CompTIA N10-006 Network - Basic - Darril Gibson

CompTIA Network+:
Understanding Basic Networking

Components
A Get Certified Get Ahead Kindle Short
Covers Networking Topics from the

CompTIA Network+ N10-006
Get Certified Get Ahead Study Guide
By Darril Gibson
Dedication
To my wife, who even after more than 24 years of marriage continues to remind me
how wonderful life can be if you’re in a loving relationship. Thanks for sharing your life
with me.
Acknowledgments
A single person cannot do books of this size and depth on their own and I’m grateful
for the many people who helped me put this book together. First, thanks to my wife. She
has provided me immeasurable support throughout this project. Thanks also to my dogs
that help me remember to get up and go for walks regularly. I also appreciate all the efforts
by Jaena Nerona, an awesome assistant that helped me so much through this project.
The book has several pictures and graphics in it. In a couple of instances, I found the
perfect picture on the Internet and asked for permission to use it. I’m grateful for the
permission I’ve received from the following companies:
Thank you to Agilent Technologies for permission to use the picture of
their cable certifier.
Thank you to Fluke Corporation for permission to use the picture of their
toner probe.
About the Author
Darril Gibson is an accomplished author and professional trainer. He
has authored or coauthored more than 40 books and contributed as a technical
editor for many more. He holds many current IT certifications, including:
CompTIA A+, Network+, Security+, CASP, (ISC)2 SSCP, and CISSP.
He is the CEO of YCDA, LLC (short for You Can Do Anything) and
actively writes, teaches, and consults on a wide variety of IT topics, including
CompTIA A+, Network+, and Security+. Darril is active on the Internet:
Posts blog articles at http://blogs.getcertifiedgetahead.com
Tweets daily tips for CompTIA certifications at
http://twitter.com/darrilgibson
Posts daily practice test questions on the Get Certified Get
Ahead Facebook page
(https://www.facebook.com/GetCertifiedGetAhead)
Sends out periodic updates on the Get Certified Get Ahead
Newsletter (http://eepurl.com/g44Of)
Darril lives in Virginia Beach with his wife and two dogs. Whenever
possible, they escape to a small cabin in the country on over twenty acres of
land that continue to provide peace, tranquility, and balance. You can contact
him here: http://gcgapremium.com/contact-us/.
Table of Contents
Dedication
Acknowledgments
About the Author
Table of Contents
Introduction
About the Exam
Question Types
Number of Questions and Duration
Exam Format
Passing Score
Beta Questions
Exam Prerequisites
Exam Test Provider
Voucher Code for 10 Percent Off
Book Format
Remember This
CompTIA Network+ Objectives
1.0 Network Architecture
2.0 Network Operations
3.0 Network Security
4.0 Troubleshooting
5.0 Industry Standards, Practices, and Network Theory
CompTIA Network+ Assessment Exam
Chapter 1 Understanding Basic Networking Components
Understanding Common Network Components
Hub
Switch
Router
Modem
Access Point
Firewall
Simplified Diagrams
Network Segments and Domains
Duplex Connections and Collisions
Comparing PANs, LANs, WANs, and More
PAN
Bluetooth Wireless
NFC
IR
LAN
WLAN
CAN
MAN
WAN
VPN
Identifying Network Topologies
Star
Ring
Mesh
Bus
Hybrid
Point-to-Point vs. Point to Multipoint
Peer-to-Peer vs Client-Server
Workgroups vs. Domains
Planning and Implementing a Basic Network
List of Requirements and Devices
Wired/Wireless Considerations
Environmental and Equipment Limitations
Security considerations
Compatibility Requirements
Understanding Numbering Systems
Decimal
Binary
Bits vs Bytes
Digit Grouping
Hexadecimal
Upper Case or Lower Case Hexadecimal
Octal
Try This
Staying Safe
Electrical Safety
Equipment Grounding
ESD
Installation Safety
MSDS
Fire Suppression
HVAC
Emergency Procedures
Try This Conversion Answers
Chapter 1 Exam Topic Review
Unicast, Multicast, and Broadcast
Common Network Components
PANs, LANs, WANs, and More
Network Topologies
Basic Networks
Numbering Systems
Safety Issues
Chapter 1 Practice Questions
Sample Network+ Practice Test Questions
Bonus CompTIA Network+ Flashcards
Flashcards for Network Architecture
Flashcards for Network Operations
Flashcards for Network Security
Flashcards for Troubleshooting
Flashcards for Industry Standards, Practices, and Network Theory
Appendix A—Acronym List
Numeric–Topics in Acronym List
A–Topics in Acronym List
B–Topics in Acronym List
C–Topics in Acronym List
D–Topics in Acronym List
E–Topics in Acronym List
F–Topics in Acronym List
G–Topics in Acronym List
H–Topics in Acronym List
I–Topics in Acronym List
K–Topics in Acronym List
L–Topics in Acronym List
M–Topics in Acronym List
N–Topics in Acronym List
O–Topics in Acronym List
P–Topics in Acronym List
Q–Topics in Acronym List
R–Topics in Acronym List
S–Topics in Acronym List
T–Topics in Acronym List
U–Topics in Acronym List
V–Topics in Acronym List
W–Topics in Acronym List
X–Topics in Acronym List
Z–Topics in Acronym List
Errata
After the Network+ Exam
Introduction
Congratulations on your purchase of this Kindle short. This book is part
of the Get Certified, Get Ahead Kindle Short series that are focused on key
topics in the Network+ exam. This Kindle Short provides an introduction and
overview of key networking topics, and also covers the CompTIA
troubleshooting model. If you’re preparing for the Network+ exam and want
to ensure you’re ready to correctly answer questions related to these topics,
you have exactly what you need.
I recently wrote the CompTIA Network+ N10-006 Practice Test
Questions (Get Certified Get Ahead) book and released it as a Kindle version.
It includes 300 practice test questions with in-depth explanations to help you
pass the Network+ exam the first time you take it. It also includes 200
flashcards to help reinforce some key testable material.
While I’ve received some great feedback on the book, I’ve also
received many requests to write a full Network+ book similar to the popular
CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. Due to
a variety of reasons, I wasn’t able do the Network+ study guide right away
but I’m now focused on it. I’m trying something new with this book and
releasing chapters of it as they’re completed with the goal of helping people
review some key topics based on what they need.
This Kindle short follows the same style of the CompTIA Security+:
Get Certified Get Ahead: SY0-401 Study Guide, it’s just shorter. It starts
with a pre-test with questions related to the Network+ objectives. Next, a full
chapter covers the objectives identified at the beginning of the chapter. Last,
you’ll find a post-test with questions related to these objectives. This Kindle
short also includes some bonus questions.
Objectives covered in this Kindle short are:
1.1 Explain the functions and applications of various network devices.
Router
Switch
Firewall
Access point (wireless/wired)
Hub
Analog modem
1.6 Differentiate between common network topologies.

Mesh (Partial, Full)
Bus
Ring
Star
Hybrid
Point-to-point
Point-to-multipoint
Client-server
Peer-to-peer
1.7 Differentiate between network infrastructure implementations.

WAN
MAN
LAN
WLAN (Hotspot)
PAN (Bluetooth, IR, NFC)
1.8 Given a scenario, implement and configure the appropriate addressing schema.
Multicast
Unicast
Broadcast
Broadcast domains vs collision domains
1.12 Given a set of requirements, implement a basic network.

List of requirements
Device types/requirements
Environmental limitations
Equipment limitations
Compatibility requirements
Wired/wireless considerations
2.6 Given a scenario, configure a switch using proper features.

Interface configuration (Speed and duplexing)
5.2 Explain the basics of network theory and concepts.

Modulation techniques (Multiplexing, De-multiplexing, Analog and digital
techniques, TDM)
Numbering systems (Binary, Hexadecimal, Octal)
Broadband/base band
Bit rates vs baud rate
Sampling size
Wavelength
Collision
5.6 Summarize safety practices.

Electrical safety (Grounding)
ESD (Static)
Installation safety (Lifting equipment, Rack installation, Placement, Tool safety)
MSDS
Emergency procedures (Building layout, Fire escape plan, Safety/emergency exits,
Fail open/fail close, Emergency alert system)
Fire suppression systems
HVAC
CompTIA publishes a listing of the objectives on its web site. At this

writing, this information is accurate, but CompTIA includes the following
disclaimers:
“The lists of examples provided in bulleted format below each
objective are not exhaustive lists. Other examples of
technologies, processes or tasks pertaining to each objective
may also be included on the exam although not listed or
covered in this objectives document.”
“The CompTIA Network+ Certification Exam Objectives are
subject to change without notice.”
You can verify that the objectives haven’t changed by checking the
CompTIA site:
http://certification.comptia.org/getCertified/certifications/network.aspx.
About the Exam
CompTIA first released the Network+ exam in 1999 and it has
quickly grown in popularity. They revised the exam objectives in 2002, 2005,
2009, 2011, and in 2014. The 2014 exam is numbered as N10-006 (or JK0-
023 for the academic version of the exam). CompTIA retired the N10-005
exam on August 31, 2015.
A summary of the details of the exam includes:
Number of questions: Maximum of 90
Time to complete questions: 90 minutes (does not include
time to complete pre-test and post-test surveys)
Passing score: 720
Grading criteria: Scale of 100 to 900
Question types: Multiple choice and performance-based
Exam format: Traditional—can move back and forth to view
previous questions
Exam prerequisites: None required but A+ is recommended
along with nine months of networking experience
Exam test providers: Pearson Vue
You can get a discount code, which gives you 10% off any CompTIA
exam here: http://gcgapremium.com/discounted-comptia-vouchers/. The page
includes instructions on how to redeem the code at the CompTIA
marketplace.
Question Types
Expect many of the questions on the exam to be straightforward. For
example, what’s 5 X 5? Either you know the answer is 25 or you don’t. The
exam questions test your knowledge of the material, not necessarily your
ability to dissect the question so that you can figure out what the question is
really trying to ask.
I’m not saying the knowledge is simplistic, only that the questions often
are worded so that you can easily understand what they are asking.
As a comparative example, Microsoft certification questions can be
quite complex. Microsoft questions often aren’t just testing your knowledge
of the topic but your ability to analyze the material and logically come to the
right conclusion.
Here are two examples of questions—the first shows how Microsoft
may word the question on a Microsoft certification exam, and the second
shows how CompTIA may word it for the CompTIA Network+ exam.
Microsoft. You are driving a bus from Chicago to Atlanta at 55
mph with twenty-two passengers. The bus is painted blue. At
the same time, a train is traveling from Miami to Atlanta at 40
mph. The train has a yellow caboose. What color are the bus
driver’s eyes?
CompTIA Network+. What color are your eyes?
Notice the first question adds a lot of superfluous information. Two
pieces are critical to answering the first question. It starts by saying, “You are
driving a bus…” and then ends by asking, “What color are the bus driver’s
eyes?” You’re required to put the two together and weed through the
irrelevant information to come to the correct answer.
The second question is straightforward. “What color are your eyes?”
There’s very little analysis required. Either you know it or you don’t. This is
what you can expect from most of the CompTIA Network+ questions.
CompTIA has begun a trend of adding multiple-choice questions that
are more complex and these are often in the Network+ exam. However,
because you only have about a minute for each question, don’t expect to see
them very often. The Network+ exam is not intended to be a reading
comprehension exam.
As a more realistic example, consider the following one-sentence
question.
“What port does HTTPS use?”
In this case, you’d need to know that Hypertext Transfer Protocol
Secure (HTTPS) uses port 443.
Compare this to the following question. It asks for the same level of
knowledge, but requires a deeper level of comprehension.
“Lisa is configuring a firewall and she needs to ensure that the firewall
allows outgoing secure web traffic. What port should she open on the firewall
to meet this need?”
In this case, you’d need to know that a web server uses HTTPS for
secure web traffic, and HTTPS uses port 443. You would need to allow
outgoing traffic to the Internet on port 443.
You may also see questions that use phrases such as “BEST choice,”
“BEST description,” “MOST likely,” “FIRST,” or “LAST.” In these
examples, don’t be surprised if you see two answers that could answer the
question, while only one is the best choice. For example, which one of the
following numbers is between 1 and 10 and is the highest: 1, 8, 14, 23.
Clearly 1 and 8 are within 1 and 10, while 14 and 23 are outside this range.
However, only 8 is both within 1 and 10 and the highest.
Here is a network related question that shows this:
Question: Which layer(s) of the OSI model do wireless protocols
operate on?
A. Physical
B. Physical and Data Link
C. Data Link
D. Data Link and Network
There are actually three correct answers but only one is most correct.
Wireless protocols operate on the both the Physical and Data Link layers. If
you chose A or C, you’d be technically correct because they do operate on
the Physical layer (answer A) and on the Data Link layer (answer C).
However, you would get the question wrong since B is most correct. When
you see key words like best, most, or highest, be careful not to jump on the
first answer. There may be a more correct answer.
Multiple Choice
Most questions are multiple-choice types where you choose one answer
or multiple answers. When you need to choose multiple answers, the question
will direct you to choose two, choose three, or choose all that apply.
Performance-Based Questions
You can expect as many between three and ten non-multiple choice
questions. CompTIA refers to these as performance-based questions and
instead of picking from a multiple-choice answer, you’re often required to
perform a task. CompTIAs goal is to provide more accurate testing to verify
people have a fully understanding of a topic. I’ve written a couple of blogs on
this including this one directly related to Network+ performance-based
questions (http://blogs.getcertifiedgetahead.com/network-performance-based-
questions/). I’ve also created a demo here:
http://gcgapremium.com/performance-based-question-demo/
Some of the different types of questions you can expect are:
Identify. In this type of question, you might be asked a
question but instead of having a list of multiple-choice answers,
you have a group of pictures. For example, consider this
question: “What tool would you use to identify an open or short
in a cable?” You would need to know that a cable tester easily
identifies shorts and opens has a setting to easily identify shorts
and opens, and you’d need to identify a picture of the cable
tester. While a multimeter can also identify opens and shorts, it
isn’t the best choice to identify opens and shorts in a cable.
Matching. Matching type questions might require you to
identify words with pictures. For example, the words might be
“Fiber connectors” and “Coaxial connectors” combined with
pictures of various connectors. You’d be required to identify the
pictures of fiber connectors by sight and the pictures of coaxial
connectors by sight. Here’s a demo I created for a Security+
practice test question: http://gcgapremium.com/performance-
based-question-demo/.
Simulation. In a simulation, you’re expected to perform an
action as if you are operating in a realistic environment. For
example, most wireless routers are configured via a web page.
A simulation might require you to configure a wireless router
with specific settings using a simulated web page.
Drag and drop. In some questions, you might need to drag
items from one location on the screen to another location to
answer a question. For example, you might see an out-of-order
list of the seven items in CompTIAs troubleshooting model.
You would need to drag and drop these items in the correct
order.
Data Entry. Some performance-based questions might ask you
to analyze a scenario and then enter appropriate data. For
example, when configuring a wireless access point, you might
need to enter specific data into the access point. A related
question might ask you to configure an access point to work
with WPA2 Enterprise mode. The Configuring a Wireless
Router Lab available online (http://gcgapremium.com/labs/)
shows you the steps to do this. Similarly, I wrote a series of
blog articles on creating rules for routers and firewalls. The
second post showed an example of a performance-based
question and the last post provided the solution. You can read
the posts here:
ACLs and Security+.
http://blogs.getcertifiedgetahead.com/acls-and-security/
Firewall Rules and Security+.
http://blogs.getcertifiedgetahead.com/firewall-rules-and-
security/
Firewall Rules Solution.
http://blogs.getcertifiedgetahead.com/firewall-rules-solution/
Command prompt. CompTIA has provided several examples
of how a simulation can require a test taker to execute
commands at the command prompt. As one possible example,
you might tasked to identify the media access control (MAC)
address of a system by entering a command. You’d need to
know how to enter ipconfig /all, and be able to recognize that
the MAC address is the physical address.
It’s common for people to be nervous when thinking about these
performance-based questions. However, the majority of people that take the
test say that they really aren’t that difficult. As long as you understand the
concepts from the exam objectives, you won’t have any problem. I do
recommend you check out the blog though, and see if I’ve posted any
updates.
A question people often ask about these questions is if they get partial
credit. CompTIA has verified that you get partial credit for some questions.
However, other questions may not give you partial credit. Do the best you
can with each question.
Performance-Based Questions Strategy

You’ll see the performance-based questions first and they take much
longer than typical multiple-choice questions. If the answer is clear to you,
then by all means, take the time to answer it. However, if the question isn’t
clear, mark the question and skip it. You can come back to it later. It’s
entirely possible that the question is a poorly worded beta question that
doesn’t even count. However, if you spend 45 minutes on it, you might run
out of time before you finish the multiple-choice questions.
Performance-based questions have occasionally caused problems for the
test systems. A common problem is that instead of displaying the question,
the screen is mostly blank. If this happens, you can often just use the reset
button for the question. This allows you to move past the problem and
continue with the test. However, resetting the question erases any answer
you’ve entered so make sure you answer it after resetting it.
It’s common for people to be nervous when thinking about these
performance-based test questions. However, the majority of people who take
the test say that these questions really aren’t that difficult. As long as you
understand the concepts from the exam objectives, you won’t have any
problem.
Number of Questions and Duration

You have 90 minutes to complete as many as 90 questions. This gives
you about one minute per question. Don’t let this scare you; it’s actually a
good thing. With only about a minute to read and answer a question, you
know the questions can’t be very long or complex. Individuals living in a
non-English-speaking country and English isn’t their native language are
given a 30 minute extension.
You might have as many as 10 performance-based questions and as few
as 70 multiple-choice questions. The performance-based questions are
typically first and you might spend more time on these than the multiple-
choice questions. That’s normal. If a question has you stumped, you can skip
it and then come back to it later. If you skip a question, mark it so that you
can easily find it when you’ve finished the other questions.
Exam Format
You start at question 1 and go to the last question. During the process,
you can mark any questions you want to review when you’re done.
Additionally, you can view previous questions if desired. For example, if you
get to question 10 and then remember something that helps you answer
question 5, you can go back and redo question 5.
Passing Score
A score of 720 is required to pass. This is on a scale of 100 to 900. If
the exam is paid for and you don’t get a single question correct, you still get a
score of 100. If you get every testable question correct, you get a score of
900. This gives a range of 800 points so you’ll get an average of 8 points per
question, though some questions may be weighted higher than others.
If all questions are equal and you get 100 questions, then you need to
get 78 questions correct, or score 78 percent on the exam. 78 * 8 = 624 plus
the 100 points you start with will give you a score of 724.
However, CompTIA doesn’t say if all questions are scored equally or
whether harder questions are weighted and worth more. A score of 78 percent
is high so you shouldn’t underestimate the difficulty of this exam. However,
many people regularly pass it and you can pass it too. With this book, you
will be well prepared.
Beta Questions
You exam may have some beta questions. They aren’t graded but
instead are used to test the validity of the questions. If everyone gets a beta
question correct, it’s probably too easy. If everyone gets it incorrect, there’s
probably something wrong with the question. After enough people have
tested a beta question, it’s analyzed and may be added to the test bank or
rewritten and retested.
The good news is that CompTIA doesn’t grade the beta questions.
However, you don’t know what questions are beta and what questions are
valid, so you need to treat every question equally.
Exam Prerequisites
All that is required for you to take the exam is money. Other than that,
there are no enforced prerequisites.
However, to successfully pass the exam, you’re expected to have nine
to twelve months experience working with computers in a networking
environment. Also, it’s recommended you have the A+ certification or
equivalent knowledge. If you have more than that, the exam materials will
likely come easier to you. If you have less, the exam may be more difficult.
Exam Test Provider

You can take the exam at a Pearson Vue testing site. Some testing sites
provide testing and nothing else. However, most testing sites are part of
another company, such as a training company, college, or university. You can
take an exam at the training company’s testing site even if you haven’t taken
a course with them.
The Pearson Vue web site includes search tools you can use to find a
testing site close to you. Check them out at http://www.pearsonvue.com.
As of this writing, the CompTIA Security+ exam is $293 in the United
States if you purchase it at full price. However, you can get a 10 percent
discount using a discount code. This code changes periodically, so you’ll
need to go to this page to access the current code:
http://gcgapremium.com/discounted-comptia-vouchers/.
When you purchase a voucher, you’ll get a voucher number that you can
use to register at a testing site. A word of caution: Some criminals sell bogus
vouchers on Internet sites such as eBay. You won’t know you’ve been ripped
off until you try to use it and by that time, the criminal will probably have
disappeared. In contrast, if you use the discount code, you buy the voucher
directly from CompTIA.
Book Format
This Kindle short has the following sections:
Introduction. This section. It describes the exam and the rest of
the book.
Assessment questions. Practice test questions you can use to
assess your readiness of the Networking+ objectives covered in
this Kindle ebook. These questions are specially formatted for
the Kindle so that you can see the question on one screen, and
then the correct answer and explanation on the following
screen. The goal is to allow you to focus on only the question
without seeing the answer. After picking your answer, go to the
next Kindle screen to see if you’re correct.
Chapter content. A full chapter covering the objectives
mentioned previously. It includes practice test questions at the
end of the chapter with in-depth explanations.
Post-test. Practice test questions you can use to test your
readiness of the Network+ objectives. These questions are
formatted for the Kindle just like the pre-test questions.
Remember This
Throughout the book, you’ll see “Remember This” notes that highlight
important information you should remember to successfully pass the exam.
The surrounding content provides the additional information needed to fully
understand these key points, and the text boxes summarize the important
points.
These “Remember This” sections will look like this:
Remember This
I strongly encourage you to repeat the information in the
text boxes to yourself as often as possible. The more you
repeat the information, the more likely you are to remember
it when you take the exam.
A tried-and-true method of repeating key information is to take notes
when you’re first studying the material and then rewrite the notes later. This
will expose you to the material a minimum of three times.
Another method that students have told me has been successful for
them is to use an MP3 player. Many MP3 players can record. Start your MP3
recorder and read the information in each text box and the information in the
Exam Topic Review section of the chapter. Save the MP3 file and regularly
listen to it. This allows you to reaffirm the important information in your own
voice.
You can play it while exercising, walking, or just about any time when
it’s not dangerous to listen to any MP3 file. You can even burn the MP3 files
to a CD and play them back from a CD player.
If the MP3 method is successful for you, you can also record and listen
to exam questions. Read the question, only the correct answer, and the first
sentence or two of the explanation in each practice question.
If you don’t have time to create your own MP3 recordings, check out
the companion website (GetCertifiedGetAhead.com) for this book. As I get
closer to completing this book, I plan on adding some MP3 recordings there
that you can download and use.
»Get Certified »Get Ahead
CompTIA Network+ Objectives
While this Kindle short only covers some of the Network+ objectives,
I’ve listed them all here for your convenience. The exam includes five
separate domains as follows:
1.0 Network Architecture 22% of exam
2.0 Network Operations 20% of exam
3.0 Network Security 18% of exam
4.0 Troubleshooting 24% of exam
5.0 Industry Standards, Practices, and Network Theory 16% of
exam
1.0 Network Architecture

Router
Switch
Multilayer switch
Firewall
HIDS
IDS/IPS
Content filter
Load balancer
Hub
Analog modem
Packet shaper
VPN concentrator
1.2 Compare and contrast the use of networking services and applications.
VPN:
Site to site/host to site/host to host
Protocols
IPsec
GRE
SSL VPN
PTP/PPTP
TACACS/RADIUS
RAS
Web services
Unified voice services
Network controllers
1.3 Install and configure the following networking services/applications.

DHCP
Static vs dynamic IP addressing
Reservations
Scopes
Leases
Options ( DNS servers, suffixes)
IP helper/DHCP relay
DNS
DNS servers
DNS records (A, MX, AAAA,CNAME, PTR)
Dynamic DNS
Proxy/reverse proxy
NAT
PAT
SNAT
DNAT
Port forwarding
1.4 Explain the characteristics and benefits of various WAN technologies.

Fiber
SONET
DWDM
CWDM
Frame relay
Satellite
Broadband cable
DSL/ADSL
ISDN
ATM
PPP/Multilink PPP
MPLS
GSM/CDMA
LTE/4G
HSPA+
3G
Edge
Dialup
WiMAX
Metro-Ethernet
Leased lines
T-1
T-3
E-1
E-3
OC3
OC12
Circuit switch vs packet switch
1.5 Install and properly terminate various cable types and connectors using
appropriate tools.
Copper connectors
RJ-11
RJ-45
RJ-48C
DB-9/RS-232
DB-25
UTP coupler
BNC coupler
BNC
F-connector
110 block
66 block
Copper cables
Shielded vs unshielded
CAT3, CAT5, CAT5e, CAT6, CAT6a
PVC vs plenum
RG-59
RG-6
Straight-through vs crossover vs rollover
Fiber connectors
ST
SC
LC
MTRJ
FC
Fiber coupler
Fiber cables
Single mode
Multimode
APC vs UPC
Media converters
Single mode fiber to Ethernet
Multimode fiber to Ethernet
Fiber to coaxial
Single mode to multimode fiber
Tools
Cable crimpers
Punch down tool
Wire strippers
Snips
OTDR
Cable certifier

Mesh
Partial
Full
Bus
Ring
Star
Hybrid
Point-to-point
Point-to-multipoint
Client-server
Peer-to-peer

WAN
MAN
LAN
WLAN
o Hotspot
PAN
Bluetooth
IR
NFC
SCADA/ICS
ICS server
DCS/closed network
Remote terminal unit
Programmable logic controller
Medianets
VTC
ISDN
IP/SIP
IPv6
Auto-configuration
EUI 64
DHCP6
Link local
Address structure
Address compression
Tunneling 6to4, 4to6
Teredo, miredo
IPv4
Address structure
Subnetting
APIPA
Classful A, B, C, D
Classless
Private vs public
NAT/PAT
MAC addressing
Multicast
Unicast
Broadcast
1.9 Explain the basics of routing concepts and protocols.

Loopback interface
Routing loops
Routing tables
Static vs dynamic routes
Default route
Distance vector routing protocols
RIP v2
Hybrid routing protocols
BGP
Link state routing protocols
OSPF
IS-IS
Interior vs exterior gateway routing protocols
Autonomous system numbers
Route redistribution
High availability
VRRP
Virtual IP
HSRP
Route aggregation
Routing metrics
Hop counts
MTU, bandwidth
Costs
Latency
Administrative distance
SPB
1.10 Identify the basics elements of unified communication technologies.

