Vous êtes sur la page 1sur 237

CompTIA

Network+:
Understanding Basic Networking
Components

A Get Certified Get Ahead Kindle Short



Covers Networking Topics from the
CompTIA Network+ N10-006
Get Certified Get Ahead Study Guide

By Darril Gibson

Dedication
To my wife, who even after more than 23 years of marriage continues to remind me how wonderful life can be if
youre in a loving relationship. Thanks for sharing your life with me.

Table of Contents
Dedication
Acknowledgments
About the Author
Introduction
About the Exam
Question Types
Number of Questions and Duration
Exam Format
Passing Score
Beta Questions
Exam Prerequisites
Exam Test Provider
Voucher Code for 10 Percent Off
Book Format
Remember This
CompTIA Network+ Objectives
1.0 Network Architecture
2.0 Network Operations
3.0 Network Security
4.0 Troubleshooting
5.0 Industry Standards, Practices, and Network Theory
CompTIA Network+ Assessment Exam
Chapter 1 Understanding Basic Networking Components
Understanding Common Network Components

Hub
Switch
Router
Modem
Access Point
Firewall
Simplified Diagrams
Network Segments and Domains
Duplex Connections and Collisions
Comparing PANs, LANs, WANs, and More
PAN
Bluetooth Wireless
NFC
IR
LAN
WLAN
CAN
MAN
WAN
VPN
Identifying Network Topologies
Star
Ring
Mesh
Bus
Hybrid
Point-to-Point vs. Point to Multipoint

Peer-to-Peer vs Client-Server
Workgroups vs. Domains
Planning and Implementing a Basic Network
List of Requirements and Devices
Wired/Wireless Considerations
Environmental and Equipment Limitations
Security considerations
Compatibility Requirements
Understanding Numbering Systems
Decimal
Binary
Bits vs Bytes
Digit Grouping
Hexadecimal
Upper Case or Lower Case Hexadecimal
Octal
Try This
Staying Safe
Electrical Safety
Equipment Grounding
ESD
Installation Safety
MSDS
Fire Suppression
HVAC
Emergency Procedures
Try This Conversion Answers

Chapter 1 Exam Topic Review


Unicast, Multicast, and Broadcast
Common Network Components
PANs, LANs, WANs, and More
Network Topologies
Basic Networks
Numbering Systems
Safety Issues
Chapter 1 Practice Questions
Sample Network+ Practice Test Questions
Sample Network+ Flashcards
Appendix AAcronym List
NumericTopics in Acronym List
ATopics in Acronym List
BTopics in Acronym List
CTopics in Acronym List
DTopics in Acronym List
ETopics in Acronym List
FTopics in Acronym List
GTopics in Acronym List
HTopics in Acronym List
ITopics in Acronym List
KTopics in Acronym List
LTopics in Acronym List
MTopics in Acronym List
NTopics in Acronym List
OTopics in Acronym List

PTopics in Acronym List


QTopics in Acronym List
RTopics in Acronym List
STopics in Acronym List
TTopics in Acronym List
UTopics in Acronym List
VTopics in Acronym List
WTopics in Acronym List
XTopics in Acronym List
ZTopics in Acronym List
After the Network+ Exam

Acknowledgments
A single person cannot do books of this size and depth on their own and Im grateful for the many people who
helped me put this book together. First, thanks to my wife. She has provided me immeasurable support throughout this
project. Thanks also to my dogs that help me remember to get up and go for walks regularly. I also appreciate all the
efforts by Jaena Nerona, an awesome assistant that helped me so much through this project.
The book has several pictures and graphics in it. In a couple of instances, I found the perfect picture on the
Internet and asked for permission to use it. Im grateful for the permission Ive received from the following companies:
Thank you to Agilent Technologies for permission to use the picture of their cable certifier.
Thank you to Fluke Corporation for permission to use the picture of their toner probe.

About the Author


Darril Gibson is an accomplished author and professional trainer. He has authored or
coauthored more than 35 books and contributed as a technical editor for many more. He
holds many current IT certifications, including: CompTIA A+, Network+, Security+,
CASP, (ISC)2 SSCP, and CISSP.
He is the CEO of YCDA, LLC (short for You Can Do Anything) and actively writes,
teaches, and consults on a wide variety of IT topics, including CompTIA A+, Network+,
and Security+. Darril is active on the Internet:
Posts blog articles at http://blogs.getcertifiedgetahead.com
Tweets daily tips for CompTIA certifications at http://twitter.com/darrilgibson
Posts daily practice test questions on the Get Certified Get Ahead Facebook
page (https://www.facebook.com/GetCertifiedGetAhead)
Sends out periodic updates on the Get Certified Get Ahead Newsletter
(http://eepurl.com/g44Of)
Darril lives in Virginia Beach with his wife and two dogs. Whenever possible, they
escape to a small cabin in the country on over twenty acres of land that continue to
provide peace, tranquility, and balance. You can send him an email at
Darril@gcgapremium.com.

Introduction
Congratulations on your purchase of this Kindle short. This book is part of the Get
Certified, Get Ahead Kindle Short series that are focused on key topics in the Network+
exam. This Kindle Short provides an introduction and overview of key networking topics,
and also covers the CompTIA troubleshooting model. If youre preparing for the
Network+ exam and want to ensure youre ready to correctly answer questions related to
these topics, you have exactly what you need.
I recently wrote the CompTIA Network+ N10-006 Practice Test Questions (Get
Certified Get Ahead) book and released it as a Kindle version. It includes 300 practice test
questions with in-depth explanations to help you pass the Network+ exam the first time
you take it. It also includes 200 flashcards to help reinforce some key testable material.
While Ive received some great feedback on the book, Ive also received many

requests to write a full Network+ book similar to the popular CompTIA Security+: Get
Certified Get Ahead: SY0-401 Study Guide. Due to a variety of reasons, I wasnt able do
the Network+ study guide right away but Im now focused on it. Im trying something
new with this book and releasing chapters of it as theyre completed with the goal of
helping people review some key topics based on what they need.
This Kindle short follows the same style of the CompTIA Security+: Get Certified
Get Ahead: SY0-401 Study Guide, its just shorter. It starts with a pre-test with questions
related to the Network+ objectives. Next, a full chapter covers the objectives identified at
the beginning of the chapter. Last, youll find a post-test with questions related to these
objectives. This Kindle short also includes some bonus questions.
Objectives covered in this Kindle short are:
1.1 Explain the functions and applications of various network devices.
Router
Switch
Firewall
Access point (wireless/wired)
Hub
Analog modem

1.6 Differentiate between common network topologies.
Mesh (Partial, Full)
Bus
Ring
Star
Hybrid
Point-to-point
Point-to-multipoint
Client-server
Peer-to-peer

1.7 Differentiate between network infrastructure implementations.
WAN
MAN
LAN
WLAN (Hotspot)
PAN (Bluetooth, IR, NFC)

1.8 Given a scenario, implement and configure the appropriate addressing schema.
Multicast

Unicast
Broadcast
Broadcast domains vs collision domains

1.12 Given a set of requirements, implement a basic network.
List of requirements
Device types/requirements
Environmental limitations
Equipment limitations
Compatibility requirements
Wired/wireless considerations
Security considerations

2.6 Given a scenario, configure a switch using proper features.
Interface configuration (Speed and duplexing)

5.2 Explain the basics of network theory and concepts.
Modulation techniques (Multiplexing, De-multiplexing, Analog and digital techniques, TDM)
Numbering systems (Binary, Hexadecimal, Octal)
Broadband/base band
Bit rates vs baud rate
Sampling size
Wavelength
Collision

5.6 Summarize safety practices.
Electrical safety (Grounding)
ESD (Static)
Installation safety (Lifting equipment, Rack installation, Placement, Tool safety)
MSDS
Emergency procedures (Building layout, Fire escape plan, Safety/emergency exits, Fail open/fail close,
Emergency alert system)
Fire suppression systems
HVAC

CompTIA publishes a listing of the objectives on its web site. At this writing, this
information is accurate, but CompTIA includes the following disclaimers:
The lists of examples provided in bulleted format below each objective are
not exhaustive lists. Other examples of technologies, processes or tasks
pertaining to each objective may also be included on the exam although not

listed or covered in this objectives document.


The CompTIA Network+ Certification Exam Objectives are subject to
change without notice.
You can verify that the objectives havent changed by checking the CompTIA site:
http://certification.comptia.org/getCertified/certifications/network.aspx.

About the Exam


CompTIA first released the Network+ exam in 1999 and it has quickly grown in
popularity. They revised the exam objectives in 2002, 2005, 2009, 2011, and in 2014. The
2014 exam is numbered as N10-006 (or JK0-023 for the academic version of the exam).
CompTIA retired the N10-005 exam on August 31, 2015.
A summary of the details of the exam includes:
Number of questions: Maximum of 90
Time to complete questions: 90 minutes (does not include time to complete
pre-test and post-test surveys)
Passing score: 720
Grading criteria: Scale of 100 to 900
Question types: Multiple choice and performance-based
Exam format: Traditionalcan move back and forth to view previous
questions
Exam prerequisites: None required but A+ is recommended along with
nine months of networking experience
Exam test providers: Pearson Vue
You can get a discount code, which gives you 10% off any CompTIA exam here:
http://gcgapremium.com/discounted-comptia-vouchers/. The page includes instructions on
how to redeem the code at the CompTIA marketplace.

Question Types
Expect many of the questions on the exam to be straightforward. For example,
whats 5 X 5? Either you know the answer is 25 or you dont. The exam questions test
your knowledge of the material, not necessarily your ability to dissect the question so that
you can figure out what the question is really trying to ask.
Im not saying the knowledge is simplistic, only that the questions often are worded
so that you can easily understand what they are asking.
As a comparative example, Microsoft certification questions can be quite complex.
Microsoft questions often arent just testing your knowledge of the topic but your ability
to analyze the material and logically come to the right conclusion.
Here are two examples of questionsthe first shows how Microsoft may word the
question on a Microsoft certification exam, and the second shows how CompTIA may

word it for the CompTIA Network+ exam.


Microsoft. You are driving a bus from Chicago to Atlanta at 55 mph with
twenty-two passengers. The bus is painted blue. At the same time, a train is
traveling from Miami to Atlanta at 40 mph. The train has a yellow caboose.
What color are the bus drivers eyes?
CompTIA Network+. What color are your eyes?
Notice the first question adds a lot of superfluous information. Two pieces are
critical to answering the first question. It starts by saying, You are driving a bus and
then ends by asking, What color are the bus drivers eyes? Youre required to put the
two together and weed through the irrelevant information to come to the correct answer.
The second question is straightforward. What color are your eyes? Theres very
little analysis required. Either you know it or you dont. This is what you can expect from
most of the CompTIA Network+ questions.
CompTIA has begun a trend of adding multiple-choice questions that are more
complex and these are often in the Network+ exam. However, because you only have
about a minute for each question, dont expect to see them very often. The Network+
exam is not intended to be a reading comprehension exam
As a more realistic example, you may see a question like this.
What port does HTTPS use?
In this case, youd need to know that Hypertext Transfer Protocol Secure (HTTPS)
uses port 443.
Compare this to the following question. It asks for the same level of knowledge, but
requires a deeper level of comprehension.
Lisa is configuring a firewall and she needs to ensure that the firewall allows
outgoing secure web traffic. What port should she open on the firewall to meet this need?
In this case, youd need to know that a web server uses HTTPS for secure web
traffic, and HTTPS uses port 443. You would need to allow outgoing traffic to the Internet
on port 443.
You may also see questions that use phrases such as BEST choice, BEST
description, MOST likely, FIRST, or LAST, . In these examples, dont be surprised
if you see two answers that could answer the question, while only one is the best choice.
For example, which one of the following numbers is between 1 and 10 and is the highest:

1, 8, 14, 23. Clearly 1 and 8 are within 1 and 10, while 14 and 23 are outside this range.
However, only 8 is both within 1 and 10 and the highest.
Here is a network related question that shows this:
Question: Which layer(s) of the OSI model do wireless protocols operate on?
A. Physical
B. Physical and Data Link
C. Data Link
D. Data Link and Network
There are actually three correct answers but only one is most correct. Wireless
protocols operate on the both the Physical and Data Link layers. If you chose A or C,
youd be technically correct because they do operate on the Physical layer (answer A) and
on the Data Link layer (answer C). However, you would get the question wrong since B is
most correct. When you see key words like best, most, or highest, be careful not to jump
on the first answer. There may be a more correct answer.

Multiple Choice
Most questions are multiple-choice types where you choose one answer or multiple
answers. When you need to choose multiple answers, the question will direct you to
choose two, choose three, or choose all that apply.

Performance-Based Questions
You can expect as many between three and ten non-multiple choice questions.
CompTIA refers to these as performance-based questions and instead of picking from a
multiple-choice answer, youre often required to perform a task. CompTIAs goal is to
provide more accurate testing to verify people have a fully understanding of a topic. Ive
written a couple of blogs on this including this one directly related to Network+
performance-based questions (http://blogs.getcertifiedgetahead.com/networkperformance-based-questions/). Ive also created a demo here:
http://gcgapremium.com/performance-based-question-demo/
Some of the different types of questions you can expect are:
Identify. In this type of question, you might be asked a question but instead of
having a list of multiple-choice answers, you have a group of pictures. For
example, consider this question: What tool would you use to identify an open

or short in a cable? You would need to know that a cable tester easily
identifies shorts and opens has a setting to easily identify shorts and opens,
and youd need to identify a picture of the cable tester. While a multimeter can
also identify opens and shorts, it isnt the best choice to identify opens and
shorts in a cable.
Matching. Matching type questions might require you to identify words with
pictures. For example, the words might be Fiber connectors and Coaxial
connectors combined with pictures of various connectors. Youd be required
to identify the pictures of fiber connectors by sight and the pictures of coaxial
connectors by sight. Heres a demo I created for a Security+ practice test
question: http://gcgapremium.com/performance-based-question-demo/.
Simulation. In a simulation, youre expected to perform an action as if you
are operating in a realistic environment. For example, most wireless routers
are configured via a web page. A simulation might require you to configure a
wireless router with specific settings using a simulated web page.
Drag and drop. In some questions, you might need to drag items from one
location on the screen to another location to answer a question. For example,
you might see an out-of-order list of the seven items in CompTIAs
troubleshooting model. You would need to drag and drop these items in the
correct order.
Data Entry. Some performance-based questions might ask you to analyze a
scenario and then enter appropriate data. For example, when configuring a
wireless access point, you might need to enter specific data into the access
point. A related question might ask you to configure an access point to work
with WPA2 Enterprise mode. The Configuring a Wireless Router Lab
available online (http://gcgapremium.com/labs/) shows you the steps to do
this. Similarly, I wrote a series of blog articles on creating rules for routers and
firewalls. The second post showed an example of a performance-based
question and the last post provided the solution. You can read the posts here:
ACLs and Security+. http://blogs.getcertifiedgetahead.com/acls-and-security/
Firewall Rules and Security+. http://blogs.getcertifiedgetahead.com/firewallrules-and-security/
Firewall Rules Solution. http://blogs.getcertifiedgetahead.com/firewall-rulessolution/
Command prompt. CompTIA has provided several examples of how a

simulation can require a test taker to execute commands at the command


prompt. As one possible example, you might tasked to identify the media
access control (MAC) address of a system by entering a command. Youd
need to know how to enter ipconfig /all, and be able to recognize that the
MAC address is the physical address.
Its common for people to be nervous when thinking about these performance-based
questions. However, the majority of people that take the test say that they really arent that
difficult. As long as you understand the concepts from the exam objectives, you wont
have any problem. I do recommend you check out the blog though, and see if Ive posted
any updates.
A question people often ask about these questions is if they get partial credit.
CompTIA has verified that you get partial credit for some questions. However, other
questions may not give you partial credit. Do the best you can with each question.

Performance-Based Questions Strategy


Youll see the performance-based questions first and they take much longer than
typical multiple-choice questions. If the answer is clear to you, then by all means, take the
time to answer it. However, if the question isnt clear, mark the question and skip it. You
can come back to it later. Its entirely possible that the question is a poorly worded beta
question that doesnt even count. However, if you spend 45 minutes on it, you might run
out of time before you finish the multiple-choice questions.
Performance-based questions have occasionally caused problems for the test systems.
A common problem is that instead of displaying the question, the screen is mostly blank.
If this happens, you can often just use the reset button for the question. This allows you to
move past the problem and continue with the test. However, resetting the question erases
any answer youve entered so make sure you answer it after resetting it.
Its common for people to be nervous when thinking about these performance-based
test questions. However, the majority of people who take the test say that these questions
really arent that difficult. As long as you understand the concepts from the exam
objectives, you wont have any problem.

Number of Questions and Duration


You have 90 minutes to complete as many as 90 questions. This gives you about one
minute per question. Dont let this scare you; its actually a good thing. With only about a

minute to read and answer a question, you know the questions cant be very long or
complex. Individuals living in a non-English-speaking country and English isnt their
native language are given a 30 minute extension.
You might have as many as 10 performance-based questions and as few as 70
multiple-choice questions. The performance-based questions are typically first and you
might spend more time on these than the multiple-choice questions. Thats normal. If a
question has you stumped, you can skip it and then come back to it later. If you skip a
question, mark it so that you can easily find it when youve finished the other questions.

Exam Format
You start at question 1 and go to the last question. During the process, you can mark
any questions you want to review when youre done. Additionally, you can view previous
questions if desired. For example, if you get to question 10 and then remember something
that helps you answer question 5, you can go back and redo question 5.

Passing Score
A score of 720 is required to pass. This is on a scale of 100 to 900. If the exam is
paid for and you dont get a single question correct, you still get a score of 100. If you get
every testable question correct, you get a score of 900. This gives a range of 800 points so
youll get an average of 8 points per question, though some questions may be weighted
higher than others.
If all questions are equal and you get 100 questions, then you need to get 78
questions correct, or score 78 percent on the exam. 78 * 8 = 624 plus the 100 points you
start with will give you a score of 724.
However, CompTIA doesnt say if all questions are scored equally or whether harder
questions are weighted and worth more. A score of 78 percent is high so you shouldnt
underestimate the difficulty of this exam. However, many people regularly pass it and you
can pass it too. With this book, you will be well prepared.

Beta Questions
You exam may have some beta questions. They arent graded but instead are used
to test the validity of the questions. If everyone gets a beta question correct, its probably
too easy. If everyone gets it incorrect, theres probably something wrong with the
question. After enough people have tested a beta question, its analyzed and may be added

to the test bank or rewritten and retested.


The good news is that CompTIA doesnt grade the beta questions. However, you
dont know what questions are beta and what questions are valid, so you need to treat
every question equally.

Exam Prerequisites
All that is required for you to take the exam is money. Other than that, there are no
enforced prerequisites.
However, to successfully pass the exam, youre expected to have nine to twelve
months experience working with computers in a networking environment. Also, its
recommended you have the A+ certification or equivalent knowledge. If you have more
than that, the exam materials will likely come easier to you. If you have less, the exam
may be more difficult.

Exam Test Provider


You can take the exam at a Pearson Vue testing site. Some testing sites provide testing
and nothing else. However, most testing sites are part of another company, such as a
training company, college, or university. You can take an exam at the training companys
testing site even if you havent taken a course with them.
The Pearson Vue web site includes search tools you can use to find a testing site close
to you. Check them out at http://www.pearsonvue.com.

Voucher Code for 10 Percent Off


As of this writing, the CompTIA Security+ exam is $293 in the United States if you
purchase it at full price. However, you can get a 10 percent discount using a discount
code. This code changes periodically, so youll need to go to this page to access the
current code: http://gcgapremium.com/discounted-comptia-vouchers/.
When you purchase a voucher, youll get a voucher number that you can use to
register at a testing site. A word of caution: Some criminals sell bogus vouchers on
Internet sites such as eBay. You wont know youve been ripped off until you try to use it
and by that time, the criminal will probably have disappeared. In contrast, if you use the
discount code, you buy the voucher directly from CompTIA.

Book Format
This Kindle short has the following sections:
Introduction. This section. It describes the exam and the rest of the book.
Assessment questions. Practice test questions you can use to assess your
readiness of the Networking+ objectives covered in this Kindle ebook. These
questions are specially formatted for the Kindle so that you can see the
question on one screen, and then the correct answer and explanation on the
following screen. The goal is to allow you to focus on only the question
without seeing the answer. After picking your answer, go to the next Kindle
screen to see if youre correct.
Chapter content. A full chapter covering the objectives mentioned
previously. It includes practice test questions at the end of the chapter with indepth explanations.
Post-test. Practice test questions you can use to test your readiness of the
Network+ objectives. These questions are formatted for the Kindle just like
the pre-test questions.

