Download N+ Short Notes Free CompTIA Network+ Study Guide by MC MCSE) PDF

TitleN+ Short Notes Free CompTIA Network+ Study Guide by MC MCSE)
TagsComputer Network Ip Address Internet Protocols Router (Computing) Routing
File Size748.4 KB
Total Pages23
Document Text Contents
Page 1

The best free certification study guides, practice tests and forums!

Join Us! | Login | Help


Home | Exam Details | Free Tests | Study Guides | Glossary | Articles | Books & Training | Forums | Career & Jobs


Red Hat

Site Tools

Free Magazines
White Papers
Top Sites
Site Map

Practice Tests

Forum Stats

Users online
total users: 199

Last Post
MCSE 2008 or 2012?

by yonghulaile
May. 13, 2014 02:06

Board statistics
We have a total of

90413 posts!


MCSE Training

Network+ Study Guide (N10-004)

This is our free study guide for CompTIA's Network+ certification exam (N10-004). If you would like to report an error
or contribute additional information, please use the contact link at the bottom of the site, or post in our forums. We hope
you find this guide useful in your studies.

Domain 1.0: Network Technologies

Domain 1.1: Common Networking Protocols

TCP - TCP breaks data into manageable packets and tracks information such as source and destination of packets.
It is able to reroute packets and is responsible for guaranteed delivery of the data.
IP - This is a connectionless protocol, which means that a session is not created before sending data. IP is
responsible for addressing and routing of packets between computers. It does not guarantee delivery and does
not give acknowledgement of packets that are lost or sent out of order as this is the responsibility of higher layer
protocols such as TCP.
UDP - A connectionless, datagram service that provides an unreliable, best-effort delivery.
ICMP - Internet Control Message Protocol enables systems on a TCP/IP network to share status and error
information such as with the use of PING and TRACERT utilities.
SMTP - Used to reliably send and receive mail over the Internet.
FTP - File transfer protocol is used for transferring files between remote systems. Must resolve host name to IP
address to establish communication. It is connection oriented (i.e. verifies that packets reach destination).
TFTP - Same as FTP but not connection oriented.
ARP - provides IP-address to MAC address resolution for IP packets. A MAC address is your computer's unique
hardware number and appears in the form 00-A0-F1-27-64-E1 (for example). Each computer stores an ARP cache
of other computers ARP-IP combinations.
POP3 - Post Office Protocol. A POP3 mail server holds mail until the workstation is ready to receive it.
IMAP - Like POP3, Internet Message Access Protocol is a standard protocol for accessing e-mail from your local
server. IMAP (the latest version is IMAP4) is a client/server protocol in which e-mail is received and held for you
by your Internet server.
TELNET - Provides a virtual terminal or remote login across the network that is connection-based. The remote
server must be running a Telnet service for clients to connect.
HTTP - The Hypertext Transfer Protocol is the set of rules for exchanging files (text, graphic images, sound,
video, and other multimedia files) on the World Wide Web. It is the protocol controlling the transfer and
addressing of HTTP requests and responses.
HTTPS - Signifies that a web page is using the Secure Sockets Layer (SSL) protocol and is providing a secure
connection. This is used for secure internet business transactions.
NTP - Network Time Protocol is a protocol that is used to synchronize computer clock times in a network of
SNMP - Stands for Simple Network Management Protocol and is used for monitoring and status information on a
network. SNMP can be used to monitor any device that is SNMP capable and this can include computers, printers,
routers, servers, gateways and many more using agents on the target systems. The agents report information
back to the management systems by the use of “traps” which capture snapshot data of the system. This trap
information could be system errors, resource information, or other information. The SNMPv2 standard includes
enhancements to the SNMPv1 SMI-specific data types, such as including bit strings, network addresses, and
counters. In SNMPv3 security was addressed. Because all of the trap information sent was in clear text, any
monitoring information being sent and collected for operational purposes could also be pulled off the wire by a
malicious person
SIP – Stands for Session Initiation Protocol and is a signaling protocol, widely used for controlling multimedia
communication sessions such as voice and video calls over Internet Protocol (IP). Other feasible application
examples include video conferencing, streaming multimedia distribution, instant messaging, presence information
and online games. The protocol can be used for creating, modifying and terminating two-party (unicast) or
multiparty (multicast) sessions consisting of one or several media streams. The modification can involve changing
addresses or ports, inviting more participants, adding or deleting media streams, etc.
RTP – Real-time Transport Protocol is the audio and video protocol standard used to deliver content over the
Internet. RTP is used in conjunction with other protocols such as H.323 and RTSP.
IGMP – Internet Group Management Protocol is used to manage Internet Protocol multicast groups. IP hosts and
adjacent multicast routers use IGMP to establish multicast group memberships. IGMP is only needed for IPv4
networks, as multicast is handled differently in IPv6 networks.
TLS - Transport Layer Security is a cryptographic protocol that provides security for communications over
networks such as the Internet. TLS and SSL encrypt the segments of network connections at the Transport Layer
end-to-end. Several versions of the protocols are in wide-spread use in applications like web browsing, electronic
mail, Internet faxing, instant messaging and voice-over-IP (VoIP).

