Network+ Exam Cram Study Sheet
Network+ Exam Cram Study Sheet
TABLE 1
Protocol DNS DHCP SNMP
. A router that uses a link-state protocol differs from a router that uses a distance-vector protocol because it builds a map of the entire network and then holds that map in memory. Link-state protocols include Open Shortest Path First (OSPF) and Intermediate System-to-Intermediate System (IS-IS). . Hops are the means by which distance-vector routing protocols determine the shortest way to reach a given destination. Each router constitutes one hop, so if a router is four hops away from another router, there are three routers, or hops, between itself and the destination.
. Routing Information Protocol (RIP) is a distancevector routing protocol used for both the TCP/IP and IPX/SPX protocol suites. . Distance-vector protocols in use today include Routing Information Protocol (RIP and RIPv2), Enhanced Interior Gateway Routing Protocol (EIGRP), and Border Gateway Protocol (BGP). . Switches introduce microsegmentation, by which each connected system effectively operates on its own dedicated network connection.
TABLE 4
IEEE Standard
TABLE 2
Protocol FTP FTP SSH Telnet SMTP DNS
Ad hoc/ infrastructure Up to 11Mbps Ad hoc/ infrastructure Up to 54Mbps Ad hoc/ infrastructure Up to 600Mbps Ad hoc/ infrastructure
SMTP HTTP HTTPS POP3 /IMAP4 Telnet SSH ICMP ARP RARP NTP NNTP SCP LDAP IGMP
Simple Mail Transfer Protocol Hypertext Transfer Protocol Hypertext Transfer Protocol Secure Post Office Protocol version 3/ Internet Message Access Protocol version 4 Telnet Secure Shell Internet Control Message Protocol Address Resolution Protocol Reverse Address Resolution Protocol Network Time Protocol Network News Transport Protocol Secure Copy Protocol Lightweight Directory Access Protocol Internet Group Management Protocol
. A MAC address is a 6-byte hexadecimal address that allows a device to be uniquely identified on the network. A MAC address combines numbers and the letters A to F. An example of a MAC address is 00:D0:59:09:07:51. . A Class A TCP/IP address uses only the first octet to represent the network portion, a Class B address uses two octets, and a Class C address uses three octets. . Class A addresses span from 1 to 126, with a default subnet mask of 255.0.0.0. . Class B addresses span from 128 to 191, with a default subnet mask of 255.255.0.0. . Class C addresses span from 192 to 223, with a default subnet mask of 255.255.255.0. . The 127 network ID is reserved for the local loopback. . Application protocols map to the application, presentation, and session layers of the OSI model. Application protocols include AFT, FTP, SFTP, TFTP, NCP, NTP, NNTP, SSH, Telnet, SCP, LDAP, and SNMP. . Transport protocols map to the transport layer of the OSI model and are responsible for transporting data across the network. Transport protocols include ATP, NetBEUI, SPX, TCP, and UDP.
. Default gateways are the means by which a device can access hosts on other networks for which it does not have a specifically configured route. . IP is a network protocol responsible for providing addressing and routing information. . The TCP/IP suite is used by all major operating systems and is a routable protocol. . DHCP/BOOTP is a network service that automatically assigns IP addressing information. . In a network that does not use DHCP, you need to watch for duplicate IP addresses that prevent a user from logging on to the network. . Subnetting is a process in which parts of the host ID portion of an IP address are used to create more network IDs. . APIPA is a system used on Windows to automatically self-assign an IP address in the 169.x.x.x range in the absence of a DHCP server. . DNS resolves hostnames to IP addresses. . NAT translates private network addresses into public network addresses.