VOiP
Video
Real time services
Presence
Multicast vs unicast
QoS
DSCP
COS
Devices
UC servers
UC devices
UC gateways
1.11 Compare and contrast technologies that support cloud and virtualization.
Virtualization
Virtual switches
Virtual routers
Virtual firewall
Virtual vs physical NICs
Software defined networking
Storage area network
iSCSI
Jumbo frame
Fibre Channel
Network attached storage
Cloud concepts
Public IaaS, SaaS, PaaS
Private IaaS, SaaS, PaaS
Hybrid IaaS, SaaS, PaaS
Community IaaS, SaaS, PaaS

Environment limitations
2.0 Network Operations

2.1 Given a scenario, use appropriate monitoring tools.
Packet/network analyzer
Interface monitoring tools
Port scanner
Top talkers/listeners
SNMP management software
Trap
Get
Walk
MIBS
Alerts
Email
SMS
Packet flow monitoring
SYSLOG
SIEM
Environmental monitoring tools
Temperature
Humidity
Power monitoring tools
Wireless survey tools
Wireless analyzers
2.2 Given a scenario, analyze metrics and reports from monitoring and tracking
performance tools.
Baseline
Bottleneck
Log management
Graphing
Utilization
Bandwidth
Storage
Network device CPU
Network device memory
Wireless channel utilization
Link status
Interface monitoring
Errors
Utilization
Discards
Packet drops
Interface resets
Speed and duplex
2.3 Given a scenario, use appropriate resources to support configuration

management.
Archives/backups
Baselines
On-boarding and off-boarding of mobile devices
NAC
Documentation
Network diagrams (logical/physical)
Asset management
IP address utilization
Vendor documentation
Internal operating procedures/policies/standards
2.4 Explain the importance of implementing network segmentation.

SCADA systems/Industrial control systems
Legacy systems
Separate private/public networks
Honeypot/honeynet
Testing lab
Load balancing
Performance optimization
Security
Compliance
2.5 Given a scenario, install and apply patches and updates.
OS updates
Firmware updates
Driver updates
Feature changes/updates
Major vs minor updates
Vulnerability patches
Upgrading vs downgrading
Configuration backup

VLAN
Native VLAN/Default VLAN
VTP
Spanning tree (802.1d)/rapid spanning tree (802.1w)
Flooding
Forwarding/blocking
Filtering
Interface configuration
Trunking/802.1q
Tag vs untag VLANs
Port bonding (LACP)
Port mirroring (local vs remote)
Speed and duplexing
IP address assignment
VLAN assignment
Default gateway
PoE and PoE+ (802.3af, 802.3at)
Switch management
User/passwords
AAA configuration
Console
Virtual terminals
In-band/Out-of-band management
Managed vs unmanaged
2.7 Install and configure wireless LAN infrastructure and implement the appropriate
technologies in support of wireless capable devices.
Small office/home office wireless router
Wireless access points
Device density
Roaming
Wireless controllers
VLAN pooling
LWAPP
Wireless bridge
Site surveys
Heat maps
Frequencies
2.4 Ghz
5.0 Ghz
Channels
Goodput
Connection types
802.11a-ht
802.11g-ht
Antenna placement
Antenna types
Omnidirectional
Unidirectional
MIMO/MUMIMO
Signal strength
Coverage
Differences between device antennas
SSID broadcast
Topologies
Adhoc
Mesh
Infrastructure
Mobile devices
Cell phones
Laptops
Tablets
Gaming devices
Media devices
3.0 Network Security

3.1 Compare and contrast risk related concepts.
Disaster recovery
Business continuity
Battery backups/UPS
First responders
Data breach
End user awareness and training
Single point of failure
Critical nodes
Critical assets
Redundancy
Adherence to standards and policies
Vulnerability scanning
Penetration testing
3.2 Compare and contrast common network vulnerabilities and threats.

Attacks/threats
Denial of service
Distributed DoS
Botnet
Traffic spike
Coordinated attack
Reflective/amplified
DNS
NTP
Smurfing
Friendly/unintentional DoS
Physical attack
Permanent DoS
ARP cache poisoning
Packet/protocol abuse
Spoofing
Wireless
Evil twin
Rogue AP
War driving
War chalking
Bluejacking
Bluesnarfing
WPA/WEP/WPS attacks
Brute force
Session hijacking
Social engineering
Man-in-the-middle
VLAN hopping
Compromised system
Effect of malware on the network
Insider threat/malicious employee
Zero day attacks
Vulnerabilities
Unnecessary running services
Open ports
Unpatched/legacy systems
Unencrypted channels
Clear text credentials
Unsecure protocols
TELNET
HTTP
SLIP
FTP
TFTP
SNMPv1 and SNMPv2
TEMPEST/RF emanation
3.3 Given a scenario, implement network hardening techniques.

Anti-malware software
Host-based
Cloud/server-based
Network-based
Switch port security
DHCP snooping
ARP inspection
MAC address filtering
VLAN assignments
Network segmentation
Security policies
Disable unneeded network services
Use secure protocols
SSH
SNMPv3
TLS/SSL
SFTP
HTTPS
IPsec
Access lists
Web/content filtering
Port filtering
IP filtering
Implicit deny
Wireless security
WEP
WPA/WPA2
Enterprise
Personal
TKIP/AES
802.1x
TLS/TTLS
MAC filtering
User authentication
CHAP/MSCHAP
PAP
EAP
Kerberos
Multifactor authentication
Two-factor authentication
Single sign-on
Hashes
MD5
SHA
3.4 Compare and contrast physical security controls.

Mantraps
Network closets
Video monitoring
IP cameras/CCTVs
Door access controls
Proximity readers/key fob
Biometrics
Keypad/cipher locks
Security guard
3.5 Given a scenario, install and configure a basic firewall.

Types of firewalls
Host-based
Network-based
Software vs hardware
Application aware/context aware
Small office/home office firewall
Stateful vs stateless inspection
UTM
Settings/techniques
ACL
Virtual wire vs routed
DMZ
Implicit deny
Block/allow
Outbound traffic
Inbound traffic
Firewall placement
Internal/external
3.6 Explain the purpose of various network access control models.

802.1x
Posture assessment
Guest network
Persistent vs non-persistent agents
Quarantine network
Edge vs access control
3.7 Summarize basic forensic concepts.

First responder
Secure the area
Escalate when necessary
Document the scene
eDiscovery
Evidence/data collection
Chain of custody
Data transport
Forensics report
Legal hold
4.0 Troubleshooting
4.1 Given a scenario, implement the following network troubleshooting methodology.
Identify the problem
Gather information
Duplicate the problem, if possible
Question users
Identify symptoms
Determine if anything has changed
Approach multiple problems individually
Establish a theory of probable cause
Question the obvious
Consider multiple approaches
Top-to-bottom/bottom-to-top OSI model
Divide and conquer
Test the theory to determine cause
Once theory is confirmed, determine next steps to resolve problem
If theory is not confirmed, re-establish new theory or escalate
Establish a plan of action to resolve the problem and identify potential effects
Implement the solution or escalate as necessary
Verify full system functionality and if applicable implement preventative
measures
Document findings, actions, and outcomes
4.2 Given a scenario, analyze and interpret the output of troubleshooting tools.
Command line tools
Ipconfig
Netstat
Ifconfig
ping/ping6/ping -6
tracert/tracert -6/traceroute6/traceroute -6
nbtstat
nslookup
arp
mac address lookup table
pathping
Line testers
Certifiers
Multimeter
Cable tester
Light meter
Toner probe
Speed test sites
Looking glass sites
WiFi analyzer
Protocol analyzer
4.3 Given a scenario, troubleshoot and resolve common wireless issues.

Signal loss
Interference
Overlapping channels
Mismatched channels
Signal-to-noise ratio
Device saturation
Bandwidth saturation
Untested updates
Wrong SSID
Power levels
Open networks
Rogue access point
Wrong antenna type
Incompatibilities
Wrong encryption
Bounce
MIMO
AP placement
AP configurations
LWAPP
Thin vs thick
Environmental factors
Concrete walls
Window film
Metal studs
Wireless standard related issues
Throughput
Frequency
Distance
Channels
4.4 Given a scenario, troubleshoot and resolve common copper cable issues.
Shorts
Opens
Incorrect termination (mismatched standards)
Straight-through
Crossover
Cross-talk
Near end
Far end
EMI/RFI
Distance limitations
Attenuation/Db loss
Bad connector
Bad wiring
Split pairs
Tx/Rx reverse
Cable placemen
Bad SFP/GBIC - cable or transceiver
4.5 Given a scenario, troubleshoot and resolve common fiber cable issues.
Attenuation/Db loss
SFP/GBIC - cable mismatch
Bad SFP/GBIC - cable or transceiver
Wavelength mismatch
Fiber type mismatch
Dirty connectors
Connector mismatch
Bend radius limitations
Distance limitations
4.6 Given a scenario, troubleshoot and resolve common network issues.

Incorrect IP configuration/default gateway
Broadcast storms/switching loop
Duplicate IP
Speed and duplex mismatch
End-to-end connectivity
Incorrect VLAN assignment
Hardware failure
Misconfigured DHCP
Misconfigured DNS
Incorrect interface/interface misconfiguration
Cable placement
Interface errors
Simultaneous wired/wireless connections
Discovering neighboring devices/nodes
Power failure/power anomalies
MTU/MTU black hole
Missing IP routes
NIC teaming misconfiguration
Active-active vs active-passive
Multicast vs broadcast
4.7 Given a scenario, troubleshoot and resolve common security issues.

Misconfigured firewall
Misconfigured ACLs/applications
Malware
Denial of service
Open/closed ports
ICMP related issues
Ping of death
Unreachable default gateway
Unpatched firmware/OSs
Malicious users
Trusted
Untrusted users
Packet sniffing
Authentication issues
TACACS/RADIUS misconfigurations
Default passwords/settings
Improper access/backdoor access
ARP issues
Banner grabbing/OUI
Domain/local group configurations
Jamming
4.8 Given a scenario, troubleshoot and resolve common WAN issues.

Loss of internet connectivity
Interface errors
Split horizon
DNS issues
Interference
Router configurations
Customer premise equipment
Smart jack/NIU
Demarc
Loopback
CSU/DSU
Copper line drivers/repeaters
Company security policy
Throttling
Blocking
Fair access policy/utilization limits
Satellite issues
Latency
5.0 Industry Standards, Practices, and

Network Theory
5.1 Analyze a scenario and determine the corresponding OSI layer.
Layer 1 – Physical
Layer 2 – Data link
Layer 3 – Network
Layer 4 – Transport
Layer 5 – Session
Layer 6 – Presentation
Layer 7 – Application

Encapsulation/de-encapsulation
Modulation techniques
Multiplexing
De-multiplexing
Analog and digital techniques
TDM
Numbering systems
Binary
Hexadecimal
Octal
Broadband/base band
Bit rates vs baud rate
Sampling size
CDMA
CSMA/CD and CSMA/CA
Carrier detect/sense
Wavelength
TCP/IP suite
ICMP
UDP
TCP
Collision
5.3 Given a scenario, deploy the appropriate wireless standard.

802.11a
802.11b
802.11g
802.11n
802.11ac
5.4 Given a scenario, deploy the appropriate wired connectivity standard.

Ethernet standards
10BaseT
100BaseT
1000BaseT
1000BaseTX
10GBaseT
100BaseFX
10Base2
10GBaseSR
10GBaseER
10GBaseSW
IEEE 1905.1-2013
Ethernet over HDMI
Ethernet over power line
Wiring standards
EIA/TIA 568A/568B
Broadband standards
DOCSIS
5.5 Given a scenario, implement the appropriate policies or procedures.

Security policies
Consent to monitoring
Network policies
Acceptable use policy
Standard business documents
SLA
MOU
MSA
SOW

Electrical safety
Grounding
ESD
Static
Installation safety
Lifting equipment
Rack installation
Placement
Tool safety
MSDS
Emergency procedures
Building layout
Fire escape plan
Safety/emergency exits
Fail open/fail close
Emergency alert system
HVAC
5.7 Given a scenario, install and configure equipment in the appropriate location
using best practices.
Intermediate distribution frame
Main distribution frame
Cable management
Patch panels
Power management
Power converters
Circuits
UPS
Inverters
Power redundancy
Device placement
Air flow
Cable trays
Rack systems
Server rail racks
Two-post rack
Four-post racks
Free-standing racks
Labeling
Port labeling
System labeling
Circuit labeling
Naming conventions
Patch panel labeling
Rack monitoring
Rack security
5.8 Explain the basics of change management procedures.

Document reason for a change
Change request
Configuration procedures
Rollback process
Potential impact
Notification
Approval process
Maintenance window
Authorized downtime
Notification of change
Documentation
Network configurations
Additions to network
Physical location changes
5.9 Compare and contrast the following ports and protocols.

80 HTTP
443 HTTPS
137-139 NetBIOS
110 POP
143 IMAP
25 SMTP
5060/5061 SIP
2427/2727 MGCP
5004/5005 RTP
1720 H.323
TCP
Connection-oriented
UDP
Connectionless
5.10 Given a scenario, configure and apply the appropriate ports and protocols.
20,21 FTP
161 SNMP
22 SSH
23 Telnet
53 DNS
67,68 DHCP
69 TFTP
445 SMB
3389 RDP
CompTIA Network+ Assessment
Exam
Use the practice test questions in this mini assessment exam to test your knowledge
of the topics covered in this Kindle Short. Remember, this Kindle Short does not cover all
objectives within the Network+ exam. If you’d like some additional practice test questions
for the full exam, check out the CompTIA Network+ N10-006 Practice Test Questions (Get
Certified Get Ahead) [Kindle Edition].
1. Which of the following devices uses an ACL to prevent unauthorized

access into a network?
A. Firewall
B. Proxy server
C. Load balancer
D. VPN concentrator
1. Answer: A is correct. A firewall uses rules within an access control list (ACL) to prevent
unauthorized access into a network.
A proxy server reduces bandwidth by storing copies of web site pages in cache and then
serving these cached pages to other users. It does not use an ACL.
A load balancer can balance traffic among multiple servers. It does not use an ACL.
A virtual private network (VPN) concentrator supports multiple VPN connections but it
doesn’t use an ACL.
2. You manage a network that has multiple computers connected via a single
Ethernet switch. What topology does this network use?
A. Ring
B. Mesh
C. Bus
D. Star
2. Answer: D is correct. A network that connects devices via a central switch is using a star
topology. The centralized switch has point-to-point connections to each of the devices
connected to the switch.
In a ring topology, computers are connected in a circle. They may connect to a central
device known as a multistation access unit (MSAU) but not an Ethernet switch.
In a mesh network, computers will have multiple connections to each other, rather than to a
single switch.
A bus configuration has devices connected directly to each other.
3. A network is configured with a topology that forces devices to wait before
communicating on the network. What type of network topology is this?
A. Ring
B. Mesh
C. Bus
D. Star
3. Answer: A is correct. A token ring network is configured as a circle or a ring and clients
can only send traffic when they have a logical token.
In a mesh network, computers will have multiple connections to each other, but the
topology doesn’t use a token or force devices to wait before communicating.
A bus configuration has devices connected directly to each other. It does use collision
detection forcing devices to wait after detecting a collision, but not before communicating
the first time.
A network that connects devices via a central switch is using a star topology and it doesn’t
use a token or force devices to wait.
4. Which of the following network topologies has a central device that is a
potential single point of failure?
A. FDDI
B. Mesh
C. Bus
D. Star
4. Answer: D is correct. A network that connects devices via a central switch is using a star
topology and the switch is a potential single point of failure. If the switch fails, all devices
connected to the switch lose network connectivity.
A Fiber Distributed Data Interface (FDDI) network uses two rings, with each ring
transmitting data in the opposite direction providing redundancy for the network.
A mesh network will have multiple connections to each other, providing several layers of
redundancy.
A bus configuration has devices connected directly to each other, not to a central device.
5. How many broadcast domains and collision domains are on a basic 12-port
switch using half-duplex mode?
A. 12 collision domains and 12 broadcast domains
B. 12 collision domains and 1 broadcast domain
C. 1 collision domain and 12 broadcast domains
D. 1 collision domain and 1 broadcast domain
5. B is correct. The switch creates 12 collision domains and 1 broadcast
domain.
A switch creates a single broadcast domain, not separate broadcast domains
so any answer with 12 broadcast domains is incorrect.
A switch creates separate collision domains for each port, not a single
collision domain for the entire switch.
6. How do computers on a peer-to-peer network pass information between
each other?
A. From one client to another
B. Through a centralized server
C. Through a router
D. Through a firewall
6. A is correct. Computers in peer-to-peer network pass information to each
other from one client (or one computer) to another.
Computers in a client-server topology receive information from a centralized
server.
Routers and firewalls are not directly related to a peer-to-peer network.
7. You are planning a small network for a business owner and need to
identify the best location for a server. Which of the following should you
consider first?
A. Equipment limitations
B. List of requirements
C. Environment limitations
D. Compatibility requirements
7. Answer: C is correct. The environment limitations are a primary consideration when
identifying the location of equipment in a network.
The equipment limitations effect the operation of the network, but won’t drive the where
they are located.
One of the first steps when creating a network is to create a list of requirements.
These requirements might help determine the best location, but the environment limitations
are more important when identifying the best location.
Based on the requirements, you may not need to run much cable. For example, if a wireless
network is acceptable, very little cable will be needed.

Chapter 1
Understanding Basic
Networking Components
CompTIA Network+ objectives covered in this
chapter
Router
Switch
Firewall
Hub
Analog modem

Mesh (Partial, Full)
Bus
Ring
Star
Hybrid
Point-to-point
Point-to-multipoint
Client-server
Peer-to-peer

WAN
MAN
LAN
WLAN (Hotspot)
PAN (Bluetooth, IR, NFC)
Multicast
Unicast
Broadcast

Environmental limitations

Interface configuration (Speed and duplexing)

Numbering systems (Binary, Hexadecimal, Octal)
Collision

Electrical safety (Grounding)
ESD (Static)
Installation safety (Lifting equipment, Rack installation, Placement, Tool safety)
MSDS
Emergency procedures (Building layout, Fire escape plan, Safety/emergency exits,
Fail open/fail close, Emergency alert system)
HVAC
One of the common challenges with any complex technical topic is grasping both
the big picture and the relevant details. As an example, you’ll need to know in-depth details
of the Dynamic Host Configuration Protocol (DHCP) and how it works. While you’re
perfectly capable of learning those details, they won’t have much meaning if you don’t
have an understanding of typical network concepts. However, if you have a good
understanding of basic networking concepts, it becomes much easier to drill into the
details.
You can compare this to a jigsaw puzzle. It’s easier to do the border first and then
connect the pieces together from the border into the center. With this in mind, think of this
chapter like the jigsaw border. It provides you with an overall idea of many networking
concepts including the common devices, types of networks, and topologies. The primary
purpose is to help you get an idea of the big picture so that future chapters will make sense
as you start to drill into the details of various topics.
This chapter also covers numbering systems and basic safety topics listed in the
CompTIA objectives.
Understanding Common Network
Components
Networks connect computing devices together so that users can share
resources such as data and devices. For example, a simple network can have
two computers and a printer. Users on the network can access shared files
and folders on each of the computers, and print documents through the
networked printer.
Before networks were widespread, users shared files by copying them
to a disk and carrying them to other computers – humorously referred to as
“sneakernet.” People used their shoes (such as tennis shoes or “sneakers”) to
transfer the data.
The most common type of device on a network is a desktop personal
computer (PC). However, networks include many other types of devices such
as servers, printers, laptop computers, smartphones, and tablets. You’ll often
see a computing device on a network generically referred to as a client, host,
or node.
Network devices such as hubs or switches connect these clients together
within a network. Routers connect multiple networks together to create larger
and larger networks. The Internet appears as a single huge network but in
reality, it is a massive network of networks connected with routers around the
world.
If you’re pursuing the Network+ certification, it’s expected that you
have a basic understanding of clients or hosts on a network. With this in
mind, I won’t delve into the details of how a PC, laptop computer, or printer
operates internally. However, you will learn the details of how these
computing devices connect with network devices and communicate over a
network.
The following sections introduce some common networking devices
such as switches and routers. Future chapters cover these devices in much
more detail.
Before introducing these network devices, it’s useful to understand
three different methods that clients use to transmit data. They are:
Unicast. You can think of this as one-to-one traffic. One
computer sends data to one other computer on the network.
Broadcast. You can think of this as one-to-all traffic. One
computer sends data to all other computers on the network.
Multicast. You can think of this as one-to-many traffic. One
computer sends data to multiple computers on the network, but
not all of them.
Remember This
Unicast traffic goes from one computer to one computer.
Broadcast traffic goes from one computer to all other
computers on the network. Multicast traffic allows a single
computer to address multiple computers on a network
simultaneously without addressing all of them.
Hub
A hub has multiple physical ports used to provide basic connectivity to
multiple hosts. Hubs commonly have between four and thirty-two physical
ports. In an Ethernet network, the hub has multiple RJ-45 ports. Twisted pair
cables plug into the RJ-45 port on one end and plug into a client’s network
interface card (NIC) on the other end.
Most hubs are active, meaning they have power and will amplify the
output to a predefined level. In this sense, they are similar to a repeater. A
basic repeater accepts one input, amplifies it to a predefined level, and has
one output. This is useful if you need to extend a cable farther than normal.
Active hubs have multiple ports and are sometimes called multiport repeaters.
Hubs do not have any intelligence or analytical capabilities so they
cannot determine if the transmissions are unicast, broadcast, or multicast.
Whatever goes in one port goes out other ports. As an example, Figure 1-1
shows four computers connected to a hub. When one computer sends data
through one port, the hub transmits the data to each of the other ports on the
hub.
Figure 1-1: Hub
Most organizations have replaced hubs with switches. Switches have
more intelligence and provide better performance than hubs.
Remember This
Hubs forward all traffic to each of the hub ports. This
includes unicast, multicast, and broadcast traffic.
Switch
Switches connect devices in a network similar to how hubs connect devices. The
primary difference is that switches have more intelligence and make decisions on what
traffic to send to each port. Switches make these decisions based on the media access
control (MAC) address assigned to each connected device.
A MAC address is a 48-bit address assigned to a client’s NIC and it is typically
displayed as six pairs of hexadecimal characters like this 1A-2B-3C-4D-5E-6F or
this1A:2B:3C:4D:5E:6F. Valid hexadecimal characters are the numbers 0-9 and the letters
A-F. Four bits represent each character. For example, 0001 represents 1 in hexadecimal and
1110 represents E in hexadecimal. If you need to review decimal, hexadecimal, and binary
topics, check out the section later in this chapter.
You might hear that MAC addresses are unique and are permanently assigned to a
NIC. This isn’t exactly correct.
MAC addresses are theoretically unique. You are not likely to see any
two identical MAC addresses assigned to different NICs, but it is possible.
MAC addresses can be changed. MACs are typically burned into the NIC
making them semi-permanent. However, you can change the MAC address
for the NIC through the operating system or a software tool.
When devices transmit data from one device to another, they include their MAC
address as the source MAC address and the other device’s MAC address as the destination
MAC address. A switch typically doesn’t know which MAC addresses are associated with
each physical port when it is first powered up. However, over time, it tracks the traffic and
eventually learns the MAC addresses associated with each of its ports.
As an example, consider Figure 1-2. It shows four computers connected to a basic
switch with four ports, and a Port-MAC table created within the switch’s memory. When
the switch first turns on, the Port-MAC table is empty. However, when computer A
transmits data, the switch captures the MAC address, associates it with port 1, and enters it
into the Port-MAC table. At this point, it doesn’t know the MAC addresses for other
computers. Over time, the other computers transmit data with their MAC address and the
switch populates the Port-MAC table with the captured data.
Figure 1-2: Basic switch

A switch sends broadcast transmissions to all other ports. However, it evaluates
unicast and multicast transmissions and sends them to the destination computers based on
the MAC address. For example, if Computer A sends a unicast message to Computer B, the
switch sends the data to port 2 of the switch. Computers C and D do not see the data
transmission at all.
The “Connecting Devices with Switches” chapter covers switches in much more
depth. You’ll learn the differences between managed and unmanaged switches, layer 2 and
layer 3 switches, and how to create virtual local area networks (VLANs) with a switch.
Remember This
You connect devices together in a network with a hub or a
switch. Switches pass all broadcast traffic. They evaluate
traffic and forward unicast and multicast traffic based on
the destination MAC address.
Router
Routers connect networks together into a single “network of networks” by routing
traffic between the networks. They provide a path or gateway out of a network and once
traffic reaches the router, the router determines the best path for the traffic to reach its
destination.
Routers use Internet Protocol (IP) addresses to identify the best path. In comparison,
switches use 48-bit MAC addresses. Data transmissions include both source and
destination MAC addresses. They also include both source and destination IP addresses.
While the MAC addresses are semi-permanent and burnt into the NIC, the IP address is
much more dynamic. You assign the IP address dynamically with something like Dynamic
Host Configuration Protocol (DHCP), or manually when you first configure the computer.
IPv4 addresses use 32-bits and are typically expressed in a dotted decimal format,
such as 192.168.1.5. Each decimal represents an octet of eight bits. For example, 192 is
1100 0000, 168 is 1010 1010, 1 is 0000 0001, and 5 is 0000 0101. It’s much more difficult
to read a 32-bit binary address such as 11000000101010100000000100000101 than it is to
read a dotted decimal address like this 192.168.1.5 so you’ll see IPv4 addresses in a dotted
decimal format much more often. The “Exploring IP addressing” chapter covers both IPv4
and IPv6 addresses in more depth.
Figure 1-3 shows Switch 1 connecting several computers together in one network
and Switch 2 connecting several computers together in another network. Each of the
computers in Network 1 has an assigned IP address that is compatible with Network 1.
Similarly, each of the computers in Network 2 has an assigned IP address that is
compatible with Network 2.
Figure 1-3: Router connecting networks
When Computer A sends unicast traffic to Computer B, it goes through Switch 1.
When Computer A sends unicast traffic to Computer D, Computer A sends the traffic to the
Network 1 gateway, which is the near side of the router. The router looks at the destination
IP address, realizes it needs to go to Network 2, and sends the traffic to Computer D
through Switch 2. When any computer needs to access the network, it sends the traffic to
the router, and the router then sends it to the Internet connection.
Notice that this router has three connections. Each connection works similar to the
network interface card on a computer. It has an assigned MAC address and an assigned IP
address. In Figure 1-3, you can see that the router has three interfaces, but it could just as
easily have four, five, or more. Each interface would connect the router to another network
and the router would be able to route any traffic it receives to the correct network based on
the destination IP address.
The “Connecting Networks with Routers” chapter covers routers in much more
depth. You’ll learn how routers identify the best path for traffic to take through a network
that has multiple routers. You’ll also learn how routers share information with each other
using routing protocols such as Routing Internet Protocol (RIP) and Open Shortest Path
First (OSPF).
Modem
A modem (modulator/demodulator) converts digital and analog signals and is
commonly used to provide Internet access through an Internet service provider (ISP). There
are several types of modems available.
Cable modem. Many telecommunications companies sell subscriptions for
cable television and use the same cable to provide users with an Internet
connection. Cable Internet access has fast speeds and is commonly called
broadband access. Broadband cable access is widely available in
metropolitan areas, but not always available in rural locations.
Dial-up analog phone modem. In locations where broadband cable isn’t
available, some users still use a dial-up connection and a phone modem.
The phone modem connects via plain old telephone service (POTS) lines,
which are widely available. Unfortunately, these connections are painfully
slow due to the amount of traffic that most users download.
Digital subscriber line (DSL) modem. DSL modems provide
significantly faster speeds than older phone modems but still use telephone
lines. A DSL router includes the capabilities of a DSL modem and a router.
Most DSL lines are asymmetric (ADSL), with the download link
significantly faster than the upload link.
The “Connecting Devices in a Network” chapter explores some of the other methods
used for Internet access.
Remember This
Modems are a popular method of connecting to the Internet
through an ISP. This includes cable modems and DSL
modems.
Access Point
Most wireless networks use an access point to provide wireless devices
access to a wired network. You’ll often hear an access point referred to as an
AP or a wireless access point (WAP). The AP acts as a switch and connects
all the devices into the same network.
Many APs include routing capabilities and are sold as wireless routers.
These typically have physical ports similar to any switch allowing you to
connect wired devices in addition to supporting wireless devices. The switch
portion of the access point connects the devices on the network, and the
routing portion of the access point connects networks together.
Figure 1-4 shows a typical network configuration in a small network
using an AP with routing capabilities. The devices connected with a solid line
are using wired connections. The devices connected with a dotted line are
using wireless connections. The access point connects to the Internet via a
modem and an ISP and all devices connected to the access point have Internet
access through it.
Figure 1-4: Wireless access point with routing capabilities

