Network+ Study Guide (N10-006)

Network Architecture

 Router

 Operates on the Network layer of the OSI Model (Layer 3), uses IP addresses to
send/“route” packet between different IP networks.

 Switch

 Operates on the Data Link layer (Layer 2) of the OSI Model, uses MAC addresses to
transfer frames between nodes on the same network.

 Multilayer Switch

 A network device that operates at layers 2-7 of the OSI model. Can perform the functions
of a switch as well as a router. Has the ability to look get higher layer information from
within network frames.

 Firewall

 HIDS

 Host Based Intrusion Detection System (HIDS), is an Intrusion Detection System that
resides on individual hosts (Computers). HIDS are used to monitor systems, enforce
system policy, gather statistics, log anomalies, etc.

 IDS/IPS

 Intrusion Detection Systems

 Monitor Hosts or Networks and can alert administrators of attacks.

 Intrusion Prevention Systems (IPS)

 Like an IDS they monitor Hosts or Networks, but have additional capabilities to stop
attacks such as block IP addresses.

 Access Point

 A Network Device that allows clients to connect to the network. Wireless network have a
Wireless Access Point, likewise wired networks have devices such as switches that allow
 clients to connect to the network. A Switch that computers are using to access the
network is an access point.

 Content Filter

 Hardware or software that is used to traffic on the internet based on content. Content
Filters typically filter web site, and email traffic.

 Hub

 A network device that the Physical Layer of the OSI Model (Layer 1). Hubs repeat
everything received in one port to every other port on the device.

 Analog Modem

 A network device that converts analog phone signals into digital signals for use by
computers. The conversion goes both ways from digital to analog and from analog to
digital. Commonly used to convert digital signals to analog phone signals.

 Packet Shaper

 Hardware or software that assures the traffic being sent out on a network complies with
what is required for input on the distant end. Used to prevent latency and optimize
performance

 VPN Concentrator

 A network device that establishes and maintains a VPN connect for use by clients.
Clients then do not have to establish their own VPN.

Compare and Contrast

 VPN

 Site to Site - Connect entire network to each other

 Host to Host - Connects two individual Host systems
 Protocols:

 IPsec - Internet Protocol Security

 Secures IP communications by authenticating and encrypting every packet. Utilizes UDP

Port 500 and IP Protocol 50 (Encapsulating Security Payload) and 51 (Authentication
Header).

 GRE - Generic Routing Encryption

  Used to pass traffic over incompatible networks. Creates a tunnel that isn’t secure.

 SSL - Secure Socket Layer VPN

 Uses the SSL standard to secure VPN traffic on port 443.

 PPTP

 Uses Port 1723 to create secure tunnels. This technology has many known security
vulnerabilities

 RADIUS - Remote Authentication Dial-In User Service

 An authentication and accounting system used to provide remote access. Usernames and
passwords are passed to Remote Access Servers and then authenticated against a central
database.

 TACACS - Terminal Access Control Access Control System

 An older Remote Access Authentication Technology commonly used on Unix based

networks. This technology has mostly been replaced by RADIUS and TACACS+.

 RAS - Remote Access Services

 Generally Refers to VPN Technologies built into the Microsoft Windows Operating
Systems since Windows NT.

 Web Services

 A standardized way of creating communications using SOAP, XML, WSDL, and UDDI.

 XML tags the data, SOAP transfers the data, WSDL describes the available services and
UDDI lists the available services.

 Unified Voice Services

 Methods to bring voice services (phone calls, voice mails, audio conferencing, etc)
together. For instance VoIP can integrate many of these aspects together.

 Network Controllers

 Another name for Network Card or Network Adapter.

Install and Configure

 DHCP
 Static vs Dynamic IP addresses

 Static IP addresses are configured manually, Dynamic address Configured automatically

by a DHCP server.

 Reservations

 Reserving an IP address for a particular host, defined by that host’s MAC Address.

 Scopes

 An administrative grouping of IP addresses that are leased by a DHCP server.

 Leases

 DHCP server's lease IP addresses to hosts for a specified period of time.

 Options (DNS Servers, Suffixes)

 Administrators can specify options that allow additional information to be configured by

the DHCP server. Option 3 is the router for the host to use (Default Gateway), and Option
6 is the DNS Server address for the host to use.

