Network+StudyGuide(N10004)

ThisisourfreestudyguideforCompTIA'sNetwork+certificationexam(N10004).Ifyouwouldliketoreportan
errororcontributeadditionalinformation,pleaseusethecontactlinkatthebottomofthesite,orpostinour
[Link].

Domain1.0:NetworkTechnologies
Domain1.1:CommonNetworkingProtocols
TCPTCPbreaksdataintomanageablepacketsandtracksinformationsuchassourceanddestinationof
[Link].
IPThisisaconnectionlessprotocol,[Link]
[Link]
doesnotgiveacknowledgementofpacketsthatarelostorsentoutoforderasthisistheresponsibilityof
higherlayerprotocolssuchasTCP.
UDPAconnectionless,datagramservicethatprovidesanunreliable,besteffortdelivery.
ICMPInternetControlMessageProtocolenablessystemsonaTCP/IPnetworktosharestatusanderror
informationsuchaswiththeuseofPINGandTRACERTutilities.
SMTPUsedtoreliablysendandreceivemailovertheInternet.
[Link]
[Link]([Link]).
TFTPSameasFTPbutnotconnectionoriented.
[Link]'sunique
hardwarenumberandappearsintheform00A0F12764E1(forexample).EachcomputerstoresanARP
cacheofothercomputersARPIPcombinations.
POP3PostOfficeProtocol.APOP3mailserverholdsmailuntiltheworkstationisreadytoreceiveit.
IMAPLikePOP3,InternetMessageAccessProtocolisastandardprotocolforaccessingemailfromyour
[Link](thelatestversionisIMAP4)isaclient/serverprotocolinwhichemailisreceivedandheld
foryoubyyourInternetserver.
[Link]
remoteservermustberunningaTelnetserviceforclientstoconnect.
HTTPTheHypertextTransferProtocolisthesetofrulesforexchangingfiles(text,graphicimages,sound,
video,andothermultimediafiles)[Link]
addressingofHTTPrequestsandresponses.
HTTPSSignifiesthatawebpageisusingtheSecureSocketsLayer(SSL)protocolandisprovidingasecure
[Link].
NTPNetworkTimeProtocolisaprotocolthatisusedtosynchronizecomputerclocktimesinanetworkof
computers.
SNMPStandsforSimpleNetworkManagementProtocolandisusedformonitoringandstatusinformation
[Link],
printers,routers,servers,[Link]
informationbacktothemanagementsystemsbytheuseoftrapswhichcapturesnapshotdataofthe
[Link],resourceinformation,[Link]
SNMPv2standardincludesenhancementstotheSNMPv1SMIspecificdatatypes,suchasincludingbit
strings,networkaddresses,[Link]
informationsentwasincleartext,anymonitoringinformationbeingsentandcollectedforoperational
purposescouldalsobepulledoffthewirebyamaliciousperson
SIPStandsforSessionInitiationProtocolandisasignalingprotocol,widelyusedforcontrollingmultimedia
communicationsessionssuchasvoiceandvideocallsoverInternetProtocol(IP).Otherfeasibleapplication
examplesincludevideoconferencing,streamingmultimediadistribution,instantmessaging,presence
[Link],modifyingandterminatingtwoparty
(unicast)ormultiparty(multicast)[Link]
involvechangingaddressesorports,invitingmoreparticipants,addingordeletingmediastreams,etc.
RTPRealtimeTransportProtocolistheaudioandvideoprotocolstandardusedtodelivercontentoverthe
[Link].323andRTSP.
[Link]
[Link]
neededforIPv4networks,asmulticastishandleddifferentlyinIPv6networks.
TLSTransportLayerSecurityisacryptographicprotocolthatprovidessecurityforcommunicationsover
[Link]
[Link],
electronicmail,Internetfaxing,instantmessagingandvoiceoverIP(VoIP).

Domain1.2:IdentifyCommonlyUsedTCP/UDPPorts
[Link]

portsare:
Protocol Type

Number

FTP

TCP

20,21

SSH

TCP

22

TELNET

TCP

23

SMTP

TCP

25

DNS

TCP/UDP 53

DHCP

UDP

67

TFTP

UDP

69

HTTP

TCP

80

POP3

TCP

110

NTP

TCP

123

IMAP4

TCP

143

SNMP

UDP

161

HTTPS

TCP

443

Domain1.3:IdentifytheFollowingAddressFormats
IPv4EveryIPaddresscanbebrokendowninto2parts,theNetworkID(netid)andtheHostID(hostid).Allhosts
[Link]
tothenetid.IPaddressesaredividedinto4octetswitheachhavingamaximumvalueof255.WeviewIPv4
addressesindecimalnotationsuchas124.35.62.181,butitisactuallyutilizedasbinarydata.
IPaddressesaredividedinto3classesasshownbelow:
Class Range
A

1126

<128191

192223

NOTE:[Link]
addressrangesarereservedforprivatenetworks:
[Link].254.254.254
172.16.0.0172.31.254.254
192.168.0.0192.168.254.254
IPv6ThepreviousinformationonTCP/IPhasreferredtoIPv4,however,thisaddressingschemehasrunoutof
[Link],thepowersthat
[Link]
schemeutilizesa128bitaddress(insteadof32)andutilizesahexnumberingmethodinordertoavoidlong
addressessuchas132.[Link].[Link].[Link].[Link]
theformof[Link]orexample.
MACAddressingAlsoknownashardwareaddressorethernetaddress,AMACaddressisauniquecodeassigned
[Link]
permanentlyassignedtothedevice.MACAddressesareina48bithexidecimalformatsuchas[Link].
Theyareusedtouniquelyidentifyadeviceonanetwork,andforotherfunctionssuchasforbeingauthenticated
[Link],readMACAddressingFormatsAndBroadcasts.

Domain1.4:ProperUseofAddressingTechnologies
SubnettingIPaddressescanbeclassA,[Link].
[Link]
[Link]
[Link]

[Link]:
Class

DefaultSubnet Subnets

HostsPerSubnet

ClassA [Link]

126

16,777,214

ClassB [Link]

16,384

65,534

ClassC [Link]

2,097,152 254

Whatifyouwantedmorethan1subnet?Subnettingallowsyoutocreatemultiplelogicalnetworksthatexist
withinasingleClassA,B,[Link]'tsubnet,youwillonlybeabletouseonenetworkfromyour
ClassA,B,[Link],themultiplenetworksareconnectedwitharouterwhich
[Link],adefaultgatewayisassignedintheTCP/IP
[Link]
communicatewithclientsonothernetworks.
ClassfulversusClasslessaddressingtheoriginalTCP/IPaddressingmethoddescribedabovewascalled
classfuladdressingwhichworkedbydividingtheIPaddressspaceintochunksofdifferentsizescalledclasses.
ClasslessaddressingisreferredtoasClasslessInterDomainRouting(CIDR)andisdonebyallocatingaddressspace
toInternetserviceprovidersandendusersonanyaddressbitboundary,[Link]
172.16.50.0doesnothavetousethestandardsubnetmaskof255.255.0.0whichmakesaClassBaddressspace
andwhichalsoputsitonthesamenetworkas172.16.51.0usingthesubnetmaskof255.255.0.0.(Withclassful
addressing,ourexamplehas172.16asthenetworknameandthe50.0and51.0rangesarebothpartofthesame
hostnamingconvention).Instead,byusingclasslessaddressing172.16.50.0/24putsthesesystemsonadifferent
networkthan172.16.51.0/24becausethenetworknameshereare172.16.50and172.16.51whichare
different.
NATNATstandsforNetworkAddressTranslationandisacommonlyusedIPtranslationandmappingtechnology.
Usingadevice(suchasarouter)orpieceofsoftwarethatimplementsNATallowsanentirehomeorofficenetwork
[Link],DSLmodem,oreven56k
[Link],NATkeepsyourhomenetwork
[Link].
PATPortAddressTranslationisafeatureofanetworkdevicethattranslatesTCPorUDPcommunicationsmade
[Link]
manyhostsonaprivatenetwork.
SNATSecureNetworkAddressTranslationanextensionofthestandardNetworkAddressTranslation(NAT)
[Link]
addresswhereNATiseffectivelyoneexternaladdresstomanyinternalIPaddresses.
DHCPDynamicHostConfigurationProtocolprovidesasolutionthatautomaticallyassignsIPaddressesto
[Link],Itwillsendouta
[Link]"lease"andassignittothatclient.
SomeofthebenefitsofDHCPincludethefollowing:
PreventsusersfrommakinguptheirownIPaddresses.
Preventsincorrectgatewayorsubnetmasksfrombeingentered.
Decreasesamountoftimespentconfiguringcomputersespeciallyinenvironmentswherecomputersget
movedaroundallthetime.
[Link]
automaticIPaddressassignment/dynamicIPassignmentwillattempttouseDHCPtomakearequestforanIP
[Link]
configurethesystemwithanAPIPAIPaddressinthe169.254.0.1through169.254.255.254addressrangewitha
subnetmaskof255.255.0.0.
[Link]
whereaprivateoruniqueresourcesuchasmediaserversarebeingrequestedfortwowayconnectionsthatare
[Link],aclientsystemmaymakethe
requestforstreamingcontentfromthesinglesourceandtherespondingsystemmayleverageunicastaspartof
theresponsetothesessionrequesttodeliverthecontent.
[Link]
mediaserverexample,thesinglesourceaddressmayneedtosendthedatatomultipleclientsitdoesthisby
[Link]
[Link]
networknodedoesseethatthedataisintendedforthemthedevicewillrespondbyreceivingthepacket.

Broadcasttrafficsentoutfromanetworknodethatwillreacheveryothernodeonthesubnet/broadcast
[Link]
trafficwillusethebroadcastaddressforthatsubnetandeverydeviceinthatbroadcastdomainwillreceivethe
[Link],in
theIPaddressrangeof192.168.0.0thisbroadcastaddresswouldbe192.168.255.255andthetrafficwouldreach
allavailablenodesonthesubnet.Additionally255.255.255.255couldbeusedwhichisthebroadcastaddressof
thezeronetwork([Link]).InternetProtocolstandardsoutlinethatthezeronetworkstandsforthelocalnetwork
soonlythosenodeonthelocalnetworkwouldhearthebroadcasttrafficacrossthe255.255.255.255address.

Domain1.5:CommonIPv4andIPv6RoutingProtocols
LinkStateroutingprotocolsareoneofthetwomainclassesofroutingprotocolsusedinpacketswitching
networksandincludesprotocolssuchasOpenShortestPathFirst(OSPF)andIntermediateSystemtoIntermediate
System(ISIS).Thelinkstateprotocolisperformedoneveryrouteronthenetwork,whereeveryroutingnode
[Link]
routercalculatesthenextbestlogicalhopfromittoeverypossibleknowndestinationwhichformsthenode's
routingtable.
OpenShortestPathFirst(OSPF)isadynamicroutingprotocolandisusedonInternetProtocol(IP)
[Link](IGP)thatroutesIPpackets
withinasingleroutingdomainandwasdesignedtosupportvariablelengthsubnetmasking(VLSM)and
ClasslessInterDomainRouting(CIDR)addressing.
IntermediateSystemtoIntermediateSystem(ISIS)alinkstateprotocolthatoperatesby
[Link]
buildsapictureofthenetwork'stopologybasedonthedatareceivedandthebesttopologicalpaththrough
[Link](IGP)typicallyusedonlargernetworks.
Distancevectorroutingprotocolsareoneofthetwomainclassesofroutingprotocolsusedinpacket
switchingnetworksandincludesRoutingInformationProtocol(RIP)andInteriorGatewayRoutingProtocol(IGRP).
usesdistanceasonefactorandthevectorastheothertodetermineagainsttheknownroutingtablestodeliver
[Link]
routersoftopologychangesperiodicallywhenachangeisdetectedinthetopologyofanetwork.
RoutingInformationProtocol(RIPv1)RIPisadistancevectorroutingprotocolusinghopcountasa
routingmetric.ThemaximumnumberofhopsallowedforRIPis15whicheffectivelylimitsthesizeof
networksthatRIPcansupport.
RoutingInformationProtocol(RIPv2)improveduponRIPv1byhavingtheabilitytoincludesubnet
informationwithitsupdateswhichallowsforClasslessInterDomainRouting(CIDR)support.The30second
proactivebroadcasthasbeeneliminatedinfavorofmulticastadvertisementsforitsupdates.The15hop
countlimitremainssothatthedevicesarebackwardscompatiblewithRIPv1devices.
BorderGatewayProtocol(BGP)[Link]
networksandthedatathatdesignateswhereandhowtoreacheachnetworkthroughautonomoussystems
(AS).BGPmakesroutingdecisionsbasedonpath,networkpoliciesand/orrulesets.
EnhancedInteriorGatewayRoutingProtocol(EIGRP)aproprietaryhybridprotocolfromCiscothat
[Link]
informationandstoresitinthreetablestheNeighborTablewhichstorestheinformationaboutneighboring
routers,theTopologyTablewhichcontainsonlytheinformationanddataregardingtheroutingtablesfrom
directlyconnectedneighborsandtheRoutingtablewhichstorestheactualroutestoalldestinations.

