CompTIA Network+ Study Guide: Exam N10-009

By Todd Lammle and Jon Buhagiar

Prepare for the Network+ certification and a new career in network installation and administration

In the newly revised Sixth Edition of CompTIA Network+ Study Guide: Exam N10-009, bestselling authors and network experts Todd Lammle and Jon Buhagiar deliver thorough and accurate coverage of how to install, configure, and troubleshoot today's networking hardware peripherals and protocols.

This book shows you how to succeed on the in-demand CompTIA Network+ certification exam, impress interviewers in the networking industry, and excel in your first role as a network administrator, support technician, or related position.

The accomplished authors draw on their combined 30+ years of networking experience to walk you through the ins and outs of the five functional domains covered by the Network+ Exam: N10-009: Networking concepts, implementation, operations, security, and troubleshooting. You'll also get:

• Comprehensive, domain-specific coverage of the updated Network+ Exam: N10-009 objectives
• Preparation for the leading network certification used by over 350,000 networking professionals
• Access to a superior set of online study tools, including hundreds of practice questions, flashcards, and a glossary of key terms

Perfect for anyone preparing for the latest version of the CompTIA Network+ Exam: N10-009, the Sixth Edition of CompTIA Network+ Study Guide: Exam N10-009 is a must-have resource for network admins seeking to enhance their skillset with foundational skills endorsed by industry pros and thought leaders from around the world.

And save 10% when you purchase your CompTIA exam voucher with our exclusive WILEY10 coupon code.

 

• Language: English
• Publisher: Wiley
• Release date: Apr 17, 2024
• ISBN: 9781394235612

Book preview

CompTIA® Network+® Study Guide

Exam N10-009

Sixth Edition

Todd Lammle

Jon Buhagiar

Logo: Wiley

Copyright © 2024 by John Wiley & Sons. All rights reserved.

Published by John Wiley & Sons, Inc., Hoboken, New Jersey.

Published simultaneously in Canada and the United Kingdom.

ISBNs: 9781394235605 (paperback), 9781394235629 (ePDF), 9781394235612 (ePub)

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at www.wiley.com/go/permission.

Trademarks: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries and may not be used without written permission. CompTIA and Network+ are trademarks or registered trademarks of CompTIA, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.

Library of Congress Control Number: 2024933522

Cover image: © Jeremy Woodhouse/Getty Images, Inc.

Cover design: Wiley

Acknowledgments

First and foremost, I want to thank Kenyon Brown (the acquisitions editor for this book) for helping me put this book together, helping with the timeline, and following up with any needs and requests. This book would not have been possible without him.

I want to thank Jon Buhagiar for his enormous contribution to this book and project. This CompTIA series is a difficult mountain to climb, and Jon was there with me every step of the way. He took away an enormous pressure on me so that I could concentrate on the meat of the chapters where I was needed most. Thank you, Jon!

Kim Wimpsett has been the development editor of this Sybex CompTIA series and the last four books. Thank you, Kim, for your patience and kindness and for working so hard on this book with me again, and I look forward to any book with you on the editorial board. For this edition, Kim filled the role of copy editor instead.

Caroline Define was the development editor of this edition of Sybex's CompTIA Network+ books. This was my first time working with Caroline, and she made it drama-free and easy!

Kim and Caroline demonstrated patience, kindness, and dedication to quality, and I'm glad to continue working with them.

Pete Gaughan was the managing editor, and Saravanan Dakshinamurthy and Magesh Elangovan were the production specialists. My thanks to you!

Todd Montgomery really came through when I was in a tight spot and helped me put some final touches on Chapters 16 and 17. Thank you, Todd—you're a lifesaver!

Chris Crayton tech edited and reviewed each topic in this guide, scrutinizing the material until we both agreed it was verifiably solid. Thank you, Chris!

—Todd Lammle

About the Authors

Todd Lammle is the authority on Cisco certification and internetworking and is Cisco certified in most Cisco certification categories. He is a world-renowned author, speaker, trainer, and consultant. Todd has three decades of experience working with LANs, WANs, and large enterprise licensed and unlicensed wireless networks. Lately, he's been implementing large Cisco security networks using Firepower/FTD, Thousand Eyes, CDO, and ISE, as well as Cloudflare Zero Trust networks.

His years of real-world experience are evident in his writing; he is not just an author but an experienced networking engineer with very practical experience from working on the largest networks in the world at such companies as Xerox, Hughes Aircraft, Texaco, AAA, Cisco, and Toshiba, among many others.

Todd has published more than 130 books, including the very popular CCNA: Cisco Certified Network Associate Study Guide, CCNA Wireless Study Guide, CCNA Data Center Study Guide, and CCNP Security—all from Sybex. He runs an international consulting and training company based in northern Idaho where he spends his free time in the mountains playing with his golden retrievers.

You can reach Todd through his website at www.lammle.com.

Jon Buhagiar is an information technology professional with more than two decades of experience in higher education. During the past 24 years, he has been responsible for network operations at a college in western Pennsylvania and has led several projects, such as virtualization (server and desktop), VoIP, Microsoft 365, Azure, and many other projects supporting the quality of education at the college. He has achieved several certifications from Cisco, CompTIA, and Microsoft, and has taught many of the certification paths. He is the author of several books, including Sybex's CompTIA A+ Complete Study Guide: Exam 220-1101 and Exam 220-1102, CompTIA Network+ Review Guide: Exam N10-008, and CCNA Certification Practice Tests: Exam 200-301.

About the Technical Editor

Chris Crayton, MCSE, CISSP, CASP+, CySA+, Cloud+, S+, N+, A+, ITF+, is a technical consultant, trainer, author, and industry-leading technical editor. He has worked as a computer technology and networking instructor, information security director, network administrator, network engineer, and PC specialist. Chris has served as technical editor and content contributor on numerous technical titles for several of the leading publishing companies. He has also been recognized with many professional and teaching awards.

