Exam Essentials - CompTIA Network+ N10-006 Cert Guide (2015)

CompTIA Network+ N10-006 Cert Guide (2015)

Appendix C. Exam Essentials

Chapter 1: Computer Network Fundamentals

Image A network’s purpose is to make connections. Examples would include file sharing, video chatting, e-mail, and Voice over IP (VoIP).

Image The basic components are a client, which is the device that’s requesting resources; a server, which is providing resources; the media, which could be physical or wireless; and the infrastructure, which could include switches and routers.

Image A local-area network (LAN) is a geographically close high-speed network. A wide-area network (WAN) provides network connectivity usually through a third-party service provider between two sites that are geographically remote from each other.

Image The most common physical topology today in a wired LAN is a physical star that uses a Layer 2 switch at the center of that physical star.

Image For WAN connectivity, common topologies include logical point-to-point and hub-and-spoke.

Chapter 2: The OSI Reference Model

Image The OSI reference model is not literally used today, but provides a great reference point regarding common protocols that are used, such as TCP/IP.

Image There are seven layers to the OSI reference model. Starting at the bottom, they are numbered one through seven.

Image The layers starting from the bottom are physical, data link, network, transport, session, presentation, application.

Image The physical layer relates to the physical topology as well as the transmission of bits on the network. An unmanaged network hub is an example of a repeater that makes forwarding decisions based on Layer 1 information. By simply repeating the bits, it sees out its other interfaces.

Image The data link layer is concerned with packaging data into frames and transmitting those frames on the network. On Ethernet, these frames would have Ethernet source and destination addresses included as part of the frame. Switches are used to make forwarding decisions based on Layer 2 information.

Image The network layer is concerned with logical addressing such as IP Version 4 or IP Version 6 addresses. Inside of the header at Layer 3, the packet will include source and destination IP addresses, which can be used for routing a packet over the network. Routers are used to make forwarding decisions based on Layer 3 information.

Image The transport layer, when using TCP, can provide connection-oriented and acknowledged communications over the network; if UDP is being used, there would be connectionless unacknowledged communications over the network. Several other protocols operate at Layer 4, but TCP and UDP are the two primary ones used in the IP protocol stack.

Image Layers five through seven are combined in the TCP/IP protocol stack that we use today, but in the OSI reference model, distinct functions are associated with each layer.

Image The session layer is responsible for setting up, maintaining, and tearing down sessions between devices on a network.

Image The presentation layer is responsible for the formatting of data, which may also include encryption.

Image The application layer is responsible for providing services. If a computer were running a program that wants to print to a network device, the network printing service would be an example of the services that are provided to the computer by the application layer.

Image In the TCP/IP protocol stack both for IPv4 and IPv6, there are well-known defined protocols and ports for common services such as HTTPS, HTTP, FTP, SSH, and many more.

Chapter 3: Network Components

Image The most common media today in LANs is unshielded twisted-pair (UTP).

Image UTP cabling is categorized based on the specification for that cabling. Examples include Category 5, Category 6, and Category 6a.

Image The most common termination on the end of a copper UTP Ethernet cable is an RJ-45 connection.

Image The uplinks between switches may be copper or fiber-optic cable.

Image Fiber-optic cable can be single mode or multimode.

Image The connectors for fiber cable include ST, SC, LC, MT-RJ, and more.

Image There are many forms of wireless available in data networks. For LANs, WiFi using frequencies in the 2.4 GHz and 5 GHz ranges is common. WiFi LANs use one or more access points as the radio transmitter and receiver. The access point is physically wired into a switch.

Image A Layer 2 switch builds a table of MAC addresses that the clients are using so that they can make forwarding decisions based on those MAC addresses.

Image Routers have either been statically configured or dynamically learned, using a routing protocol, how to forward in the direction of a given Layer 3 IP network.

Image A VPN concentrator is a device that allows remote users to build a VPN tunnel and connect to the VPN concentrator for access to the network.