TABLE 3
Autoconfigured addresses
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
TABLE 6
Cable type
Connector type
Fiber-optic connectors
62.5/125 and 50/125 multimode fiber; two 10-micron single-mode optical fibers Fiber-optic connectors
TABLE 7
Characteristic Transmission method Speed Total distance/segment Cable type Connector type
TABLE 8
Fiber SR/SW LR/LW ER/EW
Forwards data to its destination by using the MAC address embedded in each packet. Repeater The function a repeater provides typically is built into other devices, such as switches. Bridge Connects LANs to reduce overall Allows or prevents data from passing through it by network traffic. reading the MAC address. Router Connects networks. Uses the software-configured network address to make forwarding decisions. Gateway Translates from one data format Can be hardware- or software-based. Any device that to another. translates data formats is called a gateway. CSU/DSU Translates digital signals used on CSU/DSU functionality is sometimes incorporated into a LAN to those used on a WAN. other devices, such as a router with a WAN connection. Modem Provides serial communication Modulates the digital signal into analog at the sending capabilities across phone lines. end and performs the reverse function at the receiving end. Network card Enables systems to connect to Can be an add-in expansion card, PCMCIA card, or the network. built-in interface. Media converter Interconnects older technology A hardware device that connects newer Gigabit Ethernet with new technology. technologies with older 100BaseT networks or older copper standards with fiber. Firewall Provides controlled data access Can be hardware- or software-based and is an between networks. essential part of a networks security strategy. DHCP server Automatically distributes IP Assigns all IP information, including IP address, subnet information. mask, DNS, gateway, and more. Load balancer Distributes the network load. Load balancing increases redundancy and performance by distributing the load to multiple servers. Multifunction Combines network services. A hardware device that combines multiple network device services into a single device, reducing cost and easing administrative difficulty. DNS server Provides name resolution from Answers clients requests to translate hostnames hostnames to IP addresses. into IP addresses. Bandwidth shaper Manages network bandwidth. Monitors and controls bandwidth usage. Proxy server Manages client Internet requests. Serves two key network functions: increases network performance by caching, and filters outgoing client requests. CSU/DSU A conversion device that connects Acts as a translator between the LAN data format and a LAN and WAN. the WAN data format. . Computers connect to a hub via a length of twistedpair cabling. . Active hubs regenerate a data signal before forwarding it to all the ports on the device and require a power supply. . Passive hubs, which today are seen only on older networks, do not need power, and they dont regenerate the data signal. . A hub takes data from one of the connected sending devices and forwards the message to all the other ports on the hub. . The method of sending data to all systems regardless of the intended recipient is called broadcasting. On busy networks, broadcast communications can have a significant impact on overall network performance. . A hub forwards data to all ports, regardless of whether the data is intended for the system connected to the port. Rather than forwarding data to all the connected ports, a switch forwards data only to the port on which the destination system is connected. . By channeling data only to the connections that should receive it, switches reduce the number of collisions that happen on the network. . A switch makes forwarding decisions based on the Media Access Control (MAC) addresses of the devices connected to it to determine the correct port. . In cut-through switching, the switch begins to forward the packet as soon as it is received. . In store-and-forward switching, the switch waits to receive the entire packet before beginning to forward it.
. In fragment-free switching, the switch reads only the part of the packet that enables it to identify fragments of a transmission. . Switches reduce collisions through a process called microsegmentation. Each port on a switch is a dedicated link between the switch and the connected computer. . Hubs and switches have two types of ports: mediumdependent interface (MDI) and medium-dependent interface crossed (MDI-X). . A straight-through cable is used to connect systems to the switch or hub using the MDI-X ports. . In a crossover cable, wires 1 and 3 and wires 2 and 6 are crossed.
. PoE is a technology that allows electrical power to be transmitted over twisted-pair Ethernet cable. The power is transferred, along with data, to provide power to remote devices. These devices may include remote switches, wireless access points, VoIP equipment, and more. . The term trunking refers to the use of multiple network cables or ports in parallel to increase the link speed beyond the limits of any one cable or port. . Port mirroring provides a way to monitor network traffic and monitor how well a switch is working. . Port authentication involves authenticating users on a port-by-port basis. One standard that specifies port authentication is the 802.1X standard, often associated with wireless security.
Physical
. As data is passed up or down through the OSI model structure, headers are added (going down) or removed (going up) at each layera process called encapsulation (when added) or decapsulation (when removed). . Mapping network devices to the OSI model: Hub: Physical (Layer 1) Switch: Data link (Layer 2) Bridge: Data link (Layer 2) Router: Network (Layer 3) NIC: Data link (Layer 2) AP: Data link (Layer 2) . Shaping by application: Administrators can control traffic based on the types of network traffic and assigning that category a bandwidth limit. . Documentation should also include diagrams of the physical and logical network design. The physical topology refers to how a network is physically constructedhow it looks.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NETWORK TOOLS
. A wire crimper is a tool that you use to attach media connectors to the ends of cables. . Wire strippers come in a variety of shapes and sizes. Some are specifically designed to strip the outer sheathing from coaxial cable, and others are designed to work with UTP cable. . Punchdown tools are used to attach twisted-pair network cable to connectors within a patch panel. Specifically, they connect twisted-pair wires to the IDC. . Voltage event recorders are used to monitor the quality of power used on the network or by network hardware. . Temperature monitors keep track of the temperature in wiring closets and server rooms. . Toner probes are used to locate cables hidden in floors, ceilings, or walls and to track cables from the patch panel to their destination. . Protocol analyzers can be hardware- or softwarebased. Their primary function is to analyze network protocols such as TCP, UDP, HTTP, FTP, and more. . A TDR is a device used to send a signal through a particular medium to check the cables continuity. . An OTDR performs the same basic function as a wire media tester, but on optical media. . Packet sniffers are either a hardware device or software that eavesdrop on transmissions that are traveling throughout the network. . Throughput testers identify the rate of data delivery over a communication channel. . Port scanners are a software-based utility. They are a security tool designed to search a network host for open ports on a TCP/IP-based network. . The netstat -a command can be used on a Windows-based system to see the status of ports. . You can ping the local loopback adapter by using the command ping 127.0.0.1. If this command is successful, you know that the TCP/IP suite is installed correctly on your system and is functioning. . tracert reports how long it takes to reach each router in the path. Its a useful tool for isolating bottlenecks in a network. The tracert command performs the same task on UNIX and Linux systems. . ARP is the part of the TCP/IP suite whose function is to resolve IP addresses to MAC addresses.
