Free study guide for CompTIA’s Network+ certification exam
Study guide for CompTIA’s Network+ certification exam (N10-004).
Domain 1.0: Network Technologies
Domain 1.1: Common Networking Protocols
TCP – TCP breaks data into manageable packets and tracks information such as source and destination of packets. It is able to reroute packets and is responsible for guaranteed delivery of the data.
IP – This is a connectionless protocol, which means that a session is not created before sending data. IP is responsible for addressing and routing of packets between computers. It does not guarantee delivery and does not give acknowledgement of packets that are lost or sent out of order as this is the responsibility of higher layer protocols such as TCP.
UDP – A connectionless, datagram service that provides an unreliable, best-effort delivery.
ICMP – Internet Control Message Protocol enables systems on a TCP/IP network to share status and error information such as with the use of PING and TRACERT utilities.
SMTP – Used to reliably send and receive mail over the Internet.
FTP – File transfer protocol is used for transferring files between remote systems. Must resolve host name to IP address to establish communication. It is connection oriented (i.e. verifies that packets reach destination).
TFTP – Same as FTP but not connection oriented.
ARP – provides IP-address to MAC address resolution for IP packets. A MAC address is your computer’s unique hardware number and appears in the form 00-A0-F1-27-64-E1 (for example). Each computer stores an ARP cache of other computers ARP-IP combinations.
POP3 – Post Office Protocol. A POP3 mail server holds mail until the workstation is ready to receive it.
IMAP – Like POP3, Internet Message Access Protocol is a standard protocol for accessing e-mail from your local server. IMAP (the latest version is IMAP4) is a client/server protocol in which e-mail is received and held for you by your Internet server.
TELNET – Provides a virtual terminal or remote login across the network that is connection-based. The remote server must be running a Telnet service for clients to connect.
HTTP – The Hypertext Transfer Protocol is the set of rules for exchanging files (text, graphic images, sound, video, and other multimedia files) on the World Wide Web. It is the protocol controlling the transfer and addressing of HTTP requests and responses.
HTTPS – Signifies that a web page is using the Secure Sockets Layer (SSL) protocol and is providing a secure connection. This is used for secure internet business transactions.
NTP – Network Time Protocol is a protocol that is used to synchronize computer clock times in a network of computers.
SNMP – Stands for Simple Network Management Protocol and is used for monitoring and status information on a network. SNMP can be used to monitor any device that is SNMP capable and this can include computers, printers, routers, servers, gateways and many more using agents on the target systems. The agents report information back to the management systems by the use of “traps” which capture snapshot data of the system. This trap information could be system errors, resource information, or other information. The SNMPv2 standard includes enhancements to the SNMPv1 SMI-specific data types, such as including bit strings, network addresses, and counters. In SNMPv3 security was addressed. Because all of the trap information sent was in clear text, any monitoring information being sent and collected for operational purposes could also be pulled off the wire by a malicious person
SIP – Stands for Session Initiation Protocol and is a signaling protocol, widely used for controlling multimedia communication sessions such as voice and video calls over Internet Protocol (IP). Other feasible application examples include video conferencing, streaming multimedia distribution, instant messaging, presence information and online games. The protocol can be used for creating, modifying and terminating two-party (unicast) or multiparty (multicast) sessions consisting of one or several media streams. The modification can involve changing addresses or ports, inviting more participants, adding or deleting media streams, etc.
RTP – Real-time Transport Protocol is the audio and video protocol standard used to deliver content over the Internet. RTP is used in conjunction with other protocols such as H.323 and RTSP.
IGMP – Internet Group Management Protocol is used to manage Internet Protocol multicast groups. IP hosts and adjacent multicast routers use IGMP to establish multicast group memberships. IGMP is only needed for IPv4 networks, as multicast is handled differently in IPv6 networks.
TLS – Transport Layer Security is a cryptographic protocol that provides security for communications over networks such as the Internet. TLS and SSL encrypt the segments of network connections at the Transport Layer end-to-end. Several versions of the protocols are in wide-spread use in applications like web browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP).
Domain 1.2: Identify Commonly Used TCP/UDP Ports
Ports are what an application uses when communicating between a client and server computer. Some common ports are:
Protocol Type Number
FTP TCP 20,21
SSH TCP 22
TELNET TCP 23
SMTP TCP 25
DNS TCP/UDP 53
DHCP UDP 67
TFTP UDP 69
HTTP TCP 80
POP3 TCP 110
NTP TCP 123
IMAP4 TCP 143
SNMP UDP 161
HTTPS TCP 443
Domain 1.3: Identify the Following Address Formats
IPv4 – Every IP address can be broken down into 2 parts, the Network ID(netid) and the Host ID(hostid). All hosts on the same network must have the same netid. Each of these hosts must have a hostid that is unique in relation to the netid. IP addresses are divided into 4 octets with each having a maximum value of 255. We view IPv4 addresses in decimal notation such as 124.35.62.181, but it is actually utilized as binary data.
