Comptia Network+ Study Sheet

7/27/2019 Comptia Network+ Study Sheet

1/30

2013

NETWORK+ STUDY

GUIDE

DAN SHEETS


2/30

NETWORK+ STUDY

Network+ Study Page 1

Contents

1. Network Fundamentalsa. The OSI Modelb. TCP/IP Suite

2. Network Topologies3. Cables and Connectors4. WAN technologies5. LAN Types and Properties6. Network Technologies & Protocols7. Network Addresses8. Routing

a. IPv4 and IPv6b. Properties of Routing

9. Network Devices / Standards10.Network Performance11.Network Tools12.Network Security13.Wireless Networking14.Authentication and Encryption


3/30

NETWORK+ STUDY


The OSI Model

Developed by OSI (Open Systems Interconnection) Reference model to define basic stands for network communication

Protocol A set of rules and procedures used for communication Standards of Communication

o Packagingo Addressingo Paymento Getting the package on the network

Application Layer

Data is Data

End users interact with the network at this layer HTTP, FTP, SMTP, Telnet, DNS, TFTP, POP3, Proxy Servers

Presentation Layer

Data is Data

Concerned with Presentation of data Compression & Encoding Character set translations .tiff, .jpg, .mpeg

Session Layer

Data is Data

The Boss of the end to end connection Handles creation, maintenance and teardown

Transport Layer

Data placed into Segments

Handles delivery of data from one host to another TDP, UDP Uses Port numbers Novell Netware SPX runs at this layer Packet Filtering

Network Layer

Data placed into Packets

Routing occurs IP, ICMP, IGMP, ARP, RARP Packet Filtering

Data Link Layer

Data placed into Frames

MAC addresses Switches, bridges and Wireless Access points Performs error detection but NO recovery Uses FCS (Frame Check Sequence) Split into 2 Parts (LLC & MAC) LLC (Logical Link Control) Interacts with Network Layer MAC ( ) Interacts with Physical Layer MAC layer decides where one frame ends and another begins

Physical Layer Ones & Zeroes Physical and electrical specifications Hubs, repeaters and NICS Signal encoding occurs here (converting data to electrical signals)


4/30

NETWORK+ STUDY


TCP/IP Suite

Architecture Based off the 4 layer DARPA model

Each of the 4 layers have individual protocols which work together to form a

protocol stack

Application Transport Internet Network Access

TCP Transmission Control Protocol

Connection oriented Ensure data arrives througho Acknowledgementso Timeout mechanism and retry mechanismo Sequence number tracking (amount of data and out of order)o Error recovery process

Transport layer of TCP/IP suite / OSI Layer 4 Packet Segmentation

o The numbering and Splitting of the data 3 Way Handshake (1. Syn 2. Syn/Ack 3. Ack)

o SYN Synchronize Sequence Numbero ACK Acknowledgement Number

Connection Termination 4 Packets TCP Window The amount of unacknowledged data a sender can send

on a connection before it gets an ack from the receiver

TCP Sliding Window


5/30

NETWORK+ STUDY


IP

Best-Effort

Unreliable

Connectionless

The Internet Protocol (IP) is the principal communications protocol in theTCP/IP Suite

Has the task of delivering packets from the source host to dest. Basedsolely in IP addresses

Defines datagram structures that encapsulate the data to be delivered Uses a checksum to detect errors, packets are discarded

IPv4 Header

IPv6 Internet Protocol version 6 (IPv6) is the latest revision of the Internet Protocol (IP), thecommunications protocol that provides an identification and location system for

computers on networks and routes traffic across the Internet. IPv6 was developed by

the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of

IPv4 address exhaustion.

Advantages over IPv4o Plenty of Addresses 3.4 x 1038o Simplified the Internet Routing Tableso Easy and Automated Configurationo Security is Required

128 Bits long, displayed in 16 hexadecimal blocks Simplify by suppressing leading 0s, replace contiguous 0 sets with :: FE80:0000:0000:0000:05EE:00FF:0238:47B1 FE80::5EE:FF:238:47B1 Types of IPv6 Address

o Unicast (One to One) Global Addresses Public Addresses Valid on Internet Link-local Addresses (Similar to APIPA, FE80)


6/30

NETWORK+ STUDY


Unique Local Addresses (Private- Begins with FC or FD)o Multicast (One to Many)o Anycast (One to One of Many)o Broadcast (One to All)

IPv6 Header

Network Topologies ( A Layout of a Network, which can be either physical or logical)

Bus

Semi-Outdated

Older

Also called Linear bus

Shared network segment with terminators at each end Easy to use, inexpensive, uses coaxial cable Easy to extend by adding cable with a repeater that boosts the

signal Serious Drawbacks

Only 1 Host can send data at a time All hosts see all data Not scalable Single point of failure Becomes slow by heavy network traffic Difficult to troubleshoot cable break or loose connector

will cause reflections and bring down the whole network

Uses less cable than other topologies Theoretically easiest to put together

Star Multiple hosts serving as the points of the star Most popular way to connect computers in a workgroup or

departmental network

Some fault tolerance; only the host connected to bad cable isaffected

Still a central point of failure (Center device) No shared segments No collisions Highly scalable Hosts can send data at any time


