Introduction
If you’re like most of us in the networking community, you probably have one or more network certifications. If that’s you, you’re very wise in choosing a CompTIA Network+ (N10-007) certification to proudly add to your repertoire because that achievement will make you all the more valuable as an employee. In these challenging economic times, keeping ahead of the competition—even standing out among your present colleagues—could make a big difference in whether you gain a promotion or possibly keep your job instead of being the one who gets laid off! Or maybe this is your first attempt at certification because you’ve decided to venture into a new career in information technology (IT). You’ve realized that getting into the IT sector is a good way to go because as the information age marches on, the demand for knowledgeable professionals in this dynamic field will only intensify dramatically.
Either way, certification is one of the best things you can do for your career if you are working in, or want to break into, the networking profession because it proves that you know what you’re talking about regarding the subjects in which you’re certified. It also powerfully endorses you as a professional in a way that’s very similar to a physician being board certified in a certain area of expertise.
In this book, you’ll find out what the Network+ exam is all about because each chapter covers a part of the exam. I’ve included some great review questions at the end of each chapter to help crystallize the information you learned and solidly prepare you to ace the exam.
A really cool thing about working in IT is that it’s constantly evolving, so there are always new things to learn and fresh challenges to master. Once you obtain your Network+ certification and discover that you’re interested in taking it further by getting into more complex networking (and making more money), the Cisco CCNA certification is definitely your next step; you can get the skinny on that and even more in-depth certifications on my blog at www.lammle.com.
 |
For Network+ training with Todd Lammle, both instructor-led and online, please see www.lammle.com/network+. |
What Is the Network+ Certification?
Network+ is a certification developed by the Computing Technology Industry Association (CompTIA) that exists to provide resources and education for the computer and technology community. This is the same body that developed the A+ exam for PC technicians.
The Network+ exam was designed to test the skills of network technicians with 18 to 24 months of experience in the field. It tests areas of networking technologies such as the definition of a protocol, the Open Systems Interconnection (OSI) model and its layers, and the concepts of network design and implementation—the minimum knowledge required for working on a network and some integral prerequisites for network design and implementation.
Why Become Network+ Certified?
Because CompTIA is a well-respected developer of vendor-neutral industry certifications, becoming Network+ certified proves you’re competent in the specific areas covered by the Network+ objectives.
Four major benefits are associated with becoming Network+ certified:
Proof of Professional Achievement Networking professionals are pretty competitive when it comes to collecting more certifications than their peers. And because the Network+ certification broadly covers the entire field of networking, technicians want this certification a lot more than just Microsoft certifications—Network+ is a lot more prestigious and valuable. Because it’s rare to gain something that’s worth a lot with little effort, I’ll be honest—preparing for the Network+ exam isn’t exactly a lazy day at the beach. (However, beaches do happen to be really high on my personal list of great places to study!) And people in IT know that it isn’t all that easy to pass the Network+ exam, so they’ll definitely respect you more and know that you’ve achieved a certain level of expertise about vendor-independent, networking-related subjects.
Opportunity for Advancement We all like to get ahead in our careers—advancement results in more responsibility and prestige, and it usually means a fatter paycheck, greater opportunities, and added options. In the IT sector, a great way to make sure all that good stuff happens is by earning a lot of technology certifications, including Network+.
Fulfillment of Training Requirements Network+, because of its wide-reaching industry support, is recognized as a baseline of networking information. Some companies actually specify the possession of a Network+ certification as a job requirement before they’ll even consider hiring you, or it may be specified as a goal to be met before your next review.
Customer Confidence As companies discover the CompTIA advantage, they will undoubtedly require qualified staff to achieve these certifications. Many companies outsource their work to consulting firms with experience working with security. Firms that have certified staff have a definite advantage over firms that don’t.
How to Become Network+ Certified
As this book goes to press, Pearson VUE is the sole Network+ exam provider. The following is the necessary contact information and exam-specific details for registering. Exam pricing might vary by country or by CompTIA membership.
| Vendor | Website | Phone Number |
| Pearson VUE | www.pearsonvue.com/comptia | US and Canada: 877-551-PLUS (7587) |
When you schedule the exam, you’ll receive instructions regarding appointment and cancellation procedures, ID requirements, and information about the testing center location. In addition, you’ll receive a registration and payment confirmation letter. Exams can be scheduled up to six weeks out or as soon as the next day (or, in some cases, even the same day).
|
Exam prices and codes may vary based on the country in which the exam is administered. For detailed pricing and exam registration procedures, refer to CompTIA’s website at www.comptia.org. |
After you’ve successfully passed your Network+ exam, CompTIA will award you a certification. Within four to six weeks of passing the exam, you’ll receive your official CompTIA Network+ certificate and ID card. (If you don’t receive these within eight weeks of taking the test, contact CompTIA directly using the information found in your registration packet.)