IP addresses are divided into 3 classes as shown below:
Class Range
A 1-126
B <128-191
C 192-223
NOTE: 127.x.x.x is reserved for loopback testing on the local system and is not used on live systems. The following address ranges are reserved for private networks:
10.0.0.0 – 10.254.254.254
172.16.0.0 – 172.31.254.254
192.168.0.0 – 192.168.254.254
IPv6 – The previous information on TCP/IP has referred to IPv4, however, this addressing scheme has run out of available IP addresses due to the large influx of internet users and expanding networks. As a result, the powers that be had to create a new addressing scheme to deal with this situation and developed IPv6. This new addressing scheme utilizes a 128 bit address (instead of 32) and utilizes a hex numbering method in order to avoid long addresses such as 132.64.34.26.64.156.143.57.1.3.7.44.122.111.201.5. The hex address format will appear in the form of 3FFE:B00:800:2::C for example.
MAC Addressing – Also known as hardware address or ethernet address, A MAC address is a unique code assigned to most networking hardware. The hardware is assigned a unique number by the manufacturer and the address is permanently assigned to the device. MAC Addresses are in a 48-bit hexidecimal format such as 00:2f:21:c1:11:0a. They are used to uniquely identify a device on a network, and for other functions such as for being authenticated by a DHCP server. For more information, read MAC Addressing Formats And Broadcasts.
Domain 1.4: Proper Use of Addressing Technologies
Subnetting – IP addresses can be class A, B or C. Class A addresses are for networks with a large number of hosts. The first octet is the netid and the 3 remaining octets are the hostid. Class B addresses are used in medium to large networks with the first 2 octets making up the netid and the remaining 2 are the hostid. Class C is for smaller networks with the first 3 octets making up the netid and the last octet comprising the hostid. The Network ID and the Host ID are determined by a subnet mask. The default subnet masks are as follows:
Class Default Subnet Subnets Hosts Per Subnet
Class A 255.0.0.0 126 16,777,214
Class B 255.255.0.0 16,384 65,534
Class C 255.255.255.0 2,097,152 254
What if you wanted more than 1 subnet? Subnetting allows you to create multiple logical networks that exist within a single Class A, B, or C network. If you don’t subnet, you will only be able to use one network from your Class A, B, or C network. When subnetting is employed, the multiple networks are connected with a router which enables data to find its way between networks. On the client side, a default gateway is assigned in the TCP/IP properties. The default gateway tells the client the IP address of the router that will allow their computer to communicate with clients on other networks.
Classful versus Classless addressing – the original TCP/IP addressing method described above was called classful addressing which worked by dividing the IP address space into chunks of different sizes called classes. Classless addressing is referred to as Classless Inter-Domain Routing (CIDR) and is done by allocating address space to Internet service providers and end users on any address bit boundary, instead of on 8-bit segments. So 172.16.50.0 does not have to use the standard subnet mask of 255.255.0.0 which makes a Class B address space and which also puts it on the same network as 172.16.51.0 using the subnet mask of 255.255.0.0. (With classful addressing, our example has 172.16 as the network name and the 50.0 and 51.0 ranges are both part of the same host naming convention). Instead, by using classless addressing 172.16.50.0/24 puts these systems on a different network than 172.16.51.0/24 because the network names here are 172.16.50 and 172.16.51 which are different.
NAT – NAT stands for Network Address Translation and is a commonly used IP translation and mapping technology. Using a device (such as a router) or piece of software that implements NAT allows an entire home or office network to share a single internet connection over a single IP address. A single cable modem, DSL modem, or even 56k modem could connect all the computers to the internet simultaneously. Additionally, NAT keeps your home network fairly secure from hackers. NAT is built in to the most common Internet Connection Sharing technologies.
PAT – Port Address Translation is a feature of a network device that translates TCP or UDP communications made between hosts on a private network and hosts on a public network. It allows a single public IP address to be used by many hosts on a private network.
SNAT – Secure Network Address Translation an extension of the standard Network Address Translation (NAT) service. SNAT is done through one to one IP address translation of one internal IP address to one external IP address where NAT is effectively one external address to many internal IP addresses.
DHCP – Dynamic Host Configuration Protocol provides a solution that automatically assigns IP addresses to computers on a network. When a client is configured to receive an IP address automatically, It will send out a broadcast to the DHCP server requesting an address. The server will then issue a “lease” and assign it to that client. Some of the benefits of DHCP include the following:
Prevents users from making up their own IP addresses.
Prevents incorrect gateway or subnet masks from being entered.
Decreases amount of time spent configuring computers especially in environments where computers get moved around all the time.
APIPA – Stands for Automatic Private Internet Protocol Addressing. Client systems that are configured for automatic IP address assignment / dynamic IP assignment will attempt to use DHCP to make a request for an IP address lease for a given network. When the DHCP server is unavailable the service on the client will automatically configure the system with an APIPA IP address in the 169.254.0.1 through 169.254.255.254 address range with a subnet mask of 255.255.255.0.
Unicast – the sending of information packets to a single network node. This type of network transmission is used where a private or unique resource such as media servers are being requested for two way connections that are needed to complete the network communication. So in the media server example, a client system may make the request for streaming content from the single source and the responding system may leverage unicast as part of the response to the session request to deliver the content.
Multicast – a single source address responding to multiple destination addresses with information to be sent. In a media server example, the single source address may need to send the data to multiple clients; it does this by sending the data with multiple destination IP addresses. All the clients that “see” this network traffic will check to see if it is meant for them with the supplied information. If it is not the client does not receive the data. If a network node does see that the data is intended for them the device will respond by receiving the packet.