Remember This
Throughout the book, youll see Remember This notes that highlight important
information you should remember to successfully pass the exam. The surrounding content
provides the additional information needed to fully understand these key points, and the
text boxes summarize the important points.
These Remember This sections will look like this:

Remember This
I strongly encourage you to repeat the information in the text boxes to yourself
as often as possible. The more you repeat the information, the more likely you
are to remember it when you take the exam.
A tried-and-true method of repeating key information is to take notes when youre
first studying the material and then rewrite the notes later. This will expose you to the
material a minimum of three times.
Another method that students have told me has been successful for them is to use an
MP3 player. Many MP3 players can record. Start your MP3 recorder and read the
information in each text box and the information in the Exam Topic Review section of the
chapter. Save the MP3 file and regularly listen to it. This allows you to reaffirm the
important information in your own voice.
You can play it while exercising, walking, or just about any time when its not
dangerous to listen to any MP3 file. You can even burn the MP3 files to a CD and play
them back from a CD player.
If the MP3 method is successful for you, you can also record and listen to exam
questions. Read the question, only the correct answer, and the first sentence or two of the
explanation in each practice question.
If you dont have time to create your own MP3 recordings, check out the companion
website (GetCertifiedGetAhead.com) for this book. As I get closer to completing this
book, I plan on adding some MP3 recordings there that you can download and use.
Get Certified Get Ahead

CompTIA Network+ Objectives


While this Kindle short only covers some of the Network+ objectives, Ive listed
them all here for your convenience. The exam includes five separate domains as follows:
1.0 Network Architecture 22% of exam
2.0 Network Operations 20% of exam
3.0 Network Security 18% of exam
4.0 Troubleshooting 24% of exam
5.0 Industry Standards, Practices, and Network Theory 16% of exam

1.0 Network Architecture


1.1 Explain the functions and applications of various network devices.
Router
Switch
Multilayer switch
Firewall
HIDS
IDS/IPS
Access point (wireless/wired)
Content filter
Load balancer
Hub
Analog modem
Packet shaper
VPN concentrator

1.2 Compare and contrast the use of networking services and applications.
VPN:
Site to site/host to site/host to host
Protocols
IPsec
GRE
SSL VPN
PTP/PPTP
TACACS/RADIUS
RAS
Web services
Unified voice services
Network controllers

1.3 Install and configure the following networking services/applications.


DHCP
Static vs dynamic IP addressing
Reservations
Scopes
Leases
Options ( DNS servers, suffixes)
IP helper/DHCP relay
DNS
DNS servers
DNS records (A, MX, AAAA,CNAME, PTR)
Dynamic DNS
Proxy/reverse proxy
NAT
PAT
SNAT
DNAT
Port forwarding

1.4 Explain the characteristics and benefits of various WAN technologies.
Fiber
SONET
DWDM
CWDM
Frame relay
Satellite
Broadband cable
DSL/ADSL
ISDN
ATM
PPP/Multilink PPP
MPLS
GSM/CDMA
LTE/4G
HSPA+
3G
Edge
Dialup
WiMAX
Metro-Ethernet
Leased lines
T-1
T-3
E-1
E-3

OC3
OC12
Circuit switch vs packet switch

1.5 Install and properly terminate various cable types and connectors using appropriate tools.
Copper connectors
RJ-11
RJ-45
RJ-48C
DB-9/RS-232
DB-25
UTP coupler
BNC coupler
BNC
F-connector
110 block
66 block
Copper cables
Shielded vs unshielded
CAT3, CAT5, CAT5e, CAT6, CAT6a
PVC vs plenum
RG-59
RG-6
Straight-through vs crossover vs rollover
Fiber connectors
ST
SC
LC
MTRJ
FC
Fiber coupler
Fiber cables
Single mode
Multimode
APC vs UPC
Media converters
Single mode fiber to Ethernet
Multimode fiber to Ethernet
Fiber to coaxial
Single mode to multimode fiber
Tools
Cable crimpers
Punch down tool
Wire strippers
Snips

OTDR
Cable certifier

1.6 Differentiate between common network topologies.
Mesh
Partial
Full
Bus
Ring
Star
Hybrid
Point-to-point
Point-to-multipoint
Client-server
Peer-to-peer

1.7 Differentiate between network infrastructure implementations.
WAN
MAN
LAN
WLAN
o Hotspot
PAN
Bluetooth
IR
NFC
SCADA/ICS
ICS server
DCS/closed network
Remote terminal unit
Programmable logic controller
Medianets
VTC
ISDN
IP/SIP

1.8 Given a scenario, implement and configure the appropriate addressing schema.
IPv6
Auto-configuration
EUI 64
DHCP6
Link local
Address structure

Address compression
Tunneling 6to4, 4to6
Teredo, miredo
IPv4
Address structure
Subnetting
APIPA
Classful A, B, C, D
Classless
Private vs public
NAT/PAT
MAC addressing
Multicast
Unicast
Broadcast
Broadcast domains vs collision domains

1.9 Explain the basics of routing concepts and protocols.
Loopback interface
Routing loops
Routing tables
Static vs dynamic routes
Default route
Distance vector routing protocols
RIP v2
Hybrid routing protocols
BGP
Link state routing protocols
OSPF
IS-IS
Interior vs exterior gateway routing protocols
Autonomous system numbers
Route redistribution
High availability
VRRP
Virtual IP
HSRP
Route aggregation
Routing metrics
Hop counts
MTU, bandwidth
Costs
Latency
Administrative distance
SPB


1.10 Identify the basics elements of unified communication technologies.
VOiP
Video
Real time services
Presence
Multicast vs unicast
QoS
DSCP
COS
Devices
UC servers
UC devices
UC gateways

1.11 Compare and contrast technologies that support cloud and virtualization.
Virtualization
Virtual switches
Virtual routers
Virtual firewall
Virtual vs physical NICs
Software defined networking
Storage area network
iSCSI
Jumbo frame
Fibre Channel
Network attached storage
Cloud concepts
Public IaaS, SaaS, PaaS
Private IaaS, SaaS, PaaS
Hybrid IaaS, SaaS, PaaS
Community IaaS, SaaS, PaaS

1.12 Given a set of requirements, implement a basic network.
List of requirements
Device types/requirements
Environment limitations
Equipment limitations
Compatibility requirements
Wired/wireless considerations
Security considerations

2.0 Network Operations

2.1 Given a scenario, use appropriate monitoring tools.


Packet/network analyzer
Interface monitoring tools
Port scanner
Top talkers/listeners
SNMP management software
Trap
Get
Walk
MIBS
Alerts
Email
SMS
Packet flow monitoring
SYSLOG
SIEM
Environmental monitoring tools
Temperature
Humidity
Power monitoring tools
Wireless survey tools
Wireless analyzers

2.2 Given a scenario, analyze metrics and reports from monitoring and tracking performance tools.
Baseline
Bottleneck
Log management
Graphing
Utilization
Bandwidth
Storage
Network device CPU
Network device memory
Wireless channel utilization
Link status
Interface monitoring
Errors
Utilization
Discards
Packet drops
Interface resets
Speed and duplex

2.3 Given a scenario, use appropriate resources to support configuration management.

Archives/backups
Baselines
On-boarding and off-boarding of mobile devices
NAC
Documentation
Network diagrams (logical/physical)
Asset management
IP address utilization
Vendor documentation
Internal operating procedures/policies/standards

2.4 Explain the importance of implementing network segmentation.
SCADA systems/Industrial control systems
Legacy systems
Separate private/public networks
Honeypot/honeynet
Testing lab
Load balancing
Performance optimization
Security
Compliance

2.5 Given a scenario, install and apply patches and updates.
OS updates
Firmware updates
Driver updates
Feature changes/updates
Major vs minor updates
Vulnerability patches
Upgrading vs downgrading
Configuration backup

2.6 Given a scenario, configure a switch using proper features.
VLAN
Native VLAN/Default VLAN
VTP
Spanning tree (802.1d)/rapid spanning tree (802.1w)
Flooding
Forwarding/blocking
Filtering
Interface configuration
Trunking/802.1q
Tag vs untag VLANs

Port bonding (LACP)


Port mirroring (local vs remote)
Speed and duplexing
IP address assignment
VLAN assignment
Default gateway
PoE and PoE+ (802.3af, 802.3at)
Switch management
User/passwords
AAA configuration
Console
Virtual terminals
In-band/Out-of-band management
Managed vs unmanaged

2.7 Install and configure wireless LAN infrastructure and implement the appropriate technologies in support of
wireless capable devices.
Small office/home office wireless router
Wireless access points
Device density
Roaming
Wireless controllers
VLAN pooling
LWAPP
Wireless bridge
Site surveys
Heat maps
Frequencies
2.4 Ghz
5.0 Ghz
Channels
Goodput
Connection types
802.11a-ht
802.11g-ht
Antenna placement
Antenna types
Omnidirectional
Unidirectional
MIMO/MUMIMO
Signal strength
Coverage
Differences between device antennas
SSID broadcast
Topologies

Adhoc
Mesh
Infrastructure
Mobile devices
Cell phones
Laptops
Tablets
Gaming devices
Media devices

3.0 Network Security


3.1 Compare and contrast risk related concepts.
Disaster recovery
Business continuity
Battery backups/UPS
First responders
Data breach
End user awareness and training
Single point of failure
Critical nodes
Critical assets
Redundancy
Adherence to standards and policies
Vulnerability scanning
Penetration testing

3.2 Compare and contrast common network vulnerabilities and threats.
Attacks/threats
Denial of service
Distributed DoS
Botnet
Traffic spike
Coordinated attack
Reflective/amplified
DNS
NTP
Smurfing
Friendly/unintentional DoS
Physical attack
Permanent DoS
ARP cache poisoning
Packet/protocol abuse
Spoofing

Wireless
Evil twin
Rogue AP
War driving
War chalking
Bluejacking
Bluesnarfing
WPA/WEP/WPS attacks
Brute force
Session hijacking
Social engineering
Man-in-the-middle
VLAN hopping
Compromised system
Effect of malware on the network
Insider threat/malicious employee
Zero day attacks
Vulnerabilities
Unnecessary running services
Open ports
Unpatched/legacy systems
Unencrypted channels
Clear text credentials
Unsecure protocols
TELNET
HTTP
SLIP
FTP
TFTP
SNMPv1 and SNMPv2
TEMPEST/RF emanation

3.3 Given a scenario, implement network hardening techniques.
Anti-malware software
Host-based
Cloud/server-based
Network-based
Switch port security
DHCP snooping
ARP inspection
MAC address filtering
VLAN assignments
Network segmentation
Security policies
Disable unneeded network services

Use secure protocols


SSH
SNMPv3
TLS/SSL
SFTP
HTTPS
IPsec
Access lists
Web/content filtering
Port filtering
IP filtering
Implicit deny
Wireless security
WEP
WPA/WPA2
Enterprise
Personal
TKIP/AES
802.1x
TLS/TTLS
MAC filtering
User authentication
CHAP/MSCHAP
PAP
EAP
Kerberos
Multifactor authentication
Two-factor authentication
Single sign-on
Hashes
MD5
SHA

3.4 Compare and contrast physical security controls.
Mantraps
Network closets
Video monitoring
IP cameras/CCTVs
Door access controls
Proximity readers/key fob
Biometrics
Keypad/cipher locks
Security guard

3.5 Given a scenario, install and configure a basic firewall.

Types of firewalls
Host-based
Network-based
Software vs hardware
Application aware/context aware
Small office/home office firewall
Stateful vs stateless inspection
UTM
Settings/techniques
ACL
Virtual wire vs routed
DMZ
Implicit deny
Block/allow
Outbound traffic
Inbound traffic
Firewall placement
Internal/external

3.6 Explain the purpose of various network access control models.
802.1x
Posture assessment
Guest network
Persistent vs non-persistent agents
Quarantine network
Edge vs access control

3.7 Summarize basic forensic concepts.
First responder
Secure the area
Escalate when necessary
Document the scene
eDiscovery
Evidence/data collection
Chain of custody
Data transport
Forensics report
Legal hold

4.0 Troubleshooting
4.1 Given a scenario, implement the following network troubleshooting methodology.
Identify the problem

Gather information
Duplicate the problem, if possible
Question users
Identify symptoms
Determine if anything has changed
Approach multiple problems individually
Establish a theory of probable cause
Question the obvious
Consider multiple approaches
Top-to-bottom/bottom-to-top OSI model
Divide and conquer
Test the theory to determine cause
Once theory is confirmed, determine next steps to resolve problem
If theory is not confirmed, re-establish new theory or escalate
Establish a plan of action to resolve the problem and identify potential effects
Implement the solution or escalate as necessary
Verify full system functionality and if applicable implement preventative measures
Document findings, actions, and outcomes

4.2 Given a scenario, analyze and interpret the output of troubleshooting tools.
Command line tools
Ipconfig
Netstat
Ifconfig
ping/ping6/ping -6
tracert/tracert -6/traceroute6/traceroute -6
nbtstat
nslookup
arp
mac address lookup table
pathping
Line testers
Certifiers
Multimeter
Cable tester
Light meter
Toner probe
Speed test sites
Looking glass sites
WiFi analyzer
Protocol analyzer

4.3 Given a scenario, troubleshoot and resolve common wireless issues.
Signal loss

Interference
Overlapping channels
Mismatched channels
Signal-to-noise ratio
Device saturation
Bandwidth saturation
Untested updates
Wrong SSID
Power levels
Open networks
Rogue access point
Wrong antenna type
Incompatibilities
Wrong encryption
Bounce
MIMO
AP placement
AP configurations
LWAPP
Thin vs thick
Environmental factors
Concrete walls
Window film
Metal studs
Wireless standard related issues
Throughput
Frequency
Distance
Channels

4.4 Given a scenario, troubleshoot and resolve common copper cable issues.
Shorts
Opens
Incorrect termination (mismatched standards)
Straight-through
Crossover
Cross-talk
Near end
Far end
EMI/RFI
Distance limitations
Attenuation/Db loss
Bad connector
Bad wiring
Split pairs

Tx/Rx reverse
Cable placemen
Bad SFP/GBIC - cable or transceiver

4.5 Given a scenario, troubleshoot and resolve common fiber cable issues.
Attenuation/Db loss
SFP/GBIC - cable mismatch
Bad SFP/GBIC - cable or transceiver
Wavelength mismatch
Fiber type mismatch
Dirty connectors
Connector mismatch
Bend radius limitations
Distance limitations

4.6 Given a scenario, troubleshoot and resolve common network issues.
Incorrect IP configuration/default gateway
Broadcast storms/switching loop
Duplicate IP
Speed and duplex mismatch
End-to-end connectivity
Incorrect VLAN assignment
Hardware failure
Misconfigured DHCP
Misconfigured DNS
Incorrect interface/interface misconfiguration
Cable placement
Interface errors
Simultaneous wired/wireless connections
Discovering neighboring devices/nodes
Power failure/power anomalies
MTU/MTU black hole
Missing IP routes
NIC teaming misconfiguration
Active-active vs active-passive
Multicast vs broadcast

4.7 Given a scenario, troubleshoot and resolve common security issues.
Misconfigured firewall
Misconfigured ACLs/applications
Malware
Denial of service
Open/closed ports

ICMP related issues


Ping of death
Unreachable default gateway
Unpatched firmware/OSs
Malicious users
Trusted
Untrusted users
Packet sniffing
Authentication issues
TACACS/RADIUS misconfigurations
Default passwords/settings
Improper access/backdoor access
ARP issues
Banner grabbing/OUI
Domain/local group configurations
Jamming

4.8 Given a scenario, troubleshoot and resolve common WAN issues.
Loss of internet connectivity
Interface errors
Split horizon
DNS issues
Interference
Router configurations
Customer premise equipment
Smart jack/NIU
Demarc
Loopback
CSU/DSU
Copper line drivers/repeaters
Company security policy
Throttling
Blocking
Fair access policy/utilization limits
Satellite issues
Latency

5.0 Industry Standards, Practices, and Network


Theory
5.1 Analyze a scenario and determine the corresponding OSI layer.
Layer 1 Physical
Layer 2 Data link
Layer 3 Network
Layer 4 Transport

Layer 5 Session
Layer 6 Presentation
Layer 7 Application

5.2 Explain the basics of network theory and concepts.
Encapsulation/de-encapsulation
Modulation techniques
Multiplexing
De-multiplexing
Analog and digital techniques
TDM
Numbering systems
Binary
Hexadecimal
Octal
Broadband/base band
Bit rates vs baud rate
Sampling size
CDMA
CSMA/CD and CSMA/CA
Carrier detect/sense
Wavelength
TCP/IP suite
ICMP
UDP
TCP
Collision

5.3 Given a scenario, deploy the appropriate wireless standard.
802.11a
802.11b
802.11g
802.11n
802.11ac

5.4 Given a scenario, deploy the appropriate wired connectivity standard.
Ethernet standards
10BaseT
100BaseT
1000BaseT
1000BaseTX
10GBaseT
100BaseFX

10Base2
10GBaseSR
10GBaseER
10GBaseSW
IEEE 1905.1-2013
Ethernet over HDMI
Ethernet over power line
Wiring standards
EIA/TIA 568A/568B
Broadband standards
DOCSIS

5.5 Given a scenario, implement the appropriate policies or procedures.
Security policies
Consent to monitoring
Network policies
Acceptable use policy
Standard business documents
SLA
MOU
MSA
SOW

5.6 Summarize safety practices.
Electrical safety
Grounding
ESD
Static
Installation safety
Lifting equipment
Rack installation
Placement
Tool safety
MSDS
Emergency procedures
Building layout
Fire escape plan
Safety/emergency exits
Fail open/fail close
Emergency alert system
Fire suppression systems
HVAC

5.7 Given a scenario, install and configure equipment in the appropriate location using best practices.

Intermediate distribution frame


Main distribution frame
Cable management
Patch panels
Power management
Power converters
Circuits
UPS
Inverters
Power redundancy
Device placement
Air flow
Cable trays
Rack systems
Server rail racks
Two-post rack
Four-post racks
Free-standing racks
Labeling
Port labeling
System labeling
Circuit labeling
Naming conventions
Patch panel labeling
Rack monitoring
Rack security

5.8 Explain the basics of change management procedures.
Document reason for a change
Change request
Configuration procedures
Rollback process
Potential impact
Notification
Approval process
Maintenance window
Authorized downtime
Notification of change
Documentation
Network configurations
Additions to network
Physical location changes

5.9 Compare and contrast the following ports and protocols.

80 HTTP
443 HTTPS
137-139 NetBIOS
110 POP
143 IMAP
25 SMTP
5060/5061 SIP
2427/2727 MGCP
5004/5005 RTP
1720 H.323
TCP
Connection-oriented
UDP
Connectionless

5.10 Given a scenario, configure and apply the appropriate ports and protocols.
20,21 FTP
161 SNMP
22 SSH
23 Telnet
53 DNS
67,68 DHCP
69 TFTP
445 SMB
3389 RDP

CompTIA Network+ Assessment Exam


Use the practice test questions in this mini assessment exam to test your knowledge of the topics covered in this
Kindle Short. Remember, this Kindle Short does not cover all objectives within the Network+ exam. If youd like some
additional practice test questions for the full exam, check out the CompTIA Network+ N10-006 Practice Test Questions
(Get Certified Get Ahead) [Kindle Edition].

1. Which of the following devices uses an ACL to prevent unauthorized access into a
network?
A. Firewall
B. Proxy server
C. Load balancer
D. VPN concentrator

1. Answer: A is correct. A firewall uses rules within an access control list (ACL) to prevent unauthorized access into a
network.

A proxy server reduces bandwidth by storing copies of web site pages in cache and then serving these cached pages to
other users. It does not use an ACL.
A load balancer can balance traffic among multiple servers. It does not use an ACL.
A virtual private network (VPN) concentrator supports multiple VPN connections but it doesnt use an ACL.

2. You manage a network that has multiple computers connected via a single Ethernet

switch. What topology does this network use?


A. Ring
B. Mesh
C. Bus
D. Star

2. Answer: D is correct. A network that connects devices via a central switch is using a star topology. The centralized
switch has point-to-point connections to each of the devices connected to the switch.

In a ring topology, computers are connected in a circle. They may connect to a central device known as a multistation
access unit (MSAU) but not an Ethernet switch.
In a mesh network, computers will have multiple connections to each other, rather than to a single switch.
A bus configuration has devices connected directly to each other.

3. A network is configured with a topology that forces devices to wait before


communicating on the network. What type of network topology is this?
A. Ring
B. Mesh
C. Bus
D. Star

3. Answer: A is correct. A token ring network is configured as a circle or a ring and clients can only send traffic when
they have a logical token.

In a mesh network, computers will have multiple connections to each other, but the topology doesnt use a token or force
devices to wait before communicating.
A bus configuration has devices connected directly to each other. It does use collision detection forcing devices to wait
after detecting a collision, but not before communicating the first time.
A network that connects devices via a central switch is using a star topology and it doesnt use a token or force devices
to wait.

4. Which of the following network topologies has a central device that is a potential single
point of failure?
A. FDDI
B. Mesh
C. Bus
D. Star

4. Answer: D is correct. A network that connects devices via a central switch is using a star topology and the switch is a
potential single point of failure. If the switch fails, all devices connected to the switch lose network connectivity.

A Fiber Distributed Data Interface (FDDI) network uses two rings, with each ring transmitting data in the opposite
direction providing redundancy for the network.
A mesh network will have multiple connections to each other, providing several layers of redundancy.
A bus configuration has devices connected directly to each other, not to a central device.

5. How many broadcast domains and collision domains are on a basic 12-port switch using
half-duplex mode?
A. 12 collision domains and 12 broadcast domains
B. 12 collision domains and 1 broadcast domain
C. 1 collision domain and 12 broadcast domains
D. 1 collision domain and 1 broadcast domain

5. B is correct. The switch creates 12 collision domains and 1 broadcast domain.


A switch creates a single broadcast domain, not separate broadcast domains so any answer
with 12 broadcast domains is incorrect.
A switch creates separate collision domains for each port, not a single collision domain for
the entire switch.

6. How do computers on a peer-to-peer network pass information between each other?


A. From one client to another
B. Through a centralized server
C. Through a router
D. Through a firewall

6. A is correct. Computers in peer-to-peer network pass information to each other from


one client (or one computer) to another.
Computers in a client-server topology receive information from a centralized server.
Routers and firewalls are not directly related to a peer-to-peer network.

7. You are planning a small network for a business owner and need to identify the best
location for a server. Which of the following should you consider first?
A. Equipment limitations
B. List of requirements
C. Environment limitations
D. Compatibility requirements

7. Answer: C is correct. The environment limitations are a primary consideration when identifying the location of
equipment in a network.
The equipment limitations effect the operation of the network, but wont drive the where they are located.
One of the first steps when creating a network is to create a list of requirements.
These requirements might help determine the best location, but the environment limitations are more important when
identifying the best location.
Based on the requirements, you may not need to run much cable. For example, if a wireless network is acceptable, very
little cable will be needed.


Get Certified Get Ahead

Chapter 1
Understanding Basic
Networking Components
CompTIA Network+ objectives covered in this chapter
1.1 Explain the functions and applications of various network devices.
Router
Switch
Firewall
Access point (wireless/wired)
Hub
Analog modem

1.6 Differentiate between common network topologies.
Mesh (Partial, Full)
Bus
Ring
Star
Hybrid
Point-to-point
Point-to-multipoint
Client-server
Peer-to-peer

1.7 Differentiate between network infrastructure implementations.
WAN
MAN
LAN
WLAN (Hotspot)
PAN (Bluetooth, IR, NFC)

1.8 Given a scenario, implement and configure the appropriate addressing schema.
Multicast
Unicast
Broadcast
Broadcast domains vs collision domains

1.12 Given a set of requirements, implement a basic network.

List of requirements
Device types/requirements
Environmental limitations
Equipment limitations
Compatibility requirements
Wired/wireless considerations
Security considerations

2.6 Given a scenario, configure a switch using proper features.
Interface configuration (Speed and duplexing)

5.2 Explain the basics of network theory and concepts.
Numbering systems (Binary, Hexadecimal, Octal)
Collision

5.6 Summarize safety practices.
Electrical safety (Grounding)
ESD (Static)
Installation safety (Lifting equipment, Rack installation, Placement, Tool safety)
MSDS
Emergency procedures (Building layout, Fire escape plan, Safety/emergency exits, Fail open/fail close,
Emergency alert system)
Fire suppression systems
HVAC

One of the common challenges with any complex technical topic is grasping both the big picture and the relevant
details. As an example, youll need to know in-depth details of the Dynamic Host Configuration Protocol (DHCP) and
how it works. While youre perfectly capable of learning those details, they wont have much meaning if you dont have
an understanding of typical network concepts. However, if you have a good understanding of basic networking concepts,
it becomes much easier to drill into the details.
You can compare this to a jigsaw puzzle. Its easier to do the border first and then connect the pieces together
from the border into the center. With this in mind, think of this chapter like the jigsaw border. It provides you with an
overall idea of many networking concepts including the common devices, types of networks, and topologies. The
primary purpose is to help you get an idea of the big picture so that future chapters will make sense as you start to drill
into the details of various topics.

This chapter also covers numbering systems and basic safety topics listed in the CompTIA objectives.

Understanding Common Network


Components
Networks connect computing devices together so that users can share resources such
as data and devices. For example, a simple network can have two computers and a printer.
Users on the network can access shared files and folders on each of the computers, and
print documents through the networked printer.
Before networks were widespread, users shared files by copying them to a disk and
carrying them to other computers humorously referred to as sneakernet. People used
their shoes (such as tennis shoes or sneakers) to transfer the data.
The most common type of device on a network is a desktop personal computer (PC).
However, networks include many other types of devices such as servers, printers, laptop
computers, smartphones, and tablets. Youll often see a computing device on a network
generically referred to as a client, host, or node.
Network devices such as hubs or switches connect these clients together within a
network. Routers connect multiple networks together to create larger and larger networks.
The Internet appears as a single huge network but in reality, it is a massive network of
networks connected with routers around the world.
If youre pursuing the Network+ certification, its expected that you have a basic
understanding of clients or hosts on a network. With this in mind, I wont delve into the
details of how a PC, laptop computer, or printer operates internally. However, you will
learn the details of how these computing devices connect with network devices and
communicate over a network.
The following sections introduce some common networking devices such as
switches and routers. Future chapters cover these devices in much more detail.
Before introducing these network devices, its useful to understand three different
methods that clients use to transmit data. They are:
Unicast. You can think of this as one-to-one traffic. One computer sends data
to one other computer on the network.
Broadcast. You can think of this as one-to-all traffic. One computer sends
data to all other computers on the network.
Multicast. You can think of this as one-to-many traffic. One computer sends

data to multiple computers on the network, but not all of them.