Tips for Taking the Network+ Exam
Here are some general tips for taking your exam successfully:
- Bring two forms of ID with you. One must be a photo ID, such as a driver’s license. The other can be a major credit card or a passport. Both forms must include a signature.
- Arrive early at the exam center so you can relax and review your study materials, particularly tables and lists of exam-related information. After you are ready to enter the testing room, you will need to leave everything outside; you won’t be able to bring any materials into the testing area.
- Read the questions carefully. Don’t be tempted to jump to an early conclusion. Make sure you know exactly what each question is asking.
- Don’t leave any unanswered questions. Unanswered questions are scored against you. There will be questions with multiple correct responses. When there is more than one correct answer, a message at the bottom of the screen will prompt you to either “choose two” or “choose all that apply.” Be sure to read the messages displayed to know how many correct answers you must choose.
- When answering multiple-choice questions you’re not sure about, use a process of elimination to get rid of the obviously incorrect answers first. Doing so will improve your odds if you need to make an educated guess.
- On form-based tests (nonadaptive), because the hard questions will take the most time, save them for last. You can move forward and backward through the exam.
Who Should Read This Book?
You—if want to pass the Network+ exam, and pass it confidently! This book is chock-full of the exact information you need and directly maps to Network+ exam objectives, so if you use it to study for the exam, your odds of passing shoot way up.
And in addition to including every bit of knowledge you need to learn to pass the exam, I’ve included some really great tips and solid wisdom to equip you even further to successfully work in the real IT world.
What Does This Book Cover?
This book covers everything you need to know to pass the CompTIA Network+ exam. But in addition to studying the book, it’s a good idea to practice on an actual network if you can.
Here’s a list of the 20 chapters in this book:
Chapter 1, “Introduction to Networks” This chapter includes an introduction to what a network is and an overview of the most common physical network topologies you’ll find in today’s networks.
Chapter 2, “The Open Systems Interconnection Specifications” This chapter covers the OSI model, what it is, what happens at each of its layers, and how each layer works.
Chapter 3, “Networking Topologies, Connectors, and Wiring Standards” This chapter covers the various networking media and topologies, plus the cable types and properties used in today’s networks.
Chapter 4, “The Current Ethernet Specifications” This chapter covers how a basic Ethernet LAN works and describes and categorizes the different Ethernet specifications.
Chapter 5, “Networking Devices” It’s important for you to understand all the various devices used in today’s networks, and this chapter will describe how hubs, routers, and switches and some other devices work within a network.
Chapter 6, “Introduction to the Internet Protocol” This is your introduction to the all-important IP protocol stack.
Chapter 7, “IP Addressing” This chapter will take up from where Chapter 6 left off and move into IP addressing. It also contains information about public versus private addressing and DHCP.
Chapter 8, “IP Subnetting, Troubleshooting IP, and Introduction to NAT” Beginning where Chapter 7 ends, we’ll be tackling IP subnetting in this one. But no worries here—I’ve worked hard to make this not-so-popular-yet-vital topic as painless as possible.
Chapter 9, “Introduction to IP Routing” This is an introduction to routing that basically covers what routers do and how they do it. This chapter, along with Chapter 10 and Chapter 11, cover routing and switching in much more detail than what is necessary to meet the CompTIA Network+ objectives because this knowledge is so critical to grasp when working with today’s networks.
Chapter 10, “Routing Protocols” This chapter goes into detail describing the protocols that run on routers and that update routing tables to create a working map of the network.
Chapter 11, “Switching and Virtual LANs” This chapter covers Layer 2 switching, the Spanning Tree Protocol (STP), and virtual LANs. I went deeper than needed for the exam with the routing chapters, and I’ll cover switching and virtual LANs (which are also vital in today’s corporate networks) more thoroughly as well.
Chapter 12, “Wireless Networking” Because wireless is so important for both home and business networks today, this chapter is loaded with all the information you need to be successful at wireless networking at home and work.
Chapter 13, “Authentication and Access Control” This is the first of three security chapters. There are tons of exam objectives about network security that are so important that I took three chapters to cover all of them. In this chapter, I’ll introduce security, security filtering, tunneling, and user authentication.
Chapter 14, “Network Threats and Mitigation” This is probably the most fun of the three security chapters because I’ll tell you all about security threats and how to stop them. The only way to get good at network security is to implement it, and this chapter shows you how.
Chapter 15, “Physical Security and Risk” This chapter’s focus is on explaining basic firewalls, security devices, and device security.