7/30

NETWORK+ STUDY


Uses more cable than bus topology


8/30

NETWORK+ STUDY


Ring Each host is connected to the two closest hosts Commonly used in token ring networks Advantages

One computer cannot monopolize the network Continue to function after capacity is exceeded but the

speed will be slow

Disadvantages Failure of one computer can affect the whole network Difficult to troubleshoot Adding/Removing computers disrupts the network

Token Ring Only the computer with the token can transmit Stations can be given transmission priority over others Defined by IEEE 802.5 Token BUS is defined by IEEE 802.4 Runs at 4, 16, 100 and 1000 Mbps Scalable, the more hosts you have, the longer hosts have to wait to

transmit

Uses a central MAU (Multi-Station Access Unit) or SMAU (Smart)

Network Types LAN local Area Network CAN Campus Area Network MAN Metropolitan Area Network WAN Wide Area Network (Internet)

Converged Network A network transporting multiple types of trafficATM Asynchronous transfer Mode

High Speed cell switching technology Cells are only 53 bytes in size (48 Data, 5 header) Cells are fixed in size Connection-oriented


9/30

NETWORK+ STUDY


FDDI Fiber-Distributed Data Interface Range is 60 miles via fiber-optic cable Built in fault tolerance through use of dual rings Speeds up to 100 MBPS Token passing technology WAN technology

Full and Partial Mesh Full Mesh each host has at least two connections When all nodes are connected to each other fully connected network Because of scalability, Mesh networks are uncommon Advantages

Point-to-point line configuration makes isolation of faults easy Messages travel through dedicated line, privacy and security are

enhanced

Best fault tolerance Dedicated links ensure each connection carries its own data load

Disadvantages The more extensive the networks, greater investment to build N(N-1) / 2 = Number of connections

Partial Mesh Only some nodes are organized in a full mesh Hybrid Mesh The Internet runs on Hybrid Mesh

Mixture of different topologies


10/30

NETWORK+ STUDY


Standard Cable and Connectors

Twisted Pair STP Shielded Twisted Pair UTP Unshielded Twisted Pair RJ45 Connector CAT cabling is Twisted Pair

CAT CAT 3: 10 Mbps CAT 5: 100 Mbps CAT 5e: 1000 Mbps CAT 6: 1000 Mbps CAT 6a: 1000 Mbps All categories can travel up to 100 Meters before reduction of signal

Fiber Optic Cable Uses light pulses instead of electricity to transmit data Singlemode: Smaller core, Laser based, Long distances Multimode: Larger core, LED based, Shorter distances Benefits

o More Secureo Not Susceptible to EMIo Very Fast, Long Distances

Drawbackso More expensiveo Not as flexible

SC ST LC MT-RJ

Coaxial 4 Layerso Copper Coreo Inner Insulatoro Shielding Wire Mesho Outer Insulator

Thinnet (RG-58)o 10 Mbpso 185 Meters Attenuationo BNC Connector

Thickneto 10 Mbpso 500 Meters Attenuationo AUI DB-15 Connector

RG-59 & RG-6o Used for cable TVo F-Connector

Serial (RS-232) 9 Pin Male or Female


11/30

NETWORK+ STUDY


Plenum Grade Cable Non plenum cable insulation can be toxic when

burned

RJ-11 Connector used for Analog phones

BNC A miniature quick connect/disconnect RF connector

used for coaxial cable. It features two bayonet lugs on

the female connector; mating is achieved with only a

quarter turn of the coupling nut. They are used with

radio, television, and other radio-frequency electronicequipment, test instruments, video signals, and was

once a popular connector for 10BASE2 computer

networks

F-Connector Coaxial RF connector commonly used for "over the

air" terrestrial television, cable television and

universally for satellite television and cable modems

Cable Faults Split Pair Two wires incorrectly mapped in exactly the same way on bothends of the cable

Far-end crosstalk signal bleedover between pairs in the same wire at thefar end of the cable. Not detectable with a tone generator and locator Delay skew the difference between the lowest and the highest

propagation delay measurements for the wires in a cable. Not detectable

by tone generator

Short Circuit -


12/30

NETWORK+ STUDY


WAN Technology (Type of Switch, Speed, Media, Distance)

Frame Relay

Nodes connected

through a packet

switching cloud

Connection-Oriented

Packet-switching WAN

technology

Most VCs are Permanent

Virtual Circuits (PVCs)

A Frame Relay Cloud is

the frame providers

network of Frame RelaySwitches

Circuit Switching A physical connection path is established between the source and thedestination typically through a series of circuits

Packet Switching Data is broken into packets which then each take a separateindependent route to the destination where they are reassembled

E1/T1

(E)uropean Version

T-carrier - Sometimes abbreviated as T-CXR, refers to one of severaldigital transmission systems developed by Bell Labs. T-carriers are used

in North America, South Korea, and Kyoto.

E-carrier system, which revised and improved the earlier American T-carrier technology, and this has now been adopted by the InternationalTelecommunication Union Telecommunication Standardization Sector

(ITU-T). This is now widely used in almost all countries outside the US,

Canada, and Japan.