Remember This
Unicast traffic goes from one computer to one computer. Broadcast traffic
goes from one computer to all other computers on the network. Multicast
traffic allows a single computer to address multiple computers on a network
simultaneously without addressing all of them.

Hub
A hub has multiple physical ports used to provide basic connectivity to multiple
hosts. Hubs commonly have between four and thirty-two physical ports. In an Ethernet
network, the hub has multiple RJ-45 ports. Twisted pair cables plug into the RJ-45 port on
one end and plug into a clients network interface card (NIC) on the other end.
Most hubs are active, meaning they have power and will amplify the output to a
predefined level. In this sense, they are similar to a repeater. A basic repeater accepts one
input, amplifies it to a predefined level, and has one output. This is useful if you need to
extend a cable farther than normal. Active hubs have multiple ports and are sometimes
called multiport repeaters.
Hubs do not have any intelligence or analytical capabilities so they cannot
determine if the transmissions are unicast, broadcast, or multicast. Whatever goes in one
port goes out other ports. As an example, Figure 1-1 shows four computers connected to a
hub. When one computer sends data through one port, the hub transmits the data to each
of the other ports on the hub.

Figure 1-1: Hub

Most organizations have replaced hubs with switches. Switches have more
intelligence and provide better performance than hubs.

Remember This
Hubs forward all traffic to each of the hub ports. This includes unicast,
multicast, and broadcast traffic.

Switch
Switches connect devices in a network similar to how hubs connect devices. The primary difference is that
switches have more intelligence and make decisions on what traffic to send to each port. Switches make these decisions
based on the media access control (MAC) address assigned to each connected device.
A MAC address is a 48-bit address assigned to a clients NIC and it is typically displayed as six pairs of
hexadecimal characters like this 1A-2B-3C-4D-5E-6F or this1A:2B:3C:4D:5E:6F. Valid hexadecimal characters are the
numbers 0-9 and the letters A-F. Four bits represent each character. For example, 0001 represents 1 in hexadecimal and
1110 represents E in hexadecimal. If you need to review decimal, hexadecimal, and binary topics, check out the section
later in this chapter.
You might hear that MAC addresses are unique and are permanently assigned to a NIC. This isnt exactly
correct.
MAC addresses are theoretically unique. You are not likely to see any two identical MAC addresses
assigned to different NICs, but it is possible.
MAC addresses can be changed. MACs are typically burned into the NIC making them semipermanent. However, you can change the MAC address for the NIC through the operating system or a
software tool.
When devices transmit data from one device to another, they include their MAC address as the source MAC
address and the other devices MAC address as the destination MAC address. A switch typically doesnt know which
MAC addresses are associated with each physical port when it is first powered up. However, over time, it tracks the
traffic and eventually learns the MAC addresses associated with each of its ports.
As an example, consider Figure 1-2. It shows four computers connected to a basic switch with four ports, and a
Port-MAC table created within the switchs memory. When the switch first turns on, the Port-MAC table is empty.
However, when computer A transmits data, the switch captures the MAC address, associates it with port 1, and enters it
into the Port-MAC table. At this point, it doesnt know the MAC addresses for other computers. Over time, the other
computers transmit data with their MAC address and the switch populates the Port-MAC table with the captured data.

Figure 1-2: Basic switch

A switch sends broadcast transmissions to all other ports. However, it evaluates unicast and multicast
transmissions and sends them to the destination computers based on the MAC address. For example, if Computer A
sends a unicast message to Computer B, the switch sends the data to port 2 of the switch. Computers C and D do not see
the data transmission at all.
The Connecting Devices with Switches chapter covers switches in much more depth. Youll learn the
differences between managed and unmanaged switches, layer 2 and layer 3 switches, and how to create virtual local area
networks (VLANs) with a switch.

Remember This
You connect devices together in a network with a hub or a switch. Switches
pass all broadcast traffic. They evaluate traffic and forward unicast and
multicast traffic based on the destination MAC address.

Router
Routers connect networks together into a single network of networks by routing traffic between the networks.
They provide a path or gateway out of a network and once traffic reaches the router, the router determines the best path
for the traffic to reach its destination.
Routers use Internet Protocol (IP) addresses to identify the best path. In comparison, switches use 48-bit MAC
addresses. Data transmissions include both source and destination MAC addresses. They also include both source and
destination IP addresses. While the MAC addresses are semi-permanent and burnt into the NIC, the IP address is much
more dynamic. You assign the IP address dynamically with something like Dynamic Host Configuration Protocol
(DHCP), or manually when you first configure the computer.
IPv4 addresses use 32-bits and are typically expressed in a dotted decimal format, such as 192.168.1.5. Each
decimal represents an octet of eight bits. For example, 192 is 1100 0000, 168 is 1010 1010, 1 is 0000 0001, and 5 is 0000
0101. Its much more difficult to read a 32-bit binary address such as 11000000101010100000000100000101 than it is
to read a dotted decimal address like this 192.168.1.5 so youll see IPv4 addresses in a dotted decimal format much more
often. The Exploring IP addressing chapter covers both IPv4 and IPv6 addresses in more depth.
Figure 1-3 shows Switch 1 connecting several computers together in one network and Switch 2 connecting
several computers together in another network. Each of the computers in Network 1 has an assigned IP address that is
compatible with Network 1. Similarly, each of the computers in Network 2 has an assigned IP address that is compatible
with Network 2.

Figure 1-3: Router connecting networks


When Computer A sends unicast traffic to Computer B, it goes through Switch 1. When Computer A sends
unicast traffic to Computer D, Computer A sends the traffic to the Network 1 gateway, which is the near side of the
router. The router looks at the destination IP address, realizes it needs to go to Network 2, and sends the traffic to
Computer D through Switch 2. When any computer needs to access the network, it sends the traffic to the router, and the
router then sends it to the Internet connection.
Notice that this router has three connections. Each connection works similar to the network interface card on a
computer. It has an assigned MAC address and an assigned IP address. In Figure 1-3, you can see that the router has

three interfaces, but it could just as easily have four, five, or more. Each interface would connect the router to another
network and the router would be able to route any traffic it receives to the correct network based on the destination IP
address.
The Connecting Networks with Routers chapter covers routers in much more depth. Youll learn how routers
identify the best path for traffic to take through a network that has multiple routers. Youll also learn how routers share
information with each other using routing protocols such as Routing Internet Protocol (RIP) and Open Shortest Path
First (OSPF).

Modem
A modem (modulator/demodulator) converts digital and analog signals and is commonly used to provide Internet
access through an Internet service provider (ISP). There are several types of modems available.
Cable modem. Many telecommunications companies sell subscriptions for cable television and use the
same cable to provide users with an Internet connection. Cable Internet access has fast speeds and is
commonly called broadband access. Broadband cable access is widely available in metropolitan areas,
but not always available in rural locations.
Dial-up analog phone modem. In locations where broadband cable isnt available, some users still use
a dial-up connection and a phone modem. The phone modem connects via plain old telephone service
(POTS) lines, which are widely available. Unfortunately, these connections are painfully slow due to the
amount of traffic that most users download.
Digital subscriber line (DSL) modem. DSL modems provide significantly faster speeds than older
phone modems but still use telephone lines. A DSL router includes the capabilities of a DSL modem and
a router. Most DSL lines are asymmetric (ADSL), with the download link significantly faster than the
upload link.
The Connecting Devices in a Network chapter explores some of the other methods used for Internet access.

Remember This
Modems are a popular method of connecting to the Internet through an ISP.
This includes cable modems and DSL modems.

Access Point
Most wireless networks use an access point to provide wireless devices access to a
wired network. Youll often hear an access point referred to as an AP or a wireless access
point (WAP). The AP acts as a switch and connects all the devices into the same network.
Many APs include routing capabilities and are sold as wireless routers. These
typically have physical ports similar to any switch allowing you to connect wired devices
in addition to supporting wireless devices. The switch portion of the access point connects
the devices on the network, and the routing portion of the access point connects networks
together.
Figure 1-4 shows a typical network configuration in a small network using an AP
with routing capabilities. The devices connected with a solid line are using wired
connections. The devices connected with a dotted line are using wireless connections. The
access point connects to the Internet via a modem and an ISP and all devices connected to
the access point have Internet access through it.

Figure 1-4: Wireless access point with routing capabilities


The Managing Wireless Networks chapter covers access points in much more depth including:
Wireless standards such as 802.11g, 802.11n, and 802.11ac.
How to install and configure a wireless network
How to implement appropriate wireless security measures
How to troubleshoot common wireless problems
Common wireless threats, vulnerabilities, and mitigation techniques

Firewall
A firewall provides protection for networks and individual computers. Most networks have a firewall at the
border, directly between the private network and the public Internet. These network firewalls help protect networks from
Internet-based attacks. Additionally, computers commonly have software-based firewalls that provide an added layer of
protection for the computer. They protect against potential threats within a network.
IT-based firewalls are similar to firewalls in cars. The firewall in a car is between the engine compartment and
the passenger compartment. If the engine catches fire, the firewall helps block the fire from getting into the passenger
compartment.
The firewall in a car isnt foolproof. A collision can damage the firewall, significantly reducing the protection it
provides. Similarly, a firewall in a network isnt foolproof. Attackers might be able to bypass the firewall, or find holes
that they can exploit. However, the IT-based firewalls do provide a good front line defense.
A very basic firewall is a packet-filtering router with an access control list (ACL). The ACL is a group of rules
that define network access. These rules define traffic based on IP addresses, protocols, logical port numbers, and other
information included within data packets. The router then examines each packet and filters traffic based on the rules.
Advanced firewalls have a lot of sophistication and can be much more selective about what traffic they block and
allow. Instead of looking at individual packets, they can look at a full conversation of traffic between systems and block
malicious traffic.
Firewalls are very useful for protecting private networks from attackers. Many attackers try to attack a network
through the Internet so the most common place youll see a firewall is at the border of a network, between a private
internal network and the public Internet as shown in Figure 1-5. This also clearly shows the order of connectivity for
devices to the Internet: from a network client such as a desktop PC to a switch, to a router, to a firewall, to an ISP and
then to the Internet.
Figure 1-5 shows a typical network with a switch, router, and firewall. The switch connects devices together into
a network. The router connects networks together in this figure, it is connecting the private network with the Internet
via the modem and ISP. The firewall provides a layer of protection to the router and the internal network.

Figure 1-5: Network connectivity with a firewall

Remember This

Routers and firewalls use a group of rules in an ACL to define network access
and prevent unauthorized access. Most organizations have network-based
firewalls at their network border, providing a barrier between a private
network and the public Internet. Device connectivity to the Internet in a
typical network takes this path:
Network device > Switch > Router > Firewall > ISP > Internet.

Simplified Diagrams
Many network diagrams do not show all of the network devices. For example, many basic diagrams omit
switches. Similarly, many routers (including wireless routers) include firewall capabilities so you might see the router,
but not the firewall.
Figure 1-6 shows another depiction of the same network displayed in Figure 1-5. The devices are connected to a
line and the switch is implied even though it isnt displayed. The router is shown connected to the Internet but it is
typically connected through a modem and an ISP. Even though the diagram doesnt show a firewall, you can bet one is
in use.

Figure 1-6: Simplified network diagram


The Understanding Network Access Security chapter provides much more information about firewalls. Youll
learn about software and hardware firewalls, the difference between a stateful inspection firewall and a packet filtering
firewall, and different configurations of a firewall such as in a demilitarized zone (DMZ).

Network Segments and Domains


With a basic understanding of how switches and routers work, you can now add three additional network terms:
segment, broadcast domain, and collision domain. These terms are mentioned again in future chapters so its important
to know what they are.
Network segment. A portion of a network that is separate from other portions of a network. In many
instances, it is a single cable, such as a between a computer and a switch. In other instances, it includes
multiple cables, such as between a hub and devices connected to the hub.
Collision domain. A portion of a network where transmitted data from one device can collide with
transmitted data from another device. When a collision occurs, both transmissions fail and both devices
must transmit their data again. More collisions result in more traffic, and an overall slower network.
Broadcast domain. A portion of a network where broadcast data from one device can reach all other
devices in the same broadcast domain.
Figure 1-7 shows a network with a hub, a router, and a switch. You can see how the hub creates a single logical
connection between computers A, B, and C, and the router. This logical connection is a segment. In contrast, the switch
in Network 2 isolates the connections between the router, and computers D, E, and F. The connection between Computer
D and the switch is one segment, the connection between Computer E and the switch is another segment, and so on.

Figure 1-7: Collision and broadcast domains


Network 1 is both a collision domain and a broadcast domain. If computer A sends unicast traffic, it can collide
with unicast traffic sent by Computer B, Computer C, or the router. Because of this, the segment created by the hub is a
collision domain.
Similarly, if computer A sends broadcast traffic, it will reach computers B and C, and the router. Because of this,
the segment created by the hub is also a broadcast domain. The router will not pass broadcast traffic to or from Network
1 and Network 2. In other words, the router creates separate broadcast domains.
The switch in Network 2 includes four ports and it effectively creates four separate collision domains. If
Computer D sends unicast traffic to Computer E, the switch only sends the traffic to Computer E. The traffic doesnt

reach the router or Computer F, and cannot collide with traffic from these two devices.
Network 2 is a broadcast domain. Switches pass broadcasts so any broadcast traffic sent by Computers D, E, or F
will reach all the systems in Network 2.
Some important points to remember related to collision domains and broadcast domains are:
Hubs pass all traffic.
Devices connected to a hub are in a single collision domain and a single broadcast domain.
Switches segment unicast traffic and pass broadcast traffic.
Switches create separate collision domains with each port.
Devices connected to a switch are in a single broadcast domain.
Routers do not pass broadcast transmissions.
Routers create separate broadcast domains.

Remember This
A switch creates a single broadcast domain and separate collision domains for
each port. For example, a switch with four ports creates four collision
domains. A router creates separate broadcast domains. For example, two
networks separated by a router are in two separate broadcast domains.

Duplex Connections and Collisions


Computers and network devices can typically communicate using different modes. The most common modes are
half duplex and full duplex, but simplex mode is used in some specialized connections.
Simplex. Data is sent over the connection in one direction only. For example, a computer can send data
over a simplex connection but not receive data on the same connection.
Half duplex. The same connection supports both transmitting and receiving but only one at a time. For
example, while a computer is sending data over the connection, it cannot receive data on the same
connection. This is similar to how push-to-talk cellular phones or old-fashioned walkie-talkies operate.
Full duplex. The same connection supports both transmitting and receiving simultaneously. The
connection has separate wires used for both transmitting and receiving. This eliminates the possibility of
data colliding with each other on the same cable. Most twisted pair cables and network interface cards
(NICs) support full duplex mode, but some legacy hardware does not support it.
Figure 1-8 shows a switch with two computers connected. Computer A has a full duplex connection, so it can use
the same connection to send and receive data at the same time. Computer B is connected with a half duplex connection.
It can send data to the switch using this connection, or receive data back from the switch on this connection, but it cannot
send and receive data at the same time with this connection.

Figure 1-8: Full duplex and half duplex connections


Most interfaces support auto-negotiation for the correct duplex mode and speed. If both devices can operate
using full duplex mode, they automatically configure themselves using full duplex mode. If one of the devices can only
operate at half duplex mode, the other device will configure itself to use the slower half duplex mode.
If you run across a connection running in half duplex mode, check to see if one of the interfaces is manually
configured to use half duplex. If it is, you can often change it to full duplex to increase the speed of the connections.
The connection will not work if both devices are manually configured with different modes. For example, the
connection fails if one device is manually configured with half duplex and the other device is manually configured with
full duplex. The link light on the devices will show that they are connected, but they wont be transferring data back and
forth between each other.

Remember This
Auto-negotiation automatically configures interfaces with the fastest duplex
mode and speed of the other device. When using manual settings, both devices

must be manually configured with the same duplex mode and speed or the
connection fails.
There is a subtle point worth mentioning here. If you look at the full duplex
connection in Figure 1-8, you can see collisions are impossible. The only way a collision
can occur is if the same line is used to send and receive data, but you can see that the
computer sends data on one line and receives data on the other line.
However, even though collisions are impossible if both devices are using full duplex
mode, you should still think of each port on a switch creating separate collision domains,
especially when taking the Network+ exam.

Comparing PANs, LANs, WANs, and


More
There are many different types of networks, and as a network technician, you need to understand their
differences. The following sections introduce common network types.

PAN
A personal area network (PAN) is a network of devices around a single person. Bluetooth has been the traditional
protocol used with a PAN. However, a PAN might use near field communication (NFC) protocols or infrared (IR) too.

Bluetooth Wireless
Bluetooth is a short-range wireless system and Bluetooth devices include smartphones, personal digital assistants
(PDAs), and other computer devices. As an example, the Apple Watch uses Bluetooth to communicate with a users
iPhone. The range of Bluetooth was originally designed for about three meters (about 10 feet), but the range is often
farther, and ultimately extends beyond a persons personal space.

NFC
Near field communication (NFC) is a group of standards used on mobile devices that allow them to communicate
with other mobile devices when they are close to them. For example, in some cases, you can share information with a
friend just by touching your smartphone with hers, or by placing your smartphone in close proximity to hers. Many
credit card readers support payments using NFC technologies. For example, you can make a purchase in some
establishments just by placing your phone close to the credit reader.

IR
Infrared (IR) uses an infrared light and is commonly used in devices such as TV remotes. It can be used with a
PAN, but this isnt as common because it requires a clear line of sight between the two devices. If the path is blocked by
something as simple as a single piece of paper, it blocks the communication.

Remember This
A personal area network (PAN) is a network of devices around a single person.
A common protocol used with PANs is Bluetooth.

LAN
A local area network (LAN) is a network of devices within a single location. It can include just a single switch
used to connect the devices and a single router used to connect the network to the Internet. Large organizations might
have dozens of switches and routers, but the key is that all the devices are in the same location.

WLAN
A wireless local area network (WLAN) connects devices without the need for cables. It is easy to set up and can
quickly connect several computers at a lower cost than it takes to create a wired network. A significant challenge with
wireless networks is security. Wireless security has improved over the years, but wireless networks are still susceptible
to vulnerabilities and many users just dont understand how to lock down a wireless network adequately.
Many organizations set up hotspots for their customers. For example, a coffee shop might set up a WLAN as a
hotspot allowing customers to easily connect to the Internet while sipping a cappuccino or latte. Hotspots rarely use any
security, but instead are open wireless network providing easy access for customers.
The Managing Wireless Networks chapter covers WLANs in much more depth including basic security
mechanisms.

CAN
A campus area network (CAN) is a network that connects multiple buildings in a small geographical area, such
as a university campus. Similarly, many technology companies in Silicon Valley own several buildings spread across a
small geographical area. Even though they arent educational institutions, people commonly refer to the area as a
campus.
Figure 1-9 compares a LAN with a CAN. On the left is a single local area network with some personal
computers and a server. While not shown in the diagram, this network would have at least one switch, at least one router,
a firewall, and Internet connectivity. The CAN shows similar LANs in several buildings within a university campus
connected together. The buildings might be connected together with physical cables such as underground fiber runs, or
they could be connected with other methods such as microwave links. While not shown, the CAN would have Internet
access, protected with at least one firewall.

Figure 1-9: LAN vs CAN

MAN
A metropolitan area network (MAN) is a group of networks spread across a larger geographical area beyond the
size of a campus. As an example, a network connecting several groups of networks within a city is a MAN. Similarly, if
a city government has several connected networks spread throughout the city, it is a MAN. If the buildings depicted in
Figure 1-9 were spread across the city, the CAN would be labeled as a MAN instead.

Remember This
A campus area network (CAN) is a network connecting multiple buildings, but
in a limited area. A metropolitan area network (MAN) is similar to a CAN, but
includes networks spread across city or larger metropolitan area.

WAN
A wide area network (WAN) is a group of two or more networks spread across a large geographical area. There
isnt a specific distance that identifies a network as a WAN, but generally it indicates that two or more networks are in
separate cities. For example, an organization can have a network in Virginia Beach, VA and a second network in New
York, NY. They can then connect the two networks creating a WAN.
Its rare for an organization to run their own cables for a WAN. For example, a company with offices in Virginia
Beach and New York would not dig trenches between the two cities to lay the cable. Instead, they lease bandwidth from
existing lines owned by telecommunications companies.

VPN
A virtual private area network (VPN) is a connection to a private network over a public network such as the
Internet. There are two primary types of VPNs. They are:
Host-to-gateway or host-to-site VPN. A single user (using a host computer) accesses the organizations
site with a VPN connection. The user is able to access the internal network from a remote location so
youll often hear this referred to as remote access. The user must initiate this connection.
Gateway-to-gateway or site-to-site VPN. A VPN connects a LAN in one location with a LAN in
another location. This is typically transparent to users in the network. Unlike a host-to-gateway VPN,
users in a gateway-to-gateway VPN do not need to initiate the connection. It is either always connected,
or in some cases, enabled on demand.
Figure 1-10 shows a host-to-gateway VPN. The user first connects to the Internet. This could be from a home
computer, a wireless access point while traveling, or anywhere else the user has Internet access. Next, the user connects
to the VPN server over the Internet. The VPN server challenges the user to authenticate and after the user enters the
correct credentials, such as a valid username and password, the user has access to the internal network. This network
shows an internal email server and file server. Users that connect to the VPN, have access to these servers just as if they
connected from within the private network. A primary difference is that the VPN connection will be slower because it is
going over the Internet.

Figure 1-10: Host-to-gateway VPN


Tunneling and encryption protocols protect the data within the VPN connection. A future chapter covers these
protocols in more depth.
You might have noticed that the VPN is between two firewalls. This shows a classic demilitarized zone (DMZ).
Typically, an organization places any Internet facing servers within a DMZ. The DMZ provides protection to the
network from any Internet threats, and isolates the Internet facing server from the internal network. This diagram is
simplified to show the VPN, but youll often see multiple servers within a DMZ.
Figure 1-11 shows a gateway-to-gateway VPN connection. It is connecting a headquarters location with a
regional office. You can see that each site has a VPN server connected through a firewall to a cloud. The cloud indicates
a connection but it could be one of several different types of WAN connections leased from a telecommunications
company. Its important to realize that a leased line is rarely private. Instead, it is shared among multiple companies that

are leasing bandwidth over the same line. Just as a host-to-gateway VPN uses tunneling and encryption protocols to
protect it, a gateway-to-gateway VPN includes tunneling and encryption protocols.

Figure 1-11: Gateway-to-gateway VPN

Identifying Network Topologies


A network topology refers to the arrangement of devices on a network. Further, based on this arrangement, the
topology identifies how data flows within the network. The Network+ objectives refer to several common network
topologies, which are covered in this section.

Star
The majority of networks in use today use a star topology or a hybrid topology that includes a star and another
topology. Network clients connect to a central device such as a hub or a switch in a star topology.
Figure 1-12 shows the layout of a star topology with devices connecting to a central device. The graphic on the
right shows how it can resemble a star. While the figure shows a logical diagram of connected devices, its important to
realize that the hub or switch is rarely in a central physical location. For example, youll rarely find a switch in the
middle of an office with cables running from the computers to the switch. Most organizations mount switches in a server
room or a wiring closet.

Figure 1-12: Star topology


Because all devices connect to the central device, it is a potential single point of failure. If the central hub or
switch fails, all devices connected to this central device will also lose connectivity.Th
Many networks in both large and small organizations use twisted pair cables. Additionally, the network clients
usually dont connect directly to the hub or switch, but instead are connected through different cables. Heres a common
standard used in many organizations:
One cable connects the computer to a wall socket. This cable has RJ-45 connectors on both ends.
Another cable attaches to the wall socket and runs through walls, ceilings, and/or floors to a wiring
closet or server room, where it is attached to a wiring block.
The front of the wiring block has a patch panel. A patch cable connects the wiring block to a port on a
switch.
While this connection uses three separate cables, it is electrically the same connection.