Broadcast – traffic sent out from a network node that will reach every other node on the subnet / broadcast domain because the message is sent with the intent of reaching all nodes. The network node that is sending the traffic will use the broadcast address for that subnet and every device in that broadcast domain will receive the broadcast information. Generally the broadcast address is the last IP address of that segment. As an example, in the IP address range of 192.168.0.0 this broadcast address would be 192.168.255.255 and the traffic would reach all available nodes on the subnet. Additionally 255.255.255.255 could be used which is the broadcast address of the zero network (0.0.0.0). Internet Protocol standards outline that the zero network stands for the local network so only those node on the local network would hear the broadcast traffic across the 255.255.255.255 address.
Domain 1.5: Common IPv4 and IPv6 Routing Protocols
Link State routing protocols – are one of the two main classes of routing protocols used in packet switching networks and includes protocols such as Open Shortest Path First (OSPF) and Intermediate System to Intermediate System (IS-IS). The link-state protocol is performed on every router on the network, where every routing node constructs a map of the connectivity to the network by showing which nodes are connected to each other. Each router calculates the next best logical hop from it to every possible known destination which forms the node’s routing table.
Open Shortest Path First (OSPF) – is a dynamic routing protocol and is used on Internet Protocol (IP) based networks of all sizes – large to small. OSPF is an interior gateway protocol (IGP) that routes IP packets within a single routing domain and was designed to support variable-length subnet masking (VLSM) and Classless Inter-Domain Routing (CIDR) addressing.
Intermediate System to Intermediate System (IS-IS) – a link state protocol that operates by forwarding network topology information throughout a network of routers. Each router then independently builds a picture of the network’s topology based on the data received and the best topological path through the network to the destination. IS-IS is an Interior Gateway Protocol (IGP) typically used on larger networks.
Distance-vector routing protocols – are one of the two main classes of routing protocols used in packet switching networks and includes Routing Information Protocol (RIP) and Interior Gateway Routing Protocol (IGRP). uses distance as one factor and the vector as the other to determine against the known routing tables to deliver data to source and destination locations. Routers using the distance-vector routing protocol will update other routers of topology changes periodically when a change is detected in the topology of a network.
Routing Information Protocol (RIPv1) – RIP is a distance-vector routing protocol using “hop count” as a routing metric. The maximum number of hops allowed for RIP is 15 which effectively limits the size of networks that RIP can support.
Routing Information Protocol (RIPv2) – improved upon RIPv1 by having the ability to include subnet information with its updates which allows for Classless Inter-Domain Routing (CIDR) support. The 30 second proactive broadcast has been eliminated in favor of multicast advertisements for its updates. The 15 hop count limit remains so that the devices are backwards compatible with RIPv1 devices.
Border Gateway Protocol (BGP) – is the core routing protocol of the Internet. It maintains a table of IP networks and the data that designates where and how to reach each network through autonomous systems (AS). BGP makes routing decisions based on path, network policies and / or rule sets.
Enhanced Interior Gateway Routing Protocol (EIGRP) – a proprietary hybrid protocol from Cisco that is a distance vector routing protocol that functions like a link state routing protocol. EIGRP collects information and stores it in three tables; the Neighbor Table which stores the information about neighboring routers, the Topology Table which contains only the information and data regarding the routing tables from directly connected neighbors and the Routing table which stores the actual routes to all destinations.
Domain 1.6: The Purpose and Properties of Routing
Interior Gateway Protocol (IGP) – routing protocol that is used within an autonomous system which is sometimes referred to as an administrative domain. One type of Interior Gateway Protocol are the Distance-vector routing protocols such as Routing Information Protocol (RIP), Interior Gateway Routing Protocol (IGRP) and Enhanced Interior Gateway Routing Protocol (EIGRP). Another type are the Link-state routing protocols such as Open Shortest Path First (OSPF) and Intermediate system to intermediate system (IS-IS)
Exterior Gateway Protocol (EGP) – routing protocol that is used across different autonomous systems / administrative domains. It was the routing protocol leveraged for Internet connected devices in the early 1980s. Border Gateway Protocol (BGP) is the replacement standard for Internet routing over EGP.
Static Router Updates – a router with manually configured routing tables. For these types of devices, a network administrator will manually build and make updates to the routing table for all routes in the administrative domain. Static routers are best suited for small internetworks; due to the need of the manual administration, they do not scale well to large networks where routing information is often changed, updated and appended. Static routers are not fault tolerant because when another network device goes down the manually input information may not necessarily provide alternate pathing to a destination which makes it unreachable (unless quick, manual administrative updates are made.)
Dynamic Router Updates – A router with dynamically configured routing tables. This type of automatic configuration is made up of routing tables that are built and maintained by ongoing communication between the routers only (by default – this does not include initial setup and configuration or administrative needs for a persistent route configuration). Dynamic routing is fault tolerant; if a router or link goes down, the routers sense the change in the network topology when the “learned route” expires in the routing table and cannot be renewed due to the outage. This change is then disseminated to other routers so that all the routers “learn” of the network changes. Routing Information Protocol (RIP) and Open Shortest Path First (OSPF) routing protocols for IP and RIP for IPX are some of examples of protocols that can be used for these dynamic updates.