Table of Exercises

EXERCISE 1.1  Identifying Common Network Components

EXERCISE 2.1  Investigating the Applications and the OSI Model

EXERCISE 3.1  Investigating Computer Connections

EXERCISE 3.2  Investigating Ethernet Cables

EXERCISE 4.1  Converting Binary, Decimal, and Hexadecimal

EXERCISE 4.2  Exploring Ethernet Standards

EXERCISE 5.1  Experimenting with DHCP

EXERCISE 5.2  Examining DNS Entries

EXERCISE 6.1  Examining Port Numbers

EXERCISE 7.1  Identifying IP Addresses

EXERCISE 8.1  Examining IP Address and Subnet Masks

EXERCISE 9.1  Examining the ARP Cache

EXERCISE 10.1  Examining OS Routing

EXERCISE 11.1  Understanding Switch Functions

EXERCISE 12.1  Examining Wireless Settings

EXERCISE 12.2  Performing a Simple Site Survey

EXERCISE 13.1  Experimenting with RDP

EXERCISE 14.1  Working with Performance Monitor

EXERCISE 15.1  Creating Standard Operating Procedures

EXERCISE 15.2  Documenting Your Network

EXERCISE 16.1  Designing Facilities and Infrastructure

EXERCISE 17.1  Exploring Cloud Services

EXERCISE 18.1  Examining IP Configuration

EXERCISE 19.1  Examining DNS with nslookup

EXERCISE 19.2  Examining Connections with netstat

EXERCISE 20.1  Identifying Vulnerabilities

EXERCISE 20.2  Examining Self-Signed Certificates

EXERCISE 21.1  Testing Your Antimalware

EXERCISE 21.2  Experimenting with Social Engineering

EXERCISE 21.3  Planning Video Surveillance

Introduction

If you're like most of us in the networking community, you probably have one or more network certifications. If that's you, you're very wise in choosing a CompTIA Network+ (N10-009) certification to proudly add to your repertoire because that achievement will make you all the more valuable as an employee.

In these challenging economic times, keeping ahead of the competition—even standing out among your present colleagues—could make a big difference in whether you gain a promotion or possibly keep your job instead of being the one who gets laid off! Or maybe this is your first attempt at certification because you've decided to venture into a new career in information technology (IT). You've realized that getting into the IT sector is a good way to go because as the Information Age marches on, the demand for knowledgeable professionals in this dynamic field will only intensify dramatically.

Either way, certification is one of the best things you can do for your career if you are working in, or want to break into, the networking profession because it proves that you know what you're talking about regarding the subjects in which you're certified. It also powerfully endorses you as a professional in a way that's very similar to a physician being board certified in a certain area of expertise.

In this book, you'll find out what the CompTIA Network+ exam is all about because each chapter covers part of the exam. I've included some great review questions at the end of each chapter to help crystallize the information you learned and solidly prepare you to ace the exam.

A really cool thing about working in IT is that it's constantly evolving, so there are always new things to learn and fresh challenges to master. Once you obtain your Network+ certification and discover that you're interested in taking it further by getting into more complex networking (and making more money), the Cisco CCNA certification is definitely your next step; you can get the skinny on that and even more in-depth certifications on my blog at www.lammle.com.

Note Icon For Network+ training with Todd Lammle, both instructor-led and online, please see www.lammle.com.

What Is the Network+ Certification?

Network+ is a certification developed by the Computing Technology Industry Association (CompTIA) that exists to provide resources and education for the computer and technology community. This is the same body that developed the A+ exam for PC technicians.

The Network+ exam was designed to test the skills of network technicians with 9 to 12 months of experience in the IT networking field. It tests areas of networking technologies, such as the definition of a protocol, the Open Systems Interconnection (OSI) model and its layers, and the concepts of network design and implementation—the minimum knowledge required for working on a network and some integral prerequisites for network design and implementation.

Why Become Network+ Certified?

Because CompTIA is a well-respected developer of vendor-neutral industry certifications, becoming Network+ certified proves you're competent in the specific areas covered by the Network+ exam objectives.

Four major benefits are associated with becoming Network+ certified:

Proof of Professional Achievement    Networking professionals are pretty competitive when it comes to collecting more certifications than their peers. And because the Network+ certification broadly covers the entire field of networking, technicians want this certification a lot more than they want just Microsoft certifications—Network+ is a lot more prestigious and valuable. Because it's rare to gain something that's worth a lot with little effort, I'll be honest—preparing for the Network+ exam isn't exactly a lazy day at the beach. (However, beaches do happen to be really high on my personal list of great places to study!) And people in IT know that it isn't all that easy to pass the Network+ exam, so they'll definitely respect you more and know that you've achieved a certain level of expertise about vendor-independent, networking-related subjects.

Opportunity for Advancement    We all like to get ahead in our careers—advancement results in more responsibility and prestige, and it usually means a fatter paycheck, greater opportunities, and additional options. In the IT sector, a great way to make sure all that good stuff happens is by earning a lot of technology certifications, including Network+.

Fulfillment of Training Requirements    Network+, because of its wide-reaching industry support, is recognized as a baseline of networking information. Some companies actually specify the possession of a Network+ certification as a job requirement before they'll even consider hiring you, or it may be specified as a goal to be met before your next on the job review.

Customer Confidence    As companies discover the CompTIA advantage, they will undoubtedly require qualified staff to achieve these certifications. Many companies outsource their work to consulting firms with experience working with security. Firms that have certified staff have a definite advantage over firms that don't.

How to Become Network+ Certified

As this book goes to press, Pearson VUE is the sole Network+ exam provider. The following is the necessary contact information and exam-specific details for registering. Exam pricing might vary by country or by CompTIA membership.

When you schedule the exam, you'll receive instructions regarding appointment and cancellation procedures, ID requirements, and information about the testing center location. In addition, you'll receive a registration and payment confirmation letter. Exams can be scheduled up to six weeks out or as soon as the next day (or, in some cases, even the same day).

Note Icon Exam prices and codes may vary based on the country in which the exam is administered. For detailed pricing and exam registration procedures, refer to CompTIA's website at www.comptia.org.