The “Managing Wireless Networks” chapter covers access points in much more
depth including:
Wireless standards such as 802.11g, 802.11n, and 802.11ac.
How to install and configure a wireless network
How to implement appropriate wireless security measures
How to troubleshoot common wireless problems
Common wireless threats, vulnerabilities, and mitigation techniques
Firewall
A firewall provides protection for networks and individual computers. Most
networks have a firewall at the border, directly between the private network and the public
Internet. These network firewalls help protect networks from Internet-based attacks.
Additionally, computers commonly have software-based firewalls that provide an added
layer of protection for the computer. They protect against potential threats within a
network.
IT-based firewalls are similar to firewalls in cars. The firewall in a car is between
the engine compartment and the passenger compartment. If the engine catches fire, the
firewall helps block the fire from getting into the passenger compartment.
The firewall in a car isn’t foolproof. A collision can damage the firewall,
significantly reducing the protection it provides. Similarly, a firewall in a network isn’t
foolproof. Attackers might be able to bypass the firewall, or find holes that they can
exploit. However, the IT-based firewalls do provide a good front line defense.
A very basic firewall is a packet-filtering router with an access control list (ACL).
The ACL is a group of rules that define network access. These rules define traffic based on
IP addresses, protocols, logical port numbers, and other information included within data
packets. The router then examines each packet and filters traffic based on the rules.
Advanced firewalls have a lot of sophistication and can be much more selective
about what traffic they block and allow. Instead of looking at individual packets, they can
look at a full conversation of traffic between systems and block malicious traffic.
Firewalls are very useful for protecting private networks from attackers. Many
attackers try to attack a network through the Internet so the most common place you’ll see
a firewall is at the border of a network, between a private internal network and the public
Internet as shown in Figure 1-5. This also clearly shows the order of connectivity for
devices to the Internet: from a network client such as a desktop PC to a switch, to a router,
to a firewall, to an ISP and then to the Internet.
Figure 1-5 shows a typical network with a switch, router, and firewall. The switch
connects devices together into a network. The router connects networks together – in this
figure, it is connecting the private network with the Internet via the modem and ISP. The
firewall provides a layer of protection to the router and the internal network.
Figure 1-5: Network connectivity with a firewall

Remember This
Routers and firewalls use a group of rules in an ACL to
define network access and prevent unauthorized access.
Most organizations have network-based firewalls at their
network border, providing a barrier between a private
network and the public Internet. Device connectivity to the
Internet in a typical network takes this path:
Network device –> Switch –> Router –> Firewall –> ISP –
> Internet.
Simplified Diagrams
Many network diagrams do not show all of the network devices. For example, many
basic diagrams omit switches. Similarly, many routers (including wireless routers) include
firewall capabilities so you might see the router, but not the firewall.
Figure 1-6 shows another depiction of the same network displayed in Figure 1-5.
The devices are connected to a line and the switch is implied even though it isn’t displayed.
The router is shown connected to the Internet but it is typically connected through a
modem and an ISP. Even though the diagram doesn’t show a firewall, you can bet one is in
use.
Figure 1-6: Simplified network diagram

The “Understanding Network Access Security” chapter provides much more
information about firewalls. You’ll learn about software and hardware firewalls, the
difference between a stateful inspection firewall and a packet filtering firewall, and
different configurations of a firewall such as in a demilitarized zone (DMZ).
Network Segments and Domains
With a basic understanding of how switches and routers work, you can now add
three additional network terms: segment, broadcast domain, and collision domain. These
terms are mentioned again in future chapters so it’s important to know what they are.
Network segment. A portion of a network that is separate from other
portions of a network. In many instances, it is a single cable, such as a
between a computer and a switch. In other instances, it includes multiple
cables, such as between a hub and devices connected to the hub.
Collision domain. A portion of a network where transmitted data from one
device can collide with transmitted data from another device. When a
collision occurs, both transmissions fail and both devices must transmit
their data again. More collisions result in more traffic, and an overall
slower network.
Broadcast domain. A portion of a network where broadcast data from one
device can reach all other devices in the same broadcast domain.
Figure 1-7 shows a network with a hub, a router, and a switch. You can see how the
hub creates a single logical connection between computers A, B, and C, and the router.
This logical connection is a segment. In contrast, the switch in Network 2 isolates the
connections between the router, and computers D, E, and F. The connection between
Computer D and the switch is one segment, the connection between Computer E and the
switch is another segment, and so on.
Figure 1-7: Collision and broadcast domains
Network 1 is both a collision domain and a broadcast domain. If computer A sends
unicast traffic, it can collide with unicast traffic sent by Computer B, Computer C, or the
router. Because of this, the segment created by the hub is a collision domain.
Similarly, if computer A sends broadcast traffic, it will reach computers B and C,
and the router. Because of this, the segment created by the hub is also a broadcast domain.
The router will not pass broadcast traffic to or from Network 1 and Network 2. In other
words, the router creates separate broadcast domains.
The switch in Network 2 includes four ports and it effectively creates four separate
collision domains. If Computer D sends unicast traffic to Computer E, the switch only
sends the traffic to Computer E. The traffic doesn’t reach the router or Computer F, and
cannot collide with traffic from these two devices.
Network 2 is a broadcast domain. Switches pass broadcasts so any broadcast traffic
sent by Computers D, E, or F will reach all the systems in Network 2.
Some important points to remember related to collision domains and broadcast
domains are:
Hubs pass all traffic.
Devices connected to a hub are in a single collision domain and a single
broadcast domain.
Switches segment unicast traffic and pass broadcast traffic.
Switches create separate collision domains with each port.
Devices connected to a switch are in a single broadcast domain.
Routers do not pass broadcast transmissions.
Routers create separate broadcast domains.
Remember This
A switch creates a single broadcast domain and separate
collision domains for each port. For example, a switch with
four ports creates four collision domains. A router creates
separate broadcast domains. For example, two networks
separated by a router are in two separate broadcast
domains.
Duplex Connections and Collisions
Computers and network devices can typically communicate using different modes.
The most common modes are half duplex and full duplex, but simplex mode is used in
some specialized connections.
Simplex. Data is sent over the connection in one direction only. For
example, a computer can send data over a simplex connection but not
receive data on the same connection.
Half duplex. The same connection supports both transmitting and
receiving but only one at a time. For example, while a computer is sending
data over the connection, it cannot receive data on the same connection.
This is similar to how push-to-talk cellular phones or old-fashioned walkie-
talkies operate.
Full duplex. The same connection supports both transmitting and receiving
simultaneously. The connection has separate wires used for both
transmitting and receiving. This eliminates the possibility of data colliding
with each other on the same cable. Most twisted pair cables and network
interface cards (NICs) support full duplex mode, but some legacy hardware
does not support it.
Figure 1-8 shows a switch with two computers connected. Computer A has a full
duplex connection, so it can use the same connection to send and receive data at the same
time. Computer B is connected with a half duplex connection. It can send data to the switch
using this connection, or receive data back from the switch on this connection, but it cannot
send and receive data at the same time with this connection.
Figure 1-8: Full duplex and half duplex connections
Most interfaces support auto-negotiation for the correct duplex mode and speed. If
both devices can operate using full duplex mode, they automatically configure themselves
using full duplex mode. If one of the devices can only operate at half duplex mode, the
other device will configure itself to use the slower half duplex mode.
If you run across a connection running in half duplex mode, check to see if one of
the interfaces is manually configured to use half duplex. If it is, you can often change it to
full duplex to increase the speed of the connections.
The connection will not work if both devices are manually configured with different
modes. For example, the connection fails if one device is manually configured with half
duplex and the other device is manually configured with full duplex. The link light on the
devices will show that they are connected, but they won’t be transferring data back and
forth between each other.
Remember This
Auto-negotiation automatically configures interfaces with
the fastest duplex mode and speed of the other device.
When using manual settings, both devices must be
manually configured with the same duplex mode and speed
or the connection fails.
There is a subtle point worth mentioning here. If you look at the full
duplex connection in Figure 1-8, you can see collisions are impossible. The
only way a collision can occur is if the same line is used to send and receive
data, but you can see that the computer sends data on one line and receives
data on the other line.
However, even though collisions are impossible if both devices are
using full duplex mode, you should still think of each port on a switch
creating separate collision domains, especially when taking the Network+
exam.
Comparing PANs, LANs, WANs,
and More
There are many different types of networks, and as a network technician, you need
to understand their differences. The following sections introduce common network types.
PAN
A personal area network (PAN) is a network of devices around a single person.
Bluetooth has been the traditional protocol used with a PAN. However, a PAN might use
near field communication (NFC) protocols or infrared (IR) too.
Bluetooth Wireless
Bluetooth is a short-range wireless system and Bluetooth devices include
smartphones, personal digital assistants (PDAs), and other computer devices. As an
example, the Apple Watch uses Bluetooth to communicate with a user’s iPhone. The range
of Bluetooth was originally designed for about three meters (about 10 feet), but the range is
often farther, and ultimately extends beyond a person’s personal space.
NFC
Near field communication (NFC) is a group of standards used on mobile devices that
allow them to communicate with other mobile devices when they are close to them. For
example, in some cases, you can share information with a friend just by touching your
smartphone with hers, or by placing your smartphone in close proximity to hers. Many
credit card readers support payments using NFC technologies. For example, you can make
a purchase in some establishments just by placing your phone close to the credit reader.
IR
Infrared (IR) uses an infrared light and is commonly used in devices such as TV
remotes. It can be used with a PAN, but this isn’t as common because it requires a clear
line of sight between the two devices. If the path is blocked by something as simple as a
single piece of paper, it blocks the communication.
Remember This
A personal area network (PAN) is a network of devices
around a single person. A common protocol used with
PANs is Bluetooth.
LAN
A local area network (LAN) is a network of devices within a single location. It can
include just a single switch used to connect the devices and a single router used to connect
the network to the Internet. Large organizations might have dozens of switches and routers,
but the key is that all the devices are in the same location.
WLAN
A wireless local area network (WLAN) connects devices without the need for
cables. It is easy to set up and can quickly connect several computers at a lower cost than it
takes to create a wired network. A significant challenge with wireless networks is security.
Wireless security has improved over the years, but wireless networks are still susceptible to
vulnerabilities and many users just don’t understand how to lock down a wireless network
adequately.
Many organizations set up hotspots for their customers. For example, a coffee shop
might set up a WLAN as a hotspot allowing customers to easily connect to the Internet
while sipping a cappuccino or latte. Hotspots rarely use any security, but instead are open
wireless network providing easy access for customers.
The “Managing Wireless Networks” chapter covers WLANs in much more depth
including basic security mechanisms.
CAN
A campus area network (CAN) is a network that connects multiple buildings in a
small geographical area, such as a university campus. Similarly, many technology
companies in Silicon Valley own several buildings spread across a small geographical area.
Even though they aren’t educational institutions, people commonly refer to the area as a
campus.
Figure 1-9 compares a LAN with a CAN. On the left is a single local area network
with some personal computers and a server. While not shown in the diagram, this network
would have at least one switch, at least one router, a firewall, and Internet connectivity.
The CAN shows similar LANs in several buildings within a university campus connected
together. The buildings might be connected together with physical cables such as
underground fiber runs, or they could be connected with other methods such as microwave
links. While not shown, the CAN would have Internet access, protected with at least one
firewall.
Figure 1-9: LAN vs CAN

MAN
A metropolitan area network (MAN) is a group of networks spread across a larger
geographical area beyond the size of a campus. As an example, a network connecting
several groups of networks within a city is a MAN. Similarly, if a city government has
several connected networks spread throughout the city, it is a MAN. If the buildings
depicted in Figure 1-9 were spread across the city, the CAN would be labeled as a MAN
instead.
Remember This
A campus area network (CAN) is a network connecting
multiple buildings, but in a limited area. A metropolitan
area network (MAN) is similar to a CAN, but includes
networks spread across city or larger metropolitan area.
WAN
A wide area network (WAN) is a group of two or more networks spread across a
large geographical area. There isn’t a specific distance that identifies a network as a WAN,
but generally it indicates that two or more networks are in separate cities. For example, an
organization can have a network in Virginia Beach, VA and a second network in New
York, NY. They can then connect the two networks creating a WAN.
It’s rare for an organization to run their own cables for a WAN. For example, a
company with offices in Virginia Beach and New York would not dig trenches between the
two cities to lay the cable. Instead, they lease bandwidth from existing lines owned by
telecommunications companies.
VPN
A virtual private area network (VPN) is a connection to a private network over a
public network such as the Internet. There are two primary types of VPNs. They are:
Host-to-gateway or host-to-site VPN. A single user (using a host
computer) accesses the organization’s site with a VPN connection. The
user is able to access the internal network from a remote location so you’ll
often hear this referred to as remote access. The user must initiate this
connection.
Gateway-to-gateway or site-to-site VPN. A VPN connects a LAN in one
location with a LAN in another location. This is typically transparent to
users in the network. Unlike a host-to-gateway VPN, users in a gateway-to-
gateway VPN do not need to initiate the connection. It is either always
connected, or in some cases, enabled on demand.
Figure 1-10 shows a host-to-gateway VPN. The user first connects to the Internet.
This could be from a home computer, a wireless access point while traveling, or anywhere
else the user has Internet access. Next, the user connects to the VPN server over the
Internet. The VPN server challenges the user to authenticate and after the user enters the
correct credentials, such as a valid username and password, the user has access to the
internal network. This network shows an internal email server and file server. Users that
connect to the VPN, have access to these servers just as if they connected from within the
private network. A primary difference is that the VPN connection will be slower because it
is going over the Internet.
Figure 1-10: Host-to-gateway VPN

Tunneling and encryption protocols protect the data within the VPN connection. A
future chapter covers these protocols in more depth.
You might have noticed that the VPN is between two firewalls. This shows a classic
demilitarized zone (DMZ). Typically, an organization places any Internet facing servers
within a DMZ. The DMZ provides protection to the network from any Internet threats, and
isolates the Internet facing server from the internal network. This diagram is simplified to
show the VPN, but you’ll often see multiple servers within a DMZ.
Figure 1-11 shows a gateway-to-gateway VPN connection. It is connecting a
headquarters location with a regional office. You can see that each site has a VPN server
connected through a firewall to a cloud. The cloud indicates a connection but it could be
one of several different types of WAN connections leased from a telecommunications
company. It’s important to realize that a leased line is rarely private. Instead, it is shared
among multiple companies that are leasing bandwidth over the same line. Just as a host-to-
gateway VPN uses tunneling and encryption protocols to protect it, a gateway-to-gateway
VPN includes tunneling and encryption protocols.
Figure 1-11: Gateway-to-gateway VPN

Identifying Network Topologies
A network topology refers to the arrangement of devices on a network. Further,
based on this arrangement, the topology identifies how data flows within the network. The
Network+ objectives refer to several common network topologies, which are covered in
this section.
Star
The majority of networks in use today use a star topology or a hybrid topology that
includes a star and another topology. Network clients connect to a central device such as a
hub or a switch in a star topology.
Figure 1-12 shows the layout of a star topology with devices connecting to a central
device. The graphic on the right shows how it can resemble a star. While the figure shows a
logical diagram of connected devices, it’s important to realize that the hub or switch is
rarely in a central physical location. For example, you’ll rarely find a switch in the middle
of an office with cables running from the computers to the switch. Most organizations
mount switches in a server room or a wiring closet.
Figure 1-12: Star topology

Because all devices connect to the central device, it is a potential single point of
failure. If the central hub or switch fails, all devices connected to this central device will
also lose connectivity.Th
Many networks in both large and small organizations use twisted pair cables.
Additionally, the network clients usually don’t connect directly to the hub or switch, but
instead are connected through different cables. Here’s a common standard used in many
organizations:
One cable connects the computer to a wall socket. This cable has RJ-45
connectors on both ends.
Another cable attaches to the wall socket and runs through walls, ceilings,
and/or floors to a wiring closet or server room, where it is attached to a
wiring block.
The front of the wiring block has a patch panel. A patch cable connects the
wiring block to a port on a switch.
While this connection uses three separate cables, it is electrically the same
connection.
Remember This
The star topology is the most common network topology in
use. Network clients typically connect to a switch with
twisted pair cables. The switch is a potential single point of
failure for all devices connected to it.
Ring
A ring topology has devices logically connected in a circle or ring. Data travels
around the ring in a single direction through each device. Ring topologies use a logical
token and are often referred to as token ring topologies. A token is special three-byte data
unit passed around the ring. Devices only transmit data when they have the token.
You may have heard of talking sticks used by some Native American cultures. A
group of people sits in a circle and they pass a stick around the circle to each other.
Members of the group can only talk when they have the stick, and they listen when they
don’t have the stick. As long as the group doesn’t get too large, this is an effective method
of ensuring that everyone’s voice is heard. The three-byte token is similar to an electronic
file, but it works just like the talking stick.
Ring topologies have two significant weaknesses: scalability and fault tolerance.
First, ring topologies do not scale well. Performance degrades with each computer
added to the ring. With five computers on the network, each computer has the token about
20 percent of the time (1/5). If you increase the number of computers on the network to
100, each computer only has the token about 1 percent of the time (1/100).
Second, a single break in the circle takes down the entire network. The break can be
in the ring itself or a failure from any single device in the ring. Ring topologies commonly
add a multistation access unit (MAU) to compensate for this. The devices are still
connected in a logical circle and data travels one way around the circle. However, each
device connects to the MAU instead of adjoining devices. Devices then transmit and
receive data to and from the MAU. If one of the devices in the ring fails, the MAU senses
the failure logically removes it from the ring.
Figure 1-13 shows the logical layout of a token ring network topology. On the right,
you can see how devices connect to each other via central MAU. The ring with the MAU
looks similar to a star topology but the difference is that data travels in a circle around the
ring. In a star network, data can travel to and from any device without regard to any
direction.
Figure 1-13: Ring topology

Some fiber optic networks use Fiber Distributed Data Interface (FDDI). These are
similar to token ring networks with one significant difference. Instead of the network using
a single closed circle network for data transmissions, the FDDI network has two rings.
Each ring transmits data in the opposite direction providing redundancy for the network.
Synchronous Optical Networking (SONET) is a group of protocols using fiber optic
cables, and some SONET implementations use ring topologies.
Remember This
A ring network connects devices in a circle and transmits a
token one way around the circle. Devices in the ring only
transmit data when they have the token. FDDI networks use
two rings and each ring transmits data in the opposite
direction providing redundancy for the network.
Mesh
A full mesh topology provides redundancy by connecting every computer in the
network to every other computer in the network. If any connections fail, the computers in
the network use alternate connections for communications. A partial mesh topology
provides redundancy by connecting some of the computers to multiple computers in the
network.
Figure 1-14 shows an example of a full mesh topology. It has five computers, but
ten connections. The number of connections quickly expands as you add more computers.
For example, if you add a sixth computer, you’d need to add an additional five connections
for a total of 15 connections.
Figure 1-14: Mesh topology

You can calculate the number of connections needed in a mesh topology with the
formula n(n-1)/2 where n is the number of computers. For example, with five computers,
n=5 and the formula is:
5(5-1)/2
5×4/2
20/2 = 10
Add another computer and the calculation is 6(6-1)/2 or 15 connections.
Due to the high cost of all the connections, full mesh topologies are rarely used
within a network. However, there are many instances where mesh topologies are combined
with another topology to create a hybrid. This hybrid topology has multiple connections to
provide a high level of redundancy, but it doesn’t connect every single computer with
every other computer in the network.
Bus
A bus topology connects all devices together in a line. This is relatively easy to set
up but is difficult to troubleshoot and rarely used as a primary network topology today. Bus
topologies typically use coaxial cable. Thinner coaxial cable is used in ThinNet (10Base2)
networks, and thicker coaxial cable is used in ThickNet (10Base5) networks.
One big difference with the bus topology compared with other topologies is that it
requires a physical terminator at each end of the bus. Signals transmitted down the cable
will reflect back if the terminator is missing, and the reflected signal interferes with all
other transmissions. If one of the terminators is missing, it stops all network
communications.
Figure 1-15 shows the logical layout of a bus topology. Each device has a “T”
connector that connects into the NIC with a BNC and two open connections. On most
devices in the bus, coaxial cable connects to these two open connections. On the last device
at each end of the bus, the “T” connector includes a terminator. In the figure, the
terminators and cable are disconnected from the “T” connectors so you can see the
different components. You would see these connected in a live network.
Figure 1-15: Bus topology

One of the significant challenges with a bus topology is that it is difficult to
troubleshoot when problems occur. If someone removes one of the terminators, disconnects
any of the connectors, or accidentally cuts a cable within the network, the entire network
fails. If your network has 100 computers, spread across three floors, you’d have to check
each of them until you found the problem.
Figure 1-16 shows the result of a cable break in a bus topology. It effectively creates
two separate bus networks and each network has only one terminator. When you have four
computers in a bus topology, it won’t take too much time to locate this cable break.
However, if you have dozens or even hundreds of computers, it becomes very difficult to
identify the location of the break. As technicians are searching for the problem, none of the
users will have access to any network resources.
Figure 1-16: Two non-functioning bus topologies due to a cable break

Remember This
A single break in the cable for a bus topology takes down
the entire network. The break creates two networks and
each network has only one terminator.
Hybrid
A hybrid typology is any topology that combines two or more other topologies. As
mentioned previously, mesh networks are very expensive to create all the required
connections. Instead, a partial mesh is often connected with another type of network such
as a star network, creating a hybrid.
Point-to-Point vs. Point to Multipoint
A point-to-point topology is a single connection between two systems. Each of the
systems are endpoints in the point-to-point topology. A simple example is two tin cans
connected with a string. One person talks into one can, and the other person can hear what
they say. Similarly, if you and a friend are talking on a telephone, you have a point-to-point
connection.
In some cases, a point-to-point connection is a single permanent connection.
However, it is more often a virtual connection or virtual circuit. A virtual circuit still
establishes a point-to-point connection but the connection is created on demand and might
take different paths depending on the type of connection. For example, telephone
companies use circuit-switching technologies to establish connections. A telephone call
between you and a friend in a different location might take one path one day, and another
path a different day.
Organizations sometimes lease lines from telecommunications companies to create a
point-to-point connection. For example, the gateway-to-gateway VPN shown in Figure 1-
11 is a point-to-point connection. As a leased line, it is a semi-permanent line and often
referred to as a virtual circuit.
In contrast, a point-to-multipoint connection goes from one endpoint to many
endpoints. You can think of it as a broadcast or multicast transmission described earlier in
this chapter. Wireless access points use point-to-multipoint transmissions. A single access
point can transmit and receive from multiple wireless devices.
Peer-to-Peer vs Client-Server
Computers in a peer-to-peer (P2P) network pass information to each other from one
computer to another. The first widely used P2P network was Napster, an online music-
sharing service that operated between 1999 and 2001. Users copied and distributed MP3
music files between each other using Napster software. A court order shut down Napster
due to copyright issues, but it later reopened as an online music store using a client-server
topology. You could purchase music files directly from Napster and download them from a
Napster server.
BitTorrent is a P2P protocol used with many software programs, including the
BitTorrent group of P2P programs distributed and sold by BitTorrent, Inc. Files
downloaded with a BitTorrent program are distributed in multiple small Torrent files from
different computers in the P2P network. The program then puts them back together on the
client.
Some of the challenges with P2P networks are legal issues and malicious software
(malware). From a legal perspective, many people illegally copy and distribute pirated
files. For example, you could spend a year writing, editing, and finally publishing a book.
If this book is available as a P2P file, criminals can copy and distribute it but you wouldn’t
get any funds for your efforts. Many criminals also embed malware into files distributed
via P2P networks. Users that download P2P files often unknowingly install malware onto
their system when they open the files.
Most legitimate eCommerce sites use a client-server topology. For example, if you
use Amazon’s Kindle service, you can download Kindle files to just about any device
including PCs, iPads, or Kindles. These Kindle files are hosted on Amazon servers and
delivered the to the user device.
Remember This
Computers in a peer-to-peer (P2P) network share
information from one client to another instead of from a
server to a client. P2P networks are often referred to as file
sharing networks.
Workgroups vs. Domains
Peer-to-peer networks and workgroups are sometimes confused, but they aren’t the
same. Within Microsoft networks, a peer network is a workgroup. Each computer on the
network is a peer with other computers so the network is often called a peer network.
However, computers in a workgroup do not use file sharing technologies such as
BitTorrent.
Each computer within a workgroup is autonomous and includes separate user
accounts held in a Security Accounts Manager (SAM) database. If users want to log onto a
computer, they must use an account held within that computer’s SAM. If users need to log
onto multiple computers, they need to know the username and password of different
accounts held within different SAM databases.
Figure 1-17 shows both a workgroup and a domain. If Sally wants to log onto
Computer A, she needs to use an account held in Computer A’s SAM. If Sally needs to log
onto all four computers in the workgroup, she would need to have four accounts, one in
each of the four computer’s SAM databases. As more and more computers are added to a
workgroup, it becomes more difficult for users to remember all the usernames and
passwords they need to access the different computers.
Figure 1-17: Workgroup vs client-server topologies

