Network+ N10-007

1. 1.0 Networking Concepts

1.1. 1.1

1.1.1. Protocols and ports

1.1.1.1. SSH 22

1.1.1.2. DNS 53

1.1.1.3. SMTP 25

1.1.1.4. SFTP 22

1.1.1.5. FTP 20, 21

1.1.1.6. TFTP 69

1.1.1.7. TELNET 23

1.1.1.8. DHCP 67, 68

1.1.1.9. HTTP 80

1.1.1.10. HTTPS 443

1.1.1.11. SNMP 161

1.1.1.12. RDP 3389

1.1.1.13. NTP 123

1.1.1.14. SIP 5060, 5061

1.1.1.15. SMB445

1.1.1.16. POP 110

1.1.1.17. IMAP 143

1.1.1.18. LDAP 389

1.1.1.19. LDAPS 636

1.1.1.20. H.323 1720

1.1.2. Protocol types

1.1.2.1. ICMP

1.1.2.2. UDP

1.1.2.3. TCP

1.1.2.4. IP

1.1.3. Connection-oriented vs. connectionless

1.2. 1.2

1.2.1. Layer 1 – Physical

1.2.2. Layer 2 – Data link

1.2.3. Layer 3 – Network

1.2.4. Layer 4 – Transport

1.2.5. Layer 5 – Session

1.2.6. Layer 6 – Presentation

1.2.7. Layer 7 – Application

1.3. 1.3

1.3.1. Segmentation and interface properties

1.3.1.1. VLANs

1.3.1.2. Trunking (802.1q)

1.3.1.3. Tagging and untagging ports

1.3.1.4. Port mirroring

1.3.1.5. Switching loops/spanning tree

1.3.1.6. PoE and PoE+ (802.3af, 802.3at)

1.3.1.7. DMZ

1.3.1.8. MAC address table

1.3.1.9. ARP table

1.3.2. Properties of network traffic

1.3.2.1. Broadcast domains

1.3.2.2. CSMA/CD

1.3.2.3. CSMA/CA

1.3.2.4. Collision domains

1.3.2.5. Protocol data units

1.3.2.6. MTU

1.3.2.7. Broadcast

1.3.2.8. Multicast

1.3.2.9. Unicast

1.3.3. Routing

1.3.3.1. Routing protocols (IPv4 and IPv6)

1.3.3.1.1. Distance-vector routing protocols

1.3.3.1.2. Link-state routing protocols

1.3.3.1.3. Hybrid

1.3.3.2. Routing types

1.3.3.2.1. Static

1.3.3.2.2. Dynamic

1.3.3.2.3. Default

1.3.4. IPv6 concepts

1.3.4.1. Addressing

1.3.4.2. Tunneling

1.3.4.3. Dual stack

1.3.4.4. Router advertisement

1.3.4.5. Neighbor discovery

1.3.5. Performance concepts

1.3.5.1. Traffic shaping

1.3.5.2. QoS

1.3.5.3. Diffserv

1.3.5.4. CoS

1.3.6. Subnetting

1.3.6.1. Classful

1.3.6.1.1. Class A

1.3.6.1.2. Class B

1.3.6.1.3. Class C

1.3.6.1.4. Class D

1.3.6.1.5. Class E

1.3.6.2. Classless

1.3.6.2.1. VLSM

1.3.6.2.2. CIDR notation (IPv4 vs. IPv6)

1.3.7. NAT/PAT

1.3.8. Port forwarding

1.3.9. Access control list

1.3.10. Distributed switching

1.3.11. Packet-switched vs. circuit-

1.3.12. switched network

1.3.13. Software-defined networking

1.4. 1.4

1.4.1. Private vs. public

1.4.2. Loopback and reserved

1.4.3. Default gateway

1.4.4. Virtual IP

1.4.5. Subnet mask

1.4.6. Address assignments

1.4.6.1. DHCP

1.4.6.2. DHCPv6

1.4.6.3. Static

1.4.6.4. APIPA

1.4.6.5. EUI64

1.4.6.6. IP reservations

1.5. 1.5

1.5.1. Wired topologies

1.5.1.1. Logical vs. physical

1.5.1.2. Star

1.5.1.3. Ring

1.5.1.4. Mesh

1.5.1.5. Bus

1.5.2. Wireless topologies

1.5.2.1. Mesh

1.5.2.2. Ad hoc

1.5.2.3. Infrastructure

1.5.3. Types

1.5.3.1. LAN

1.5.3.2. WLAN

1.5.3.3. MAN

1.5.3.4. WAN

1.5.3.5. CAN

1.5.3.6. SAN

1.5.3.7. PAN