Domain 1.2: Identify Commonly Used TCP/UDP Ports

Ports are what an application uses when communicating between a client and server computer. Some common ports

Protocol Type Number

FTP TCP 20,21





Training Picks

Certification Training
Online on Videos:
Microsoft MCSE
Training, A+
Certification, MCITP, &
Free demos. MCSE
certification training
includes simulators and

K Alliance Training
Videos by K Alliance.
Certification training
videos for MCTS, MCITP,
Oracle OCA/OCP, A+,
CCNA, RHCE and more.
Our e-learning courses
come with 24/7 online
mentoring. Click Here to
view our free online
training videos.

More Training

Free CompTIA Network+ Study Guide by MC MCSE

1 of 23 5/19/2014 3:21 PM

Page 2





POP3 TCP 110





Domain 1.3: Identify the Following Address Formats

IPv4 - Every IP address can be broken down into 2 parts, the Network ID(netid) and the Host ID(hostid). All hosts on
the same network must have the same netid. Each of these hosts must have a hostid that is unique in relation to the
netid. IP addresses are divided into 4 octets with each having a maximum value of 255. We view IPv4 addresses in
decimal notation such as, but it is actually utilized as binary data.

IP addresses are divided into 3 classes as shown below:

Class Range

A 1-126

B <128-191

C 192-223

NOTE: 127.x.x.x is reserved for loopback testing on the local system and is not used on live systems. The following
address ranges are reserved for private networks: - - -

IPv6 - The previous information on TCP/IP has referred to IPv4, however, this addressing scheme has run out of
available IP addresses due to the large influx of internet users and expanding networks. As a result, the powers that be
had to create a new addressing scheme to deal with this situation and developed IPv6. This new addressing scheme
utilizes a 128 bit address (instead of 32) and utilizes a hex numbering method in order to avoid long addresses such as The hex address format will appear in the form of
3FFE:B00:800:2::C for example.

MAC Addressing - Also known as hardware address or ethernet address, A MAC address is a unique code assigned to
most networking hardware. The hardware is assigned a unique number by the manufacturer and the address is
permanently assigned to the device. MAC Addresses are in a 48-bit hexidecimal format such as 00:2f:21:c1:11:0a. They
are used to uniquely identify a device on a network, and for other functions such as for being authenticated by a DHCP
server. For more information, read MAC Addressing Formats And Broadcasts.

Domain 1.4: Proper Use of Addressing Technologies

Subnetting - IP addresses can be class A, B or C. Class A addresses are for networks with a large number of hosts. The
first octet is the netid and the 3 remaining octets are the hostid. Class B addresses are used in medium to large
networks with the first 2 octets making up the netid and the remaining 2 are the hostid. Class C is for smaller networks
with the first 3 octets making up the netid and the last octet comprising the hostid. The Network ID and the Host ID are
determined by a subnet mask. The default subnet masks are as follows:

Class Default Subnet Subnets Hosts Per Subnet

Class A 126 16,777,214

Class B 16,384 65,534

Class C 2,097,152 254

What if you wanted more than 1 subnet? Subnetting allows you to create multiple logical networks that exist within a
single Class A, B, or C network. If you don't subnet, you will only be able to use one network from your Class A, B, or C
network. When subnetting is employed, the multiple networks are connected with a router which enables data to find its
way between networks. On the client side, a default gateway is assigned in the TCP/IP properties. The default
gateway tells the client the IP address of the router that will allow their computer to communicate with clients on other