Remember This
The star topology is the most common network topology in use. Network
clients typically connect to a switch with twisted pair cables. The switch is a
potential single point of failure for all devices connected to it.

Ring
A ring topology has devices logically connected in a circle or ring. Data travels around the ring in a single
direction through each device. Ring topologies use a logical token and are often referred to as token ring topologies. A
token is special three-byte data unit passed around the ring. Devices only transmit data when they have the token.
You may have heard of talking sticks used by some Native American cultures. A group of people sits in a circle
and they pass a stick around the circle to each other. Members of the group can only talk when they have the stick, and
they listen when they dont have the stick. As long as the group doesnt get too large, this is an effective method of
ensuring that everyones voice is heard. The three-byte token is similar to an electronic file, but it works just like the
talking stick.
Ring topologies have two significant weaknesses: scalability and fault tolerance.
First, ring topologies do not scale well. Performance degrades with each computer added to the ring. With five
computers on the network, each computer has the token about 20 percent of the time (1/5). If you increase the number of
computers on the network to 100, each computer only has the token about 1 percent of the time (1/100).
Second, a single break in the circle takes down the entire network. The break can be in the ring itself or a failure
from any single device in the ring. Ring topologies commonly add a multistation access unit (MAU) to compensate for
this. The devices are still connected in a logical circle and data travels one way around the circle. However, each device
connects to the MAU instead of adjoining devices. Devices then transmit and receive data to and from the MAU. If one
of the devices in the ring fails, the MAU senses the failure logically removes it from the ring.
Figure 1-13 shows the logical layout of a token ring network topology. On the right, you can see how devices
connect to each other via central MAU. The ring with the MAU looks similar to a star topology but the difference is that
data travels in a circle around the ring. In a star network, data can travel to and from any device without regard to any
direction.

Figure 1-13: Ring topology


Some fiber optic networks use Fiber Distributed Data Interface (FDDI). These are similar to token ring networks
with one significant difference. Instead of the network using a single closed circle network for data transmissions, the
FDDI network has two rings. Each ring transmits data in the opposite direction providing redundancy for the network.

Synchronous Optical Networking (SONET) is a group of protocols using fiber optic cables, and some SONET
implementations use ring topologies.

Remember This
A ring network connects devices in a circle and transmits a token one way
around the circle. Devices in the ring only transmit data when they have the
token. FDDI networks use two rings and each ring transmits data in the
opposite direction providing redundancy for the network.

Mesh
A full mesh topology provides redundancy by connecting every computer in the network to every other computer
in the network. If any connections fail, the computers in the network use alternate connections for communications. A
partial mesh topology provides redundancy by connecting some of the computers to multiple computers in the network.
Figure 1-14 shows an example of a full mesh topology. It has five computers, but ten connections. The number of
connections quickly expands as you add more computers. For example, if you add a sixth computer, youd need to add
an additional five connections for a total of 15 connections.

Figure 1-14: Mesh topology


You can calculate the number of connections needed in a mesh topology with the formula n(n-1)/2 where n is the
number of computers. For example, with five computers, n=5 and the formula is:
5(5-1)/2
54/2
20/2 = 10
Add another computer and the calculation is 6(6-1)/2 or 15 connections.
Due to the high cost of all the connections, full mesh topologies are rarely used within a network. However, there
are many instances where mesh topologies are combined with another topology to create a hybrid. This hybrid topology
has multiple connections to provide a high level of redundancy, but it doesnt connect every single computer with every
other computer in the network.

Bus
A bus topology connects all devices together in a line. This is relatively easy to set up but is difficult to
troubleshoot and rarely used as a primary network topology today. Bus topologies typically use coaxial cable. Thinner
coaxial cable is used in ThinNet (10Base2) networks, and thicker coaxial cable is used in ThickNet (10Base5) networks.
One big difference with the bus topology compared with other topologies is that it requires a physical terminator
at each end of the bus. Signals transmitted down the cable will reflect back if the terminator is missing, and the reflected
signal interferes with all other transmissions. If one of the terminators is missing, it stops all network communications.
Figure 1-15 shows the logical layout of a bus topology. Each device has a T connector that connects into the
NIC with a BNC and two open connections. On most devices in the bus, coaxial cable connects to these two open
connections. On the last device at each end of the bus, the T connector includes a terminator. In the figure, the
terminators and cable are disconnected from the T connectors so you can see the different components. You would see
these connected in a live network.

Figure 1-15: Bus topology


One of the significant challenges with a bus topology is that it is difficult to troubleshoot when problems occur. If
someone removes one of the terminators, disconnects any of the connectors, or accidentally cuts a cable within the
network, the entire network fails. If your network has 100 computers, spread across three floors, youd have to check
each of them until you found the problem.
Figure 1-16 shows the result of a cable break in a bus topology. It effectively creates two separate bus networks
and each network has only one terminator. When you have four computers in a bus topology, it wont take too much time
to locate this cable break. However, if you have dozens or even hundreds of computers, it becomes very difficult to
identify the location of the break. As technicians are searching for the problem, none of the users will have access to any
network resources.

Figure 1-16: Two non-functioning bus topologies due to a cable break

Remember This
A single break in the cable for a bus topology takes down the entire network.
The break creates two networks and each network has only one terminator.

Hybrid
A hybrid typology is any topology that combines two or more other topologies. As mentioned previously, mesh
networks are very expensive to create all the required connections. Instead, a partial mesh is often connected with
another type of network such as a star network, creating a hybrid.

Point-to-Point vs. Point to Multipoint


A point-to-point topology is a single connection between two systems. Each of the systems are endpoints in the
point-to-point topology. A simple example is two tin cans connected with a string. One person talks into one can, and the
other person can hear what they say. Similarly, if you and a friend are talking on a telephone, you have a point-to-point
connection.
In some cases, a point-to-point connection is a single permanent connection. However, it is more often a virtual
connection or virtual circuit. A virtual circuit still establishes a point-to-point connection but the connection is created on
demand and might take different paths depending on the type of connection. For example, telephone companies use
circuit-switching technologies to establish connections. A telephone call between you and a friend in a different location
might take one path one day, and another path a different day.
Organizations sometimes lease lines from telecommunications companies to create a point-to-point connection.
For example, the gateway-to-gateway VPN shown in Figure 1-11 is a point-to-point connection. As a leased line, it is a
semi-permanent line and often referred to as a virtual circuit.
In contrast, a point-to-multipoint connection goes from one endpoint to many endpoints. You can think of it as a
broadcast or multicast transmission described earlier in this chapter. Wireless access points use point-to-multipoint
transmissions. A single access point can transmit and receive from multiple wireless devices.

Peer-to-Peer vs Client-Server
Computers in a peer-to-peer (P2P) network pass information to each other from one computer to another. The
first widely used P2P network was Napster, an online music-sharing service that operated between 1999 and 2001. Users
copied and distributed MP3 music files between each other using Napster software. A court order shut down Napster due
to copyright issues, but it later reopened as an online music store using a client-server topology. You could purchase
music files directly from Napster and download them from a Napster server.
BitTorrent is a P2P protocol used with many software programs, including the BitTorrent group of P2P programs
distributed and sold by BitTorrent, Inc. Files downloaded with a BitTorrent program are distributed in multiple small
Torrent files from different computers in the P2P network. The program then puts them back together on the client.
Some of the challenges with P2P networks are legal issues and malicious software (malware). From a legal
perspective, many people illegally copy and distribute pirated files. For example, you could spend a year writing,
editing, and finally publishing a book. If this book is available as a P2P file, criminals can copy and distribute it but you
wouldnt get any funds for your efforts. Many criminals also embed malware into files distributed via P2P networks.
Users that download P2P files often unknowingly install malware onto their system when they open the files.
Most legitimate eCommerce sites use a client-server topology. For example, if you use Amazons Kindle service,
you can download Kindle files to just about any device including PCs, iPads, or Kindles. These Kindle files are hosted
on Amazon servers and delivered the to the user device.

Remember This
Computers in a peer-to-peer (P2P) network share information from one client
to another instead of from a server to a client. P2P networks are often referred
to as file sharing networks.

Workgroups vs. Domains


Peer-to-peer networks and workgroups are sometimes confused, but they arent the same. Within Microsoft
networks, a peer network is a workgroup. Each computer on the network is a peer with other computers so the network
is often called a peer network. However, computers in a workgroup do not use file sharing technologies such as
BitTorrent.
Each computer within a workgroup is autonomous and includes separate user accounts held in a Security
Accounts Manager (SAM) database. If users want to log onto a computer, they must use an account held within that
computers SAM. If users need to log onto multiple computers, they need to know the username and password of
different accounts held within different SAM databases.
Figure 1-17 shows both a workgroup and a domain. If Sally wants to log onto Computer A, she needs to use an
account held in Computer As SAM. If Sally needs to log onto all four computers in the workgroup, she would need to
have four accounts, one in each of the four computers SAM databases. As more and more computers are added to a
workgroup, it becomes more difficult for users to remember all the usernames and passwords they need to access the

different computers.

Figure 1-17: Workgroup vs client-server topologies


In a domain, each computer still has a SAM but accounts within the local SAM databases are rarely used.
Instead, a server includes a centralized database of all accounts in the domain. In a Microsoft domain, the centralized
server is a domain controller and it hosts Active Directory Domain Services (AD DS). Users can use the same account
held in AD DS to access any computer within the client-server domain.

Planning and Implementing a Basic


Network
The Network+ exam expects you to be able to plan and implement a basic network, sometimes referred to as a
small office home office (SOHO) network. At this point in the book, many readers wont have enough information to
fully grasp all of the details. However, its worthwhile to be aware of some of the important concepts from a big picture
perspective as youre going through the book so Im introducing them here.

List of Requirements and Devices


One of the first steps youll need to take when planning a basic network is to create a list of requirements for the
network, and a list of devices to meet these requirements. Youll consider the owners needs and desires, along with any
constraints such as environmental or equipment limitations when creating this list. One of the first things that youll need
to determine is if the business owner wants to use a wired network, a wireless network, or a combination of the two.

Remember This
One of the first things youll need to do when planning a basic network is to
create a list of requirements and constraints. You should complete this list
prior to making any purchases.
For a basic wired network, you would typically use the following devices:
Switch. The switch provides connectivity for all the devices in the network.
Router. The router connects the basic network to the Internet.
Firewall. The firewall provides a layer of protection for the internal network. For small networks, you
will often use a device that functions as both a router and a firewall.
Internet access device. This might be a DSL or cable modem or another device depending on the ISP
requirements.
Cables for wired connections. This includes cables from desktop PCs to a switch, a switch to a router,
and a router to the Internet connection such as a cable modem. These are typically twisted pair cables
with RJ-45 connectors.
NICs. While most computers have built-in NICs, youll need to ensure they meet the equipment
requirements of the network. For example, if a desktop PC has a slower NIC, you might need to replace
it with a newer, faster NIC.

Remember This
A basic wired network needs at least one switch and cables to connect each
device to the switch. If the basic network will connect to the Internet, youll
also need at least one router, a cable to connect the switch to the router, and a
cable to connect the router to the ISP device.

Wired/Wireless Considerations
A wireless network is less expensive than a wired network because you dont need to purchase and run cables to
all the devices. A basic access point functions like a switch eliminating the need for a switch in many networks. An
access point with routing capabilities (a wireless router) includes the capabilities of a switch, a router, and a firewall
eliminating the need for additional hardware. In other words, you can purchase a wireless router and the only other
device youll need is an Internet access device such as a modem.
For a basic wireless network, your device list might look like this:
Wireless router. Most wireless routers include RJ-45 ports so you can plug in wired devices, if
necessary.
Wireless NICs. Most devices include wireless NICs, but you can purchase wireless adapters for any
PCs that dont have wireless capabilities. Wireless USB adapters are widely available and they provide
any PC with wireless capabilities through an available USB port.
Internet access device. This device is dependent on the ISP and might be a DSL modem or a cable
modem.
Cables. Youll still need a cable to connect the wireless router to the Internet access device and any
wired devices that need to plug into the wireless router.

Remember This
A wireless network typically uses a wireless router instead of a switch and a
router and only requires cables for devices that cannot connect wirelessly. You
also need a cable to connect the router to the Internet, using the device
specified by the ISP such as a DSL or cable modem.
If your network requires cables, youll need to ensure the cable length is within the required standards. While
there are many different types of cables, most basic networks use twisted pair cable and the maximum length of most
twisted pair cables is 100 meters (about 328 feet). The signal degrades as it passes through the cable and if the cable is
too long, the signal is unusable. While you can use repeaters to amplify the signal, the best bet is to ensure the cables are
within the required length.

Environmental and Equipment Limitations


Two limitations youll need to address in a basic network are environmental limitations and equipment
limitations. A significant environmental limitation is interference. Most interference issues affect wireless networks, but
some can also affect a wired network. Common interference issues are:
Radio frequency interference (RFI). RFI comes from other electronic devices that transmit signals
over the air using the same frequency. This includes devices such as cordless telephones, baby monitors,
home alarm systems, Bluetooth devices, or another wireless network. RFI primarily affects wireless
networks and a future chapter covers some of the methods you can use to avoid or compensate for RFI
problems.
Electromagnetic interference (EMI). EMI comes from electrical devices such as microwave ovens,
light fixtures, and refrigerators. In general, you shouldnt place network devices or cables near these
devices to avoid EMI problems. When running cables between devices, you should keep the cables away
from fluorescent lights and power lines.
Physical objects. Wireless networks transmit radio frequency signals over the air and many physical
objects interfere with these signals. This includes walls, floors, and trees. These objects dont completely
block the wireless signals, but they do reduce the signal strength and reduced signal strength results in
slower connections.
Weather events. If the wireless signal has to pass through an outside area, weather events such as rain,
fog, and electrical storms can interfere with signals. This wont affect devices within the same building,
but might affect signals going to another building such as a detached garage.
Utilities. You also need to ensure the equipment has adequate power, heating, ventilation, and air
conditioning.
You should also consider the equipment limitations when planning a basic network. For example, cables, NICs,
switches, routers, and access points all have maximum bandwidth capabilities. If you want systems within the network to
be able to transfer data at a rate of 1 gigabit per second (1 Gbps), you need to ensure that all of the equipment supports
this speed.
Youll find that the capabilities of switches and routers extend well beyond the basic capabilities introduced in
this chapter. When using them in large organizations, youll need to be concerned with several different features of these
devices, and their limitations. However, for a basic network, the primary equipment limitation you need to worry about
is the maximum bandwidth of each device.

Remember This
Environment limitations are a primary consideration when identifying the

location of equipment in a network. Ideally, youll be able to avoid


interference and have adequate power and air conditioning.

Security considerations
As a rule, you want to ensure that unauthorized users cannot access a network so youd implement appropriate
security precautions. Future chapters will explain how this is done, but as an introduction, you can implement media
access control (MAC) address filtering, control traffic with a firewall, use strong authentication mechanisms, and strong
wireless protocols and security mechanisms.
Securing a wireless network is more challenging than securing a wired network, but it is possible and youll learn
what to do in the Managing Wireless Networks chapter. Due to the security concerns, some business owners might
decide to use wired connections whenever possible even though it adds to the costs.

Compatibility Requirements
In addition to checking for the environmental and equipment limitations, youll need to ensure that network
equipment is compatible with other network equipment. As a simple example, youd need to ensure that you can connect
each of the devices together. Most wired networks use twisted pair cable with RJ-45 connectors so youd need to ensure
that the NICs, switches, and routers all have RJ-45 ports.
Slower devices will normally still work with a faster device, but at a slower speed. For example, if youre using a
1 Gbps switch and a 100 Mbps NIC, the connection between the NIC and the switch will use 100 Mbps.
Most devices can automatically negotiate between using half-duplex and full-duplex connections based on the
capabilities of both connections. However, if the devices use a manual configuration, you need to ensure that both
devices are configured with the same modes. If a NIC is using half-duplex and a switch is using full-duplex, the
connection wont work.
When adding wireless devices to your network, you need to ensure they support compatible protocols such as
802.11n or 802.11ac. Additionally, you should ensure they support the wireless security mechanism youre using. The
Managing Wireless Networks chapter covers these standards in greater depth.

Understanding Numbering Systems


You need to have a basic knowledge of numbering systems. This includes decimal, binary, hexadecimal, and
octal. While this is basic knowledge, it is still important. If you havent used these numbering systems in a while, they
might be a little foggy.

Decimal
When reviewing many topics, its worth reviewing what you know and then connecting it to new topics. In this
case, you should have a good understanding of decimal. Decimal numbers use a base of ten and include the numbers 0 to
9. Because its a base of 10, the next number after 9 is 10.
This shouldnt be a surprise to anyone reading this book. However, its important to understand the underlying
details of base 10.
The position of each number within base 10 has a different value such as 1, 10, 100, 1000, and so on. For
example, consider the number 2,478. It has four numbers (2, 4, 7, and 8) but these numbers have significantly different
values based on their place.
2 is in the thousands place so it has a value of 2,000 (2 1000)
4 is in the hundreds place so it has a value of 400 (4 100)
7 is in the tens place so it has a value of 70 (7 10)
8 is in the ones place so it has a value of 8 (8 1)
Ive had students in the classroom try to make this difficult, but it doesnt need to be. Imagine I offered you the
choice of receiving $2,478 or $8,742. Which would you choose?
If youre like most people, you recognize the first number is over $2,000 but the second number is over $8,000.
Clearly, you would take the $8,000. The math behind it is that the 8 is in the thousands place so it represents 8 thousand
dollars.
Table 1.1 shows the underlying details using the base 10 number 2,478.

Base 10

10^3 10^2 10^1 10^0

Place Value

1,000 100

Decimal Number

Decimal Values 2,000 400

10

70


Table 1.1: Base 10 Table
Note: Exams often use the caret (^) character instead of superscript so Im using the caret in this book. In other
words, 10^2 is the same as 102.
Column A is 10^3 or 10 10 10 (1,000).

With a value of 2, it equates to 2 1,000 (2,000).


Column B is 10^2 or 10 10 (100).
With a value of 4, it equates to 4 100 (400).
Here are two important rules to know for any numbering system:
Any number raised to the power of 1 is itself so 10^1 is 10.
Column C is 10 ^ 1 (10).
With a value of 7, it equates to 7 10 (70).
Any number raised to the power of 0 is 1 so 10^0 is 1.
Column D is 10 ^ 0 (1).
With a value of 8, it equates to 8 1 (8).
Compare this to binary, with a base of 2, in the next section.

Binary
Binary numbers use a base of 2 and include only the numbers 0 and 1. If you were to count with binary, it would
look like this:
0
1
10
11
100
101
Just as decimal numbers have different values depending on their place, binary numbers also have different
values depending on their place.
As an example, 2 raised to the power of 2 is the equivalent of 4 decimal (2 squared or 2 2). Most people know
that 2 2 = 4. Similarly, 2 raised to the power of 3 is 8 (2 2 2). Table 1.2 shows several values for base 2, along with
a binary number of 0000 1001.
Just as in base 10, base 2 follows these two rules:
Any number raised to the power of 0 is 1 so 2^0 is 1.
Any number raised to the power of 1 is itself so 2^1 is 2.

Base 2

2^7 2^6 2^5 2^4 2^3 2^2 2^1 2^0

Decimal Values 128 64

32 16

Binary Number 0

Binary Values

Table 1.2: Base 2 Table


The binary number 0000 1001 has four leading zeros (Columns A, B, C, and D), which can be ignored
when calculating the binary value.
Similarly, the number 5 is the same as 0005. With 0005, we ignore the leading zeros.
Column E is 2^3 or 2 2 2 (8).
With a binary number of 1, it equates to 1 8 (8).

Columns F and G have 0 as the binary number so have a value of zero.


Column H is 2^0 or 1.
With a value of 1, it equates to 1 1 (1).
From a simpler perspective, the binary number of 0000 1001 equates to a decimal of number 9 (8 + 1).

Bits vs Bytes
A single binary number is a bit and eight bits makes up a byte. You can extend binary as far as you need to, but
its common to group binary into four bits (a nibble) or eight bits (a byte). As an example, IPv4 addresses are 32 bits
long, but they are separated into four eight-bit bytes.
Consider the IPv4 address of 11000000101010000000000100000101. Represented in binary, it is a little difficult
for most people to digest. However, if you separate it into four eight-bit bytes and convert each byte into decimal, it
becomes 192.168.1.5. This is commonly referred to as dotted decimal format because each decimal number is separated
by a dot.
Table 1.3 shows the binary equivalent of each of the decimal numbers in the IPv4 address.
Decimal

192

168

Binary 1100 0000 1010 1000 0000 0001 0000 0101



Table 1.3: IPv4 address in decimal and binary

Digit Grouping
When working with numbers, its common to separate them into groups. This just makes it easier for us to read
them. For example, consider the number 3183263765. By grouping the digits with a comma (3,183,263,765), it becomes
much easier to see that it has a value over 3 billion.
Similarly, bytes are commonly grouped into two sets of four bits separated by a space. For example, decimal 168
is 1010 1000 in binary. This is the same as 10101000 but with digit grouping, its easier to read.

Hexadecimal
As an Hexadecimal uses a base of 16. Numbers are represented with the characters 0-9 and a-f, adding six extra
digits to the base ten numbers of 0-9. Each hexadecimal number represents four bits.
example, the binary number 1011 1000 can also be expressed as b8. This is because 1011 is b in hexadecimal and
1000 is 8 in hexadecimal.
Table 1.4 shows the decimal, binary, and hexadecimal equivalent for the numbers up to hexadecimal f.

Decimal

Binary

Hexadecimal

Decimal

Binary

Hexadecimal

0000

1000

0001

1001

0010

10

1010

0011

11

1011

0100

12

1100

0101

13

1101

0110

14

1110

0111

15

1111


Table 1.4: Comparing decimal, binary, and hexadecimal numbers
Hexadecimal (or hex) numbers are not case sensitive. In other words, an upper case B is the same as a lower
case b and both equate to 1011 in binary. However, the current trend is to represent these numbers in lower case.

Upper Case or Lower Case Hexadecimal


Historically, the letters for hex numbers have been listed in all caps such as A, B, C, and so on. For example, you
will typically see 48-bit media access control (MAC) addresses expressed as six pairs of hexadecimal numbers like this:
1A-2B-3C-4B-5C-6D. Notice that the letters are all upper case.
IPv6 addresses are 128 bits and include eight sets of four hex characters such as this:
2001:0db8:0000:0000:b001:c000:d000:f001. Early documents showed the hex letters as upper case. However, due to
problems some applications encountered when searching for specific IPv6 addresses, RFC 5952 includes a
recommendation to list IPv6 addresses with lower case letters.

Octal
Octal uses a base of 8. Valid numbers are 0 to 7 and each number can be represented with three bits. If you
understand binary and hexadecimal, octal should be a breeze. Table 1.5 shows the value of octal numbers from 0 to 7. As
an example, the octal number of 5 equates to a binary number of 101.

Octal Value 2^2 2^1 2^0


0


Table 1.5: Comparing octal and binary numbers
The most common place where youll see octal today is with Linux permissions. For example, instead of
indicating a file has read, write, and execute (rwx) permissions, you might see the permissions expressed as 7 (indicating
a 1 for read, 1 for write, and 1 for execute). The number 7 octal is 111 binary. Similarly, instead of indicating a file has
only read (r) permissions, you might see the permissions expressed as 4 (indicating a 1 for read, 0 for write, and 0 for
execute). The number 4 octal is 100 binary.