1.5.4. Technologies that facilitate the Internet of Things (IoT)

1.5.4.1. Z-Wave

1.5.4.2. Ant+

1.5.4.3. Bluetooth

1.5.4.4. NFC

1.5.4.5. IR

1.5.4.6. RFID

1.5.4.7. 802.11

1.6. 1.6

1.6.1. 802.11 standards

1.6.1.1. a

1.6.1.2. b

1.6.1.3. g

1.6.1.4. n

1.6.1.5. ac

1.6.2. Cellular

1.6.2.1. GSM

1.6.2.2. TDMA

1.6.2.3. CDMA

1.6.3. Frequencies

1.6.3.1. 2.4GHz

1.6.3.2. 5.0GHz

1.6.4. Speed and distance requirements

1.6.5. Channel bandwidth

1.6.6. Channel bonding

1.6.7. MIMO/MU-MIMO

1.6.8. Unidirectional/omnidirectional

1.6.9. Site surveys

1.7. 1.7

1.7.1. Types of services

1.7.1.1. SaaS

1.7.1.2. PaaS

1.7.1.3. IaaS

1.7.2. Cloud delivery models

1.7.2.1. Private

1.7.2.2. Public

1.7.2.3. Hybrid

1.7.3. Connectivity methods

1.7.4. Security implications/considerations

1.7.5. Relationship between local and cloud resources

1.8. 1.8

1.8.1. DNS service

1.8.1.1. Record types

1.8.1.1.1. A, AAA

1.8.1.1.2. TXT (SPF, DKIM)

1.8.1.1.3. SRV

1.8.1.1.4. MX

1.8.1.1.5. CNAME

1.8.1.1.6. NS

1.8.1.1.7. PTR

1.8.1.2. Internal vs. external DNS

1.8.1.3. Third-party/cloud-hosted DNS

1.8.1.4. Hierarchy

1.8.1.5. Forward vs. reverse zone

1.8.2. DHCP service

1.8.2.1. MAC reservations

1.8.2.2. Pools

1.8.2.3. IP exclusions

1.8.2.4. Scope options

1.8.2.5. Lease time

1.8.2.6. TTL

1.8.2.7. DHCP relay/IP helper

1.8.3. NTP

1.8.4. IPAM

2. 3.0 Network Operations

2.1. 3.1

2.1.1. Diagram symbols

2.1.2. Standard operating procedures/work instructions

2.1.3. Logical vs. physical diagrams

2.1.4. Rack diagrams

2.1.5. Change management documentation

2.1.6. Wiring and port locations

2.1.7. IDF/MDF documentation

2.1.8. Labeling

2.1.9. Network configuration and performance baselines

2.1.10. Inventory management

2.2. 3.2

2.2.1. Availability concepts

2.2.1.1. Fault tolerance

2.2.1.2. High availability

2.2.1.3. Load balancing

2.2.1.4. NIC teaming

2.2.1.5. Port aggregation

2.2.1.6. Clustering

2.2.1.7. Power management

2.2.1.7.1. Battery backups/UPS

2.2.1.7.2. Power generators

2.2.1.7.3. Dual power supplies

2.2.1.7.4. Redundant circuits

2.2.2. Recovery

2.2.2.1. Cold sites

2.2.2.2. Warm sites

2.2.2.3. Hot sites

2.2.2.4. Backups

2.2.2.4.1. Full

2.2.2.4.2. Differential

2.2.2.4.3. Incremental

2.2.2.5. Snapshots

2.2.3. MTTR

2.2.4. MTBF

2.2.5. SLA requirements

2.3. 3.3

2.3.1. Processes

2.3.1.1. Log reviewing

2.3.1.2. Port scanning

2.3.1.3. Vulnerability scanning

2.3.1.4. Patch management

2.3.1.4.1. Rollback

2.3.1.5. Reviewing baselines

2.3.1.6. Packet/traffic analysis

2.3.2. Event management

2.3.2.1. Notifications

2.3.2.2. Alerts

2.3.2.3. SIEM

2.3.3. SNMP monitors

2.3.3.1. MIB

2.3.4. Metrics

2.3.4.1. Error rate

2.3.4.2. Utilization

2.3.4.3. Packet drops

2.3.4.4. Bandwidth/throughput

2.4. 3.4

2.4.1. VPN

2.4.1.1. IPSec

2.4.1.2. SSL/TLS/DTLS

2.4.1.3. Site-to-site

2.4.1.4. Client-to-site

2.4.2. RDP