After you've successfully passed your Network+ exam, CompTIA will award you a certification. Within four to six weeks of passing the exam, you'll receive your official CompTIA Network+ certificate and ID card. (If you don't receive these within eight weeks of taking the test, contact CompTIA directly using the information found in your registration packet.)

Tips for Taking the Network+ Exam

Here are some general tips for taking your exam successfully:

Bring two forms of ID with you. One must be a photo ID, such as a driver's license. The other can be a major credit card or a passport. Both forms must include a signature.

Arrive early at the exam center so you can relax and review your study materials, particularly tables and lists of exam-related information. After you are ready to enter the testing room, you will need to leave everything outside; you won't be able to bring any materials into the testing area.

Read the questions very carefully. Don't be tempted to jump to an early conclusion. Make sure you know exactly what each question is asking.

Don't leave any unanswered questions. Unanswered questions are scored against you. There will be questions with multiple correct responses. When there is more than one correct answer, a message at the bottom of the screen will prompt you to either choose two or choose all that apply. Be sure to read the messages displayed to know how many correct answers you must choose.

When answering multiple-choice questions, you're not sure about, use a process of elimination to get rid of the obviously incorrect answers first. Doing so will improve your odds if you need to make an educated guess.

On form-based tests (nonadaptive) because the hard questions will take the most time, save them for last. You can move forward and backward through the exam.

Who Should Read This Book?

You—if want to pass the Network+ exam, and pass it confidently! This book is chock-full of the exact information you need and directly maps to Network+ exam objectives, so if you use it to study for the exam, your odds of passing shoot way up.

And in addition to including every bit of knowledge you need to learn to pass the exam, I've included some really great tips and solid wisdom to equip you even further to successfully work in the real IT world.

What Does This Book Cover?

This book covers everything you need to know to pass the CompTIA Network+ exam. But in addition to studying the book, it's a good idea to practice on an actual network if you can.

Here's a list of the 21 chapters in this book:

Chapter 1, Introduction to Networks    This chapter includes an introduction to networks and an overview of the most common physical network topologies in today's networks.

Chapter 2, The Open Systems Interconnection (OSI) Reference Model    This chapter covers the OSI model, what it is, what happens at each of its layers, and how each layer works.

Chapter 3, Networking Connectors and Wiring Standards    This chapter covers the various networking media and topologies, plus the cable types and properties used in today's networks.

Chapter 4, The Current Ethernet Specifications    This chapter covers how a basic Ethernet LAN works and describes and categorizes the different Ethernet specifications.

Chapter 5, Networking Devices    You need to understand all the various devices used in today's networks, and this chapter will describe how hubs, routers, and switches and some other devices work within a network.

Chapter 6, Introduction to the Internet Protocol    This is your introduction to the all-important IP protocol stack.

Chapter 7, IP Addressing    This chapter will take up from where Chapter 6 left off and move into IP addressing. It also contains information about public versus private addressing and DHCP.

Chapter 8, IP Subnetting, Troubleshooting IP, and Introduction to NAT    Beginning where Chapter 7 ends, we'll be tackling IP subnetting in this one. But no worries here—I've worked hard to make this not-so-popular-yet-vital topic as painless as possible.

Chapter 9, Introduction to IP Routing    This introduction to routing basically covers what routers do and how they do it. This chapter, along with Chapters 10 and 11, covers routing and switching in much more detail than necessary to meet the CompTIA Network+ objectives because this knowledge is so critical to grasp when working with today's networks.

Chapter 10, Routing Protocols    This chapter describes the protocols that run on routers and how they update routing tables to create a working network map.

Chapter 11, Switching and Virtual LANs    This chapter covers layer 2 switching, the Spanning Tree Protocol (STP), and virtual LANs (vLANS). I went deeper than needed for the exam with the routing chapters, and I'll cover switching and virtual LANs (which are also vital in today's corporate networks) more thoroughly.

Chapter 12, Wireless Networking    Because wireless is so essential for both home and business networks today, this chapter is loaded with all the information you need to be successful at wireless networking at home and work.

Chapter 13, Remote Network Access    In this chapter you'll learn the importance of providing both fault tolerance and high availability. You'll also learn about VPN architectures. These include site-to-site VPNs, client-to-site VPNs, clientless VPNs, split tunnel versus complete VPN, and SSH VPNs.

Chapter 14, Using Statistics and Sensors to Ensure Network Availability    In this chapter, you'll learn what sort of data you should be monitoring and some of the ways to do so.

Chapter 15, Organizational Documents and Policies    In this chapter, you'll learn that plans and procedures should be developed to manage operational issues such as change management, incident response, disaster recovery, business continuity, and the system life cycle. You'll also learn the standard operating procedures that should be developed to guide each of these processes.

Chapter 16, High Availability and Disaster Recovery    In this chapter, you will learn about redundancy concepts, fault tolerance, and the disaster recovery process.

Chapter 17, Data Center Architecture and Cloud Concepts    In this chapter, I'll talk a lot about the documentation aspects of network administration. The chapter will start off discussing physical diagrams and schematics and move on to the logical form as well as configuration-management documentation. You'll learn about the importance of these diagrams, the simple to complex forms they can take, and the tools used to create them—from pencil and paper to high-tech AutoCAD schematics. You'll also find out a great deal about creating performance baselines.

Chapter 18, Network Troubleshooting Methodology    In this chapter, you'll learn about all things troubleshooting, such as how to sleuth out and solve a lot of network problems.

Chapter 19, Network Software Tools and Commands    This chapter introduces the network tools you will use to help you run your networks. Specialized tasks require specialized tools, and installing network components is no exception. We use some of these tools, such as network scanners, every day.

Chapter 20, Network Security Concepts    In this chapter, you will learn the basic concepts, terms, and principles that all network professionals should understand to secure an enterprise network.

Chapter 21, Common Types of Attacks    In this chapter you will learn the common types of attacks that all network professionals should understand to secure an enterprise network.

What's Included in the Book

I've included several study tools throughout the book:

Assessment Test    At the end of this introduction is an assessment test that you can use to check your readiness for the exam. Take this test before reading the book; it will help you determine the areas you might need to brush up on. The answers to the assessment test questions appear on a separate page after the last question of the test. Each answer includes an explanation in which the material appears.