In a domain, each computer still has a SAM but accounts within the local SAM
databases are rarely used. Instead, a server includes a centralized database of all accounts in
the domain. In a Microsoft domain, the centralized server is a domain controller and it
hosts Active Directory Domain Services (AD DS). Users can use the same account held in
AD DS to access any computer within the client-server domain.
Planning and Implementing a Basic
Network
The Network+ exam expects you to be able to plan and implement a basic network,
sometimes referred to as a small office home office (SOHO) network. At this point in the
book, many readers won’t have enough information to fully grasp all of the details.
However, it’s worthwhile to be aware of some of the important concepts from a big picture
perspective as you’re going through the book so I’m introducing them here.
List of Requirements and Devices
One of the first steps you’ll need to take when planning a basic network is to create a
list of requirements for the network, and a list of devices to meet these requirements.
You’ll consider the owner’s needs and desires, along with any constraints such as
environmental or equipment limitations when creating this list. One of the first things that
you’ll need to determine is if the business owner wants to use a wired network, a wireless
network, or a combination of the two.
Remember This
One of the first things you’ll need to do when planning a
basic network is to create a list of requirements and
constraints. You should complete this list prior to making
any purchases.
For a basic wired network, you would typically use the following devices:
Switch. The switch provides connectivity for all the devices in the
network.
Router. The router connects the basic network to the Internet.
Firewall. The firewall provides a layer of protection for the internal
network. For small networks, you will often use a device that functions as
both a router and a firewall.
Internet access device. This might be a DSL or cable modem or another
device depending on the ISP requirements.
Cables for wired connections. This includes cables from desktop PCs to a
switch, a switch to a router, and a router to the Internet connection such as
a cable modem. These are typically twisted pair cables with RJ-45
connectors.
NICs. While most computers have built-in NICs, you’ll need to ensure
they meet the equipment requirements of the network. For example, if a
desktop PC has a slower NIC, you might need to replace it with a newer,
faster NIC.
Remember This
A basic wired network needs at least one switch and cables
to connect each device to the switch. If the basic network
will connect to the Internet, you’ll also need at least one
router, a cable to connect the switch to the router, and a
cable to connect the router to the ISP device.
Wired/Wireless Considerations
A wireless network is less expensive than a wired network because you don’t need
to purchase and run cables to all the devices. A basic access point functions like a switch
eliminating the need for a switch in many networks. An access point with routing
capabilities (a wireless router) includes the capabilities of a switch, a router, and a firewall
eliminating the need for additional hardware. In other words, you can purchase a wireless
router and the only other device you’ll need is an Internet access device such as a modem.
For a basic wireless network, your device list might look like this:
Wireless router. Most wireless routers include RJ-45 ports so you can
plug in wired devices, if necessary.
Wireless NICs. Most devices include wireless NICs, but you can purchase
wireless adapters for any PCs that don’t have wireless capabilities.
Wireless USB adapters are widely available and they provide any PC with
wireless capabilities through an available USB port.
Internet access device. This device is dependent on the ISP and might be a
DSL modem or a cable modem.
Cables. You’ll still need a cable to connect the wireless router to the
Internet access device and any wired devices that need to plug into the
wireless router.
Remember This
A wireless network typically uses a wireless router instead
of a switch and a router and only requires cables for
devices that cannot connect wirelessly. You also need a
cable to connect the router to the Internet, using the device
specified by the ISP such as a DSL or cable modem.
If your network requires cables, you’ll need to ensure the cable length is within the
required standards. While there are many different types of cables, most basic networks use
twisted pair cable and the maximum length of most twisted pair cables is 100 meters (about
328 feet). The signal degrades as it passes through the cable and if the cable is too long, the
signal is unusable. While you can use repeaters to amplify the signal, the best bet is to
ensure the cables are within the required length.
Environmental and Equipment
Limitations
Two limitations you’ll need to address in a basic network are environmental
limitations and equipment limitations. A significant environmental limitation is
interference. Most interference issues affect wireless networks, but some can also affect a
wired network. Common interference issues are:
Radio frequency interference (RFI). RFI comes from other electronic
devices that transmit signals over the air using the same frequency. This
includes devices such as cordless telephones, baby monitors, home alarm
systems, Bluetooth devices, or another wireless network. RFI primarily
affects wireless networks and a future chapter covers some of the methods
you can use to avoid or compensate for RFI problems.
Electromagnetic interference (EMI). EMI comes from electrical devices
such as microwave ovens, light fixtures, and refrigerators. In general, you
shouldn’t place network devices or cables near these devices to avoid EMI
problems. When running cables between devices, you should keep the
cables away from fluorescent lights and power lines.
Physical objects. Wireless networks transmit radio frequency signals over
the air and many physical objects interfere with these signals. This includes
walls, floors, and trees. These objects don’t completely block the wireless
signals, but they do reduce the signal strength and reduced signal strength
results in slower connections.
Weather events. If the wireless signal has to pass through an outside area,
weather events such as rain, fog, and electrical storms can interfere with
signals. This won’t affect devices within the same building, but might
affect signals going to another building such as a detached garage.
Utilities. You also need to ensure the equipment has adequate power,
heating, ventilation, and air conditioning.
You should also consider the equipment limitations when planning a basic network.
For example, cables, NICs, switches, routers, and access points all have maximum
bandwidth capabilities. If you want systems within the network to be able to transfer data at
a rate of 1 gigabit per second (1 Gbps), you need to ensure that all of the equipment
supports this speed.
You’ll find that the capabilities of switches and routers extend well beyond the basic
capabilities introduced in this chapter. When using them in large organizations, you’ll need
to be concerned with several different features of these devices, and their limitations.
However, for a basic network, the primary equipment limitation you need to worry about is
the maximum bandwidth of each device.
Remember This
Environment limitations are a primary consideration when
identifying the location of equipment in a network. Ideally,
you’ll be able to avoid interference and have adequate
power and air conditioning.
As a rule, you want to ensure that unauthorized users cannot access a network so
you’d implement appropriate security precautions. Future chapters will explain how this is
done, but as an introduction, you can implement media access control (MAC) address
filtering, control traffic with a firewall, use strong authentication mechanisms, and strong
wireless protocols and security mechanisms.
Securing a wireless network is more challenging than securing a wired network, but
it is possible and you’ll learn what to do in the “Managing Wireless Networks” chapter.
Due to the security concerns, some business owners might decide to use wired connections
whenever possible even though it adds to the costs.
Compatibility Requirements
In addition to checking for the environmental and equipment limitations, you’ll need
to ensure that network equipment is compatible with other network equipment. As a simple
example, you’d need to ensure that you can connect each of the devices together. Most
wired networks use twisted pair cable with RJ-45 connectors so you’d need to ensure that
the NICs, switches, and routers all have RJ-45 ports.
Slower devices will normally still work with a faster device, but at a slower speed.
For example, if you’re using a 1 Gbps switch and a 100 Mbps NIC, the connection between
the NIC and the switch will use 100 Mbps.
Most devices can automatically negotiate between using half-duplex and full-duplex
connections based on the capabilities of both connections. However, if the devices use a
manual configuration, you need to ensure that both devices are configured with the same
modes. If a NIC is using half-duplex and a switch is using full-duplex, the connection
won’t work.
When adding wireless devices to your network, you need to ensure they support
compatible protocols such as 802.11n or 802.11ac. Additionally, you should ensure they
support the wireless security mechanism you’re using. The “Managing Wireless Networks”
chapter covers these standards in greater depth.
Understanding Numbering Systems
You need to have a basic knowledge of numbering systems. This includes decimal,
binary, hexadecimal, and octal. While this is basic knowledge, it is still important. If you
haven't used these numbering systems in a while, they might be a little foggy.
Decimal
When reviewing many topics, it's worth reviewing what you know and then
connecting it to new topics. In this case, you should have a good understanding of decimal.
Decimal numbers use a base of ten and include the numbers 0 to 9. Because it's a base of
10, the next number after 9 is 10.
This shouldn’t be a surprise to anyone reading this book. However, it’s important to
understand the underlying details of base 10.
The position of each number within base 10 has a different value such as 1, 10, 100,
1000, and so on. For example, consider the number 2,478. It has four numbers (2, 4, 7, and
8) but these numbers have significantly different values based on their place.
2 is in the thousands place so it has a value of 2,000 (2 × 1000)
4 is in the hundreds place so it has a value of 400 (4 × 100)
7 is in the tens place so it has a value of 70 (7 × 10)
8 is in the ones place so it has a value of 8 (8 × 1)
I've had students in the classroom try to make this difficult, but it doesn't need to be.
Imagine I offered you the choice of receiving $2,478 or $8,742. Which would you choose?
If you're like most people, you recognize the first number is over $2,000 but the
second number is over $8,000. Clearly, you would take the $8,000. The math behind it is
that the 8 is in the thousands place so it represents 8 thousand dollars.
Table 1.1 shows the underlying details using the base 10 number 2,478.
A B C D
Base 10 10^3 10^2 10^1 10^0
Place Value 1,000 100 10 1
Decimal Number 2 4 7 8
Decimal Values 2,000 400 70 8
Table 1.1: Base 10 Table

Note: Exams often use the caret (^) character instead of superscript so I’m using the
caret in this book. In other words, 10^2 is the same as 102.
Column A is 10^3 or 10 × 10 × 10 (1,000).
With a value of 2, it equates to 2 × 1,000 (2,000).
Column B is 10^2 or 10 × 10 (100).
With a value of 4, it equates to 4 × 100 (400).
Here are two important rules to know for any numbering system:
Any number raised to the power of 1 is itself so 10^1 is 10.
Column C is 10 ^ 1 (10).
Any number raised to the power of 0 is 1 so 10^0 is 1.
Column D is 10 ^ 0 (1).
Compare this to binary, with a base of 2, in the next section.
Binary
Binary numbers use a base of 2 and include only the numbers 0 and 1. If you were to
count with binary, it would look like this:
0
1
10
11
100
101
Just as decimal numbers have different values depending on their place, binary
numbers also have different values depending on their place.
As an example, 2 raised to the power of 2 is the equivalent of 4 decimal (2 squared
or 2 × 2). Most people know that 2 × 2 = 4. Similarly, 2 raised to the power of 3 is 8 (2 × 2
× 2). Table 1.2 shows several values for base 2, along with a binary number of 0000 1001.
Just as in base 10, base 2 follows these two rules:
Any number raised to the power of 0 is 1 so 2^0 is 1.
Any number raised to the power of 1 is itself so 2^1 is 2.
A B C D E F G H
Base 2 2^7 2^6 2^5 2^4 2^3 2^2 2^1 2^0
Decimal Values 128 64 32 16 8 4 2 1
Binary Number 0 0 0 0 1 0 0 1
Binary Values 0 0 0 0 8 0 0 1
Table 1.2: Base 2 Table

The binary number 0000 1001 has four leading zeros (Columns A, B, C,
and D), which can be ignored when calculating the binary value.
Similarly, the number 5 is the same as 0005. With 0005, we
ignore the leading zeros.
Column E is 2^3 or 2 × 2 × 2 (8).
With a binary number of 1, it equates to 1 × 8 (8).
Columns F and G have 0 as the binary number so have a value of zero.
Column H is 2^0 or 1.
From a simpler perspective, the binary number of 0000 1001 equates to a decimal of
number 9 (8 + 1).
Bits vs Bytes
A single binary number is a bit and eight bits makes up a byte. You can extend
binary as far as you need to, but it’s common to group binary into four bits (a nibble) or
eight bits (a byte). As an example, IPv4 addresses are 32 bits long, but they are separated
into four eight-bit bytes.
Consider the IPv4 address of 11000000101010000000000100000101. Represented
in binary, it is a little difficult for most people to digest. However, if you separate it into
four eight-bit bytes and convert each byte into decimal, it becomes 192.168.1.5. This is
commonly referred to as dotted decimal format because each decimal number is separated
by a dot.
Table 1.3 shows the binary equivalent of each of the decimal numbers in the IPv4
address.
Decimal 192 168 1 5
Binary 1100 0000 1010 1000 0000 0001 0000 0101
Table 1.3: IPv4 address in decimal and binary

Digit Grouping
When working with numbers, it’s common to separate them into groups. This just
makes it easier for us to read them. For example, consider the number 3183263765. By
grouping the digits with a comma (3,183,263,765), it becomes much easier to see that it has
a value over 3 billion.
Similarly, bytes are commonly grouped into two sets of four bits separated by a
space. For example, decimal 168 is 1010 1000 in binary. This is the same as 10101000 but
with digit grouping, it’s easier to read.
Hexadecimal
As an Hexadecimal uses a base of 16. Numbers are represented with the characters
0-9 and a-f, adding six extra digits to the base ten numbers of 0-9. Each hexadecimal
number represents four bits.
example, the binary number 1011 1000 can also be expressed as b8. This is because
1011 is b in hexadecimal and 1000 is 8 in hexadecimal.
Table 1.4 shows the decimal, binary, and hexadecimal equivalent for the numbers up
to hexadecimal f.
Decimal Binary Hexadecimal Decimal Binary Hexadecimal
0 0000 0 8 1000 8
1 0001 1 9 1001 9
2 0010 2 10 1010 a
3 0011 3 11 1011 b
4 0100 4 12 1100 c
5 0101 5 13 1101 d
6 0110 6 14 1110 e
7 0111 7 15 1111 f
Table 1.4: Comparing decimal, binary, and hexadecimal numbers

Hexadecimal (or hex) numbers are not case sensitive. In other words, an upper case
“B” is the same as a lower case “b” and both equate to 1011 in binary. However, the
current trend is to represent these numbers in lower case.
Upper Case or Lower Case
Hexadecimal
Historically, the letters for hex numbers have been listed in all caps such as A, B, C,
and so on. For example, you will typically see 48-bit media access control (MAC)
addresses expressed as six pairs of hexadecimal numbers like this: 1A-2B-3C-4B-5C-6D.
Notice that the letters are all upper case.
IPv6 addresses are 128 bits and include eight sets of four hex characters such as this:
2001:0db8:0000:0000:b001:c000:d000:f001. Early documents showed the hex letters as
upper case. However, due to problems some applications encountered when searching for
specific IPv6 addresses, RFC 5952 includes a recommendation to list IPv6 addresses with
lower case letters.
Octal
Octal uses a base of 8. Valid numbers are 0 to 7 and each number can be represented
with three bits. If you understand binary and hexadecimal, octal should be a breeze. Table
1.5 shows the value of octal numbers from 0 to 7. As an example, the octal number of 5
equates to a binary number of 101.
A B C
Octal Value 2^2 2^1 2^0
0 0 0 0
1 0 0 1
2 0 1 0
3 0 1 1
4 1 0 0
5 1 0 1
6 1 1 0
7 1 1 1
Table 1.5: Comparing octal and binary numbers

The most common place where you’ll see octal today is with Linux permissions. For
example, instead of indicating a file has read, write, and execute (rwx) permissions, you
might see the permissions expressed as 7 (indicating a 1 for read, 1 for write, and 1 for
execute). The number 7 octal is 111 binary. Similarly, instead of indicating a file has only
read (r--) permissions, you might see the permissions expressed as 4 (indicating a 1 for
read, 0 for write, and 0 for execute). The number 4 octal is 100 binary.
Try This
See if you can convert the following decimal numbers to four binary bits:
1
3
5
9
See if you can convert the following hexadecimal numbers to four binary bits:
4
8
b
e
See if you can convert the following octal numbers to three binary bits:
0
2
6
7
You can check your answers at end of chapter.
Staying Safe
When working on computers and networks, it’s important to pay
attention to safety. Successful technicians remember that computing devices
are just things that can be replaced, but people cannot be replaced. In other
words, it’s always important to value people over things when working on
computers and networks.
The following sections cover common safety precautions mentioned
in the Network+ objectives.
Electrical Safety
As a general guideline, you should never open and work on
computers or networking devices without first removing power. This includes
turning the device off and unplugging it.
The exception is if you are measuring voltages. Obviously, the system
needs to be powered on to measure voltages. However, it’s important to be
careful any time a device is open. This is to protect you as the technician and
to prevent accidental damage to the device.
When working inside a powered on device, it’s important to remove
or cover all your jewelry. If a metal watchband or ring touches some
components, it can easily destroy the device. Depending on the device, it can
also give you a memorable shock.
Some technicians don’t want to remove rings, such as wedding rings.
Covering them with tape while working on the device avoids any problems.
Equipment Grounding
In electronics, ground refers to a path to Earth. Buildings commonly
have a spike hammered into the ground with a copper cable attached to it.
This copper cable is attached to the electrical ground connection throughout
the building.
Electrical equipment (including computing and networking devices)
includes circuitry that will automatically redirect any dangerous voltages to
ground to prevent shocks. As an example, if a device develops a fault that can
put 115 volts AC onto the case of the equipment potentially shocking anyone
that touches it, the circuitry instead sends this voltage to ground.
While it’s rare for a device to develop such a fault, all it takes is once.
If the voltage has enough current, it can kill a person.
With this in mind, it’s important for technicians to keep ground
connections connected. Disconnecting the ground connections can allow
dangerous voltages to bypass safety circuits.
ESD
Electrostatic discharge (ESD) refers to the discharge of static
electricity. It can damage electronic components so technicians take steps to
prevent ESD damage. You’ve probably experienced a static discharge at
some point in your life. The most common way is after walking across a
carpeted floor and touching a door knob. The static builds up on you, and
when you touch the doorknob, it discharges.
The shock you felt might have been unpleasant, but it wasn’t harmful.
If you felt it, at least 3,000 volts were discharged from your hand to the door
knob. If you actually saw the spark when it discharged, it was at least 8,000
volts. The good news is these voltages won’t kill or hurt people, mostly
because static discharge has very little current.
In contrast, as little as 250 volts can damage electronic components
inside computing and networking devices. You won’t see it. You won’t feel
it. However, the damage is real.
A primary method of preventing ESD is by controlling humidity. If
humidity is too low, it allows static to build up quickly. If you live in a colder
area, you’ll notice that static is more common in the colder months because
heating systems remove humidity from the air. In contrast, when the humidity
is higher, the static charges dissipate naturally. Ideally, humidity should be
around 50 percent. Static can build up on carpets easier than other floor
surfaces so computing devices should not be placed on carpets.
Technicians prevent ESD damage with ESD wrist straps, antistatic
bags, and ESD mats. These help prevent the buildup of static by ensuring the
technician and the equipment are at the same ground potential. Even without
these ESD tools, if you touch the computer case before working on any
components, it will harmlessly discharge built-up static onto the case. If you
remove any circuit cards, don’t touch the components or the pins. Instead,
hold the outside edges or the plastic handles.
Installation Safety
Installation safety refers to some miscellaneous topics beyond
electrical safety or ESD.
Lifting equipment. When lifting equipment, it’s best to lift with your
legs, not your back. In other words, instead of bending down to pick up heavy
equipment, you should squat by bending your knees to pick it up. There
aren’t any firm guidelines on safe weight limitations. However, many
standards recommend that individuals do not try to lift equipment more than
70 pounds without help.
Rack installation. Servers and networking devices are commonly
mounted in racks about the size of refrigerator. When mounting the
equipment, it’s often best to do so with two people. One person can hold the
equipment, while the other person screws the device into rack
Placement. When mounting devices within racks, another concern is
ensuring there is enough room for airflow between the devices. In some
situations, instead of mounting devices directly on top of each other, it’s
necessary to mount them so that there are gaps between them. This helps
prevent equipment damage from overheating.
Tool safety. It’s also important to follow general safety practices
when working with tools. The practices vary from one tool to another, but are
outlined in the tools documentation.
MSDS
Material Safety Data Sheets (MSDSs) are available for most products
that have a potential to cause harm to people or equipment. This includes
materials such as cleaning solutions, paints, and chemicals. The MSDS
identifies important safety facts about the material such as its contents and
characteristics.
A primary element of the MSDS is first aid steps to take if the product
causes an adverse reaction to either people or equipment. For example, you
may use cleaning products that clean computer screens or keyboards. If any
of these products is causing an adverse reaction to either people or the
equipment, you can refer to the MSDS sheet for information on the product
and additional steps to take after the exposure.
Remember This
An MSDS includes important safety information about
potentially hazardous products. If a product causes an
adverse reaction, the MSDS will include first aid
information to minimize the effects.
Fire Suppression
You can fight fires with individual fire extinguishers, with fixed systems, or both.
Most organizations included fixed systems to control fires and place portable fire
extinguishers in different areas around the organization. A fixed system can detect a fire
and automatically activate to extinguish the fire. Individuals use portable fire extinguishers
to suppress small fires.
The different components of a fire are heat, oxygen, fuel, and a chain reaction
creating the fire. Fire suppression methods attempt to remove or disrupt one of these
elements to extinguish a fire. You can extinguish a fire using one of these methods:
Remove the heat. Fire extinguishers commonly use chemical agents or water to
remove the heat. However, you should never use water on an electrical fire.
Remove the oxygen. Many methods use a gas, such as carbon dioxide (CO2) to
displace the oxygen. This is a common method of fighting electrical fires because
CO2 and similar gasses are harmless to electrical equipment. However, when used
in server rooms or data centers, they threaten the lives of employees so additional
precautions are needed to ensure personnel exit before activating the fire
suppression system.
Remove the fuel. Fire-suppression methods don’t typically fight a fire this way,
but the fire will go out after all burnable material is gone.
Disrupt the chain reaction. Some chemicals can disrupt the chain reaction of
fires to stop them.
Remember This
Fire suppression systems attempt to detect and extinguish
fires. Systems that remove or displace all the oxygen in the
room can potentially threaten the lives of personnel in the
room, so should be considered with caution.
HVAC
Heating, ventilation, and air conditioning (HVAC) systems enhance the availability of
systems. Computing and networking devices can’t handle drastic changes in temperatures,
especially hot temperatures. If devices overheat, the chips can actually burn themselves
out. HVAC systems also control humidity to help prevent ESD damage.
The cooling capacity of HVAC systems is measured as tonnage. This has nothing to
do with weight, but instead refers to cooling capacity. One ton of cooling equals 12,000
British thermal units per hour (Btu/hour), and typical home HVAC systems are three-ton
units. Higher-tonnage HVAC systems can cool larger areas or areas with equipment
generating more heat.
The amount of air conditioning needed to cool a massive data center is much greater
than you need to cool your home, primarily because of all the heat generated by the
equipment. If your home air conditioner fails in the middle of summer, you may be a little
uncomfortable for a while, but if the data center HVAC system fails, it can result in loss of
availability and a substantial loss of money.
As mentioned previously, it’s common to mount computing and networking devices
in installation racks (sometimes called bays or cabinets). These racks usually have locking
doors in the front and rear for physical security. The doors have perforations allowing cold
air to come in the front, passing over and through the devices to keep them cool. Slightly
warmer air exits out the rear. Additionally, a server room has raised flooring with air
conditioning pumping through the space under the raised floor.
Emergency Procedures
Another element of safety is being aware of existing emergency
procedures where you work. The following text summarizes some common
emergency procedures
Emergency alert system. A common emergency alert system is a fire
alarm. Fire alarms can go off automatically, or be set off manually.
Additionally, some organizations have other alerts or alarms for specific
situations. For example, some data centers use fire suppression systems that
remove or displace oxygen in the data center. While this effectively fights the
fire, it can also be harmful to humans if they stay in the data center. Many of
these have unique-sounding alarms that go off before the fire suppression
system activates. This gives employees time to exit the area.
Fire escape plan. A fire escape plan identifies the best path to take to
exit the building. Many organizations post the fire escape plan near the exit
door. This gives employees
Safety/emergency exits. Some exits are not used during normal
activity, but instead give personnel another exit in case of an emergency.
These are typically alarmed and the alarms go off anytime someone opens the
exit. This discourages people from opening them except for during an
emergency.
Building layout. Employees should know the layout of a building so
that they can identify the best path to take in case of an emergency. As an
example, personnel should stairs instead of elevators during a fire, so they
should know where the stairs are, even if they don’t use them regularly.
Fail open/fail close. During emergencies, exit doors should allow
personnel to open them so that they can exit. Understanding this, if power
fails, the doors should fail in an open (or unlocked) state allowing personnel
to exit. In contrast, organizations may want to ensure that entrance doors to
secure areas fail in a closed state. This way, if the building loses power,
unauthorized people would not be able to enter the secure areas. Some exit
doors include a manual method of opening the door from the inside when
power goes out (providing a fail open state), while still preventing someone
from opening the door from the outside when power goes out (providing a
fail close state).
Try This Conversion Answers
The following decimal numbers converted to four binary bits are:
1 is 0001
3 is 0011
5 is 0101
9 is 1001
The following hexadecimal numbers converted to four binary bits are:
4 is 0100
8 is 1000
b is 1011
e is 1110
See if you can convert the following octal numbers to three binary bits:
0 is 000
2 is 010
6 is 110
7 is 111
Chapter 1 Exam Topic Review
When preparing for the exam, ensure you understand these key concepts from this
chapter.
Unicast, Multicast, and Broadcast
Unicast transmissions are one-to-one. A device sends a unicast
transmission from one device to one other device.
Broadcast transmissions are one-to-all. A device addresses a
broadcast transmission from one device to all other devices on a
network. Hubs and switches pass broadcast transmissions but
routers do not pass most broadcast transmissions.
Multicast transmissions are one-to-many. A device addresses a
multicast transmission from one device to several other devices.
This allows a single computer to address multiple devices with
a single multicast address without addressing all of them as a
broadcast transmission does.
Common Network Components
Network clients or hosts include desktop personal computers, servers,
printers, laptop computers, smartphones, and tablets.
Switches or hubs connect network devices together in a single network.
Twisted pair cables such as CAT5e or CAT6 run between network clients
and a switch or hub.
Routers connect networks together creating larger routed networks.
Firewalls protect a network from unauthorized users. They provide a layer
of protection from Internet threats and are typically located at a network’s
border between the private network and the Internet.
Routers and firewalls use access control lists (ACLs) to define network
access. An ACL is a group of rules.
Modems provide access to the Internet through an ISP. Two popular
modem types are cable modems and digital subscriber line (DSL) modems.
The order of network connectivity for a computer to the Internet is:
Computer -> Switch -> Router -> Firewall -> ISP -> Internet.
Switches forward broadcast traffic to all other ports but are selective with
other traffic. Routers block broadcast traffic.
Some important points to remember related to collision domains and
broadcast domains are:
Hubs pass all traffic.
Devices connected to a hub are in a single collision domain and a
single broadcast domain.
Switches segment unicast traffic and pass broadcast traffic.
Switches create a single broadcast domain and create separate
collision domains for each port on the switch.
Routers do not pass broadcast transmissions.
Routers create separate broadcast domains.
Half-duplex mode uses a single connection to send and receive data, but it
cannot send and receive data at the same time.
Full duplex mode uses a single connection with separate lines for sending
and receiving. A system can send and receive data at the same time with a
full duplex mode connection.
Most interfaces support auto-negotiation and configure themselves to use
the fastest mode and speed. Connections fail if one device is manually set
to half duplex and the other device is manually set to full duplex.
PANs, LANs, WANs, and More
A personal area network (PAN) is a network of devices around a single
person. Bluetooth is the primary protocol used with a PAN.
A local area network (LAN) is a network of devices within a single
location.
A wireless local area network (WLAN) connects devices without the need
for cables.
A campus area network (CAN) is a network that connects multiple
buildings in a small geographical area, such as a university campus.
A metropolitan area network (MAN) is a group of networks spread across a
larger geographical area beyond the size of a campus.
A wide area network (WAN) is a group of two or more networks spread
across a large geographical area.
A virtual private area network (VPN) is a connection to a private network
over a public network such as the Internet.
Network Topologies
Most organizations use a star topology to connect computers into a
network. In a star topology, devices connect to a central device such as a
switch. The central device is a single point of failure for users connected to
the switch.
Ring topologies connect devices in a circle. Devices pass a token around
the ring and devices are only able to transmit data when they have the
token. This methodology forces devices to wait before communicating.
Fiber Distributed Data Interface (FDDI) is a type of ring network using
fiber optic cable and two rings. Each ring transmits data in the opposite
direction providing redundancy for the network.
Some Synchronous Optical Networking (SONET) protocols use ring
topologies.
Bus topologies connect devices together in a single line. The entire
network fails if both ends of the bus do not include terminators. A break
anywhere in the bus takes down the entire network. The break creates two
separate networks and each network has only one terminator.
Computers in a peer-to-peer (P2P) network share information with each
other. File sharing technologies such as BitTorrent use P2P networks.
Basic Networks
One of the first steps when planning a basic network is to create a list of
requirements.
A typical basic network uses a switch, a router, a firewall, a modem, and
cables.
The modem provides Internet access through an Internet service provider
(ISP).
A firewall provides a layer of protection for the basic network against
Internet threats. A router and a firewall are not needed if the basic network
is not connected to the Internet.
A wireless network typically uses a wireless router instead of a
switch and a router and only requires cables for devices that
cannot connect wirelessly.
Environment limitations are a primary consideration when
identifying the best location for networking devices. Ideally, you’ll
be able to avoid interference and have adequate power and air
conditioning.
Numbering Systems
Decimals have a base of ten and other numbering systems are
commonly converted to or from decimal.
Binary has a base of two, with valid numbers of 0 and 1 only.
Octal has a base of eight, with valid numbers of 0 through 7.
Octal numbers are represented with three bits. For example, 101
is equal to five octal.
Hexadecimal has a base of 16, with valid numbers of 0 through
9 and a through f. Hexadecimal numbers are represented with
four bits. For example, 1001 is equal to nine hexadecimal.
Safety Issues
Devices should be turned off and unplugged before opening
them.
Electrical grounds should not be disabled on networking
devices.
Electrostatic discharge (ESD) can damage equipment.
Technicians prevent ESD damage with ESD wrist straps,
antistatic bags, and ESD mats.
Material Safety Data Sheets (MSDSs) include important safety
information about potentially hazardous products. If a product
causes an adverse reaction, the MSDS will include first aid
information to minimize the effects.
Fire suppression systems attempt to detect and extinguish fires
before they get out of control. Some remove the oxygen from a
room, which can pose a risk to personnel in the room.
Heating, ventilation, and air conditioning (HVAC) systems
enhance the availability of systems by controlling temperature
and humidity.
Emergency procedures include alert systems, fire escape plans,
safety and emergency exits, and knowing the building layout.
Additionally, it’s important to consider safety when
determining if doors should fail in an open state or in a closed
state.
Chapter 1 Practice Questions
1. Which of the following transmission methods allows a single computer to
address data transmissions to multiple computers on a network without
addressing all the computers on the network?
A. Unicast
B. Multicast
C. Broadcast
D. Switch
1. B is correct. One computer can address multiple computers on a network
without addressing all the computers with multicast data transmissions.
One computer can address one other computer with unicast transmissions.
One computer can address all other computers on a network with broadcast
transmissions and it’s important to remember that most broadcast
transmissions are not passed by routers.
Switches connect computers win a network but a switch is not a transmission
method.
2. Of the following choices, what best defines network access?
A. Implicit deny
B. VPN
C. WAP
D. ACL
2. D is correct. An access control list (ACL) on a router or firewall is a group
of rules that defines network access.
An ACL often has an implicit deny rule at the end to effectively block all
traffic that hasn’t been defined in previous rules, but the implicit deny rule
doesn’t define network access.
A virtual private network (VPN) provides access to an internal private
network over a public network, and an ACL rule can allow or block VPN
access.
A wireless access point (WAP) provides wireless devices access to a wired
network. A WAP can include an ACL but the WAP doesn’t specifically
define network access.
3. You are configuring a basic network. Which of the following is the BEST
order of devices?
A. PC -> Switch -> Router -> Firewall -> ISP
B. PC -> Firewall -> -> Router -> Switch -> ISP
C. PC -> Router -> ISP -> Firewall -> Switch
D. Switch -> PC -> ISP -> Firewall -> Router
3. A is correct. The order of connectivity from a PC to the Internet is the PC,
a switch, a router, a firewall, and then an Internet service provider (ISP)
device such as modem.
PC -> Switch -> Router -> Firewall -> ISP
A basic network will typically have the firewall built into the router. A switch
connects computers in a network.
Routers connect networks, including basic networks, with the Internet.
While not part of this question, broadband networks include a modem and the
router/firewall connects to the modem before the ISP.
4. What is created by separate switch ports?
A. Collision domains
B. Broadcast domains
C. VLAN
D. ACL
4. A is correct. A switch creates separate collision domains between each port
and the device connected to the switch’s port.
All devices connected to a switch are in the same collision domain, so
separate switch ports do not create different collision domains.
You can create separate virtual local area networks (VLANs) with a switch,
but not all switches support VLANs so this isn’t the best answer
An access control list (ACL) is a group of rules used on a router or firewall to
define network access.
5. A company in Silicon Valley owns three buildings within walking distance
of each other and each of these buildings are connected via a single network
What is the best name for this network?
A. CAN
B. LAN
C. MAN
D. PAN
5. Answer: A is correct. A campus area network (CAN) is a network of multiple buildings,
but in a limited area.
A local area network (LAN) connects computers in a limited area such as within a home or
a single building.
A metropolitan area network (MAN) that spans a large area such as a city or a very large
campus. While three buildings might be described as a MAN, it is more accurate to call it a
CAN because it is only a few buildings and the same company owns the buildings.
A personal area network (PAN) is centered around a person.
6. Which of the following is a network topology?
A. Bust
B. Ethernet
C. Multicast
D. Star
6. D is correct. Star is a type of network topology. In a star topology, all
devices connect to each other via a central networking device such as a hub
or a switch.
A bus topology connects all devices in a line but “bust” is not a valid network
topology.
Ethernet is a type of technology not a topology.
Multicast is a type of data transmission that allows one device to send data to
multiple devices at a time without directly addressing each individually.
7. What type of network topology connects devices in a circle?
A. Bus
B. Mesh
C. Ring
D. Star
7. C is correct. The ring network (also known as a token ring network)
topology connects devices in a circle and passes a logical token around the
circle.
A bus topology connects devices in a line.
A mesh topology uses multiple connections instead of a single circle.
Devices connect into a star topology via a central device such as a switch.
8. Computers within a network are only able to transfer data when they have
access to a logical token. What type of topology does this describe?
A. Star
B. Ring
C. Bus
D. MPLS
8. Answer: B is correct. Ring topologies (often called token ring) use a logical token and
devices can only communicate when they have access to the token. A ring topology is
configured in a circle or ring.
Star topologies use a central device such as an Ethernet switch or a hub, which do not use
tokens.
Bus topologies do not use tokens. They are rarely used on networks because a failure in
one connection results in a failure for all devices on the bus.
Multiprotocol Label Switching (MPLS) does not use tokens. MPLS is a wide area network
(WAN) protocol that uses labels to identify addressing paths.
9. You are a network technician for a small company. Another technician
accidentally cut one of the cables effectively separating the network into two
networks. Of the following choices, what type of network topology is this?
A. Bus
B. Mesh
C. Ring
D. Star
9. A is correct. Of the given choices, the only type of topology that separates
a network into two networks is the bus topology. This cable break results in
all devices on the network losing connectivity because of the two networks
has only a single terminator.
A mesh network includes multiple redundant connections so a single break
would not affect the network.
In a ring network, the devices are connected in a circle so a single break
doesn’t create two networks.
Devices connect to a central device such as a hub or a switch in a star
network and a single break does not create two networks.
10. A business owner hired you to help her create a basic network. Of the
following choices, what would you do FIRST?
A. Purchase a switch and access point supported by the ISP
B. Identify the operating systems used within the network
C. Create a list of requirements and constraints
D. Upgrade computers within the network
10. C is correct. One of the first steps when creating any network, including a
basic network, is to identify the requirements and constraints.
You should not purchase equipment until you identify what equipment is
needed.
Most network devices are operating system independent so the type of
operating systems running on the computers might not be relevant, and
certainly isn’t as important as creating a list of requirements and constraints.
The computers probably don’t need to be upgraded but if they do, you would
identify this in your list of requirements and constraints.
11. You need to network six PCs together for a basic network. The business
owner does not want these devices to access the Internet. Which of the
following items do you need? (Select TWO.)
A. Switch
B. Router
C. Firewall
D. CAT6 cables
11. A and D are correct. You would connect the devices with cables (such as
CAT6 or CAT5e cables) and a switch.
The business owner doesn’t want the devices to access the Internet so a router
or a firewall isn’t needed.
12. You are helping a business owner set up a basic network and you have
the following equipment:
2 laptops with wired and wireless NICs
2 desktop PCs with wired and wireless NICs
2 Ethernet cables
1 wireless router with three physical ports
1 cable modem
The owner wants to connect as many systems as possible to the network and
the Internet using wired connections. The owner does not have a budget for
any more equipment. How should you configure the network?
A. Connect the wireless router to the modem with a cable. Connect
two computers to the router with a cable. Connect the two other
computers to the wireless router wirelessly.
B. Connect the modem to the wireless router with a cable. Connect
two computers to the modem with a cable. Connect the two other
computers to the modem wirelessly.
C. Connect the modem to the wireless router with a cable. Connect
one computer to the modem with a cable. Connect the three other
computers to the modem wirelessly.
D. Connect the wireless router to the modem with a cable. Connect
one computer to the router with a cable. Connect the three other
computers to the wireless router wirelessly.
12. D is correct. You would connect the wireless router to the modem with a
cable. Internet access is through the modem to an Internet service provider
(ISP) in a basic network. You would then connect one of the computers to the
wireless router with the second cable and connect the remaining computers to
the wireless router using wireless connections.
If you have only one computer, you could connect it directly to the modem
but in order to share the connection, you would need to connect the
computers to the wireless router.
You only have two cables, so you only have one more cable to connect a
computer to the router with a wired connection.
13. You are helping a business owner set up small office network. Employees
have ten laptops, each with Wi-Fi capabilities. The office has a DSL line.
What equipment needs to be purchased? (Choose TWO.)
A. ISP
B. Wireless router
C. Modem
D. DSL balancer
E. Ten cables for the ten computers
13. B and C are correct. You would need to have a modem (more
specifically, a digital subscriber line (DSL) modem) to connect to the DSL
line. Additionally, you would need to have a wireless router to connect the
ten laptops to the wireless router using wireless capabilities. You would then
connect the wireless router to the DSL modem.
A small business owner does not need to purchase an Internet service
provider (ISP), but would subscribe to Internet access through an ISP.
There is no such thing as a DSL balancer.
The ten wireless laptops connect wirelessly, so cables are not needed.
14. Your organization recently purchased another company. Several
administrators have inspected the server room at the new company and raised
safety concerns. Specifically they state that the server room has a system that
can remove all oxygen from the room and threaten the lives of anyone in the
room. What is the purpose of this system?
A. ESD prevention
B. Safety of personnel
C. Temperature control
D. Fire suppression
14. Answer: D is correct. This scenario describes a fire suppression system.
An electrostatic discharge (ESD) prevention system includes tools and techniques to