Image A firewall refers to a device that has specific capacity and function to filter traffic between two different areas of a network, such as a private network and the public Internet. Current firewalls today have the ability to use stateful filtering, and many features are often integrated into a single device called a unified threat management (UTM) system. This may include virtual private networks (VPN), firewalls, intrusion-prevention systems (IPS), antimalware, data loss prevention, and other features all bundled into a single physical or logical device.

Image A Domain Name Service (DNS) server is a device that can resolve a name such as www.CBTNuggets.com to an IP address. DNS is one of the most often used protocols on the Internet today.

Image Dynamic Host Configuration Protocol (DHCP) servers provide IP address assignment dynamically to hosts on a network.

Image A proxy server acts on behalf of some other device. A local proxy server could be placed between clients and the Internet. A proxy server could also be used in front of a server or group of servers that want to load balance their resources when they receive client requests.

Image Content engines can cache previously retrieved information to make the subsequent access to the same data much quicker because it is now cached.

Image We can virtualize everything. Desktops, hosts, servers, firewalls, and even routers and switches can be virtualized. This means that the devices are not running on their own dedicated physical hardware but are running as some type of a virtual machine logically sharing the physical resources of a bigger system.

Image A Voice over IP (VoIP) solution can take analog voice, digitize it, forward it over a data network, and then convert it back to analog for the benefit of the recipient. Voice networks traditionally are going to use a separate VLAN so that special treatment and quality of service can be applied to that time-sensitive traffic.

Chapter 4: Ethernet Technology

Image Wired LANs today are going to be using full-duplex, with hosts connected to switch ports for high-speed Layer 2 switching.

Image By default, all the ports on a switch are on the same Layer 2 domain, often referred to as a broadcast domain.

Image A switch can be carved up into multiple Layer 2 broadcast domains and have individual ports on that switch assigned to respective broadcast domains. These broadcast domains are referred to as virtual local-area networks, or VLANs. For a host to reach devices outside of its local VLAN and local Layer 3 subnet, the services of a Layer 3 router are required.

Image A trunk is an interswitch connection that can carry multiple VLANs over the trunk. The association for frames with their correct VLAN while crossing the trunk is done by using 802.1Q tagging for each of the frames as it crosses the trunk.

Image Spanning Tree Protocol is used to identify when there are parallel paths within the same VLAN. It prevents those parallel paths from creating Layer 2 loops. Without spanning tree, if there are parallel Layer 2 paths, a single broadcast could loop the network endlessly.

Image The port states used by Spanning Tree Protocol include blocking, listening, learning, and forwarding.

Image Multiple links can be bonded together using a technique called link aggregation. Some vendors refer to this as EtherChannel. An open standard for negotiating in setting up a link aggregation is called Link Aggregation Control Protocol (LACP).

Image Port monitoring is sometimes referred to as port mirroring. It allows us to copy all the frames that are sent or received on a switch port over to another port where we can have a protocol analyzer such as Wireshark capture them. Then we can analyze them.

Image 802.1X is a protocol that we can use to authenticate a user at the switch port before allowing any of the host’s data traffic to be sent to the network.

Image First-hop redundancy protocols such as Host Standby Router Protocol (HSRP), Common Address Redundancy Protocol (CARP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP) can be used to provide a fault tolerance for the host’s default gateway on a given subnet.

Chapter 5: IPv4 and IPv6 Addresses

Image IP Version 4 and IPv6 are both representations of binary numbers. An IPv4 address is 32 bits. An IPv6 address is 128 bits. The mask function is the same for both of these protocols. The mask represents how many of these bits in the IP address are being used to represent the network segment that is common to all the devices on that same network. The remaining host portion, or host ID, represents the individual host, such as a workstation on a specific network.

Image IPv4 uses classes of addresses, such as Class A, Class B, and Class C. The default mask is /8, /16, or /24, respectively, for these three classes. IPv6 does not use the concept of classes. The traditional mask that will normally see an IPv6 address is /64, which means that half of the address is used for the network and the other half represents the host on that network.

Image IPv4 uses broadcasts, and MAC address resolution IPv4 uses Address Resolution Protocol (ARP). IPv6 does not use broadcasts or ARP but instead uses multicast and the Neighbor Discovery Protocol (NDP) for resolution of MAC addresses on other IPv6 devices on the local network.