Objective Map and Opening List of Objectives    Later in this introduction is an objective map showing you where each exam objective is covered in this book. In addition, each chapter opens with a list of its exam objectives. Use these to see exactly where each of the exam topics is covered.

Exam Essentials    Each chapter includes several exam essentials. These are the key topics you should take from the chapter regarding areas to focus on when preparing for the exam.

Written Lab    Each chapter includes a written lab. These are short exercises that map to the exam objectives. Answers to these can be found in Appendix A.

Chapter Review Questions    To test your knowledge as you progress through the book, review questions are at the end of each chapter. As you finish each chapter, answer the review questions, and then check your answers—the correct answers and explanations are in Appendix B. You can reread the section that deals with each question you got wrong to ensure that you answer correctly the next time you're tested on the material.

Interactive Online Learning Environment and Test Bank

The interactive online learning environment that accompanies CompTIA Network+ Study Guide: Exam N10-009 6th edition provides a test bank with study tools to help you prepare for the certification exam—and increase your chances of passing it the first time! The test bank includes the following tools:

Sample Tests    All of the questions in this book are provided, including the assessment test, which you'll find at the end of this introduction, and the chapter tests, which include the review questions at the end of each chapter. In addition, there are two practice exams. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.

Flashcards    Approximately 200 questions are provided in digital flashcard format (a question followed by a single correct answer). You can use the flashcards to reinforce your learning and provide last-minute test prep before the exam.

Glossary    A glossary of key terms from this book and their definitions is available as a fully searchable PDF.

Note Icon Go to www.wiley.com/go/netplustestprep to register and gain access to this interactive online learning environment and test bank with study tools.

Note Icon Like all exams, the Network+ certification from CompTIA is updated periodically and may eventually be retired or replaced. At some point after CompTIA is no longer offering this exam, the old editions of our books and online tools will be retired. If you have purchased this book after the exam was retired, or are attempting to register in the Sybex online learning environment after the exam was retired, please know that we make no guarantees that this exam’s online Sybex tools will be available once the exam is no longer available.

How to Use This Book

If you want a solid foundation for the serious effort of preparing for the Network+ exam, then look no further because I've spent countless hours putting together this book with the sole intention of helping you pass it!

This book is loaded with valuable information, and you will get the most out of your study time if you understand how I put the book together. Here's a list that describes how to approach studying:

Take the assessment test immediately following this introduction. (The answers are at the end of the test, but no peeking!) It's okay if you don't know any of the answers—that's what this book is for. Carefully read over the explanation for any question you get wrong and make note of the chapter where that material is covered.

Study each chapter carefully, making sure you fully understand the information and the exam objectives listed at the beginning of each one. Again, pay extra-close attention to any chapter that includes material covered in questions you missed on the assessment test.

Complete the written lab at the end of each chapter. Do not skip these written exercises because they directly map to the CompTIA objectives and what you've got to have nailed down to meet them.

Answer all the review questions related to each chapter. Specifically note any questions that confuse you, and study the corresponding sections of the book again. And don't just skim these questions—make sure you understand each answer completely.

Try your hand at the practice exams. Before you take your test, be sure to visit my website for questions, videos, audios, and other useful information.

Test yourself using all the electronic flashcards. This is a brand-new and updated flashcard program to help you prepare for the latest CompTIA Network+ exam, and it is a really great study tool.

I tell you no lies—learning every bit of the material in this book is going to require applying yourself with a good measure of discipline. So try to set aside the same time period every day to study, and select a comfortable and quiet place to do so. If you work hard, you will be surprised at how quickly you learn this material.

If you follow the steps listed here and study with the review questions, practice exams, electronic flashcards, and all the written labs, you would almost have to try to fail the CompTIA Network+ exam. However, studying for the Network+ exam is like training for a marathon—if you don't go for a good run every day, you're not likely to finish very well.

N10-009 Exam Objectives

Speaking of objectives, you're probably pretty curious about those, right? CompTIA asked groups of IT professionals to fill out a survey rating the skills they felt were important in their jobs, and the results were grouped into objectives for the exam and divided into five domains.

This table gives you the extent by percentage that each domain is represented on the actual examination.

Objective Map

The following table shows where each objective is covered in the book.

How to Contact the Publisher If you believe you have found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.

In order to submit your possible errata, please email it to our Customer Service Team at wileysupport@wiley.com with the subject line Possible Book Errata Submission.

Assessment Test

Which network architecture defines a strict access method for various hosts?

Peer-to-peer

Client-server

LAN

Hybrid topology

You need to select a topology to connect two office locations, and you do not expect to add locations in the future. Which topology should you select?

Point-to-point

Point-to-multipoint

Ring

Bus

Which protocol data unit (PDU) is used to describe the type of data being transmitted at the Presentation layer?

Bits

User datagrams

Frames

Segments

Which layer is responsible for encryption and decryption?

Application layer

Physical layer

Session layer

Presentation layer

You need to run a UTP cable for 10 Gbps speeds with a distance of 40 meters. Which minimum cable category rating should you use?

Category 5

Category 5e

Category 6

Category 3

Which term describes the path of signaling on a network cable?

Attenuation

Duplex

Demarcation

EMI

You are working with a contractor as they are pulling and terminating fiber-optic lines. The fiber-optic lines will be located in the center of your production line. Which cable ends should you recommend that will reduce the chances of cables becoming loose from vibration on the production floor?

SC connectors

ST connectors

LC connectors

MTRJ connectors

Which is NOT a common cause for LAN congestion?

Broadcasts

Multicasts

Adding switches for connectivity

Multiple hubs for connectivity

The receiving computer checked the checksum of a frame. It had been damaged during transfer, so it is discarded. At which layer of the OSI did this occur?

Physical

Data Link

Network

Session

What is a reason a network administrator would segment a network with a switch?

Create more broadcast domains

Create isolation of ARP messages

Create fewer collision domains

Isolate traffic between segments

According to best practices, what is the proper placement of a firewall?