2.4.3. SSH

2.4.4. VNC

2.4.5. Telnet

2.4.6. HTTPS/management URL

2.4.7. Remote file access

2.4.7.1. FTP/FTPS

2.4.7.2. SFTP

2.4.7.3. TFTP

2.4.8. Out-of-band management

2.4.8.1. Modem

2.4.8.2. Console router

2.5. 3.5

2.5.1. Privileged user agreement

2.5.2. Password policy

2.5.3. On-boarding/off-boarding procedures

2.5.4. Licensing restrictions

2.5.5. International export controls

2.5.6. Data loss prevention

2.5.7. Remote access policies

2.5.8. Incident response policies

2.5.9. BYOD

2.5.10. AUP

2.5.11. NDA

2.5.12. System life cycle

2.5.12.1. Asset disposal

2.5.13. Safety procedures and policies

3. 5.0 Network Troubleshooting and Tools

3.1. 5.1

3.1.1. Identify the problem

3.1.1.1. Gather information

3.1.1.2. Duplicate the problem, if possible

3.1.1.3. Question users

3.1.1.4. Identify symptoms

3.1.1.5. Determine if anything has changed

3.1.1.6. Approach multiple

3.1.1.7. problems individually

3.1.2. Establish a theory of probable cause

3.1.2.1. Question the obvious

3.1.2.2. Consider multiple approaches

3.1.2.2.1. Top-to-bottom/bottom-to-top

3.1.2.2.2. OSI model

3.1.2.2.3. Divide and conquer

3.1.3. Test the theory to determine the cause

3.1.3.1. Once the theory is confirmed, determine the next steps to resolve the problem

3.1.3.2. If the theory is not confirmed, reestablish a new theory or escalate

3.1.4. Establish a plan of action to resolve the problem and identify potential effects

3.1.5. Implement the solution or escalate as necessary

3.1.6. Verify full system functionality and, if applicable, implement preventive measures

3.1.7. Document findings, actions, and outcomes

3.2. 5.2

3.2.1. Hardware tools

3.2.1.1. Crimper

3.2.1.2. Cable tester

3.2.1.3. Punchdown tool

3.2.1.4. OTDR

3.2.1.5. Light meter

3.2.1.6. Tone generator

3.2.1.7. Loopback adapter

3.2.1.8. Multimeter

3.2.1.9. Spectrum analyzer

3.2.2. Software tools

3.2.2.1. Packet sniffer

3.2.2.2. Port scanner

3.2.2.3. Protocol analyzer

3.2.2.4. WiFi analyzer

3.2.2.5. Bandwidth speed tester

3.2.2.6. Command line

3.2.2.6.1. ping

3.2.2.6.2. tracert, traceroute

3.2.2.6.3. nslookup

3.2.2.6.4. ipconfig

3.2.2.6.5. ifconfig

3.2.2.6.6. iptables

3.2.2.6.7. netstat

3.2.2.6.8. tcpdump

3.2.2.6.9. pathping

3.2.2.6.10. nmap

3.2.2.6.11. route

3.2.2.6.12. arp

3.2.2.6.13. dig

3.3. 5.3

3.3.1. Attenuation

3.3.2. Latency

3.3.3. Jitter

3.3.4. Crosstalk

3.3.5. EMI

3.3.6. Open/short

3.3.7. Incorrect pin-out

3.3.8. Incorrect cable type

3.3.9. Bad port

3.3.10. Transceiver mismatch

3.3.11. TX/RX reverse

3.3.12. Duplex/speed mismatch

3.3.13. Damaged cables

3.3.14. Bent pins

3.3.15. Bottlenecks

3.3.16. VLAN mismatch

3.3.17. Network connection LED status indicators

3.4. 5.4

3.4.1. Reflection

3.4.2. Refraction

3.4.3. Absorption

3.4.4. Latency

3.4.5. Jitter

3.4.6. Attenuation

3.4.7. Incorrect antenna type

