Memorize

Revise:
Layer 7 Application Layer: Http, FTP,SMTP
Layer 4: TCP (Segments), UDP(Datagram)
Layer 3 Netowrk Layer: ICMP, IP
Layer 2 Data Link Layer Devices: Bridge, Switch, Network Adapter (NIC Card)
Layer 1 Equipments: Hub, Network Cabling, Repeater, Media Converter

Section 7 – Wireless Networks

 Antennas
 Wireless Frequencies
802. 11 Standards – Lesson 53
 Wireless Security: Pre-Shared Key, 802.1x(Enterprise Authentication), WEP, WPA, WPA2,
WPA3

Section 8 – Ethernet Switching

 Ethernet Fundamentals: CSMA/CD (CS, MA, CD), Random Backoff timer, Switch vs Hub
Collision Domain, Half-Duplex (Hub), Full Duplex (Switch)
 Network Devices: Passive Hub, Active Hub, Bridge (layer 2)- breaks collision domain,
Switch (each port has individual collision domain), Broadcast Domain (Each switch is one
broadcast domain), Router (Breaks in two or more broadcast domain). Wireless Access
Point & Router (contain media converter, switch, router, wireless AP) is not the same
 Virtual Local Area Network (VLAN):
-Logical Separation of network into separated broadcast domain,
-802.1q (VLAN Trunking) transfer all vlans between all the infrastructure devices in a
single cable keep traffic from each vlan separate and secure
-Switches (802.1q Vlan Tagging’s Tag each etheret frame with VLAN ID to create logical
separations between different departments),
-Switch Virtual Interface (SVI): Allowing switching to route traffic between different
VLANS without requiring a router
-Native(Default VLAN): whenever a switch receives a untagged frame on trunk it will be
assigned the native vlan tag
-Voice Vlan: VLAN dedicated to voice traffic will improve overall call quality for VOIP
-Link Aggregation/Port Channeling or Bonding: combine multiple network connections
into a single logical link
 Spanning Tree Protocol (802.1d) STP:
-Permits Redundant links and prevents looping of network traffic
-Broadcast storm: If there is not STP. Multiple copies of frames being forwarded back
and forth which consumes network
-Root/Non Root Bridge, Faster cables has lower cost and Slower Cables have higher cost
 Network Access Control (NAC): increasing security of given network by inspecting
devices trying to connect to a network.
-Device present itself for inspection when first trying to connect to network
 -Port Security
-Mac Filtering- Allow listing/Block Listing
-802.1x Authentication- only authenticated users can access network services.
Authenticator bloks all traffic excep the 802.1x authentication traffic
- Access Control: Time-Based, Location-Based, Role-Based, Rule-Based
 Maximum Transmission Unit: : Largest Size of packet or frame that can be sent over
network. Wireless Network, VPN, PPPoE= smaller MTU.

Section 9 IP Addressing:

 IP Addressing in Layer 3 used by routers to send data from one network to another
 Ipv4 Addressing:
Class A: 1-126
Class B: 128-191
Class C: 192-223
-8 Bits (128+64+32+16+8+4+2+1) = 11111111.11111111.11111111.11111111
-Use Subnet Mark to determine Network Portion + Host Portion
-Multicast Address: a logical identifier for a group of hosts in a computer network
-Subnetting: take large network and subdivide into smaller portions
-Classful default subnet mask
-Classless: Used to borrow of the host bits from ipv4 address
-CIDR: 255.255.255.0/24(classful)/ 255.255.255.192 / 26
 IPv4 Types:
-Private IP Ranges:
Class A: 10.0.0.0 – 10.255.255.255
Class B: 172.16.0.0 – 172.31.255.255
Class C: 192.168.0.0 – 192.168.255.255
DHCP Process: DORA, Discover, Offer, Request, Acknowledge
 Data Flows:
-Unicast: Single source device to Single Destination device i.e phone call
-Multicast: Single Source Device to Multiple (but specific) destination device
-Broadcast: Data travels from a single source device to all devices on a destination
network
 Assigning IP Addresses:
-WINS (Windows Internet Name Service): Identifies NetBIOS systems on TCP/IP Network
and converts those NetBIOS names to IP Addresses (used in local area network) Like DNS
but only used within a Windows domain environment.