 DHCP Relay

 Typically DCHP packets are not passed between networks. If the administrator wants to
pass DHCP requests across networks they use a relay agent to send the request to a
DHCP server on a separate logical network.

 DNS

 DNS Servers

 A server that is used to map host names to IP addresses

 DNS records (A, MX, AAAA, CNAME, PRT, SVR)

 A - IPv4 Host Record

 MX - E-Mail Server Record
 AAAA - IPv6 Host Record
 CNAME - Canonical Name Record. Use to Create an alias to another host record.

 Dynamic DNS

 DNS records that automatically update as IP addresses update

  Proxy/Reverse Proxy

 A computer that is used to connect to and send/receive requests. A web proxy for
instance sits between a user's web browser and sites on the internet. Web proxies can be
used to filter content, or for privacy/security.

 NAT - Network Address Translation

 PAT - Port Address Translation

 In use on many home routers today, provides a way for a multiple LAN IP Addresses to
be translated into a single WAN IP address. PAT assigns LAN connections a Socket
based on IP Address and Port number.

 SNAT - Static NAT

 Address translations are manually configured on a 1 to 1 basis

 DNAT - Dynamic NAT

 Address translations happen automatically, but on a 1 to 1 basis

 Port Forwarding

 Opening ports on a firewall and assigning that port to a specific internal IP. If you
forward port 80 to the internal address of 192.168.1.10 all traffic that hits the WAN
interface on the router on port 80 will be forwarded to 192.168.1.10.

Characteristics and Benefits of WAN technologies

 Fiber

 SONET - Synchronous Optical Network

 Multiplex Digital Signals over Optical Cable

 All circuits use the same clock
 American National Standards Institute (ANSI) standard
 US and Canada

 SDH - Synchronous Digital Hierarchy

 Multiplex Digital Signals over Optical Cable

 All circuits use the same clock
 International Telecommunications Union (ITU) standard
 Used Everywhere else
 DWDM - Dense Wavelength Division Multiplexing

 Puts data from different sources on an optical fiber

 Each signal is carried at the same time on it’s own light wavelength

 CWDM

 Coarse Wavelength Division Multiplexing

 Uses the same concept as DWDM, at a lower cost and lower speeds

 Frame Relay

 A scalable WAN solution often used as an alternative to leased lines. Frame Relay
operates at the physical and datalink layers of the OSI model. Customers purchase leased
lines to frame relay nodes, and data is sent over Virtual Circuits between the nodes.

 Satellite

 Broadband Internet utilizing satellite communications.

 Broadband Cable

 Broadband internet using existing cable tv lines

 DSL/ADSL - Digital Subscriber Line

 Broadband internet utilizing existing POTS (Plain Old Telephone System) lines

 ISDN - Integrated Services Digital Network

 Similar to DSL but specific lines need to be installed.

 ATM - Asynchronous Transfer Mode

 ATM is WAN technology that utilizes a 53-byte cell. 155.520 or 622.080 Mbps

 PPP - Point-to-Point Protocol

 An encapsulation protocol for transporting network layer traffic over point-to-point links.

 Multilink PPP

 Variant of PPP. Aggregates multiple WAN links into a single aggregate. Enables load
balancing and redundancy.

 MPLS - Multiprotocol Label Switching

  A High Speed WAN technology that directs traffic based on short path Labels rather than
long network addresses.

 GSM/CDMA
 Edge

 Slower than 3G, original iphone

 3G - Third Generation of Cellular Technologies

 4G Technologies

 LTE/4g
 HSPA+
 WiMax

 Dialup

 Uses POTS lines and a 56k MODEM to convert Digital Computer Signals to Analog

 Metro-Ethernet

 A MAN (Metropolitan Area Network) based on the Ethernet standard. Subscribers

typically have equipment on site that connects them into the MAN.

 Leased lines

 T-1 - 1.544 Mbps

 T-3 - 44.736 Mbps, Commonly 28 T1 lines multiplexed
 E-1 - 2.048 Mbps
 E-3 - 34 Mbps or 16 E-1 lines
 OC3 - 155.52 Mbps
 OC12 - 622.08 Mbps

 Circuit switched

 A dedicated network channel is created before the call.