prevent ESD damage, but does not include the ability to remove oxygen from a room.
Removing oxygen from a room does not preserve safety of personnel. A Material Safety
Data Sheet (MSDS) provides personnel with safety information about potentially
hazardous materials, such as cleaning agents.
The Material Safety Data Sheet (MSDS) for the cleaning agent will provide the best
information, such as first aid treatment.
Heating and ventilation air conditioning (HVAC) systems maintain proper temperature and
humidity. They do not remove oxygen from a room.
15. A technician has had prolonged contact with a cleaning agent and is
getting a rash. Which of the following will provide the best information in
this scenario?
A. SLA
B. MOU
C. SOW
D. MSDS
15. Answer: D is correct. The Material Safety Data Sheet (MSDS) for the cleaning agent
will provide the best information, such as first aid treatment.
A service level agreement (SLA) stipulates performance expectations, such as minimum

uptime and maximum downtime levels.
A memorandum of understanding (MOU) expresses an understanding between two or more
parties indicating their intention to work together toward a common goal.
A statement of work (SOW) identifies the scope of work for a contractor.

Sample Network+ Practice Test
Questions
These additional practice test questions are from the CompTIA Network+ N10-006
Practice Test Questions (Get Certified Get Ahead) [Kindle Edition]. This Kindle short did
not cover these topics, but the CompTIA Network+ N10-006 Practice Test Questions (Get
Certified Get Ahead) [Kindle Edition] covers all of the objectives for the N10-006 exam
with practice test questions and flashcards.
1. Users in the network are frequently downloading videos, which has been
slowing down overall network performance. Management wants to reduce
the effect of streaming video on the performance of the network, but not
block video streaming completely. Which of the following would
administrators implement to define how much bandwidth video streaming
traffic can consume?
A. Traffic shaping
B. Proxy server
C. Content filter
D. Load balancer
1. Answer: A is correct. Traffic shaping can limit traffic on a network based
on specific protocols or types of traffic, such as limiting the amount of audio
or video streaming. It can also limit the traffic for specific users, or based on
other needs for an organization. It is often used as part of a quality of service
(QoS) solution.
B is incorrect. A proxy server can block access to sites that stream audio and
video using content-filtering techniques. However, it can only allow or block
the traffic, not allow a certain amount of bandwidth as traffic shaping does.
C is incorrect. A content filter can allow or block traffic based on the content,
but it doesn’t include the ability to shape the traffic by allowing a limited
amount of bandwidth for any type of traffic.
D is incorrect. A load balancer can balance the load for multiple devices, but
it cannot shape the traffic.
Objective: 1.1 Explain the functions and applications of various network

devices.
2. You need to add the capability to filter Internet traffic through a firewall
based on keywords defined by a company. What would you use?
A. An implicit deny firewall
B. A content filter
C. An ACL
D. A stateful inspection firewall
2. Answer: B is correct. A content filter can filter traffic based on keywords
or web site addresses. Some firewalls include the ability to filter traffic with a
built-in content filter.
A is incorrect. Firewalls use an implicit deny philosophy where they block all
traffic except for traffic that has been explicitly allowed. An implicit deny
philosophy does not provide content filtering.
C is incorrect. An access control list (ACL) on a firewall identifies traffic that
is allowed or blocked based on IP addresses, ports, and protocols, but cannot
be used to block traffic based on keywords.
D is incorrect. A stateful inspection firewall can block or allow traffic based
on the state of a connection, but not based on keywords. For example, if a
packet has been allowed into a network, a stateful inspection firewall will
allow the returned traffic out of the firewall.
Objective: 1.1 Explain the functions and applications of various network

devices.
3. You are configuring an application that will automate monitoring of
network devices. You need to ensure the application and the network devices
use a secure protocol. Which of the following is the BEST choice?
A. SNMPv3
B. SMTP
C. Syslog
D. SIEM
3. Answer: A is correct. Simple Network Management Protocol version 3
(SNMPv3) is a secure protocol used to monitor and remotely monitor
network devices and is the best choice.
B is incorrect. Simple Mail Transfer Protocol (SMTP) is used for sending

email, not monitoring network devices.
C is incorrect. Syslog can be used to centrally manage logging from multiple
devices, including multiple servers, but SNMPv3 is a better choice when
monitoring network devices.
D is incorrect. A Security Information and Event Management (SIEM)
system collects events in real time and raises alerts. It is not a protocol used
to manage network devices.
Objective: 2.1 Given a scenario, use appropriate monitoring tools.

4. Management recently updated the security policy and added the following
requirement: “All network infrastructure devices (such as routers, firewalls,
and security appliances) must send system-level information to a single
server.” What should administrators implement to ensure they can review this
information?
A. An SSO server
B. A RADIUS server
C. An 802.1x server
D. A syslog server
4. Answer: D is correct. Syslog is a message-logging standard. A syslog
server is a centralized server that can collect logs from multiple devices, and
it includes the ability to filter and analyze the entries.
A is incorrect. Single sign-on (SSO) allows users to log on once and be able
to access multiple resources without logging on again. It is unrelated to
logging.
B is incorrect. A Remote Authentication Dial-In User Service (RADIUS)
provides a centralized authentication service, and it isn’t used to collect logs
from network devices.
C is incorrect. RADIUS is often used as an 802.1x server, and it can prevent
users from accessing a network until they log on. 802.1x does not collect logs
from network devices.
Objective: 2.1 Given a scenario, use appropriate monitoring tools.

5. You need to set up a wireless network for customers so that they can
access the Internet. However, you do not want the customers to be able to
access the company’s network. What should you set up?
A. DMZ
B. VTP
C. 802.1x server
D. Guest network
5. Answer: D is correct. A guest network allows customers to access the
Internet without being able to access an internal network.
A is incorrect. A demilitarized zone (DMZ) provides some protection for

Internet-facing servers, but won’t grant customers access to the Internet.
B is incorrect. The VLAN Trunk Protocol (VTP) is a Cisco protocol that
transmits VLAN information to all switches on the network. It will not
provide customers access to the Internet.
C is incorrect. An 802.1x server can require users to authenticate before
granting them access to a network. However, customers would not have user
accounts, so would not be able to authenticate.
Objective: 3.6 Explain the purpose of various network access control models.
6. While troubleshooting an issue on a user’s computer, a technician
discovers several videos that are not work related and might be illegal. What
should the technician do?
A. Contact the police.
B. Create a forensic report.
C. Escalate the event.
D. Create a chain-of-custody document.
6. Answer: C is correct. The technician should escalate the incident based on
the organization’s policies. In most cases, the technician would escalate the
incident to a manager or supervisor.
A is incorrect. It is not appropriate for the technician to contact the police
unless there is some type of threat to people. Also, the technician doesn’t
know if the videos are illegal. Management might choose to call the police
later.
B is incorrect. Forensic experts would create a forensic report after
performing a forensic investigation. However, there is no indication an
investigation has been performed.
D is incorrect. The technician should create a chain-of-custody document if
evidence was collected, but no evidence was collected in this scenario.
Objective: 3.7 Summarize basic forensic concepts.

7. You are troubleshooting a network problem that is preventing a user from
accessing any resources outside the network. You theorize that the default
gateway was configured incorrectly and test the system with ipconfig to
verify your theory. What should you do next?
A. Identify the problem.
B. Establish a plan of action to resolve the problem and identify
potential effects.
C. Implement the solution or escalate as necessary.
D. Document findings, actions, and outcomes.
7. Answer: B is correct. The CompTIA troubleshooting model specifies that
you should establish a plan of action to resolve the problem after establishing
and testing a theory. In this case, the solution would be to reconfigure the
default gateway correctly.
A is incorrect. The first step is to identify the problem and this was done by
gathering information and identifying the symptoms.
C is incorrect. Before implementing the solution, a plan of action is
established to determine any potential effects.
D is incorrect. The last step of the CompTIA troubleshooting model is
documentation.
Objective: 4.1 Given a scenario, implement the following network

troubleshooting methodology.
8. You maintain a wireless network that is using MAC filtering to restrict
access. You suspect that attackers have discovered MAC addresses and are
spoofing them to gain access. What would they have used to discover these
MAC addresses?
A. Firewall
B. Protocol analyzer
C. Multimeter
D. OTDR
8. Answer: B is correct. A protocol analyzer (also called a sniffer) can
capture and analyze packets to discover the allowed media access control
(MAC) addresses. Wireless attackers use wireless sniffers to capture wireless
traffic to identify specific information, such as the service set identifier
(SSID) and allowed MAC addresses.
A is incorrect. The firewall provides some protection against attacks, but the
attackers would not use it to discover MAC addresses.
C is incorrect. Technicians use multimeters to take measurements such as
voltage measurements or continuity checks.
D is incorrect. An optical time domain reflectometer (OTDR) can identify the
location of a break in a fiber-optic cable.
Objective: 4.2 Given a scenario, analyze and interpret the output of

troubleshooting tools.
9. Ten computers are connected in a network via a switch. However, two
computers are unable to communicate with any other computers in this
network. Using a sniffer, you capture some traffic that includes the following
output:
On which layer of the OSI model is this problem located?

A. Physical
B. Transport
C. Data Link
D. Network
9. Answer: D is correct. The problem is occurring on the Network layer
(Layer 3) of the Open Systems Interconnection (OSI) model. The table shows
that two different computers have the same source IP address. You can tell
that they are different computers because they have different source media
access control (MAC) addresses.
A is incorrect. The Physical layer (Layer 1) sends data out as bits, but this
question is using IP and MAC addresses.
B is incorrect. The Transport layer (Layer 4) uses Transmission Control
Protocol (TCP) or User Datagram Protocol (UDP) ports to identify traffic, but
the scenario doesn’t mention ports.
C is incorrect. The Data Link layer (Layer 2) uses media access control
(MAC) addresses, but the scenario doesn’t indicate any problem with the
MAC addresses.
Objective: 5.1 Analyze a scenario and determine the corresponding OSI

layer.
10. Users are reporting errors accessing some web sites. You’ve verified that
you can access GetCertifiedGetAhead.com, but you are unable to access web
sites that require you to log on. What is the MOST likely problem?
A. TCP port 53 is blocked at the network firewall.
B. UDP port 67 is blocked at the network firewall.
C. TCP port 80 is blocked at the network firewall.
D. TCP port 443 is blocked at the network firewall.
10. Answer: D is correct. Hypertext Transfer Protocol Secure (HTTPS) is
used for secure transactions such as when logging on to a web site or making
purchases. HTTPS uses port 443, so it is likely blocked at the firewall.
A is incorrect. Domain Name System (DNS) uses port 53 by default, but

there is not a problem with DNS. It uses Transmission Control Protocol
(TCP) port 53 when doing zone transfers between DNS servers and User
Datagram Protocol (UDP) port 53 when responding to DNS queries.
B is incorrect. Dynamic Host Configuration Protocol (DHCP) uses UDP
ports 67 and 68 by default, but a problem with DHCP isn’t indicated.
C is incorrect. HTTP uses port 80 by default, but HTTP is working.
Objective: 5.5 Given a scenario, implement the appropriate policies or

procedures.
Bonus
CompTIA Network+ Flashcards
These flashcards are related to all of the Network+ N10-006
objectives, not just the objectives covered in this chapter. They are organized
based on the five domains of the Network+ exam:
Network Architecture
Network Operations
Network Security
Troubleshooting
Industry Standards, Practices, and Network Theory
Flashcards for Network Architecture
Q. What is the range of Class A addresses?

A. 1.0.0.0 to 126.255.255.254
Q. What is the range of Class B addresses?
A. 128.0.0.0 to 191.255.255.254
Q. What is the range of Class C addresses?
A. 192.0.0.0 to 223.255.255.254
Q. What is the range of Class D addresses?
A. 224.0.0.0 to 239.255.255.255
Q. Where is a unicast packet sent?
A. To one other system
Q. Where is a broadcast packet sent?
A. To all other systems on the same network (not past routers or to other
VLAN segments)
VLAN is an acronym for virtual local area network.

Q. What is this address: 169.254.34.67?
A. An APIPA address
APIPA is an acronym for Automatic Private Internet Protocol

Addressing.
Q. What type of address is this: 10.10.0.80?
A. IPv4 (private)
Q. What type of address is this: 01:23:45:ab:cd:ef?
A. Media access control (MAC) or hardware address
Q. What type of address is this: ::1?
A. IPv6 loopback address
Q. What notation is this using: 192.168.1.34/24?
A. CIDR notation
CIDR is an acronym for Classless Inter-Domain Routing.

Q. What is configured on a router to provide Internet access to multiple
clients?
A. PAT or NAT
PAT is an acronym for Port Address Translation.

NAT is an acronym for Network Address Translation.
Q. What creates a broadcast domain?
A. Routers and VLAN segments on a switch

Q. How does OSPF calculate cost?
A. Bandwidth (reference bandwidth of 100 Mbps)
OSPF is an acronym for Open Shortest Path First.

Q. How does RIP calculate cost?
A. Hop count
RIP is an acronym for Routing Information Protocol.

Q. What is the name of the physical device when referring to a hop?
A. Router
Q. What appliance is used to ensure multiple servers have an equal amount of
traffic?
A. Load balancer
Q. What appliance would be used to connect two sites together over the
Internet?
A. VPN concentrator
VPN is an acronym for virtual private network.

Q. What appliance would be used to block access to objectionable web sites?
A. Content filter (or proxy server)
Q. What appliance can filter access to objectionable web sites and improve
performance of Internet access?
A. Proxy server
Q. What hardware tool can verify a cable meets specifications?
A. Cable certifier
Q. What hardware tool is used to connect an RJ-45 connector to a twisted-
pair cable?
A. Crimper
Q. What type of cable is used by MMF?
A. Fiber
MMF is an acronym for multimode fiber.

Q. What type of twisted-pair cable protects against EMI?
A. STP
EMI is an acronym for electromagnetic interference.

STP is an acronym for shielded twisted-pair.
Q. What cable type provides the BEST protection against EMI?
A. Fiber

Q. What type of cable conforms to fire code?
A. Plenum-rated
Q. What is the maximum recommended speed for CAT5e cable?
A. 1,000 Mbps
Q. What is the maximum recommended speed for CAT6 cable?
A. 10 Gbps
Q. What is the maximum distance of a CAT5e cable run?
A. 100 meters
Q. What type of cable would you use to connect two older switches together?
A. Crossover
Q. What type of VPN allows users to access the network with a web
browser?
A. SSL VPN

SSL is an acronym for Secure Sockets Layer.
Note that SSL VPNs often use Transport Layer Security (TLS).
Q. What type of DNS record resolves a host name to an IPv4 or IPv6
address?
A. A or host (for IPv4), AAAA (for IPv6)
DNS is an acronym for Domain Name System.

Q. What is an MX record used for?
A. To locate email servers
MX is an acronym for Mail Exchanger.

Q. What is used to allow DHCP clients to register information with DNS?
A. Dynamic DNS
DHCP is an acronym for Dynamic Host Configuration Protocol.

Q. What type of DNS record is used to resolve an IP address to a host name?
A. PTR (Pointer record for reverse lookup)

Q. What type of DNS record is used to allow a host to be contacted with
different host names?
A. CNAME (Canonical Name or alias)

Q. Where is a virtual switch used?
A. In a virtual network
Q. You are running multiple computer operating systems on a single
computer. What is the name for each of these OS instances?
A. Virtual machines (VMs)
Q. What type of address does a non-DHCP client use?
A. Static or manually assigned

Q. A DHCP server issues a range of IP addresses. What is a range called in
DHCP?
A. Scope

Q. What provides dynamic IP addressing?
A. DHCP

Q. What determines how long a DHCP client keeps an IP address?
A. Lease length

Q. What is used to ensure that a DHCP client will always get the same IP
address?
A. Reservation

Q. What options will a DHCP server provide?
A. IP address, subnet mask, default gateway, DNS address, and more

Q. What do you use to plug a fiber-optic cable into an RJ-45 jack?
A. Media converter (or transceiver)
RJ is an acronym for Registered Jack.

Q. How many pins are on an RS-232 connector?
A. 9
Q. What types of connectors are used with fiber?
A. ST, SC, LC, MT-RJ
ST is an acronym for straight tip.

SC is an acronym for Standard Connector/Subscriber Connector,
sometimes called square connector.
LC is an acronym for local connector or Lucent Connector.
MT-RJ is an acronym for Mechanical Transfer-Registered Jack.
Q. What type of connector is used with twisted-pair cable?
A. RJ-45
Q. What type of connector is used with RG-6 cable?
A. F-connector
Q. What connector would you use with RS-232?
A. DB-9
Q. What type of connector is used with a phone line?
A. RJ-11
Q. What type of connector is used with coaxial cable?
A. BNC
BNC is an acronym for Bayonet Neill-Concelman.