3.4.8. Interference

3.4.9. Incorrect antenna placement

3.4.10. Channel overlap

3.4.11. Overcapacity

3.4.12. Distance limitations

3.4.13. Frequency mismatch

3.4.14. Wrong SSID

3.4.15. Wrong passphrase

3.4.16. Security type mismatch

3.4.17. Power levels

3.4.18. Signal-to-noise ratio

3.5. 5.5

3.5.1. Names not resolving

3.5.2. Incorrect gateway

3.5.3. Incorrect netmask

3.5.4. Duplicate IP addresses

3.5.5. Duplicate MAC addresses

3.5.6. Expired IP address

3.5.7. Rogue DHCP server

3.5.8. Untrusted SSL certificate

3.5.9. Incorrect time

3.5.10. Exhausted DHCP scope

3.5.11. Blocked TCP/UDP ports

3.5.12. Incorrect host-based firewall settings

3.5.13. Incorrect ACL settings

3.5.14. Unresponsive service

3.5.15. Hardware failure

4. 2.0 Infrastructure

4.1. 2.1

4.1.1. Media types

4.1.1.1. Copper

4.1.1.1.1. UTP

4.1.1.1.2. STP

4.1.1.1.3. Coaxial

4.1.1.2. Fiber

4.1.1.2.1. Single-mode

4.1.1.2.2. Multimode

4.1.2. Plenum vs. PVC

4.1.3. Connector types

4.1.3.1. Copper

4.1.3.1.1. RJ-45

4.1.3.1.2. RJ-11

4.1.3.1.3. BNC

4.1.3.1.4. DB-9

4.1.3.1.5. DB-25

4.1.3.1.6. F-type

4.1.3.2. Fiber

4.1.3.2.1. LC

4.1.3.2.2. ST

4.1.3.2.3. SC

4.1.3.2.4. APC

4.1.3.2.5. UPC

4.1.3.2.6. MTRJ

4.1.4. Transceivers

4.1.4.1. SFP

4.1.4.2. GBIC

4.1.4.3. SFP+

4.1.4.4. QSFP

4.1.4.5. Characteristics of fiber transceivers

4.1.4.5.1. Bidirectional

4.1.4.5.2. Duplex

4.1.5. Termination points

4.1.5.1. 66 block

4.1.5.2. 110 block

4.1.5.3. Patch panel

4.1.5.4. Fiber distribution panel

4.1.6. Copper cable standards

4.1.6.1. Cat 3

4.1.6.2. Cat 5

4.1.6.3. Cat 5e

4.1.6.4. Cat 6

4.1.6.5. Cat 6a

4.1.6.6. Cat 7

4.1.6.7. RG-6

4.1.6.8. RG-59

4.1.7. Copper termination standards

4.1.7.1. TIA/EIA 568a

4.1.7.2. TIA/EIA 568b

4.1.7.3. Crossover

4.1.7.4. Straight-through

4.1.8. Ethernet deployment standards

4.1.8.1. 100BaseT

4.1.8.2. 1000BaseT

4.1.8.3. 1000BaseLX

4.1.8.4. 1000BaseSX

4.1.8.5. 10GBaseT

4.2. 2.2

4.2.1. Firewall

4.2.2. Router

4.2.3. Switch

4.2.4. Hub

4.2.5. Bridge

4.2.6. Modems

4.2.7. Wireless access point

4.2.8. Media converter

4.2.9. Wireless range extender

4.2.10. VoIP endpoint

4.3. 2.3

4.3.1. Multilayer switch

4.3.2. Wireless controller

4.3.3. Load balancer

4.3.4. IDS/IPS

4.3.5. Proxy server

4.3.6. VPN concentrator

4.3.7. AAA/RADIUS server

4.3.8. UTM appliance

4.3.9. NGFW/Layer 7 firewall

4.3.10. VoIP PBX

4.3.11. VoIP gateway

4.3.12. Content filter

4.4. 2.4

4.4.1. Virtual networking components

4.4.1.1. Virtual switch

4.4.1.2. Virtual firewall

4.4.1.3. Virtual NIC

4.4.1.4. Virtual router

4.4.1.5. Hypervisor

4.4.2. Network storage types

4.4.2.1. NAS

4.4.2.2. SAN

4.4.3. Connection type

4.4.3.1. FCoE

4.4.3.2. Fibre Channel

4.4.3.3. iSCSI

4.4.3.4. InfiniBand

4.4.4. Jumbo frame

4.5. 2.5

4.5.1. Service type

4.5.1.1. ISDN

4.5.1.2. T1/T3

4.5.1.3. E1/E3