Chapter 16, “Wide Area Networks” In this chapter, you get to learn all about things like Frame Relay, E1/T1, DSL, cable modems, and more. All of the CompTIA Network+ WAN objectives are covered in this chapter.
Chapter 17, “Troubleshooting Tools” This is also a fun chapter because, again, you can follow along and run all the commands yourself. And I repeat, it’s a really good idea to run through all the commands in this chapter!
Chapter 18, “Software and Hardware Tools” This chapter introduces you to the network tools you will use to help you run your networks. Both software and hardware tools will be discussed.
Chapter 19, “Network Troubleshooting” In almost every chapter, I discuss how to verify and fix problems, but this chapter will really get into the nuts and bolts of detailed network troubleshooting and documentation.
Chapter 20, “Management, Monitoring, and Optimization” This last chapter will provide configuration-management documentation and covers wiring, logical diagrams, baselines, policies, and regulations.
What’s Included in the Book
I’ve included several study tools throughout the book:
Assessment Test At the end of this introduction is an assessment test that you can use to check your readiness for the exam. Take this test before you start reading the book; it will help you determine the areas you might need to brush up on. The answers to the assessment test questions appear on a separate page after the last question of the test. Each answer includes an explanation and a note telling you the chapter in which the material appears.
Objective Map and Opening List of Objectives On the inside front cover of this book is a detailed exam objective map showing you where each of the exam objectives is covered in this book. In addition, each chapter opens with a list of the exam objectives it covers. Use these to see exactly where each of the exam topics is covered.
Exam Essentials Each chapter, just after the summary, includes a number of exam essentials. These are the key topics you should take from the chapter in terms of areas to focus on when preparing for the exam.
Written Lab Each chapter includes a written lab. These are short exercises that map to the exam objectives. Answers to these can be found in Appendix A.
Chapter Review Questions To test your knowledge as you progress through the book, there are review questions at the end of each chapter. As you finish each chapter, answer the review questions and then check your answers—the correct answers and explanations are in Appendix B. You can go back to reread the section that deals with each question you got wrong to ensure that you answer correctly the next time you’re tested on the material.
Interactive Online Learning Environment and Test Bank
The interactive online learning environment that accompanies CompTIA Network+ Study Guide: Exam N10-007 provides a test bank with study tools to help you prepare for the certification exam—and increase your chances of passing it the first time! The test bank includes the following tools:
Sample Tests All of the questions in this book are provided, including the assessment test, which you’ll find at the end of this introduction, and the chapter tests that include the review questions at the end of each chapter. In addition, there are two practice exams. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.
Flashcards Approximately 100 questions are provided in digital flashcard format (a question followed by a single correct answer). You can use the flashcards to reinforce your learning and provide last-minute test prep before the exam.
Other Study Tools A glossary of key terms from this book and their definitions are available as a fully searchable PDF.
|
Go to http://www.wiley.com/go/netplustestprep to register and gain access to this interactive online learning environment and test bank with study tools. |
How to Use This Book
If you want a solid foundation for the serious effort of preparing for the Network+ exam, then look no further because I’ve spent countless hours putting together this book with the sole intention of helping you pass it!
This book is loaded with valuable information, and you will get the most out of your study time if you understand how I put the book together. Here’s a list that describes how to approach studying:
- Take the assessment test immediately following this introduction. (The answers are at the end of the test, but no peeking!) It’s okay if you don’t know any of the answers—that’s what this book is for. Carefully read over the explanations for any question you get wrong, and make note of the chapters where that material is covered.
- Study each chapter carefully, making sure you fully understand the information and the exam objectives listed at the beginning of each one. Again, pay extra-close attention to any chapter that includes material covered in questions you missed on the assessment test.
- Complete the written lab at the end of each chapter. Do not skip these written exercises because they directly map to the CompTIA objectives and what you’ve got to have nailed down to meet them.
- Answer all the review questions related to each chapter. Specifically note any questions that confuse you, and study the corresponding sections of the book again. And don’t just skim these questions—make sure you understand each answer completely.
- Try your hand at the practice exams. Before you take your test, be sure to visit my website for questions, videos, audios, and other useful information.
- Test yourself using all the electronic flashcards. This is a brand-new and updated flashcard program to help you prepare for the latest CompTIA Network+ exam, and it is a really great study tool.
I tell you no lies—learning every bit of the material in this book is going to require applying yourself with a good measure of discipline. So try to set aside the same time period every day to study, and select a comfortable and quiet place to do so. If you work hard, you will be surprised at how quickly you learn this material.