Smart Jack: The actual termination of a T1 LineT-carrier and E-carrier

systems

North American Japanese European (CEPT)

Level zero (channel

data rate)

64 kbit/s (DS0) 64 kbit/s 64 kbit/s

First level 1.544 Mbit/s (DS1) (24

user channels) (T1)

1.544 Mbit/s (24 user

channels)

2.048 Mbit/s (32 user

channels) (E1)

(Intermediate level, T-carrier hierarchy only)

3.152 Mbit/s (DS1C)(48 Ch.)

Second level 6.312 Mbit/s (DS2) (96

Ch.) (T2)

6.312 Mbit/s (96 Ch.),

or 7.786 Mbit/s (120

Ch.)

8.448 Mbit/s (128 Ch.) (E2)

Third level 44.736 Mbit/s (DS3)

(672 Ch.) (T3)

32.064 Mbit/s (480

Ch.)

34.368 Mbit/s (512 Ch.) (E3)

Fourth level 274.176 Mbit/s (DS4)

(4032 Ch.)

97.728 Mbit/s (1440

Ch.)

139.264 Mbit/s (2048 Ch.)

(E4)

Fifth level 400.352 Mbit/s (DS5)

(5760 Ch.)

565.148 Mbit/s (8192

Ch.)

565.148 Mbit/s (8192 Ch.)

(E5)

ADSL Asymmetric Digital Subscriber Line allows POTS and data transmittedsimultaneously

SDSL Symmetric Digital Subscriber Line cannot share data transmission with POTSVDSL Very High Speed Digital Subscriber Line Allows Max Bandwidth available on

standard phone line ( 13 55 Mbps)

Cable Modem Provides high speed Internet connections using a broadband cableconnection

Satellite High Speed Internet


13/30

NETWORK+ STUDY


Typically used where DSL and Cable Internet are not availablePON Passive optical Network

Fiber to the premisesE3/T3 T3: 44.736 MBPS(DS3 basically 28 T1 Lines)

Wireless Provided through WIFI Hotspots 4G (WiMAX, LTE, HSPA+)

ATM Asynchronous Transfer Mode Advanced packet switching network using fixed length packets (53 bytes) Provides data rates up to 622 Mbps

SONET Synchronous Optical Network Divided into OC Levels (Optical Carrier Levels)

o OC-1 = 51.84 Mbpso OC-24 = 1.244 Gbps

MPLS

Uses Labeling

Multiprotocol Label Switching Technique Not a service

ISDN Integrated Services Digital Network

o BRI: Basic Rate 2 64K B-Channels / 1 16K D-Channello PRI: Primary Rate 23 64K B-Channels / 1 64K D-Channel

POTS Plain Old Telephone Service

PSTN Public Switched Telephone Network

VPN Virtual Private Networko Allows travelling users to connecto Uses Tunneling Protocols (PPTP, L2TP)


14/30

NETWORK+ STUDY


LAN Types & Properties

Ethernet Bonding: Taking 2 or more cables, allowing them to act together

Format: How Fast / Base / Type of Cable

T=Twisted Pair

5-4-3 Rule: 5 Cable Segments, 4 Repeaters, 3 mixing Segments10BaseT Standard Ethernet100BaseTX Fast Ethernet / 100 Mbps / Twisted Pair100BaseFX Fast Ethernet / 100 Mbps / Fiber Optic1000BaseT Gigabit Ethernet / 1000 Mbps / Twisted Pair1000BaseX Gigabit Ethernet / 1000 Mbps / Fiber Optic10GBaseSR Variations of Fiber Optic

10000 Mbps10GBaseLR10GBaseER

10GBaseSW

10GBaseLW

10GBaseEW

10GBaseT Twisted PairCSMA/CD Carrier Sense Multiple Access with Collision DetectionBroadcast The transmitting of a packet that will be received by every device on the

network

Collision When 2 clients transmit at the same time Detected by an increase in voltage All data becomes unusable, is discarded

Cross Connect Cable which connects you to a backbone or providerPatch Panel A patch panel, patch bay, patch field or jack field is a number of circuits,

usually of the same or similar type, which appear on jacks for monitoring,

interconnecting, and testing circuits in a convenient, flexible manner

MDF / IDF Main Distribution Frame Intermediate Distribution Frame

Demarc The point at which the telephone company network ends and connects toyour wiring


15/30

NETWORK+ STUDY


Network Devices

HUB HUB is a center device used to connect multiple computer and networkingdevice to each other, used in LANs

HUBs work on Physical layer in OSI model HUBs are a half duplex device Hubs broadcast all packets on all outgoing ports Passive hubDoes not amplify signals Active Hub Amplifies weak signals

Repeater In telecommunications, a repeater is an electronic device that receives asignal and retransmits it at a higher level or higher power, or onto the other

side of an obstruction, so that the signal can cover longer distances

Works on the Physical (1) layer of the OSI modelModem Device that modulates an analog carrier signal to encode digital information,

and also demodulates such a carrier signal to decode the transmitted

information.