Classful versus Classless addressing – the original TCP/IP addressing method described above was called classful
addressing which worked by dividing the IP address space into chunks of different sizes called classes. Classless
addressing is referred to as Classless Inter-Domain Routing (CIDR) and is done by allocating address space to Internet
service providers and end users on any address bit boundary, instead of on 8-bit segments. So does not
have to use the standard subnet mask of which makes a Class B address space and which also puts it on the
same network as using the subnet mask of (With classful addressing, our example has 172.16
as the network name and the 50.0 and 51.0 ranges are both part of the same host naming convention). Instead, by
using classless addressing puts these systems on a different network than because the
network names here are 172.16.50 and 172.16.51 which are different.

NAT - NAT stands for Network Address Translation and is a commonly used IP translation and mapping technology. Using
a device (such as a router) or piece of software that implements NAT allows an entire home or office network to share a
single internet connection over a single IP address. A single cable modem, DSL modem, or even 56k modem could
connect all the computers to the internet simultaneously. Additionally, NAT keeps your home network fairly secure
from hackers. NAT is built in to the most common Internet Connection Sharing technologies.

PAT – Port Address Translation is a feature of a network device that translates TCP or UDP communications made
between hosts on a private network and hosts on a public network. It allows a single public IP address to be used by

Free CompTIA Network+ Study Guide by MC MCSE

2 of 23 5/19/2014 3:21 PM

Page 11

Trunking - VLANs are local to each switch's database, and VLAN information is not passed between switches. Trunk links
provide VLAN identification for frames traveling between switches. The VLAN trunking protocol (VTP) is the protocol that
switches use to communicate among themselves about VLAN configuration.

Port Mirroring - Used on a network switch to send a copy of network packets seen on one switch port (or an entire
VLAN) to a network monitoring connection on another switch port. This is commonly used for network appliances that
require monitoring of network traffic, such as an intrusion-detection system.

Port Authentication - The IEEE 802.1x standard defines 802.1x port-based authentication as a client-server based
access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly
accessible ports. The authentication server validates each client connected to a switch port before making available any
services offered by the switch or the LAN.

Domain 3.4: Implement a Basic Wireless Network

Install Client – the actual steps taken to set up a computer, laptop or other network connected device to the network.
This may be in the form of just getting it correctly configured to use TCP/IP or more involved such as installing a
software suite so that specific network parameters can be leveraged for proper connectivity to network resources or
resources on the domain.

Network Connections Dialog Box – used to configure different aspects of the network connections by way of a
graphical user interface (GUI) within the Microsoft Windows operating systems (Windows XP, Windows Vista, Server
2003, etc). With respect to peer to peer networks, you can use the Network Tasks pane to Create a New Connection, Set
up a Home or small office network as well as change the Windows Firewall settings and view available wireless

Wireless Network Connection Dialog Box – the graphical user interface (GUI) within the Microsoft Windows
operating systems used to configure the wireless devices and their settings. On the General tab you can configure the
specific hardware settings (parameters, drivers, etc) as well as the protocols (e.g. TCP/IP) and the network client that
the device will use (e.g. Client for Microsoft Networks). Additionally, you can install services from this screen as well
(e.g. Virtual Machine Network Service). The Wireless Networks tab will show you the available networks and allow you
to configure preference for each of the networks encountered.

Access Point Placement – correctly positioning your Wireless Access Points will allow for the seamless use of
wireless devices on your network. By correctly placing the devices, users will not generally experience signal loss of their
connection to the network. It is important to understand that there are many things that affect the wireless access point
signal with respect to broadcast and receiving strength that include the construction and architecture of the building
where the devices are distributed as well as general disruption of the frequency range that the access points operate on
by other devices (e.g. microwave ovens, cordless phones, etc).

Physical Locations of Wireless Access Points (WAPs) – device placement best practices include planning for more
than just nominal half distances between devices. Consideration needs to be given to what type of obstructions may be
currently in the way (physical fire breaks in between walls; metal superstructure, etc) as well as future plans to
subdivide offices. Electrical motors and other higher current carrying lines need to be considered as well to keep
interference to a minimum.