If you follow the steps listed here and study with the review questions, practice exams, electronic flashcards, and all the written labs, you would almost have to try to fail the CompTIA Network+ exam. However, studying for the Network+ exam is like training for a marathon—if you don’t go for a good run every day, you’re not likely to finish very well.
|
This book covers everything about CompTIA Network+. For up-to-date information about Todd Lammle CompTIA boot camps, audio training, and training videos, please see www.lammle.com/network+. |
Exam Objectives
Speaking of objectives, you’re probably pretty curious about those, right? CompTIA asked groups of IT professionals to fill out a survey rating the skills they felt were important in their jobs, and the results were grouped into objectives for the exam and divided into five domains.
This table gives you the extent by percentage that each domain is represented on the actual examination.
| Domain | % of Examination |
| 1.0 Networking Concepts | 23% |
| 2.0 Infrastructure | 18% |
| 3.0 Network Operations | 17% |
| 4.0 Network Security | 20% |
| 5.0 Network Troubleshooting and Tools | 22% |
| Total | 100% |
N10-007 Exam Objectives
| Objective | Chapter |
| 1.0 Networking Concepts | |
| 1.1 Explain the purposes and uses of ports and protocols. | 5, 6, 13 |
| Protocols and ports | 6 |
| SSH 22 | 6, 13 |
| DNS 53 | 5, 6 |
| SMTP 25 | 6 |
| SFTP 22 | 6 |
| FTP 20, 21 | 6 |
| TFTP 69 | 6 |
| TELNET 23 | 6 |
| DHCP 67, 68 | 5, 6 |
| HTTP 80 | 6 |
| HTTPS 443 | 6 |
| SNMP 161 | 6 |
| RDP 3389 | 6, 13 |
| NTP 123 | 6 |
| SIP 5060, 5061 | 6 |
| SMB 445 | 6 |
| POP 110 | 6 |
| IMAP 143 | 6 |
| LDAP 389 | 6 |
| LDAPS 636 | 6 |
| H.323 1720 | 6 |
| Protocol types | 6 |
| ICMP | 6 |
| UDP | 6 |
| TCP | 6 |
| IP | 6 |
| Connection-oriented vs. connectionless | 6 |
| 1.2 Explain devices, applications, protocols, and services at their appropriate OSI layers. | 2, 5, 6 |
| Layer 1 – Physical | 2, 5, 6 |
| Layer 2 – Data link | 2, 5, 6 |
| Layer 3 – Network | 2, 5, 6 |
| Layer 4 – Transport | 2, 5, 6 |
| Layer 5 – Session | 2, 5, 6 |
| Layer 6 – Presentation | 2, 5, 6 |
| Layer 7 – Application | 2, 5, 6 |
| 1.3 Explain the concepts and characteristics of routing and switching. | 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16, 20 |
| Properties of network traffic | 4, 5, 7, 11, 12 |
| Broadcast domains | 4, 5, 7, 11 |
| CSMA/CD | 4, 5 |
| CSMA/CA | 5, 12 |
| Collision domains | 4, 5, 11 |
| Protocol data units | 6 |
| MTU | 4 |
| Broadcast | 5, 6, 7 |
| Multicast | 5, 6, 7 |
| Unicast | 5, 6, 7 |
| Segmentation and interface properties | 11, 15 |
| VLANs | 11, 15 |
| Trunking (802.1q) | 11 |
| Tagging and untagging ports | 11 |
| Port mirroring | 11 |
| Switching loops/spanning tree | 11 |
| PoE and PoE+ (802.3af, 802.3at) | 11 |
| DMZ | 15 |
| MAC address table | 11 |
| ARP table | 4 |
| Routing | 9, 10 |
| Routing protocols (IPv4 and IPv6) | 9, 10 |
| Distance-vector routing protocols | 9, 10 |
| RIP | 9, 10 |
| EIGRP | 9, 10 |
| Link-state routing protocols | 9, 10 |
| OSPF | 9, 10 |
| Hybrid | 9, 10 |
| BGP | 9, 10 |
| Routing types | 9 |
| Static | 9 |
| Dynamic | 9 |
| Default | 9 |
| IPv6 concepts | 10 |
| Addressing | 7 |
| Tunneling | 10 |
| Dual stack | 10 |
| Router advertisement | 10 |
| Neighbor discovery | 10 |
| Performance concepts | 5 |
| Traffic shaping | 5 |
| QoS | 20 |
| Diffserv | 20 |
| CoS | 20 |
| NAT/PAT | 8 |
| Port forwarding | 8 |
| Access control list | 13, 15 |
| Distributed switching | 11 |