Next Hop – defined as the next place that a data packet needs to go. In most cases, routers do not need all of the information regarding where the originating source of the data transmission was. In most cases routers just need to know where there data needs to go next and the “next” referred to as the “next hop” because all they are trying to do is deliver it to the specified destination IP address that is included in the header information of the data being sent. If that router is the last hop and can deliver it to the specified IP address it does otherwise it refers to its routing tables to figure out which router to hand it off to in the effort to get the data packet where it needs to go.
Routing Tables – sometimes referred to as a Routing Information Base (RIB), is the database information that stores all the rout information for the routing network devices. The routing table holds the route information regarding the topology of the network immediately around the device to other network destinations and it will often include the metric / cost associated for the route. There are three main route entries that are generally found in the routing tables – Network Route, Host Route and the Default Route. The Network Route is route to a specific Network ID on the network. The Host Route is a route to a specific network address. A Default route is the path used if a physical router or other network routing device cannot find a route for the specified destination.
Convergence – achieved when all of the available topology information from routing devices have been passed along to all of the other deceives in totality and all when the information gathered is not in a contradiction state to any other router’s informed topology information. When all of the network routing devices “agree” on what the network topology looks like it is said to have full convergence.
Domain 1.7: Characteristics of Wireless Standards
Wireless networks allow computers to comunicate without the use of cables using IEEE 802.11 standards, also known as Wi-Fi. A connection is made from a device, which is usually a PC or a Laptop with a wireless network interface card (NIC), and an Access Point (AP), which acts as a bridge between the wireless stations and Distribution System (DS) or wired networks. An 802.11 wireless network adapter can operate in two modes, Ad-Hoc and Infrastructure. In infrastructure mode, all your traffic passes through a wireless ‘access point’. In Ad-hoc mode your computers talk directly to each other and do not need an access point. The table below shows the various standards.
Standard Speed Distance Frequency
802.11a 54 mbps 100 ft 5 GHz
802.11b 11 mbps 300 ft 2.4 GHz
802.11g 54 mbps 300 ft 2.4 GHz
802.11n 540 mbps 600 ft 5 GHz and/or 2.4 GHz
Authentication and Encryption:
WEP – Wired Equivalent Privacy is a security encryption algorithm that is easily cracked. For this reason, it has been replaced by other technologies.
WPA – The original WPA standard used TKIP, but was later replaced by WPA2 which uses a more secure AES-based algorithm. WPA uses a 256 bit key to encrypt data. This key may be entered either as a string of 64 hexadecimal digits, or as a passphrase of 8 to 63 characters. It is susceptible to brute force attacks when a weak passphrase is used.
RADIUS – Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service. RADIUS is often used by ISPs and enterprises to manage access to the Internet or internal networks, and wireless networks. Microsoft’s answer to corporate wireless security is the use of RADIUS authentication through its Internet Authentication Services (IAS) product.
TKIP – Temporal Key Integrity Protocol was designed as a solution to replace WEP without requiring the replacement of legacy hardware. TKIP suffered from similar flaws as WEP and has been replaced by more secure encryption schemes.
Domain 2.0: Network Media and Topologies
Domain 2.1: Standard Cable Types and Their Properties
Cable Types:
Type Description
CAT3 Unshielded twisted pair capable of speeds up to 10Mbit/s. Used with 10Base-T, 100Base-T4, and 100Base-T2 Ethernet.
CAT4 Unshielded twisted pair capable of speeds up to 20Mbit/s. Not widely used. Used with 10Base-T, 100Base-T4, and 100Base-T2 Ethernet.
CAT5 Unshielded twisted pair capable of speeds up to 100Mbit/s. May be used with 10Base-T, 100Base-T4, 100Base-T2, and 100Base-TX Ethernet.
CAT5e Enhanced Cat 5 is similar to CAT5, but exceeds its performance. Improved distance over previous categories from 100m to 350m. May be used for 10Base-T, 100Base-T4, 100Base-T2, 100BaseTX and 1000Base-T Ethernet.
CAT6 Can transmit data up to 220m at gigabit speeds. It has improved specifications for NEXT (Near End Cross Talk), PSELFEXT (Power Sum Equal Level Far End Cross Talk), and Attenuation. Cat 6 is backward compatible with lower Category grades and supports the same Ethernet standards as Cat 5e.
Multimode Fiber Multimode fibers have large cores. They are able to carry more data than single mode fibers though they are best for shorter distances because of their higher attenuation levels.
Single Mode Fiber Single Mode fibers have a small glass core. Single Mode fibers are used for high speed data transmission over long distances. They are less susceptible to attenuation than multimode fibers.
RG59 and RG6 These are both shielded coaxial cables used for broadband networking, cable television, and other uses.
Serial A serial cable is a cable that can be used to transfer information between two devices using serial communication, often using the RS-232 standard. Typically use D-subminiature connectors with 9 or 25 pins. Cables are often unshielded, although shielding cables may reduce electrical noise radiated by the cable.