ZeroConf(Zero Configuration):
-newer technology based on APIPA.
-Can resolve computer names to IP Addresses without need for DNS by using mDNS
- Perform service discovery on a network
-Apple it’s called Bonjour
-Windows it’s called Link-Local Multicast Name Resolution (LLMNR)
 -Linux: ZeroConfig is implemented through SystemD (System Daemon Service)

 Subnetting: Take a large network and splitting it up into smaller networks

-Subnet Maks modify subnets and create better scoped networks (VLANS)
- Classful: 255.0.0.0 / 8, 255.255.0.0 /16, 255.255.255.0 /24
- Classless 255.255.255.128 / 25, etc
- Created Subnets Formula: 2s S= Number of Borrowed Bits i.e 21=2 Subnets, 1 = number
of borrowed bits
-Assignable IP Addresses= 2h – 2, where h= number of host bits

Example: 192.168.1.0/26
/26 means classless and borrowed 2 bits from hosts for creating subnets
Created Subnets: Borrowed 2 Bits from host so 2S = 22 = 4 Subnets (2 = number of
borrowed bits)
Calculate host bits: 32 total – 26 Networks = 6 hosts bits
so 2h -2 = 26 -2 = 62 hosts (-2 because first one is network id and last one is broadcast)

CIDR (Classless Inter-Domain Routing)

- Summarize continuous networks called using route aggregation

VLSM (Variable – Length Subnet Mask)

-Allows subnets of various sized to be used and requires routing protocol that supports it
such as RIP, OSPF, IS-IS, EIGRP, BGP
-Subnetting of Subnets

iPv4 = 232= 4.3 Billion Addresses

Memorize

CIDR Subnets IPs

/24 1 256
/25 2 128
/26 4 64
/27 8 32
/28 16 16
/29 32 8
/30 64 4
 IPV6 Addressing
-128 Bits 32 Hexadecimals Digits / IPv4 32 Bits
-Differentiate between MAC and IPv6 is MAC Address is always 12 hexadecimal digits
-A Single interface can be assigned to multiple different IPv6 Addresses
-Replace redundant zeroes with one zero
-Further consecutive multiple zeroes can be represented by double colon: : and can be
used only once
-IPv6 is written in Hexadecimal and Each Hexadecimal is 4 Bits
-Hexadecimals Digits 0-9 and A, B, C, D, E, F is 10 to 15
-IPV6 has three address types: Unicast 2000-3999, Multicast: FF and Anycast (similar to
unicast)

 IPv4 and IPv6 Compatability

-Dual Stack: Allows devices to handle both IPv4 and IPv6. Fall back to IPv4 if IPv6 is not
necessary
-Tunneling: IPv6 packets are wrapped inside IPv4 packets to travel across ipv4
infrastructure. They are unwrapped at the destination
-NAT64: Network Address Translation mechanism that allows IPv6-only devices to
communicate with IPv4 servers and services. Converts IPv6 to IPv4 and vice versa.

-Unicast Address / Globally-routed: Similar to Ipv4’s unicast class A, B, and C addresses

and begins with 2000-3999
-Link local Addresses /Local Use: Can only be used on local area network and begins with
FE80 and uses SLACC for autoconfiguration
-SLACC (Stateless Address Autoconfiguration): Eliminates the need to obtain addresses
or other configuration information from a central server
-Multicast Address: Used to identify a set of interfaces and begins with FF
-Anycast Address: Used to identify a set of interfaces so that a packet can be sent to any
member of a set
-EUI – 64: a Process that uses the devices MAC address to form a 64 bit host identifier
for the iPv6 address
-NDP (Neighbor Discovery Protocol): Used to determine the layer 2 addresses that are
on a given network.
 Section 10 Routing:

Routing:
-Forward packets between different networks or subnets
-Each subnet or external network is going to be its own broadcast domain because
routers are used to separate broadcast domain

Routing Table:
-Helps determine which route entry is the best fit for the network
-The longer the IP prefix or higher the CIDR notation the more specific route becomes
-Directly connected routes: routers that are physically directly connected.
-Default Static Route (0.0.0.0/0) – if you don’t where to go just go here
-Dynamic Routing- Learned by exchanging information between routers
-Preventing Routing Loops:
-Split Horizon: Prevents a route learned on one interface from being advertised
back out of that same interface.
-Poison Reverse: Cause a route received on one interface to be advertise backed
out of that same interface with high cost