Image Routers are used to make forwarding decisions based on Layer 3 addresses such as IPv4 and IPv6.

Image The process of subnetting involves taking a network and carving it up into smaller logical networks. It is a common practice to associate a single subnetwork with a single VLAN.

Chapter 6: Routing IP Packets

Image Routers make forwarding decisions based on Layer 3 addresses.

Image Routers can build a routing table based on having a directly connected network, having a static route being configured on them, or using a routing protocol to learn routing information from other routers.

Image Routing protocols include interior gateway protocols such as Open Shortest Path First (OSPF) Protocol, Routing Information Protocol (RIP), Enhanced Interior Gateway Routing Protocol (EIGRP), and Intermediate System-to-Intermediate System (IS-IS) Protocol. Border Gateway Protocol (BGP) is an external routing protocol that connects service providers on the Internet today.

Image Address translation, specifically Network Address Translation (NAT), can be used to hide one or more devices behind a router or firewall that is performing NAT. This enables us to extend the life of IPv4 because a single globally routable IP address can support thousands of private IP addresses being translated to a single IP address. To do this, a subset of NAT called Port Address Translation (PAT) is used.

Image Multicast is the forwarding of packets to a group address instead of a single host address. By using multicast, a single packet could reach many recipients who need to see that information.

Chapter 7: Wide-Area Networks

Image Wide-area connection types include circuit switched, leased lines, packet switched, and Multiprotocol Label Switching (MPLS)-provided services.

Image ATM, Frame Relay, and ISDN are examples of WAN connection options.

Image The public switched telephone network (PSTN) with plain old telephone service (POTS) can also be used for slow speed communications.

Image Digital subscriber line (DSL) and cable modems can provide high-speed connectivity to the Internet, which could then be used, in combination with a VPN for security, to build a WAN connection between two sites or hosts that are both connected to the Internet.

Image Wireless communications could also be used for WANs, or at least for connectivity to the service provider that is providing the WAN services. This could include satellite.

Image Point-to-Point Protocol (PPP) can be used over point-to-point connections, which have traditionally been serial but also now include Ethernet using PPPoE. PPP can use authentication mechanisms such as Challenge Handshake Authentication Protocol (CHAP).

Chapter 8: Wireless LANs

Image Wireless networks include a wireless access point, which has a radio for sending and receiving signals. Many home units will have the router and wireless access point and switch all integrated into a single device. In a corporate network, a wireless LAN controller would manage multiple access points, with each of those access points being physically wired into a Layer 2 switch.

Image The antennas can be omnidirectional or unidirectional or a combination of both for the access points.

Image The 2.4-GHz range and the 5-GHz range have been allocated as available space and are used commonly by LAN WiFi.

Image Common WiFi standards include 802.11a, 802.11b, 802.11g, 802.11n, and 802.11ac.

Image The basic service set or extended service set is the method used to identify wireless LANs.

Image Signal interference or signal degradation would need to be planned for, and a site survey before and after deploying wireless is typically performed.

Image Wireless security using WPA2/802.11i should be done to properly authenticate and secure the communications over the wireless network.

Chapter 9: Network Optimization

Image High availability is synonymous with fault tolerance and usually means having at least two devices that are able to perform a specific function. This is in preparation for one of the devices failing and having the remaining device be able to still provide the network services.

Image Fault-tolerance examples for a user’s default gateway include HSRP, CARP, VRRP, and GLBP. Fault tolerance should also be implemented for critical servers and systems.

Image Quality of service (QoS) can be implemented on our network switches and routers to provide preferential treatment to some types of traffic in the event of congestion on the network. Likely candidates for preferential treatment include voice and video that are sensitive to time delays.

Chapter 10: Command-Line Tools

Image Command-line interface (CLI) tools such as ARP can be used to look at the Layer 3-to-Layer 2 mapping on an Ethernet network for most Windows- and Linux-based devices.

Image Ipconfig and ifconfig can be used to look at the current Layer 3 address information on a local host on a Windows- or Linux-based operating system, respectively.

Image Nbtstat shows the NetBIOS information on a Windows computer.