NIC A network interface controller (NIC) (also known as a network interface card,

network adapter, LAN adapter and by similar terms) is a computer hardware

component that connects a computer to a computer network

Media Converters Used to convert from one form of media to another Most typical would be to convert between twisted pair copper and fiber

optic cable

Switch PoEo Power over Ethernet is used to transfer electrical power, along with

data, over standard twisted pair cable

STA - Spanning Tree Algorithmo Used by switches to determine the best route when there is more

than one connection to a node

VLANo Can be created in order to emulate multiple broadcast domains

using switches Trunking

o When a switch presents more than one VLAN configuration over asingle connection to another switch or router

Port Mirroringo Used to send a copy of network data to a second (mirrored)

connection usually for the purposes of monitoring

Port Authenticationo Used to restrict access based up authentication. Used in 802.11

(Wireless)

Basically a multiport bridge

Multi Layer Switcho Layer 3 switch (Can function based of IP addresses)o Content Switch (Ability to examine and filter higher level data)

Bridge Bridges operate at the Data link layer Simplistic routing tables based on MAC addresses Used to create separate collision domains

Wireless Access point Basically the same thing as a hub for wireless networksRouter Routers are used to connect networks together


16/30

NETWORK+ STUDY


Routers have sophisticated network tables which can determine the bestroute to get information from one network to another

Functions at the network layer of the OSI model Used to create separate broadcast domains

Firewall Used to protect private networks from external intrusion Can control what data is allowed in or out of a network Can be hard or software

IDS/IPS Intrusion Detection System / Intrusion Prevention SystemLoad Balancer Used when more than one line of communication available

Distributes the bandwidth load Round Robin DNS:

Bandwidth Shaper Similar to load balancer, provides much higher level of controlProxy Server NAT Server (Disguise an end users identity)

Can cache requests to save on bandwidthCSU/DSU Channel Service Unit/Data Service unit

Hardware device which converts data frames used on a LAN into dataframes used on a WAN

Typically used to connect a T1 line to a local networkTelephone Devices 100 Pair UTP

66 block oldest standard for punchdown block 25 Pair UTP cables

110 Blocks


17/30

NETWORK+ STUDY


Networking Technologies / Protocols

ARP

Address Resolution

Protocol

A Known IP address is resolved to a MAC address ARP allows a device to acquire the MAC address of a remote host when

only the IP address of the remote host is known

Keeps an ARP cache of known IP to MAC addresses In Windows, ARP utility displays IP to Physical translation tables

Proxy ARP Service that runs on routers Allows a router to respond to ARP requests from hosts Router will answer the ARP Request with the MAC address of the

interface received the request

Reverse ARP

OBSOLETE

Resolves a MAC address to an IP address A workstation boots up and realizes it has no IP address RARP request contains its own MAC address

UDP

Conectionless

User Datagram Protocol No guarantee of Delivery (Unreliable, Best effort Delivery) No error checking, no confirmation

DHCP

Dynamic Host

ConfigurationProtocol

Allows a server to dynamically distribute IP addressing andconfiguration information to clients

Provides IP address, Subnet Mask, Default Gateway, DNS & WINS, leaseLength

APIPA A Feature of Microsoft Windows, APIPA is a DHCP failovermechanism for local networks

4 Step Process DORA (Discover, Offer, Request, ACK)o Discover L3 Broadcasto Offer Contains IP and Masko Request Host decides which offer to accepto Ack Proper DHCP server gives the host additional information

(DNS Server, etc)

DHCP lease Renewalo DHCPREQUESTo DHCPACK

DHCP Relay Server DHCP Server

o TCP/IP service used to dynamically assign IP addresses on anetwork

o Responsible for managing the pool of IP addresses available tobe used on the network

ICMP

Internet Control

Message Protocol

Provides a mechanism for routers or dest. Hosts to communicate withsource hosts

Takes the form of specially formatted IP datagrams A required element in some implementations of TCP/IP Reports errors only about processing of non ICMP IP datagrams

DNS

Domain Naming

Service

Distributed Database for Internet Namespace Uses TCP and UDP port 53 Use UDP for queries, Use TCP for copying distributed database DNS Components

o DNS Servers TCP/IP service used to resolve host names to IP


18/30

NETWORK+ STUDY


addresses

Responsible for maintaining a directory of names in adatabase and respond to client requests

o DNS Databaseo DNS Clients

Domain NamespaceRoot Domain (.)

o Top-Level Domain (net,com,org)o Second-Level Domain (Microsoft)o Sub-Domain (hq,Canada)o FQDN (sales.hq.microsoft.com) Sales server

DNS Zoneo A zone is an area of DNS namespace to which a DNS Server can

be authoritative (has the right to give definitive answers)

DNS Recordso A (Host IPv4)o AAAA (Host IPv6)o PTR (Pointer)o

CNAME (Alias)o MX (Mail Exchanger)

Dynamic DNSo Dynamic Updateso DHCP Integration

FTP Uses port 20,21 Listens on port 21, port 20 for data transfer FTP requires username & password, sends in plain text FTP allows anonymous FTP TFTP (Simplistic, Connectionless)

o Port 69o No security, does not require username/Password

HTTP(S) Hyper Text Transfer Protocol HTTP uses TCP Port 80 HTTPS uses TCP port 443 (Uses SSL (Secure Socket Layer)