. netstat is used to view both inbound and outbound TCP/IP network connections. . nbtstat is used to display protocol and statistical information for NetBIOS over TCP/IP connections. . ipconfig shows the IP configuration information for all NICs installed in a system. . ipconfig /all is used to display detailed TCP/IP configuration information. . ipconfig /renew is used on Windows operating systems to renew the systems DNS information. . When looking for client connectivity problems using ipconfig, you should ensure that the gateway is set correctly. . The ifconfig command is the Linux equivalent of the ipconfig command. . The nslookup command is a TCP/IP diagnostic tool used to troubleshoot DNS problems. dig can be used for the same purpose on UNIX and Linux systems.
NETWORK SECURITY
. A firewall is considered a logical security measure and is one of the cornerstone concepts of network security. . At its most basic, a firewall is a device that has more than one network interface and manages the flow of network traffic between those interfaces. . A DMZ is part of a network on which you place servers that must be accessible by sources both outside and inside your network. . An IDS can detect malware or other dangerous traffic that may pass undetected by the firewall. Most IDSs can detect potentially dangerous content by its signature. . An IPS is a network device that continually scans the network, looking for inappropriate activity. It can shut down any potential threats. . An access control list (ACL) typically refers to specific access permissions assigned to an object or device on the network. For example, wireless routers can be configured to restrict who can and cannot access the router based on the MAC address. . When a port is blocked, you disable the capability for traffic to pass through that port, thereby filtering that traffic. . A VPN extends a LAN by establishing a remote connection, a connection tunnel, using a public network such as the Internet. . PPTP creates a secure tunnel between two points on a network, over which other connectivity protocols, such as PPP, can be used. This tunneling functionality is the basis for VPNs. . VPNs are created and managed by using protocols such as PPTP and L2TP, which build on the functionality of PPP. This makes it possible to create dedicated point-to-point tunnels through a public network such as the Internet. . L2TP authenticates the client in a two-phase process. It authenticates the computer and then the user. . To create secure data transmissions, IPSec uses two separate protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP).
. PPPoE (Point-to-Point Protocol over Ethernet) is a protocol used to connect multiple network users on an Ethernet local area network to a remote site through a common device. . The RDP, VNC, and ICA protocols allow client systems to access and run applications on a remote system, using that systems resources. Only the user interface, keystrokes, and mouse movement are transferred between the client and server computers. . AAA defines a spectrum of security measures, policies, and procedures that are combined to create a secure network. . Authentication refers to the mechanisms used to verify the identity of the computer or user attempting to access a particular resource. This includes passwords and biometrics. . Authorization is the method used to determine if an authenticated user has access to a particular resource. This is commonly determined through group associationa particular group may have a specific level of security clearance. . Accounting refers to the tracking mechanisms used to keep a record of events on a system. . Terminal Access Controller Access Control System+ (TACACS+) is a security protocol designed to provide centralized validation of users who are attempting to gain access to a router or Network Access Server (NAS). . Kerberos is one part of a strategic security solution that provides secure authentication services to users, applications, and network devices. It eliminates the insecurities caused by passwords being stored or transmitted across the network. . A public key infrastructure (PKI) is a collection of software, standards, and policies that are combined to allow users from the Internet or other unsecured public networks to securely exchange data. . A public key is a nonsecret key that forms half of a cryptographic key pair that is used with a public key algorithm. The public key is freely given to all potential receivers. . A private key is the secret half of a cryptographic key pair that is used with a public key algorithm. The private part of the public key cryptography system is never transmitted over a network. . A certificate is a digitally signed statement that associates the credentials of a public key to the identity of the person, device, or service that holds the corresponding private key.