Domain1.6:ThePurposeandPropertiesofRouting
InteriorGatewayProtocol(IGP)routingprotocolthatisusedwithinanautonomoussystemwhichis
[Link]
routingprotocolssuchasRoutingInformationProtocol(RIP),InteriorGatewayRoutingProtocol(IGRP)and
EnhancedInteriorGatewayRoutingProtocol(EIGRP).AnothertypearetheLinkstateroutingprotocolssuchas
OpenShortestPathFirst(OSPF)andIntermediatesystemtointermediatesystem(ISIS)
ExteriorGatewayProtocol(EGP)routingprotocolthatisusedacrossdifferentautonomoussystems/
administrativedomains.ItwastheroutingprotocolleveragedforInternetconnecteddevicesintheearly1980s.
BorderGatewayProtocol(BGP)isthereplacementstandardforInternetroutingoverEGP.
[Link],anetwork
administratorwillmanuallybuildandmakeupdatestotheroutingtableforallroutesintheadministrativedomain.
Staticroutersarebestsuitedforsmallinternetworksduetotheneedofthemanualadministration,theydonot
scalewelltolargenetworkswhereroutinginformationisoftenchanged,[Link]
notfaulttolerantbecausewhenanothernetworkdevicegoesdownthemanuallyinputinformationmaynot
necessarilyprovidealternatepathingtoadestinationwhichmakesitunreachable(unlessquick,manual
administrativeupdatesaremade.)

[Link]
configurationismadeupofroutingtablesthatarebuiltandmaintainedbyongoingcommunicationbetweenthe
routersonly(bydefaultthisdoesnotincludeinitialsetupandconfigurationoradministrativeneedsfora
persistentrouteconfiguration).Dynamicroutingisfaulttolerantifarouterorlinkgoesdown,therouterssense
thechangeinthenetworktopologywhenthelearnedrouteexpiresintheroutingtableandcannotberenewed
[Link]
[Link](RIP)andOpenShortestPathFirst(OSPF)routingprotocolsforIPandRIP
forIPXaresomeofexamplesofprotocolsthatcanbeusedforthesedynamicupdates.
[Link],routersdonotneedallofthe
[Link]
toknowwheretheredataneedstogonextandthenextreferredtoasthenexthopbecausealltheyaretrying
todoisdeliverittothespecifieddestinationIPaddressthatisincludedintheheaderinformationofthedatabeing
[Link]
routingtablestofigureoutwhichroutertohanditofftointheefforttogetthedatapacketwhereitneedstogo.
RoutingTablessometimesreferredtoasaRoutingInformationBase(RIB),isthedatabaseinformationthat
[Link]
regardingthetopologyofthenetworkimmediatelyaroundthedevicetoothernetworkdestinationsanditwilloften
includethemetric/[Link]
theroutingtablesNetworkRoute,[Link]
[Link]
usedifaphysicalrouterorothernetworkroutingdevicecannotfindarouteforthespecifieddestination.
Convergenceachievedwhenalloftheavailabletopologyinformationfromroutingdeviceshavebeenpassed
alongtoalloftheotherdeceivesintotalityandallwhentheinformationgatheredisnotinacontradictionstateto
anyotherrouter'[Link]"agree"onwhatthe
networktopologylookslikeitissaidtohavefullconvergence.

Domain1.7:CharacteristicsofWirelessStandards
WirelessnetworksallowcomputerstocomunicatewithouttheuseofcablesusingIEEE802.11standards,also
[Link],whichisusuallyaPCoraLaptopwithawirelessnetwork
interfacecard(NIC),andanAccessPoint(AP),whichactsasabridgebetweenthewirelessstationsandDistribution
System(DS)orwirednetworks.An802.11wirelessnetworkadaptercanoperateintwomodes,AdHocand
[Link],[Link]
[Link]
standards.
Standard Speed

Distance Frequency

802.11a

54mbps

100ft

5GHz

802.11b

11mbps

300ft

2.4GHz

802.11g

54mbps

300ft

2.4GHz

802.11n

540mbps 600ft

5GHzand/or2.4GHz

AuthenticationandEncryption:
[Link],it
hasbeenreplacedbyothertechnologies.
WPATheoriginalWPAstandardusedTKIP,butwaslaterreplacedbyWPA2whichusesamoresecureAES
basedalgorithm.WPAusesa256bitkeytoencryptdata.Thiskeymaybeenteredeitherasastringof64
hexadecimaldigits,[Link]
weakpassphraseisused.
RADIUSRemoteAuthenticationDialInUserService(RADIUS)isanetworkingprotocolthatprovides
centralizedAuthentication,Authorization,andAccounting(AAA)managementforcomputerstoconnectand
[Link]
internalnetworks,[Link]'sanswertocorporatewirelesssecurityistheuseof
RADIUSauthenticationthroughitsInternetAuthenticationServices(IAS)product.
TKIPTemporalKeyIntegrityProtocolwasdesignedasasolutiontoreplaceWEPwithoutrequiringthe
[Link]
secureencryptionschemes.

Domain2.0:NetworkMediaandTopologies
Domain2.1:StandardCableTypesandTheirProperties
CableTypes:
Type

Description

CAT3

Unshieldedtwistedpaircapableofspeedsupto10Mbit/s.Usedwith10BaseT,100BaseT4,and
100BaseT2Ethernet.

CAT4

Unshieldedtwistedpaircapableofspeedsupto20Mbit/[Link].Usedwith10BaseT,
100BaseT4,and100BaseT2Ethernet.

CAT5

Unshieldedtwistedpaircapableofspeedsupto100Mbit/s.Maybeusedwith10BaseT,100BaseT4,
100BaseT2,and100BaseTXEthernet.

CAT5e

EnhancedCat5issimilartoCAT5,[Link]
categoriesfrom100mto350m.Maybeusedfor10BaseT,100BaseT4,100BaseT2,100BaseTXand
1000BaseTEthernet.

CAT6

[Link](NearEnd
CrossTalk),PSELFEXT(PowerSumEqualLevelFarEndCrossTalk),andAttenuation.Cat6is
backwardcompatiblewithlowerCategorygradesandsupportsthesameEthernetstandardsasCat
5e.

Multimode [Link]
Fiber
theyarebestforshorterdistancesbecauseoftheirhigherattenuationlevels.
Single
Mode
Fiber

[Link]
[Link].

RG59and Thesearebothshieldedcoaxialcablesusedforbroadbandnetworking,cabletelevision,andother
RG6
uses.

Serial

Aserialcableisacablethatcanbeusedtotransferinformationbetweentwodevicesusingserial
communication,oftenusingtheRS232standard.TypicallyuseDsubminiatureconnectorswith9or
[Link],althoughshieldingcablesmayreduceelectricalnoiseradiatedby
thecable.

Shieldedtwistedpair(STP)[Link]
issignaloverflowfromanadjacentwire.
EMIElectricaldevicessuchasprinters,airconditioningunits,andtelevisionmonitorscanbesourcesof
electromagneticinterference,[Link].
StandardUTPcablehasminimalresistancetoEMI,whilefiberopticcableishighlyresistant.
Plenumgradecablingisrequiredifthecablingwillberunbetweentheceilingandthenextfloor(thisiscalled
theplenum).Plenumgradecablingisresistanttofireanddoesnotemitpoisonousgasseswhenburned.
SimplexSignalscanbepassedinonedirectiononly.
HalfDuplexHalfduplexmeansthatsignalscanbepassedineitherdirection,butnotinbothsimultaneously.
FullDuplexFullduplexmeansthatsignalscanbepassedineitherdirectionsimultaneously.

Domain2.2:CommonConnectorTypes
BNCThisconnectorhasfounduseswithbothbroadcasttelevisionequipmentand
[Link],thisconnectorwasusedonearly
10Base2(Thinnet)[Link]
[Link]
ringoutsidethetubelocksthecabletothefemaleconnector.
RJ11ShortforRegisteredJack11,afourorsixwireconnectorusedprimarilyto
connecttelephoneequipmentintheUnitedStates(POTS).Thecableitselfiscalled
category1(Cat1)andisusedfordialupconnections.Modemshaverj11jacksthat
connectthemtothewalloutlet.

RJ45ShortforRegisteredJack45,itisaneightwireconnectorusedcommonlyto
connectdevicesonEthernetLANs.RJ45connectorslooksimilartoRJ11connectors
usedforconnectingtelephoneequipment,buttheyarelarger.

STTheSTconnectorisafiberopticconnectorwhichuses
aplugandsocketwhichislockedinplacewithahalftwist
[Link]
[Link].
SCTheSCconnectorisafiberopticconnectorwithapushpulllatchingmechanism
[Link]
Connectorsarehalfduplex.

[Link]
connectors,LCconnectorsarehalfduplex.

RS232Astandardforserialbinarydatainterconnection
betweenaDTE(Dataterminalequipment)andaDCE(Data
communicationequipment).Commonlyfoundinusewithbar
codescanners,measuringtools,andlaboratoryinstruments
aredesignedtointerfacetoacomputerusingastandard
[Link]
DB9orDB25connector.

Domain2.3:CommonPhysicalNetworkTopologies
StarThestartopologyusestwistedpair(10baseTor100baseT)cablingandrequiresthatall
[Link],andfailuresdonotaffect
othersunlessitisthehub,[Link]
[Link],therearenocommunicationspossible.

MeshInatruemeshtopologyeverynodehasaconnectiontoeveryothernodeinthenetwork.
Afullmeshprovidesredundancyincaseofafailurebetweenlinks,butisimpracticalduethe
complexityandtheexpensiveamountofcablingrequired.

BusThistopologyisanoldoneandessentiallyhaseachofthecomputersonthenetworkdaisy
[Link],
andsimpletosetup,butcausesexcessnetworktraffic,afailuremayaffectmanyusers,and
problemsaredifficulttotroubleshoot.

RingAringtopologyhasaphysicalandlogicalringandisusedonSONETandFDDInetworks
(notethatTokenRingnetworksareactuallyahybridstarringtopology).Anystationcansenda
[Link]
[Link].
Howeverifanypartoftheringgoesdown,[Link]
station,[Link].
[Link]
topointissometimesreferredtoasP2P(notthesameaspeertopeerfilesharingnetworks),or
Pt2Pt,orvariationsofthis.ExamplesofthistopologyincludeRS232serialconnectionsaswellas
lasernetworkconnectionsbetweenbuildings.

PointtoMultipointAlsoknownasP2MP,thisisamethodofcommunicationbetweenaseries
[Link]
awirelessaccesspointthatprovidesaconnectiontomultipledevices.
HybridHybridtopologiesarecombinationsoftheaboveandarecommononverylarge
[Link],astarbusnetworkhashubsconnectedinarow(likeabusnetwork)and
hascomputersconnectedtoeachhubasinthestartopology.