SIP (Voip) Session Initiation Protocol can establish, modify and terminatemultimedia sessions or calls

Examples: Multimedia conferences, distance learning, Internet callsRTP (VoIP) Real-Time Transport Protocol provides end-to-end network transport

functions suitable for applications transmitting real-time data such as

audio, video, over multicast or network services

SSH Secure Shell Similar to Telnet but secure

Employs encryption through certificates and authenticates the server to theclient

TCP port 22POP3 Post Office Protocol

Used to retrieve Email TCP port 110

NTP Network Time Protocol Synchronizes distributed clocks to the millisecond


19/30

NETWORK+ STUDY


UDP port 123IMAP4 Internet Message Access Protocol

Used to access all server-based messaging folders TCP port 143

Telnet Terminal emulation protocol that allows remote access to a system TCP port 23

SMTP Simple Mail Transfer Protocol Used for sending email TCP port 25

SNMP2/3 Simple Network Management Protocol Works by having network devices acting as agents, collecting information

and providing that information to SNMP managers

UDP port 161 Consists of 3 components: A management console software product

installed on a network computer, agents installed on the devices you want

to manage, and MIBs for each of the agents.

IGMP Internet Group Management Protocolo Communications protocol used by hosts and adjacent routers on IP

networks to establish multicast group memberships

o Integral part of IP multicastTLS Transport Layer Security establishing a secure connection between a

client and server

Capable of authenticating both client and the server creating an encryptedconnection between the two

Considered to be a replacement for SSLRDP Remote Desktop Protocol

Proprietary protocol developed by Microsoft

TCP Ports UDP PortsFTP 20,21 TFTP 69

SSH/SFTP/SCP 22 NTP 123

TELNET 23 DNS 53

SMTP 25 BOOTP/DHCP 67

DNS 53 SNMP 161

HTTP 80

POP3 110

IMAP4 143

HTTPS 443


20/30

NETWORK+ STUDY


Network Address

MAC ADDRESSES

MAC Address Names MAC Address L2 Address Physical Address Hardware Address BIA (Burned In Address)

Format

12-23-F5-45-56-78

Theoretically each device has a unique MAC 6 Bytes, can be expressed with Dash -, Colon : or Decimal . First 3 bytes Organizationally Unique Identifier (OUI) Last 3 bytes Network Interface Controller (NIC)

MAC Broadcasts Has a destination of everyone Broadcast address is FF-FF-FF-FF-FF-FF (Case insensitive)

IPv4

Format 32 Bit Address Dotted Decimal Notation

Classes Class Networkoctets

NumberRange

MaxNetworks

Max Hosts Special IPAddresses

A 0 1 1 126 126 16,777,214 10.0.0.0B 10 2 128 191 16,384 65,534 142.222.0.0C 110 3 192 223 2,097,152 254 195.143.1.0D 1110 Multicasting 224 239E11110

Experimental 240 255

IPv6

Format 128 Bit Address Eight groups of 4 hex digits separated by colons


21/30

NETWORK+ STUDY


Addressing Technologies

Subnetting Subnetting allows you to create multiple logical networks that exist within asingle Class A, B, or C network. If you do not subnet, you are only able to

use one network from your Class A, B, or C network, which is unrealistic

Subnet Mask: A 32 Bit combination used to describe which portion of anaddress refers to the subnet and which part refers to the host

Classful vs Classless Subnetso Classless addressing used a variable number of bits for the network

and host portions of the address

o Classless treats the IP address as a 32 bit stream of ones andzeroes, where the boundary between network and host portions

can fall anywhere between 0 and bit 31

Routing Protocolso Classful routing DO NOT send the subnet mask along with updateso Classless routing DO send the subnet mask along with updates

NAT (Network

Address Translation)

The process of modifying IP address information in IPv4 headers while intransit across a traffic routing device

PAT (Port Address

Translation)

An extension to network address translation (NAT) that permits multipledevices on a local area network (LAN) to be mapped to a single public IPaddress

The goal of PAT is to conserve IP addressesSNAT (Secure

Network Address

translation)

Provides a secure mechanism for translating internal, nonroutable addresses

into routable addresses. As traffic flows out of a data center, the gateway and

source address of IP packets are translated and switched to the appropriate

upstream gateway router. This ensures that traffic is sent and returned through

the desired path.

Public vs Private Public IP Addresses are used to navigate around in what today is known asthe Internet

Private IP Addresses are different from Public IP Addresses in the sense thatthey are not assigned to computers that can be located or reached over thelargest network in the world, or the Internet. These IP Addresses are

usually assigned by a router on a personal or smaller network such as a

home or office network. The individual routers that are routing the packets

from one computer to another are responsible for assigning these Private

IP Addresses.

o 10.0.0.0 to 10.255.255.255o 172.16.0.0 to 172.31.255.255o 192.168.0.0 to 192.168.255.255

Addressing Schemes

Unicast A method of sending IP datagrams to a single network destination

Multicast A method of sending IP datagrams to a group of receivers in a single

transmission

Broadcast Data is transmitted to ALL possible destinations


22/30

NETWORK+ STUDY


ROUTING

IPv4 & IPv6 Routing Protocols

Link StateEach router communicatesall the networks it knowsabout to other routers towhich it is directly attached