 Packet switched

 No dedicated channel required, many users can use the paths

Install and Terminate Cables and Connectors using the Proper Tools

 Copper Connectors

 RJ-11 - Registered Jack six pin connector (Think Telephone Cables)

 RJ-45 - Registered Jack 8 pin connector (Common for Twisted Pair Network CAT5, etc)

 Pins 1,2,3 and 6 Transmit/Receive Data

 RJ-48C

 The same as RJ45, commonly used for T1 and the transmit/receive pins are different.
Usually uses Shielded Twisted Pair (STP) Cable.

 DB-9/RS-232

 DB9 - A 9 pin Serial Connector

 RS-232 is the serial connection standard for the cables and pinouts.

 DB-25

 25 pin Serial Connector

 UTP Coupler

 Has two female ends used to connect two Unshielded Twisted Pair cables

 BNC Coupler

 Used to couple two BNC cables together can be male-to-male, female-to-female, or male-
to-female.

 BNC - Bayonet Neill–Concelman

 Miniature quick connect/disconnect RF connectors.

 F-connector

 Threaded connectors used with cable TV or high speed cable modems

 110 block and 66 block

 Punch down block for voice systems

 Copper Cables

 Shielded Cable

 Copper cable that is covered by a shielding, can be made of many metal types or
polymer. Used to prevent electromagnetic interference.
 Unshielded Cable

 Copper cable with no shielding, common where electromagnetic interference is not a

concern.

 CAT3 - 10BaseT 10Mbps

 CAT5 - 100BaseT 100Mbps
 CAT5e - 1000BaseT 1Gbps
 CAT6 - 10000BaseT/10GBE 10Gbps (Up to 55 Meters)
 CAT6a - 10000BaseT/10GBE 10Gbps (Up to 100 Meters)
 PVC vs Plenum

 Plenum refers to plenum spaces, where fire travels quickly. Plenum cabling is coated
with a more fire resistant skin than regular PVC.

 RG-59 and RG-6

 Coaxial (coax) cables RG6 is larger and the inner core is bigger than that of RG59. RG6
has a better frequency range and can usually be used in place of RG59 but not the other
way around.

 Straight-through Cable

 Used to connect unlike devices

 Computer to switch
 Router to switch

 Crossover Cable

 Used to connect like devices

 Computer to Computer

 Rollover Cable

 Used for console connections

 Fiber Connectors

 ST - Straight Tip

 2.5mm Ferrule with round plastic body. Uses a Twist On/Off style mechanism.

 SC
 2.5mm Ferrule with a plastic clip

 LC

 Small Form Factor (SFF) connector that uses a plastic retaining clip that commonly holds
two connectors.

 MTRJ - Mechanical Transfer Registered Jack

 a SFF connector that has a single plug holding two wires. (Always Duplex)

 FC

 Like the ST uses a 2.5mm ferrule with a twist on connector. Have mostly been replaced,
can be tricky to connect as they use ceramic inside a stainless tube ferrule.

 Fiber Coupler

 Coupler to connect fiber optic cables.

 Fiber Cables

 Single Mode

 Sends and receives a single signal down the core of the glass.

 Multimode

 Sends signal down the core and bouncing down the sides of the glass

 APC vs UPC

 With a UPC Connector the light is reflected straight back to the source. With an APC
connector the light is reflected back at an angle. Has more return loss.

 Media Converters

 Single Mode Fiber to Ethernet

 Multimode Fiber to Ethernet
 Fiber to Coaxial
 Single Mode to Multimode Fiber

 Tools

 Cable Crimpers
 Punch Down tool
  Wire Strippers
 Snips
 OTDR - Optical Time Domain Reflectometer

 Used to test the integrity of fiber optic cables.

 Cable Certifier

 Test a cable to a specific specification no just continuity

Common Network Topologies

 Mesh - Network nodes are connected to one another directly

 Full or Partial

 Bus

 All nodes connect to a common backbone (BUS) cable

 Ring

 Nodes to connect to neighbors in a ring fashion to transmit. Each node has two neighbors
and all messages travel through the ring.

 Star

 All nodes connect to a central connection point. Much like a home network.

 Hybrid

 Combination of multiple physical topologies

 Point-to-Point

 Dedicated link between two nodes or two networks

 Point-to-Multipoint

 Multiple Paths from a single location to multiple locations

 Client-Server

 Clients connect to servers. Servers provide services to clients. (File Shares, Printers, FTP,
SSH, Telnet)
  Peer-to-Peer

 Two or more computer share resources without using a central server.