Try This
See if you can convert the following decimal numbers to four binary bits:
1
3
5
9
See if you can convert the following hexadecimal numbers to four binary bits:
4
8
b
e
See if you can convert the following octal numbers to three binary bits:
0
2
6
7
You can check your answers at end of chapter.

Staying Safe
When working on computers and networks, its important to pay attention to
safety. Successful technicians remember that computing devices are just things that can be
replaced, but people cannot be replaced. In other words, its always important to value
people over things when working on computers and networks.
The following sections cover common safety precautions mentioned in the
Network+ objectives.

Electrical Safety
As a general guideline, you should never open and work on computers or
networking devices without first removing power. This includes turning the device off and
unplugging it.
The exception is if you are measuring voltages. Obviously, the system needs to be
powered on to measure voltages. However, its important to be careful any time a device is
open. This is to protect you as the technician and to prevent accidental damage to the
device.
When working inside a powered on device, its important to remove or cover all
your jewelry. If a metal watchband or ring touches some components, it can easily destroy
the device. Depending on the device, it can also give you a memorable shock.
Some technicians dont want to remove rings, such as wedding rings. Covering
them with tape while working on the device avoids any problems.

Equipment Grounding
In electronics, ground refers to a path to Earth. Buildings commonly have a spike
hammered into the ground with a copper cable attached to it. This copper cable is attached
to the electrical ground connection throughout the building.
Electrical equipment (including computing and networking devices) includes
circuitry that will automatically redirect any dangerous voltages to ground to prevent
shocks. As an example, if a device develops a fault that can put 115 volts AC onto the case
of the equipment potentially shocking anyone that touches it, the circuitry instead sends
this voltage to ground.
While its rare for a device to develop such a fault, all it takes is once. If the
voltage has enough current, it can kill a person.
With this in mind, its important for technicians to keep ground connections
connected. Disconnecting the ground connections can allow dangerous voltages to bypass
safety circuits.

ESD
Electrostatic discharge (ESD) refers to the discharge of static electricity. It can
damage electronic components so technicians take steps to prevent ESD damage. Youve
probably experienced a static discharge at some point in your life. The most common way
is after walking across a carpeted floor and touching a door knob. The static builds up on
you, and when you touch the doorknob, it discharges.
The shock you felt might have been unpleasant, but it wasnt harmful. If you felt it,
at least 3,000 volts were discharged from your hand to the door knob. If you actually saw
the spark when it discharged, it was at least 8,000 volts. The good news is these voltages
wont kill or hurt people, mostly because static discharge has very little current.
In contrast, as little as 250 volts can damage electronic components inside
computing and networking devices. You wont see it. You wont feel it. However, the
damage is real.
A primary method of preventing ESD is by controlling humidity. If humidity is too
low, it allows static to build up quickly. If you live in a colder area, youll notice that static
is more common in the colder months because heating systems remove humidity from the
air. In contrast, when the humidity is higher, the static charges dissipate naturally. Ideally,
humidity should be around 50 percent. Static can build up on carpets easier than other
floor surfaces so computing devices should not be placed on carpets.
Technicians prevent ESD damage with ESD wrist straps, antistatic bags, and ESD
mats. These help prevent the buildup of static by ensuring the technician and the
equipment are at the same ground potential. Even without these ESD tools, if you touch
the computer case before working on any components, it will harmlessly discharge builtup static onto the case. If you remove any circuit cards, dont touch the components or the
pins. Instead, hold the outside edges or the plastic handles.

Installation Safety
Installation safety refers to some miscellaneous topics beyond electrical safety or
ESD.
Lifting equipment. When lifting equipment, its best to lift with your legs, not
your back. In other words, instead of bending down to pick up heavy equipment, you
should squat by bending your knees to pick it up. There arent any firm guidelines on safe
weight limitations. However, many standards recommend that individuals do not try to lift
equipment more than 70 pounds without help.
Rack installation. Servers and networking devices are commonly mounted in
racks about the size of refrigerator. When mounting the equipment, its often best to do so
with two people. One person can hold the equipment, while the other person screws the
device into rack
Placement. When mounting devices within racks, another concern is ensuring
there is enough room for airflow between the devices. In some situations, instead of
mounting devices directly on top of each other, its necessary to mount them so that there
are gaps between them. This helps prevent equipment damage from overheating.
Tool safety. Its also important to follow general safety practices when working
with tools. The practices vary from one tool to another, but are outlined in the tools
documentation.

MSDS
Material Safety Data Sheets (MSDSs) are available for most products that have a
potential to cause harm to people or equipment. This includes materials such as cleaning
solutions, paints, and chemicals. The MSDS identifies important safety facts about the
material such as its contents and characteristics.
A primary element of the MSDS is first aid steps to take if the product causes an
adverse reaction to either people or equipment. For example, you may use cleaning
products that clean computer screens or keyboards. If any of these products is causing an
adverse reaction to either people or the equipment, you can refer to the MSDS sheet for
information on the product and additional steps to take after the exposure.

Remember This
An MSDS includes important safety information about potentially hazardous
products. If a product causes an adverse reaction, the MSDS will include first
aid information to minimize the effects.

Fire Suppression
You can fight fires with individual fire extinguishers, with fixed systems, or both. Most organizations included
fixed systems to control fires and place portable fire extinguishers in different areas around the organization. A fixed
system can detect a fire and automatically activate to extinguish the fire. Individuals use portable fire extinguishers to
suppress small fires.
The different components of a fire are heat, oxygen, fuel, and a chain reaction creating the fire. Fire suppression
methods attempt to remove or disrupt one of these elements to extinguish a fire. You can extinguish a fire using one of
these methods:
Remove the heat. Fire extinguishers commonly use chemical agents or water to remove the heat. However,
you should never use water on an electrical fire.
Remove the oxygen. Many methods use a gas, such as carbon dioxide (CO2) to displace the oxygen. This is a
common method of fighting electrical fires because CO2 and similar gasses are harmless to electrical
equipment. However, when used in server rooms or data centers, they threaten the lives of employees so
additional precautions are needed to ensure personnel exit before activating the fire suppression system.
Remove the fuel. Fire-suppression methods dont typically fight a fire this way, but the fire will go out after all
burnable material is gone.
Disrupt the chain reaction. Some chemicals can disrupt the chain reaction of fires to stop them.

Remember This
Fire suppression systems attempt to detect and extinguish fires. Systems that
remove or displace all the oxygen in the room can potentially threaten the
lives of personnel in the room, so should be considered with caution.

HVAC
Heating, ventilation, and air conditioning (HVAC) systems enhance the availability of systems. Computing and
networking devices cant handle drastic changes in temperatures, especially hot temperatures. If devices overheat, the
chips can actually burn themselves out. HVAC systems also control humidity to help prevent ESD damage.
The cooling capacity of HVAC systems is measured as tonnage. This has nothing to do with weight, but instead
refers to cooling capacity. One ton of cooling equals 12,000 British thermal units per hour (Btu/hour), and typical home
HVAC systems are three-ton units. Higher-tonnage HVAC systems can cool larger areas or areas with equipment
generating more heat.
The amount of air conditioning needed to cool a massive data center is much greater than you need to cool your
home, primarily because of all the heat generated by the equipment. If your home air conditioner fails in the middle of
summer, you may be a little uncomfortable for a while, but if the data center HVAC system fails, it can result in loss of
availability and a substantial loss of money.
As mentioned previously, its common to mount computing and networking devices in installation racks
(sometimes called bays or cabinets). These racks usually have locking doors in the front and rear for physical security.
The doors have perforations allowing cold air to come in the front, passing over and through the devices to keep them
cool. Slightly warmer air exits out the rear. Additionally, a server room has raised flooring with air conditioning
pumping through the space under the raised floor.

Emergency Procedures
Another element of safety is being aware of existing emergency procedures where
you work. The following text summarizes some common emergency procedures
Emergency alert system. A common emergency alert system is a fire alarm. Fire
alarms can go off automatically, or be set off manually. Additionally, some organizations
have other alerts or alarms for specific situations. For example, some data centers use fire
suppression systems that remove or displace oxygen in the data center. While this
effectively fights the fire, it can also be harmful to humans if they stay in the data center.
Many of these have unique-sounding alarms that go off before the fire suppression system
activates. This gives employees time to exit the area.
Fire escape plan. A fire escape plan identifies the best path to take to exit the
building. Many organizations post the fire escape plan near the exit door. This gives
employees
Safety/emergency exits. Some exits are not used during normal activity, but
instead give personnel another exit in case of an emergency. These are typically alarmed
and the alarms go off anytime someone opens the exit. This discourages people from
opening them except for during an emergency.
Building layout. Employees should know the layout of a building so that they can
identify the best path to take in case of an emergency. As an example, personnel should
stairs instead of elevators during a fire, so they should know where the stairs are, even if
they dont use them regularly.
Fail open/fail close. During emergencies, exit doors should allow personnel to
open them so that they can exit. Understanding this, if power fails, the doors should fail in
an open (or unlocked) state allowing personnel to exit. In contrast, organizations may want
to ensure that entrance doors to secure areas fail in a closed state. This way, if the building
loses power, unauthorized people would not be able to enter the secure areas. Some exit
doors include a manual method of opening the door from the inside when power goes out
(providing a fail open state), while still preventing someone from opening the door from
the outside when power goes out (providing a fail close state).

Try This Conversion Answers


The following decimal numbers converted to four binary bits are:
1 is 0001
3 is 0011
5 is 0101
9 is 1001
The following hexadecimal numbers converted to four binary bits are:
4 is 0100
8 is 1000
b is 1011
e is 1110
See if you can convert the following octal numbers to three binary bits:
0 is 000
2 is 010
6 is 110
7 is 111

Chapter 1 Exam Topic Review


When preparing for the exam, ensure you understand these key concepts from this chapter.

Unicast, Multicast, and Broadcast


Unicast transmissions are one-to-one. A device sends a unicast transmission
from one device to one other device.
Broadcast transmissions are one-to-all. A device addresses a broadcast
transmission from one device to all other devices on a network. Hubs and
switches pass broadcast transmissions but routers do not pass most broadcast
transmissions.
Multicast transmissions are one-to-many. A device addresses a multicast
transmission from one device to several other devices. This allows a single
computer to address multiple devices with a single multicast address without
addressing all of them as a broadcast transmission does.

Common Network Components


Network clients or hosts include desktop personal computers, servers, printers, laptop computers,
smartphones, and tablets.
Switches or hubs connect network devices together in a single network.
Twisted pair cables such as CAT5e or CAT6 run between network clients and a switch or hub.
Routers connect networks together creating larger routed networks.
Firewalls protect a network from unauthorized users. They provide a layer of protection from Internet
threats and are typically located at a networks border between the private network and the Internet.
Routers and firewalls use access control lists (ACLs) to define network access. An ACL is a group of
rules.
Modems provide access to the Internet through an ISP. Two popular modem types are cable modems and
digital subscriber line (DSL) modems.
The order of network connectivity for a computer to the Internet is:
Computer -> Switch -> Router -> Firewall -> ISP -> Internet.
Switches forward broadcast traffic to all other ports but are selective with other traffic. Routers block
broadcast traffic.
Some important points to remember related to collision domains and broadcast domains are:
Hubs pass all traffic.
Devices connected to a hub are in a single collision domain and a single broadcast domain.
Switches segment unicast traffic and pass broadcast traffic.
Switches create a single broadcast domain and create separate collision domains for each port
on the switch.
Routers do not pass broadcast transmissions.
Routers create separate broadcast domains.
Half-duplex mode uses a single connection to send and receive data, but it cannot send and receive data
at the same time.
Full duplex mode uses a single connection with separate lines for sending and receiving. A system can
send and receive data at the same time with a full duplex mode connection.
Most interfaces support auto-negotiation and configure themselves to use the fastest mode and speed.
Connections fail if one device is manually set to half duplex and the other device is manually set to full
duplex.

PANs, LANs, WANs, and More


A personal area network (PAN) is a network of devices around a single person. Bluetooth is the primary
protocol used with a PAN.
A local area network (LAN) is a network of devices within a single location.

A wireless local area network (WLAN) connects devices without the need for cables.
A campus area network (CAN) is a network that connects multiple buildings in a small geographical
area, such as a university campus.
A metropolitan area network (MAN) is a group of networks spread across a larger geographical area
beyond the size of a campus.
A wide area network (WAN) is a group of two or more networks spread across a large geographical area.
A virtual private area network (VPN) is a connection to a private network over a public network such as
the Internet.

Network Topologies
Most organizations use a star topology to connect computers into a network. In a star topology, devices
connect to a central device such as a switch. The central device is a single point of failure for users
connected to the switch.
Ring topologies connect devices in a circle. Devices pass a token around the ring and devices are only
able to transmit data when they have the token. This methodology forces devices to wait before
communicating.
Fiber Distributed Data Interface (FDDI) is a type of ring network using fiber optic cable and two rings.
Each ring transmits data in the opposite direction providing redundancy for the network.
Some Synchronous Optical Networking (SONET) protocols use ring topologies.
Bus topologies connect devices together in a single line. The entire network fails if both ends of the bus
do not include terminators. A break anywhere in the bus takes down the entire network. The break
creates two separate networks and each network has only one terminator.
Computers in a peer-to-peer (P2P) network share information with each other. File sharing technologies
such as BitTorrent use P2P networks.

Basic Networks
One of the first steps when planning a basic network is to create a list of requirements.
A typical basic network uses a switch, a router, a firewall, a modem, and cables.
The modem provides Internet access through an Internet service provider (ISP).
A firewall provides a layer of protection for the basic network against Internet threats. A router and a
firewall are not needed if the basic network is not connected to the Internet.

A wireless network typically uses a wireless router instead of a switch and a


router and only requires cables for devices that cannot connect wirelessly.
Environment limitations are a primary consideration when identifying the best
location for networking devices. Ideally, youll be able to avoid interference and have adequate
power and air conditioning.

Numbering Systems
Decimals have a base of ten and other numbering systems are commonly
converted to or from decimal.
Binary has a base of two, with valid numbers of 0 and 1 only.
Octal has a base of eight, with valid numbers of 0 through 7. Octal numbers
are represented with three bits. For example, 101 is equal to five octal.
Hexadecimal has a base of 16, with valid numbers of 0 through 9 and a
through f. Hexadecimal numbers are represented with four bits. For example,
1001 is equal to nine hexadecimal.

Safety Issues
Devices should be turned off and unplugged before opening them.
Electrical grounds should not be disabled on networking devices.
Electrostatic discharge (ESD) can damage equipment. Technicians prevent
ESD damage with ESD wrist straps, antistatic bags, and ESD mats.
Material Safety Data Sheets (MSDSs) include important safety information
about potentially hazardous products. If a product causes an adverse reaction,
the MSDS will include first aid information to minimize the effects.
Fire suppression systems attempt to detect and extinguish fires before they get
out of control. Some remove the oxygen from a room, which can pose a risk
to personnel in the room.
Heating, ventilation, and air conditioning (HVAC) systems enhance the
availability of systems by controlling temperature and humidity.
Emergency procedures include alert systems, fire escape plans, safety and
emergency exits, and knowing the building layout. Additionally, its
important to consider safety when determining if doors should fail in an open
state or in a closed state.
Get Certified Get Ahead

Chapter 1 Practice Questions



1. Which of the following transmission methods allows a single computer to address data
transmissions to multiple computers on a network without addressing all the computers on
the network?
A. Unicast
B. Multicast
C. Broadcast
D. Switch

1. B is correct. One computer can address multiple computers on a network without


addressing all the computers with multicast data transmissions.
One computer can address one other computer with unicast transmissions.
One computer can address all other computers on a network with broadcast transmissions
and its important to remember that most broadcast transmissions are not passed by
routers.
Switches connect computers win a network but a switch is not a transmission method.

2. Of the following choices, what best defines network access?


A. Implicit deny
B. VPN
C. WAP
D. ACL

2. D is correct. An access control list (ACL) on a router or firewall is a group of rules that
defines network access.
An ACL often has an implicit deny rule at the end to effectively block all traffic that
hasnt been defined in previous rules, but the implicit deny rule doesnt define network
access.
A virtual private network (VPN) provides access to an internal private network over a
public network, and an ACL rule can allow or block VPN access.
A wireless access point (WAP) provides wireless devices access to a wired network. A
WAP can include an ACL but the WAP doesnt specifically define network access.

3. You are configuring a basic network. Which of the following is the BEST order of
devices?
A. PC -> Switch -> Router -> Firewall -> ISP
B. PC -> Firewall -> -> Router -> Switch -> ISP
C. PC -> Router -> ISP -> Firewall -> Switch
D. Switch -> PC -> ISP -> Firewall -> Router

3. A is correct. The order of connectivity from a PC to the Internet is the PC, a switch, a
router, a firewall, and then an Internet service provider (ISP) device such as modem.
PC -> Switch -> Router -> Firewall -> ISP
A basic network will typically have the firewall built into the router. A switch connects
computers in a network.
Routers connect networks, including basic networks, with the Internet.
While not part of this question, broadband networks include a modem and the
router/firewall connects to the modem before the ISP.

4. What is created by separate switch ports?


A. Collision domains
B. Broadcast domains
C. VLAN
D. ACL

4. A is correct. A switch creates separate collision domains between each port and the
device connected to the switchs port.
All devices connected to a switch are in the same collision domain, so separate switch
ports do not create different collision domains.
You can create separate virtual local area networks (VLANs) with a switch, but not all
switches support VLANs so this isnt the best answer
An access control list (ACL) is a group of rules used on a router or firewall to define
network access.

5. A company in Silicon Valley owns three buildings within walking distance of each other
and each of these buildings are connected via a single network What is the best name for
this network?
A. CAN
B. LAN
C. MAN
D. PAN

5. Answer: A is correct. A campus area network (CAN) is a network of multiple buildings, but in a limited area.

A local area network (LAN) connects computers in a limited area such as within a home or a single building.
A metropolitan area network (MAN) that spans a large area such as a city or a very large campus. While three buildings
might be described as a MAN, it is more accurate to call it a CAN because it is only a few buildings and the same
company owns the buildings.
A personal area network (PAN) is centered around a person.

6. Which of the following is a network topology?


A. Bust
B. Ethernet
C. Multicast
D. Star

6. D is correct. Star is a type of network topology. In a star topology, all devices connect to
each other via a central networking device such as a hub or a switch.
A bus topology connects all devices in a line but bust is not a valid network topology.
Ethernet is a type of technology not a topology.
Multicast is a type of data transmission that allows one device to send data to multiple
devices at a time without directly addressing each individually.

7. What type of network topology connects devices in a circle?


A. Bus
B. Mesh
C. Ring
D. Star

7. C is correct. The ring network (also known as a token ring network) topology connects
devices in a circle and passes a logical token around the circle.
A bus topology connects devices in a line.
A mesh topology uses multiple connections instead of a single circle.
Devices connect into a star topology via a central device such as a switch.

8. Computers within a network are only able to transfer data when they have access to a
logical token. What type of topology does this describe?
A. Star
B. Ring
C. Bus
D. MPLS

8. Answer: B is correct. Ring topologies (often called token ring) use a logical token and devices can only communicate
when they have access to the token. A ring topology is configured in a circle or ring.

Star topologies use a central device such as an Ethernet switch or a hub, which do not use tokens.
Bus topologies do not use tokens. They are rarely used on networks because a failure in one connection results in a
failure for all devices on the bus.
Multiprotocol Label Switching (MPLS) does not use tokens. MPLS is a wide area network (WAN) protocol that uses
labels to identify addressing paths.

9. You are a network technician for a small company. Another technician accidentally cut
one of the cables effectively separating the network into two networks. Of the following
choices, what type of network topology is this?
A. Bus
B. Mesh
C. Ring
D. Star

9. A is correct. Of the given choices, the only type of topology that separates a network
into two networks is the bus topology. This cable break results in all devices on the
network losing connectivity because of the two networks has only a single terminator.
A mesh network includes multiple redundant connections so a single break would not
affect the network.
In a ring network, the devices are connected in a circle so a single break doesnt create two
networks.
Devices connect to a central device such as a hub or a switch in a star network and a single
break does not create two networks.

10. A business owner hired you to help her create a basic network. Of the following
choices, what would you do FIRST?
A. Purchase a switch and access point supported by the ISP
B. Identify the operating systems used within the network
C. Create a list of requirements and constraints
D. Upgrade computers within the network

10. C is correct. One of the first steps when creating any network, including a basic
network, is to identify the requirements and constraints.
You should not purchase equipment until you identify what equipment is needed.
Most network devices are operating system independent so the type of operating systems
running on the computers might not be relevant, and certainly isnt as important as
creating a list of requirements and constraints.
The computers probably dont need to be upgraded but if they do, you would identify this
in your list of requirements and constraints.

11. You need to network six PCs together for a basic network. The business owner does
not want these devices to access the Internet. Which of the following items do you need?
(Select TWO.)
A. Switch
B. Router
C. Firewall
D. CAT6 cables

11. A and D are correct. You would connect the devices with cables (such as CAT6 or
CAT5e cables) and a switch.
The business owner doesnt want the devices to access the Internet so a router or a firewall
isnt needed.

12. You are helping a business owner set up a basic network and you have the following
equipment:
2 laptops with wired and wireless NICs
2 desktop PCs with wired and wireless NICs
2 Ethernet cables
1 wireless router with three physical ports
1 cable modem
The owner wants to connect as many systems as possible to the network and the Internet
using wired connections. The owner does not have a budget for any more equipment. How
should you configure the network?
A. Connect the wireless router to the modem with a cable. Connect two computers
to the router with a cable. Connect the two other computers to the wireless router
wirelessly.
B. Connect the modem to the wireless router with a cable. Connect two computers
to the modem with a cable. Connect the two other computers to the modem
wirelessly.
C. Connect the modem to the wireless router with a cable. Connect one computer to
the modem with a cable. Connect the three other computers to the modem
wirelessly.
D. Connect the wireless router to the modem with a cable. Connect one computer
to the router with a cable. Connect the three other computers to the wireless router
wirelessly.

12. D is correct. You would connect the wireless router to the modem with a cable.
Internet access is through the modem to an Internet service provider (ISP) in a basic
network. You would then connect one of the computers to the wireless router with the
second cable and connect the remaining computers to the wireless router using wireless
connections.
If you have only one computer, you could connect it directly to the modem but in order to
share the connection, you would need to connect the computers to the wireless router.
You only have two cables, so you only have one more cable to connect a computer to the
router with a wired connection.

13. You are helping a business owner set up small office network. Employees have ten
laptops, each with Wi-Fi capabilities. The office has a DSL line. What equipment needs to
be purchased? (Choose TWO.)
A. ISP
B. Wireless router
C. Modem
D. DSL balancer
E. Ten cables for the ten computers

13. B and C are correct. You would need to have a modem (more specifically, a digital
subscriber line (DSL) modem) to connect to the DSL line. Additionally, you would need
to have a wireless router to connect the ten laptops to the wireless router using wireless
capabilities. You would then connect the wireless router to the DSL modem.
A small business owner does not need to purchase an Internet service provider (ISP), but
would subscribe to Internet access through an ISP.
There is no such thing as a DSL balancer.
The ten wireless laptops connect wirelessly, so cables are not needed.

14. Your organization recently purchased another company. Several administrators have
inspected the server room at the new company and raised safety concerns. Specifically
they state that the server room has a system that can remove all oxygen from the room and
threaten the lives of anyone in the room. What is the purpose of this system?
A. ESD prevention
B. Safety of personnel
C. Temperature control
D. Fire suppression

14. Answer: D is correct. This scenario describes a fire suppression system.



An electrostatic discharge (ESD) prevention system includes tools and techniques to prevent ESD damage, but does not
include the ability to remove oxygen from a room.
Removing oxygen from a room does not preserve safety of personnel. A Material Safety Data Sheet (MSDS) provides
personnel with safety information about potentially hazardous materials, such as cleaning agents.
The Material Safety Data Sheet (MSDS) for the cleaning agent will provide the best information, such as first aid
treatment.
Heating and ventilation air conditioning (HVAC) systems maintain proper temperature and humidity. They do not
remove oxygen from a room.

