device built for "injecting" power onto the Ethernet cabling.

IP Phones, LAN access points, and WiFi switches to RFID readers and network security

cameras. All of these require more power than USB offers and very often must be powered overlonger runs of cable than USB permits. In addition, PoE uses only one type of connector, an

8P8C (RJ45), whereas there are four different types of USB connectors.

Spanning Tree Protocol - Spanning Tree is one of three bridging methods a networkadministrator can use. Which method you use usually will be determined by the networks size.The simplest method is transparent bridging, where only one bridge or switch exists on the

network. The next is Source-Route, in which bridging address tables are stored on each PC on

the network. Then theres what you came for, spanning tree, which prevents loops where thereexists more than one path between segments. STP was upgraded to Rapid Spanning Tree

Protocol (RSTP).


23/38

VLAN - A broadcast domain is normally created by the router. With VLANs, a switch can

create the broadcast domain. This allows a virtual network, independent of physical location tobe created.

Trunking - VLANs are local to each switch's database, and VLAN information is not passed

between switches. Trunk links provide VLAN identification for frames traveling between

switches. The VLAN trunking protocol (VTP) is the protocol that switches use to communicateamong themselves about VLAN configuration.

Port Mirroring - Used on a network switch to send a copy of network packets seen on one

switch port (or an entire VLAN) to a network monitoring connection on another switch port.This is commonly used for network appliances that require monitoring of network traffic, such as

an intrusion-detection system.

Port Authentication - The IEEE 802.1x standard defines 802.1x port-based authentication as aclient-server based access control and authentication protocol that restricts unauthorized clients

from connecting to a LAN through publicly accessible ports. The authentication server validates

each client connected to a switch port before making available any services offered by the switchor the LAN.


24/38

Domain 3.4: Implement a Basic Wireless Network

Install Clientthe actual steps taken to set up a computer, laptop or other network connected

device to the network. This may be in the form of just getting it correctly configured to use

TCP/IP or more involved such as installing a software suite so that specific network parameters

can be leveraged for proper connectivity to network resources or resources on the domain.

Network Connections Dialog Boxused to configure different aspects of the network

connections by way of a graphical user interface (GUI) within the Microsoft Windows operatingsystems (Windows XP, Windows Vista, Server 2003, etc). With respect to peer to peer networks,

you can use the Network Tasks pane to Create a New Connection, Set up a Home or small office

network as well as change the Windows Firewall settings and view available wireless networks.

Wireless Network Connection Dialog Boxthe graphical user interface (GUI) within the

Microsoft Windows operating systems used to configure the wireless devices and their settings.

On the General tab you can configure the specific hardware settings (parameters, drivers, etc) as

well as the protocols (e.g. TCP/IP) and the network client that the device will use (e.g. Client forMicrosoft Networks). Additionally, you can install services from this screen as well (e.g. Virtual

Machine Network Service). The Wireless Networks tab will show you the available networksand allow you to configure preference for each of the networks encountered.

Access Point Placementcorrectly positioning your Wireless Access Points will allow for the

seamless use of wireless devices on your network. By correctly placing the devices, users willnot generally experience signal loss of their connection to the network. It is important to

understand that there are many things that affect the wireless access point signal with respect to

broadcast and receiving strength that include the construction and architecture of the buildingwhere the devices are distributed as well as general disruption of the frequency range that the

access points operate on by other devices (e.g. microwave ovens, cordless phones, etc).

Physical Locations of Wireless Access Points (WAPs)device placement best practicesinclude planning for more than just nominal half distances between devices. Consideration needs

to be given to what type of obstructions may be currently in the way (physical fire breaks in

between walls; metal superstructure, etc) as well as future plans to subdivide offices. Electricalmotors and other higher current carrying lines need to be considered as well to keep interference

to a minimum.

Wired or Wireless Connectivityplanning for WAP to WAP connections only or a mix of

wired and wireless connections. Its easier to connect WAP to WAP in a daisy chain signal relayconfiguration but when you do this you need to realize that a physical failure in one WAP device

may take out all the devices. It is more work and it costs more in time money and effort toconnect the WAPs using wired connections back to a switch or a router but it greatly reduces the

potential connectively loss on the network; the loss of a single WAP where the WAPs are wired

back results in only impacting the users of that one WAP instead of all WAPs up and

downstream.