Routing Protocols:
-Internal and External Protocols
-IGP Interior Gateway Protocol– Operates within an autonomous system. Examples: RIP,
OSPF, EIGRP, IS-IS
-EGP Exterior Gateway Protocol– Operates between autonomous systems. Examples:
BGP (Internet)

ROUTING PROTOCOL TYPE INTERIOR/EXTERIOR

Routing Information Distance Vector Interior
Protocol (RIP)
Open Shortest Path First Link State Interior
(OSPF)
Enhhanced Interior Advanced Distance Vector Interior
Gateway Routing Protocol
(EIGRP)
Intermediate System to- Link State Interior
Intermediate System (IS-IS)
Border Gateway Protocol Path Vector Exterior
 Routing Advertisement:
-Distance Vector Protocols: Choose Path with Fewest Hops i.e RIP (Hop Count Max 15)
-Link State Protocols: Choose the path based on speed/test i.e OSPF, IS-IS (Cost)
-Hybrid Protocol: Combines features of distance vector and link state i.e EIGRP (Cisco)
uses bandwidth and delay
-Exterior Gateway Protocol: BGP (Border Gateway Protocol) Backbone of the internet

Routing Selection:
-Administrative Distance (AD): Lower AD is considered more believable or trustworthy
-Directly Connected Network: AD 0
-Statically Connected Network: AD 1
-EIGRP: AD 90
-OSPF AD 110
-RIP: 120 AD
-External EIGRP: AD 170

Address Translation:
-NAT: translates private IP address to public IP Addresses for routing over public
networks
-DNAT (Dynamic NAT): Automatically assigns an IP address from a pool and gives one to
one translation
-SNAT (Static NAT): Manually assigns an IP and gives one to one translation
-PAT (Port Address Translation): Sharing of one public IP by multiple private IP addresses
which gives a many to one translation (Home Network)

Inside Local Inside Global Outside Local Outside global

Private IP Address Public IP Address Private IP Address Public IP address
referencing an inside referencing an Inside referencing an referencing an
device Device outside device outside device

Routing Redundancy Protocols:

-Network Protocol that automatically reroutes traffic in case of a path or device failure
-FHRP (First Hop Redundancy Protocol): automatic failover to a backup router to
maintain uninterrupted network service. Provides reliability, load balancing, seamless
transitions.
-HSRP Hot Standby Router Protocol: "Cisco's HSRP creates a backup router (standby) for
fault-tolerant default gateways with priority-based pre-emption."
-VRRP Virtual Router Redundancy Protocol: "VRRP, an open standard, elects a backup
router for default gateway redundancy automatically."
-GLBP Gateway Load Balancing Protocol: "Cisco's GLBP balances traffic across multiple
routers while ensuring gateway redundancy."
Multicast Routing
-Multicast sender sends traffic to a class D IP Address, known as a multicast group
-2 Ways IGMP (Internet Group Management Protocol) and PIM (Protocol Independent
Multicast)
-IGMP – IGMP helps devices tell routers they want to join or stay in a
multicast group.
-PIM builds multicast distribution trees to route multicast traffic
between routers. We use PIM-SM on our network because it uses less
resources upfront.

Generic Routing Encapsulation (GRE)

GRE encapsulates various network protocols into virtual point-to-point
links over IP networks. Operate at Layer 3
GRE Becomes a more lightweight solution for our network data
encapsulation that it would be if we set up a full site-to-site VPN.
Section 11: Network Services:

DHCP: DHCP Scope, DHCP Reservation, DORA Process, 24 Hrs (Home Lease)/ 7 or 30
(Corporate)
Discover: The client sends a broadcast message to find a DHCP server.
Offer: The DHCP server responds with an IP address offer and other network details.
Request: The client replies to the server, requesting the offered IP address.
Acknowledge: The DHCP server confirms the assignment and finalizes the process.
-Gets IP Address, Subnet Mask, Default Gateway IP, DNS Server IP
DHCP Relay: Forward DHCP packets between clients and servers. Used when the client
device and the DHCP Server are not located on the same subnet or network. Can
configure one device for DHCP relay rather than installing DHCP server on every subnet.

Stateless Address Autoconfiguration (SLACC)

-is a method used by IPv6 devices to automatically configure their own
IP addresses without needing a DHCP server
-SlAAC is used to simply the network configuration process and makes
assigning IP Addresses seamless and easy to complete.
-Device Initiation- When a device connects to a network it assigns itself
a temporary link local address
-Router Solicitation- Asking for any local routers to identify themselves
-Router Advertisement- Router sends back advertisement message
-Address Configuration- Combine address network prefix from router
with its own unique identifier to craft a complete and unique IP
Address.
-Neigbour Soliciation – to ensure no other device is using the same
address.