| Packet-switched vs. circuit-switched network | 16 |
| Software-defined networking | 20 |
| 1.4 Given a scenario, configure the appropriate IP addressing components. | 7, 8, 20 |
| Private vs. public | 7 |
| Loopback and reserved | 7 |
| Default gateway | 7 |
| Virtual IP | 7, 20 |
| Subnet mask | 7 |
| Subnetting | 8 |
| Default gateway | 8 |
| Classful | 7, 8 |
| Classes A, B, C, D, and E | 7, 8 |
| Classless | 8 |
| VLSM | 8 |
| CIDR notation (IPv4 vs. IPv6) | 8 |
| Address assignments | 7 |
| DHCP | 7 |
| DHCPv6 | 7 |
| Static | 7 |
| APIPA | 7 |
| EUI64 | 7 |
| IP reservations | 5 |
| 1.5 Compare and contrast the characteristics of network topologies, types, and technologies. | 1, 12, 16 |
| Wired topologies | 1 |
| Logical vs. physical | 1 |
| Star | 1 |
| Ring | 1 |
| Mesh | 1 |
| Bus | 1 |
| Wireless topologies | 12 |
| Mesh | 12 |
| Ad hoc | 12 |
| Infrastructure | 12 |
| Types | 12, 16 |
| LAN | 16 |
| WLAN | 12 |
| MAN | 16 |
| WAN | 16 |
| CAN | 1 |
| SAN | 1 |
| PAN | 12 |
| Technologies that facilitate the Internet of Things (IoT) | 12 |
| Z-Wave | 12 |
| Ant+ | 12 |
| Bluetooth | 12 |
| NFC | 12 |
| IR | 12 |
| RFID | 12 |
| 802.11 | 12 |
| 1.6 Given a scenario, implement the appropriate wireless technologies and configurations. | 12 |
| 802.11 standards | 12 |
| a | 12 |
| b | 12 |
| g | 12 |
| n | 12 |
| ac | 12 |
| Cellular | 12 |
| GSM | 12 |
| TDMA | 12 |
| CDMA | 12 |
| Frequencies | 12 |
| 2.4 GHz | 12 |
| 5.0 GHz | 12 |
| Speed and distance requirements | 12 |
| Channel bandwidth | 12 |
| Channel bonding | 12 |
| MIMO/MU-MIMO | 12 |
| Unidirectional/omnidirectional | 12 |
| Site surveys | 12 |
| 1.7 Summarize cloud concepts and their purposes. | 20 |
| Types of services | 20 |
| SaaS | 20 |
| PaaS | 20 |
| IaaS | 20 |
| Cloud delivery models | 20 |
| Private | 20 |
| Public | 20 |
| Hybrid | 20 |
| Connectivity methods | 20 |
| Security implications/considerations | 20 |
| Relationship between local and cloud resources | 20 |
| 1.8 Explain the functions of network services. | 5 |
| DNS service | 5 |
| Record types | 5 |
| A, AAA | 5 |
| TXT (SPF, DKIM) | 5 |
| SRV | 5 |
| MX | 5 |
| CNAME | 5 |
| NS | 5 |
| PTR | 5 |
| Internal vs. external DNS | 5 |
| Third-party/cloud-hosted DNS | 5 |
| Hierarchy | 5 |
| Forward vs. reverse zone | 5 |
| DHCP service | 5 |
| MAC reservations | 5 |
| Pools | 5 |
| IP exclusions | 5 |
| Scope options | 5 |
| Lease time | 5 |
| TTL | 5 |
| DHCP relay/IP helper | 5 |
| NTP | 6 |
| IPAM | 5 |
| 2.0 Infrastructure | |
| 2.1 Given a scenario, deploy the appropriate cabling solution. | 3, 4 |
| Media types | 3 |
| Copper | 3 |
| UTP | 3 |
| STP | 3 |
| Coaxial | 3 |
| Fiber | 3 |
| Single-mode | 3 |
| Multimode | 3 |
| Plenum vs. PVC | 3 |
| Connector types | 3 |
| Copper | 3 |
| RJ-45 | 3 |
| RJ-11 | 3 |
| BNC | 3 |
| DB-9 | 3 |
| DB-25 | 3 |
| F-type | 3 |
| Fiber | 3 |
| LC | 3 |
| ST | 3 |
| SC | 3 |
| APC | 3 |
| UPC | 3 |
| MTRJ | 3 |
| Transceivers | 3 |
| SFP | 3 |
| GBIC | 3 |
| SFP+ | 3 |
| QSFP | 3 |
| Characteristics of fiber transceivers | 3 |
| Bidirectional | 3 |
| Duplex | 3 |
| Termination points | 3 |
| 66 block | 3 |
| 110 block | 3 |
| Patch panel | 3 |
| Fiber distribution panel | 3 |
| Copper cable standards | 3 |
| Cat 3 | 3 |
| Cat 5 | 3 |
| Cat 5e | 3 |
| Cat 6 | 3 |
| Cat 6a | 3 |
| Cat 7 | 3 |
| RG-6 | 3 |
| RG-59 | 3 |
| Copper termination standards | 3 |
| TIA/EIA 568a | 3 |
| TIA/EIA 568b | 3 |
| Crossover | 3 |
| Straight-through | 3 |
| Ethernet deployment standards | 4 |