Install Access Pointanother term for the Wireless Access Point(s) that will allow you to


25/38

correctly gain access to the network with your device. This point onto the network will allow the

client device to configure itself with the necessary encryption (if required) and any other networkrequired settings or else risk being defaulted off the network.

Configuring Encryptionwith respect to wireless clients these are the settings most commonly

used. Disabled simply means that everything is passed as clear text. Wired Equivalent Privacy(WEP) is the lowest form of the types of encryption available and is generally only used today to

allow legacy devices that cannot handle more robust encryption protocols to gain somewhat

secured access to the network. WEP has been challenged and defeated for a number of yearsmainly due to the increase in computing power and the fact that the keys are alphanumeric or

hexadecimal characters that are configured in 40 bit, 64 bit, 128 bit, 153 bit and 256 bit strength.

Wi Fi Protected Access (WPA) was created by the Wi-Fi Alliance to better secure wirelessnetworks and was created in response to the weaknesses researchers found in Wired Equivalent

Privacy (WEP). Temporal Key Integrity Protocol (TKIP) is used in WPA to encrypt the

authentication and encryption information that was initially passed on the wire in clear text

before a network node could secure its communications on the network. Wi Fi Protected Access

version 2 (WPA2) offers additional protection because it uses the strongest authentication andencryption algorithms available in the Advanced Encryption Standard (AES).

Configuring Channels and Frequenciesmost wireless routers work in the 2.4GHz frequency

range and require network administrators to set up the channels for the devices to use. 1, 6 and

11 are the main channels used because they generally will not be interfered with from other

devices such as cordless phones and Bluetooth devices that also work at this frequency range.

Setting ESSID and BeaconExtended Service Set identifier (ESSID) is the advertisement

from the Wireless Access Point that basically announces its availability for network devices tomake a connection. The announcement signal that is sent out is called the beacon.

Verifying Installation - the process that is outlined for making sure that all the settings needed

to connect a network node to the wireless device. The best practice steps generally include oninitial installation of the Wireless Access Point (WAP) to do so without any security to verify

that a client can get on the network. Once that is successful you would then incorporate the

security protocol that you wanted to use and to make sure the client can operate on the networkagain. Once this is successfully done it is assumed all other network nodes would be able to

successfully repeat the same steps to access the network securely and with the traffic encrypted.

Domain 4.0: Network Management

Domain 4.1: OSI Model

The OSI networking model is divided into 7 layers. Each layer has a different responsibility, and

all the layers work together to provide network data communication.

Layer Description


26/38

Application

Represents user applications, such as software for file transfers, database access,and e-mail. It handles general network access, flow control, and error recovery.

Provides a consistent neutral interface for software to access the network and

advertises the computers resources to the network.

Presentation

Determines data exchange formats and translates specific files from the Application

layer format into a commonly recognized data format. It provides protocolconversion, data translation, encryption, character-set conversion, and graphics-

command expansion.

Session

Handles security and name recognition to enable two applications on different

computers to communicate over the network. Manages dialogs between computers

by using simplex(rare), half-duplex or full-duplex. The phases involved in a sessiondialog are as follows: establishment, data-transfer and termination.

Transport

Provides flow control, error handling, and is involved in correction of

transmission/reception problems. It also breaks up large data files into smaller

packets, combines small packets into larger ones for transmission, and reassembles

incoming packets into the original sequence.

Network

Addresses messages and translates logical addresses and names into physical

addresses. It also manages data traffic and congestion involved in packet switching

and routing. It enables the option of specifying a service address (sockets, ports) topoint the data to the correct program on the destination computer.

Data Link

The interface between the upper "software" layers and the lower "hardware"

Physical layer. One of its main tasks is to create and interpret different frame types

based on the network type in use. The Data Link layer is divided into two sub-layers: the Media Access Control (MAC) sub-layer and the Logical Link Control

(LLC) sub-layer.

LLC sub-layer starts maintains connections between devices (e.g. server -workstation).

MAC sub-layer enables multiple devices to share the same medium. MACsub-layer maintains physical device (MAC) addresses for communicating

locally (the MAC address of the nearest router is used to send information

onto a WAN).

Physical

The specification for the hardware connection, the electronics, logic circuitry, and

wiring that transmit the actual signal. It is only concerned with moving bits of data

on and off the network medium. Most network problems occur at the Physical layer.

Here is an idiotic, yet easy way to remember the 7 layers. Memorize the following sentence: AllPeople Seem To Need Data Processing. The first letter of each word corresponds to the firstletter of the layers starting with Application and ending with the physical layer.