Domain Name System (DNS)

-Helps network clients find a website using human-readable hostnames instead of
numeric IP addresses.
-Fully Qualified Domain Name (FQDN)- a domain name that is under a top-level provider,
most common top-level provider is .com (www.diontriaing .com) where Dion training is
domain name.

Root Answers request in the root zone

Top-Level Domain .com / .net / .uk
Second-Level Domain diontraining.com
Subdomain: www.diontraining
Support.diontraining.com
mail.diontraining.com
 Host Refers to a specific machine/server

-Uniform Resource Locator: Contains Fully Qualified Domain Name with method of
accessing information. Securely Https:// or insecurely Http:, ftp://ftp.diontraiing.com.
-Host File: The system first consults its host file to see if it already knows the IP address
for that given domain name. Host file is an alternative to DNS

DNS Record Types:

DNS Record Description Function

A Address Links a hostname to an IPv4
address
AAAA Address Links a hostname to an IPv6
address
CNAME Canonical Name Points a domain to another
domain or subdomain.
CANNOT BE POINT TO IP
ADDRESS
MX Mail Exchange Directs emails to a mail
server
SOA Start of Authority Stores important information
about a domain or zone
PTR Pointer Correlates an IP address with
a domain name.

TXT Text Adds text into the DNS.

NS Nameserver Indicate which DNS
nameserver is the
authoritative one for that
domain.

A type of DNS server that

stores all the DNS records for
a given domain.

-Reverse DNS Lookup: Determines what the domain name is for a given IP address
-Forward Lookup: Use DNS to find the IP address for a given domain name.
-Internal DNS: A DNS service used within private networks to resolve internal resources'
hostnames to IP addresses
-External DNS: A DNS service that resolves publicly accessible domain names to IP addresses.
-Recursive Lookup: DNS Server communicates with several other DNS servers to hunt down the
IP address and return to client. Your ISP may or may not know the IP Address for DION
training.com they will go up a level to next DNS server and if not another level and continue to
do this until it finds that server.

Securing DNS:
-DNS Security Extensions (DNSSEC)- Adds a layer of security to DNS by verifying that DNS
responses come from a trusted source and have not been tampered with. Provides data integiry
and authentication but doesn’t encrypt DNS queries.
-DNS over HTTPS (DoH): Encrypts DNS Queries using HTTPS protocal, ensuring praviacy and
security during transmission
-DNS over TLS (DoT): Encrpts DNS queries using Transport Layer Secuirty (TLS) doesn’t use HttpS
-DNS Snooping: An attacker monitors DNS queries to infer what websites a user is visiting

NTP
-Network Time Protocol (NTP)- Synchronizes clocks between systems communicating over a
packet-switched, variable-latency data network.
-Sent over UDP using port 123
-Precision Time Protocol (PTP)- Used to synchronize clocks through a computer network (offers
a higher precision timekeeping solution for scenarios where every microsecond counts)
-Network Time Security (NTS) – Extension of NTP and ensures time synchronization processes
are secure from malicious interference.

Quality of Service:
-Delay: time a packet travels from source to destination
-Jitter: uneven arrival of packets which is especially harmful in VOIP Traffic
-Drop: occurs during link congestion when a router’s interface queue overflows and causes
packet loss
-Effective Bandwidth: lowest link inside your connection

Quality of Service Categorization:

- Categorize traffic, apply a policy and prioritize them in accordance with a QoS policy
- Best effort: Traffic is first in, first out (no qos)
- Integrated Services: Traffic has strict bandwidth reservations (Hard Qos)
- Differentiated Services: differentiation of data types where routers and switches can
make decisions based on markings and can fluctuate traffic (soft qos)

QOS Mechanisms:
- Classification: Traffic is placed into different categories
- Marking: Alter bits with a frame, call, packet which indicates handling of traffic
- Congestion Management: Queuing
- Congestion Avoidance: Newly arriving packets would be discarded if the device’s
output queue fills to capacity.
- Polciing, Shaping
- Link Efficency: Compression (Compress payload such as IP,UDP,RTP)
- Link Efficiency Link Fragmentation and LFI: Fragments large data packets and
interleaves smaller data packets between the fragments.
Section 12

Fiber Optics Connections (Obj 1.5)

Fiber to the Home: Fiber optic connecting brought directly to individual residences

Fiber to the Curb (FTTC): Fiber optic cable run to the curbside or cabinet and use traditional
copper cables for individual homes or businesses

Fiber to the Node/ Neighborhood (FTTN): Fiber optic connection extended to a central point in
a particular area or neighborhood

Fiber to the Building Basement (FTTB): Fiber optic cables reach the building’s main
communication room or basement.