15. A technician has had prolonged contact with a cleaning agent and is getting a rash.
Which of the following will provide the best information in this scenario?
A. SLA
B. MOU
C. SOW
D. MSDS

15. Answer: D is correct. The Material Safety Data Sheet (MSDS) for the cleaning agent will provide the best
information, such as first aid treatment.

A service level agreement (SLA) stipulates performance expectations, such as minimum uptime and maximum
downtime levels.
A memorandum of understanding (MOU) expresses an understanding between two or more parties indicating their
intention to work together toward a common goal.
A statement of work (SOW) identifies the scope of work for a contractor.


Get Certified Get Ahead

Sample Network+ Practice Test Questions


These additional practice test questions are from the CompTIA Network+ N10-006 Practice Test Questions (Get
Certified Get Ahead) [Kindle Edition]. This Kindle short did not cover these topics, but the CompTIA Network+ N10006 Practice Test Questions (Get Certified Get Ahead) [Kindle Edition] covers all of the objectives for the N10-006
exam with practice test questions and flashcards.

1. Users in the network are frequently downloading videos, which has been slowing down
overall network performance. Management wants to reduce the effect of streaming video
on the performance of the network, but not block video streaming completely. Which of
the following would administrators implement to define how much bandwidth video
streaming traffic can consume?
A. Traffic shaping
B. Proxy server
C. Content filter
D. Load balancer

1. Answer: A is correct. Traffic shaping can limit traffic on a network based on specific
protocols or types of traffic, such as limiting the amount of audio or video streaming. It
can also limit the traffic for specific users, or based on other needs for an organization. It
is often used as part of a quality of service (QoS) solution.

B is incorrect. A proxy server can block access to sites that stream audio and video using
content-filtering techniques. However, it can only allow or block the traffic, not allow a
certain amount of bandwidth as traffic shaping does.
C is incorrect. A content filter can allow or block traffic based on the content, but it
doesnt include the ability to shape the traffic by allowing a limited amount of bandwidth
for any type of traffic.
D is incorrect. A load balancer can balance the load for multiple devices, but it cannot
shape the traffic.

Objective: 1.1 Explain the functions and applications of various network devices.

2. You need to add the capability to filter Internet traffic through a firewall based on
keywords defined by a company. What would you use?
A. An implicit deny firewall
B. A content filter
C. An ACL
D. A stateful inspection firewall

2. Answer: B is correct. A content filter can filter traffic based on keywords or web site
addresses. Some firewalls include the ability to filter traffic with a built-in content filter.

A is incorrect. Firewalls use an implicit deny philosophy where they block all traffic
except for traffic that has been explicitly allowed. An implicit deny philosophy does not
provide content filtering.
C is incorrect. An access control list (ACL) on a firewall identifies traffic that is allowed
or blocked based on IP addresses, ports, and protocols, but cannot be used to block traffic
based on keywords.
D is incorrect. A stateful inspection firewall can block or allow traffic based on the state of
a connection, but not based on keywords. For example, if a packet has been allowed into a
network, a stateful inspection firewall will allow the returned traffic out of the firewall.

Objective: 1.1 Explain the functions and applications of various network devices.

3. You are configuring an application that will automate monitoring of network devices.
You need to ensure the application and the network devices use a secure protocol. Which
of the following is the BEST choice?
A. SNMPv3
B. SMTP
C. Syslog
D. SIEM

3. Answer: A is correct. Simple Network Management Protocol version 3 (SNMPv3) is a


secure protocol used to monitor and remotely monitor network devices and is the best
choice.

B is incorrect. Simple Mail Transfer Protocol (SMTP) is used for sending email, not
monitoring network devices.
C is incorrect. Syslog can be used to centrally manage logging from multiple devices,
including multiple servers, but SNMPv3 is a better choice when monitoring network
devices.
D is incorrect. A Security Information and Event Management (SIEM) system collects
events in real time and raises alerts. It is not a protocol used to manage network devices.

Objective: 2.1 Given a scenario, use appropriate monitoring tools.

4. Management recently updated the security policy and added the following requirement:
All network infrastructure devices (such as routers, firewalls, and security appliances)
must send system-level information to a single server. What should administrators
implement to ensure they can review this information?
A. An SSO server
B. A RADIUS server
C. An 802.1x server
D. A syslog server

4. Answer: D is correct. Syslog is a message-logging standard. A syslog server is a


centralized server that can collect logs from multiple devices, and it includes the ability to
filter and analyze the entries.

A is incorrect. Single sign-on (SSO) allows users to log on once and be able to access
multiple resources without logging on again. It is unrelated to logging.
B is incorrect. A Remote Authentication Dial-In User Service (RADIUS) provides a
centralized authentication service, and it isnt used to collect logs from network devices.
C is incorrect. RADIUS is often used as an 802.1x server, and it can prevent users from
accessing a network until they log on. 802.1x does not collect logs from network devices.

Objective: 2.1 Given a scenario, use appropriate monitoring tools.

5. You need to set up a wireless network for customers so that they can access the Internet.
However, you do not want the customers to be able to access the companys network.
What should you set up?
A. DMZ
B. VTP
C. 802.1x server
D. Guest network

5. Answer: D is correct. A guest network allows customers to access the Internet without
being able to access an internal network.

A is incorrect. A demilitarized zone (DMZ) provides some protection for Internet-facing
servers, but wont grant customers access to the Internet.
B is incorrect. The VLAN Trunk Protocol (VTP) is a Cisco protocol that transmits VLAN
information to all switches on the network. It will not provide customers access to the
Internet.
C is incorrect. An 802.1x server can require users to authenticate before granting them
access to a network. However, customers would not have user accounts, so would not be
able to authenticate.

Objective: 3.6 Explain the purpose of various network access control models.

6. While troubleshooting an issue on a users computer, a technician discovers several


videos that are not work related and might be illegal. What should the technician do?
A. Contact the police.
B. Create a forensic report.
C. Escalate the event.
D. Create a chain-of-custody document.

6. Answer: C is correct. The technician should escalate the incident based on the
organizations policies. In most cases, the technician would escalate the incident to a
manager or supervisor.
A is incorrect. It is not appropriate for the technician to contact the police unless there is
some type of threat to people. Also, the technician doesnt know if the videos are illegal.
Management might choose to call the police later.
B is incorrect. Forensic experts would create a forensic report after performing a forensic
investigation. However, there is no indication an investigation has been performed.
D is incorrect. The technician should create a chain-of-custody document if evidence was
collected, but no evidence was collected in this scenario.

Objective: 3.7 Summarize basic forensic concepts.

7. You are troubleshooting a network problem that is preventing a user from accessing any
resources outside the network. You theorize that the default gateway was configured
incorrectly and test the system with ipconfig to verify your theory. What should you do
next?
A. Identify the problem.
B. Establish a plan of action to resolve the problem and identify potential effects.
C. Implement the solution or escalate as necessary.
D. Document findings, actions, and outcomes.

7. Answer: B is correct. The CompTIA troubleshooting model specifies that you should
establish a plan of action to resolve the problem after establishing and testing a theory. In
this case, the solution would be to reconfigure the default gateway correctly.

A is incorrect. The first step is to identify the problem and this was done by gathering
information and identifying the symptoms.
C is incorrect. Before implementing the solution, a plan of action is established to
determine any potential effects.
D is incorrect. The last step of the CompTIA troubleshooting model is documentation.

Objective: 4.1 Given a scenario, implement the following network troubleshooting
methodology.

8. You maintain a wireless network that is using MAC filtering to restrict access. You
suspect that attackers have discovered MAC addresses and are spoofing them to gain
access. What would they have used to discover these MAC addresses?
A. Firewall
B. Protocol analyzer
C. Multimeter
D. OTDR

8. Answer: B is correct. A protocol analyzer (also called a sniffer) can capture and analyze
packets to discover the allowed media access control (MAC) addresses. Wireless attackers
use wireless sniffers to capture wireless traffic to identify specific information, such as the
service set identifier (SSID) and allowed MAC addresses.

A is incorrect. The firewall provides some protection against attacks, but the attackers
would not use it to discover MAC addresses.
C is incorrect. Technicians use multimeters to take measurements such as voltage
measurements or continuity checks.
D is incorrect. An optical time domain reflectometer (OTDR) can identify the location of a
break in a fiber-optic cable.

Objective: 4.2 Given a scenario, analyze and interpret the output of troubleshooting tools.

9. Ten computers are connected in a network via a switch. However, two computers are
unable to communicate with any other computers in this network. Using a sniffer, you
capture some traffic that includes the following output:

On which layer of the OSI model is this problem located?


A. Physical
B. Transport
C. Data Link
D. Network

9. Answer: D is correct. The problem is occurring on the Network layer (Layer 3) of the
Open Systems Interconnection (OSI) model. The table shows that two different computers
have the same source IP address. You can tell that they are different computers because
they have different source media access control (MAC) addresses.

A is incorrect. The Physical layer (Layer 1) sends data out as bits, but this question is
using IP and MAC addresses.
B is incorrect. The Transport layer (Layer 4) uses Transmission Control Protocol (TCP) or
User Datagram Protocol (UDP) ports to identify traffic, but the scenario doesnt mention
ports.
C is incorrect. The Data Link layer (Layer 2) uses media access control (MAC) addresses,
but the scenario doesnt indicate any problem with the MAC addresses.

Objective: 5.1 Analyze a scenario and determine the corresponding OSI layer.

10. Users are reporting errors accessing some web sites. Youve verified that you can
access GetCertifiedGetAhead.com, but you are unable to access web sites that require you
to log on. What is the MOST likely problem?
A. TCP port 53 is blocked at the network firewall.
B. UDP port 67 is blocked at the network firewall.
C. TCP port 80 is blocked at the network firewall.
D. TCP port 443 is blocked at the network firewall.

10. Answer: D is correct. Hypertext Transfer Protocol Secure (HTTPS) is used for secure
transactions such as when logging on to a web site or making purchases. HTTPS uses port
443, so it is likely blocked at the firewall.

A is incorrect. Domain Name System (DNS) uses port 53 by default, but there is not a
problem with DNS. It uses Transmission Control Protocol (TCP) port 53 when doing zone
transfers between DNS servers and User Datagram Protocol (UDP) port 53 when
responding to DNS queries.
B is incorrect. Dynamic Host Configuration Protocol (DHCP) uses UDP ports 67 and 68
by default, but a problem with DHCP isnt indicated.
C is incorrect. HTTP uses port 80 by default, but HTTP is working.

Objective: 5.5 Given a scenario, implement the appropriate policies or procedures.

Sample Network+ Flashcards


These flashcards are from the CompTIA Network+ N10-006 Practice Test Questions (Get Certified Get Ahead)
[Kindle Edition]. This Kindle short did not cover these topics, but the CompTIA Network+ N10-006 Practice Test
Questions (Get Certified Get Ahead) [Kindle Edition] covers all of the objectives for the N10-006 exam with practice
test questions and flashcards.


Q. What is the range of Class A addresses?

A. 1.0.0.0 to 126.255.255.254

Q. What type of address is this: 01:23:45:ab:cd:ef?


A. Media access control (MAC) or hardware address


Q. What protocol provides power on a twisted-pair cable?


A. PoE, 802.3af

PoE is an acronym for Power over Ethernet.

Q. Where should updates for production servers be applied first?


A. To a test server that mimics the production server

Q. What type of filter allows SMTP traffic through a firewall?


A. Port filter (blocking TCP port 25)



SMTP is an acronym for Simple Mail Transfer Protocol.

Q. What protocol resolves IP addresses to MAC addresses?


A. ARP

ARP is an acronym for Address Resolution Protocol.
MAC is an acronym for media access control.

Q. What software tool is used to measure RTTs?


A. Tracert

RTT is an acronym for round trip time.

Q. What is the first step in the CompTIA troubleshooting model?


A. Identify the problem (gather information, identify symptoms, question users, and
determine if anything has changed).
The steps are:
Identify the problem
Establish a theory of probable cause
Test the theory to determine cause
Establish a plan of action to resolve the problem and identify potential effects
Implement the solution or escalate as necessary
Verify full system functionality and if applicable implement preventative measures
Document findings, actions, and outcomes

Q. What port is used when resolving host names to IP addresses?


A. UDP 53

DNS is an acronym for Domain Name System.
DNS uses User Datagram Protocol (UCP) port 53 for name resolution.
DNS uses the Transmission Control Protocol (TCP) port when transferring information
between DNS servers.

Q. Which wireless standard(s) use MIMO?


A. 802.11n and 802.11ac



MIMO is an acronym for multiple-input, multiple-output.

Appendix AAcronym List


This acronym list provides you with a quick reminder of many of the different Network+ related terms along
with a short explanation.

NumericTopics in Acronym List


802.2Logical Link Control. A specification that defines how the Data Link layer
interacts with the Network layer of the OSI model.
802.3Ethernet. A group of standards used to define a wide range of cables and
connections.
802.3afPower over Ethernet (PoE). A standard that delivers power to devices over an
Ethernet cable. Compare to 802.3at.
802.3atPower over Ethernet plus (PoE+). A standard that delivers power to devices
over an Ethernet cable. 802.3at provides up to 25.5 W of power. In contrast, 802.3af
provides up to 15.4 W of power.
802.5Token Ring networks. A type of network that uses a special 3-byte frame as a
logical token. The logical token is passed around to devices in the ring and devices can
only transmit data when they have the token.
802.11Group of wireless technologies. Network+ focuses on 802.11a, 802.11b, 802.11g,
802.11n, and 802.11ac.
802.11aAn early wireless standard with a maximum speed of 54 Mbps using the 5-GHz
frequency range. It has the shortest range compared with other 802.11 standards.
802.11acThe newest wireless standard with a theoretical maximum of 1 Gbps, which
can use the 2.4-GHz and 5-GHz frequency ranges. Its an update over the 802.11n
standard.
802.11bAn early wireless standard with a maximum speed of 11 Mbps using the 2.4GHz frequency range. It has a relatively short range.
802.11gA wireless standard with a maximum speed of 54 Mbps using the 2.4-GHz
frequency range and range slightly better than 802.11b.
802.11nA new wireless standard with a maximum speed of 600 Mbps, which can use
the 2.4-GHz and 5-GHz frequency ranges and has a longer range than 802.11g. 802.11n
uses MIMO.

ATopics in Acronym List


A recordIPv4 host name record. This isnt actually an acronym, but it looks like one. It
identifies a specific type of record used in DNS servers to resolve host names to IPv4
addresses. Compare to AAAA, CNAME, MX, and PTR DNS records.

AAAAuthentication, authorization, and accounting. Authentication verifies a users


identification. Authorization determines if a user should have access. Accounting tracks a
users access with logs. AAA protocols are used in remote access systems. For example,
TACACS+ is an AAA protocol that uses multiple challenges and responses during a
session.
AAAA recordIPv6 host name record. This isnt actually an acronym, but it looks like
one. It identifies a specific type of record used in DNS servers to resolve host names to
IPv6 addresses. Compare to A, CNAME, MX, and PTR DNS records.
ACAlternating current. Power received from a commercial power company. Compare
to DC.
ACLAccess control list. A group of rules on routers and firewalls that define what
traffic the router or firewall will allow or deny.
ADSLAsymmetric digital subscriber line. A specific type of DSL line typically used for
Internet access. ADSL lines have different speeds for the upload and download links. The
download link is normally faster than the upload link. Compare to DSL and SDSL.
AESAdvanced Encryption Standard. A strong encryption algorithm used to encrypt data
and provide confidentiality. AES is quick, highly secure, and used in a wide assortment of
cryptography schemes.
AHAuthentication Header. IPsec includes both AH and ESP. AH provides
authentication and integrity, and ESP provides confidentiality, integrity, and
authentication. AH is identified with protocol number 51.
APAccess point. A device used to connect wireless devices to a wired network. A
wireless router includes an AP and additional capabilities. Sometimes called a wireless
access point (WAP).
APCAngle polished connector. A connector used with fiber cables. The fiber is
polished at an 8- or 9-degree angle to prevent the fiber core from capturing reflections.
APIPAAutomatic Private Internet Protocol Addressing. Used by some DHCP clients to
automatically assign an IP address when the client does not receive a response from a
DHCP server. APIPA addresses start with 169.254 such as 169.254.3.4.
APTAdvanced persistent threat. A group that has both the capability and intent to
launch sophisticated and targeted attacks. APTs are typically sponsored by a government.
ARINAmerican Registry for Internet Numbers. A Regional Internet Registry (RIR) that
manages the distribution of IPv4 and IPv6 addresses in the United States, Canada, and
several islands. It is one of five worldwide RIRs.
ARPAddress Resolution Protocol. Resolves IP addresses to MAC addresses. Compare
this to DNS, which resolves host names to IP addresses. ARP operates on the Network
layer (Layer 3) of the OSI model. The arp command-line tool is different than ARP (the

protocol). You can view the ARP cache with the arp command.
ASAutonomous system. A collection of connected Internet Protocol (IP) routing
prefixes. Regional Internet Registries manage the distribution of AS prefixes along with
IPv4 and IPv6 addresses.
ASCIIAmerican Standard Code for Information Interchange. A standard used to define
codes for specific characters. ASCII is defined on the Presentation layer (Layer 6) of the
OSI model.
ASICApplication-specific integrated circuit. Hardware used in Layer 3 switches to
mimic the functionality of a router.
ASPApplication service provider. A business that provides a software application to one
or more organizations. An organization providing Software as a Service (SaaS) cloudbased applications is an ASP.
ATMAsynchronous Transfer Mode. A group of telecommunications standards used to
transfer voice, data, and video signals. ATM uses small, fixed-size cells. ATM operates on
the Data Link layer (Layer 2) of the OSI model.
AUPAcceptable Use Policy. An AUP defines proper system usage. It will often
describe the purpose of computer systems and networks, how users can access them, and
the responsibilities of users when accessing the systems.

BTopics in Acronym List


BERTBit-error rate test. A testing tool that measures the number of bit errors as a
percentage of the total bits transmitted.
BGPBorder Gateway Protocol. A protocol used on the Internet and with WANs that
maintain multiple links. Replaced EGP.
BLEBluetooth low energy. Also called Bluetooth Smart. It is a Bluetooth technology
that uses less power than traditional Bluetooth, but has enough range for a personal area
network (PAN).
BNCBritish Naval Connector/Bayonet Neill-Concelman. A twist-on connector used
with coaxial cable.
BootPBoot protocol/Bootstrap protocol. The predecessor of DHCP. It assigns IP
addresses to clients after they boot. Some imaging systems still use BootP.
BPDUBridge protocol data unit. Data sent to switches with information about the
Spanning Tree Protocol (STP). Data is sent on Layer 2 as frames.
BRIBasic rate interface. Part of an Integrated Services Digital Network (ISDN)
configuration. BRI contains two bearer channels (B channels) of 64 Kbps and one data
channel (D channel) of 16 Kbps.
BSSIDBasic service set identifier. The MAC address of an access point. The BSSID
identifies individual access points within a wireless network that includes multiple access
points. Compare to SSID and ESSID.

CTopics in Acronym List


CACertificate Authority. An organization that manages, issues, and signs certificates
and is part of a PKI. Servers configured to issue certificates are also referred to as a CA.
Certificates include public keys along with details on the owner of the certificate and on
the CA that issued the certificate. Certificate owners share their public key by sharing a
copy of their certificate.
CAMChannel access method. A method used to allow multiple systems to share a
single transmission media. CDMA and CSMA are examples.
CANCampus area network. A network that connects multiple buildings in a small
geographical area, such as a university campus. Compare to LAN, MAN, PAN, and WAN.
CARPCommon Address Redundancy Protocol. A protocol that allows multiple hosts
on a network to share a set of IP addresses for failover redundancy. It is used with
firewalls and routers and provides functionality similar to VRRP and HSRP.
CATShort for category. Used to identify various twisted-pair cable categories, such as
CAT5 and CAT6. CompTIA objectives list this as an acronym for computer and telephone,
but this isnt common usage.
CCTVClosed-circuit TV. This is a detective control that provides video surveillance.
Video surveillance provides reliable proof of a persons location and activity. It is also a
physical security control and it can increase the safety of an organizations assets.
CDMACode division multiple access. An access method used for radio
communications. CDMA is used by some mobile phone standards such as 3G.
CHAPChallenge Handshake Authentication Protocol. Authentication mechanism where
a server challenges a client. More secure than PAP and uses PPP. MS-CHAPv2 is an
improvement over CHAP and uses mutual authentication.
CIDRClassless Inter-Domain Routing. Method of allocating IP addresses used in place
of classful IP addresses. CIDR notation uses a slash and a number (such as /24) to indicate
how many bits are a 1 in the subnet mask. For example, /24 indicates the subnet mask is
255.255.255.0. The CompTIA objectives list this as Classless Inter-Domain Routing, but
RFCs include a hyphen showing it as Inter-Domain.
CNAMECanonical Name. This isnt actually an acronym, but it looks like one. It
identifies a specific type of record used in DNS servers as an alias. It allows DNS to
provide the same IP address for different host names. Compare to A, AAAA, CNAME,
MX, and PTR DNS records.
COSClass of service. A 3-bit field in some Ethernet frames used to identify specific
types of traffic. Traffic shaping mechanisms manipulate these bits to assign class levels
from 0 to 7 and use these levels to give priorities to certain types of traffic. Compare to
TOS and DSCP.
CPUCentral processing unit. The primary chip that controls processing within a
computer.

CRAM-MD5Challenge-Response Authentication Mechanism-Message Digest 5. An


alternative to transmitting passwords in plaintext. It provides a level of confidentiality for
passwords.
CSMA/CACarrier Sense Multiple Access/Collision Avoidance. An access method used
with 802.11 wireless networks. Devices attempt to avoid collisions by monitoring
transmissions on the frequency channel.
CSMA/CDCarrier Sense Multiple Access/Collision Detection. An access method used
with wired networks. Devices are able to detect collisions and resend data after waiting a
random amount of time.
CSUChannel Service Unit. Provides the digital interface connecting the network device
(such as a router) to the digital circuit (such as a T-1). You will often see this paired as
CSU/DSU, but the CompTIA acronym list shows them separately. The DSU provides the
digital interface connecting the digital circuit back to the network device.
CWDMCourse wave division multiplexing. Wave division multiplexing transmits
multiple channels of data over a single fiber-optic cable using different wavelengths (or
colors) of laser light. CWDM uses up to eight channels.

DTopics in Acronym List


dBDecibel. A measurement unit for electronics and sound.
dBiDecibel isotropic. Identifies the gain of an omnidirectional antenna. References the
hypothetical isotropic antenna, which can theoretically transmit signals equally in all
directions at the same time.
dBmDecibel milliwatt. Refers to the power ratio of decibels referenced to 1 milliwatt
(mW). It is often used to identify the signal strength of a WAP.
DCDirect current. Power created by power supplies. Power supplies receive AC power
and provide DC power as an output. Compare to AC.
DCSDistributed computer system. An application system that has components
distributed among multiple networked computers. For example, a two-node DCS can have
one node running one subroutine while the second node runs a second subroutine. A DCS
can have hundreds, thousands, or even millions of nodes.
DDoSDistributed denial of service. An attack on a system launched from multiple
sources intended to make a computers resources or services unavailable to users. DDoS
attacks are often launched from zombies in botnets. DDoS attacks typically include
sustained, abnormally high network traffic. A performance baseline helps administrators
detect a DDoS. Compare to DoS.
DHCPDynamic Host Configuration Protocol. Provides clients with IP addresses and
other TCP/IP configuration information such as the address of a DNS server and the
default gateway. DHCP issues a range of IP addresses in a network (called a scope). It can
reserve specific IP addresses for specific clients based on the clients MAC address. DHCP
uses ports 67 and 68.