Domain2.4:WiringStandards
568Aand568BThenumber568referstotheorderinwhichtheindividualwiresinsideaCAT5cableare
[Link]
differentpins.Thereisnodifferenceinsignalandboththe568Aand568BareusedaspatchcordsforEthernet
connections.
StraightthroughvsCrossoverAstraightthroughcableuseseitherthe568Aor568Bwiringstandardandis
usedforconnectingdevicestorouters,hubs,switches,[Link]
devicestogetherdirectly(i.e.connecting2computersdirectlytogether).Acrossovercableusesthe568Astandard
ononeendand568Bontheotherend.
RolloverRollovercable(alsoknownasCiscoconsolecable)isatypeofnullmodemcablethatismostcommonly
usedtoconnectacomputerterminaltoarouter'[Link].
Itgetsthenamerolloverbecausethepinoutsononeendarereversedfromtheother,asifthewirehadbeenrolled
overandyouwereviewingitfromtheotherside.
LoopbackAloopbackcableredirectstheoutputbackintoitselfandisusedfortroubleshootingpurposes(loopback
test).ThiseffectivelygivestheNICtheimpressionthatitiscommunicatingonanetwork,sinceitsabletotransmit
andreceivecommunications.

Domain2.5:WANTechnologyTypesandProperties
FrameRelayFramerelayisasecure,privatenetworkthatutilizesalogicalpathorvirtualcircuittoallocate
[Link]
communicatingdata,imaging,[Link]
bandwidthsfrom56KbpstofullT1(1.54Mbps).
T1/T3AT1isadedicatedphoneconnectionsupportingdataratesof1.544Mbps.AT1lineactuallyconsists
of24individualchannels,eachofwhichsupports64Kbitspersecond.Each64Kbit/secondchannelcanbe
[Link]
channels,knownasfractionalT1access.T1linesareapopularleasedlineoptionforbusinessesconnectingtothe
InternetandforInternetServiceProviders(ISPs)[Link]
itselfconsistsoffasterT3connections.T1comesineithercopperorfiberoptics.
ATMATMstandsforAsynchronousTransferModeandisahighspeed,packetswitchingtechniquethatuses
[Link],video,anddataoveravariablespeedLANandWAN
[Link]
traffictypessuchasvoice,video,imageanddata.
SONETSONETandSDHareasetofrelatedstandardsforsynchronousdatatransmissionoverfiberoptic
[Link]
[Link]
abaserateof51.84Mbpsandasetofmultiplesofthebaserateknownas"OpticalCarrierlevels."(OCx).Speeds
approaching40gigabitspersecondarepossible.
ISDNIntegratedServicesDigitalNetwork(ISDN)iscomprisedofdigitaltelephonyanddatatransportservices
[Link],whichpermits
voice,data,text,graphics,music,video,andothersourcematerialstobetransmittedoverexistingtelephone
wires.Thereare2typesofISDNchannels:
B(bearer)Transfersdataat64Kbps.AnISDNusuallycontains2Bchannelsforatotalof128kbps.
D(data)Handlessignallingateither16Kbpsor64Kbps(sometimeslimitedto56Kbps)whichenablestheB
channeltostrictlypassdata
Connection

Speed

Medium

ISDNBRI

64kbps/channel

Twistedpair

ISDNPRI

1,544kbps

Twistedpair

POTS

Upto56Kbps

Twistedpair

PSTN

64kbps/channel

Twistedpair

FrameRelay

56kbps45mbps

Varies

T1

1.544Mbps

Twistedpair,coaxial,oropticalfiber

ADSL

256Kbpsto24Mbps(ADSL2+)

Twistedpair

SDSL

1.544mbps

Twistedpair

VDSL

100mbps

Twistedpair

Cablemodem

512Kbpsto52Mbps

Coaxial

Satellite

1gbps(avg15mbps)

Air

T3

44.736Mbps

Twistedpair,coaxial,oropticalfiber

OC1

51.84Mbps

Opticalfiber

OC3

155.52Mbps

Opticalfiber

Wireless

1gbps

Air

ATM

10gbps

Opticalfiber

SONET

10gbps

Opticalfiber

PacketandCircuitSwitchingPacketswitchingreferstoprotocolsinwhichmessagesaredividedintopackets
[Link]
[Link],theyarerecompiledintotheoriginal
[Link](WAN)protocols,includingTCP/IPandFrameRelayarebasedonpacket
[Link],normaltelephoneserviceisbasedonacircuitswitchingtechnology,inwhicha
[Link]
[Link],
[Link]
intransmission,suchasemailmessagesandWebpages.

Domain2.6:LANTechnologyTypesandProperties
EthernetEthernetisthemostwidelyinstalledlocalareanetwork(LAN)[Link],IEEE
802.3,EthernetwasoriginallydevelopedbyXeroxfromanearlierspecificationcalledAlohanet(forthePaloAlto
ResearchCenterAlohanetwork)andthendevelopedfurtherbyXerox,DEC,[Link]
[Link],however,fiberopticcablingis
[Link]:
Connection
CableType
Type

Connector

Maximum
Speed
Length

10BaseT

Category3orbetter
UTPcable

RJ45

100
meters
(328ft)

10
mbps

100BaseTX

Cat5twistedpair

RJ45

100
meters
(328ft)

100
mbps

100BaseFX

FiberOptic

ST,SC

2000
meters

100
mbps

1000BaseT

CAT5eorhigher

RJ45

100
meters
(328ft)

1gbps

1000Base
LX

Laseroverfiber

SC

Upto
5000
meters

1gbps

1000Base
SX

Shortwavelengthlaser
overfiber

SC

Upto550
meters

1gbps

1000Base
CX

Twinaxorshorthaul
copper

9PinshieldedDsubminiatureconnector,or8pin
ANSIfiberchanneltype2(HSSC)connector.

25meters

1gbps

10GBASE
SR

Shortwavelaserover
multimodefiberoptics

LC,SC

300
meters

10
Gbps

10GBASE
LR

Laseroversinglemode
fiberoptics

LC,SC

2000
meters

10
Gbps

10GBASE
ER

Laserovereithersingle
ormultimodefiber

LC,SC

40
kilometers

10
Gbps

10GBASE
SW

Shortwavelaserover
multimodefiberoptics

LC,SC

300
meters

10
Gbps

10GBASE
LW

Laseroversinglemode
fiberoptics

LC,SC

2000
meters

10
Gbps

10GBASE
EW

Laserovereithersingle
ormultimodefiber

10GBASET

Cat5e(orhigher)
twistedpair

LC,SC

RJ45

40
kilometers

10
Gbps

100
meters
(328ft)

10
Gbps

CSMA/CD(CarrierSenseMultipleAccesswithCollisionDetection)Intheearlydaysofethernet,when
twohostswouldsendpacketsatthesametime,[Link]
[Link]
SenseMultipleAccesswithCollisionDetection,referredtoasCSMA/[Link]/CDforcescomputerstolistento
[Link],
[Link]
Ethernetsegmentthattherehasbeenacollision,andtheyshouldnotsenddataontothewire.
HowEthernetCSMA/CDWorks
Bonding(AKALinkAggregation,PortTrunking,EtherChannel,etc.)Usesmultiplenetworkcables/portsin
paralleltoincreasethelinkspeedbeyondthelimitsofanyonesinglecableorport,andtoincreasetheredundancy
forhigheravailability.

Domain2.7:CommonLogicalNetworkTopologies
PeertoPeerApeertopeernetworkisoneinwhichlacksadedicatedserverandeverycomputeractsasbotha
clientandaserver.Thisisagoodnetworkingsolutionwhenthereare10orlessusersthatareincloseproximityto
[Link],becausethepeoplesettingpermissionsforshared
resourceswillbeusersratherthanadministratorsandtherightpeoplemaynothaveaccesstotherightresources.
Moreimportantlythewrongpeoplemayhaveaccesstothewrongresources,thus,thisisonlyrecommendedin
situationswheresecurityisnotanissue.P2Pfilesharingnetworksworkunderasimilararchitecture,however,
therearedifferencesbetweenthemandtheLANnetworkingarchitecture.
Client/ServerThistypeofnetworkisdesignedtosupportalargenumberofusersandusesdedicatedserver/sto
[Link]/[Link]
canbemanagedby1ormoreadministratorswhichwhosetpermissionstotheservers'[Link]
networkalsoallowsforconvenientbackupservices,reducesnetworktrafficandprovidesahostofotherservices
thatcomewiththenetworkoperatingsystem.
VPNAvirtualprivatenetworkisonethatusesapublicnetwork(usuallytheInternet)toconnectremotesitesor
[Link].
Insteadofusingadedicated,realworldconnectionsuchasleasedline,aVPNuses"virtual"connectionsrouted
throughtheInternetfromthecompany'sprivatenetworktotheremotesiteoremployee.
VLANAvirtualLANisalocalareanetworkwithadefinitionthatmapsworkstationsonabasisotherthan
geographiclocation(forexample,bydepartment,typeofuser,orprimaryapplication).ThevirtualLANcontroller
canchangeoraddworkstationsandmanageloadbalancingandbandwidthallocationmoreeasilythanwitha
[Link]
areanetworkwiththeactualphysicalpicture.

Domain2.8:InstallcomponentsofWiringDistribution
VerticalCrossConnectisalocationwithinabuildingwherecablesoriginateand/orareterminated,
reconnectedusingjumpersorpassthroughsorareconnectedtopatchpanelsorothersimilardeviceswherethe
[Link]
mediumssuchasphonenetworks,datalines,copperbased,fiberchannel,etc.
HorizontalCrossConnectsimilartoVerticalCrossConnectlocationsthesearewithinabuildingwherecables
originateand/[Link]
CrossConnectconfigurations,theselocationscanbeofmultipledifferentnetworktypesandmediums.
PatchPanelwallorrackmountedcollectionofdataconnectionswhereallofthenetworkmediaconverges.
Theseroomsaregenerallysomeformoftelecommunicationsclosetinafacilityanditisusedtoconnectallofthe
[Link]
theyaresometimesreferredtoasHorizontalCrossConnectlocationsandwhentheyspandifferentlevelsofa
location/[Link]
PatchPanelroomwilloftenbetheconnectionpointfortheLANtobeconnectedtotheWANand/ortheinternet.
66Blockisalegacytypeofpunchdownblockusedtoconnectsetsof22through26AmericanWireGauge
(AWG)solidcopperwireinatelephonesystem.Theyhavea25pairstandardnonsplitcapacityandgenerallyare
unsuitedfortrafficanddatanetworkcommunicationsabove10megabitspersecond(Mbps).

MainDistributionFrame(MDF)isawiredistributionframeforconnectingequipmentinsideafacilitytocables
[Link]
afacilityisruntoplannedphonelocations([Link])[Link]
theexternalconnectionsthenallcircuitsarecompleted.
IntermediateDistributionFrame(IDF)isanotherplacemuchlikeaHorizontalCrossConnectlocationora
VerticalCrossConnectlocationwherenetworkadministratorscanphysicallychangethenetworkmediaaroundand
wheretheycanhouseotherneedednetworkequipmentsuchasrouters,switches,repeatersandsoforth.
25Pairisagroupingof25pairsofwiresallinsideasinglecovering/[Link]
suitedfortelephone/voicecablerunsratherthandatacablerunsandisgenerallyusedasafeedercable.
100Pairisalargercablingsegmenttoits25paircousinbutusedinthesamemannerallofthe100pairsof
wiresareinsideasinglecovering/[Link]/voicecable
runsratherthandatacablerunsandisgenerallyusedasafeedercable.
110Blockisthemoremodernreplacementofthelegacy66Blockandisusedasawiringdistributionpointfor
wiredtelephonesystems(voice)andothertypesofwirednetworking(data).Ononesideoftheblockwiresare
puncheddownintoRJ11connectorsforvoiceandRJ45connectorsfordatacommunications.
[Link]
MainDistributionFrame(MDF)[Link]
insideafacilitytocablesandsubscribercarrierequipmentoutsideofthefacilityoccursandthisisconsidereda
demarcationpointoftheoperationalcontroloftheinternalsystemswhereitchangesovertothecontrolofthe
externalpresence.
DemarcExtensionwheretheendofthelineoftheexternaladministrativecontrolisextendedbeyondthat
actualendpoint.Exampleyouareonebusinessinsideofalargehighrisebuildingonthe15thflooronlyandthe
MainDistributionFrame(MDF)[Link]
DistributionFrame(IDF)onyourfloorandtheexternaladministration(examplePhoneCompany)endsatthe
MainDistributionFrame(MDF)[Link]
betweentheMainDistributionFrame(MDF)onthegroundfloorandyourIntermediateDistributionFrame(IDF)on
[Link]
SmartJackisanetworkconnectiondevicethatisusedtoconnectyourinternalnetworktoanexternalservice
[Link]
theactualdemarcationpointbetweenthetwoserviceentities.
[Link]
phoneanddatalinestotherunningoffiberopticmediumfromthedifferentcrossconnectlocations.
WiringTerminationistheendpointofnetworkedcablerunsthatwillgenerallyendeitherinapatchpanelora
jacklocationinanoffice.ThishashistoricallybeenthecopperwirerunsassociatedwithphonelinestotheRJ11
jacks/[Link]
aswellwhichrequiresahighersetofskilllevel.