4.5.1.4. OC-3 – OC-192

4.5.1.5. DSL

4.5.1.6. Metropolitan Ethernet

4.5.1.7. Cable broadband

4.5.1.8. Dial-up

4.5.1.9. PRI

4.5.2. Transmission mediums

4.5.2.1. Satellite

4.5.2.2. Copper

4.5.2.3. Fiber

4.5.2.4. Wireless

4.5.3. Characteristics of service

4.5.3.1. MPLS

4.5.3.2. ATM

4.5.3.3. Frame relay

4.5.3.4. PPPoE

4.5.3.5. PPP

4.5.3.6. DMVPN

4.5.3.7. SIP trunk

4.5.4. Termination

4.5.4.1. Demarcation point

4.5.4.2. CSU/DSU

4.5.4.3. Smart jack

5. 4.0 Network Security

5.1. 4.1

5.1.1. Detection

5.1.1.1. Motion detection

5.1.1.2. Video surveillance

5.1.1.3. Asset tracking tags

5.1.1.4. Tamper detection

5.1.2. Prevention

5.1.2.1. Badges

5.1.2.2. Biometrics

5.1.2.3. Smart cards

5.1.2.4. Key fob

5.1.2.5. Locks

5.2. 4.2

5.2.1. Authorization, authentication and accounting

5.2.1.1. RADIUS

5.2.1.2. TACACS+

5.2.1.3. Kerberos

5.2.1.4. Single sign-on

5.2.1.5. Local authentication

5.2.1.6. LDAP

5.2.1.7. Certificates

5.2.1.8. Auditing and logging

5.2.2. Multifactor authentication

5.2.2.1. Something you know

5.2.2.2. Something you have

5.2.2.3. Something you are

5.2.2.4. Somewhere you are

5.2.2.5. Something you do

5.2.3. Access control

5.2.3.1. 802.1x

5.2.3.2. NAC

5.2.3.3. Port security

5.2.3.4. MAC filtering

5.2.3.5. Captive portal

5.2.3.6. Access control lists

5.3. 4.3

5.3.1. WPA

5.3.2. WPA2

5.3.3. TKIP-RC4

5.3.4. CCMP-AES

5.3.5. Authentication and authorization

5.3.5.1. EAP

5.3.5.1.1. PEAP

5.3.5.1.2. EAP-FAST

5.3.5.1.3. EAP-TLS

5.3.5.2. Shared or open

5.3.5.3. Preshared key

5.3.5.4. MAC filtering

5.3.6. Geofencing

5.4. 4.4

5.4.1. DoS

5.4.1.1. Reflective

5.4.1.2. Amplified

5.4.1.3. Distributed

5.4.2. Social engineering

5.4.3. Insider threat

5.4.4. Logic bomb

5.4.5. Rogue access point

5.4.6. Evil twin

5.4.7. War-driving

5.4.8. Phishing

5.4.9. Ransomware

5.4.10. DNS poisoning

5.4.11. ARP poisoning

5.4.12. Spoofing

5.4.13. Deauthentication

5.4.14. Brute force

5.4.15. VLAN hopping

5.4.16. Man-in-the-middle

5.4.17. Exploits vs. vulnerabilities

5.5. 4.5

5.5.1. Changing default credentials

5.5.2. Avoiding common passwords

5.5.3. Upgrading firmware

5.5.4. Patching and updates

5.5.5. File hashing

5.5.6. Disabling unnecessary services

5.5.7. Using secure protocols

5.5.8. Generating new keys

5.5.9. Disabling unused ports

5.5.9.1. IP ports

5.5.9.2. Device ports (physical and virtual)

5.6. 4.6

5.6.1. Signature management

5.6.2. Device hardening

5.6.3. Change native VLAN

5.6.4. Switch port protection

5.6.4.1. Spanning tree

5.6.4.2. Flood guard

5.6.4.3. BPDU guard

5.6.4.4. Root guard

5.6.4.5. DHCP snooping

5.6.5. Network segmentation

5.6.5.1. DMZ

5.6.5.2. VLAN

5.6.6. Privileged user account

5.6.7. File integrity monitoring

5.6.8. Role separation

5.6.9. Restricting access via ACLs

5.6.10. Honeypot/honeynet

5.6.11. Penetration testing