Network Infrastructure Implementations

 WAN - Wide Area Network (The Internet)

 MAN - Metropolitan Area Network
 LAN - Local Area Network
 WLAN - Wireless Local Area Network

 Hotspot - Wifi Access (Usually for Guest users)

 PAN - Personal Area Network

 Bluetooth - Shortrange wireless connections for mobile devices

 IR - Infra Red

 Short range, requires direct line of site. (TV Remotes)

 NFC - Near Field Communication

 Limited to short distances around 4-5 centimeters.

 SCADA/ICS - Supervisory Control And Data Acquisition (Incident Command System)

 ICS Server
 DCS/Closed Network

 Distributed Control System

 Remote Terminal Unit

 An interface between the physical world and the SCADA/ICS. They transmit data back to
the central station.

 Programmable Logic Controller

 Monitors the state of input devices and makes decisions based on programming to control
output devices

 Medianets

 VTC

 ISDN
  IP
 Session Initiation Protocol (SIP)

Addressing Schema

 IPv6

 Auto-Configuration

 EUI 64

 The last 64 bits of an IPv6 address created by using the MAC address and putting FF:FE
in the middle.

 DHCP6

 DHCP6 clients can request IPv6 addresses from a DHCP6 server.

 Link-Local

 An automatically configured address for IPv6. The scope is the local subnet. They all
start with FE80::/64

 Address Structure

 8 16-bit sets separated by colons

 Each 16 bit set is comprised of 4 hexadecimal numbers (0-9 and A-F)
 Each
 Example: 21DA:00D3:0000:2F3B:02AA:00FF:FE28:9C5A
 The first 64 bits define the network

 Address compression

 You can compress IPv6 address blocks that contain only zeros to simplify configuring
and reading.
 Example FE80:0000:0000:0000:00FF:FE28:9C5A can be expressed as
FE80:0:0:0:00FF:FE28:9C5A
 You can also compress multiple blocks of continuous zeros with a double colon
 Example FF02:0000:0000:0000:0000:0000:0000:0002 can be expressed as FF02::2

 Tunneling 6to4, 4to6

 Teredo, Miredo

 IPv4
 Address Structure

 4 8-bit octets represented in dotted decimal notation

Example: 192.168.1.1

 Subnetting

 Addresses can be subnetted to create multiple networks from a single IP space.

 APIPA - Automatic Private IP Addressing (APIPA)

 When an interface is configured to receive its address dynamically and no DHCP server
can be found it automatically configures an address in the range of 169.245.0.0-
169.254.255.255

 Classful IP addressing
 Class A

 Addresses 0.0.0.0 - 127.255.255.255

 Subnet Mask of 255.0.0.0

 Class B

 Addresses 128.0.0.0 - 191.255.255.255

 Subnet Mask of 255.255.0.0

 Class C

 Addresses 192.0.0.0 - 223.255.255.255

 Subnet Mask of 255.255.255.0

 Class D

 Addresses 224.0.0.0 - 239.255.255.255

 Classless

 Classless IP addresses do use variations of IP addresses and Subnet masks that do not
follow the standard classifications.
 Example: Address 10.0.0.1 Subnet Mask 255.255.255.0

 Private vs Public

 Private addresses do not route onto the internet. All routers are configured to drop these
packets once they hit the edge of the internet.
 Ranges include 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
  MAC Addressing - Media Access Control

 Address tied to the physical hardware of an interface

 Hardwired to the physical device (cannot be changed)
 Example: 00:11:22:33:44:55

 Multicast

 One to many or many to many communication

 Unicast

 One to one communication

 Broadcast

 One to all communications

 Broadcast Domains

 A range of addresses that a device is allowed to broadcast to. Broken up by networks or

subnets.

 Collision Domains

 A section of a network connected by a shared medium. Switches break up collision

domains.

Routing Concepts and Protocols

 Loopback Interface

 Used to test the functionality of the local network stack

 127.0.0.1 or ::1
 A ping 127.0.0.1 will ping the local system

 Routing Loops

 A routing error where a packet is sent in a loop and never reaches the destination

 Routing Tables

 A set of rules in a router that define where packets are to be sent.