| 100BaseT | 4 |
| 1000BaseT | 4 |
| 1000BaseLX | 4 |
| 1000BaseSX | 4 |
| 10GBaseT | 4 |
| 2.2 Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them. | 5, 10, 11, 12, 15 |
| Firewall | 15 |
| Router | 10 |
| Switch | 11 |
| Hub | 5 |
| Bridge | 11 |
| Modems | 5 |
| Wireless access point | 12 |
| Media converter | 5 |
| Wireless range extender | 5 |
| VoIP endpoint | 5 |
| 2.3 Explain the purposes and use cases for advanced networking devices. | 5, 12, 13, 15 |
| Multilayer switch | 5 |
| Wireless controller | 12 |
| Load balancer | 5 |
| IDS/IPS | 5 |
| Proxy server | 5 |
| VPN concentrator | 5 |
| AAA/RADIUS server | 13 |
| UTM appliance | 15 |
| NGFW/Layer 7 firewall | 5, 15 |
| VoIP PBX | 5 |
| VoIP gateway | 5 |
| Content filter | 5 |
| 2.4 Explain the purposes of virtualization and network storage technologies. | 20 |
| Virtual networking components | 20 |
| Virtual switch | 20 |
| Virtual firewall | 20 |
| Virtual NIC | 20 |
| Virtual router | 20 |
| Hypervisor | 20 |
| Network storage types | 20 |
| NAS | 20 |
| SAN | 20 |
| Connection type | 20 |
| FCoE | 20 |
| Fibre Channel | 20 |
| iSCSI | 20 |
| InfiniBand | 20 |
| Jumbo frame | 20 |
| 2.5 Compare and contrast WAN technologies. | 16 |
| Service type | 16 |
| ISDN | 16 |
| T1/T3 | 16 |
| E1/E3 | 16 |
| OC-3 – OC-192 | 16 |
| DSL | 16 |
| Metropolitan Ethernet | 16 |
| Cable broadband | 16 |
| Dial-up | 16 |
| PRI | 16 |
| Transmission mediums | 16 |
| Satellite | 16 |
| Copper | 16 |
| Fiber | 16 |
| Wireless | 16 |
| Characteristics of service | 16 |
| MPLS | 16 |
| ATM | 16 |
| Frame relay | 16 |
| PPPoE | 16 |
| PPP | 16 |
| DMVPN | 16 |
| SIP trunk | 16 |
| Termination | 16 |
| Demarcation point | 16 |
| CSU/DSU | 16 |
| Smart jack | 16 |
| 3.0 Network Operations | |
| 3.1 Given a scenario, use appropriate documentation and diagrams to manage the network. | 18, 20 |
| Diagram symbols | 20 |
| Standard operating procedures/work instructions | 20 |
| Logical vs. physical diagrams | 20 |
| Rack diagrams | 20 |
| Change management documentation | 20 |
| Wiring and port locations | 20 |
| IDF/MDF documentation | 20 |
| Labeling | 20 |
| Network configuration and performance baselines | 18, 20 |
| Inventory management | 20 |
| 3.2 Compare and contrast business continuity and disaster recovery concepts. | 11, 15, 19, 20 |
| Availability concepts | 20 |
| Fault tolerance | 20 |
| High availability | 20 |
| Load balancing | 20 |
| NIC teaming | 19 |
| Port aggregation | 11 |
| Clustering | 20 |
| Power management | 15 |
| Battery backups/UPS | 15 |
| Power generators | 15 |
| Dual power supplies | 15 |
| Redundant circuits | 15 |
| Recovery | 15 |
| Cold sites | 15 |
| Warm sites | 15 |
| Hot sites | 15 |
| Backups | 20 |
| Full | 20 |
| Differential | 20 |
| Incremental | 20 |
| Snapshots | 15 |
| MTTR | 15 |
| MTBF | 15 |
| SLA requirements | 15 |
| 3.3 Explain common scanning, monitoring, and patching processes and summarize their expected outputs. | 14, 16, 18, 20 |
| Processes | 18 |
| Log reviewing | 18 |
| Port scanning | 14, 18 |
| Vulnerability scanning | 18 |
| Patch management | 14, 18 |
| Rollback | 14, 18 |
| Reviewing baselines | 14, 18, 20 |
| Packet/traffic analysis | 18 |
| Event management | 18 |
| Notifications | 18 |
| Alerts | 18 |
| SIEM | 18 |
| SNMP monitors | 18 |
| MIB | 18 |
| Metrics | 16, 18 |
| Error rate | 16, 18 |
| Utilization | 16, 18 |
| Packet drops | 16 |
| Bandwidth/throughput | 16, 18 |
| 3.0 Network Operations | |
| 3.4 Given a scenario, use remote access methods. | 5, 6, 13, 14 |