Q. What is a first step when implementing a basic network?
A. Create a list of requirements.
Q. What type of connector is used with DS3?
A. BNC
BNC is an acronym for Bayonet Neill-Concelman.

DS3 is an acronym for Digital Signal 3, also called a T-3 leased line.
Q. What is the maximum distance for Ethernet cable used in a small network?
A. 100 meters (about 330 feet)
Q. What type of cable is used with SONET?
A. Fiber
SONET is an acronym for Synchronous Optical Networking.

Q. What topology is used by SONET?
A. Ring
SONET is an acronym for Synchronous Optical Networking.

Q. What WAN media has the highest latency?
A. Satellites
WAN is an acronym for wide area network.

Q. Which WAN protocol uses labels to identify paths?
A. MPLS
MPLS is an acronym for Multiprotocol Label Switching.

Q. What topology has devices connected in a circle?
A. Ring
Q. Devices are connected in a network via an Ethernet switch. What topology
is being used?
A. Star
Q. What network topology provides the highest degree of redundancy?
A. Mesh
Q. What network topology ensures computers wait to communicate as a
method of avoiding congestion?
A. Ring
Q. Which network topology causes all devices to fail if one device is
disconnected?
A. Bus
Q. What is used to restrict network traffic based on specific protocols?
A. Traffic shaping
Q. What is the delay in response between two systems called?
A. Latency
Q. What will raise an alarm about a network attack, but not necessarily stop
it?
A. IDS
IDS is an acronym for intrusion detection system.

Q. What will raise an alarm about a network attack, while also stopping it?
A. IPS
IPS is an acronym for intrusion prevention system.

Q. What type of detection used by IDSs and IPSs employs statistical
analysis?
A. Behavior-based

Q. What type of detection used by IDSs and IPSs employs a database of
previously known attacks?
A. Signature-based

Q. What type of network would you use to transfer files between two
Bluetooth devices?
A. PAN
PAN is an acronym for personal area network.

Q. What type of network connects multiple buildings in a small geographical
area?
A. CAN
CAN is an acronym for campus area network.

Q. What is the CIDR notation to support only two IP addresses?
A. /30
CIDR is an acronym for Classless Inter-Domain Routing.

Flashcards for Network Operations
Q. What protocol provides power on a twisted-pair cable?

A. PoE, 802.3af
PoE is an acronym for Power over Ethernet.

Q. How can you reduce the distance of a wireless network’s reception?
A. Reduce signal strength.
Q. What is configured on a switch to send all switch traffic to a single port?
A. Port mirroring
Q. What is configured on a switch to create separate networks with separate
broadcast domains?
A. VLAN

Q. What protocol is used to share VLAN information among multiple
switches?
A. VTP
VTP is an acronym for VLAN Trunk Protocol.

Q. What wireless channels should you use if you need to host multiple
WAPs?
A. 1, 6, 11
WAP is an acronym for wireless access point.

Q. What can hide a wireless network from many users?
A. Disabling the SSID
SSID is an acronym for service set identifier.

Q. What is the name of a wireless network called?
A. SSID

Q. Baby monitors, cordless telephones, and microwave ovens can cause
interference on what wireless frequency?
A. 2.4 Ghz
Q. What can you do to make the wireless footprint smaller?
A. Reduce signal strength on the access point.
Q. What protocol is used for centralized logging for multiple devices?
A. Syslog
Q. What type of protocol provides authentication, authorization, and
accounting services?
A. AAA protocol
AAA is an acronym for authentication, authorization, and accounting.

Q. What can a port scanner determine?
A. Open ports (indicating running services and protocols)
Q. What is the name of a bogus server designed to lure attackers?
A. Honeypot
Q. Where should updates for production servers be applied first?
A. To a test server that mimics the production server
Q. What type of antenna is used for directional wireless transmissions?
A. Yagi
Q. What protocol supports port bonding (or combining two or more links)?
A. LACP
LACP is an acronym for Link Aggregation Control Protocol.

Q. What monitoring tool can monitor multiple systems and provide alerts in
real time?
A. SIEM
SIEM is an acronym for Security Information and Event

Management.
Q. What process would an organization implement to ensure systems are kept
up to date?
A. Patch management
Q. What network interface card setting should you check if data is queuing
up before sending?
A. Duplex (set to full-duplex)
If set to half-duplex, data cannot be sent and received at the same

time.
Q. What protocol defines VLANs?
A. 802.1q

Q. You are connecting an IDS to a switch to monitor traffic through the
switch. What must be configured on the switch?
A. Port mirroring

Q. What tool would you use to monitor a cloud-based system for possible
network outages?
A. Network analyzer
Q. You want to verify that network change will improve performance. What
would you create before implementing the change so that you can measure
the improvement?
A. A baseline
Flashcards for Network Security
Q. What is the strongest encryption wireless protocol?

A. WPA2
WPA is an acronym for Wi-Fi Protected Access.

WPA2 is an acronym for Wi-Fi Protected Access II.
Q. How can you restrict access to a wireless network for specific devices?
A. MAC filtering
MAC is an acronym for media access control.

Q. What information is required by a user to access a WPA2-protected
network?
A. Passphrase or pre-shared key

Q. What network resource is needed to implement WPA2-Enterprise?
A. 802.1x server (RADIUS)

RADIUS is an acronym for Remote Authentication Dial-In User
Service.
Q. What type of filtering on a router can restrict access based on a hardware
address?
A. MAC filtering

Q. What protocol is used to manage network devices?
A. SNMP
SNMP is an acronym for Simple Network Management Protocol.

Q. What would you manipulate to block access to a network for a specific
computer?
A. Firewall’s ACL
ACL is an acronym for access control list.

Q. What type of filter allows SMTP traffic through a firewall?
A. Port filter (blocking TCP port 25)
SMTP is an acronym for Simple Mail Transfer Protocol.

Q. What should be used in place of Telnet for better security?
A. SSH
SSH is an acronym for Secure Shell.

Q. Where is IP filtering configured?
A. ACL in a firewall

Q. What is provided with the use of two identical servers?
A. High availability and fault tolerance
Q. What standard is used for port authentication?
A. 802.1x
Q. Name the three primary factors of authentication.
A. Something you know, something you have, and something you are
Q. What would you call an attacker who drives around looking for wireless
networks?
A. War driver
Q. What is the name of a malicious wireless network with the same name as a
legitimate wireless network?
A. Evil twin
Q. What is the name of an unauthorized wireless network with a different
name from a legitimate wireless network?
A. Rogue access point
Q. An attacker impersonates a service technician to gain access to a building.
What is this?
A. Social engineering
Q. What’s the best protection against social engineering?
A. Education
Q. What needs to be done on a firewall to receive email from an ISP?
A. Open incoming port 110 (POP3).
ISP is an acronym for Internet Service Provider.

POP is an acronym for Post Office Protocol.
Q. What is used to filter traffic based on IP addresses for a network?
A. Network-based firewall
Q. What port must be opened on a firewall to allow secure traffic to web
sites?
A. TCP port 443 (HTTPS)
TCP is an acronym for Transmission Control Protocol.
HTTPS is an acronym for Hypertext Transfer Protocol Secure and it

uses TCP port 443.
Q. What port must be opened on a firewall to resolve Internet host names to
IP addresses?
A. UDP 53
UDP is an acronym for User Datagram Protocol.

Domain Name System (DNS) resolves names over UDP port 53.
Q. What type of firewall allows a packet based on its state within an
established session?
A. Stateful inspection firewall
Q. Name two vulnerability scanners.
A. NESSUS and NMAP
There are others, but these are two of the most popular ones.
Q. What protocol is typically used to secure web traffic between a user and
an e-commerce web site?
A. TLS
TLS is an acronym for Transport Layer Security.
Note: TLS is the designated replacement for Secure Sockets Layer

(SSL). SSL was previously the primary protocol used to secure web traffic.
Q. What is the name of the Windows file that malware sometimes
manipulates to redirect web browsers to malicious web sites?
A. Hosts file
Q. What should be created when collecting evidence in response to a security
incident?
A. Chain of custody
Q. What standard documents methods to prevent systems from emanating RF
signals?
A. TEMPEST
Most documents indicate that TEMPEST is not an acronym.

Q. What type of attack floods a system with spoofed ICMP packets?
A. Smurf attack
ICMP is an acronym for Internet Control Message Protocol.
Q. What protocol would you use to securely manage network devices?
A. SNMPv3
SNMPv3 is an acronym for Simple Network Management Protocol

version 3.
Q. What device uses an ACL to filter traffic?
A. Firewall

Flashcards for Troubleshooting
Q. What can prevent a broadcast storm on a switch caused by

connecting two ports together?
A. STP or RSTP
STP is an acronym for Spanning Tree Protocol.

RSTP is an acronym for Rapid Spanning Tree Protocol.
Q. What protocol does ping use?
A. ICMP
ICMP is an acronym for Internet Control Message Protocol.

Q. What protocol resolves IP addresses to MAC addresses?
A. ARP
ARP is an acronym for Address Resolution Protocol.

Q. What tool is used to capture and analyze traffic sent over a network?
A. Protocol analyzer (or sniffer)
Q. What hardware tool can identify the location of a break in a fiber cable?
A. OTDR
OTDR is an acronym for optical time domain reflectometer.

Q. What hardware tool is used to measure voltages?
A. Multimeter
Q. What software tool is used to check connectivity with a remote system?
A. Ping (or tracert)
Q. What software tool is used to measure RTTs?
A. Tracert
RTT is an acronym for round trip time.

Q. What command provides information about the entire path between two
systems?
A. Tracert (or traceroute)
Q. What software tool is used to check DNS from a Linux system?
A. Dig

Dig is sometimes referred to as domain information groper.
Q. What software tool is used to check DNS from a Microsoft system?
A. Nslookup

Q. What software tool is used to show MAC address to IP address mappings?
A. Arp
ARP is an acronym for Address Resolution Protocol and arp is the

command-line tool.
Q. What software tool is used to show known routes?
A. Route (route print)
Q. What software tool is used to show open connections?
A. Netstat
Q. What is the first step in the CompTIA troubleshooting model?
A. Identify the problem (gather information, identify symptoms, question
users, and determine if anything has changed).
The steps are:
Establish a plan of action to resolve the problem and identify potential
effects
Verify full system functionality and if applicable implement
preventative measures
Q. After identifying the problem, what is the next step in the CompTIA
troubleshooting model?
A. Establish a theory of probable cause.
The steps are:
effects
Q. What is the last step in the CompTIA troubleshooting model?
A. Document findings, actions, and outcomes.
The steps are:
effects
Q. When using the CompTIA troubleshooting model, what should you do
after establishing a theory of probable cause?
A. Test the theory.
The steps are:
effects
Q. What should you do after implementing a solution when following the
CompTIA troubleshooting model?
A. Verify full system functionality.
The steps are:
effects
Q. What is a symptom of wireless interference?
A. Intermittent connectivity
Q. What is it called when a user connects to the incorrect wireless network
within an organization?
A. Wrong SSID

Q. What occurs if you plug a cable into two ports of an unprotected switch?
A. A switching loop, causing a broadcast storm
Q. What protects against switching loops?
A. STP or RSTP
STP is an acronym for Spanning Tree Protocol.

RSTP is an acronym for Rapid Spanning Tree Protocol.
Q. What is the result if a client is assigned the wrong gateway?
A. The client will not be able to access resources outside the network.
Q. You can access resources using their IP addresses, but not using their
name. Why?
A. DNS failure

Q. What is a symptom on a switch of a broadcast storm?
A. All of the LEDs blinking rapidly (often in unison)
Q. What is the result if a client has the wrong gateway assigned?
A. Cannot communicate with devices past the router
Q. What pins are swapped on a crossover cable?
A. 1, 2, 3, and 6
Q. What can occur if a cable is run over a fluorescent light fixture?
A. EMI

Q. What occurs if the maximum distance of a cable run is exceeded?
A. DB loss
DB is an acronym for decibel and is listed as dB when not at the start

of a sentence.
Q. What can occur if the twists in a twisted-pair cable are untwisted?
A. Cross-talk
Q. What cable type provides the best protection against EMI?
A. Fiber

Q. What type of twisted-pair cable provides the best protection against EMI?
A. STP

STP is an acronym for shielded twisted-pair.
Q. What is the line that marks the point where responsibility for a
communication link shifts from a telecommunications company to the
customer?
A. Demarc
Q. What is the name of an unauthorized AP configured as a DHCP server?
A. A rogue access point (AP) or a rogue DHCP server.

Q. What address is assigned if DHCP doesn’t answer?
A. APIPA (starting with 169.254.y.z)

Addressing.
Q. What hardware tool can verify a cable does not have a split?
A. Cable tester
Q. What hardware tool is used to locate the other end of a cable?
A. Toner probe
Q. What type of address is assigned if a DHCP server cannot be reached?
A. APIPA, starting with 169.254.

Addressing.
Flashcards for Industry Standards,
Practices, and Network Theory
Q. What is Layer 2 of the OSI model?

A. Data Link
OSI is an acronym for Open Systems Interconnection.

Q. What is Layer 5 of the OSI model?
A. Session

Q. Name the seven layers of the OSI model from Layer 1 to 7.
A. Physical, Data Link, Network, Transport, Session, Presentation,
Application

Q. On what layer(s) of the OSI model does a NIC operate?
A. Layers 1 and 2 (Physical and Data Link layers)
NIC is an acronym for network interface card.

Q. On what layer(s) of the OSI model does a switch operate?
A. Layers 2 and 3 (Data Link layer for regular switches and Network layer
for Layer 3 switches)

Q. On what layer(s) of the OSI model does a router operate?
A. Layer 3 (Network layer)

Q. On what layer of the OSI model is a MAC defined?
A. Layer 2 (Data Link layer)

Q. On what layer of the OSI model are VLANs defined?
A. Layer 2 (Data Link layer)

Q. On what layer of the OSI model are IP addresses defined?
A. Layer 3 (Network layer)

Q. On what layer of the OSI model are cabling specifications such as
1000BaseT defined?
A. Layer 1 (Physical layer)

Q. What port is used when resolving host names to IP addresses?
A. UDP 53

DNS uses User Datagram Protocol (UCP) port 53 for name
resolution.
DNS uses the Transmission Control Protocol (TCP) port when
transferring information between DNS servers.
Q. True or False. These flashcards should be your only study source.
A. False
Use these flashcards and the practice test questions to test your
readiness. If the material isn’t familiar, go back to your primary study source
(or locate another one) to clarify the information.
Q. What port does SSH use?
A. TCP port 22
SSH is an acronym for Secure Shell.

Q. What ports are used for email?
A. TCP port 25, TCP port 110, and TCP port 143
(SMTP, POP3, and IMAP4)
SMTP is an acronym for Simple Mail Transfer Protocol and it uses

TCP port 25.
POP is an acronym for Post Office Protocol and it uses TCP port 110.
IMAP is an acronym for Internet Message Access Protocol and it uses
TCP port 25.
Q. What ports are used for web pages sent over the Internet?
A. TCP ports 80 and 443 (HTTP and HTTPS)
HTTP is an acronym for Hypertext Transfer Protocol and it uses TCP

port 80.
HTTPS is an acronym for Hypertext Transfer Protocol Secure and it
uses TCP port 443.
Q. What ports are used by FTP?
A. TCP ports 20 and 21
FTP is an acronym for File Transfer Protocol.

Q. What uses port 23?
A. Telnet
Telnet uses Transmission Control Protocol (TCP) port 23.

Q. What port should be opened to allow remote administration?
A. 3389 (RDP)
RDP is an acronym for Remote Desktop Protocol.

Q. What protocol provides guaranteed delivery of IP traffic?
A. TCP

Q. What port does an IPsec VPN use?
A. 500

IPsec is an acronym for Internet Protocol security.
Q. What wireless protocols use 2.4 GHz?
A. 802.11b, 802.11g, 802.11n
Q. What wireless protocols use 5.0 GHz?
A. 802.11a, 802.11n
Q. What is the theoretical maximum speed of 802.11a?
A. 54 Mbps
Q. What is the theoretical maximum speed of 802.11b?
A. 11 Mbps
802.11g 54 Mbps, 802.11n 600 Mbps

Q. What is the theoretical maximum speed of 802.11g?
A. 54 Mbps
Q. What is the theoretical maximum speed of 802.11n?
A. 600 Mbps
Achieves 600 Mpbs using multiple-input, multiple-output (MIMO)

streams.
Q. What is the theoretical maximum speed of 802.11ac?
A. 6.933 Mbps
Achieves 600 Mpbs using multi-user multiple-input, multiple-output

(MUMIMO) streams.
Q. Which wireless standard(s) use MIMO?
A. 802.11n and 802.11ac
MIMO is an acronym for multiple-input, multiple-output.

Q. What is the maximum transfer rate of 802.11a?
A. 54 Mbps
Q. What is the maximum transfer rate of 802.11b?
A. 11 Mbps
Q. What is the maximum transfer rate of 802.11g?
A. 54 Mbps
Q. What is the maximum transfer rate of 802.11n?
A. 600 Mbps
Q. What is used to double the speed of 802.11g?
A. Channel bonding
Q. What is the speed and cable type of 10GbaseT?
A. 10 Gbps and CAT6a twisted-pair
T (in 10GbaseT) represents twisted-pair.

Q. What type of cable is used for 10GBaseER?
A. SMF
SMF is an acronym for single mode fiber.

ER represents extended range.
Q. What type of cable is used for 10GBaseSR?
A. MMF

SR represents short range.
Q. What type of cable is used by 10GBase SR?
A. MMF

Q. What type of cable is used by 10GBaseT?
A. Twisted-pair
T (in 10GBaseT) represents twisted-pair.

Q. What can be used for the greatest distance, 10GBaseLR or 10GBaseSR?
A. LR
LR represents long range.

Q. What does an organization use to ensure a service provider meets
minimum performance expectations?
A. SLA
SLA is an acronym for service level agreement.

Q. What does traffic on TCP port 443 provide that isn’t on TCP port 80?
A. Transport-level encryption
Hypertext Transfer Protocol Secure (HTTPS) includes transport-level

encryption with Transport Layer Security (TLS) on TCP port 443.
HTTP uses TCP port 80, but it does not provide transport-level
encryption.
Q. What should a technician do if he is unable to complete a change within
an approved maintenance window?
A. Roll back the change.
Q. What document identifies the scope of work that a third party will
perform?
A. SOW
SOW is an acronym for statement of work.

Q. What would you look for to get safety information about potentially
hazardous materials?
A. MSDS
MSDS is an acronym for Material Safety Data Sheet.