 Static vs Dynamic routes

 Static routes are manually configured by an administrator
 Dynamic routes are learned by the device

 Default Route

 This is the route that all packets are sent to unless specified by another route

 Distance Vector Routing Protocol

 The best path to a network is determined by hop counts

 RIPv2 - a classless distance vector routing protocol

 15 hop limit
 Not the best in large networks

 Link State Routing Protocols

 Contain an entire network diagram

 Use the Shortest Path to a destination to send packets
 Protocols Include:

 OSPF - Open Shortest Path First

 IS-IS - Intermediate System to Intermediate System

 Hybrid Routing Protocols - Combine Distance Vector and Link State Capabilities

 BGP - Border Gateway Protocol

 Interior vs Exterior Gateway Routing Protocols

 Interior Gateway Routing Protocols handle routing packets within an autonomous

system. Place to place between the routers you own.
 Exterior Gateway Routing Protocols route traffic from place to place outside your
network on the internet.

 Autonomous System Numbers

 Used by various routing protocols to distinguish between autonomous systems. They are
assigned to Regional Internet Registries by IANA, and given to compliant network
operators from there.

 Route Redistribution

 Routing protocols advertising routes that have been learned by a means other than
standard; static routes, directly connected routers, other broadcasts, etc.
 High Availability

 VRRP - Virtual Router Redundancy Protocol

 Provides automatic assignment of available IP routers to participating hosts.

 A virtual router is used to assign physical routers that are available to systems

 Virtual IP

 An IP address that applies to a virtual interface not a physical one.

 HSRP - Hot Standby Router Protocol

 Cisco Proprietary redundancy protocol for establishing a fault-tolerant default gateway.

 Route Aggregation

 Combining groups of routes with common addresses into a single entry in a routing table.
 Decreases the size of the routing table, and the amount of data sent during router
advertisements.
 Example: 128.100.192.0/19 and 128.100.67.0/24 can be aggregated into 128.100.0.0/16 if
they use the same interface on the router.

 Routing Metrics

 Hop Counts

 The number of routers a packet hits between source and destination

 MTU - Maximum Transmission Unit

 The maximum size of a transmission unit for a specific protocol

 Different for each communications protocol

 Bandwidth

 In computer networks refers to the maximum speed a technology supports. Usually in

Mbps

 Costs

 Routers put cost values on paths between nodes and the route with the greatest total cost
is used. Different routers/protocols use different metrics to determine the cost for a link.

 Latency
  Any of several delays incurred when processing network data.

 Administrative Distance

 Routing protocols all have their own default administrative distance that is used by the
router when determining what route to send packets.
 The smaller the value the more reliable the protocol

 STP - Spanning Tree Protocol

 Prevents bridge loops between network devices. (Usually on Switches)

 SPB - Shortest Path Bridging

 An IEEE standard for enabling multipath routing within datacenters.

 Meant to replace STP

Unified Communications Technologies

 VoIP - Voice Over IP

 Real Time Services

 Presence

 A type of technology that makes it possible to locate and communicate with a computer
system wherever it may be.
 Examples: GPS Enabled Phones, IM clients, etc

 QoS - Quality of Service

 DSCP (QoS Layer 3)

 COS (Qos Layer 2)

 Devices

 UC Servers
 UC Devices
 UC Gateways

Cloud and Virtualization Technologies

 Virtualization

 Virtual Switches

 Allows virtual machines to communicate with one another and physical hosts.
 Virtual Routers

 A software based system that does everything a router does.

 Virtual Firewall

 A network appliance running completely in a virtual environment

 Virtual vs Physical NICs

 Virtual NICs are not associated with a physical computer

 Software Defined Networking

 Layers of software created and put in place to control network functions. A blanket term
describing technologies aimed at making networking as flexible and agile as virtual
computing.

 Storage Area Network (SAN)

 iSCSI - Internet Small Computer System Interface

 A Storage Network Protocol built on top of TCP/IP

 Does not require extra hardware

 Jumbo Frame
 Fibre Channel

 A dedicated storage network architecture

 Requires additional hardware to be purchased

 Host Bus Adapters (HBA)

 Dedicated Switches

 Network Attached Storage (NAS)

 Cloud Concepts

 IaaS - Infrastructure as a Service

 Provides a platform to create and manage virtual machines

 SaaS - Software as a Service

 Cloud applications like Office 365, Google Apps, etc.

 PaaS - Platform as a Service

 A software development platform in the cloud

 Public IaaS, SaaS, PaaS

 Private IaaS, SaaS, PaaS
 Hybrid IaaS, SaaS, PaaS
 Community IaaS, SaaS, PaaS