Wired or Wireless Connectivity – planning for WAP to WAP connections only or a mix of wired and wireless
connections. It’s easier to connect WAP to WAP in a daisy chain signal relay configuration but when you do this you need
to realize that a physical failure in one WAP device may take out all the devices. It is more work and it costs more in
time money and effort to connect the WAPs using wired connections back to a switch or a router but it greatly reduces
the potential connectively loss on the network; the loss of a single WAP where the WAPs are wired back results in only
impacting the users of that one WAP instead of all WAPs up and downstream.

Install Access Point – another term for the Wireless Access Point(s) that will allow you to correctly gain access to the
network with your device. This point onto the network will allow the client device to configure itself with the necessary
encryption (if required) and any other network required settings or else risk being defaulted off the network.

Configuring Encryption – with respect to wireless clients these are the settings most commonly used. Disabled simply
means that everything is passed as clear text. Wired Equivalent Privacy (WEP) is the lowest form of the types of
encryption available and is generally only used today to allow legacy devices that cannot handle more robust encryption
protocols to gain somewhat secured access to the network. WEP has been challenged and defeated for a number of

Free CompTIA Network+ Study Guide by MC MCSE

11 of 23 5/19/2014 3:21 PM

Page 12

years mainly due to the increase in computing power and the fact that the keys are alphanumeric or hexadecimal
characters that are configured in 40 bit, 64 bit, 128 bit, 153 bit and 256 bit strength. Wi Fi Protected Access (WPA) was
created by the Wi-Fi Alliance to better secure wireless networks and was created in response to the weaknesses
researchers found in Wired Equivalent Privacy (WEP). Temporal Key Integrity Protocol (TKIP) is used in WPA to encrypt
the authentication and encryption information that was initially passed on the wire in clear text before a network node
could secure its communications on the network. Wi Fi Protected Access version 2 (WPA2) offers additional protection
because it uses the strongest authentication and encryption algorithms available in the Advanced Encryption Standard

Configuring Channels and Frequencies – most wireless routers work in the 2.4GHz frequency range and require
network administrators to set up the channels for the devices to use. 1, 6 and 11 are the main channels used because
they generally will not be interfered with from other devices such as cordless phones and Bluetooth devices that also
work at this frequency range.

Setting ESSID and Beacon – Extended Service Set identifier (ESSID) is the “advertisement” from the Wireless Access
Point that basically announces its availability for network devices to make a connection. The announcement signal that is
sent out is called the beacon.

Verifying Installation - the process that is outlined for making sure that all the settings needed to connect a network
node to the wireless device. The best practice steps generally include on initial installation of the Wireless Access Point
(WAP) to do so without any security to verify that a client can get on the network. Once that is successful you would then
incorporate the security protocol that you wanted to use and to make sure the client can operate on the network again.
Once this is successfully done it is assumed all other network nodes would be able to successfully repeat the same steps
to access the network securely and with the traffic encrypted.

Domain 4.0: Network Management

Domain 4.1: OSI Model

The OSI networking model is divided into 7 layers. Each layer has a different responsibility, and all the layers work
together to provide network data communication.

Layer Description

Represents user applications, such as software for file transfers, database access, and e-mail. It handles
general network access, flow control, and error recovery. Provides a consistent neutral interface for
software to access the network and advertises the computers resources to the network.

Determines data exchange formats and translates specific files from the Application layer format into a
commonly recognized data format. It provides protocol conversion, data translation, encryption,
character-set conversion, and graphics-command expansion.


Handles security and name recognition to enable two applications on different computers to
communicate over the network. Manages dialogs between computers by using simplex(rare), half-duplex
or full-duplex. The phases involved in a session dialog are as follows: establishment, data-transfer and

Provides flow control, error handling, and is involved in correction of transmission/reception problems. It
also breaks up large data files into smaller packets, combines small packets into larger ones for
transmission, and reassembles incoming packets into the original sequence.


Addresses messages and translates logical addresses and names into physical addresses. It also
manages data traffic and congestion involved in packet switching and routing. It enables the option of
specifying a service address (sockets, ports) to point the data to the correct program on the destination

Data Link

The interface between the upper "software" layers and the lower "hardware" Physical layer. One of its
main tasks is to create and interpret different frame types based on the network type in use. The Data
Link layer is divided into two sub-layers: the Media Access Control (MAC) sub-layer and the Logical Link
Control (LLC) sub-layer.

