Overview

Certification Exam Objectives

CompTIA Network+ N10-006

Network Architecture

1.1 Explain the functions and applications of various network devices.

  • Router
  • Switch
  • Multilayer switch
  • Firewall
  • HIDS
  • IDS/IPS
  • Access point (wireless/wired)
  • Content filter
  • Load balancer
  • Hub
  • Analog modem
  • Packet shaper -** VPN concentrator**

1.2 Compare and contrast the use of networking services and applications.

  • VPN
  • Site-to-site/host-to-site/host-to-host
  • Protocols
  • IPsec
  • GRE
  • SSL VPN
  • PTP/PPTP
  • TACACS/RADIUS
  • RAS
  • Web services
  • Unified voice services
  • Network controllers

1.3 Install and configure the following networking services/applications.

  • DHCP
  • Static vs. dynamic IP addressing
  • Reservations
  • Scopes
  • Leases
  • Options (DNS servers, suffixes)
  • IP helper/DHCP relay
  • DNS
  • DNS servers
  • DNS records (A, MX, AAAA, CNAME, PTR)
  • Dynamic DNS
  • Proxy/reverse proxy
  • NAT
  • PAT
  • SNAT
  • DNAT
  • Port forwarding

1.4 Explain the characteristics and benefits of various WAN technologies.

  • Fiber
  • SONET
  • DWDM
  • CWDM
  • Frame relay
  • Satellite
  • Broadband cable
  • DSL/ADSL
  • ISDN
  • ATM
  • PPP/multilink PPP
  • MPLS
  • GSM/CDMA
  • LTE/4G
  • HSPA+
  • 3G
  • Edge
  • Dialup
  • WiMAX
  • MetroEthernet
  • Leased lines
  • T-1
  • T-3
  • E-1
  • E-3
  • OC3
  • OC12
  • Circuit switch vs. packet switch

1.5 Install and properly terminate various cable types and connectors using appropriate tools.

Copper connectors RJ-11 RJ-45 RJ-48C DB-9/RS-232 DB-25 UTP coupler BNC coupler BNC F-connector 110 block 66 block Copper cables Shielded vs. unshielded CAT3, CAT5, CAT5e, CAT6, CAT6a PVC vs. plenum RG-59 RG-6 Straight-through vs. crossover vs. rollover Fiber connectors ST SC LC MTRJ FC Fiber coupler Fiber cables Single-mode Multimode APC vs. UPC Media converters Single-mode fiber to Ethernet Multimode fiber to Ethernet Fiber to coaxial Single-mode to multimode fiber Tools Cable crimpers Punchdown tool Wire strippers Snips OTDR Cable certifier

1.6 Differentiate between common network topologies.

Mesh Partial Full Bus Ring Star Hybrid Point-to-point Point-to-multipoint Client-server Peer-to-peer

1.7 Differentiate between network infrastructure implementations.

WAN MAN LAN WLAN Hotspot PAN Bluetooth IR NFC SCADA/ICS ICS server DCS/closed network Remote terminal unit Programmable logic controller Medianets VTC ISDN IP/SIP

1.8 Given a scenario, implement and configure the appropriate addressing schema.

IPv6 Auto-configuration EUI 64 DHCP6 Link local Address structure Address compression Tunneling 6to4, 4to6 Teredo, miredo IPv4 Address structure Subnetting APIPA Classful A, B, C, D Classless Private vs. public NAT/PAT MAC addressing Multicast Unicast Broadcast Broadcast domains vs. collision domains

1.9 Explain the basics of routing concepts and protocols.

Loopback interface Routing loops Routing tables Static vs. dynamic routes Default route Distance vector routing protocols RIPv2 Hybrid routing protocols BGP Link state routing protocols OSPF IS-IS Interior vs. exterior gateway routing protocols Autonomous system numbers Route redistribution High availability VRRP Virtual IP HSRP Route aggregation Routing metrics Hop counts MTU, bandwidth Costs Latency Administrative distance SPB