Domain3.0:NetworkDevices
Domain3.1:CommonNetworkDevices
HubAphysicallayernetworkdeviceusedtoconnectmultipleEthernetdevicestogether.
Activehubsactasarepeaterandboostthesignalinordertoallowforittotravelfarther,while
[Link]
toconnecttootherhubs,arouter,orothernetworkdevices.
Repeater:Aphysicallayerdevicethatboostssignalsin
ordertoallowasignaltotravelfartherandprevent
[Link]
[Link]
segmentsmustusethesameaccessmethod,whichmeansthatyoucan't
[Link]
theimage.

ModemThemodemisadevicethatconvertsdigitalinformationtoanalogbyMODulatingiton
thesendingendandDEModulatingtheanaloginformationintodigitalinformationatthe
[Link],however,theycanbeinternalorexternal.
ExternalmodemsareconnectedtothebackofthesystemboardviaaRS232serialconnection.
Internalmodemsareinstalledinoneofthemotherboard'sPCIorISAexpansionslotsdepending
[Link]
differenttransmissionmodesasfollows:
SimplexSignalscanbepassedinonedirectiononly.
HalfDuplexHalfduplexmeansthatsignalscanbepassedineitherdirection,butnotinboth
[Link].
FullDuplexFullduplexmeansthatsignalscanbepassedineitherdirectionsimultaneously.
[Link]
[Link],theBitsPerSecond(BPS)
[Link]
areV.34at28.8kbps,V.34+at33.6kbpsandV.90at56Kbps.
NetworkInterfaceCardANetworkInterfaceCard,oftenabbreviatedasNIC,isan
expansionboardyouinsertintoacomputersothecomputercanbeconnectedtoa
[Link],protocolandmedia,
althoughsomecanservemultiplenetworks.
MediaConverterssimplenetworkingdevicesthatmakeit
possibletoconnecttwodissimilarmediatypessuchastwisted
[Link],
andareimportantininterconnectingfiberopticcablingbasedsystemswithexisting
copperbased,[Link]
[Link]
datacommunicationprotocolsincludingEthernet,FastEthernet,GigabitEthernet,
T1/E1/J1,DS3/E3,aswellasmultiplecablingtypessuchascoax,twistedpair,multimodeandsinglemodefiber
[Link]
chassissystemsthatoffermanyadvancedfeaturesfornetworkmanagement.
SwitchAswitchisanetworkdevicethatfiltersandforwardspacketsbetween
LANsegmentsandensuresthatdatagoesstraightfromitsorigintoitsproper
[Link],and
[Link]
[Link]
[Link]'tsmartenoughtosenddataouttotheinternet,[Link].
BridgeFunctionsthesameasarepeater,butcanalsodivideanetworkinorderto
[Link]([Link]
andethernet).[Link]
can'[Link]
methods:
TransparentOnlyonebridgeisused.
SourceRouteBridgingaddresstablesarestoredoneachPConthenetwork
SpanningTreePreventsloopingwherethereexistsmorethanonepathbetweensegments
WirelessAccessPointAWirelessAccessPointisaradiofrequencytransceiverwhichallowsyour
[Link],andcan
relaydatabetweenthewirelessdevices(suchascomputersorprinters)andwireddevicesonthe
[Link]
[Link]
standards,seedomain1.7.
RouterFunctioningatthenetworklateroftheOSImodel,arouteris
similartoaswitch,butitcanalsoconnectdifferentlogicalnetworksor
subnetsandenabletrafficthatisdestinedforthenetworksontheother
[Link]
theavailableroutesandcanbeconfiguredtousevariousroutingprotocolstodeterminethebestrouteforagiven
[Link]
securityfunctionsoveraswitch.

FirewallEitherahardwareorsoftwareentity(oracombinationofboth)that
[Link]
cases,afirewallisplacedonthenetworktoallowallinternaltraffictoleavethe
network(emailtotheoutsideworld,webaccess,etc.),butstopunwantedtraffic
[Link]
grantinganddenyingaccesstoresourcesbasedonasetofconfigurablerules.
DHCPServerAserverthatisresponsibleforassiginguniqueIPaddresstothe
[Link]
[Link]
servicethatisfoundonnetworkoperatingsystemssuchasWindows2002/2008server,oronnetworkdevices
suchasrouters.

Domain3.2:SpecializedNetworkDevices
MultilayerSwitchAmultilayerswitch(MLS)isacomputernetworkingdevicethatswitchesonOSIlayer2like
[Link]
betweenVLANand/[Link](atwirespeed).
SomeswitchescanuseuptoOSIlayer7packetinformationtheyarecalledlayer47switches,contentswitches,
webswitchesorapplicationswitches.
ContentSwitchThemainfunctionofacontentswitchistoinspectthenetworkdatathatitreceivessothatit
candecidewhereonthenetworkthatdata(orrequest)[Link]
[Link]
[Link]
[Link]
ofthisapproachisthattheswitchactsasaloadbalancerasitcanbalancedataorrequestsacrossthedifferent
[Link]
[Link]
[Link]
[Link].
IDS/[Link]
adevice(orapplication)thatmonitorsnetworkand/orsystemactivitiesformaliciousactivitiesorpolicyviolations.
IDSisapassivesystemthatgivesalertswhensomethingsuspiciousisdetectedandlogstheeventsintoadatabase
[Link],ontheotherhand,sitsinlinewithtrafficflowsonanetwork,activelyshuttingdownattempted
[Link]
originatingtheattack,byblockingaccesstothetargetfromtheuseraccount,IPaddress,orotherattribute
associatedwiththatattacker,orbyblockingallaccesstothetargetedhost,service,[Link]
increasinglycombiningthetwotechnologiesintoasinglebox,[Link]
with,notinsteadof,afirewall.
LoadBalancerAloadbalancerisahardwareand/[Link]
balancingisusedtodistributeworkloadsevenlyacrosstwoormorecomputers,networklinks,CPUs,harddrives,or
otherresources,inordertogetoptimalresourceutilization,maximizethroughput,minimizeresponsetime,and
[Link],insteadofasinglecomponent,mayincrease
[Link],Googlereceivesmany,manymoresearchrequeststhanasingle
servercouldhandle,sotheydistributetherequestsacrossamassivearrayofservers.
MutlifunctionNetworkDevicesAsyoumightguess,multifunctionnetworkdevicescombinethefunctionof
[Link]
following:firewall,DHCPserver,wirelessaccesspoint,switch,gateway,androuter.
[Link]
internetisbasedonnumericalIPaddresses,[Link]
[Link]
[Link],theychecktheirdatabaseandgiveyouthephone
[Link](Windows2003/2008,Linux,etc.)andnetwork
devicessuchasrouters.
[Link]
[Link],administratorscancontrol
whousesbandwidth,forwhat,[Link]
[Link]:monitoringand
[Link]
informationisobtained,administratorscancustomizeorshapebandwidthusageforthebestneedsofthenetwork.
IamunawarewhyCompTIAlistedthisinthe"networkdevices"sectionoftheirobjectives,butbandwidthshapers
aretypicallysoftware.

ProxyServerAproxyserveractsasamiddlemanbetweenclientsandtheInternetprovidingsecurity,
administrativecontrol,[Link]
filteringrequirements,[Link]
foundincache,[Link]
isnotinthecache,[Link],thefunctionsof
proxyserversareoftenbuiltintofirewalls.
CSU/DSUAChannelServiceUnit/DataServiceUnit(CSU/DSU)actsasatranslatorbetweentheLANdata
[Link]
[Link]/DSU'slooksimilartomodems,theyarenotmodems,andthey
don'tmodulateordemodulatebetweenanaloganddigital.Alltheyreallydoisinterfacebetweena56K,T1,orT3
lineandserialinterface(typicallyaV.35connector)[Link]
CSU/DSUsbuiltintothem.

Domain3.3:AdvancedFeaturesofaSwitch
PoEGenerallyspeaking,PoweroverEthernettechnologydescribesasystemtosafelypasselectricalpower,along
withdata,[Link]
powersupplywithinaPoEenablednetworkingdevicesuchasanEthernetswitchorfromadevicebuiltfor
"injecting"[Link],LANaccesspoints,andWiFiswitchestoRFIDreadersand
[Link]
[Link],PoEusesonlyonetypeofconnector,an8P8C(RJ45),whereas
therearefourdifferenttypesofUSBconnectors.
SpanningTreeProtocolSpanningTreeisoneofthreebridgingmethodsanetworkadministratorcanuse.
[Link]
bridging,[Link],inwhichbridging
[Link],spanningtree,which
[Link]
TreeProtocol(RSTP).
[Link],aswitchcancreatethebroadcast
[Link],independentofphysicallocationtobecreated.

TrunkingVLANsarelocaltoeachswitch'sdatabase,andVLANinformationisnotpassedbetweenswitches.
[Link](VTP)is
theprotocolthatswitchesusetocommunicateamongthemselvesaboutVLANconfiguration.

PortMirroringUsedonanetworkswitchtosendacopyofnetworkpacketsseenononeswitchport(oran
entireVLAN)[Link]
appliancesthatrequiremonitoringofnetworktraffic,suchasanintrusiondetectionsystem.
PortAuthenticationTheIEEE802.1xstandarddefines802.1xportbasedauthenticationasaclientserver
basedaccesscontrolandauthenticationprotocolthatrestrictsunauthorizedclientsfromconnectingtoaLAN
[Link]
makingavailableanyservicesofferedbytheswitchortheLAN.

Domain3.4:ImplementaBasicWirelessNetwork
InstallClienttheactualstepstakentosetupacomputer,laptoporothernetworkconnecteddevicetothe
[Link]/IPormoreinvolvedsuchas
installingasoftwaresuitesothatspecificnetworkparameterscanbeleveragedforproperconnectivitytonetwork
resourcesorresourcesonthedomain.
NetworkConnectionsDialogBoxusedtoconfiguredifferentaspectsofthenetworkconnectionsbywayofa
graphicaluserinterface(GUI)withintheMicrosoftWindowsoperatingsystems(WindowsXP,WindowsVista,Server
2003,etc).Withrespecttopeertopeernetworks,youcanusetheNetworkTaskspanetoCreateaNew
Connection,SetupaHomeorsmallofficenetworkaswellaschangetheWindowsFirewallsettingsandview
availablewirelessnetworks.
WirelessNetworkConnectionDialogBoxthegraphicaluserinterface(GUI)withintheMicrosoftWindows
[Link]
thespecifichardwaresettings(parameters,drivers,etc)aswellastheprotocols([Link]/IP)andthenetwork
clientthatthedevicewilluse([Link]).Additionally,youcaninstallservicesfromthis
screenaswell([Link]).TheWirelessNetworkstabwillshowyoutheavailable
networksandallowyoutoconfigurepreferenceforeachofthenetworksencountered.
AccessPointPlacementcorrectlypositioningyourWirelessAccessPointswillallowfortheseamlessuseof
[Link],userswillnotgenerallyexperiencesignallossof
[Link]
accesspointsignalwithrespecttobroadcastandreceivingstrengththatincludetheconstructionandarchitecture
ofthebuildingwherethedevicesaredistributedaswellasgeneraldisruptionofthefrequencyrangethatthe
accesspointsoperateonbyotherdevices([Link],cordlessphones,etc).
PhysicalLocationsofWirelessAccessPoints(WAPs)deviceplacementbestpracticesincludeplanningfor
[Link]
obstructionsmaybecurrentlyintheway(physicalfirebreaksinbetweenwallsmetalsuperstructure,etc)aswell
[Link]
aswelltokeepinterferencetoaminimum.
WiredorWirelessConnectivityplanningforWAPtoWAPconnectionsonlyoramixofwiredandwireless
[Link]
[Link]
moreintimemoneyandefforttoconnecttheWAPsusingwiredconnectionsbacktoaswitchorarouterbutit
greatlyreducesthepotentialconnectivelylossonthenetworkthelossofasingleWAPwheretheWAPsarewired