LLC sub-layer starts maintains connections between devices (e.g. server - workstation).
MAC sub-layer enables multiple devices to share the same medium. MAC sub-layer maintains
physical device (MAC) addresses for communicating locally (the MAC address of the nearest router
is used to send information onto a WAN).

The specification for the hardware connection, the electronics, logic circuitry, and wiring that transmit the
actual signal. It is only concerned with moving bits of data on and off the network medium. Most network
problems occur at the Physical layer.

Here is an idiotic, yet easy way to remember the 7 layers. Memorize the following sentence: All People Seem To Need
Data Processing. The first letter of each word corresponds to the first letter of the layers starting with Application and
ending with the physical layer.

Domain 4.3: Evaluate the Network Based on Configuration Management Documentation

The topics covered in this section are either already covered elsewhere, or are too expansive for the purposes of this
guide. Consult your book(s) for more information about these topics.

Domain 4.4: Conduct Network Monitoring to Identify Performance and Connectivity Issues

The topics covered in this section are either already covered elsewhere, or are too expansive for the purposes of this
guide. Consult your book(s) for more information about these topics.

Domain 4.5: Explain Different Methods and Rationales for Network Performance

Quality of Service - (QoS) is a set of parameters that controls the level of quality provided to different types of
network traffic. QoS parameters include the maximum amount of delay, signal loss, noise that can be accommodated for
a particular type of network traffic, bandwidth priority, and CPU usage for a specific stream of data. These parameters
are usually agreed upon by the transmitter and the receiver. Both the transmitter and the receiver enter into an
agreement known as the Service Level Agreement (SLA). In addition to defining QoS parameters, the SLA also describes

Free CompTIA Network+ Study Guide by MC MCSE

12 of 23 5/19/2014 3:21 PM

Page 22

Secure File Transfer Protocol (SFTP) – sometimes called SSH file transfer protocol is a network protocol that
provides secured, encrypted file transfer capability over TCP port 22 by default.

Secure Copy Protocol (SCP) – Application Layer protocol in the Internet Protocol Suite that leverages the Secure
Shell (SSH) protocol using TCP port 22 by default to copy files from system to system on the same network or across
different networks.

Telnet - Application Layer protocol in the Internet Protocol Suite that was traditionally used to connect dumb
terminals to mainframe systems. Today it is sometimes used to connect to headless network equipment such as switches
and routers by using a command window. It is a client server protocol that runs on port 23 by default, and does not
encrypt any data sent over the connection.

Hypertext Transfer Protocol (HTTP) – Application Layer protocol in the Internet Protocol Suite that is the standard
protocol in use on the World Wide Web. Operating on port 80 by default, internet clients contact a web server and
request pages back from that server to their web browsers which render the returned content from the connection call.

File Transfer Protocol (FTP) – Application Layer protocol in the Internet Protocol Suite that uses port 20 for data
connections and listens on port 21. Often FTP is set up for anonymous access for the putting and getting of files. Even
when user name identification is required and password authentication is request to systems using FTP it is done via
clear text.

Remote Shell (RSH) – a command line program which can execute shell commands as another user and on another
computer across a computer network. All of the commands that are sent are done in clear text and any authentication is
also sent over the wire unencrypted. Secure Shell (SSH) is the secure replacement for this utility.

Remote Copy Protocol (RCP) – a Unix based command line utility that is used to copy data from one system to
another. The utility sends unencrypted information over the network including any applicable account and password
information. It has been replaced by Secure File Transfer Protocol (SFTP) which is sometimes called SSH file transfer

Simple Network Management Protocol versions 1 or 2 (SNMP) – Application Layer protocol in the Internet
Protocol Suite that is used for system management and configuration. Version 1 was originally introduced in the late 80s
and does not have really any applicable security features available. Authentication is performed using the “community
string", which is effectively nothing more than a password and that was transmitted in clear text. Version 2 did offer
some improvements in performance, security, and confidentiality but it did this through a “party-based” security system
that was considered overly complex and it was not widely accepted as a result.