1.10 Identify the basics elements of unified communication technologies.

VoIP Video Real-time services Presence Multicast vs. unicast QoS DSCP COS Devices UC servers UC devices UC gateways

1.11 Compare and contrast technologies that support cloud and virtualization.

Virtualization Virtual switches Virtual routers Virtual firewall Virtual vs. physical NICs Software-defined networking Storage area network iSCSI Jumbo frame Fibre Channel Network attached storage Cloud concepts Public IaaS, SaaS, PaaS Private IaaS, SaaS, PaaS Hybrid IaaS, SaaS, PaaS Community IaaS, SaaS, PaaS

1.12 Given a set of requirements, implement a basic network.

List of requirements Device types/requirements Environment limitations Equipment limitations Compatibility requirements Wired/wireless considerations Security considerations Network Operations

2.1 Given a scenario, use appropriate monitoring tools.

Packet/network analyzer Interface monitoring tools Port scanner Top talkers/listeners SNMP management software Trap Get Walk MIBS Alerts Email SMS Packet flow monitoring SYSLOG SIEM Environmental monitoring tools Temperature Humidity Power monitoring tools Wireless survey tools Wireless analyzers

2.2 Given a scenario, analyze metrics and reports from monitoring and tracking performance tools.

Baseline Bottleneck Log management Graphing Utilization Bandwidth Storage Network device CPU Network device memory Wireless channel utilization Link status Interface monitoring Errors Utilization Discards Packet drops Interface resets Speed and duplex

2.3 Given a scenario, use appropriate resources to support configuration management.

Archives/backups Baselines On-boarding and off-boarding of mobile devices NAC Documentation Network diagrams (logical/physical) Asset management IP address utilization Vendor documentation Internal operating procedures/ policies/standards

2.4 Explain the importance of implementing network segmentation.

SCADA systems/industrial control systems Legacy systems Separate private/public networks Honeypot/honeynet Testing lab Load balancing Performance optimization Security Compliance

2.5 Given a scenario, install and apply patches and updates.

OS updates Firmware updates Driver updates Feature changes/updates Major vs. minor updates Vulnerability patches Upgrading vs. downgrading Configuration backup

2.6 Given a scenario, configure a switch using proper features.

VLAN Native VLAN/default VLAN VTP Spanning tree (802.1d)/rapidspanning tree (802.1w) Flooding Forwarding/blocking Filtering Interface configuration Trunking/802.1q Tag vs. untag VLANs Port bonding (LACP) Port mirroring (local vs. remote) Speed and duplexing IP address assignment VLAN assignment Default gateway PoE and PoE+ (802.3af, 802.3at) Switch management User/passwords AAA configuration Console Virtual terminals In-band/out-of-band management Managed vs. unmanaged

2.7 Install and configure wireless LAN infrastructure and implement the appropriate technologies in support of wireless capable devices.

Small office, home office wireless router Wireless access points Device density Roaming Wireless controllers VLAN pooling LWAPP Wireless bridge Site surveys Heat maps Frequencies 2.4 Ghz 5.0 Ghz Channels Goodput Connection types 802.11a-ht 802.11g-ht Antenna placement Antenna types Omnidirectional Unidirectional MIMO/MU-MIMO Signal strength Coverage Differences between device antennas SSID broadcast Topologies Adhoc Mesh Infrastructure Mobile devices Cell phones Laptops Tablets Gaming devices Media devices

3.0 Network Security

3.1 Compare and contrast risk related concepts.

Disaster recovery Business continuity Battery backups/UPS First responders Data breach End user awareness and training Single point of failure Critical nodes Critical assets Redundancy Adherence to standards and policies Vulnerability scanning Penetration testing