Shielded twisted pair (STP) – differs from UTP in that it has a foil jacket that helps prevent cross talk. Cross talk is signal overflow from an adjacent wire.
Domain 1.0: Network Technologies
Domain 1.1: Common Networking Protocols
TCP – TCP breaks data into manageable packets and tracks information such as source and destination of packets. It is able to reroute packets and is responsible for guaranteed delivery of the data.IP – This is a connectionless protocol, which means that a session is not created before sending data. IP is responsible for addressing and routing of packets between computers. It does not guarantee delivery and does not give acknowledgement of packets that are lost or sent out of order as this is the responsibility of higher layer protocols such as TCP.UDP – A connectionless, datagram service that provides an unreliable, best-effort delivery.ICMP – Internet Control Message Protocol enables systems on a TCP/IP network to share status and error information such as with the use of PING and TRACERT utilities.SMTP – Used to reliably send and receive mail over the Internet.FTP – File transfer protocol is used for transferring files between remote systems. Must resolve host name to IP address to establish communication. It is connection oriented (i.e. verifies that packets reach destination).TFTP – Same as FTP but not connection oriented.ARP – provides IP-address to MAC address resolution for IP packets. A MAC address is your computer’s unique hardware number and appears in the form 00-A0-F1-27-64-E1 (for example). Each computer stores an ARP cache of other computers ARP-IP combinations.POP3 – Post Office Protocol. A POP3 mail server holds mail until the workstation is ready to receive it.IMAP – Like POP3, Internet Message Access Protocol is a standard protocol for accessing e-mail from your local server. IMAP (the latest version is IMAP4) is a client/server protocol in which e-mail is received and held for you by your Internet server.TELNET – Provides a virtual terminal or remote login across the network that is connection-based. The remote server must be running a Telnet service for clients to connect.HTTP – The Hypertext Transfer Protocol is the set of rules for exchanging files (text, graphic images, sound, video, and other multimedia files) on the World Wide Web. It is the protocol controlling the transfer and addressing of HTTP requests and responses.HTTPS – Signifies that a web page is using the Secure Sockets Layer (SSL) protocol and is providing a secure connection. This is used for secure internet business transactions.NTP – Network Time Protocol is a protocol that is used to synchronize computer clock times in a network of computers.SNMP – Stands for Simple Network Management Protocol and is used for monitoring and status information on a network. SNMP can be used to monitor any device that is SNMP capable and this can include computers, printers, routers, servers, gateways and many more using agents on the target systems. The agents report information back to the management systems by the use of “traps” which capture snapshot data of the system. This trap information could be system errors, resource information, or other information. The SNMPv2 standard includes enhancements to the SNMPv1 SMI-specific data types, such as including bit strings, network addresses, and counters. In SNMPv3 security was addressed. Because all of the trap information sent was in clear text, any monitoring information being sent and collected for operational purposes could also be pulled off the wire by a malicious personSIP – Stands for Session Initiation Protocol and is a signaling protocol, widely used for controlling multimedia communication sessions such as voice and video calls over Internet Protocol (IP). Other feasible application examples include video conferencing, streaming multimedia distribution, instant messaging, presence information and online games. The protocol can be used for creating, modifying and terminating two-party (unicast) or multiparty (multicast) sessions consisting of one or several media streams. The modification can involve changing addresses or ports, inviting more participants, adding or deleting media streams, etc.RTP – Real-time Transport Protocol is the audio and video protocol standard used to deliver content over the Internet. RTP is used in conjunction with other protocols such as H.323 and RTSP.IGMP – Internet Group Management Protocol is used to manage Internet Protocol multicast groups. IP hosts and adjacent multicast routers use IGMP to establish multicast group memberships. IGMP is only needed for IPv4 networks, as multicast is handled differently in IPv6 networks.TLS – Transport Layer Security is a cryptographic protocol that provides security for communications over networks such as the Internet. TLS and SSL encrypt the segments of network connections at the Transport Layer end-to-end. Several versions of the protocols are in wide-spread use in applications like web browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP).Domain 1.2: Identify Commonly Used TCP/UDP Ports
Ports are what an application uses when communicating between a client and server computer. Some common ports are:
Protocol Type Number
FTP TCP 20,21
SSH TCP 22
TELNET TCP 23
SMTP TCP 25
DNS TCP/UDP 53
DHCP UDP 67
TFTP UDP 69
HTTP TCP 80
POP3 TCP 110
NTP TCP 123
IMAP4 TCP 143
SNMP UDP 161
HTTPS TCP 443
Domain 1.3: Identify the Following Address Formats
IPv4 – Every IP address can be broken down into 2 parts, the Network ID(netid) and the Host ID(hostid). All hosts on the same network must have the same netid. Each of these hosts must have a hostid that is unique in relation to the netid. IP addresses are divided into 4 octets with each having a maximum value of 255. We view IPv4 addresses in decimal notation such as 124.35.62.181, but it is actually utilized as binary data.