Only between the internal network and the Internet

At key security boundaries

In the DMZ

Only between the DMZ and the Internet

Which is the contention method 802.11 wireless uses?

CSMA/CA

CSMA/CD

DSSS

OFDM

What form of communication does a DHCP client use to initially acquire an IP address?

Layer 3 broadcast

Layer 3 multicast

Layer 3 802.1Q

Layer 3 unicast

Which management access method should be configured on network devices for encryption of a session?

RADIUS

HTTP

SSH

SFTP

Which Microsoft remote access protocol allows for local drives to be presented to the remote system?

VNC

RDP

SSH

Telnet

Which protocol and port number does Syslog use?

UDP/161

TCP/162

UDP/162

UDP/514

Which of the following is the Class B network IP range?

1–126

1–127

128–191

192–224

Which is true of the IP address 135.20.255.255?

It is a Class A address.

It is a broadcast address.

It is the default gateway address.

It has a default mask of 255.0.0.0.

What is a major reason to use private IP addressing?

It allows for the conservation of public IP addresses.

Since private IP addresses are non-routable on the Internet, they are secure.

It keeps communications private.

It allows easier setup than public IP addresses.

What is required when using private IP addresses to communicate with Internet hosts?

Internet router

IPv4 tunnel

VPN tunnel

Network Address Translation

Which routing protocol is a true link-state protocol?

RIP

OSPF

RIPv2

EIGRP

Why are there dashes in the age field of the following output?

Lab_A#sh ip arpProtocol  Address    Age(min) Hardware Addr  Type  InterfaceInternet  172.16.20.1  -      00d0.58ad.05f4  ARPA  Ethernet1Internet  172.16.20.2  3      0030.9492.a5dd  ARPA  Ethernet1Internet  172.16.10.1  -      0015.0506.31b0  ARPA  Ethernet0

The ARP entry is stale.

The ARP entry is invalid.

These are physical interfaces.

There are virtual interfaces.

What is the definition of route statement AD?

The AD is a metric that routing protocols use to select the best route.

The AD is a value assigned by network administrators for route selection.

The AD is a rating of trust when multiple routes exist to the same destination.

The AD is a value associated with the cost to the destination.

You perform a show ip route on the router and see several routes with an AD of 90. Which routing protocol has generated these route statements?

IGRP

OSPF

EIGRP

RIP

Which routing protocol uses path-vector metrics?

BGP

RIP

OSPF

EIGRP

Which protocol replaces ARP in IPv6?

NDP

ARPv6

GRE

RA

Which VTP mode will not allow the switch to participate in VTP traffic but will forward VTP traffic?

Server mode

Transparent mode

Proxy mode

Client mode

Which protocol is a Cisco proprietary protocol used for trunking switches?

ISL

802.1Q

VTP

CDP

Which technology will give selective access to the network based upon authentication?

802.1Q

ACLs

802.1X

Firewall

How many non-overlapping channels are available with 802.11a?

3

12

23

40

What is the maximum data rate for the 802.11a standard?

6 Mbps

11 Mbps

22 Mbps

54 Mbps

What is a benefit of site-to-site IPsec VPNs?

Lower bandwidth requirements

Lower latency

Scalability

Support for multicast

Which cable should you use to connect to a serial port on a router?

Cat 5e

Rolled cable

PuTTY cable

SMF

What type of SNMP message is sent from the NMS to the agent to request information?

Get-request message

Get-response message

Set-request message

Trap message

What protocol provides detailed information on traffic flows between endpoints?

Syslog

SNMP

NetFlow

SPAN

You are contracting with a new service provider and are reviewing their service level agreement (SLA). The SLA states that their commitment to uptime is 99%. What is the expected downtime per year?

3.65 days

8.76 hours

52.56 minutes

5.29 minutes

You need to make sure that users do not reuse passwords when their password expires and they are required to change it? In which of the following would you require the change?

BYOD

Password policy

DLP

AUP

Which of the following is a measure of how long it will take to restore your data before the deletion or failure?

RTO

MTBF

RPO

MTTR

A recovery from tape will take 4 hours; what is this an example of?

The recovery point objective (RPO)

The recovery time objective (RTO)

GFS rotation

Backup window

Which cloud service is likely to be used for software development?

SaaS

IaaS

PaaS

DRaaS

On which network plane would a routing protocol perform?

Data plane

Control plane

Management plane

Routing plane

What is the next step in problem solving once a theory is confirmed?

Create a hypothesis.

Consider multiple approaches.

Establish a plan of action.

Approach multiple problems individually.

What is the final step in resolving a problem in the troubleshooting methodology?

Implement a solution.

Validate a theory.

Establish a plan of action.

Document.

Which software tool will allow you to check if a web application running on a server is online?

ping

nslookup

tracert/traceroute

Port scanner

You need to check the configured maximum transmission unit (MTU) on the interface of a Linux host; which command should you use?

ipconfig

ifconfig

mtuconfig

iptables

Which tool allows examination at the packet level for traffic from an application?

Protocol analyzer

dig

Spectrum analyzer

nslookup

Which protocol combines both the authentication and accounting into one TCP packet on port 49?

TACACS+

RADIUS

TLS

LDAP

Which factor of authentication requires you to present something that you have?

Password

Signature

Fingerprint

Token

A junior administrator comes to you in a panic. After looking at the log files, he has become convinced that an attacker is attempting to use a legitimate IP address to disrupt access elsewhere on the network. Which type of attack is this?

Spoofing

Social engineering

Worm

Password

You're the administrator for a large bottling company. At the end of each month, you routinely view all logs and look for discrepancies. This month, your email system error log reports a large number of unsuccessful attempts to log in. It's apparent that the email server is being targeted. Which type of attack is most likely occurring?

Brute-force

Backdoor

Worm

IP spoofing

Answers to Assessment Test

B. The client-server network architecture strictly defines hosts; clients access the information, and servers share the information. Peer-to-peer is a network architecture that allows the same host to both access and share resources in a network. Local area network (LAN) is a network type and not related to sharing information. Hybrid topology describes a topology that incorporates two or more topologies.