| VPN | 13 |
| IPSec | 13 |
| SSL/TLS/DTLS | 13 |
| Site-to-site | 13 |
| Client-to-site | 13 |
| RDP | 13 |
| SSH | 13 |
| VNC | 13 |
| Telnet | 6 |
| HTTPS/management URL | 6 |
| Remote file access | 6 |
| FTP/FTPS | 6 |
| SFTP | 6 |
| TFTP | 6 |
| Out-of-band management | 13 |
| Modem | 5 |
| Console router | 14 |
| 3.5 Identify policies and best practices. | 13, 14, 20 |
| Privileged user agreement | 20 |
| Password policy | 20 |
| On-boarding/off-boarding procedures | 20 |
| Licensing restrictions | 14, 20 |
| International export controls | 14, 20 |
| Data loss prevention | 20 |
| Remote access policies | 13, 20 |
| Incident response policies | 14, 20 |
| BYOD | 20 |
| AUP | 20 |
| NDA | 20 |
| System life cycle | 14, 20 |
| Asset disposal | 14, 20 |
| Safety procedures and policies | 20 |
| 4.0 Network Security | |
| 4.1 Summarize the purposes of physical security devices. | 13, 14, 15 |
| Detection | 14 |
| Motion detection | 14 |
| Video surveillance | 14 |
| Asset tracking tags | 14 |
| Tamper detection | 14 |
| Prevention | 15 |
| Badges | 15 |
| Biometrics | 15 |
| Smart cards | 13 |
| Key fob | 15 |
| Locks | 15 |
| 4.2 Explain authentication and access controls. | 11, 13, 15, 18 |
| Authorization, authentication, and accounting | 13 |
| RADIUS | 13 |
| TACACS+ | 13 |
| Kerberos | 13 |
| Single sign-on | 13 |
| Local authentication | 13 |
| LDAP | 13 |
| Certificates | 13 |
| Auditing and logging | 18 |
| Multifactor authentication | 13, 15 |
| Something you know | 13, 15 |
| Something you have | 13, 15 |
| Something you are | 13, 15 |
| Somewhere you are | 13, 15 |
| Something you do | 13, 15 |
| Access control | 13, 15 |
| 802.1x | 13 |
| NAC | 13 |
| Port security | 11, 13 |
| MAC filtering | 11, 13 |
| Captive portal | 13 |
| Access control lists | 13, 15 |
| 4.3 Given a scenario, secure a basic wireless network. | 12, 14 |
| WPA | 12, 14 |
| WPA2 | 12, 14 |
| TKIP-RC4 | 12 |
| CCMP-AES | 12 |
| Authentication and authorization | 12 |
| EAP | 12 |
| PEAP | 12 |
| EAP-FAST | 12 |
| EAP-TLS | 12 |
| Shared or open | 12 |
| Preshared key | 12 |
| MAC filtering | 12 |
| Geofencing | 12 |
| 4.4 Summarize common networking attacks. | 12, 14 |
| DoS | 14 |
| Reflective | 14 |
| Amplified | 14 |
| Distributed | 14 |
| Social engineering | 14 |
| Insider threat | 14 |
| Logic bomb | 14 |
| Rogue access point | 12, 14 |
| Evil twin | 12, 14 |
| War-driving | 12, 14 |
| Phishing | 14 |
| Ransomware | 14 |
| DNS poisoning | 14 |
| ARP poisoning | 14 |
| Spoofing | 14 |
| Deauthentication | 14 |
| Brute force | 14 |
| VLAN hopping | 14 |
| Man-in-the-middle | 14 |
| Exploits vs. vulnerabilities | 14 |
| 4.5 Given a scenario, implement network device hardening. | 6, 14 |
| Changing default credentials | 14 |
| Avoiding common passwords | 14 |
| Upgrading firmware | 14 |
| Patching and updates | 14 |
| File hashing | 14 |
| Disabling unnecessary services | 14 |
| Using secure protocols | 6, 14 |
| Generating new keys | 14 |
| Disabling unused ports | 14 |
| IP ports | 14 |
| Device ports (physical and virtual) | 14 |
| 4.6 Explain common mitigation techniques and their purposes. | 11, 14, 15, 20 |
| Signature management | 15 |
| Device hardening | 11 |
| Change native VLAN | 11 |
| Switch port protection | 11 |
| Spanning tree | 11 |
| Flood guard | 11 |
| BPDU guard | 11 |
| Root guard | 11 |
| DHCP snooping | 11 |
| Network segmentation | 11,15 |
| DMZ | 15 |
| VLAN | 11, 15 |
| Privileged user account | 14 |
| File integrity monitoring | 14 |