IP addresses are divided into 3 classes as shown below:
Class Range
A 1-126
B <128-191
C 192-223
NOTE: 127.x.x.x is reserved for loopback testing on the local system and is not used on live systems. The following address ranges are reserved for private networks:
10.0.0.0 – 10.254.254.254
172.16.0.0 – 172.31.254.254
192.168.0.0 – 192.168.254.254
IPv6 – The previous information on TCP/IP has referred to IPv4, however, this addressing scheme has run out of available IP addresses due to the large influx of internet users and expanding networks. As a result, the powers that be had to create a new addressing scheme to deal with this situation and developed IPv6. This new addressing scheme utilizes a 128 bit address (instead of 32) and utilizes a hex numbering method in order to avoid long addresses such as 132.64.34.26.64.156.143.57.1.3.7.44.122.111.201.5. The hex address format will appear in the form of 3FFE:B00:800:2::C for example.
MAC Addressing – Also known as hardware address or ethernet address, A MAC address is a unique code assigned to most networking hardware. The hardware is assigned a unique number by the manufacturer and the address is permanently assigned to the device. MAC Addresses are in a 48-bit hexidecimal format such as 00:2f:21:c1:11:0a. They are used to uniquely identify a device on a network, and for other functions such as for being authenticated by a DHCP server. For more information, read MAC Addressing Formats And Broadcasts.
Domain 1.4: Proper Use of Addressing Technologies
Subnetting – IP addresses can be class A, B or C. Class A addresses are for networks with a large number of hosts. The first octet is the netid and the 3 remaining octets are the hostid. Class B addresses are used in medium to large networks with the first 2 octets making up the netid and the remaining 2 are the hostid. Class C is for smaller networks with the first 3 octets making up the netid and the last octet comprising the hostid. The Network ID and the Host ID are determined by a subnet mask. The default subnet masks are as follows:
Class Default Subnet Subnets Hosts Per Subnet
Class A 255.0.0.0 126 16,777,214
Class B 255.255.0.0 16,384 65,534
Class C 255.255.255.0 2,097,152 254
What if you wanted more than 1 subnet? Subnetting allows you to create multiple logical networks that exist within a single Class A, B, or C network. If you don’t subnet, you will only be able to use one network from your Class A, B, or C network. When subnetting is employed, the multiple networks are connected with a router which enables data to find its way between networks. On the client side, a default gateway is assigned in the TCP/IP properties. The default gateway tells the client the IP address of the router that will allow their computer to communicate with clients on other networks.
Classful versus Classless addressing – the original TCP/IP addressing method described above was called classful addressing which worked by dividing the IP address space into chunks of different sizes called classes. Classless addressing is referred to as Classless Inter-Domain Routing (CIDR) and is done by allocating address space to Internet service providers and end users on any address bit boundary, instead of on 8-bit segments. So 172.16.50.0 does not have to use the standard subnet mask of 255.255.0.0 which makes a Class B address space and which also puts it on the same network as 172.16.51.0 using the subnet mask of 255.255.0.0. (With classful addressing, our example has 172.16 as the network name and the 50.0 and 51.0 ranges are both part of the same host naming convention). Instead, by using classless addressing 172.16.50.0/24 puts these systems on a different network than 172.16.51.0/24 because the network names here are 172.16.50 and 172.16.51 which are different.
NAT – NAT stands for Network Address Translation and is a commonly used IP translation and mapping technology. Using a device (such as a router) or piece of software that implements NAT allows an entire home or office network to share a single internet connection over a single IP address. A single cable modem, DSL modem, or even 56k modem could connect all the computers to the internet simultaneously. Additionally, NAT keeps your home network fairly secure from hackers. NAT is built in to the most common Internet Connection Sharing technologies.
PAT – Port Address Translation is a feature of a network device that translates TCP or UDP communications made between hosts on a private network and hosts on a public network. It allows a single public IP address to be used by many hosts on a private network.
SNAT – Secure Network Address Translation an extension of the standard Network Address Translation (NAT) service. SNAT is done through one to one IP address translation of one internal IP address to one external IP address where NAT is effectively one external address to many internal IP addresses.
DHCP – Dynamic Host Configuration Protocol provides a solution that automatically assigns IP addresses to computers on a network. When a client is configured to receive an IP address automatically, It will send out a broadcast to the DHCP server requesting an address. The server will then issue a “lease” and assign it to that client. Some of the benefits of DHCP include the following:
Prevents users from making up their own IP addresses.Prevents incorrect gateway or subnet masks from being entered.Decreases amount of time spent configuring computers especially in environments where computers get moved around all the time.APIPA – Stands for Automatic Private Internet Protocol Addressing. Client systems that are configured for automatic IP address assignment / dynamic IP assignment will attempt to use DHCP to make a request for an IP address lease for a given network. When the DHCP server is unavailable the service on the client will automatically configure the system with an APIPA IP address in the 169.254.0.1 through 169.254.255.254 address range with a subnet mask of 255.255.255.0.
Unicast – the sending of information packets to a single network node. This type of network transmission is used where a private or unique resource such as media servers are being requested for two way connections that are needed to complete the network communication. So in the media server example, a client system may make the request for streaming content from the single source and the responding system may leverage unicast as part of the response to the session request to deliver the content.
Multicast – a single source address responding to multiple destination addresses with information to be sent. In a media server example, the single source address may need to send the data to multiple clients; it does this by sending the data with multiple destination IP addresses. All the clients that “see” this network traffic will check to see if it is meant for them with the supplied information. If it is not the client does not receive the data. If a network node does see that the data is intended for them the device will respond by receiving the packet.