3.2 Compare and contrast common network vulnerabilities and threats.

Attacks/threats DoS Distributed DoS Botnet Traffic spike Coordinated attack Reflective/amplified DNS NTP Smurfing Friendly/unintentional DoS Physical attack Permanent DoS ARP cache poisoning Packet/protocol abuse Spoofing Wireless Evil twin Rogue AP War driving War chalking Bluejacking Bluesnarfing WPA/WEP/WPS attacks Brute force Session hijacking Social engineering Man-in-the-middle VLAN hopping Compromised system Effect of malware on the network Insider threat/malicious employee Zero-day attacks Vulnerabilities Unnecessary running services Open ports Unpatched/legacy systems Unencrypted channels Clear text credentials Unsecure protocols TELNET HTTP SLIP FTP TFTP SNMPv1 and SNMPv2 TEMPEST/RF emanation

3.3 Given a scenario, implement network hardening techniques.

Anti-malware software Host-based Cloud/server-based Network-based Switch port security DHCP snooping ARP inspection MAC address filtering VLAN assignments Network segmentation Security policies Disable unneeded network services Use secure protocols SSH SNMPv3 TLS/SSL SFTP HTTPS IPsec Access lists Web/content filtering Port filtering IP filtering Implicit deny Wireless security WEP WPA/WPA2 Enterprise Personal TKIP/AES 802.1x TLS/TTLS MAC filtering User authentication CHAP/MSCHAP PAP EAP Kerberos Multifactor authentication Two-factor authentication Single sign-on Hashes MD5 SHA

3.4 Compare and contrast physical security controls.

Mantraps Network closets Video monitoring IP cameras/CCTVs Door access controls Proximity readers/key fob Biometrics Keypad/cipher locks Security guard

3.5 Given a scenario, install and configure a basic firewall.

Types of firewalls Host-based Network-based Software vs. hardware Application aware/context aware Small office, home office firewall Stateful vs. stateless inspection UTM Settings/techniques ACL Virtual wire vs. routed DMZ Implicit deny Block/allow Outbound traffic Inbound traffic Firewall placement Internal/external

3.6 Explain the purpose of various network access control models. 802.1x Posture assessment Guest network Persistent vs. non-persistent agents Quarantine network Edge vs. access control

3.7 Summarize basic forensic concepts.

First responder Secure the area Escalate when necessary Document the scene eDiscovery Evidence/data collection Chain of custody Data transport Forensics report Legal hold

4.0 Troubleshooting

4.1 Given a scenario, implement the following network troubleshooting methodology.

Identify the problem Gather information Duplicate the problem, if possible Question users Identify symptoms Determine if anything has changed Approach multiple problems individually Establish a theory of probable cause Question the obvious Consider multiple approaches Top-to-bottom/ bottom-to-top OSI model Divide and conquer Test the theory to determine cause Once theory is confirmed, determine next steps to resolve problem If theory is not confirmed, re-establish new theory or escalate Establish a plan of action to resolve the problem and identify potential effects Implement the solution or escalate as necessary Verify full system functionality and, if applicable, implement preventative measures Document findings, actions and outcomes

4.2 Given a scenario, analyze and interpret the output of troubleshooting tools.

Command line tools ipconfignetstat ifconfig ping/ping6/ping -6 tracert/tracert -6/ traceroute6/traceroute -6 nbtstat nslookup arp mac address lookup table pathping Line testers Certifiers Multimeter Cable tester Light meter Toner probe Speed test sites Looking glass sites WiFi analyzer Protocol analyser

4.3 Given a scenario, troubleshoot and resolve common wireless issues.

Signal loss Interference Overlapping channels Mismatched channels Signal-to-noise ratio Device saturation Bandwidth saturation Untested updates Wrong SSID Power levels Open networks Rogue access point Wrong antenna type Incompatibilities Wrong encryption Bounce MIMO AP placement AP configurations LWAPP Thin vs. thick Environmental factors Concrete walls Window film Metal studs Wireless standard related issues Throughput Frequency Distance Channels