A. A point-to-point connection is typically used to connect two offices where expansion of locations is not a concern. A point-to-multipoint topology should be selected if an office needs to connect with several other office locations. Ring and bus are topologies and not used to describe WAN connectivity methods.

B. User datagrams are the protocol data units (PDUs) that describe data at the Presentation layer. Bits describe the data at the Physical layer. Frames describe the data at the Data Link layer. Segments describe the data at the Transport layer.

D. The Presentation layer is responsible for encryption and decryption, as well as compression and decompression. The Application layer is responsible for application programming interface (API) access and beginning the network communication process. The Physical layer is responsible for transmitting data over light, electricity, and air waves. The Session layer is responsible for setting up the dialogue between two hosts.

C. Category 6 is capable of 10 Gbps up to a maximum distance of 55 meters. Category 5 is capable of speeds of 100 Mbps at a distance of 100 meters. Category 5e is capable of 1 Gbps at a distance of 100 meters. Category 3 is only capable of a maximum speed of 10 Mbps.

B. Duplex refers to the path of signaling on a network cable. Attenuation is the degrading of signal as the cable length increased. Demarcation, or demarc, refers to the point of responsibility for a network provider. Electromagnetic interference (EMI) is interference that is induced into a network cable from an external source.

B. The straight-tip (ST) connector is the best choice for an installation near vibration sources. The SC connector is a square connector often used for multimode cable. The ST connector has a spring-loaded detent that resists vibrations and positively locks. Although LC and MTRJ connectors have detent mechanisms, the ST has a spring-loaded detent to ensure that it does not come loose.

C. Broadcasts, multicasts, and multiple hubs for connectivity are all common causes of LAN congestion. Adding switches for connectivity has no direct relationship to LAN congestion, since switches create collision domains and raise effective bandwidth.

B. The Data Link layer is responsible for checking the frame check sequence (FCS), which is a checksum of the frame. The Physical layer is responsible for transmitting data through electricity, light, or air. The Network layer is responsible for logical addressing and routing of data. The Session layer is responsible for dialogue control.

D. A switch creates micro-segmentation, which in turn isolates traffic between two talking computers from other computers that are not part of the communications. This in turn increases bandwidth for the computers that are not part of the communications between the two talking computers. The creation of broadcast domains can only be achieved with the addition of VLANs and a router. The isolation of address resolution protocol (ARP) messages can be achieved only by the creation of broadcast domains. Segmentation with a switch will create more collision domains, not fewer collision domains.

B. Firewalls should always be placed at key security boundaries, which can be the Internet and your internal network. However, proper placement is not exclusive to the boundaries of the Internet and internal networks. For example, it could be placed between two internal networks, such as R&D and guest networks. The demilitarized zone (DMZ), now also referred to as a screened subnet, is a segment of a firewall where Internet-facing services are placed. Firewalls are normally not placed only between the DMZ and the Internet because most networks have an internal network.

A. 802.11 uses a contention method of Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA). 802.11 implements a Request-to-Send/Clear-to-Send mechanism that avoids collisions. Ethernet uses a contention method of Carrier Sense Multiple Access/Collision Detection (CSMA/CD). Both Direct-Sequence Spread Spectrum (DSSS) and Orthogonal Frequency Division Multiplexing (OFDM) are wireless modulations used to transmit data.

A. DHCP uses layer 3 broadcasts by sending packets to 255.255.255.255 for initial DHCP discovery. Layer 3 multicast is not used for DHCP clients. Layer 3 802.1Q is an incorrect answer because 802.1Q is used for switch trunks. Layer 3 unicasts are the form of communication clients use after obtaining an IP address.

C. Secure Shell (SSH) is a secure console emulation method for the administration of network devices. It allows for both the sender and receiver to create an encrypted session so data cannot be intercepted. Remote Authentication Dial-In User Service (RADIUS) is a protocol that authenticates users, and it does not provide encryption. Hypertext Transfer Protocol (HTTP) is a method for relaying Hypertext Markup Language (HTML) from a server to a requesting host; it does not provide encryption. SSH File Transfer Protocol (SFTP) is a protocol that provides encryption for file transfers, but it does not provide management access.

B. Remote Desktop Protocol (RDP) allows for local drives to be available to the remote machine when an RDP session is initiated. Virtual Network Computing (VNC), Secure Shell (SSH), and Telnet are not capable of redirecting drives.

D. The router or switch sends Syslog messages to the Syslog server on port 514 with UDP. SNMP agents listen on UDP/161. SNMP does not use TCP for messaging. SNMP sends traps on UDP/162.

C. The IP range for a Class B network is 128–191. Class B addressing provides 16 bits of network addressing and 16 bits of host addressing by default.

B. The IP address 135.20.255.255 is a Class B broadcast address. It is not a Class A address, nor is it the default gateway address. The default mask of a Class B address is 255.255.0.0.

A. The private IP address space was created to preserve the number of public IP addresses. Private IP addresses are non-routable on the Internet, but this does not make them secure. Private IP addresses do not keep communications private, as their name implies. Private IP addresses are not publicly addressable for communications. Private IP addresses do not allow for an easier setup than public IP addresses.

D. Network Address Translation (NAT) is required to communicate over the public Internet with private IP addresses. Although Internet routers are required for routing, by default they will not route private IP addresses to public IP addresses. An IPv4 tunnel or VPN tunnel is not required for communications on the Internet with private IP addresses.

B. Open Shortest Path First (OSPF) is a true link-state protocol. Routing Information Protocol (RIP) and RIPv2 are both distance vector protocols. Enhanced Interior Gateway Routing Protocol (EIGRP) is a hybrid routing protocol that combines the best of distance vector and link-state attributes.

C. Each Address Resolution Protocol (ARP) entry has a defined time-to-live in the ARP cache. However, physical interfaces are permanently added to the ARP cache, and they are signified with a dash under the age column. When ARP entries are stale, the entry will be removed from the ARP cache. If an ARP entry is invalid, it will be removed from the ARP cache.