DLCData link control. The service provided by the Data Link layer of the OSI model.
DLPData leak prevention or data loss prevention. A network-based DLP system can
examine and analyze network traffic. It can detect if confidential company data or any PII
data is included in email and reduce the risk of internal users emailing sensitive data
outside the organization. End-point DLP systems can prevent users from copying or
printing sensitive data.
DMZDemilitarized zone. Area separating the Internet and an internal network with one
or more firewalls. A DMZ provides a layer of protection for Internet-facing servers. It
allows access to a server or service for Internet users while segmenting and protecting
access to the internal network.
DNATDestination Network Address Translation. A form of NAT that changes the
destination IP address for incoming traffic. It is used for port forwarding.
DNSDomain Name System. DNS uses port 53 and resolves host names to IP addresses.
The CompTIA objectives also spell DNS out as Domain Name Service and Domain Name
Server, but these arent commonly used. A DNS server runs the DNS service.
DOCSISData-Over-Cable Service Interface Specification. An international
telecommunications standard used for high-bandwidth data transfer over cable TV.
DoSDenial of service. An attack from a single source that attempts to disrupt the
services provided by another system. Examples include SYN Flood, smurf, and some
buffer overflow attacks. Compare to DDoS.
DS3 Digital Signal 3. Also known as a T-3 leased line.
DSCPDifferentiated services code point. A method of classifying services for a quality
of service (QoS) solution. DSCP uses 6 bits in the IP header to classify the data. Compare
to COS and TOS.
DSLDigital subscriber line. A family of technologies used for Internet access. Many
small networks use a DSL modem to access the Internet through a local phone company. It
is much faster than traditional dial-up modems, but not as fast as broadband cable
modems. Most DSL Internet lines are asymmetric (ADSL), with the download link much
faster than the upload link. Compare to ADSL, SDSL, and XDSL.
DSSSDirect sequence spread spectrum. A wireless standard that transmits data over the
spectrum of the channel. DSSS isnt as efficient as OFDM and doesnt support faster
speeds. 802.11b uses DSSS and only supports speeds up to 11 Mbps. Compare to DSSS
and OFDM.
DSUData Service Unit. Provides the digital interface connecting the digital circuit back
to the network device. You will often see this paired as CSU/DSU, but the CompTIA
acronym list shows them separately. The CSU provides the digital interface connecting the
network device (such as a router) to the digital circuit (such as a T-1).
DWDMDense wavelength division multiplexing. Type of multiplexing over fiber-optic
cable. Wave division multiplexing transmits multiple channels of data over a single fiber-

optic cable using different wavelengths (or colors) of laser light. DWDM typically
supports up to 40 channels. Compare to CWDM.

ETopics in Acronym List


E1E-Carrier Level 1. Similar to T-1, but for countries outside the United States,
Canada, and Japan. E1 provides 2.048 Mbit/s of bandwidth.
EAPExtensible Authentication Protocol. An authentication framework that provides
general guidance for authentication methods. Variations include EAP-TLS, EAP-TTLS,
LEAP, and PEAP.
EAP-TLSExtensible Authentication Protocol-Transport Layer Security. An extension
of EAP sometimes used with 802.1x. This is one of the most secure EAP standards and is
widely implemented. EAP-TLS requires certificates on the 802.1x server and on each of
the wireless clients.
EAP-TTLSExtensible Authentication Protocol-Tunneled Transport Layer Security. An
extension of EAP sometimes used with 802.1x. It allows systems to use some older
authentication methods such as PAP within a TLS tunnel. It requires a certificate on the
802.1x server but not on the clients.
EBCDICExtended Binary Coded Decimal Interchange Code. A standard used to define
codes for specific characters. It is defined on the Presentation layer (Layer 6) of the OSI
model.
EDNSExtension mechanisms for Domain Name System (DNS). A method that allows
extending DNS as needed. As an example, EDNS supports increasing DNS security such
as with DNS Security Extensions (DNSSEC).
EGPExterior Gateway Protocol. An obsolete routing protocol previously used on the
Internet. Replaced by BGP.
EIA/TIAElectronic Industries Alliance/Telecommunication Industries Association.
Organizations that help create telecommunications standards. For example, TIA/EIA-568
defines cabling standards.
EMIElectromagnetic interference. Interference caused by motors, power lines, and
fluorescent lights. STP cables help protect signals from EMI. Fiber-optic cable is immune
to EMI. Compare to RFI.
ESDElectrostatic discharge. Release of static electricity. ESD can damage equipment
and low humidity causes a higher incidence of electrostatic discharge (ESD).
ESSIDExtended service set identifier. Another name for the SSID. An extended basic
service set includes all of the basic service sets (the access points identified by their MAC
addresses) in a wireless network.
ESPEncapsulating Security Payload. IPsec includes both AH and ESP. AH provides
authentication and integrity, and ESP provides confidentiality, integrity, and

authentication. ESP is identified with protocol number 50. The CompTIA objectives list
this as Encapsulated Security Packets, but RFCs define it as Encapsulating Security
Payload.
EUIExtended unique identifier. Refers to EUI-64.
EUI-64Extended Unique Identifier-64. A 64-bit hardware address used with IPv6
instead of the 48-bit MAC address used with IPv4. EUI-64 is defined on the Data Link
layer (Layer 2) of the OSI model.

FTopics in Acronym List


FCFibre channel. High-speed standard commonly used in storage area networks. Fibre
channel originally used only fiber cable, but upgrades to the standard allowed the use of
copper cables. Fibre looks like a typo but was selected to differentiate it from fiber cable.
FCoEFibre Channel over Ethernet. A lower-cost alternative to traditional SANs. It
supports sending Fibre Channel commands over an IP network.
FDDIFiber Distributed Data Interface. A type of ring network topology using fiberoptic cable. FDDI networks use a logical token and two rings. Data travels in opposite
directions for each of the rings providing fault tolerance.
FDMFrequency division multiplexing. A standard that transmits data over several
different frequencies at the same time. For example, cable TV transmits multiple
television channels over the same cable.
FHSSFrequency hopping spread spectrum. A wireless standard that transmits data over
the spectrum of the channel, but in a pseudorandom pattern. Bluetooth uses a sub-type of
FHSS. Compare to DSSS and OFDM.
FMFrequency modulation. The process of encoding information by varying the
frequency of the carrier wave.
FQDNFully qualified domain name. An FQDN includes the host name of a system and
the domain name. For example, a computer named Server1 in the domain
GetCertifiedGetAhead.com has a FQDN of Server 1.GetCertifiedGetAhead.com.
FTPFile Transfer Protocol. Used to upload and download files to and from an FTP
server. FTP uses ports 20 and 21. Secure FTP (SFTP) uses SSH for encryption on port 22.
FTP is defined on the Application layer (Layer 7) of the OSI model.
FTPSFile Transfer Protocol Security. An extension of FTP that uses TLS to encrypt
FTP traffic. Some implementations of FTPS use TCP ports 989 and 990.

GTopics in Acronym List


GBICGigabit interface converter. A transceiver used to connect twisted-pair Ethernet
cables with fiber cables.
GbpsGigabits per second. A data transfer rate indicating how many billions of bits are
transferred each second. If the b is capitalized (as in GBps), it indicates how many billions

of bytes are transferred. A byte is 8 bits.


GPGGNU Privacy Guard. Free software based on the OpenPGP standard and used to
encrypt and decrypt files. It is similar to PGP, but avoids any conflict with existing
licensing by using open standards.
GREGeneric routing encapsulation. A tunneling protocol developed by Cisco Systems.
GSMGlobal System for Mobile Communications. A standard used for digital cellular
networks. Commonly called 2G.

HTopics in Acronym List


HDLCHigh-level data link control. A synchronous Data Link layer protocol based on
IBMs Synchronous Data Link Control (SDLC). The current standard is ISO 13239.
HDMIHigh-definition multimedia interface. A connector for high-quality audio/video
cables. TVs and computer monitors commonly include an HDMI interface to provide
quality audio and video.
HIDSHost detection system. An IDS used to monitor an individual server or
workstation. It protects local resources on the host such as the operating system files, and
in some cases, it can detect malicious activity missed by antivirus software.
HIPSHost intrusion prevention system. An extension of a host-based IDS. Designed to
react in real time to catch an attack in action.
HSPAHigh Speed Packet Access. A combination of High Speed Downlink Packet
Access and High Speed Uplink Packet Access. HSPA improved 3G cellular networks.
HSRPHot Standby Router Protocol. A Cisco proprietary protocol that allows multiple
routers to appear as a single virtual router. One router is active and one or more other
routers are standby routers. If the active router fails, a standby router can take over
automatically. RFC 2281 describes HSRP.
HTHigh throughput or high throughput computing. Refers to using multiple computing
resources to perform a task over a long period of time.
HTMLHypertext Markup Language. Language used to create web pages served on the
Internet. HTTP/HTTPS transmits HTML documents over the Internet and web browsers
display HTML documents.
HTTPHypertext Transfer Protocol. Used to transmit web traffic on the Internet and in
intranets. HTTP uses TCP port 80.
HTTPSHypertext Transfer Protocol Secure. Encrypts HTTP traffic with TLS using
TCP port 443.
HVACHeating, ventilation, and air conditioning. HVAC systems regulate temperature
and humidity within an area.
HzHertz. A standard defining a unit of frequency. 1 Hz is one cycle per second.

ITopics in Acronym List

IaaSInfrastructure as a Service. A cloud computing technology that allows an


organization to rent access to hardware. It provides customers with access to hardware in a
self-managed platform. Customers are responsible for keeping an IaaS system up to date.
Compare to PaaS and SaaS.
IANAInternet Assigned Number Authority. Part of ICANN. IANA oversees Internet IP
address allocation, autonomous system number allocation, well-known ports, protocol
number assignments, and management of the DNS root zone.
ICAIndependent Computing Architecture. A Citrix Systems proprietary protocol used
for serving applications to systems remotely. CompTIA lists this as Independent Computer
Architecture, but this isnt common usage.
ICANNInternet Corporation for Assigned Names and Numbers. An organization that
coordinates and manages Internet namespaces, IP addresses, and Internet Protocol
identifiers. Compare to IANA.
ICMPInternet Control Message Protocol. Used for diagnostics such as ping. ICMP is
defined on the Network layer (Layer 3) of the OSI model. Ping sends ICMP echo requests
and receives ICMP echo replies.
ICSIndustrial control system. Refers to a system used to control production equipment.
Supervisory Control and Data Acquisition (SCADA) systems are a type of ICS.
ICSInternet connection sharing. Process of sharing a single Internet connection with
multiple computers. As an example, you can create a hot spot with an iPhone and share
the connection with other systems.
IDFIntermediate distribution frame. A signal distribution frame used to connect
equipment within an organization. Compare to MDF.
IDSIntrusion detection system. A detective control used to detect attacks after they
occur. Monitors a network (NIDS) or host (HIDS) for intrusions and provides ongoing
protection against various threats. IDSs include sniffing capabilities.
IEEEInstitute of Electrical and Electronics Engineers. International organization with a
focus on electrical, electronics, and information technology topics. IEEE standards are
well respected and followed by vendors around the world.
IGMPInternet Group Management Protocol. Used for multicasting. Computers
belonging to a multicasting group have a multicasting IP address in addition to a standard
unicast IP address. IGMP is defined on the Network layer (Layer 3) of the OSI model. The
CompTIA objectives list this as Internet Group Multicast Protocol, but this isnt a common
usage.
IGPInterior Gateway Protocol. A routing protocol used to exchange routing information
within a private network. OSPF, RIP, and IS-IS are examples of IGPs.
IKEInternet Key Exchange. Used with IPsec to create a secure channel over port 500 in
a VPN tunnel.
IMAP4Internet Message Access Protocol version 4. Used to store email on servers and

allow clients to manage their email on the server. IMAP4 uses TCP port 143.
InterNICInternet Network Information Center. An organization that was previously
responsible for domain name allocations and X.500 directory services. ICANN has
assumed InterNIC responsibilities.
IPInternet Protocol. A core protocol within the TCP/IP protocol suite. Both IPv4 and
IPv6 are in use today. IP is defined on the Network layer (Layer 3) of the OSI model.
IPSIntrusion prevention system. A preventive control that will stop an attack in
progress. It is similar to an active IDS except that its placed in-line with traffic. An IPS
can actively monitor data streams, detect malicious content, and stop attacks in progress. It
can be used internally to protect private networks, such as those holding SCADA
equipment.
IPsecInternet Protocol security. Used to encrypt traffic on the wire and can operate in
both tunnel mode and transport mode. It uses tunnel mode for VPN traffic. IPsec is built in
to IPv6, but can also work with IPv4 and it includes both AH and ESP. IPsec is defined on
the Network layer (Layer 3) of the OSI model.
IPv4Internet Protocol version 4. A popular version of IP that uses 32 bits to identify
hosts. Addresses are typically displayed in a dotted decimal format such as this:
192.168.1.5. Each decimal is separated by dots and represents 8 bits. IPv4 is defined on
the Network layer (Layer 3) of the OSI model.
IPv6Internet Protocol version 6. A newer version of IP that uses 128 bits to identify
hosts. Addresses are represented in hexadecimal format with eight groups of four
hexadecimal characters similar to this: FE80:0000:0000:0000:20D4:3FF7:003F:DE62.
The same address can be shortened as: FE80::20D4:3FF7:3F:DE62. IPv6 is defined on the
Network layer (Layer 3) of the OSI model.
ISAKMPInternet Security Association and Key Management Protocol. A protocol used
to establish Security Associations. It provides a framework for authentication and key
exchange.
ISDNIntegrated Services Digital Network. A set of standards used to transmit voice,
video, and data over a public switched telephone network (PSTN). Two types of ISDN
configurations are Primary Rate Interface (PRI) and Basic Rate Interface (BRI).
IS-ISIntermediate System to Intermediate System. A link-state routing protocol
commonly used in large service provider backbones. Compare to RIP and OSPF.
ISPInternet Service Provider. A company that provides Internet access to customers.
ITInformation technology. Computer systems and networks used within organizations.
ITSIntelligent Transportation System. Provides information about various forms of
transportation to improve safety and promote a smarter use of transportation methods.
IVInitialization vector. An IV provides randomization of encryption keys to help ensure
that keys are not reused. WEP is susceptible to IV attacks because it uses relatively small
IVs and IVs are sent in the clear.

KTopics in Acronym List


KbpsKilobits per second. A data transfer rate indicating how many thousands of bits
are transferred each second. If the b is capitalized (as in KBps), it indicates how many
thousands of bytes are transferred. A byte is 8 bits.
KVMKeyboard video mouse. Administrators use a KVM switch to share a single
keyboard, video display, and mouse among several different servers.

LTopics in Acronym List


L2FLayer 2 Forwarding. An early tunneling protocol created by Cisco Systems for use
with VPNs. It was later combined with Microsofts Point-to-Point Tunneling Protocol
(PPTP) to create the Layer 2 Tunneling Protocol (L2TP).
L2TPLayer 2 Tunneling Protocol. Tunneling protocol used with VPNs. L2TP is
commonly used with IPsec (L2TP/IPsec). L2TP uses port 1701. L2TP is defined on the
Data Link layer (Layer 2) of the OSI model.
LACPLink Aggregation Control Protocol. A protocol used to bundle multiple links
together. This is also called port bonding. Defined by 802.3ad.
LANLocal area network. Group of devices connected within a network. Compare to
CAN, MAN, PAN, and WAN.
LCLocal connector or Lucent Connector. A type of connector used with fiber cable.
LDAPLightweight Directory Access Protocol. Language used to communicate with
directories such as Microsoft Active Directory. Identifies objects with query strings using
codes such as CN=Users and DC=GetCertifiedGetAhead. LDAP uses TCP port 389.
Secure LDAP encrypts transmissions with SSL or TLS over TCP port 636.
LECLocal Exchange Carrier. Refers to the local telephone company.
LEDLight-emitting diode. Small components that emit light. NICs have LEDs used to
indicate a link with a network and activity when the NIC transmits or receives data.
LLCLogical Link Control. Part of the Data Link layer on the OSI model. It defines how
the Data Link layer interacts with the Network layer of the OSI model. The MAC sublayer
is also part of the Data Link layer and it defines how the Data Link layer interacts with the
Physical layer.
LTELong Term Evolution. A wireless standard for smartphones and mobile devices. It
is the successor to 3G and commonly referred to as 4G, though it doesnt meet the specific
requirements of 4G.
LWAPPLightweight Access Point Protocol. Used to configure multiple wireless access
points, which reduces administration time. CompTIA lists this as Light Weight Access
Point Protocol in the acronyms list, but this isnt common usage.

MTopics in Acronym List


MACMedia access control. A 48-bit address used to uniquely identify network

interface cards. It is also called a hardware address or a physical address, and is commonly
displayed as six pairs of hexadecimal characters such as 1A-2B-3C-4D-5E-6F. Switches,
routers, and wireless access points can limit access to a network with MAC address
filtering. The CompTIA Network+ objectives also list this as medium access control,
though this usage isnt common.
MANMetropolitan area network. A computer network that spans a metropolitan area
such as a city. Compare to CAN, LAN, PAN, and WAN.
MAUMultistation access unit. A central device used in some ring topologies. Devices
transmit data to and from the MAU instead of with neighboring devices in the ring. The
MAU monitors devices on the network and ensures the network continues to operate, even
if one of the devices fails.
MbpsMegabits per second. A data transfer rate indicating how many millions of bits are
transferred each second.
MBpsMegabytes per second. A data transfer rate indicating how many millions of bytes
are transferred each second. Notice that the B is capitalized in MBps. A byte is 8 bits.
MDFMain distribution frame. A signal distribution frame used to connect equipment
within an organization to a subscriber carrier outside of the organization. Compare to IDF.
MDIMedium Dependent Interface. The interface used to transmit data. It is used when
devices are connected with a normal straight-through cable. Compare to MDI-X.
MDIXMedium Dependent Interface Crossover. An interface used to transmit data to a
similar device by simulating a connection with a crossover cable. Many devices use autoMDIX, which can automatically configure the port as MDI or MDIX based on the
connection. Compare to MDI.
MGCPMedia Gateway Control Protocol. A protocol that controls the functions between
Voice over IP (VoIP) devices. Replaced SGCP.
MIBManagement Information Base. A hierarchical database of devices using a specific
syntax. SNMP uses a MIB.
MIMOMultiple-input, multiple-output. A smart antenna technology used with 802.11n
designed to achieve faster speeds. It uses multiple antennas and transceivers, which
provide diversity gain and improved reliability. Data is sent in separate streams in a
process called spatial multiplexing.
MLAMaster license agreement. Typically used with software. The license authorizes an
organization to use the software as long as they comply with the requirements in the
agreement.
MLAMultilateral agreement. An agreement between three or more parties.
MMFMultimode fiber. A type of fiber used in short range cable runs such as with
10GBaseSR and 10GBaseSW. MMF has a larger core than SMF and is less expensive.
Compare to SMF.

MOUMemorandum of understanding. Defines responsibilities of each party, but it is


not as strict as an SLA.
MPEGMoving Picture Experts Group. A group that had defined several compression
methodologies used for audio and video. These methodologies operate on the Presentation
layer (Layer 6) of the OSI model.
MPLSMultiprotocol Label Switching. A type of WAN topology. MPLS supports
multiple protocols such as ATM and frame relay and operates on multiple layers of the
OSI model. It uses labels to identify paths instead of IP addresses used with TCP/IP. The
CompTIA objectives lists it as Multi-Protocol (with a hyphen), but RFCs do not use a
hyphen.
MSAMaster Service Agreement. A contract between two parties that applies to future
transactions and agreements. It streamlines the process of creating agreements in the
future without requiring the parties to create new contracts from scratch.
MS-CHAPMicrosoft Challenge Handshake Authentication Protocol. Microsoft
implementation of CHAP. MS-CHAPv2 provides mutual authentication.
MSDSMaterial Safety Data Sheet. Provides personnel with safety information about
potentially hazardous materials, such as cleaning agents. It often includes first aid
treatment instructions.
MT-RJMechanical Transfer-Registered Jack. A connector used with fiber-optic cable. It
is used with duplex multimode connections.
MTUMaximum transmission unit. The MTU identifies the largest size of a packet or
frame that can be sent across a network.
MU-MIMOMulti-user multiple-input, multiple-output. The use of MIMO technologies
for multiple wireless devices. 802.11n introduced MIMO. 802.11ac introduced MUMIMO.
MXMail Exchanger. A type of record used in DNS servers to local mail servers.
Compare to A, AAAA, CNAME, and PTR DNS records.

NTopics in Acronym List


NACNetwork access control. Inspects clients for health and can restrict network access
for unhealthy clients to a remediation network. Clients run agents and these agents report
status to a NAC server. NAC is used for VPN and internal clients. MAC filtering is a form
of NAC.
NASNetwork attached storage. A server or computer appliance used to store and serve
files over a network. NAS units can have one or more drives and can support different
RAID configurations.
NATNetwork Address Translation. A service that translates public IP addresses to
private IP addresses and private IP addresses back to public IP addresses. It is often used
on wireless routers and proxy servers.

NCPNetwork Control Protocol. A component within the Point-to-Point Protocol (PPP).


NetBEUINetwork Basic Input/Output Extended User Interface. An older networking
protocol originated by IBM. It is not routable and is rarely used today.
NetBIOSNetwork Basic Input/Output System. A service operating on the Session layer
of the OSI model for connectivity over a network. Its use is dwindling in todays
networks.
NFSNetwork File System. A file system protocol that allows users to access files over a
network. Sun Microsystems created it, but it is now an open standard. It is commonly used
with Unix and Unix derivatives. CompTIA lists this as Network File Service in the
objectives, but this isnt common usage.
NICNetwork interface card. An expansion card or built-in hardware that is used to
connect a device to a network. NICs commonly have RJ-45 jacks and twisted-pair cables
plug into the RJ-45 jack. NICs operate on both the Physical and Data Link layers (Layers
1 and 2, respectively).
NIDSNetwork intrusion detection system. A NIDS is installed on network devices, such
as routers or firewalls and monitors network traffic. It can detect network-based attacks.
NIPSNetwork intrusion prevention system. An IPS that monitors the network. An IPS
can actively monitor data streams, detect malicious content, and stop attacks in progress.
NIUNetwork interface unit. A device marking the demarcation point between the
customers wiring and a carriers local loop. Also called a network interface device.
nmNanometer. One billionth of a meter.
NNTPNetwork News Transport Protocol. Protocol used to host newsgroups. Many
newsgroups are now referred to as forums, or simply groups and can be accessed using
HTTP instead of, or in addition to, using NNTP.
NTPNetwork Time Protocol. Protocol used to synchronize computer times. NTP
operates on the Application layer (Layer 7) of the OSI model.