Domain 4.3: Evaluate the Network Based on Configuration Management Documentation

The topics covered in this section are either already covered elsewhere, or are too expansive for

the purposes of this guide. Consult your book(s) for more information about these topics.


27/38

Domain 4.4: Conduct Network Monitoring to Identify Performance and Connectivity Issues



Domain 4.5: Explain Different Methods and Rationales for Network Performance Optimization

The topics covered in this section are either already covered elsewhere, or are too expansive forthe purposes of this guide. Consult your book(s) for more information about these topics.

Domain 4.6: Implement the Following Network Troubleshooting Methodology



Domain 4.7: Troubleshoot Common Connectivity Issues and Select an Appropriate Solution

The topics covered in this section are either already covered elsewhere, or are too expansive forthe purposes of this guide. Consult your book(s) for more information about these topics.

Domain 5.0: Network Tools

Domain 5.1: Command Line Interface Tools

Traceroute - A command-line troubleshooting tool that enables you to view the route to aspecified host. This will show how many hops the packets have to travel and how long it takes.In Windows operating systems, the command used is "tracert".

IPCONFIG - This command is used to view network settings from a Windows computer

command line. Below are the ipconfig switches that can be used at a command prompt.


28/38

ipconfig /all will display all of your IP settings.ipconfig /renew forces the DHCP server, if available to renew a lease.

ipconfig /release forces the release of a lease.

IFCONFIG - IFCONFIG is a Linux/Unix command line tool that is similar to IPCONFIG in

Windows. Common uses for ifconfig include setting an interface's IP address and netmask, anddisabling or enabling a given interface. At boot time, many UNIX-like operating systems

initialize their network interfaces with shell-scripts that call ifconfig. As an interactive tool,

system administrators routinely use the utility to display and analyze network interfaceparameters.

PING - PING (Packet InterNet Groper) is a command-line utility used to verify connections

between networked devices. PING uses ICMP echo requests that behave similarly to SONAR

pings. The standard format for the command is ping ip_address/hostname. If successful, the ping

command will return replies from the remote host with the time it took to receive the reply. Ifunsuccessful, you will likely recieve and error message. This is one of the most important tools

for determining network connectivity between hosts.

ARP (Address Resolution Protocol) - A host PC must have the MAC and IP addresses of aremote host in order to send data to that remote host, and it's ARP that allows the local host to

request the remost host to send the local host its MAC address through an ARP Request. Guide

To ARP, IARP, RARP, and Proxy ARP

ARP PING (ARPING) - ARPING is a computer software tool that is used to discover hostson a computer network. The program tests whether a given IP address is in use on the local

network, and can get additional information about the device using that address. The arping tool

is similar in function to ping, which probes hosts using the Internet Control Message Protocol atthe Internet Layer (OSI Layer 3). Arping operates at the Link Layer (OSI Layer 2) using the

Address Resolution Protocol (ARP) for probing hosts on the local network (link) only, as ARPcannot be routed across gateways (routers). However, in networks employing repeaters that use

proxy ARP, the arping response may be coming from such proxy hosts and not from the probed

target.

NSLOOKUP - This is a command that queries a DNS server for machine name and addressinformation. Originally written for Unix operating systems, this command is now available on

Windows and other operating systems. To use nslookup, type "nslookup" followed by an IP

address, a computer name, or a domain name. NSLOOKUP will return the name, all known IP

addresses and all known aliases (which are just alternate names) for the identified machine.NSLOOKUP is a useful tool for troubleshooting DNS problems.
http://www.mcmcse.com/cisco/guides/arp.shtml#_blankhttp://www.mcmcse.com/cisco/guides/arp.shtml#_blankhttp://www.mcmcse.com/cisco/guides/arp.shtml#_blankhttp://www.mcmcse.com/cisco/guides/arp.shtml#_blankhttp://www.mcmcse.com/cisco/guides/arp.shtml#_blankhttp://www.mcmcse.com/cisco/guides/arp.shtml#_blankhttp://www.mcmcse.com/cisco/guides/arp.shtml#_blank


29/38

Hostname - The hostname command is used to show or set a computer's host name anddomain name. It is one of the most basic of the network administrative utilities. A host name is a

name that is assigned to a host (i.e., a computer connected to the network) that uniquely

identifies it on a network and thus allows it to be addressed without using its full IP address.Domain names are user-friendly substitutes for numeric IP addresses.