Image Netstat shows IP-based connection information on a Windows or Linux computer.

Image Nslookup allows testing of DNS resolution for Windows- and Linux-based devices.

Image Ping verifies basic network connectivity between two points on the network.

Image The route command can allow the creation, deletion, or viewing of routes on a Windows or Linux host.

Image The tracert command is a Windows command that can show the routers in the path between the PC and a remote target.

Image The traceroute command is the Linux equivalent to Window’s tracert.

Image The man command is the command related to documentation built in to most Linux-based operating systems.

Image The dig and host commands are Linux-based commands that can verify DNS resolution.

Chapter 11: Network Management

Image Testing tools can be used to verify components of a computer network.

Image Tools include cable testers, cable certifiers, and connectivity software.

Image Electrostatic discharge wrist straps should be used whenever handling sensitive equipment. Crimpers can be used to terminate the end of a UTP cable that is connecting to an RJ-45 connector.

Image Multimeters can be used to check voltage current continuity and other electrical attributes.

Image Protocol analyzers can be used to dig into the details of the protocols that are being used on your network.

Image Reflectometers for copper and fiber can be used for cable verification and to indicate where a problem may exist in the cable.

Image A toner probe can help identify which (from a selection of many cables) is the endpoint that goes to the remote location where the toner is generating signal.

Image Configuration management and change control management should be formal policies that are communicated and understood by everyone involved.

Image Baselines for all critical systems including their configurations and the protocols normally expected across the networks should be established and used as a reference point.

Image Network documentation should be readily available and kept current.

Image Users should have security awareness training and should have all accepted and signed acceptable use policy (AUP) agreements.

Image Simple Network Management Protocol (SMNP) can be used for the monitoring of network devices.

Image Syslog can be configured on many network devices to send transactions of events to a centralized syslog server.

Chapter 12: Network Security

Image Confidentiality, data integrity, and availability are three critical aspects desired for most networks.

Image Confidentiality is provided by encryption services. Data integrity is often provided by hashing services. Availability is provided by lessening the effect or possibility of downtime due to attack in addition to having fault tolerance to prevent a single point of failure from stopping network services.

Image Virtual private networks (VPNs) that use IPsec provide authentication and confidentiality via encryption and data integrity via hashing.

Image Examples of physical controls include locks on doors and physical security guards.

Image Examples of administrative controls include separation of duties, accounting, and policies, including change control.

Image Examples of technical controls include access control lists (ACLs), authentication, VPNs, and other security-related implementations on a device such as a firewall or UTM system.

Image A risk assessment should be done to identify vulnerabilities, and then the appropriate countermeasures should be put in place to reduce the risk of those potential vulnerabilities causing loss.

Image Environmental and safety controls and procedures should be implemented.

Image User awareness training is one of the most significant countermeasures the company can implement.

Image Procedures for incident handling along with the responsibilities of those involved should be planned out, communicated, and tested.

Image Intrusion prevention systems and vulnerability scanners can be used to identify threats and potential vulnerabilities on the network.

Chapter 13: Network Troubleshooting

Image A structured troubleshooting methodology should be established and followed.

Image Using the OSI reference model as a guide, we might use a bottom-up approach, beginning with the physical layer.

Image Another approach is a top-down approach, where one application (such as HTTP) works across the network but another application (such as DNS) does not. The fact that HTTP works verifies that basic connectivity and routing between the client and the server is not the problem. In that case, it could be the application or service (DNS in this example) that is either blocked or not currently functioning on the remote side.

Image Wireless networking could be impacted due to interference or competition with the radio frequency that is currently in use.

Image Using the baseline for the normal configuration and the normal activity on the network is useful in comparing against the current configurations.

Image When a problem occurs in the network, you should identify the last time it worked and look for any changes that happened between the time it last worked and the current problem you are experiencing.

Image A good change control procedure will require documentation of rollback procedures that can be implemented when needed and that can assist in restoring a network to its previous functional state.

Image Command-line tools such as ping, tracert/traceroute, and nslookup can assist us in isolating a problem on the network.

Image Physical tools like multimeters, cable testers, and probes can help us isolate physical problems.