Appendix A—Acronym List
This acronym list provides you with a quick reminder of many of the
different Network+ related terms along with a short explanation.
Numeric–Topics in Acronym List
802.2—Logical Link Control. A specification that defines how the
Data Link layer interacts with the Network layer of the OSI model.
802.3—Ethernet. A group of standards used to define a wide range of
cables and connections.
802.3af—Power over Ethernet (PoE). A standard that delivers power
to devices over an Ethernet cable. Compare to 802.3at.
802.3at—Power over Ethernet plus (PoE+). A standard that delivers
power to devices over an Ethernet cable. 802.3at provides up to 25.5 W of
power. In contrast, 802.3af provides up to 15.4 W of power.
802.5—Token Ring networks. A type of network that uses a special
3-byte frame as a logical token. The logical token is passed around to devices
in the ring and devices can only transmit data when they have the token.
802.11—Group of wireless technologies. Network+ focuses on
802.11a, 802.11b, 802.11g, 802.11n, and 802.11ac.
802.11a—An early wireless standard with a maximum speed of 54
Mbps using the 5-GHz frequency range. It has the shortest range compared
with other 802.11 standards.
802.11ac—The newest wireless standard with a theoretical maximum
of 1 Gbps, which can use the 2.4-GHz and 5-GHz frequency ranges. It’s an
update over the 802.11n standard.
802.11b—An early wireless standard with a maximum speed of 11
Mbps using the 2.4-GHz frequency range. It has a relatively short range.
802.11g—A wireless standard with a maximum speed of 54 Mbps
using the 2.4-GHz frequency range and range slightly better than 802.11b.
802.11n—A new wireless standard with a maximum speed of 600
Mbps, which can use the 2.4-GHz and 5-GHz frequency ranges and has a
longer range than 802.11g. 802.11n uses MIMO.
A–Topics in Acronym List
A record—IPv4 host name record. This isn’t actually an acronym,
but it looks like one. It identifies a specific type of record used in DNS
servers to resolve host names to IPv4 addresses. Compare to AAAA,
CNAME, MX, and PTR DNS records.
AAA—Authentication, authorization, and accounting. Authentication
verifies a user’s identification. Authorization determines if a user should have
access. Accounting tracks a user’s access with logs. AAA protocols are used
in remote access systems. For example, TACACS+ is an AAA protocol that
uses multiple challenges and responses during a session.
AAAA record—IPv6 host name record. This isn’t actually an
acronym, but it looks like one. It identifies a specific type of record used in
DNS servers to resolve host names to IPv6 addresses. Compare to A,
CNAME, MX, and PTR DNS records.
AC—Alternating current. Power received from a commercial power
company. Compare to DC.
ACL—Access control list. A group of rules on routers and firewalls
that define what traffic the router or firewall will allow or deny.
ADSL—Asymmetric digital subscriber line. A specific type of DSL
line typically used for Internet access. ADSL lines have different speeds for
the upload and download links. The download link is normally faster than the
upload link. Compare to DSL and SDSL.
AES—Advanced Encryption Standard. A strong encryption algorithm
used to encrypt data and provide confidentiality. AES is quick, highly secure,
and used in a wide assortment of cryptography schemes.
AH—Authentication Header. IPsec includes both AH and ESP. AH
provides authentication and integrity, and ESP provides confidentiality,
integrity, and authentication. AH is identified with protocol number 51.
AP—Access point. A device used to connect wireless devices to a
wired network. A wireless router includes an AP and additional capabilities.
Sometimes called a wireless access point (WAP).
APC—Angle polished connector. A connector used with fiber cables.
The fiber is polished at an 8- or 9-degree angle to prevent the fiber core from
capturing reflections.
APIPA—Automatic Private Internet Protocol Addressing. Used by
some DHCP clients to automatically assign an IP address when the client
does not receive a response from a DHCP server. APIPA addresses start with
169.254 such as 169.254.3.4.
APT—Advanced persistent threat. A group that has both the
capability and intent to launch sophisticated and targeted attacks. APTs are
typically sponsored by a government.
ARIN—American Registry for Internet Numbers. A Regional
Internet Registry (RIR) that manages the distribution of IPv4 and IPv6
addresses in the United States, Canada, and several islands. It is one of five
worldwide RIRs.
ARP—Address Resolution Protocol. Resolves IP addresses to MAC
addresses. Compare this to DNS, which resolves host names to IP addresses.
ARP operates on the Network layer (Layer 3) of the OSI model. The arp
command-line tool is different than ARP (the protocol). You can view the
ARP cache with the arp command.
AS—Autonomous system. A collection of connected Internet
Protocol (IP) routing prefixes. Regional Internet Registries manage the
distribution of AS prefixes along with IPv4 and IPv6 addresses.
ASCII—American Standard Code for Information Interchange. A
standard used to define codes for specific characters. ASCII is defined on the
Presentation layer (Layer 6) of the OSI model.
ASIC—Application-specific integrated circuit. Hardware used in
Layer 3 switches to mimic the functionality of a router.
ASP—Application service provider. A business that provides a
software application to one or more organizations. An organization providing
Software as a Service (SaaS) cloud-based applications is an ASP.
ATM—Asynchronous Transfer Mode. A group of
telecommunications standards used to transfer voice, data, and video signals.
ATM uses small, fixed-size cells. ATM operates on the Data Link layer
(Layer 2) of the OSI model.
AUP—Acceptable Use Policy. An AUP defines proper system usage.
It will often describe the purpose of computer systems and networks, how
users can access them, and the responsibilities of users when accessing the
systems.
B–Topics in Acronym List
BERT—Bit-error rate test. A testing tool that measures the number of
bit errors as a percentage of the total bits transmitted.
BGP—Border Gateway Protocol. A protocol used on the Internet and
with WANs that maintain multiple links. Replaced EGP.
BLE—Bluetooth low energy. Also called Bluetooth Smart. It is a
Bluetooth technology that uses less power than traditional Bluetooth, but has
enough range for a personal area network (PAN).
BNC—British Naval Connector/Bayonet Neill-Concelman. A twist-
on connector used with coaxial cable.
BootP—Boot protocol/Bootstrap protocol. The predecessor of DHCP.
It assigns IP addresses to clients after they boot. Some imaging systems still
use BootP.
BPDU—Bridge protocol data unit. Data sent to switches with
information about the Spanning Tree Protocol (STP). Data is sent on Layer 2
as frames.
BRI—Basic rate interface. Part of an Integrated Services Digital
Network (ISDN) configuration. BRI contains two bearer channels (B
channels) of 64 Kbps and one data channel (D channel) of 16 Kbps.
BSSID—Basic service set identifier. The MAC address of an access
point. The BSSID identifies individual access points within a wireless
network that includes multiple access points. Compare to SSID and ESSID.
C–Topics in Acronym List
CA—Certificate Authority. An organization that manages, issues, and
signs certificates and is part of a PKI. Servers configured to issue certificates
are also referred to as a CA. Certificates include public keys along with
details on the owner of the certificate and on the CA that issued the
certificate. Certificate owners share their public key by sharing a copy of
their certificate.
CAM—Channel access method. A method used to allow multiple
systems to share a single transmission media. CDMA and CSMA are
examples.
CAN—Campus area network. A network that connects multiple
buildings in a small geographical area, such as a university campus. Compare
to LAN, MAN, PAN, and WAN.
CARP—Common Address Redundancy Protocol. A protocol that
allows multiple hosts on a network to share a set of IP addresses for failover
redundancy. It is used with firewalls and routers and provides functionality
similar to VRRP and HSRP.
CAT—Short for category. Used to identify various twisted-pair cable
categories, such as CAT5 and CAT6. CompTIA objectives list this as an
acronym for computer and telephone, but this isn’t common usage.
CCTV—Closed-circuit TV. This is a detective control that provides
video surveillance. Video surveillance provides reliable proof of a person’s
location and activity. It is also a physical security control and it can increase
the safety of an organization’s assets.
CDMA—Code division multiple access. An access method used for
radio communications. CDMA is used by some mobile phone standards such
as 3G.
CHAP—Challenge Handshake Authentication Protocol.
Authentication mechanism where a server challenges a client. More secure
than PAP and uses PPP. MS-CHAPv2 is an improvement over CHAP and
uses mutual authentication.
CIDR—Classless Inter-Domain Routing. Method of allocating IP
addresses used in place of classful IP addresses. CIDR notation uses a slash
and a number (such as /24) to indicate how many bits are a 1 in the subnet
mask. For example, /24 indicates the subnet mask is 255.255.255.0. The
CompTIA objectives list this as Classless Inter-Domain Routing, but RFCs
include a hyphen showing it as Inter-Domain.
CNAME—Canonical Name. This isn’t actually an acronym, but it
looks like one. It identifies a specific type of record used in DNS servers as
an alias. It allows DNS to provide the same IP address for different host
names. Compare to A, AAAA, CNAME, MX, and PTR DNS records.
COS—Class of service. A 3-bit field in some Ethernet frames used to
identify specific types of traffic. Traffic shaping mechanisms manipulate
these bits to assign class levels from 0 to 7 and use these levels to give
priorities to certain types of traffic. Compare to TOS and DSCP.
CPU—Central processing unit. The primary chip that controls
processing within a computer.
CRAM-MD5—Challenge-Response Authentication Mechanism-
Message Digest 5. An alternative to transmitting passwords in plaintext. It
provides a level of confidentiality for passwords.
CSMA/CA—Carrier Sense Multiple Access/Collision Avoidance. An
access method used with 802.11 wireless networks. Devices attempt to avoid
collisions by monitoring transmissions on the frequency channel.
CSMA/CD—Carrier Sense Multiple Access/Collision Detection. An
access method used with wired networks. Devices are able to detect
collisions and resend data after waiting a random amount of time.
CSU—Channel Service Unit. Provides the digital interface
connecting the network device (such as a router) to the digital circuit (such as
a T-1). You will often see this paired as CSU/DSU, but the CompTIA
acronym list shows them separately. The DSU provides the digital interface
connecting the digital circuit back to the network device.
CWDM—Course wave division multiplexing. Wave division
multiplexing transmits multiple channels of data over a single fiber-optic
cable using different wavelengths (or colors) of laser light. CWDM uses up to
eight channels.
D–Topics in Acronym List
dB—Decibel. A measurement unit for electronics and sound.
dBi—Decibel isotropic. Identifies the gain of an omnidirectional
antenna. References the hypothetical isotropic antenna, which can
theoretically transmit signals equally in all directions at the same time.
dBm—Decibel milliwatt. Refers to the power ratio of decibels
referenced to 1 milliwatt (mW). It is often used to identify the signal strength
of a WAP.
DC—Direct current. Power created by power supplies. Power
supplies receive AC power and provide DC power as an output. Compare to
AC.
DCS—Distributed computer system. An application system that has
components distributed among multiple networked computers. For example,
a two-node DCS can have one node running one subroutine while the second
node runs a second subroutine. A DCS can have hundreds, thousands, or even
millions of nodes.
DDoS—Distributed denial of service. An attack on a system launched
from multiple sources intended to make a computer’s resources or services
unavailable to users. DDoS attacks are often launched from zombies in
botnets. DDoS attacks typically include sustained, abnormally high network
traffic. A performance baseline helps administrators detect a DDoS. Compare
to DoS.
DHCP—Dynamic Host Configuration Protocol. Provides clients with
IP addresses and other TCP/IP configuration information such as the address
of a DNS server and the default gateway. DHCP issues a range of IP
addresses in a network (called a scope). It can reserve specific IP addresses
for specific clients based on the client’s MAC address. DHCP uses ports 67
and 68.
DLC—Data link control. The service provided by the Data Link layer
of the OSI model.
DLP—Data leak prevention or data loss prevention. A network-based
DLP system can examine and analyze network traffic. It can detect if
confidential company data or any PII data is included in email and reduce the
risk of internal users emailing sensitive data outside the organization. End-
point DLP systems can prevent users from copying or printing sensitive data.
DMZ—Demilitarized zone. Area separating the Internet and an
internal network with one or more firewalls. A DMZ provides a layer of
protection for Internet-facing servers. It allows access to a server or service
for Internet users while segmenting and protecting access to the internal
network.
DNAT—Destination Network Address Translation. A form of NAT
that changes the destination IP address for incoming traffic. It is used for port
forwarding.
DNS—Domain Name System. DNS uses port 53 and resolves host
names to IP addresses. The CompTIA objectives also spell DNS out as
Domain Name Service and Domain Name Server, but these aren’t commonly
used. A DNS server runs the DNS service.
DOCSIS—Data-Over-Cable Service Interface Specification. An
international telecommunications standard used for high-bandwidth data
transfer over cable TV.
DoS—Denial of service. An attack from a single source that attempts
to disrupt the services provided by another system. Examples include SYN
Flood, smurf, and some buffer overflow attacks. Compare to DDoS.
DS3—– Digital Signal 3. Also known as a T-3 leased line.
DSCP—Differentiated services code point. A method of classifying
services for a quality of service (QoS) solution. DSCP uses 6 bits in the IP
header to classify the data. Compare to COS and TOS.
DSL—Digital subscriber line. A family of technologies used for
Internet access. Many small networks use a DSL modem to access the
Internet through a local phone company. It is much faster than traditional
dial-up modems, but not as fast as broadband cable modems. Most DSL
Internet lines are asymmetric (ADSL), with the download link much faster
than the upload link. Compare to ADSL, SDSL, and XDSL.
DSSS—Direct sequence spread spectrum. A wireless standard that
transmits data over the spectrum of the channel. DSSS isn’t as efficient as
OFDM and doesn’t support faster speeds. 802.11b uses DSSS and only
supports speeds up to 11 Mbps. Compare to DSSS and OFDM.
DSU—Data Service Unit. Provides the digital interface connecting
the digital circuit back to the network device. You will often see this paired
as CSU/DSU, but the CompTIA acronym list shows them separately. The
CSU provides the digital interface connecting the network device (such as a
router) to the digital circuit (such as a T-1).
DWDM—Dense wavelength division multiplexing. Type of
multiplexing over fiber-optic cable. Wave division multiplexing transmits
multiple channels of data over a single fiber-optic cable using different
wavelengths (or colors) of laser light. DWDM typically supports up to 40
channels. Compare to CWDM.
E–Topics in Acronym List
E-1—E-Carrier Level 1. Similar to T-1, but for countries outside the
United States, Canada, and Japan. E-1 provides 2.048 Mbit/s of bandwidth.
EAP—Extensible Authentication Protocol. An authentication
framework that provides general guidance for authentication methods.
Variations include EAP-TLS, EAP-TTLS, LEAP, and PEAP.
EAP-TLS—Extensible Authentication Protocol-Transport Layer
Security. An extension of EAP sometimes used with 802.1x. This is one of
the most secure EAP standards and is widely implemented. EAP-TLS
requires certificates on the 802.1x server and on each of the wireless clients.
EAP-TTLS—Extensible Authentication Protocol-Tunneled Transport
Layer Security. An extension of EAP sometimes used with 802.1x. It allows
systems to use some older authentication methods such as PAP within a TLS
tunnel. It requires a certificate on the 802.1x server but not on the clients.
EBCDIC—Extended Binary Coded Decimal Interchange Code. A
standard used to define codes for specific characters. It is defined on the
Presentation layer (Layer 6) of the OSI model.
EDNS—Extension mechanisms for Domain Name System (DNS). A
method that allows extending DNS as needed. As an example, EDNS
supports increasing DNS security such as with DNS Security Extensions
(DNSSEC).
EGP—Exterior Gateway Protocol. An obsolete routing protocol
previously used on the Internet. Replaced by BGP.
EIA/TIA—Electronic Industries Alliance/Telecommunication
Industries Association. Organizations that help create telecommunications
standards. For example, TIA/EIA-568 defines cabling standards.
EMI—Electromagnetic interference. Interference caused by motors,
power lines, and fluorescent lights. STP cables help protect signals from
EMI. Fiber-optic cable is immune to EMI. Compare to RFI.
ESD—Electrostatic discharge. Release of static electricity. ESD can
damage equipment and low humidity causes a higher incidence of
electrostatic discharge (ESD).
ESSID—Extended service set identifier. Another name for the SSID.
An extended basic service set includes all of the basic service sets (the access
points identified by their MAC addresses) in a wireless network.
ESP—Encapsulating Security Payload. IPsec includes both AH and
ESP. AH provides authentication and integrity, and ESP provides
confidentiality, integrity, and authentication. ESP is identified with protocol
number 50. The CompTIA objectives list this as Encapsulated Security
Packets, but RFCs define it as Encapsulating Security Payload.
EUI—Extended unique identifier. Refers to EUI-64.
EUI-64—Extended Unique Identifier-64. A 64-bit hardware address
used with IPv6 instead of the 48-bit MAC address used with IPv4. EUI-64 is
defined on the Data Link layer (Layer 2) of the OSI model.
F–Topics in Acronym List
FC—Fibre channel. High-speed standard commonly used in storage
area networks. Fibre channel originally used only fiber cable, but upgrades to
the standard allowed the use of copper cables. Fibre looks like a typo but was
selected to differentiate it from fiber cable.
FCoE—Fibre Channel over Ethernet. A lower-cost alternative to
traditional SANs. It supports sending Fibre Channel commands over an IP
network.
FDDI—Fiber Distributed Data Interface. A type of ring network
topology using fiber-optic cable. FDDI networks use a logical token and two
rings. Data travels in opposite directions for each of the rings providing fault
tolerance.
FDM—Frequency division multiplexing. A standard that transmits
data over several different frequencies at the same time. For example, cable
TV transmits multiple television channels over the same cable.
FHSS—Frequency hopping spread spectrum. A wireless standard that
transmits data over the spectrum of the channel, but in a pseudorandom
pattern. Bluetooth uses a sub-type of FHSS. Compare to DSSS and OFDM.
FM—Frequency modulation. The process of encoding information by
varying the frequency of the carrier wave.
FQDN—Fully qualified domain name. An FQDN includes the host
name of a system and the domain name. For example, a computer named
Server1 in the domain GetCertifiedGetAhead.com has a FQDN of Server
1.GetCertifiedGetAhead.com.
FTP—File Transfer Protocol. Used to upload and download files to
and from an FTP server. FTP uses ports 20 and 21. Secure FTP (SFTP) uses
SSH for encryption on port 22. FTP is defined on the Application layer
FTPS—File Transfer Protocol Security. An extension of FTP that
uses TLS to encrypt FTP traffic. Some implementations of FTPS use TCP
ports 989 and 990.
G–Topics in Acronym List
GBIC—Gigabit interface converter. A transceiver used to connect
twisted-pair Ethernet cables with fiber cables.
Gbps—Gigabits per second. A data transfer rate indicating how many
billions of bits are transferred each second. If the b is capitalized (as in
GBps), it indicates how many billions of bytes are transferred. A byte is 8
bits.
GPG—GNU Privacy Guard. Free software based on the OpenPGP
standard and used to encrypt and decrypt files. It is similar to PGP, but avoids
any conflict with existing licensing by using open standards.
GRE—Generic routing encapsulation. A tunneling protocol
developed by Cisco Systems.
GSM—Global System for Mobile Communications. A standard used
for digital cellular networks. Commonly called 2G.
H–Topics in Acronym List
HDLC—High-level data link control. A synchronous Data Link layer
protocol based on IBMs Synchronous Data Link Control (SDLC). The
current standard is ISO 13239.
HDMI—High-definition multimedia interface. A connector for high-
quality audio/video cables. TVs and computer monitors commonly include an
HDMI interface to provide quality audio and video.
HIDS—Host detection system. An IDS used to monitor an individual
server or workstation. It protects local resources on the host such as the
operating system files, and in some cases, it can detect malicious activity
missed by antivirus software.
HIPS—Host intrusion prevention system. An extension of a host-
based IDS. Designed to react in real time to catch an attack in action.
HSPA—High Speed Packet Access. A combination of High Speed
Downlink Packet Access and High Speed Uplink Packet Access. HSPA
improved 3G cellular networks.
HSRP—Hot Standby Router Protocol. A Cisco proprietary protocol
that allows multiple routers to appear as a single virtual router. One router is
active and one or more other routers are standby routers. If the active router
fails, a standby router can take over automatically. RFC 2281 describes
HSRP.
HT—High throughput or high throughput computing. Refers to using
multiple computing resources to perform a task over a long period of time.
HTML—Hypertext Markup Language. Language used to create web
pages served on the Internet. HTTP/HTTPS transmits HTML documents over
the Internet and web browsers display HTML documents.
HTTP—Hypertext Transfer Protocol. Used to transmit web traffic on
the Internet and in intranets. HTTP uses TCP port 80.
HTTPS—Hypertext Transfer Protocol Secure. Encrypts HTTP traffic
with TLS using TCP port 443.
HVAC—Heating, ventilation, and air conditioning. HVAC systems
regulate temperature and humidity within an area.
Hz—Hertz. A standard defining a unit of frequency. 1 Hz is one cycle
per second.
I–Topics in Acronym List
IaaS—Infrastructure as a Service. A cloud computing technology that
allows an organization to rent access to hardware. It provides customers with
access to hardware in a self-managed platform. Customers are responsible for
keeping an IaaS system up to date. Compare to PaaS and SaaS.
IANA—Internet Assigned Number Authority. Part of ICANN. IANA
oversees Internet IP address allocation, autonomous system number
allocation, well-known ports, protocol number assignments, and management
of the DNS root zone.
ICA—Independent Computing Architecture. A Citrix Systems
proprietary protocol used for serving applications to systems remotely.
CompTIA lists this as Independent Computer Architecture, but this isn’t
common usage.
ICANN—Internet Corporation for Assigned Names and Numbers.
An organization that coordinates and manages Internet namespaces, IP
addresses, and Internet Protocol identifiers. Compare to IANA.
ICMP—Internet Control Message Protocol. Used for diagnostics
such as ping. ICMP is defined on the Network layer (Layer 3) of the OSI
model. Ping sends ICMP echo requests and receives ICMP echo replies.
ICS—Industrial control system. Refers to a system used to control
production equipment. Supervisory Control and Data Acquisition (SCADA)
systems are a type of ICS.
ICS—Internet connection sharing. Process of sharing a single Internet
connection with multiple computers. As an example, you can create a hot
spot with an iPhone and share the connection with other systems.
IDF—Intermediate distribution frame. A signal distribution frame
used to connect equipment within an organization. Compare to MDF.
IDS—Intrusion detection system. A detective control used to detect
attacks after they occur. Monitors a network (NIDS) or host (HIDS) for
intrusions and provides ongoing protection against various threats. IDSs
include sniffing capabilities.
IEEE—Institute of Electrical and Electronics Engineers. International
organization with a focus on electrical, electronics, and information
technology topics. IEEE standards are well respected and followed by
vendors around the world.
IGMP—Internet Group Management Protocol. Used for multicasting.
Computers belonging to a multicasting group have a multicasting IP address
in addition to a standard unicast IP address. IGMP is defined on the Network
layer (Layer 3) of the OSI model. The CompTIA objectives list this as
Internet Group Multicast Protocol, but this isn’t a common usage.
IGP—Interior Gateway Protocol. A routing protocol used to
exchange routing information within a private network. OSPF, RIP, and IS-IS
are examples of IGPs.
IKE—Internet Key Exchange. Used with IPsec to create a secure
channel over port 500 in a VPN tunnel.
IMAP4—Internet Message Access Protocol version 4. Used to store
email on servers and allow clients to manage their email on the server.
IMAP4 uses TCP port 143.
InterNIC—Internet Network Information Center. An organization
that was previously responsible for domain name allocations and X.500
directory services. ICANN has assumed InterNIC responsibilities.
IP—Internet Protocol. A core protocol within the TCP/IP protocol
suite. Both IPv4 and IPv6 are in use today. IP is defined on the Network layer
IPS—Intrusion prevention system. A preventive control that will stop
an attack in progress. It is similar to an active IDS except that it’s placed in-
line with traffic. An IPS can actively monitor data streams, detect malicious
content, and stop attacks in progress. It can be used internally to protect
private networks, such as those holding SCADA equipment.
IPsec—Internet Protocol security. Used to encrypt traffic on the wire
and can operate in both tunnel mode and transport mode. It uses tunnel mode
for VPN traffic. IPsec is built in to IPv6, but can also work with IPv4 and it
includes both AH and ESP. IPsec is defined on the Network layer (Layer 3)
of the OSI model.
IPv4—Internet Protocol version 4. A popular version of IP that uses
32 bits to identify hosts. Addresses are typically displayed in a dotted decimal
format such as this: 192.168.1.5. Each decimal is separated by dots and
represents 8 bits. IPv4 is defined on the Network layer (Layer 3) of the OSI
model.
IPv6—Internet Protocol version 6. A newer version of IP that uses
128 bits to identify hosts. Addresses are represented in hexadecimal format
with eight groups of four hexadecimal characters similar to this:
FE80:0000:0000:0000:20D4:3FF7:003F:DE62. The same address can be
shortened as: FE80::20D4:3FF7:3F:DE62. IPv6 is defined on the Network
layer (Layer 3) of the OSI model.
ISAKMP—Internet Security Association and Key Management
Protocol. A protocol used to establish Security Associations. It provides a
framework for authentication and key exchange.
ISDN—Integrated Services Digital Network. A set of standards used
to transmit voice, video, and data over a public switched telephone network
(PSTN). Two types of ISDN configurations are Primary Rate Interface (PRI)
and Basic Rate Interface (BRI).
IS-IS—Intermediate System to Intermediate System. A link-state
routing protocol commonly used in large service provider backbones.
Compare to RIP and OSPF.
ISP—Internet Service Provider. A company that provides Internet
access to customers.
IT—Information technology. Computer systems and networks used
within organizations.
ITS—Intelligent Transportation System. Provides information about
various forms of transportation to improve safety and promote a smarter use
of transportation methods.
IV—Initialization vector. An IV provides randomization of
encryption keys to help ensure that keys are not reused. WEP is susceptible to
IV attacks because it uses relatively small IVs and IVs are sent in the clear.
K–Topics in Acronym List
Kbps—Kilobits per second. A data transfer rate indicating how many
thousands of bits are transferred each second. If the b is capitalized (as in
KBps), it indicates how many thousands of bytes are transferred. A byte is 8
bits.
KVM—Keyboard video mouse. Administrators use a KVM switch to
share a single keyboard, video display, and mouse among several different
servers.
L–Topics in Acronym List
L2F—Layer 2 Forwarding. An early tunneling protocol created by
Cisco Systems for use with VPNs. It was later combined with Microsoft’s
Point-to-Point Tunneling Protocol (PPTP) to create the Layer 2 Tunneling
Protocol (L2TP).
L2TP—Layer 2 Tunneling Protocol. Tunneling protocol used with
VPNs. L2TP is commonly used with IPsec (L2TP/IPsec). L2TP uses port
1701. L2TP is defined on the Data Link layer (Layer 2) of the OSI model.
LACP—Link Aggregation Control Protocol. A protocol used to
bundle multiple links together. This is also called port bonding. Defined by
802.3ad.
LAN—Local area network. Group of devices connected within a
network. Compare to CAN, MAN, PAN, and WAN.
LC—Local connector or Lucent Connector. A type of connector used
with fiber cable.
LDAP—Lightweight Directory Access Protocol. Language used to
communicate with directories such as Microsoft Active Directory. Identifies
objects with query strings using codes such as CN=Users and
DC=GetCertifiedGetAhead. LDAP uses TCP port 389. Secure LDAP
encrypts transmissions with SSL or TLS over TCP port 636.
LEC—Local Exchange Carrier. Refers to the local telephone
company.
LED—Light-emitting diode. Small components that emit light. NICs
have LEDs used to indicate a link with a network and activity when the NIC
transmits or receives data.
LLC—Logical Link Control. Part of the Data Link layer on the OSI
model. It defines how the Data Link layer interacts with the Network layer of
the OSI model. The MAC sublayer is also part of the Data Link layer and it
defines how the Data Link layer interacts with the Physical layer.
LTE—Long Term Evolution. A wireless standard for smartphones
and mobile devices. It is the successor to 3G and commonly referred to as
4G, though it doesn’t meet the specific requirements of 4G.
LWAPP—Lightweight Access Point Protocol. Used to configure
multiple wireless access points, which reduces administration time.
CompTIA lists this as Light Weight Access Point Protocol in the acronyms
list, but this isn’t common usage.
M–Topics in Acronym List
MAC—Media access control. A 48-bit address used to uniquely
identify network interface cards. It is also called a hardware address or a
physical address, and is commonly displayed as six pairs of hexadecimal
characters such as 1A-2B-3C-4D-5E-6F. Switches, routers, and wireless
access points can limit access to a network with MAC address filtering. The
CompTIA Network+ objectives also list this as medium access control,
though this usage isn’t common.
MAN—Metropolitan area network. A computer network that spans a
metropolitan area such as a city. Compare to CAN, LAN, PAN, and WAN.
MAU—Multistation access unit. A central device used in some ring
topologies. Devices transmit data to and from the MAU instead of with
neighboring devices in the ring. The MAU monitors devices on the network
and ensures the network continues to operate, even if one of the devices fails.
Mbps—Megabits per second. A data transfer rate indicating how
many millions of bits are transferred each second.
MBps—Megabytes per second. A data transfer rate indicating how
many millions of bytes are transferred each second. Notice that the B is
capitalized in MBps. A byte is 8 bits.
MDF—Main distribution frame. A signal distribution frame used to
connect equipment within an organization to a subscriber carrier outside of
the organization. Compare to IDF.
MDI—Medium Dependent Interface. The interface used to transmit
data. It is used when devices are connected with a normal straight-through
cable. Compare to MDI-X.
MDIX—Medium Dependent Interface Crossover. An interface used
to transmit data to a similar device by simulating a connection with a
crossover cable. Many devices use auto-MDIX, which can automatically
configure the port as MDI or MDIX based on the connection. Compare to
MDI.
MGCP—Media Gateway Control Protocol. A protocol that controls
the functions between Voice over IP (VoIP) devices. Replaced SGCP.
MIB—Management Information Base. A hierarchical database of
devices using a specific syntax. SNMP uses a MIB.
MIMO—Multiple-input, multiple-output. A smart antenna
technology used with 802.11n designed to achieve faster speeds. It uses
multiple antennas and transceivers, which provide diversity gain and
improved reliability. Data is sent in separate streams in a process called
spatial multiplexing.
MLA—Master license agreement. Typically used with software. The
license authorizes an organization to use the software as long as they comply
with the requirements in the agreement.
MLA—Multilateral agreement. An agreement between three or more
parties.
MMF—Multimode fiber. A type of fiber used in short range cable
runs such as with 10GBaseSR and 10GBaseSW. MMF has a larger core than
SMF and is less expensive. Compare to SMF.
MOU—Memorandum of understanding. Defines responsibilities of
each party, but it is not as strict as an SLA.
MPEG—Moving Picture Experts Group. A group that had defined
several compression methodologies used for audio and video. These
methodologies operate on the Presentation layer (Layer 6) of the OSI model.
MPLS—Multiprotocol Label Switching. A type of WAN topology.
MPLS supports multiple protocols such as ATM and frame relay and
operates on multiple layers of the OSI model. It uses labels to identify paths
instead of IP addresses used with TCP/IP. The CompTIA objectives lists it as
Multi-Protocol (with a hyphen), but RFCs do not use a hyphen.
MSA—Master Service Agreement. A contract between two parties
that applies to future transactions and agreements. It streamlines the process
of creating agreements in the future without requiring the parties to create
new contracts from scratch.
MS-CHAP—Microsoft Challenge Handshake Authentication
Protocol. Microsoft implementation of CHAP. MS-CHAPv2 provides mutual
authentication.
MSDS—Material Safety Data Sheet. Provides personnel with safety
information about potentially hazardous materials, such as cleaning agents. It
often includes first aid treatment instructions.
MT-RJ—Mechanical Transfer-Registered Jack. A connector used
with fiber-optic cable. It is used with duplex multimode connections.
MTU—Maximum transmission unit. The MTU identifies the largest
size of a packet or frame that can be sent across a network.
MU-MIMO—Multi-user multiple-input, multiple-output. The use of
MIMO technologies for multiple wireless devices. 802.11n introduced
MIMO. 802.11ac introduced MU-MIMO.
MX—Mail Exchanger. A type of record used in DNS servers to local
mail servers. Compare to A, AAAA, CNAME, and PTR DNS records.
N–Topics in Acronym List
NAC—Network access control. Inspects clients for health and can
restrict network access for unhealthy clients to a remediation network. Clients
run agents and these agents report status to a NAC server. NAC is used for
VPN and internal clients. MAC filtering is a form of NAC.
NAS—Network attached storage. A server or computer appliance
used to store and serve files over a network. NAS units can have one or more
drives and can support different RAID configurations.
NAT—Network Address Translation. A service that translates public
IP addresses to private IP addresses and private IP addresses back to public
IP addresses. It is often used on wireless routers and proxy servers.
NCP—Network Control Protocol. A component within the Point-to-
Point Protocol (PPP).
NetBEUI—Network Basic Input/Output Extended User Interface. An
older networking protocol originated by IBM. It is not routable and is rarely
used today.
NetBIOS—Network Basic Input/Output System. A service operating
on the Session layer of the OSI model for connectivity over a network. Its use
is dwindling in today’s networks.
NFS—Network File System. A file system protocol that allows users
to access files over a network. Sun Microsystems created it, but it is now an
open standard. It is commonly used with Unix and Unix derivatives.
CompTIA lists this as Network File Service in the objectives, but this isn’t
common usage.
NIC—Network interface card. An expansion card or built-in
hardware that is used to connect a device to a network. NICs commonly have
RJ-45 jacks and twisted-pair cables plug into the RJ-45 jack. NICs operate on
both the Physical and Data Link layers (Layers 1 and 2, respectively).
NIDS—Network intrusion detection system. A NIDS is installed on
network devices, such as routers or firewalls and monitors network traffic. It
can detect network-based attacks.
NIPS—Network intrusion prevention system. An IPS that monitors
the network. An IPS can actively monitor data streams, detect malicious
content, and stop attacks in progress.
NIU—Network interface unit. A device marking the demarcation
point between the customer’s wiring and a carrier’s local loop. Also called a
network interface device.
nm—Nanometer. One billionth of a meter.
NNTP—Network News Transport Protocol. Protocol used to host
newsgroups. Many newsgroups are now referred to as forums, or simply
groups and can be accessed using HTTP instead of, or in addition to, using
NNTP.
NTP—Network Time Protocol. Protocol used to synchronize
computer times. NTP operates on the Application layer (Layer 7) of the OSI
model.
O–Topics in Acronym List
OCx—Optical Carrier. Represents the various Optical Carrier
specifications such as OC-1, OC-3, and so on. SONET fiber-optic networks
use OC specifications.
OFDM—Orthogonal frequency-division multiplexing. A wireless
standard that splits the signal into multiple subcarriers and transmits the data
on each subcarrier simultaneously. Used by most wireless standards,
including 802.11a, g, n, and ac. Compare to DSSS and FHSS.
OS—Operating system. Includes Windows, Linux, and Apple iOS
systems. OSs are hardened to make them more secure from their default
installation.
OSI—Open Systems Interconnection. A seven-layer model that
provides a general framework for network communications. Layers are
Physical (Layer 1), Data Link (Layer 2), Network (Layer 3), Transport (Layer
4), Session (Layer 5), Presentation (Layer 6), and Application (Layer 7).
Compare to TCP/IP model. The CompTIA objectives list this as Open
System Interconnect, but this isn’t common usage.
OSPF—Open Shortest Path First. A link-state routing protocol.
Routers share information with each other using OSPF. Compare to RIP and
ISIS.
OTDR—Optical time domain reflectometer. A tool used to measure
the length of a fiber-optic cable and identify any anomalies along the cable.
Compare to TDR.
OUI—Organizationally unique identifier. A 24-bit number that
uniquely identifies a vendor or manufacturer. 48-bit MAC (or hardware)
addresses include the OUI as the first 24 bits.
P–Topics in Acronym List
P2P—Peer-to-peer. A type of topology where computers share
information directly with each other instead of through a central server. P2P
applications (also called file sharing applications) allow users to share files
such as music, video, and data over the Internet.
PaaS—Platform as a Service. A cloud computing technology that
provides cloud customers with a preconfigured computing platform they can
use as needed. PaaS is a fully managed platform, meaning that the vendor
keeps the platform up to date with current patches. Compare to IaaS and
SaaS.
PAN—Personal network area. A network of devices close to a single
person. Compare to CAN, LAN, MAN, and WAN.
PAP—Password Authentication Protocol. An older authentication
protocol where passwords or PINs are sent across the network in cleartext.
CHAP is more secure. PAP uses PPP.
PAT—Port Address Translation. A form of NAT that translates
public IP addresses to private IP addresses, and private IP addresses back to
public IP addresses. PAT uses a single public IP address. Compare to DNAT.
PC—Personal computer. Any type of computer used by an end user.
Typically refers to a desktop computer or a laptop computer.
PDF—Portable Document Format. A file format originated by Adobe
Systems that is now an open standard. A PDF document includes a
description of exactly how the text and graphics appear within the document.
PDU—Protocol data unit. A generic name for data formatted at the
Application, Presentation, and Session layers (Layers 7, 6, and 5,
respectively) of the OSI model. In contrast, the Transport layer (Layer 4)
identifies data as segments, the Network layer (Layer 3) identifies data as
packets, the Data Link layer (Layer 2) identifies data as frames, and the
Physical layer (Layer 1) identifies data as bits.
PGP—Pretty Good Privacy. Commonly used to secure email
communications between two private individuals but is also used in
companies. It provides confidentiality, integrity, authentication, and non-
repudiation. It can digitally sign and encrypt email. It uses both asymmetric
and symmetric encryption.
PKI—Public Key Infrastructure. A group of technologies used to
request, create, manage, store, distribute, and revoke digital certificates.
Certificates include public keys along with details on the owner of the
certificate and on the CA that issued the certificate. Certificate owners share
their public key by sharing a copy of their certificate. Certificates can be used
for authentication such as when WPA2 Enterprise is used with a RADIUS
server.
PoE—Power over Ethernet. A standard that delivers power to devices
over an Ethernet cable. Defined by 802.3af. 802.3at defines PoE+, which
provides up to 25.5 W of power. In contrast, 802.3af provides up to 15.4 W
of power.
POP—Post Office Protocol. Used to transfer email from mail servers
to clients. The current version is POP3. POP3 uses TCP port 110.
POTS—Plain old telephone service. This refers to voice-grade
telephone service and can be used with simple dial-up modems. DSL
modems use upgraded digital lines. The CompTIA objectives list this as plain
old telephone system, but this isn’t a common usage.
PPP—Point-to-Point Protocol. Tunneling protocol used with VPNs to
create remote access connections. PPTP uses TCP port 1723.
PPPoE—Point-to-Point Protocol over Ethernet. A network protocol
used to encapsulate PPP frames within Ethernet frames. Commonly used with
DSL.
PPTP—Point-to-Point Tunneling Protocol. Tunneling protocol used
with VPNs. PPTP uses TCP port 1723.
PRI—Primary Rate Interface. A standard used with ISDN. Two types
of ISDN configurations are Primary Rate Interface (PRI) creating a T-1 in the
United States and Canada, and an E-1 in Europe.
PSK—Pre-shared key. A secret shared among different systems and
commonly used with WPA Personal and WPA2 Personal on wireless
networks. In contrast, Enterprise mode uses a RADIUS server for
authentication.
PSTN—Public switched telephone network. The combination of
components used in telephone networks. It includes all the different links,
such as telephone lines, fiber-optic cables, cellular networks, microwave
links, satellite links, and undersea telephone cables.
PTP—Point-to-Point. A network connection between two systems.
Within telecommunications, PTP refers to connections between two parties
using telephones.
PTR—Pointer record. This isn’t actually an acronym, but it looks like
one. It identifies a specific type of record used in DNS servers to resolve IP
addresses back to host names. Compare to A, AAAA, CNAME, and MX
DNS records.
PVC—Permanent virtual circuit. A type of connection used within
ATM and frame relay networks. A PVC provides a dedicated link. Compare
to SVC.
PVC—Polyvinyl chloride. Type of cable covering used in cables.
PVC cable is not plenum safe and should not be run through plenums.
Instead, plenum safe cable is used within plenums. Plenum safe cable is fire
retardant and does not emit dangerous chemicals if it burns.
Q–Topics in Acronym List
QoS—Quality of service. Refers to the overall performance of a
network. Traffic shaping policies limit certain types of traffic, such as
streaming audio and video, to increase the overall performance of the
network.
R–Topics in Acronym List
RADIUS—Remote Authentication Dial-In User Service. Provides
central authentication for remote access clients and can be used for
authentication with WPA/WPA2 Enterprise. RADIUS encrypts the password
packets and uses UDP.
RARP—Reverse Address Resolution Protocol. An older protocol
used by computers to request an IPv4 address. BootP and DHCP have
replaced RARP.
RAS—Remote access service. Provides access to an internal network
from an outside source location using dial-up or a VPN.
RDP—Remote Desktop Protocol. Microsoft protocol used to provide
connection to a remote system over a network. RDP connections use port
3389.
RF—Radio frequency. A wireless signal that transmits over the air.
Common RF ranges are 3 kHz to 300 GHz.
RFC—Request for Comments. A formal publication from the Internet
Engineering Task Force. Many RFCs define a standard such as RFC 793,
which defines TCP. Some RFCs are informational to provide background
information such as RFC 6101, which documents historical information
about SSL.
RFI—Radio frequency interference. Interference from RF sources
such as AM or FM transmitters. STP cables help protect signals from EMI.
Fiber-optic cable is immune to EMI. Compare to RFI.
RG—Radio Guide. Refers to a type of cable such as RG-6 coaxial
cable.
RIP—Routing Information Protocol. A distance-vector routing
protocol. It is used by routers to share information with each other so that
each router can determine the shortest number of hops (routers) between two
systems. Compare with OSPF and IS-IS.
RJ—Registered Jack. A type of connection plug used with twisted-
pair cables. Phone lines use smaller RJ-11 connectors and network cables use
larger RJ-45 connectors. They are formally known as 6P6C, 6P4C, or 6P2C
for RJ-11 and 8P8C for RJ-45 connectors.
RSA—Rivest, Shamir, Adleman. An asymmetric algorithm used to
encrypt data and digitally sign transmissions. It is named after its creators,
Rivest, Shamir, and Adleman. RSA uses both a public key and a private key
in a matched pair.
RSH—Remote Shell. A Unix command-line utility used to connect to
a remote computer.
RSTP—Rapid Spanning Tree Protocol. An improvement over
Spanning Tree Protocol (STP). Both help prevent broadcast storms caused by
switching loops. Often replaced by Shortest Path Bridging (SPB).
RTP—Real-time Transport Protocol. A standard used for delivering
audio and video over an IP network. The CompTIA objectives list this as
Real Time Protocol, but RFCs identify it as Real-time Transport Protocol.
RTSP—Real-time Streaming Transport Protocol. A protocol used to
establish and control media sessions between media servers and clients.
RTT—Round trip time. This identifies how long it takes a packet to
get to a remote system and return. Ping and tracert/traceroute both show
round trip times. The CompTIA objectives also list this as Real Transfer
Time, but this isn’t common usage.
S–Topics in Acronym List
SA—Security Association. Communication between systems over a
network used to securely share security information such as cryptographic
methods and an encryption key. The framework for an SA is provided by
ISAKMP.
SaaS—Software as a Service. A cloud computing technology that
provides applications over the Internet. Web mail is an example of a cloud-
based technology. Compare to IaaS and PaaS.
SCADA—Supervisory Control and Data Acquisition. Typically used
in industrial control systems within large facilities such as power plants or
water treatment facilities. SCADA systems are often contained within
isolated networks that do not have access to the Internet, but are still
protected with redundant and diverse security controls. SCADA systems can
be protected with NIPS systems and VLANs.
SC—Standard Connector/Subscriber Connector. A square-shaped
fiber-optic connector using push-pull coupling. Sometimes called square
connector.
SCP—Secure Copy Protocol. Based on SSH, SCP allows users to
copy encrypted files over a network. SCP uses TCP port 22.
SDLC—Software Development Life Cycle. A software development
process. Many different models are available.
SDP—Session Description Protocol. Used to describe initialization
parameters for streaming media sessions.
SDSL—Symmetric digital subscriber line. A specific type of DSL
line. The upload and download links have the same speed in an SDSL line.
Compare to DSL and ADSL.
SFP—Small form-factor pluggable. A transceiver used to connect
twisted-pair Ethernet cable with fiber cable. Also called a mini-GBIC. It has
replaced the GBIC in most implementations.
SFTP—Secure File Transfer Protocol. An extension of Secure Shell
(SSH) using SSH to transmit the files in an encrypted format. SFTP transmits
data using TCP port 22.
SGCP—Simple Gateway Control Protocol. Used with Voice over IP
(VoIP). Superseded by MGCP.
SHA—Secure Hash Algorithm. A hashing function used to provide
integrity. SHA-1 uses 160 bits, and SHA-256 uses 256 bits. As with other
hashing algorithms, SHA verifies integrity.
SHA-3—Secure Hash Algorithm version 3. Hash function formally
known as Keccak. NIST selected this as the standard to replace earlier
versions of SHA.
SIEM—Security Information and Event Management. A security
system that attempts to look at security events throughout the organization.
SIP—Session Initiation Protocol. A protocol used for signaling and
controlling multimedia sessions such as voice and video calls and instant
messaging sessions.
SLA—Service level agreement. An agreement between a company
and a vendor that stipulates performance expectations, such as minimum
uptime and maximum downtime levels. Organizations use SLAs when
contracting services from service providers such as Internet Service Providers
(ISPs).
SLIP—Serial Line Internet Protocol. A legacy protocol used to
encapsulate Internet Protocol data so that it can be sent over serial
connections.
SMF—Single mode fiber. A type of fiber used in long and extended
range cable runs such as with 10GBaseLR, 10GBaseER, 10GBaseLW, and
10GBaseEW. SMF has a smaller core than MMF and is more expensive.
Compare to MMF.
SMS—Short Message Service. A text messaging service used with
smartphones and mobile communication systems.
SMTP—Simple Mail Transfer Protocol. Used to transfer email
between clients and servers and between email servers and other email
servers. SMTP uses TCP port 25.
SNAT—Static Network Address Translation/Source Network
Address Translation. These are various types of NAT and their definition
varies by vendor. Static NAT uses a single public IP address in a one-to-one
mapping. It maps a single private IP address with a single public IP address.
Compare to DNAT.
SNMP—Simple Network Management Protocol. Used to manage
network devices such as routers or switches. SNMP agents report information
via notifications known as SNMP traps, or SNMP device traps. SNMP is
defined on the Application layer (Layer 7) of the OSI model.
SNTP—Simple Network Time Protocol. A simplified version of
NTP. Applications that don’t require detailed accuracy sometimes use SNTP
instead of NTP.
SOA—Start of authority. One of the records in a DNS zone. It
includes information about the zone such as an authoritative server for the
zone, the email address of a domain administrator, and information DNS
servers use to periodically update and refresh the zone.
SOHO—Small Office/Home Office. Indicates a small office typically
supporting between 1 and 10 users. A SOHO network indicates a small
network.
SONET—Synchronous Optical Network. A group of protocols used
with fiber cable. Some SONET networks use ring topologies. Sometimes
spelled out as Synchronous Optical Networking.
SOW—Statement of work. A document that identifies the scope of
work that a third party will perform.
SPB—Shortest Path Bridging. A standard that combines multiple
network functions into a single protocol. It supports multipath routing and
replaces spanning tree protocols such as STP and RSTP.
SPI—Stateful packet inspection. A method used by firewalls to allow
or block traffic based on the state of the traffic within a communication
session. The firewall allows traffic that is part of a known session. It blocks
traffic that isn’t part of a known session or active connection, unless it is
initiating an active session.
SPS—Standby power supply. A type of uninterruptible power supply
(UPS).
SSH—Secure Shell. An encryption protocol used to secure a wide
variety of traffic such as Telnet and Secure File Transfer Protocol (SFTP).
SSH uses port 22.
SSID—Service set identifier. The name of a wireless network in
human readable form. Disabling SSID broadcast can hide the network from
casual users, but an attacker can easily discover it with a wireless sniffer. It’s
recommended to change the SSID from the default name. Compare to BSSID
and ESSID.
SSL—Secure Sockets Layer. A legacy protocol used to encrypt traffic
on the wire. It was used with HTTPS to secure HTTP traffic on the Internet
as HTTPS. SSL uses port 443 when encrypting HTTPS traffic. TLS is the
replacement for SSL.
ST—Straight tip or snap twist. A type of connector used with fiber-
optic cable. Typically used with multimode fiber.
STP—Shielded twisted-pair. Twisted-pair cable commonly used in
Ethernet networks that require protection against EMI, RFI, or cross-talk. The
shielding around the pairs provides the protection. Compare to UTP.
STP—Spanning Tree Protocol. A protocol that protects against
switching loops. A switching loop can be created if two ports of a switch are
connected together. Often replaced by Shortest Path Bridging (SPB).
SVC—Switched virtual circuit. A type of connection used within
ATM and frame relay networks. An SVC is a temporary connection, typically
set up on a per-call basis. Compare to PVC.
SYSLOG—System log. A message logging standard that delivers
event notification messages. Typically, many devices send event notifications
to one or more data collectors. For example, several devices can be
configured to send real-time notifications to a syslog server. Note that while
the CompTIA objectives list this with all caps (SYSLOG), source documents
such as RFC 5424 list it as syslog.
T–Topics in Acronym List
T-1—Terrestrial Carrier Level 1. A copper-based transmission
system. T-1 provides 1.544 Mbit/s of bandwidth. Compare to E-1.
TA—Terminal adapter. A device that connects a terminal to an ISDN
device. The CompTIA objectives list this as terminal adaptor (with an o) but
this isn’t common usage.
TACACS—Terminal Access Controller Access-Control System. An
older remote access authentication protocol.
TACACS+—Terminal Access Controller Access-Control System+.
Access control protocol that can be used for the management of network
devices (including routers). It provides authorization, authentication, and
accounting (AAA) services and can be used for remote access solutions.
TACACS+ uses TCP port 49.
TCP—Transmission Control Protocol. Provides guaranteed delivery
of IP traffic. Uses a three-way handshake to establish a connection. TCP is
defined on the Transport layer (Layer 4) of the OSI model. Compare to UDP.
TCP/IP—Transmission Control Protocol/Internet Protocol.
Represents the full suite of protocols used on the Internet and most internal
networks.
TDM—Time-division multiplexing. Multiplexing transmits multiple
signals on the same media. Time-division multiplexing does this by
transmitting different signals at different times. For example, when
transmitting two signals, the signals take turns transmitting.
TDR—Time-domain reflectometer. A tool used to measure the length
of a copper cable and identify any anomalies along the cable. It can identify
cuts, breaks, and nicks. Compare to OTDR.
Telco—Telephone company. Sometimes refers to a
telecommunications company.
TFTP—Trivial File Transfer Protocol. Used to transfer small
amounts of data with UDP port 69. In contrast, FTP is used to transfer larger
files using TCP ports 20 and 21.
TKIP—Temporal Key Integrity Protocol. Wireless security protocol
introduced to address the problems with WEP. TKIP was used with WPA,
but many implementations of WPA now support AES.
TLS—Transport Layer Security. Used to encrypt traffic on the wire.
TLS is the replacement for SSL. Like SSL, it uses certificates issued by CAs.
EAP-TLS uses TLS to encrypt the authentication process and can be used
with WPA2 Enterprise and RADIUS servers.
TMS—Transportation management system. Part of a supply chain. It
controls procurement processes (inbound transportation) and shipping
processes (outbound). Compare to WMS.
TOS—Type of Service. An 8-bit field in the IPv4 header. This field
has been used differently over the years. Currently, the most common usage
is as a 6-bit DSCP code, and a 2-bit Explicit Congestion Notification (ECN)
field. ECN provides notification of a busy network without dropping packets.
Compare to COS and DSCP.
TTL—Time to Live. Refers to the number of hops (routers) that a
packet will pass through before it “dies.” For example, if the TTL is 64, each
router (hop) will decrement the packet by 1 before sending it on. When the
TTL reaches 0, the router no longer forwards it. This prevents a packet from
traveling over a network indefinitely.
TTLS—Tunneled Transport Layer Security. An extension of TLS
commonly used with Extensible Authentication Protocol (EAP). EAP-TTLS
encrypts data within a TLS tunnel. It requires a certificate on the server.
U–Topics in Acronym List
UC—Unified Communications. Refers to the integration of multiple
communication technologies. It includes Voice over IP (VoIP), instant
messaging services for online chat, video conferencing, desktop sharing,
integrated voice mail, email, Short Message Service (SMS), and more. Often
used as a marketing buzzword for sales.
UDP—User Datagram Protocol. Used instead of TCP when
guaranteed delivery of each packet is not necessary. UDP uses a best-effort
delivery mechanism. UDP is defined on the Transport layer (Layer 4) of the
OSI model.
UNC—Universal Naming Convention. A Microsoft format that
identifies the network path of a folder shared on a server. It takes the form of
\\computerName\sharedFolder. For example, a folder named data shared on a
server named Server1 is identified as \\Server1\Data.
UPC—Ultra polished connector. A connector used with fiber cables.
The polish supports better physical contact between the fiber-optic cable and
the connector. Sometimes called an ultra physical contact connector.
UPS—Uninterruptible power supply. A battery backup system that
provides fault tolerance for power and can protect against power fluctuations.
A UPS provides short-term power giving the system enough time to shut
down smoothly, or to transfer to generator power. Generators provide long-
term power in extended outages.
URI—Uniform Resource Identifier. Used to identify the name of a
resource and always includes the protocol such as
http://GetCertifiedGetAhead.com.
URL—Uniform Resource Locator. A type of URI. Address used to
access web resources, such as http://GetCertifiedGetAhead.com.
USB—Universal Serial Bus. A serial connection used to connect
peripherals such as printers, flash drives, and external hard disk drives. Data
on USB drives can be protected against loss of confidentiality with
encryption. Attackers have spread malware through Trojans.
UTM—Unified threat management. A security appliance that
combines multiple security controls into a single solution. UTM appliances
can inspect data streams for malicious content and often include URL
filtering, malware inspection, and content inspection components.
UTP—Unshielded twisted-pair. Twisted-pair cable commonly used in
Ethernet networks. It does not have any shielding and does not protect against
EMI, RFI, or cross-talk. Compare to STP.
V–Topics in Acronym List
VDSL—Very-high-bit-rate digital subscriber line. A type of DSL that
provides faster transmission speeds than ADSL. CompTIA lists this as
Variable Digital Subscriber Line, but this isn’t common usage.
VLAN—Virtual local area network. Defined on a switch at the Data
Link layer (Layer 2) of the OSI model with 802.1q. A VLAN can logically
group several different computers together, or logically separate computers
without regard to their physical location. It is possible to create multiple
VLANs with a single switch.
VNC—Virtual Network Computing. A system that allows users to
connect to a computer remotely and take control of the desktop. Some
organizations implement VNC for help-desk technicians, allowing them to
provide remote technical support to users. CompTIA lists this as virtual
network connection in the objectives, but this isn’t common usage.
VoIP—Voice over IP. A group of technologies used to transmit voice
over IP networks.
VPN—Virtual private network. Provides access to a private network
over a public network such as the Internet. VPNs can be host-to-gateway
VPNs or gateway-to-gateway VPNs. VPN concentrators provide VPN access
to large groups of users.
VRRP—Virtual Router Redundancy Protocol. A protocol used to
provide high availability for routers. It groups multiple physical routers as a
single virtual router. If one router fails, VRRP automatically assigns another
router.
VTC—Video teleconference. A group of interactive
telecommunication technologies that allow people in two or more locations to
interact with two-way video and audio transmissions.
VTP—VLAN Trunk Protocol. A Cisco protocol that transmits VLAN
definitions to switches on the network. It reduces administration requirements
for these switches.
W–Topics in Acronym List
WAN—Wide area network. A network connecting two or more
networks over a large geographical distance. Compare to CAN, LAN, MAN,
and PAN.
WAP—Wireless access point. A device used to connect wireless
devices to a wired network. A wireless router includes a WAP and additional
capabilities. Often called an access point (AP) to differentiate it from
Wireless Application Protocol.
WAP—Wireless Application Protocol. A standard for creating web
content dedicated to mobile devices.
WEP—Wired Equivalent Privacy. An early wireless security
protocol. WEP has significant security flaws and was temporarily replaced
with WPA, and permanently with WPA2. WEP used RC4 incorrectly making
it susceptible to IV attacks.
WINS—Windows Internet Name Service. A Windows service hosted
on WINS servers to resolve NetBIOS names to IP addresses within a private
network. WINS is not used on the Internet. The Internet and most internal
networks use host names and host names are resolved to IP addresses by
DNS servers.
WLAN—Wireless local area network. A network used to connect
wireless devices together.
WMS—Warehouse management system. Part of a supply chain. It
controls movement of material within a warehouse during receiving, storage,
and shipping processes. Compare to TMS.
WPA—Wi-Fi Protected Access. Replaced WEP as a wireless security
protocol using legacy hardware. WPA has been superseded by WPA2. WPA
can use TKIP or AES and AES is more secure. In Enterprise mode, it can use
RADIUS to support authentication. In Personal mode, it uses a pre-shared
key (PSK).
WPA2—Wi-Fi Protected Access II. Security protocol used to protect
wireless transmissions. It supports CCMP for encryption, which is based on
AES and is stronger than TKIP, which was originally released with WPA. It
uses an 802.1x server for authentication in WPA2 Enterprise mode and a pre-
shared key for WPA2 Personal mode, also called WPA2-PSK.
WPS—Wi-Fi Protected Setup. Allowed users to easily configure a
wireless network, often by using only a PIN. WPS brute force attacks can
discover the PIN.
www—World Wide Web. Information space where data is shared
over the Internet using hypertext links.
X–Topics in Acronym List
XDSL—Extended digital subscriber line. Refers to all DSL
technologies such as SDSL and ADSL.
XML—Extensible Markup Language. A set of rules used to define
how to describe data. As a comparison, HTML is a set of rules used to define
how to display data. XML is often used to create formatted reports, and by
databases for inputting or exporting data.
Z–Topics in Acronym List
Zeroconf—Zero configuration. A set of technologies with the goal of
automatically configuring hosts on a network with TCP/IP information. The
goal is zero touch requirements by administrators or users.