Cable Connection (DOCSIS)

Hybrid Fiber-Coaxial (HFC)- High-Capacity highway that carries vast amounts of data using a
blend of fiber optic and coaxial cables

Data-Over-Cable Service Specification (DOCSIS)- standardizes how data is transmitted

Digital Subscriber Line (DSL) Connection- Family of Technologies that provide internet access by
transmitting digital data over the wires of a local telephone network

Digital Subscriber Line (DSL) Connections:

Asymmetric DSL (ADSL): Has different download and upload speeds

Symmetric DSL(SDSL): Works like a T1 with equal upload and download speeds

Very High Bit-Rate DSL (VDSL): Has very high speeds with download over 50 MBps and upload
over 10 Mbps

Satellite Connections:
Slow, Expensive, High Latency, Used in remote/mobile environments
Starlink uses low earth orbit instead of geosynchronous satteleites and has low latency
Cellular Connections:

1G, 2G (GSM+ GPRS/EDGE), 3G (WCDMA, HSPA, HSPA+), 4G (LTE, LTE-Advanced), 5G (Low,

Mid,High Band )
Higher G means it is a newer standard and has faster speed

Global System for Mobile Communication (GSM) – Cellular technology that takes the voice
during a call and then converts it to digital data

Code-Division Multiple Access (CDMA) – Cellular technology that uses code division to split up
the channel.

Microwave Connections:

 Uses beam of radio waves in the microwave frequency range to transmit information
between two fixed locations
 UHF,
 Microwaves can provide a very fast connection point using point-to-point connections
between two places.
 Worldwide INteroperabiltiy for Microwave Acess (WiMAX)

Leased Line:
 Fixed bandwidth that has symmetric data connection that’s exclusively reserved for
subscribers use
 Dedicated Leased Line: Continuous connection between two points that are set up by a
telecommunication provider
 Ensures data travels securely and freely from any kind of congestion or security breaches
 Symmetric: Upload and Download speeds is same
 Bandwidth Options and Reliable and Secure
 Expensive
Exam Revisions

Exam Compass 1 OSI Layers: 93.94%

Revisions:
Layer 7 Application Layer: Http, FTP,SMTP
Layer 4: TCP (Segments), UDP(Datagram)
Layer 3 Netowrk Layer: ICMP, IP
Layer 2 Data Link Layer Devices: Bridge, Switch, Network Adapter (NIC Card)
Layer 1 Equipments: Hub, Network Cabling, Repeater, Media Converter

Exam Compass 2 OSI Layers: 82.86%

Data Encapsulation/ Decapsulation

Proxy
NAS/SAN/DAS/ SDN -
NFV/SDN/SVI
CDN: Content Load Time

Exam Compass 3:
Cloud, Protocols, 51.43%

-VPC
-Private Cloud
-VXLAN
-Intranet
-Network Security Group (NSG): Firewall Like capabilities, apply security rules to specific NIC,
use for controlling inbound and outbound traffic in cloud computing environment.
-Netowrk Secuirty List (NSL): Provide firewall-like capabilities, applies security to subnet level,
use of controlling inbound and outbound traffic in cloud computing environment
-Internet Gateway: A type of network gateway that allows instances within a cloud
environment to send and receive unencrypted traffic to and from the Internet is
called
-What are Function of cloud gateway using NAT
-Direct Connections
-Public VS Private VS Hybrid Cloud
-SaaS, DaaS, PaaS, IaaS
-Scalability vs Rapid Eliastacity
-Virtualiaztion, Multitenancy, Sandboxing, Containterization ‘
-Telnet: User/Pass Authentication, Transmit data in an unencrypted form, Enables
remote login and command exection
-SMTP: Sending email messages between mail servers, Sending email messasges
from a client devices
-Zeroconf
- TFTP: Provides no security features, A very basic form of file sharing protoocl