backresultsinonlyimpactingtheusersofthatoneWAPinsteadofallWAPsupanddownstream.
InstallAccessPointanothertermfortheWirelessAccessPoint(s)thatwillallowyoutocorrectlygainaccessto
[Link]
necessaryencryption(ifrequired)andanyothernetworkrequiredsettingsorelseriskbeingdefaultedoffthe
network.
[Link]
[Link](WEP)isthelowestformofthe
typesofencryptionavailableandisgenerallyonlyusedtodaytoallowlegacydevicesthatcannothandlemore
[Link]
defeatedforanumberofyearsmainlyduetotheincreaseincomputingpowerandthefactthatthekeysare
alphanumericorhexadecimalcharactersthatareconfiguredin40bit,64bit,128bit,153bitand256bitstrength.
WiFiProtectedAccess(WPA)wascreatedbytheWiFiAlliancetobettersecurewirelessnetworksandwascreated
inresponsetotheweaknessesresearchersfoundinWiredEquivalentPrivacy(WEP).TemporalKeyIntegrity
Protocol(TKIP)isusedinWPAtoencrypttheauthenticationandencryptioninformationthatwasinitiallypassedon
[Link]
Accessversion2(WPA2)offersadditionalprotectionbecauseitusesthestrongestauthenticationandencryption
algorithmsavailableintheAdvancedEncryptionStandard(AES).
ConfiguringChannelsandFrequenciesmostwirelessroutersworkinthe2.4GHzfrequencyrangeand
requirenetworkadministratorstosetupthechannelsforthedevicestouse.1,6and11arethemainchannels
usedbecausetheygenerallywillnotbeinterferedwithfromotherdevicessuchascordlessphonesandBluetooth
devicesthatalsoworkatthisfrequencyrange.
SettingESSIDandBeaconExtendedServiceSetidentifier(ESSID)istheadvertisementfromtheWireless
[Link]
signalthatissentoutiscalledthebeacon.
VerifyingInstallationtheprocessthatisoutlinedformakingsurethatallthesettingsneededtoconnecta
[Link]
AccessPoint(WAP)[Link]
successfulyouwouldthenincorporatethesecurityprotocolthatyouwantedtouseandtomakesuretheclientcan
[Link]
successfullyrepeatthesamestepstoaccessthenetworksecurelyandwiththetrafficencrypted.

Domain4.0:NetworkManagement
Domain4.1:OSIModel
[Link],andallthelayerswork
togethertoprovidenetworkdatacommunication.
Layer

Description

Application

Representsuserapplications,suchassoftwareforfiletransfers,databaseaccess,[Link]
handlesgeneralnetworkaccess,flowcontrol,[Link]
interfaceforsoftwaretoaccessthenetworkandadvertisesthecomputersresourcestothe
network.

DeterminesdataexchangeformatsandtranslatesspecificfilesfromtheApplicationlayerformat
Presentation [Link],datatranslation,
encryption,charactersetconversion,andgraphicscommandexpansion.

Session

Handlessecurityandnamerecognitiontoenabletwoapplicationsondifferentcomputersto
[Link](rare),half
[Link]:establishment,data
transferandtermination.

Transport

Providesflowcontrol,errorhandling,andisinvolvedincorrectionoftransmission/reception
[Link],combinessmallpacketsintolarger
onesfortransmission,andreassemblesincomingpacketsintotheoriginalsequence.

Network

[Link]
[Link]
ofspecifyingaserviceaddress(sockets,ports)topointthedatatothecorrectprogramonthe
destinationcomputer.

Theinterfacebetweentheupper"software"layersandthelower"hardware"[Link]
[Link]
DataLinklayerisdividedintotwosublayers:theMediaAccessControl(MAC)sublayerandthe
LogicalLinkControl(LLC)sublayer.
DataLink

Physical

LLCsublayerstartsmaintainsconnectionsbetweendevices([Link]).
[Link]
physicaldevice(MAC)addressesforcommunicatinglocally(theMACaddressofthenearest
routerisusedtosendinformationontoaWAN).
Thespecificationforthehardwareconnection,theelectronics,logiccircuitry,andwiringthat
[Link]
[Link].

Hereisanidiotic,[Link]
sentence:[Link]
thelayersstartingwithApplicationandendingwiththephysicallayer.

Domain4.3:EvaluatetheNetworkBasedonConfigurationManagement
Documentation
Thetopicscoveredinthissectionareeitheralreadycoveredelsewhere,oraretooexpansiveforthepurposesofthis
[Link](s)formoreinformationaboutthesetopics.

Domain4.4:ConductNetworkMonitoringtoIdentifyPerformanceandConnectivity
Issues
Thetopicscoveredinthissectionareeitheralreadycoveredelsewhere,oraretooexpansiveforthepurposesofthis
[Link](s)formoreinformationaboutthesetopics.

Domain4.5:ExplainDifferentMethodsandRationalesforNetworkPerformance
Optimization
QualityofService(QoS)isasetofparametersthatcontrolsthelevelofqualityprovidedtodifferenttypesof
[Link],signalloss,noisethatcanbe
accommodatedforaparticulartypeofnetworktraffic,bandwidthpriority,andCPUusageforaspecificstreamof
[Link]
receiverenterintoanagreementknownastheServiceLevelAgreement(SLA).InadditiontodefiningQoS
parameters,theSLAalsodescribesremedialmeasuresorpenaltiestobeincurredintheeventthattheISPfailsto
providetheQoSpromisedintheSLA.

TrafficShaping(alsoknownas"packetshaping"orITMPs:InternetTrafficManagementPractices)isthecontrol
ofcomputernetworktrafficinordertooptimizeorguaranteeperformance,increase/decreaselatency,and/or
[Link],trafficshapingisany
actiononasetofpackets(oftencalledastreamoraflow)whichimposesadditionaldelayonthosepacketssuch
thattheyconformtosomepredeterminedconstraint(acontractortrafficprofile).Trafficshapingprovidesameans
tocontrolthevolumeoftrafficbeingsentintoanetworkinaspecifiedperiod(bandwidththrottling),orthe
maximumrateatwhichthetrafficissent(ratelimiting),[Link]
beaccomplishedinmanywaysandformanyreasonshowevertrafficshapingisalwaysachievedbydelaying
[Link],butcan
alsobeappliedbythetrafficsource(forexample,computerornetwork
card[Link]
thedistinctbutrelatedpracticeofpacketdroppingandpacketmarking.

LoadBalancingisatechniquetodistributeworkloadevenlyacrosstwoormorecomputers,networklinks,
CPUs,harddrives,orotherresources,inordertogetoptimalresourceutilization,maximizethroughput,minimize
responsetime,[Link],insteadofasinglecomponent,
[Link]
orhardwaredevice(suchasamultilayerswitchoraDNSserver).

HighAvailability(akaUptime)referstoasystemorcomponentthatiscontinuouslyoperationalforadesirably
[Link]"100%operational"or"neverfailing."Awidelyheldbut
difficulttoachievestandardofavailabilityforasystemorproductisknownas"five9s"(99.999percent)
availability.

Sinceacomputersystemoranetworkconsistsofmanypartsinwhichallpartsusuallyneedtobepresentinorder
forthewholetobeoperational,muchplanningforhighavailabilitycentersaroundbackupandfailoverprocessing
[Link],aredundantarrayofindependentdisks(RAID)[Link]
recentapproachisthestorageareanetwork(SAN).
Someavailabilityexpertsemphasizethat,foranysystemtobehighlyavailable,thepartsofasystemshouldbe
[Link],anewapplicationprogramthathasnot
beenthoroughlytestedislikelytobecomeafrequentpointofbreakdowninaproductionsystem.

CacheEngine(akaserver)isadedicatednetworkserverorserviceactingasaserverthatsavesWebpagesor
[Link],orcache,acache
serverbothspeedsupaccesstodataandreducesdemandonanenterprise'[Link]
userstoaccesscontentoffline,[Link]
"cacheengine."Acacheserverisalmostalwaysalsoaproxyserver,whichisaserverthat"represents"usersby
[Link],thisisbecauseenterpriseresourcesare
[Link].
[Link],itisinapositiontoalsocache
[Link],theproxyandcacheserversareinvisibleall
InternetrequestsandreturnedresponsesappeartobecomingfromtheaddressedplaceontheInternet.(The
proxyisnotquiteinvisibleitsIPaddresshastobespecifiedasaconfigurationoptiontothebrowserorother
protocolprogram.)

Faulttolerancedescribesacomputersystemorcomponentdesignedsothat,intheeventthatacomponent
fails,[Link]
beprovidedwithsoftware,orembeddedinhardware,[Link]
implementation,theoperatingsystemprovidesaninterfacethatallowsaprogrammerto"checkpoint"criticaldata
[Link](forexample,withStratusandits
VOSoperatingsystem),theprogrammerdoesnotneedtobeawareofthefaulttolerantcapabilitiesofthe
machine.
Atahardwarelevel,[Link]
processorsare"lockstepped"[Link],
thefaultycomponentisdeterminedandtakenoutofservice,butthemachinecontinuestofunctionasusual.

ParametersInfluencingQOS
Bandwidthistheaveragenumberofbitsthatcanbetransmittedfromthesourcetoadestinationoverthe
networkinonesecond.
Latency(AKA"lag")istheamountoftimeittakesapacketofdatatomoveacrossanetworkconnection.
Whenapacketisbeingsent,thereis"latent"time,whenthecomputerthatsentthepacketwaitsforconfirmation
[Link]
[Link](thetimefromthesource
sendingapackettothedestinationreceivingit),orroundtrip(theonewaylatencyfromsourcetodestinationplus
theonewaylatencyfromthedestinationbacktothesource).Roundtriplatencyismoreoftenquoted,becauseit
[Link]
[Link]
[Link]
packet([Link]),thusitisarelativelyaccuratewayofmeasuringlatency.
Whereprecisionisimportant,onewaylatencyforalinkcanbemorestrictlydefinedasthetimefromthestartof
[Link]
[Link]
dependsonthethroughputofthelinkandthesizeofthepacket,andisthetimerequiredbythesystemtosignal
thefullpackettothewire.
Someapplications,protocols,andprocessesaresensitivetothetimeittakesfortheirrequestsandresultstobe
[Link]
includeVOIP,videoconferencing,[Link],highlatencycanmeananannoying
[Link]
managementtechniquessuchasQoS,loadbalancing,trafficshaping,andcachingcanbeusedindividuallyor
[Link]
monitoringthosedevicesthataresusceptibletolatencyissues,youcanprovideahigherlevelofservicetoend
users.

[Link]
thenamesuggests,[Link],phase
timing,[Link]"theperiodfrequencydisplacementofthe
signalfromitsideallocation."Amongthecausesofjitterareelectromagneticinterference(EMI)andcrosstalkwith
[Link]
toperformasintendedintroduceclicksorotherundesiredeffectsinaudiosignals,andlossoftransmitteddata
[Link].

[Link]
causenoticeableeffectsinalltypesofdigitalcommunications.
Theeffectsofpacketloss:
Intextanddata,packetlossproduceserrors.
Invideoconferenceenvironmentsitcancreatejitter.
Inpureaudiocommunications,suchasVoIP,itcancausejitterandfrequentgapsinreceivedspeech.
Intheworstcases,packetlosscancauseseveremutilationofreceiveddata,brokenupimages,unintelligible
speechoreventhecompleteabsenceofareceivedsignal.
Thecausesofpacketlossincludeinadequatesignalstrengthatthedestination,naturalorhumanmade
interference,excessivesystemnoise,hardwarefailure,[Link]
[Link],concealmentmaybe
usedtominimizetheeffectsoflostpackets.