Broadcast – traffic sent out from a network node that will reach every other node on the subnet / broadcast domain because the message is sent with the intent of reaching all nodes. The network node that is sending the traffic will use the broadcast address for that subnet and every device in that broadcast domain will receive the broadcast information. Generally the broadcast address is the last IP address of that segment. As an example, in the IP address range of 192.168.0.0 this broadcast address would be 192.168.255.255 and the traffic would reach all available nodes on the subnet. Additionally 255.255.255.255 could be used which is the broadcast address of the zero network (0.0.0.0). Internet Protocol standards outline that the zero network stands for the local network so only those node on the local network would hear the broadcast traffic across the 255.255.255.255 address.
Domain 1.5: Common IPv4 and IPv6 Routing Protocols
Link State routing protocols – are one of the two main classes of routing protocols used in packet switching networks and includes protocols such as Open Shortest Path First (OSPF) and Intermediate System to Intermediate System (IS-IS). The link-state protocol is performed on every router on the network, where every routing node constructs a map of the connectivity to the network by showing which nodes are connected to each other. Each router calculates the next best logical hop from it to every possible known destination which forms the node’s routing table.
Open Shortest Path First (OSPF) – is a dynamic routing protocol and is used on Internet Protocol (IP) based networks of all sizes – large to small. OSPF is an interior gateway protocol (IGP) that routes IP packets within a single routing domain and was designed to support variable-length subnet masking (VLSM) and Classless Inter-Domain Routing (CIDR) addressing.Intermediate System to Intermediate System (IS-IS) – a link state protocol that operates by forwarding network topology information throughout a network of routers. Each router then independently builds a picture of the network’s topology based on the data received and the best topological path through the network to the destination. IS-IS is an Interior Gateway Protocol (IGP) typically used on larger networks.Distance-vector routing protocols – are one of the two main classes of routing protocols used in packet switching networks and includes Routing Information Protocol (RIP) and Interior Gateway Routing Protocol (IGRP). uses distance as one factor and the vector as the other to determine against the known routing tables to deliver data to source and destination locations. Routers using the distance-vector routing protocol will update other routers of topology changes periodically when a change is detected in the topology of a network.
Routing Information Protocol (RIPv1) – RIP is a distance-vector routing protocol using “hop count” as a routing metric. The maximum number of hops allowed for RIP is 15 which effectively limits the size of networks that RIP can support.Routing Information Protocol (RIPv2) – improved upon RIPv1 by having the ability to include subnet information with its updates which allows for Classless Inter-Domain Routing (CIDR) support. The 30 second proactive broadcast has been eliminated in favor of multicast advertisements for its updates. The 15 hop count limit remains so that the devices are backwards compatible with RIPv1 devices.Border Gateway Protocol (BGP) – is the core routing protocol of the Internet. It maintains a table of IP networks and the data that designates where and how to reach each network through autonomous systems (AS). BGP makes routing decisions based on path, network policies and / or rule sets.Enhanced Interior Gateway Routing Protocol (EIGRP) – a proprietary hybrid protocol from Cisco that is a distance vector routing protocol that functions like a link state routing protocol. EIGRP collects information and stores it in three tables; the Neighbor Table which stores the information about neighboring routers, the Topology Table which contains only the information and data regarding the routing tables from directly connected neighbors and the Routing table which stores the actual routes to all destinations.Domain 1.6: The Purpose and Properties of Routing
Interior Gateway Protocol (IGP) – routing protocol that is used within an autonomous system which is sometimes referred to as an administrative domain. One type of Interior Gateway Protocol are the Distance-vector routing protocols such as Routing Information Protocol (RIP), Interior Gateway Routing Protocol (IGRP) and Enhanced Interior Gateway Routing Protocol (EIGRP). Another type are the Link-state routing protocols such as Open Shortest Path First (OSPF) and Intermediate system to intermediate system (IS-IS)
Exterior Gateway Protocol (EGP) – routing protocol that is used across different autonomous systems / administrative domains. It was the routing protocol leveraged for Internet connected devices in the early 1980s. Border Gateway Protocol (BGP) is the replacement standard for Internet routing over EGP.
Static Router Updates – a router with manually configured routing tables. For these types of devices, a network administrator will manually build and make updates to the routing table for all routes in the administrative domain. Static routers are best suited for small internetworks; due to the need of the manual administration, they do not scale well to large networks where routing information is often changed, updated and appended. Static routers are not fault tolerant because when another network device goes down the manually input information may not necessarily provide alternate pathing to a destination which makes it unreachable (unless quick, manual administrative updates are made.)
Dynamic Router Updates – A router with dynamically configured routing tables. This type of automatic configuration is made up of routing tables that are built and maintained by ongoing communication between the routers only (by default – this does not include initial setup and configuration or administrative needs for a persistent route configuration). Dynamic routing is fault tolerant; if a router or link goes down, the routers sense the change in the network topology when the “learned route” expires in the routing table and cannot be renewed due to the outage. This change is then disseminated to other routers so that all the routers “learn” of the network changes. Routing Information Protocol (RIP) and Open Shortest Path First (OSPF) routing protocols for IP and RIP for IPX are some of examples of protocols that can be used for these dynamic updates.