| Role separation | 14 |
| Restricting access via ACLs | 14, 15 |
| Honeypot/honeynet | 15, 20 |
| Penetration testing | 15 |
| 5.0 Network Troubleshooting and Tools | |
| 5.1 Explain the network troubleshooting methodology. | 19 |
| Identify the problem | 19 |
| Gather information | 19 |
| Duplicate the problem, if possible | 19 |
| Question users | 19 |
| Identify symptoms | 19 |
| Determine if anything has changed | 19 |
| Approach multiple problems individually | 19 |
| Establish a theory of probable cause | 19 |
| Question the obvious | 19 |
| Consider multiple approaches | 19 |
| Top-to-bottom/bottom-to-top | 19 |
| OSI model | |
| Divide and conquer | 19 |
| Test the theory to determine the cause | 19 |
| Once the theory is confirmed, determine the next steps to resolve the problem | 19 |
| If the theory is not confirmed, reestablish a new theory or escalate | 19 |
| Establish a plan of action to resolve the problem and identify potential effects | 19 |
| Implement the solution or escalate as necessary | 19 |
| Verify full system functionality and, if applicable, implement preventive measures | 19 |
| Document findings, actions, and outcomes | 19 |
| 5.2 Given a scenario, use the appropriate tool. | 5, 17, 18 |
| Hardware tools | 18 |
| Crimper | 18 |
| Cable tester | 18 |
| Punch-down tool | 18 |
| OTDR | 18 |
| Light meter | 18 |
| Tone generator | 18 |
| Loopback adapter | 18 |
| Multimeter | 18 |
| Spectrum analyzer | 18 |
| Software tools | 17, 18 |
| Packet sniffer | 18 |
| Port scanner | 18 |
| Protocol analyzer | 18 |
| WiFi analyzer | 18 |
| Bandwidth speed tester | 18 |
| Command line | 17 |
| ping | 17 |
| tracert, traceroute | 17 |
| nslookup | 17 |
| ipconfig | 17 |
| ifconfig | 17 |
| iptables | 17 |
| netstat | 17 |
| tcpdump | 17 |
| pathping | 17 |
| nmap | 17 |
| route | 17 |
| arp | 17 |
| dig | 17 |
| 5.3 Given a scenario, troubleshoot common wired connectivity and performance issues. | 11, 19 |
| Attenuation | 19 |
| Latency | 19 |
| Jitter | 19 |
| Crosstalk | 19 |
| EMI | 19 |
| Open/short | 19 |
| Incorrect pin-out | 19 |
| Incorrect cable type | 19 |
| Bad port | 19 |
| Transceiver mismatch | 19 |
| TX/RX reverse | 19 |
| Duplex/speed mismatch | 11, 19 |
| Damaged cables | 19 |
| Bent pins | 19 |
| Bottlenecks | 19 |
| VLAN mismatch | 11, 19 |
| Network connection LED status indicators | 19 |
| 5.4 Given a scenario, troubleshoot common wireless connectivity and performance issues. | 12, 19 |
| Reflection | 12, 19 |
| Refraction | 12, 19 |
| Absorption | 12, 19 |
| Latency | 12, 19 |
| Jitter | 12, 19 |
| Attenuation | 12, 19 |
| Incorrect antenna type | 12, 19 |
| Interference | 12, 19 |
| Incorrect antenna placement | 12, 19 |
| Channel overlap | 12, 19 |
| Overcapacity | 12, 19 |
| Distance limitations | 12, 19 |
| Frequency mismatch | 12, 19 |
| Wrong SSID | 12, 19 |
| Wrong passphrase | 12, 19 |
| Security type mismatch | 12, 19 |
| Power levels | 12, 19 |
| Signal-to-noise ratio | 12, 19 |
| 5.5 Given a scenario, troubleshoot common network service issues. | 19 |
| Names not resolving | 19 |
| Incorrect gateway | 19 |
| Incorrect netmask | 19 |
| Duplicate IP addresses | 19 |
| Duplicate MAC addresses | 19 |
| Expired IP address | 19 |
| Rogue DHCP server | 19 |
| Untrusted SSL certificate | 19 |
| Incorrect time | 19 |
| Exhausted DHCP scope | 19 |
| Blocked TCP/UDP ports | 19 |
| Incorrect host-based firewall settings | 19 |
| Incorrect ACL settings | 19 |
| Unresponsive service | 19 |
| Hardware failure | 19 |