OSPF (Open Shortest Path First)o Used in medium to large networkso Bases its paths off link stateso Can also use cost metrics to give performance to certain paths

IS-IS (Intermediate System to Intermediate System)o Intermediate system is another name for a routero Originally designed with the OSI model

Distance VectorEach router builds a mapof the entire network.LSAs (Link State

Advertisements) are usedto communicateinformation about networksthey are connected to

RIP (Routing Information protocol)o Maximum 15 hopso Originally had updates send every 30 secondso Does not support Authenticationo Uses broadcast communication

RIPv2o Maximum 15 hopso Supports Authenticationo Uses multicast communication

BGPo Core routing protocol of the interneto Typically used by ISPs

Hybrid EIGRP (Enhanced Interior Gateway Routing Protocol)o Evolved from IGRPo Uses the Diffusing-Update Algorithm (DUAL)o Each router keeps a copy of its neighbors routing tableso Each router periodically send out a hello packet to keep track of

the state of its neighbors

Properties of Routing

IGP vs. EGP IGP (Interior Gateway Protocol)o

A routing protocol used to exchange information within a LAN EGP (Exterior Gateway Protocol)

o A routing protocol used to route information outside a localnetwork, typically out to the Internet

Static vs. Dynamic Static Routingo All routers have to have their routing table configured and updated

regularly

Dynamic Routingo Routers communicate with each other to share their routing

information with each other

Hop One portion of the path between source and destination Each time packets are passed to the next device a hop occurs Hop Count the number of intermediate devices (like routers) through

which data must pass between source and destination

Routing Tables Used by network devices in order to determine where a packet should besent in an attempt to get it routed to its final destination

Convergence The process of all routers becoming aware of the changes to the network

Network Standards


23/30

NETWORK+ STUDY


CSMA/CD

Carrier Sense Multiple

Access / Collision

Detection

Carrier Sense hosts listen to the wire before sending Multiple Access More than one host is doing this Collision Detection A hosts ability to detect that their data has been

involved in a collision

When signals collide change in voltage all data becomes unusableEach node will continue transmitting to ensure all nodes detect the

collision

When all nodes have detected the collision, the backoff algorithm isinvoked and transmission stops

Virtual LAN A single L2 device may be partitioned to create multiple distinctisolated broadcast domains

Can be configured through software Acts like an ordinary LAN, but connected devices dont have to be

physically connected to the same segment

802.1QIEEE Ethernet

Standards

(Institute of Electrical

and ElectronicsEngineers)

Half Duplex: Does not allow simultaneous sending & receiving Full Duplex: Does allow simultaneous sending & receiving 802.3: Defines Ethernet 10Base-2: ThinEthernet 10 MBPS 185 Meters 10Base-5: Thick Ethernet 10 MBPS 500 Meters 802.3i: 10BaseT, 10MBPS Range 100 Meters 802.3u: 100Base-t, 100 MBPS 802.3z: Gig Ethernet (1000 MBPS) 802.3ae: 10 Gig Ethernet (10000 MBPS) 802.11: Wireless Ethernet 802.1: Overall Internetworking Standards 802.2: Defines the LLC sub-layer of the Data Link Layer

Broadcast Storm A broadcast storm occurs when a network system is overwhelmed by

continuous multicast or broadcast traffic. When different nodes are

sending/broadcasting data over a network link, and the other network devicesare rebroadcasting the data back to the network link in response, this will

eventually cause the whole network to melt down and lead to the failure of

network communication


24/30

NETWORK+ STUDY


Network Performance

QoS Quality of Service is a strategy used to control the flow of network traffic Administrators can provide preferential delivery for the applications which

need it

Traffic Shaping Used to enforce the control of network traffic One of the methods administrators use to ensure QoS is Traffic Shaping Generally traffic should be shaped based upon different priority factors

o Users, Applications, Time of DayLoad Balancing A General term which defines the use of more than one (insert variable) to

provide a service

Client needs are satisfied by the first available (insert variable) Sometimes clients needs can be satisfied by all available (insert variable) Variables

o Servers, Hard Drives, Transmission LinesHigh Availability a system design approach and associated service implementation that

ensures a prearranged level of operational performance will be met during

a contractual measurement period

Caching Engines Used to store information so it does not have to be retrieved off thenetwork multiple times

A proxy server is an example of a caching engine CARP (Cache Array Routing Protocol)

Fault Tolerance If something is fault tolerant then it means that in the event of a failure(fault) it will continue to function (tolerance)

RAID (Redundant Array of Independent Discs)Latency Sensitivity Latency-sensitive data is data whose retrieval or transmission must meet

certain time constraints in order to be acceptable to the user.

High Bandwidth

Applications

VoIP Video Applications

Uptime The uptime and reliability of computer and communications facilities issometimes measured in nines. Having a computer system's availability of99.999% means the system is highly available, delivering its service to the

user 99.999% of the time it is needed. In other words you get a total

downtime of approximately five minutes and fifteen seconds per year with

99.999% uptime.