Next Hop – defined as the next place that a data packet needs to go. In most cases, routers do not need all of the information regarding where the originating source of the data transmission was. In most cases routers just need to know where there data needs to go next and the “next” referred to as the “next hop” because all they are trying to do is deliver it to the specified destination IP address that is included in the header information of the data being sent. If that router is the last hop and can deliver it to the specified IP address it does otherwise it refers to its routing tables to figure out which router to hand it off to in the effort to get the data packet where it needs to go.
Routing Tables – sometimes referred to as a Routing Information Base (RIB), is the database information that stores all the rout information for the routing network devices. The routing table holds the route information regarding the topology of the network immediately around the device to other network destinations and it will often include the metric / cost associated for the route. There are three main route entries that are generally found in the routing tables – Network Route, Host Route and the Default Route. The Network Route is route to a specific Network ID on the network. The Host Route is a route to a specific network address. A Default route is the path used if a physical router or other network routing device cannot find a route for the specified destination.
Convergence – achieved when all of the available topology information from routing devices have been passed along to all of the other deceives in totality and all when the information gathered is not in a contradiction state to any other router’s informed topology information. When all of the network routing devices “agree” on what the network topology looks like it is said to have full convergence.
Domain 1.7: Characteristics of Wireless Standards
Wireless networks allow computers to comunicate without the use of cables using IEEE 802.11 standards, also known as Wi-Fi. A connection is made from a device, which is usually a PC or a Laptop with a wireless network interface card (NIC), and an Access Point (AP), which acts as a bridge between the wireless stations and Distribution System (DS) or wired networks. An 802.11 wireless network adapter can operate in two modes, Ad-Hoc and Infrastructure. In infrastructure mode, all your traffic passes through a wireless ‘access point’. In Ad-hoc mode your computers talk directly to each other and do not need an access point. The table below shows the various standards.
Standard Speed Distance Frequency
802.11a 54 mbps 100 ft 5 GHz
802.11b 11 mbps 300 ft 2.4 GHz
802.11g 54 mbps 300 ft 2.4 GHz
802.11n 540 mbps 600 ft 5 GHz and/or 2.4 GHz
Authentication and Encryption:
WEP – Wired Equivalent Privacy is a security encryption algorithm that is easily cracked. For this reason, it has been replaced by other technologies.WPA – The original WPA standard used TKIP, but was later replaced by WPA2 which uses a more secure AES-based algorithm. WPA uses a 256 bit key to encrypt data. This key may be entered either as a string of 64 hexadecimal digits, or as a passphrase of 8 to 63 characters. It is susceptible to brute force attacks when a weak passphrase is used.RADIUS – Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service. RADIUS is often used by ISPs and enterprises to manage access to the Internet or internal networks, and wireless networks. Microsoft’s answer to corporate wireless security is the use of RADIUS authentication through its Internet Authentication Services (IAS) product.TKIP – Temporal Key Integrity Protocol was designed as a solution to replace WEP without requiring the replacement of legacy hardware. TKIP suffered from similar flaws as WEP and has been replaced by more secure encryption schemes.Domain 2.0: Network Media and Topologies
Domain 2.1: Standard Cable Types and Their Properties
Cable Types:
Type Description
CAT3 Unshielded twisted pair capable of speeds up to 10Mbit/s. Used with 10Base-T, 100Base-T4, and 100Base-T2 Ethernet.
CAT4 Unshielded twisted pair capable of speeds up to 20Mbit/s. Not widely used. Used with 10Base-T, 100Base-T4, and 100Base-T2 Ethernet.
CAT5 Unshielded twisted pair capable of speeds up to 100Mbit/s. May be used with 10Base-T, 100Base-T4, 100Base-T2, and 100Base-TX Ethernet.
CAT5e Enhanced Cat 5 is similar to CAT5, but exceeds its performance. Improved distance over previous categories from 100m to 350m. May be used for 10Base-T, 100Base-T4, 100Base-T2, 100BaseTX and 1000Base-T Ethernet.
CAT6 Can transmit data up to 220m at gigabit speeds. It has improved specifications for NEXT (Near End Cross Talk), PSELFEXT (Power Sum Equal Level Far End Cross Talk), and Attenuation. Cat 6 is backward compatible with lower Category grades and supports the same Ethernet standards as Cat 5e.
Multimode Fiber Multimode fibers have large cores. They are able to carry more data than single mode fibers though they are best for shorter distances because of their higher attenuation levels.
Single Mode Fiber Single Mode fibers have a small glass core. Single Mode fibers are used for high speed data transmission over long distances. They are less susceptible to attenuation than multimode fibers.
RG59 and RG6 These are both shielded coaxial cables used for broadband networking, cable television, and other uses.
Serial A serial cable is a cable that can be used to transfer information between two devices using serial communication, often using the RS-232 standard. Typically use D-subminiature connectors with 9 or 25 pins. Cables are often unshielded, although shielding cables may reduce electrical noise radiated by the cable.
Shielded twisted pair (STP) – differs from UTP in that it has a foil jacket that helps prevent cross talk. Cross talk is signal overflow from an adjacent wire.
Multumim !