Dig (domain information groper) - Dig is a Linux/Unix tool for interrogating DNS nameservers. It performs DNS lookups and displays the answers that are returned from the name

server(s) that were queried.

Mtr - Mtr is a Linux command line tool that combines the functionality of the traceroute andping programs in a single network diagnostic tool.

Route - The route command is used to display and manipulate a local routing table. Examples

of its use include adding and deleting a static route. This tool is available in Unix, Linux and

Windows.

NBTSTAT - Is a Windows utility used to troubleshoot connectivity problems between 2computers communicating via NetBT, by displaying protocol statistics and current connections.NBTSTAT examines the contents of the NetBIOS name cache and gives MAC address.

NETSTAT - Is a Windows, Linux, and Unix command-line tool that displays networkconnections (both incoming and outgoing), routing tables, and a number of network interface

statistics. NBTSTAT examines the contents of the NetBIOS name cache and gives MAC

address. It is used for finding problems in the network and to determine the amount of traffic onthe network as a performance measurement.

Domain 5.2: Network Scanners

Packet Sniffers - A packet sniffer is a device or software used to capture packets travelingover a network connection. The packets are logged and can be decoded in order to provide

information and statistics about the traffic on the network or network segment. These tools areused for troubleshooting difficult network problems, monitoring network traffic, and detecting

intrusion attempts. Also known as Packet Analyzers.

Intrusion Detection Software - This was covered earlier in domain 3.1.


30/38

Intrusion Prevention Software - This was covered earlier in domain 3.1.

Port Scanners - A port scanner is a program designed to probe network hosts for open ports.This is often used by administrators to verify security policies of their networks and by attackers

to identify running services on a host that can be exploited to gain access.

Domain 5.3: Hardware Tools

Cable Testers - Cable testers are electronic devices used to test a cable's integrity by checkingfor opens and shorts which can cause connectivity problems.

Protocol Analyzers - This tool is used to monitor network traffic and display packet and

protocol statistics and information. As far as we're concerned, it is pretty much the same thing as

a packet sniffer. Most tools sold today combine the functions of the listening device (packet

sniffer) and the analytical device (packet analyzer).

Certifiers - Certifiers are a tool that tests cables in order to ensure that they will perform thejob intended. This includes checking the speed loads that it can handle.

TDR (Time Domain Reflectometer) - Sends a signal down a cable and measures the distance

that the signal travelled before bouncing back (like sonar). Used to find opens and shorts incables.

OTDR (Optical Time Domain Reflectometer) - Similar to the TDR above, however, this isused to test fiber optic cables with light.

Multimeter - A multimeter, also known as a volt/ohm meter, is an electronic measuringinstrument used to measure voltage, current and resistance.

Toner Probe - Most will detect opens and shorts like a cable tester, but this tool is mainlyused to locate the termination points of cables.

Butt Set - A portable telephone that connects to a line using alligator clips and is used to testtelephone circuits.

Punch Down Tool - A punch down tool is used to connect cabling such as telephone andethernet to wall jacks.

Cable Stripper - Fairly self explanatory. A tool used to strip the jackets off of cables in order

to expose the wire that can be connected to connectors or wall jacks.

Snips - Special scissors used for cutting cable.

Voltage Event Recorder - Captures and logs electrical current information for devices which

can then be accessed on a PC. Mostly used for mission critical devices such as those found in ahospital.


31/38

Temperature Monitor - We aren't entirely sure what CompTIA is referring to with this.

There are all kinds of temperature monitors from CPU temperature monitoring software todevices that monitor the temperature of a server room.

Domain 6.0: Network Security

Domain 6.1: Hardware and Software Security Devices

The topics covered in this section are already covered elsewhere in this guide.

Domain 6.2: Firewalls

Application Layer vs. Network LayerAn application layer firewall works at the

application layer of a protocol stack. (This is true for both the OSI model and the Internet

Protocol Suite (TCP/IP)) Sometimes referred to as a proxy-based firewall or proxy server, it can

be software running on a computer or server or as a stand-alone piece of hardware. The main

function of the application layer firewall is to analyze traffic before passing it to a gateway point.A network layer firewall is sometimes referred to as a packet filter and these will operate at the

network layer. The devices will not allow packets to pass the firewall unless they match the ruleset as configured by the firewall administrator. Network layer firewalls can be either stateful or

stateless

network plus n10 004 study guide

Documents