Errata
Thanks again for getting this book.
I strive to ensure the books I create are error free. However, no matter how much
effort we put in, some errors always sneak in. When I learn of an error, it’s simple for me
to fix it and upload the fix to the Kindle version.
If you see an error, please let me know by sending me a message here:

http://gcgapremium.com/contact-us/
Save $28.50 off the US voucher price.
As of January 1 2016, the CompTIA Network+ exam is $285 in the United States if
you purchase it at full price. However, you can get a 10 percent discount using a discount
code. This code changes periodically, so you’ll need to go to this page to access the current
code: http://gcgapremium.com/discounted-comptia-vouchers/.
When you purchase a voucher, you’ll get a voucher number that you can
use to register at a testing site. A word of caution: Some criminals sell bogus
vouchers on Internet sites such as eBay. You won’t know you’ve been ripped
off until you try to use it and by that time, the criminal will probably have
disappeared. In contrast, if you use the discount code, you buy the voucher
directly from CompTIA.

After the Network+ Exam
What’s next for you after passing the Network+ exam? Many people
pursue the CompTIA Security+ certification. It builds on your Network+
knowledge and helps show employers that you have a solid understanding of
basic security issues that threaten the confidentiality, integrity, and
availability of an organization’s IT resources.
If that is your plan, check out the CompTIA Security+: Get Certified
Get Ahead: SY0-401 Study Guide, ISBN 1939136024. It has helped
thousands of people pass the Security+ certification the first time they took it
and it can help you too.
No matter what resources you use though, I wish you the best of luck in
all your travels.

CompTIA N10-006 Network - Basic - Darril Gibson

Uploaded by

Copyright:

Available Formats

CompTIA N10-006 Network - Basic - Darril Gibson

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CompTIA N10-006 Network - Basic - Darril Gibson

Uploaded by

Copyright:

Available Formats

What is the book about?

What is the book about?

What certifications does the author hold?

What certifications does the author hold?

CompTIA Network+:

Understanding Basic Networking

Covers Networking Topics from the

1.6 Differentiate between common network topologies.

1.7 Differentiate between network infrastructure implementations.

1.12 Given a set of requirements, implement a basic network.

2.6 Given a scenario, configure a switch using proper features.

5.2 Explain the basics of network theory and concepts.

5.6 Summarize safety practices.

CompTIA publishes a listing of the objectives on its web site. At this

Performance-Based Questions Strategy

Number of Questions and Duration

Exam Test Provider

1.0 Network Architecture

1.3 Install and configure the following networking services/applications.

1.4 Explain the characteristics and benefits of various WAN technologies.

1.6 Differentiate between common network topologies.

1.7 Differentiate between network infrastructure implementations.

1.9 Explain the basics of routing concepts and protocols.

1.10 Identify the basics elements of unified communication technologies.

1.12 Given a set of requirements, implement a basic network.

2.0 Network Operations

2.3 Given a scenario, use appropriate resources to support configuration

2.4 Explain the importance of implementing network segmentation.

2.6 Given a scenario, configure a switch using proper features.

3.0 Network Security

3.2 Compare and contrast common network vulnerabilities and threats.

3.3 Given a scenario, implement network hardening techniques.

3.4 Compare and contrast physical security controls.

3.5 Given a scenario, install and configure a basic firewall.

3.6 Explain the purpose of various network access control models.

3.7 Summarize basic forensic concepts.

4.3 Given a scenario, troubleshoot and resolve common wireless issues.

4.6 Given a scenario, troubleshoot and resolve common network issues.

4.7 Given a scenario, troubleshoot and resolve common security issues.

4.8 Given a scenario, troubleshoot and resolve common WAN issues.

5.0 Industry Standards, Practices, and

5.2 Explain the basics of network theory and concepts.

5.3 Given a scenario, deploy the appropriate wireless standard.

5.4 Given a scenario, deploy the appropriate wired connectivity standard.

5.5 Given a scenario, implement the appropriate policies or procedures.

5.6 Summarize safety practices.

5.8 Explain the basics of change management procedures.

5.9 Compare and contrast the following ports and protocols.

1. Which of the following devices uses an ACL to prevent unauthorized

»Get Certified »Get Ahead

1.6 Differentiate between common network topologies.

1.7 Differentiate between network infrastructure implementations.

1.12 Given a set of requirements, implement a basic network.

2.6 Given a scenario, configure a switch using proper features.

5.2 Explain the basics of network theory and concepts.

5.6 Summarize safety practices.

Figure 1-2: Basic switch

Figure 1-4: Wireless access point with routing capabilities

Figure 1-5: Network connectivity with a firewall