[Link]
[Link]
source,[Link],networktechnicianscanintroduceanecho
[Link].

HighBandwidthApplicationsAhighbandwidthapplicationisasoftwarepackageorprogramthattendsto
[Link]
increase,bandwidthissueswillbecomemorefrequent,[Link]
combattheeffectsoftheseapplicationsonanetworkistomanagetheamountofbandwidthallocatedtothem.
ThisallowsuserstostillusetheapplicationswithoutdegradingtheQoSofnetworkservices.
Examples:
ThinClients
VoiceoverIP
RealTimeVideo
Multimedia

Domain4.6:ImplementtheFollowingNetworkTroubleshootingMethodology
GatherInformationontheProblem
Inacontactcenternetwork,problemsaretypicallydiscoveredandreportedbyoneofthefollowingtypesofusers:
Externalcustomersdialingintoacallcentertoorderproducts,obtaincustomerservice,andsoforth.
Internalagentsreceivingincomingcallsfromacallqueueorinitiatingoutboundcollectioncallstocustomers.
InternalusersusingadministrativephonestocallemployeesinothercompanylocationsorPSTN
destinations,andperformbasicactionssuchascalltransfersanddialingintoconferences.
Asthenetworkadministrator,youmustcollectsufficientinformationfromtheseuserstoallowyoutoisolatethe
[Link],[Link],youmayconsider
[Link]
[Link]
electronicallywillalsopermityoutoretrieveandreexaminethisinformationinthefuture,shouldtheproblem
repeatitself.
IdentifyTheAffectedArea
Determineiftheproblemislimitedtooneworkstation,orseveralworkstations,oneserver,onesegment,orthe
[Link],theproblemismostlikelyattheworkstation.
Ifgroupsofworkstationsareaffected,theproblemmightlieatapartofthenetworkthatusersallhavein

common,suchasaparticularsoftwareapplicationordatabase,aserver,thenetworksegment,orthenetwork
configuration.
DetermineIfAnythingHasChanged
Todeterminewhathaschanged,askquestionsuchas:
Couldyoudothistaskbefore?Ifthisisanewtask,perhapstheuserneedsdifferentsysetmpermissions,or
additionalhardwareofsoftware.
Ifyoucoulddoitbefore,whendidyoufirstnoticeyoucouldntdoitanymore?Trydofindoutwhat
happenedjustbeforetheproblemcameup,oratleasttrytopinpointthetime,sincethesourceofthe
problemmightberelatedtootherchangeselsewhereonthenetwork.
Whathaschangedsincethelasttimeyouwereabletodothistask?Userscangiveyouinformationabout
[Link],Did
someoneaddsomethingtoyourcomputer?orDidyoudosomethingdifferentlythistime?.
EstablishTheMostProbableCause
Toestablishthemostprobablecause,[Link],startingwiththe
[Link]
[Link]
resolvetheissueonthespot.
DetermineIfEscalationIsNecessary
Whiletroubleshootinganetworkproblem,youmightfindthecauseoftheproblemisnotanissuethatcanbe
[Link]
specializedknowledge,[Link]
cases,[Link]
ActionPlanandSolution,IdentifyingPotentialEffectOnceyouhavedeterminedtheprobablecause,youshould
createanactionplanbeforechangesaremade,detailingeachsteptakenwhileattemptingtoresolvetheissue.
Oneshouldalsobecertainthattheoriginalstate(beforetroubleshooting)canbereturnedtoincasethingsdonot
[Link]
canhelpensureproductivitydoesntsufferandthatdowntimeisminimized.
ImplementandTesttheSolution
[Link],youwillbeunable
[Link]
[Link]
[Link].
Sometimestestingovertimeisneededtoensurethesolutionisthecorrectone.
IdentifytheResultsandEffectsoftheSolution
Verifythattheuseragreesthattheproblemissolvedbeforeyouproceedwithfinaldocumentationandclosingthe
[Link],andthesolutionwaswellthoughtoutanddocumented,theremight
[Link]
majorchangewasmade,itisadvisabletocontinuemonitoringandtestingforseveraldaysorevenweeksafterthe
problemappearstoberesolved.
DocumenttheProcessandSolution
[Link]
[Link]
[Link]
[Link]
ensurealltroublereportsareaccurateandconsistentnomatterwhocompletesthem.

Domain4.7:TroubleshootCommonConnectivityIssuesandSelectanAppropriate
Solution
Crosstalk
Symptoms:Slownetworkperformanceand/[Link]
applications,usershearpiecesofvoiceorconversationsfromaseparateline.
Causes:Generallycrosstalkoccurswhentwocablesruninparallelandthesignalofonecableinterfereswiththe
[Link].
Resolution:[Link]
distancebetweencablescanalsohelp.
NearEndCrosstalk
Symptoms:Signallossorinterference

Causes:[Link]
neartheterminatingconnector.
Resolution:[Link]
thecableisterminatedproperlyandthatthetwistsinthepairsofwiresaremaintained.
Attenuation
Symptoms:Slowresponsefromthenetwork.
Causes:Attenuationisthedegradationofsignalstrength.
Resolution:Useshortercableruns,addmoreaccesspoints,and/oraddrepeatersandsignalboosterstothecable
[Link],[Link]
spectrumused.
Collisions
Symptoms:Highlatency,reducednetworkperformance,andintermittentconnectivityissues.
Causes:CollisionsareanaturalpartofEthernetnetworkingasnodesattempttoaccessshredresources.
Resolution:[Link],replacingahubwithaswitchwilloftensolvetheproblem.
Shorts
Symptoms:Electricalshortscompletelossofsignal.
Causes:Twonodesofanelectricalcircuitthataremeanttobeatdifferentvoltagescreatealowresistance
connectioncausingashortcircuit.
Resolution:[Link].
OpenImpedanceMismatch
Symptoms:Alsoknownasecho,thetelltalesignofopenmismatchisanechooneitherthetalkerorlistenerend
oftheconnection.
Causes:Themismatchingofelectricalresistance.
Resolution:[Link],interpretthesymptoms,anddeterminethe
rootcauseinordertocorrectthecause.
Interference
Symptoms:Crackling,humming,[Link],lowthroughput,network
degradation,andpoorvoicequalityarealsosymptomsofinterference.
Causes:RFIcanbecausedbyanumberofdevicesincludingcordlessphones,BlueToothdevices,cameras,paging
systems,unauthorizedaccesspoints,andclientsinadhocmode.
Resolution:[Link]
[Link],testareaspriorto
deploymentusingtoolssuchasspectrumanalyzers.
PortSpeed
Symptoms:Noorlowspeedconnectivitybetweendevices.
Causes:Portsareconfiguredtooperateatdifferentspeedsandarethereforeincompatiblewitheachother.
Resolution:[Link],ifa
switchisrunningat100Mbs,butacomputersNICcardrunsat10Mbs,thecomputerwillrunattheslowerspeed
(10Mbs).Replacethecardwithonethatrunsat100Mbsandthroughputwillbeincreasedtothehigherlevel(or
atleasthigherlevelssincetherearevariablessuchasnetworkcongestion,etc.)
PortDuplexMismatch
Symptoms:Latecollisions,alignmenterrors,andFCSerrorsarepresentduringtesting.
Causes:[Link]
[Link]:
[Link]
upgradeoneofthedevices.

IncorrectVLAN
Symptoms:Noconnectivitybetweendevices.
Causes:DevicesareconfiguredtousedifferentVLANs
Resolution:ReconfiguredevicestousethesameVLAN.
IncorrectIPAddress
Symptoms:Noconnectivitybetweendevices.
Causes:EitherthesourceordestinationdevicehasanincorrectIPaddress.
Resolution:[Link]
[Link],forexample,twocomputerscouldhaveleasedthesame
[Link]/IPconfigurationinformationusingipconfig/allonWindowmachinesandifconfigon
Linux/UNIX/[Link](itmaybeoffline,etc.).Itcouldbethecasethata
[Link].
WrongGateway
Symptoms:Noconnectivitybetweendevices.
Causes:TheIPaddressofthegatewayisincorrectforthespecifiedroute.
Resolution:ChangetheIPaddressofthegatewaytothecorrectaddress.
WrongDNS
Symptoms:Noconnectivitybetweendevices.
Causes:AdeviceisconfiguredtousethewrongDNSserver.
Resolution:[Link]/IPpropertiesandchecktheIPaddress
[Link].
WrongSubnetMask
Symptoms:Noconnectivitybetweendevices.
Causes:Eitherthesourceordestinationdevicehasanincorrectsubnetmask.
Resolution:[Link]
[Link].
IssuesthatshouldbeIDdbutEscalated
SwitchingLoop:Needspanningtreeprotocoltoensureloopfreetopologies.
RoutingLoop:Packetsareroutedinacirclecontinuously.
RouteProblems:[Link]:
configurationproblems,convergence(inwhichyouhavetowaitforthediscoveryprocesstocomplete),orabroken
segment(arouterisdown,etc.).
Proxyarp:Ifmisconfigured,DoSattackscanoccur.
BroadcastStorms:Thenetworkbecomesoverwhelmedbyconstantbroadcasttraffic.

WirelessConnectivityIssues
Interference
Symptoms:Lowthroughput,networkdegradation,droppedpackets,intermittentconnectivity,andpoorvoice
qualityareallsymptomscausedbyinterference.
Causes:RFIcanbecausedbycordlessphones,Bluetoothdevices,cameras,pagingsystems,unauthorizedaccess
points,metalbuildingframing,andclientsinadhocmode.
Resolution:Removeoravoidenvironmentalinterferencesasmuchaspossible.
IncorrectEncryption
Symptoms:Forwireless,ifencryptionlevelsbetweentwodevices(accesspointandclient)donotmatch,
[Link],ifdifferentencryptionkeysareusedbetweentodevicestheycantnegotiatethe
keyinformationforverificationanddecryptioninordertoinitiatecommunication.

Causes:Improperconfiguration.
Resolution:Ensurethatsecuritysettingsmatchbetweenandamongdevices.
CongestedChannel
Symptoms:Veryslowspeeds.
Causes:Interferencefromneighboringwirelessnetworkcongestednetworkchannel.
Resolution:[Link]
manuallychangethechannelthewirelessrouterisoperatingon.
IncorrectFrequency
Symptoms:Noconnectivity.
Causes:Inwireless,devicesmustoperateonthesamefrequency.Adevicefora802.11afrequencycant
communicatewithonedesignedfor802.11b.
Resolution:Deploydevicesthatoperateonthesamefrequency.
ESSIDMismatch
Symptoms:Noconnectivitybetweendevices.
Causes:DevicesareconfiguredtousedifferentESSIDs.
Resolution:[Link]
[Link]:SSIDsarecasesensitive.
StandardMismatch
Symptoms:Noconnectivitybetweendevices.
Causes:Devicesareconfiguredtousedifferentstandardssuchas802.11a/b/g/n.
Resolution:Deviceshavetobechosentoworktogether.802.11a,forexample,isincompatiblewith802.11b/g
becausethefirstoperatesat5GHzandthesecondat2.4GHz.Oa802.11groutercouldbesetonlyforgmode
[Link].
Distance
Symptoms:Slowconnectionandlowthroughput.
Causes:[Link]
[Link]
includelatency,packetloss,retransmission,ortransienttraffic.
Resolution:Iftheissueiswithcabling,[Link],youmay
[Link].
Bounce
Symptoms:Noorlowconnectivitybetweendevices.
Causes:Signalfromdevicebouncesoffobstructionsandisnotreceivedbuythereceivingdevice.
Resolution:Ifpossible,[Link]
interference.
IncorrectAntennaPlacement
Symptoms:Noorlowsignalandconnectivity.
Causes:Thepositionoftheaccesspointsantennacannegativelyaffectoverallperformance.
Resolution:Changethepositionoftheantennaandmonitordeviceperformance.

Domain5.0:NetworkTools
Domain5.1:CommandLineInterfaceTools

[Link]
[Link],the
commandusedis"tracert".