C. The administrative distance (AD) is a rating of trust between different routing protocols and route methods. This trust scale is important when multiple routes exist to the same destination. Directly connected routes have administrative distances (ADs) with the highest level of trust. Route statements populated by the same dynamic routing protocol will be calculated for the best route upon their metric and not their administrative distance. The administrative distance is not assigned by the administrator for route selection. The administrative distance value is not associated with the cost to the destination, only the trust of a route statement.

C. The administrative distance (AD) of Enhanced Interior Gateway Routing Protocol (EIGRP) is 90. The most common ADs are 90 for EIGRP, 100 for IGRP, 110 for OSPF, and 120 for RIP. The mnemonic of 90 Exotic Indian Oval Rubies will help you remember the order; then starting with EIGRP with a value of 90, increment the following values by 10.

A. Border Gateway Protocol (BGP) is a path-vector routing protocol. Routing Information Protocol (RIP) is a distance-vector routing protocol. Open Shortest First Path (OSPF) is a link-state protocol. Enhanced Interior Gateway Routing Protocol (EIGRP) is considered a hybrid protocol, incorporating both distance-vector and link-state mechanisms.

A. The Address Resolution Protocol (ARP) in IPv6 has been replaced with Network Discovery Protocol (NDP). The NDP protocol uses neighbor solicitation (NS) and neighbor advertisements (NA) to learn neighbors in lieu of ARP broadcasts. ARPv6 is not a real protocol and therefore an invalid answer. Generic Router Encapsulation (GRE) is a tunneling protocol for other network protocols. A router advertisement (RA) packet is returned from the gateway so the host learns the gateway address.

B. A switch in VTP transparent mode will not participate in VTP. However, if the VTP is v2, the switch will forward and receive VTP advertisements. The VTP server mode allows the switch to act as a master for the VTP domain. VTP proxy mode is not a real mode; therefore, it is incorrect. The VTP client mode allows the switch to act as a slave to the master server.

A. Inter-Switch Link (ISL) is a proprietary protocol used for the trunking of switches. If you need to connect non-Cisco switches to a Cisco switch, you must use 802.1Q, the IEEE standard. VTP is not a trunking protocol; it assists in populating VLANs across Cisco switches for conformity and ease of configuration. Cisco Discovery Protocol (CDP) is not a trunking protocol either; it negotiates power by communicating its capabilities with neighboring devices. It also allows for neighbor discovery, but CDP is proprietary to Cisco, so only Cisco devices can communicate.

C. 802.1X allows selective access to a network at layer 2. It allows this on the switch because the switch acts as an authenticator to an AAA server, only allowing access after the user or device has been authenticated. 802.1Q is a trunking protocol used for transporting multiple VLANs over a layer 2 connection, and it does not provide authentication. An access control list (ACL) is a condition and action statement used to allow, deny, or log traffic. Firewalls contain ACLs and policies to allow, deny, and log traffic, but normally firewalls will not authenticate traffic.

B. The IEEE 802.11a standard provides up to 12 non-overlapping channels, or up to 23 if you add the 802.11h standard. All other answers are incorrect.

D. The IEEE 802.11a standard provides a maximum data rate of up to 54 Mbps. All other answers are incorrect.

C. Site-to-site IPsec VPNs offer scalability as a benefit. This is because each remote office only needs an Internet connection to create a VPN tunnel back to the main office. There is a certain overhead when using a VPN; therefore, higher bandwidth requirements may exist after deploying site-to-site IPsec VPNs. Latency is affected and will be higher due to the level of encryption each packet must undergo as it passes through the site-to-site VPN. Support for multicast is not a common benefit of site-to-site IPsec VPNs.

B. A rolled cable is used to create a serial connection from the PC to the router for configuration. A Cat 5e cable is used for Ethernet connectivity. There is no such thing as a PuTTY cable, but PuTTY is a terminal emulation program used with a serial cable. Single-mode fiber (SMF) is a type of fiber-optic cable that can span long distances.

A. The get-request message is used by a network management station (NMS) to request information from an SNMP agent. The get-response message is the message sent back from the client to the NMS after a get-request message is received. The set-request message is sent by the NMS to the SNMP client requesting a specific writable counter be set to the specified value. Trap messages are sent from the network device to the SNMP network management station when an event has triggered over a set threshold on the device.

C. The NetFlow standard provides session information including the source and destination addresses, applications, and traffic volume. Syslog is a method of collecting system messages to identify problems or it can be used for post-mortem analysis. Simple Network Management Protocol (SNMP) is a protocol used to capture performance statistics of servers, applications, and network devices. Switched Port Analyzer (SPAN) is used to mirror port traffic.

A. An SLA of two nines is 3.65 days per year of expected downtime. This equates to 7.2 hours per month that the service can be down. All other answers are incorrect.

B. A password policy defines the life, complexity, history, and complexity of passwords in the organization. A bring-your-own-device (BYOD) policy defines how personal devices can be used in the organization. Data loss prevention (DLP) software attempts to prevent data leakage. It does this by maintaining awareness of actions that can and cannot be taken with respect to a document. An acceptable use policy (AUP) defines the acceptable use of organizational resources.

A. The recovery time objective (RTO) is how long it takes to recover your data back to the recovery point objective (RPO). The RPO is a measurement of time from a failure, disaster, or comparable loss-causing event. RPOs measure back in time to when your data was preserved in a usable format, usually to the most recent backup. The mean time between failures (MTBF) is an average time between failures. The mean time to repair (MTTR) is the average time it takes for a vendor to repair a failure.

B. The recovery time objective (RTO) is a measurement of how quickly you can recover from data loss using backup. The recovery point objective (RPO) is the point in time to which you can recover in the event of a disaster. The grandfather, father, son (GFS) rotation is a systematic way to archive backup media. The backup window is the window of time in which a backup can be performed.

C. Platform as a service (PaaS) is commonly used by software developers. It provides a development platform that the software developer can use to create applications. An example of this is a web server with PHP and MySQL, which is hosted in the cloud. Software as a service (SaaS) is a software product similar to email or social networking software in which you use the software provided as a service. Infrastructure as a service (IaaS) allows you to rent infrastructure such as virtual machines (VMs), virtual networks, or even DNS, just to name a few. Disaster recovery as a service (DRaaS) is another popular service; you can rent storage and compute power to facilitate a disaster recovery site.