25/30

NETWORK+ STUDY


Network Command Line Tools

Traceroute (UNIX) View entire path a packet takes to get from one device to anotherTracert (Windows) View entire path a packet takes to get from one device to anotherIpconfig (Windows) Used to view TCP/IP configurationIfconfig (UNIX) Used to view TCP/IP configurationPing Used to check connectivity between networking devicesArp Used to view and manage the ARP cacheNslookup Used by Windows to troubleshoot DNS name resolution issues

Has both interactive and non-interactive modeHostname (Windows) Displays the host name portion of the full computer name of the computerDig (UNIX) Used by Unix to troubleshoot DNS name resolution issues

NSLOOKUP can also be used, but DIG is considered to be more powerful Does not have an interactive mode

Mtr (UNIX) Network Diagnostic Tool Combines the functionality of Traceroute and Ping

Route (BOTH) Used to view and manipulate the TCP/IP routing tableNbtstat Used to display NetBIOS statistics to assist in troubleshooting name

resolution issuesNetstat Used to display TCP/IP statistics and connectionsRoute Used to display and manage the routing table

Networking Hardware Tools

Cable Stripper Used to strip off the outer insulation of a cable when getting ready for aconnector

Snips / Wire Cutter Used to cut cablesCrimper Used to attach a connector on the end of a cableCable Tester Electronic device used to verify the electrical connections in a cable or

other wired assembly

Punch Down Tool Used to connect wire to a punch down blockTDR/OTDR A Time Domain Reflectometer is used to check the continuity of a coppercable

Optical Domain Reflectometer is used to check the continuity of a fiberoptic cable

Can be used to help locate a break in a cableToner Probe Used to locate the end of a cable

Made up of 2 components, a tone generator and a probeVoltage Event

Recorder

Used to monitor the quality of the power coming from a wall outletMultimeter Used to test a variety of information about cables, connectors and outletsButt Set Used to allow an administrator to butt in to a communication lineProtocol Analyzer Used to analyze network protocol (May be hardware or software)Loopback plug Also referred to as a loopback adapter is a connection device that is

plugged into a computers port in order to perform a loopback test


26/30

NETWORK+ STUDY


Network Security

Attacks

Wireless Security

Threats

Rogue Access Point Access point placed on the network without theadministrators knowledge

Evil Twin WAP that is camouflaged as a legitimate hot spot to gatherpersonal or corporate information without the end users knowledge

Viruses Software which is designed to perform harm to a system which is loadedwithout the users permission

o Worms Can self propagate from system to systemo Trogan Horse Disguises itself as a harmless program to fool the

user into installing and/or executing it

Attacks Denial of Service (DoS) An attack which is not designed to steal ordestroy, but rather to overwhelm a system to the point that it cannot

perform normal functions

Distributed Denial of Service (DDoS) An attack in which a multitude ofcompromised systems attack a single target, causing denial of service for

users of the targeted system

Smurf Involves flooding a network with the same ICMP Echo Requestmessages used by Ping but sent to the networks broadcast address. Thesemessages are also spoofed; the source address field contains the IP address

of the computer that is the intended victim. This way, all the computers

receiving the broadcast will send their responses to the victim computer,

flooding its in-buffers.

Social Engineering (phising) Someone pretending to be somebody thatthey are not in order to gain your trust so you will share secret information

Man in the Middle An attacker gets between the sender and therecipient, intercepts information in transmission, and modifies the

transmission before passing it on

Buffer Overflow Occurs when more data is sent to an application than itcan process or store in the buffer

Packet Sniffing The process of capturing any data passed over the localnetwork and looking for any information that may be useful

FTP Bounce an exploit of the ftp protocol whereby an attacker is able touse the PORT command to request access to ports indirectly through the

use of the victim machine as a middle man for the request

Security Devices

Firewalls Used to control the flow of data Work by establishing a set of rules

o Allow all except (Explicit deny)o Block all except (Implicit deny)

Advanced firewall capabilities include:o Stateful Inspectiono Packet Filtering

DMZ (Demilitarized Zone)o Also called perimeter network

IDS (Intrusion

Detection System)

Can be host or network based Used to help an administrator recognize a possible attack on a network

system

IPS (Intrusion Similar functionality to an IDS, but will actively make changes to lock down


27/30

NETWORK+ STUDY


Prevention System) the network or system if a potential intrusion is present

VPN Concentrator Hardware based VPN server. Used to setup a secure VPN connection withthe remote client before passing them on through to the internal network

NESSUS Comprehensive vulnerability scanning program. Detects potentialvulnerabilities on the tested systems by launching a series of attacks

NMAP A security scanner used to discover hosts and services on a computernetwork thus creating a map of the network

Security Methods Honeypotso A trap set to counteract attempts at unauthorized use of

information systems

Honeynetso A decoy network set up with intentional vulnerabilities; its purpose

is to invite attack so that attacker methods can be studied

Network Access Security

Access Control Lists

(ACLs)

A form of filtering used to control whether someone should be given accessto a network or system

o MAC Filteringo IP Filteringo PORT filtering

Tunneling and

Encryption

Virtual Private Networks (VPNs) are used to securely extend the internalnetwork out to remote clients

o Client-to-siteo Site-to-site

VPN Protocolso Point to Point Tunneling Protocol (PPTP)o Layer 2 Tunneling Protocol (L2TP)o IPSec