[Link]
aretheipconfigswitchesthatcanbeusedatacommandprompt.
ipconfig/allwilldisplayallofyourIPsettings.
ipconfig/renewforcestheDHCPserver,ifavailabletorenewalease.
ipconfig/releaseforcesthereleaseofalease.
IFCONFIGIFCONFIGisaLinux/[Link]
forifconfigincludesettinganinterface'sIPaddressandnetmask,[Link]
boottime,manyUNIXlikeoperatingsystemsinitializetheirnetworkinterfaceswithshellscriptsthatcallifconfig.
Asaninteractivetool,systemadministratorsroutinelyusetheutilitytodisplayandanalyzenetworkinterface
parameters.

PINGPING(PacketInterNetGroper)isacommandlineutilityusedtoverifyconnectionsbetweennetworked
[Link]
commandispingip_address/[Link],thepingcommandwillreturnrepliesfromtheremotehost
[Link],[Link]
themostimportanttoolsfordeterminingnetworkconnectivitybetweenhosts.
ARP(AddressResolutionProtocol)AhostPCmusthavetheMACandIPaddressesofaremotehostin
ordertosenddatatothatremotehost,andit'sARPthatallowsthelocalhosttorequesttheremosthosttosend
[Link],IARP,RARP,andProxyARP

ARPPING(ARPING)ARPINGisacomputersoftwaretoolthatisusedtodiscoverhostsonacomputer
[Link],andcangetadditional
[Link],whichprobeshosts
usingtheInternetControlMessageProtocolattheInternetLayer(OSILayer3).ArpingoperatesattheLinkLayer
(OSILayer2)usingtheAddressResolutionProtocol(ARP)forprobinghostsonthelocalnetwork(link)only,asARP
cannotberoutedacrossgateways(routers).However,innetworksemployingrepeatersthatuseproxyARP,the
arpingresponsemaybecomingfromsuchproxyhostsandnotfromtheprobedtarget.

NSLOOKUPThisisacommandthatqueriesaDNSserverformachinenameandaddressinformation.
OriginallywrittenforUnixoperatingsystems,thiscommandisnowavailableonWindowsandotheroperating
[Link],type"nslookup"followedbyanIPaddress,acomputername,oradomainname.
NSLOOKUPwillreturnthename,allknownIPaddressesandallknownaliases(whicharejustalternatenames)for
[Link].

HostnameThehostnamecommandisusedtoshoworsetacomputer'[Link]
[Link](i.e.,
acomputerconnectedtothenetwork)thatuniquelyidentifiesitonanetworkandthusallowsittobeaddressed
[Link].

Dig(domaininformationgroper)DigisaLinux/[Link]
DNSlookupsanddisplaystheanswersthatarereturnedfromthenameserver(s)thatwerequeried.

MtrMtrisaLinuxcommandlinetoolthatcombinesthefunctionalityofthetracerouteandpingprogramsina
singlenetworkdiagnostictool.

[Link]
[Link],LinuxandWindows.

NBTSTATIsaWindowsutilityusedtotroubleshootconnectivityproblemsbetween2computers
communicatingviaNetBT,[Link]
oftheNetBIOSnamecacheandgivesMACaddress.

NETSTATIsaWindows,Linux,andUnixcommandlinetoolthatdisplaysnetworkconnections(bothincoming
andoutgoing),routingtables,[Link]
networkandtodeterminetheamountoftrafficonthenetworkasaperformancemeasurement.

Domain5.2:NetworkScanners
PacketSniffersApacketsnifferisadeviceorsoftwareusedtocapturepacketstravelingoveranetwork
[Link]
[Link],
monitoringnetworktraffic,[Link].

IntrusionDetectionSoftwareThiswascoveredearlierindomain3.1.

IntrusionPreventionSoftwareThiswascoveredearlierindomain3.1.

[Link]
byadministratorstoverifysecuritypoliciesoftheirnetworksandbyattackerstoidentifyrunningservicesonahost
thatcanbeexploitedtogainaccess.

Domain5.3:HardwareTools
CableTestersCabletestersareelectronicdevicesusedtotestacable'sintegritybycheckingforopensand
shortswhichcancauseconnectivityproblems.

ProtocolAnalyzersThistoolisusedtomonitornetworktrafficanddisplaypacketandprotocolstatisticsand
[Link]'reconcerned,[Link]

combinethefunctionsofthelisteningdevice(packetsniffer)andtheanalyticaldevice(packetanalyzer).

[Link]
includescheckingthespeedloadsthatitcanhandle.

TDR(TimeDomainReflectometer)Sendsasignaldownacableandmeasuresthedistancethatthesignal
travelledbeforebouncingback(likesonar).Usedtofindopensandshortsincables.

OTDR(OpticalTimeDomainReflectometer)SimilartotheTDRabove,however,thisisusedtotestfiber
opticcableswithlight.

MultimeterAmultimeter,alsoknownasavolt/ohmmeter,isanelectronicmeasuringinstrumentusedto
measurevoltage,currentandresistance.

TonerProbeMostwilldetectopensandshortslikeacabletester,butthistoolismainlyusedtolocatethe
terminationpointsofcables.

ButtSetAportabletelephonethatconnectstoalineusingalligatorclipsandisusedtotesttelephonecircuits.

PunchDownToolApunchdowntoolisusedtoconnectcablingsuchastelephoneandethernettowalljacks.

[Link]
thatcanbeconnectedtoconnectorsorwalljacks.

SnipsSpecialscissorsusedforcuttingcable.

VoltageEventRecorderCapturesandlogselectricalcurrentinformationfordeviceswhichcanthenbe
[Link].

TemperatureMonitorWearen'[Link]
temperaturemonitorsfromCPUtemperaturemonitoringsoftwaretodevicesthatmonitorthetemperatureofa
serverroom.

Domain6.0:NetworkSecurity
Domain6.1:HardwareandSoftwareSecurityDevices
Thetopicscoveredinthissectionarealreadycoveredelsewhereinthisguide.

Domain6.2:Firewalls
[Link]
stack.(ThisistrueforboththeOSImodelandtheInternetProtocolSuite(TCP/IP))Sometimesreferredtoasa
proxybasedfirewallorproxyserver,itcanbesoftwarerunningonacomputerorserverorasastandalonepieceof
[Link]
[Link].
Thedeviceswillnotallowpacketstopassthefirewallunlesstheymatchtherulesetasconfiguredbythefirewall
[Link].

[Link]
[Link],UDPor
TCPports,andotherdetailsabouttheconnectionsuchasthesessioninitiation,typeofdatatransferandsoforth.
WithStatefulprocessingifapacketdoesnotmatchacurrentlyestablishedconnection,itwillbeevaluated
[Link]
[Link]

[Link]
existingconnection,istryingtoestablishanewconnection,orisjustaroguepacket.

ScanningServicestheprocessthatisusedbyallfirewallstoreviewthepacketsthatarepassingthrough
[Link]
[Link]/orotherformsofmalwaredetectionaspart
oftheirscanningprocesstohaltthetransmissionofsuspectpacketsthroughthedevice.

ContentFilteringgenerallyusedattheapplicationleveltorestrictorpreventaccesstowebsitesthatarenot
approvedforworkuse,toblocksiteswithobjectionablematerial,oronacorporateblacklistforonereasonor
[Link],imagesonthesite,downloadable
filespresent,orsitecontentlabelingasdefinedbythewebsitehostitself([Link]
suchthecontentfilterwouldreviewthesitecontentlevelandapplythefilter).

SignatureIdentificationamethodofindentifyingcertaintypesoftrafficbasedonaknownbehaviorofthat
[Link]
passaspermitted([Link])orwhethertodenytraffic([Link]
multiplesystemsfrommultiplesessions,appearingasapossibleDistributedDenialofService(DDoS)attack.

[Link]
[Link]
[Link]
[Link]
thiszoneistoactasanadditionallayerofsecuritybufferbetweentheintranetandtheinternet.

Domain6.3:NetworkAccessSecurity
ACL(AccessControlList)AnACLisatableinanoperatingsystemornetworkdevice(suchasarouter)that
deniesorallowsaccesstoresources.
MACFilteringThismethodcontrolsaccessbasedontheuniqueMACaddressassignedtoallnetwork
devices.
IPFilteringThismethodcontrolsaccessbasedontheIPaddresses(orarangeofaddresses)ofnetwork
devices.
SSLVPN(SecureSocketsLayervirtualprivatenetwork)ThisisaVPNthatrunsonSSLandisaccessible
[Link]
[Link],[Link]
solutionisthatitallowsclientstoaccessacorporatenetworkfromnearlyanywherewhichisnotpracticalwitha
typicalVPN.

VPN(VirtualPrivateNetwork)AVPNisanetworkthatuses
apublictelecommunicationinfrastructure,suchastheInternet,to
provideremoteofficesorindividualuserswithsecureaccessto
theirorganization'[Link]
publicinfrastructurewhilemaintainingprivacythroughsecurity
proceduresandtunnelingprotocolssuchastheLayerTwo
TunnelingProtocol(L2TP)[Link],theprotocols,by
encryptingdataatthesendingendanddecryptingitatthe
receivingend,sendthedatathrougha"tunnel"thatcannotbe"entered"bydatathatisnotproperlyencrypted.

L2TP(Layer2TunnelingProtocol)L2TPisanextensionofthePointtoPointTunnelingProtocol(PPTP)
usedonVPNs.L2TPmergesthebestfeaturesoftwoothertunnelingprotocols:PPTPfromMicrosoftandL2Ffrom
[Link],L2TPdoesnotincludeencryption,butisoftenusedwithIPsecprovideVPN
connectionsfromremoteuserstoaremotenetwork.

IPSec(InternetProtocolSecurity)IPsecisaprotocolsuitethatensuresconfidentiality,integrity,and
authenticityofdatacommunicationsacrossapublicnetworkbyauthenticatingandencryptingeachIPpacketofa
[Link]:[Link](Authenticationheader)isresponsiblefor
authenticityandintegrity,whileESP(EncapsulatingSecuritypayload)[Link]
conjunctionwithL2TPonVPNs.

RAS(RemoteAccessService)RASreferstoanycombinationofhardwareandsoftwaretoenableremote
[Link]
[Link]
MicrosoftduringtheWindowsNTeraandisnowcalledRoutingandRemoteAccessService(RRAS).

RDP(RemoteDesktopProtocol)OriginallyreleasedwithWindowsNT4.0TerminalServices,RDP4.0allowed
userstoconnecttoacomputerandremotelycontrol(AKAShadow)[Link]
upcomingWindowsLonghorn,version6.0willallowonetoconnecttospecificapplicationsratherthantheentire
[Link]'s
computerfortechnicalsupportpurposes,[Link]
default,RDPusesTCPport3389.

PPPoE(PointtoPointProtocoloverEthernet)Inthepast,mostinternetuserswereconnectedtothe
internetviaaserialmodemusingPPP,however,currenttechnologieshavereplaceddialupinternetconnections
withDSLandcable,[Link],PPPoEisanetworkprotocolforencapsulatingPPPframesinEthernet
frames.

PPP(PointtoPointProtocol)Providesastandardmeansofencapsulatingdatapacketssentoverasingle
[Link],PPPprovidesamethodforconnectingapersonalcomputertotheInternetusinga
standardphonelineandamodemusingaserialconnection(Dialup).PPPreplacedSLIPasthestandardfordialup
connectionsasitsupportsmoreprotocolsthanjustTCP/IP.

VNC(VirtualNetworkComputing)VNCmakesitpossibletointeractwithacomputerfromanycomputeror
[Link]'sRDP,VNCofferscrossplatformsupportallowingremotecontrol
[Link]
accessingfilesonone'sworkcomputerfromone'shomecomputer,orviceversa.

ICA(IndependentComputingArchitecture)ICAisaproprietaryprotocolforanapplicationserversystem,
[Link]'sWinFrame,CitrixXenApp(formerlycalled
MetaFrame/PresentationServer),[Link]
berunonaWindowsserver,[Link],ICA
isalsosupportedonanumberofUnixserverplatformsandcanbeusedtodeliveraccesstoapplicationsrunningon
[Link],Mac,Unix,Linux,andvarious
Smartphones.