B. Routing protocols such as OSPF and EIGRP would perform their function on the control plane since they are controlling the routing of the data plane. The data plane is responsible for switching and routing data. Any data that is destined for endpoints is switched or routed on the data plane. The management plane is any mechanism that helps in the management of a router or switch. Routing plane is not a term normally used to describe data types; therefore, option D is an invalid answer.

C. After a theory or hypothesis is confirmed, you should establish a plan of action to resolve the problem. The creation of a hypothesis is a step in the establishment of a probable cause. Considering multiple approaches is done during the establishment of a theory. Approaching multiple problems individually is done in the initial identification of the problem in the troubleshooting methodology.

D. The documentation of the finding, actions, and outcomes, and lessons learned throughout the process is the final step in the resolution of a problem in the troubleshooting methodology. It allows us to solve future problems more quickly. Implementing a solution, validating a theory, and establishing a plan of action all precede the final steps in resolving a problem.

D. A port scanner, such as the Nmap utility, will allow you to check if an application is accepting connections. The port will return an open status, and most port scanners will check for an HTTP response. The ping utility will check only if the server is online. The nslookup utility will allow you to resolve a domain name to an IP address and vice versa. The tracert/traceroute command will allow you to watch a packet as it traverses a network path to its destination.

B. The ifconfig command will allow you to inspect the MTU on the interface of a Linux host. It will also allow you to change the MTU temporarily. The ipconfig command is a Windows operating system command. The command of mtuconfig is not a real command. The iptables command is an incorrect answer for this question.

A. A protocol analyzer will allow us to inspect packet levels of traffic that is captured from an application. The dig and nslookup commands are used to perform DNS name resolution. A spectrum analyzer is used to view the radio frequency (RF) spectrum and is not a valid answer.

A. TACACS+ combines both authentication and accounting into one TCP packet on port 49. RADIUS uses UDP port 1812 for authentication and port 1813 for accounting. Transport Layer Security (TLS) uses TCP port 443 but does not provide authentication or authorization. LDAP queries Active Directory on TCP port 389, but Kerberos is what authenticates users.

D. Token-based authentication requires you to have a hardware or software token to authenticate. A password is something that you know. A signature is something that you do. Your fingerprint is an example of something that you are, because it is unique to you.

A. A spoofing attack is an attempt by someone or something to masquerade as someone else (IP address) and is often used to disrupt access. Social engineering is a process in which an attacker attempts to acquire information about your network and system by social means, such as talking to people in the organization. Worms reproduce and move throughout the network to infect other systems. Password attacks are used in an attempt to guess passwords.

A. A brute-force attack is a type of password attack in which a password is guessed over and over until the right password is guessed. A backdoor attack is an embedded account that allows unauthorized access through an unpatched coding hole. A worm is different from a virus in that it can reproduce itself, is self-contained, and doesn't need a host application to be transported. IP spoofing is an attack where the threat actor impersonates an IP address to attack a victim.

Chapter 1

Introduction to Networks

THE FOLLOWING COMPTIA NETWORK+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:

Domain 1.0 Networking Concepts

1.6 Compare and contrast network topologies, architectures, and types.

Mesh

Hybrid

Star/hub and spoke

Spine and leaf

Point to point

Three-tier hierarchical model

Core

Distribution

Access

Traffic flows

North-south

East-west

You'd have to work pretty hard these days to find someone who would argue when we say that our computers have become invaluable to us personally and professionally. Our society has become highly dependent on the resources they offer and on sharing them with each other. The ability to communicate with others—whether they're in the same building or in some faraway land—completely hinges on our capacity to create and maintain solid, dependable networks.

And those vitally important networks come in all shapes and sizes—ranging from small and simple to humongous and super complicated. But whatever their flavor, they all need to be maintained properly, and to do that well, you have to understand networking basics. The various types of devices and technologies that are used to create networks, as well as how they work together, is what this book is about, and I'll go through this critical information one step at a time with you. Understanding all of this will not only equip you with a rock-solid base to build on as you gain IT knowledge and grow in your career, it will also arm you with what you'll need to ace the Network+ certification exam!

Note Icon To find Todd Lammle CompTIA videos and practice questions, please see www.lammle.com.

First Things First: What's a Network?

The dictionary defines the word network as a group or system of interconnected people or things. Similarly, in the computer world, the term network means two or more connected computers that can share resources such as data and applications, office machines, an Internet connection, or some combination of these, as shown in Figure 1.1.

Figure 1.1 shows a really basic network made up of only two host computers connected; they share resources such as files and even a printer hooked up to one of the hosts. These two hosts talk to each other using a computer language called binary code, which consists of lots of 1s and 0s in a specific order that describes exactly what they want to say.

Next, I'm going to tell you about local area networks, how they work, and even how we can connect local area networks together. Then, later in this chapter, I'll describe how to connect remote local area networks together through something known as a wide area network.

A basic network diagram of a network hub. It includes host A, host B, and resources. Network management is connected with host A, host B.

FIGURE 1.1 A basic network

The Local Area Network

Just as the name implies, a local area network (LAN) is usually restricted to spanning a particular geographic location such as an office building, a single department within a corporate office, or even a home office.

Back in the day, you couldn't put more than 30 workstations on a LAN, and you had to cope with strict limitations on how far those machines could actually be from each other. Because of technological advances, all that's changed now, and we're not nearly as restricted in regard to both a LAN's size and the distance a LAN can span. Even so, it's still best to split a big LAN into smaller logical zones known as workgroups to make administration easier.

Note Icon The meaning of the term workgroup in this context is slightly different than when the term is used in contrast to domains. In that context, a workgroup is a set of devices with no security association with one another (whereas in a domain they do have that association). In this context, we simply mean they physically are in the same network segment.

In a typical business environment, it's a good idea to arrange your LAN's workgroups along