ISAKMP Uses The IP Authentication Header (AH) protocol

Encapsulates the payload of a datagram for transmissionacross a network

SSL (Secure Sockets Layer) TLS 2.0 (Transport Layer Security) SSL VPN

Remote Access Remote Access Service (RAS) Point to Point Protocol (PPP) Point to Point Protocol over Ethernet (PPPoE) Remote Desktop Protocol (RDP) Independent Computing Architecture (ICA) Secure Shell (SSH)

User Authentication Authenticationo The process of identifying a user or computer

Authorizationo The process of determining the level of access for a user or

computer

Accountingo The process of keeping a log of activity by a user or computer

RADIUS (Remote Authentication Dial In User Service)


28/30

NETWORK+ STUDY


o Uses UDP connections TACACS+ (Terminal Access Controller Access Control System)

o Relies on TCP connections Kerberos

o Uses a secret key to keep authentication information (usernames &passwords) secure

o Uses a symmetric key encryption methodology so it is typicallyused within private networks where key management can behandled easily

o Allows for users to have a single sign-ono Can also be used for mutual authentication

Multifactor Authenticationo Using more than one form of authentication to identify a user

Something they know (Username, Password) Something they have (Physical, Smartcard) Something they are (Biometric, Fingerprint, Voice)

Public Key Infrastructure (PKI)o A term used to describe a network which has been fully configured

to use certificates and public key encryption Cryptography

o A process of applying an algorithm to clear text in order to convertit to cipher text

o Symmetric Key Encryption The same key is used to encrypt and decrypt data There needs to be a key for every unique communication Good for use in a small secure environment When used over an unsecure network an asymmetric key is

usually used to secure the exchange

o Asymmetric Key Encryption Key pairs are used to encrypt and decrypt data Key exchange and storage is simplified Good for use in a large unsecure environment The most common form of asymmetric encryption is

known as public key encryption

802.1x (A Secure network access control standard)o It is really a set of protocols and requirements which include

certificate services and RADIUS

o Typically used for secure wireless network access although it iscapable of securing wired networks as well

Remote Access Authentication Protocolso Password Authentication Protocol (PAP)o Challenge Handshake Allocation Protocol (CHAP)o Microsoft Challenge Handshake Allocation Protocol(v2) (MSCHAP &

MSCHAPv2)

o Extensible Authentication Protocol (EAP)


29/30

NETWORK+ STUDY


Wireless Networking

Benefits of Wireless Networkingo No more cableso Easier to installo Connect networks through walls and other obstacleso Quickly allow temporary access

802.11 a/b/g/n Speeds Distance Channels Frequency

802.11a 54Mbps Less than 100feet

36,40,44,4852,56,60,64

5Ghz

802.11b 11Mbps 300Ft outdoors100Ft indoors

1 through 11 2.4Ghz

802.11g 54Mbps 300Ft outdoors100Ft indoors

1 through 11 2.4Ghz

802.11n 100Mbps 1000Ft 2.4Ghz &5Ghz

Components of a Wireless Access Point BSS (Basic Service Set) ESS (Extended Service Set) SSID (Service Set Identifer) ESSID (Extended Service Set Identifer) BSSID (Basic Service Set Identifier) BSA (Basic Service Area)

Wireless Access Point Placement must be consideredo Where are the clients locatedo Different hardware has different signal strengtho Antenna Type

Directional RF Interference

802.11n MIMO (Multiple in multiple out)Antenna Gain

Beam Widths (Horizontal and Vertical) Rear Lobe coverage Polarization Impedance, VSWR


30/30

NETWORK+ STUDY

Authentication and Encryption / Wireless Security

WPA Wireless Protected AccessWi-Fi Alliance

Name

Authentication

Mechanism

Cipher Suite Encryption

Mechanism

WPA-Personal Preshared Key TKIP RC4

WPA-Enterprise 802.1X/EAP TKIP RC4

WPA2-Personal Preshared Key CCMP (default)

TKIP (Optional)

AERS (Default)

RC4 (Optional)WPA2-Enterprise 802.1X/EAP CCMP (Default)

TKIP (Optional)

AES (Default)

RC4 (Optional)

802.1x Requires the use of Certificates and RADIUS Certificates can be used to provide a higher level of authentication of the

user and/or computer attempting to connect

A RADIUS server is used to centralize the connection requests to thewireless network

WEP Wired Equivalency Privacy Originally used 40 bit key, later advanced to 128 bit encryption Not secure, easily cracked

Radius Remote Access Dial In User Service (RADIUS) is a networking protocol thatprovides centralized Authentication, Authorization, and Accounting (AAA)

management for computers that connect and use a network service

Client/Server protocol that runs in the application layer Uses UDP as transport method

TKIP Temporal Key Integrity Protocol Designed as a solution to replace WEP without requiring replacement of

legacy hardware

MAC Filtering Specify what computers can connect to you WAP based upon the MAC address

of their wireless card

Documents

Comptia Network+ Study Sheet