Domain 6.6: Common Security Threats

DoS (Denial of Service) - A DoS attack is a common type of attack in which false requests to a server overload it to
the point that it is unable to handle valid requests, cause it to reset, or shut it down completely. There are many
different types of DoS attacks including Syn Flooding and Ping Flooding.

Viruses - A Computer Virus is a program that can copy itself and infect a computer without the permission or
knowledge of the user. A Computer Virus has 2 major characteristics: the ability to replicate itself, and the ability to
attach itself to another computer file. Every file or program that becomes infected can also act as a Virus itself, allowing
it to spread to other files and computers. The term "computer virus" is often used incorrectly as a catch-all phrase to
include all types of Malware such as Computer Worms, Trojan Horses, Spyware, Adware, and Rootkits. There are many
different anti-virus programs available to prevent and remove viruses. Since new threats are created almost constantly,
it is important to keep the virus definition files updated for your software.

Worm - Worms are stand alone programs that do not need other programs in order to replicate themselves like a
virus which relies on users to inadvertently spread it. Viruses and Worms can be prevented by installing anti-virus
software which can be run on servers, clients, firewalls and other devices.

Attackers - We aren't entirely sure what CompTIA is referring to with this term so we will offer a general definition.
The term attackers refers to any person or group of people that cause harm on individual computers, networks, and the
internet. This could include hackers, virus and malware creators, and anyone else who attempts to interfere with normal
computer and network operations.

Man in the Middle - These attacks can include the interception of email, files, passwords and other types of data that
can be transferred across a network. This is a form of Data Theft attack.

Smurf - This is a type of denial-of-service attack that floods a target system via spoofed broadcast ping messages in
an attempt to cause massive network traffic. To accomplish this, the attacker sends ICMP echo packets to broadcast
addresses of vulnerable networks with a forged source address pointing to the target (victim) of the attack. All the
systems on these networks reply to the victim with ICMP echo replies which will overload it. These types of attacks are
very easy to prevent, and as a result, are no longer very common.

Rogue Access Point - This term most often refers to unauthorized access points that are deployed with malicious
intent. But in general, it would refer to any unauthorized device regardless of its intent. Types of Rogue APs could include
one installed by an employee without proper consent, a misconfigured AP that presents a security risk, AP from
neighboring WLANs, or one used by an attacker. To prevent the installation of rogue access points, organizations can
install wireless intrusion prevention systems to monitor the radio spectrum for unauthorized access points.

Social Engineering (Phishing) - Social engineering describes various types of deception used for the purpose of

Free CompTIA Network+ Study Guide by MC MCSE

22 of 23 5/19/2014 3:21 PM

Page 23

information gathering, fraud, or computer system access. Phishing, a form of social engineering, is the fraudulent
process of attempting to acquire sensitive information such as usernames, passwords and credit card details by
masquerading as a trustworthy entity in an electronic communication such as email, chat, or instant messaging.

Mitigation Techniques - For the purposes of this guide, we can't cover all of the various options to prevent security
breaches, so we'll keep it brief with the following:

Policies and Procedures – an outline in a group, organization or across an enterprise which outlines different sets
of standards and actions. These will often define acceptable use of network systems and repercussions for
violations. Generally they are drafted by system and network administrators as an outline of service and use and
legal will generally tighten up the actual meaning. Management will ultimately need to follow up with approval
authorization and who will actually enforce them.
User Training – skills that need to be communicated to the end user community that are using the network
resources and connected systems. This training usually consists of rudimentary explanations of expected and
acceptable use and what the procedures are for violations. Additionally, it will include some basic level of
explanation of security threats and how user interaction can help defend the network as well as make it more at
risk when the wrong actions are taken.
Patches and Updates – operating system updates and application fixes that are released to enhance security
features or to fix known issues with software. Generally, most of the patches and some of the updates are
released in order to correct recently discovered security deficiencies in the code. These updates are always
delivered by the application owner unless a specific agreement is made between the application owner and
another vendor. Users and administrators would generally download these updates manually to install onto
systems or set up some type of automated system for delivery to managed systems and devices.


IT Showcase

Free CompTIA Network+ Study Guide by MC MCSE

23 of 23 5/19/2014 3:21 PM

Similer Documents