OTopics in Acronym List


OCxOptical Carrier. Represents the various Optical Carrier specifications such as OC1, OC-3, and so on. SONET fiber-optic networks use OC specifications.
OFDMOrthogonal frequency-division multiplexing. A wireless standard that splits the
signal into multiple subcarriers and transmits the data on each subcarrier simultaneously.
Used by most wireless standards, including 802.11a, g, n, and ac. Compare to DSSS and
FHSS.
OSOperating system. Includes Windows, Linux, and Apple iOS systems. OSs are
hardened to make them more secure from their default installation.
OSIOpen Systems Interconnection. A seven-layer model that provides a general
framework for network communications. Layers are Physical (Layer 1), Data Link (Layer
2), Network (Layer 3), Transport (Layer 4), Session (Layer 5), Presentation (Layer 6), and

Application (Layer 7). Compare to TCP/IP model. The CompTIA objectives list this as
Open System Interconnect, but this isnt common usage.
OSPFOpen Shortest Path First. A link-state routing protocol. Routers share information
with each other using OSPF. Compare to RIP and ISIS.
OTDROptical time domain reflectometer. A tool used to measure the length of a fiberoptic cable and identify any anomalies along the cable. Compare to TDR.
OUIOrganizationally unique identifier. A 24-bit number that uniquely identifies a
vendor or manufacturer. 48-bit MAC (or hardware) addresses include the OUI as the first
24 bits.

PTopics in Acronym List


P2PPeer-to-peer. A type of topology where computers share information directly with
each other instead of through a central server. P2P applications (also called file sharing
applications) allow users to share files such as music, video, and data over the Internet.
PaaSPlatform as a Service. A cloud computing technology that provides cloud
customers with a preconfigured computing platform they can use as needed. PaaS is a
fully managed platform, meaning that the vendor keeps the platform up to date with
current patches. Compare to IaaS and SaaS.
PANPersonal network area. A network of devices close to a single person. Compare to
CAN, LAN, MAN, and WAN.
PAPPassword Authentication Protocol. An older authentication protocol where
passwords or PINs are sent across the network in cleartext. CHAP is more secure. PAP
uses PPP.
PATPort Address Translation. A form of NAT that translates public IP addresses to
private IP addresses, and private IP addresses back to public IP addresses. PAT uses a
single public IP address. Compare to DNAT.
PCPersonal computer. Any type of computer used by an end user. Typically refers to a
desktop computer or a laptop computer.
PDFPortable Document Format. A file format originated by Adobe Systems that is now
an open standard. A PDF document includes a description of exactly how the text and
graphics appear within the document.
PDUProtocol data unit. A generic name for data formatted at the Application,
Presentation, and Session layers (Layers 7, 6, and 5, respectively) of the OSI model. In
contrast, the Transport layer (Layer 4) identifies data as segments, the Network layer
(Layer 3) identifies data as packets, the Data Link layer (Layer 2) identifies data as
frames, and the Physical layer (Layer 1) identifies data as bits.
PGPPretty Good Privacy. Commonly used to secure email communications between
two private individuals but is also used in companies. It provides confidentiality, integrity,
authentication, and non-repudiation. It can digitally sign and encrypt email. It uses both

asymmetric and symmetric encryption.


PKIPublic Key Infrastructure. A group of technologies used to request, create, manage,
store, distribute, and revoke digital certificates. Certificates include public keys along with
details on the owner of the certificate and on the CA that issued the certificate. Certificate
owners share their public key by sharing a copy of their certificate. Certificates can be
used for authentication such as when WPA2 Enterprise is used with a RADIUS server.
PoEPower over Ethernet. A standard that delivers power to devices over an Ethernet
cable. Defined by 802.3af. 802.3at defines PoE+, which provides up to 25.5 W of power.
In contrast, 802.3af provides up to 15.4 W of power.
POPPost Office Protocol. Used to transfer email from mail servers to clients. The
current version is POP3. POP3 uses TCP port 110.
POTSPlain old telephone service. This refers to voice-grade telephone service and can
be used with simple dial-up modems. DSL modems use upgraded digital lines. The
CompTIA objectives list this as plain old telephone system, but this isnt a common usage.
PPPPoint-to-Point Protocol. Tunneling protocol used with VPNs to create remote
access connections. PPTP uses TCP port 1723.
PPPoEPoint-to-Point Protocol over Ethernet. A network protocol used to encapsulate
PPP frames within Ethernet frames. Commonly used with DSL.
PPTPPoint-to-Point Tunneling Protocol. Tunneling protocol used with VPNs. PPTP
uses TCP port 1723.
PRIPrimary Rate Interface. A standard used with ISDN. Two types of ISDN
configurations are Primary Rate Interface (PRI) creating a T-1 in the United States and
Canada, and an E-1 in Europe.
PSKPre-shared key. A secret shared among different systems and commonly used with
WPA Personal and WPA2 Personal on wireless networks. In contrast, Enterprise mode
uses a RADIUS server for authentication.
PSTNPublic switched telephone network. The combination of components used in
telephone networks. It includes all the different links, such as telephone lines, fiber-optic
cables, cellular networks, microwave links, satellite links, and undersea telephone cables.
PTPPoint-to-Point. A network connection between two systems. Within
telecommunications, PTP refers to connections between two parties using telephones.
PTRPointer record. This isnt actually an acronym, but it looks like one. It identifies a
specific type of record used in DNS servers to resolve IP addresses back to host names.
Compare to A, AAAA, CNAME, and MX DNS records.
PVCPermanent virtual circuit. A type of connection used within ATM and frame relay
networks. A PVC provides a dedicated link. Compare to SVC.
PVCPolyvinyl chloride. Type of cable covering used in cables. PVC cable is not
plenum safe and should not be run through plenums. Instead, plenum safe cable is used

within plenums. Plenum safe cable is fire retardant and does not emit dangerous chemicals
if it burns.

QTopics in Acronym List


QoSQuality of service. Refers to the overall performance of a network. Traffic shaping
policies limit certain types of traffic, such as streaming audio and video, to increase the
overall performance of the network.

RTopics in Acronym List


RADIUSRemote Authentication Dial-In User Service. Provides central authentication
for remote access clients and can be used for authentication with WPA/WPA2 Enterprise.
RADIUS encrypts the password packets and uses UDP.
RARPReverse Address Resolution Protocol. An older protocol used by computers to
request an IPv4 address. BootP and DHCP have replaced RARP.
RASRemote access service. Provides access to an internal network from an outside
source location using dial-up or a VPN.
RDPRemote Desktop Protocol. Microsoft protocol used to provide connection to a
remote system over a network. RDP connections use port 3389.
RFRadio frequency. A wireless signal that transmits over the air. Common RF ranges
are 3 kHz to 300 GHz.
RFCRequest for Comments. A formal publication from the Internet Engineering Task
Force. Many RFCs define a standard such as RFC 793, which defines TCP. Some RFCs
are informational to provide background information such as RFC 6101, which documents
historical information about SSL.
RFIRadio frequency interference. Interference from RF sources such as AM or FM
transmitters. STP cables help protect signals from EMI. Fiber-optic cable is immune to
EMI. Compare to RFI.
RGRadio Guide. Refers to a type of cable such as RG-6 coaxial cable.
RIPRouting Information Protocol. A distance-vector routing protocol. It is used by
routers to share information with each other so that each router can determine the shortest
number of hops (routers) between two systems. Compare with OSPF and IS-IS.
RJRegistered Jack. A type of connection plug used with twisted-pair cables. Phone
lines use smaller RJ-11 connectors and network cables use larger RJ-45 connectors. They
are formally known as 6P6C, 6P4C, or 6P2C for RJ-11 and 8P8C for RJ-45 connectors.
RSARivest, Shamir, Adleman. An asymmetric algorithm used to encrypt data and
digitally sign transmissions. It is named after its creators, Rivest, Shamir, and Adleman.
RSA uses both a public key and a private key in a matched pair.
RSHRemote Shell. A Unix command-line utility used to connect to a remote computer.
RSTPRapid Spanning Tree Protocol. An improvement over Spanning Tree Protocol

(STP). Both help prevent broadcast storms caused by switching loops. Often replaced by
Shortest Path Bridging (SPB).
RTPReal-time Transport Protocol. A standard used for delivering audio and video over
an IP network. The CompTIA objectives list this as Real Time Protocol, but RFCs identify
it as Real-time Transport Protocol.
RTSPReal-time Streaming Transport Protocol. A protocol used to establish and control
media sessions between media servers and clients.
RTTRound trip time. This identifies how long it takes a packet to get to a remote
system and return. Ping and tracert/traceroute both show round trip times. The CompTIA
objectives also list this as Real Transfer Time, but this isnt common usage.

STopics in Acronym List


SASecurity Association. Communication between systems over a network used to
securely share security information such as cryptographic methods and an encryption key.
The framework for an SA is provided by ISAKMP.
SaaSSoftware as a Service. A cloud computing technology that provides applications
over the Internet. Web mail is an example of a cloud-based technology. Compare to IaaS
and PaaS.
SCADASupervisory Control and Data Acquisition. Typically used in industrial control
systems within large facilities such as power plants or water treatment facilities. SCADA
systems are often contained within isolated networks that do not have access to the
Internet, but are still protected with redundant and diverse security controls. SCADA
systems can be protected with NIPS systems and VLANs.
SCStandard Connector/Subscriber Connector. A square-shaped fiber-optic connector
using push-pull coupling. Sometimes called square connector.
SCPSecure Copy Protocol. Based on SSH, SCP allows users to copy encrypted files
over a network. SCP uses TCP port 22.
SDLCSoftware Development Life Cycle. A software development process. Many
different models are available.
SDPSession Description Protocol. Used to describe initialization parameters for
streaming media sessions.
SDSLSymmetric digital subscriber line. A specific type of DSL line. The upload and
download links have the same speed in an SDSL line. Compare to DSL and ADSL.
SFPSmall form-factor pluggable. A transceiver used to connect twisted-pair Ethernet
cable with fiber cable. Also called a mini-GBIC. It has replaced the GBIC in most
implementations.
SFTPSecure File Transfer Protocol. An extension of Secure Shell (SSH) using SSH to

transmit the files in an encrypted format. SFTP transmits data using TCP port 22.
SGCPSimple Gateway Control Protocol. Used with Voice over IP (VoIP). Superseded
by MGCP.
SHASecure Hash Algorithm. A hashing function used to provide integrity. SHA-1 uses
160 bits, and SHA-256 uses 256 bits. As with other hashing algorithms, SHA verifies
integrity.
SHA-3Secure Hash Algorithm version 3. Hash function formally known as Keccak.
NIST selected this as the standard to replace earlier versions of SHA.
SIEMSecurity Information and Event Management. A security system that attempts to
look at security events throughout the organization.
SIPSession Initiation Protocol. A protocol used for signaling and controlling
multimedia sessions such as voice and video calls and instant messaging sessions.
SLAService level agreement. An agreement between a company and a vendor that
stipulates performance expectations, such as minimum uptime and maximum downtime
levels. Organizations use SLAs when contracting services from service providers such as
Internet Service Providers (ISPs).
SLIPSerial Line Internet Protocol. A legacy protocol used to encapsulate Internet
Protocol data so that it can be sent over serial connections.
SMFSingle mode fiber. A type of fiber used in long and extended range cable runs such
as with 10GBaseLR, 10GBaseER, 10GBaseLW, and 10GBaseEW. SMF has a smaller core
than MMF and is more expensive. Compare to MMF.
SMSShort Message Service. A text messaging service used with smartphones and
mobile communication systems.
SMTPSimple Mail Transfer Protocol. Used to transfer email between clients and
servers and between email servers and other email servers. SMTP uses TCP port 25.
SNATStatic Network Address Translation/Source Network Address Translation. These
are various types of NAT and their definition varies by vendor. Static NAT uses a single
public IP address in a one-to-one mapping. It maps a single private IP address with a
single public IP address. Compare to DNAT.
SNMPSimple Network Management Protocol. Used to manage network devices such
as routers or switches. SNMP agents report information via notifications known as SNMP
traps, or SNMP device traps. SNMP is defined on the Application layer (Layer 7) of the
OSI model.
SNTPSimple Network Time Protocol. A simplified version of NTP. Applications that
dont require detailed accuracy sometimes use SNTP instead of NTP.
SOAStart of authority. One of the records in a DNS zone. It includes information about
the zone such as an authoritative server for the zone, the email address of a domain
administrator, and information DNS servers use to periodically update and refresh the

zone.
SOHOSmall Office/Home Office. Indicates a small office typically supporting between
1 and 10 users. A SOHO network indicates a small network.
SONETSynchronous Optical Network. A group of protocols used with fiber cable.
Some SONET networks use ring topologies. Sometimes spelled out as Synchronous
Optical Networking.
SOWStatement of work. A document that identifies the scope of work that a third party
will perform.
SPBShortest Path Bridging. A standard that combines multiple network functions into a
single protocol. It supports multipath routing and replaces spanning tree protocols such as
STP and RSTP.
SPIStateful packet inspection. A method used by firewalls to allow or block traffic
based on the state of the traffic within a communication session. The firewall allows
traffic that is part of a known session. It blocks traffic that isnt part of a known session or
active connection, unless it is initiating an active session.
SPSStandby power supply. A type of uninterruptible power supply (UPS).
SSHSecure Shell. An encryption protocol used to secure a wide variety of traffic such
as Telnet and Secure File Transfer Protocol (SFTP). SSH uses port 22.
SSIDService set identifier. The name of a wireless network in human readable form.
Disabling SSID broadcast can hide the network from casual users, but an attacker can
easily discover it with a wireless sniffer. Its recommended to change the SSID from the
default name. Compare to BSSID and ESSID.
SSLSecure Sockets Layer. A legacy protocol used to encrypt traffic on the wire. It was
used with HTTPS to secure HTTP traffic on the Internet as HTTPS. SSL uses port 443
when encrypting HTTPS traffic. TLS is the replacement for SSL.
STStraight tip or snap twist. A type of connector used with fiber-optic cable. Typically
used with multimode fiber.
STPShielded twisted pair. Twisted-pair cable commonly used in Ethernet networks that
require protection against EMI, RFI, or cross-talk. The shielding around the pairs provides
the protection. Compare to UTP.
STPSpanning Tree Protocol. A protocol that protects against switching loops. A
switching loop can be created if two ports of a switch are connected together. Often
replaced by Shortest Path Bridging (SPB).
SVCSwitched virtual circuit. A type of connection used within ATM and frame relay
networks. An SVC is a temporary connection, typically set up on a per-call basis.
Compare to PVC.
SYSLOGSystem log. A message logging standard that delivers event notification
messages. Typically, many devices send event notifications to one or more data collectors.

For example, several devices can be configured to send real-time notifications to a syslog
server. Note that while the CompTIA objectives list this with all caps (SYSLOG), source
documents such as RFC 5424 list it as syslog.

TTopics in Acronym List


T-1Terrestrial Carrier Level 1. A copper-based transmission system. T-1 provides 1.544
Mbit/s of bandwidth. Compare to E1.
TATerminal adapter. A device that connects a terminal to an ISDN device. The
CompTIA objectives list this as terminal adaptor (with an o) but this isnt common usage.
TACACSTerminal Access Controller Access-Control System. An older remote access
authentication protocol.
TACACS+Terminal Access Controller Access-Control System+. Access control
protocol that can be used for the management of network devices (including routers). It
provides authorization, authentication, and accounting (AAA) services and can be used for
remote access solutions. TACACS+ uses TCP port 49.
TCPTransmission Control Protocol. Provides guaranteed delivery of IP traffic. Uses a
three-way handshake to establish a connection. TCP is defined on the Transport layer
(Layer 4) of the OSI model. Compare to UDP.
TCP/IPTransmission Control Protocol/Internet Protocol. Represents the full suite of
protocols used on the Internet and most internal networks.
TDMTime-division multiplexing. Multiplexing transmits multiple signals on the same
media. Time-division multiplexing does this by transmitting different signals at different
times. For example, when transmitting two signals, the signals take turns transmitting.
TDRTime-domain reflectometer. A tool used to measure the length of a copper cable
and identify any anomalies along the cable. It can identify cuts, breaks, and nicks.
Compare to OTDR.
TelcoTelephone company. Sometimes refers to a telecommunications company.
TFTPTrivial File Transfer Protocol. Used to transfer small amounts of data with UDP
port 69. In contrast, FTP is used to transfer larger files using TCP ports 20 and 21.
TKIPTemporal Key Integrity Protocol. Wireless security protocol introduced to address
the problems with WEP. TKIP was used with WPA, but many implementations of WPA
now support AES.
TLSTransport Layer Security. Used to encrypt traffic on the wire. TLS is the
replacement for SSL. Like SSL, it uses certificates issued by CAs. EAP-TLS uses TLS to
encrypt the authentication process and can be used with WPA2 Enterprise and RADIUS
servers.
TMSTransportation management system. Part of a supply chain. It controls

procurement processes (inbound transportation) and shipping processes (outbound).


Compare to WMS.
TOSType of Service. An 8-bit field in the IPv4 header. This field has been used
differently over the years. Currently, the most common usage is as a 6-bit DSCP code, and
a 2-bit Explicit Congestion Notification (ECN) field. ECN provides notification of a busy
network without dropping packets. Compare to COS and DSCP.
TTLTime of Live. Refers to the number of hops (routers) that a packet will pass
through before it dies. For example, if the TTL is 64, each router (hop) will decrement
the packet by 1 before sending it on. When the TTL reaches 0, the router no longer
forwards it. This prevents a packet from traveling over a network indefinitely.
TTLSTunneled Transport Layer Security. An extension of TLS commonly used with
Extensible Authentication Protocol (EAP). EAP-TTLS encrypts data within a TLS tunnel.
It requires a certificate on the server.

UTopics in Acronym List


UCUnified Communications. Refers to the integration of multiple communication
technologies. It includes Voice over IP (VoIP), instant messaging services for online chat,
video conferencing, desktop sharing, integrated voice mail, email, Short Message Service
(SMS), and more. Often used as a marketing buzzword for sales.
UDPUser Datagram Protocol. Used instead of TCP when guaranteed delivery of each
packet is not necessary. UDP uses a best-effort delivery mechanism. UDP is defined on the
Transport layer (Layer 4) of the OSI model.
UNCUniversal Naming Convention. A Microsoft format that identifies the network
path of a folder shared on a server. It takes the form of \computerName\sharedFolder. For
example, a folder named data shared on a server named Server1 is identified as
\Server1\Data.
UPCUltra polished connector. A connector used with fiber cables. The polish supports
better physical contact between the fiber-optic cable and the connector. Sometimes called
an ultra physical contact connector.
UPSUninterruptible power supply. A battery backup system that provides fault
tolerance for power and can protect against power fluctuations. A UPS provides short-term
power giving the system enough time to shut down smoothly, or to transfer to generator
power. Generators provide long-term power in extended outages.
URIUniform Resource Identifier. Used to identify the name of a resource and always
includes the protocol such as http://GetCertifiedGetAhead.com.
URLUniform Resource Locator. A type of URI. Address used to access web resources,
such as http://GetCertifiedGetAhead.com.
USBUniversal Serial Bus. A serial connection used to connect peripherals such as
printers, flash drives, and external hard disk drives. Data on USB drives can be protected

against loss of confidentiality with encryption. Attackers have spread malware through
Trojans.
UTMUnified threat management. A security appliance that combines multiple security
controls into a single solution. UTM appliances can inspect data streams for malicious
content and often include URL filtering, malware inspection, and content inspection
components.
UTPUnshielded twisted pair. Twisted-pair cable commonly used in Ethernet networks.
It does not have any shielding and does not protect against EMI, RFI, or cross-talk.
Compare to STP.

VTopics in Acronym List


VDSLVery-high-bit-rate digital subscriber line. A type of DSL that provides faster
transmission speeds than ADSL. CompTIA lists this as Variable Digital Subscriber Line,
but this isnt common usage.
VLANVirtual local area network. Defined on a switch at the Data Link layer (Layer 2)
of the OSI model with 802.1q. A VLAN can logically group several different computers
together, or logically separate computers without regard to their physical location. It is
possible to create multiple VLANs with a single switch.
VNCVirtual Network Computing. A system that allows users to connect to a computer
remotely and take control of the desktop. Some organizations implement VNC for helpdesk technicians, allowing them to provide remote technical support to users. CompTIA
lists this as virtual network connection in the objectives, but this isnt common usage.
VoIPVoice over IP. A group of technologies used to transmit voice over IP networks.
VPNVirtual private network. Provides access to a private network over a public
network such as the Internet. VPNs can be host-to-gateway VPNs or gateway-to-gateway
VPNs. VPN concentrators provide VPN access to large groups of users.
VRRPVirtual Router Redundancy Protocol. A protocol used to provide high availability
for routers. It groups multiple physical routers as a single virtual router. If one router fails,
VRRP automatically assigns another router.
VTCVideo teleconference. A group of interactive telecommunication technologies that
allow people in two or more locations to interact with two-way video and audio
transmissions.
VTPVLAN Trunk Protocol. A Cisco protocol that transmits VLAN definitions to
switches on the network. It reduces administration requirements for these switches.

WTopics in Acronym List


WANWide area network. A network connecting two or more networks over a large
geographical distance. Compare to CAN, LAN, MAN, and PAN.
WAPWireless access point. A device used to connect wireless devices to a wired
network. A wireless router includes a WAP and additional capabilities. Often called an

access point (AP) to differentiate it from Wireless Application Protocol.


WAPWireless Application Protocol. A standard for creating web content dedicated to
mobile devices.
WEPWired Equivalent Privacy. An early wireless security protocol. WEP has
significant security flaws and was temporarily replaced with WPA, and permanently with
WPA2. WEP used RC4 incorrectly making it susceptible to IV attacks.
WINSWindows Internet Name Service. A Windows service hosted on WINS servers to
resolve NetBIOS names to IP addresses within a private network. WINS is not used on the
Internet. The Internet and most internal networks use host names and host names are
resolved to IP addresses by DNS servers.
WLANWireless local area network. A network used to connect wireless devices
together.
WMSWarehouse management system. Part of a supply chain. It controls movement of
material within a warehouse during receiving, storage, and shipping processes. Compare
to TMS.
WPAWi-Fi Protected Access. Replaced WEP as a wireless security protocol using
legacy hardware. WPA has been superseded by WPA2. WPA can use TKIP or AES and
AES is more secure. In Enterprise mode, it can use RADIUS to support authentication. In
Personal mode, it uses a pre-shared key (PSK).
WPA2Wi-Fi Protected Access II. Security protocol used to protect wireless
transmissions. It supports CCMP for encryption, which is based on AES and is stronger
than TKIP, which was originally released with WPA. It uses an 802.1x server for
authentication in WPA2 Enterprise mode and a pre-shared key for WPA2 Personal mode,
also called WPA2-PSK.
WPSWi-Fi Protected Setup. Allowed users to easily configure a wireless network, often
by using only a PIN. WPS brute force attacks can discover the PIN.
wwwWorld Wide Web. Information space where data is shared over the Internet using
hypertext links.

XTopics in Acronym List


XDSLExtended digital subscriber line. Refers to all DSL technologies such as SDSL
and ADSL.
XMLExtensible Markup Language. A set of rules used to define how to describe data.
As a comparison, HTML is a set of rules used to define how to display data. XML is often
used to create formatted reports, and by databases for inputting or exporting data.

ZTopics in Acronym List


ZeroconfZero configuration. A set of technologies with the goal of automatically
configuring hosts on a network with TCP/IP information. The goal is zero touch
requirements by administrators or users.

Get Certified Get Ahead

After the Network+ Exam


Whats next for you after passing the Network+ exam? Many people pursue the
CompTIA Security+ certification. It builds on your Network+ knowledge and helps show
employers that you have a solid understanding of basic security issues that threaten the
confidentiality, integrity, and availability of an organizations IT resources.
If that is your plan, check out the CompTIA Security+: Get Certified Get Ahead:
SY0-401 Study Guide, ISBN 1939136024. It has helped thousands of people pass the
Security+ certification the first time they took it and it can help you too.
No matter what resources you use though, I wish you the best of luck in all your
travels.

Get Certified Get Ahead