Domain6.4:MethodsofUserAuthentication
PKI(PublicKeyInfrastructure)Apublickeyinfrastructure(PKI)isthecombinationofsoftware,encryption
technologies,processes,andservicesthatenableanorganizationtosecureitscommunicationsandbusiness
[Link]
[Link]
organizationanddirectoryservicesthatcanstoreand,whennecessary,revokethecertificates.

KerberosInventedbyMIT,thisprotocolhasbeenevolvingintheUnixworldforoveradecadeandhasbecome
[Link]
[Link]
(KeyDistributionServer)thatservesasthetrustedthirdpartyandisresponsibleforstoringauthentication
[Link],itis
[Link].

AAAAAAcommonlystandsforauthentication,authorizationandaccounting.
RADIUS(RemoteAuthenticationDialInUserService)RADIUSisanetworkingprotocolthat
providescentralizedAuthentication,Authorization,andAccounting(AAA)managementandprovidesa
methodthatallowsmultipledialinNetworkAccessServer(NAS)devicestoshareacommonauthentication
[Link]
networks,[Link]'sanswertocorporatewirelesssecurityistheuseofRADIUS
authenticationthroughitsInternetAuthenticationServices(IAS)product.

TACACS+(TerminalAccessControllerAccessControlSystem)TACACS+isaproprietaryCisco
securityapplicationthatprovidescentralizedvalidationofusersattemptingtogainaccesstoarouteror
[Link]+protocolprovidesauthenticationbetweenthenetworkaccessserver
andtheTACACS+daemon,anditensuresconfidentialitybecauseallprotocolexchangesbetweenanetwork
accessserverandaTACACS+[Link]
authorizationinauserprofile,TACACS+[Link]+
usestheTransmissionControlProtocol(TCP)whileRADIUSusestheUserDatagramProtocol(UDP).
802.1X802.1XisanIEEEStandardforportbasedNetworkAccessControl(PNAC).Thisstandardisdesignedto
enhancethesecurityofwirelesslocalareanetworks(WLANs)byprovidinganauthenticationframeworkthatallows
ausertobeauthenticatedbyacentralauthority.Itisusedforsecuringwireless802.11accesspointsandisbased
ontheExtensibleAuthenticationProtocol(EAP).

CHAP(ChallengeHandshakeAuthenticationProtocol)AtypeofauthenticationprotocolusedonPPP
connections.CHAPusesa3wayhandshakeinwhichtheauthenticationagentsendstheclientprogramakeytobe
[Link]
beginning,butsendschallengesatregularintervalstomakesuretheclienthasn'tbeenreplacedbyanintruder.

MSCHAP(MicroSoftChallengeHandshakeAuthenticationProtocol)ThisisMicrosoft'sversionofCHAP
andisaonewayencryptedpassword,[Link]
standardversionofCHAP,MSCHAPisusedforPPPauthentication,butisconsideredbysometobemoresecure.
MSCHAPv2wasreleasedtosolvemanyoftheproblemsanddeficienciesofthefirstversion.

EAP(ExtensibleAuthenticationProtocol)EAPisanextensiontothePointtoPointProtocol(PPP)was
developedinresponsetoanincreasingdemandtoprovideanindustrystandardarchitectureforsupportof
[Link],notaspecificauthentication
[Link]
authenticationmethods,[Link]
methodscapableofoperatinginwirelessnetworksincludeEAPTLS,EAPSIM,EAPAKA,PEAP,LEAPandEAPTTLS.
WhenEAPisinvokedbyan802.1XenabledNetworkAccessServer(NAS)devicesuchasan802.11WirelessAccess
Point,modernEAPmethodscanprovideasecureauthenticationmechanismandnegotiateasecurePairwise
MasterKey(PMK)[Link]
usesTKIPorCCMP(basedonAES)[Link]
securityagainstbruteforceordictionaryattacksandpasswordguessingthanpasswordbasedauthentication
protocols,suchasCHAPorMSCHAP.

Domain6.5:IssuesThatAffectDeviceSecurity
PhysicalSecurityphysicalsecurityisjustasitsounds,locksonthedoors,cameraseverywhere,andsoforth.
Dependingonthedepthofsecurityneededtheremaybeadditionallayersofsecuritysuchasanaccessbadgethat
[Link]
wherethefirstdooryoubadgeopensandyouwalkthroughitanditmustcompletelyclosebeforethenextdoora
fewfeetinfrontofyoubecomesoperationaltobadethrough.

RestrictingLocalandRemoteAccessAlotoflocalaccessrestrictionwillcomefromphysicalsecurity
measuresbutyoucanalsosetsystemstonotallowlocalloginattheconsoleexceptforcertainspecificaccount
[Link]
accessyoucanalsomangethesameprincipleofleastprivilegebyonlyallowingremoteaccesstojustthe
[Link]
allowedtheaccessshouldthenstillneedtoprovideatleastausernameandpasswordinordertoauthenticateto
theremotesystem.

SecureShell(SSH)ApplicationLayerprotocolintheInternetProtocolSuitethatallowsdatatobeexchanged
usingasecurechannelbetweentwonetworkeddevicesandwasdesignedasareplacementforTelnetandother
insecureremoteshells,whichsendinformationincludingaccountnameinformationandpasswordsincleartext.

HypertextTransferProtocolSecure(HTTPS)ApplicationLayerprotocolintheInternetProtocolSuitethat
functionsonport443bydefaultandusesthestandardHypertextTransferProtocolwiththeSSL/TLSprotocolto
provideencryptionandsecureidentificationoftheserverwhichallowstheserver/clientcommunicationstobe
[Link]
takesyoufromtheregularstorefrontpagesdefinedas[Link]

SimpleNetworkManagementProtocolversion3(SNMPv3)ApplicationLayerprotocolintheInternet
ProtocolSuitethatisusedmostlyinnetworkmanagementsystemstomonitornetworkattacheddevices.Version3
providesimportantsecurityfeaturesthatthepriorversionsdidnotincludingmessageintegritythatensures
packetswerenotaltered,authenticationthatverifiesthattheinbounddataisfromanexpectedsourcesystemas
wellasencryptionforthetrafficstreamitself.

SecureFileTransferProtocol(SFTP)sometimescalledSSHfiletransferprotocolisanetworkprotocolthat
providessecured,encryptedfiletransfercapabilityoverTCPport22bydefault.

SecureCopyProtocol(SCP)ApplicationLayerprotocolintheInternetProtocolSuitethatleveragesthe
SecureShell(SSH)protocolusingTCPport22bydefaulttocopyfilesfromsystemtosystemonthesamenetwork
oracrossdifferentnetworks.

TelnetApplicationLayerprotocolintheInternetProtocolSuitethatwastraditionallyusedtoconnectdumb
[Link]
switchesandroutersbyusingacommandwindow.Itisaclientserverprotocolthatrunsonport23bydefault,and
doesnotencryptanydatasentovertheconnection.

HypertextTransferProtocol(HTTP)ApplicationLayerprotocolintheInternetProtocolSuitethatisthe
standardprotocolinuseontheWorldWideWeb.Operatingonport80bydefault,internetclientscontactaweb
serverandrequestpagesbackfromthatservertotheirwebbrowserswhichrenderthereturnedcontentfromthe
connectioncall.

FileTransferProtocol(FTP)ApplicationLayerprotocolintheInternetProtocolSuitethatusesport20for
[Link]
[Link]
itisdoneviacleartext.

RemoteShell(RSH)acommandlineprogramwhichcanexecuteshellcommandsasanotheruserandon
[Link]
[Link](SSH)isthesecurereplacementforthisutility.

RemoteCopyProtocol(RCP)aUnixbasedcommandlineutilitythatisusedtocopydatafromonesystem
[Link]
[Link](SFTP)whichissometimescalledSSH
filetransferprotocol.

SimpleNetworkManagementProtocolversions1or2(SNMP)ApplicationLayerprotocolintheInternet
ProtocolSuitethatisusedforsystemmanagementandconfiguration.Version1wasoriginallyintroducedinthe
[Link]
communitystring",whichiseffectivelynothingmorethanapasswordandthatwastransmittedincleartext.
Version2didoffersomeimprovementsinperformance,security,andconfidentialitybutitdidthisthroughaparty
basedsecuritysystemthatwasconsideredoverlycomplexanditwasnotwidelyacceptedasaresult.

Domain6.6:CommonSecurityThreats
DoS(DenialofService)ADoSattackisacommontypeofattackinwhichfalserequeststoaserveroverload
ittothepointthatitisunabletohandlevalidrequests,causeittoreset,[Link]
manydifferenttypesofDoSattacksincludingSynFloodingandPingFlooding.

VirusesAComputerVirusisaprogramthatcancopyitselfandinfectacomputerwithoutthepermissionor
knowledgeoftheuser.AComputerVirushas2majorcharacteristics:theabilitytoreplicateitself,andtheabilityto
[Link],
[Link]"computervirus"isoftenusedincorrectlyasacatchall
phrasetoincludealltypesofMalwaresuchasComputerWorms,TrojanHorses,Spyware,Adware,andRootkits.
[Link]

createdalmostconstantly,itisimportanttokeepthevirusdefinitionfilesupdatedforyoursoftware.

WormWormsarestandaloneprogramsthatdonotneedotherprogramsinordertoreplicatethemselveslikea
[Link]
softwarewhichcanberunonservers,clients,firewallsandotherdevices.

AttackersWearen'tentirelysurewhatCompTIAisreferringtowiththistermsowewillofferageneral
[Link],
networks,[Link],virusandmalwarecreators,andanyoneelsewhoattempts
tointerferewithnormalcomputerandnetworkoperations.

ManintheMiddleTheseattackscanincludetheinterceptionofemail,files,passwordsandothertypesofdata
[Link].

SmurfThisisatypeofdenialofserviceattackthatfloodsatargetsystemviaspoofedbroadcastpingmessages
[Link],theattackersendsICMPechopacketsto
broadcastaddressesofvulnerablenetworkswithaforgedsourceaddresspointingtothetarget(victim)ofthe
[Link]
typesofattacksareveryeasytoprevent,andasaresult,arenolongerverycommon.

RogueAccessPointThistermmostoftenreferstounauthorizedaccesspointsthataredeployedwith
[Link],[Link]
APscouldincludeoneinstalledbyanemployeewithoutproperconsent,amisconfiguredAPthatpresentsasecurity
risk,APfromneighboringWLANs,[Link],
organizationscaninstallwirelessintrusionpreventionsystemstomonitortheradiospectrumforunauthorized
accesspoints.

SocialEngineering(Phishing)Socialengineeringdescribesvarioustypesofdeceptionusedforthepurpose
ofinformationgathering,fraud,[Link],aformofsocialengineering,isthefraudulent
processofattemptingtoacquiresensitiveinformationsuchasusernames,passwordsandcreditcarddetailsby
masqueradingasatrustworthyentityinanelectroniccommunicationsuchasemail,chat,orinstantmessaging.

MitigationTechniquesForthepurposesofthisguide,wecan'tcoverallofthevariousoptionstoprevent
securitybreaches,sowe'llkeepitbriefwiththefollowing:
PoliciesandProceduresanoutlineinagroup,organizationoracrossanenterprisewhichoutlinesdifferent
[Link]
[Link]
[Link]
withapprovalauthorizationandwhowillactuallyenforcethem.
UserTrainingskillsthatneedtobecommunicatedtotheendusercommunitythatareusingthenetwork
[Link]
[Link],itwillincludesomebasiclevelof
explanationofsecuritythreatsandhowuserinteractioncanhelpdefendthenetworkaswellasmakeit
moreatriskwhenthewrongactionsaretaken.
PatchesandUpdatesoperatingsystemupdatesandapplicationfixesthatarereleasedtoenhancesecurity
[Link],mostofthepatchesandsomeoftheupdatesare
[Link]
deliveredbytheapplicationownerunlessaspecificagreementismadebetweentheapplicationownerand
[Link]
systemsorsetupsometypeofautomatedsystemfordeliverytomanagedsystemsanddevices.