4.4 Given a scenario, troubleshoot and resolve common copper cable issues.

Shorts Opens Incorrect termination (mismatched standards) Straight-through Crossover Cross-talk Near end Far end EMI/RFI Distance limitations Attenuation/Db loss Bad connector Bad wiring Split pairs Tx/Rx reverse Cable placement Bad SFP/GBIC - cable or transceiver

4.5 Given a scenario, troubleshoot and resolve common fiber cable issues. Attenuation/Db loss SFP/GBIC - cable mismatch Bad SFP/GBIC - cable or transceiver Wavelength mismatch Fiber type mismatch Dirty connectors Connector mismatch Bend radius limitations Distance limitations

4.6 Given a scenario, troubleshoot and resolve common network issues.

Incorrect IP configuration/default gateway Broadcast storms/switching loop Duplicate IP Speed and duplex mismatch End-to-end connectivity Incorrect VLAN assignment Hardware failure Misconfigured DHCP Misconfigured DNS Incorrect interface/interface misconfiguration Cable placement Interface errors Simultaneous wired/wireless connections Discovering neighboring devices/nodes Power failure/power anomalies MTU/MTU black hole Missing IP routes NIC teaming misconfiguration Active-active vs. active-passive Multicast vs. broadcast

4.7 Given a scenario, troubleshoot and resolve common security issues.

Misconfigured firewall Misconfigured ACLs/applications Malware DoS Open/closed ports ICMP related issues Ping of death Unreachable default gateway Unpatched firmware/Oss Malicious users Trusted Untrusted users Packet sniffing Authentication issues TACACS/RADIUS misconfigurations Default passwords/settings Improper access/backdoor access ARP issues Banner grabbing/OUI Domain/local group configurations Jamming

4.8 Given a scenario, troubleshoot and resolve common WAN issues.

Loss of Internet connectivity Interface errors Split horizon DNS issues Interference Router configurations Customer premise equipment Smart jack/NIU Demarc Loopback CSU/DSU Copper line drivers/repeaters Company security policy Throttling Blocking Fair access policy/utilization limits Satellite issues Latency

5.0 Industry Standards, Practices and Network Theory

5.1 Analyze a scenario and determine the corresponding OSI layer.

Layer 1 - Physical Layer 2 - Data link Layer 3 - Network Layer 4 - Transport Layer 5 - Session Layer 6 - Presentation Layer 7 - Application

5.2 Explain the basics of network theory and concepts. Encapsulation/de-encapsulation Modulation techniques Multiplexing De-multiplexing Analog and digital techniques TDM Numbering systems Binary Hexadecimal Octal Broadband/baseband Bit rates vs. baud rate Sampling size CDMA CSMA/CD and CSMA/CA Carrier detect/sense Wavelength TCP/IP suite ICMP UDP TCP Collision

5.3 Given a scenario, deploy the appropriate wireless standard.

802.11a 802.11b 802.11g 802.11n 802.11ac

5.4 Given a scenario, deploy the appropriate wired connectivity standard.

Ethernet standards 10BaseT 100BaseT 1000BaseT 1000BaseTX 10GBaseT 100BaseFX 10Base2 10GBaseSR 10GBaseER 10GBaseSW IEEE 1905.1-2013 Ethernet over HDMI Ethernet over power line Wiring standards EIA/TIA 568A/568B Broadband standards DOCSIS

5.5 Given a scenario, implement the appropriate policies or procedures.

Security policies Consent to monitoring Network policies Acceptable use policy Standard business documents SLA MOU MSA SOW

5.6 Summarize safety practices.

Electrical safety Grounding ESD Static Installation safety Lifting equipment Rack installation Placement Tool safety MSDS Emergency procedures Building layout Fire escape plan Safety/emergency exits Fail open/fail close Emergency alert system Fire suppression systems HVAC

5.7 Given a scenario, install and configure equipment in the appropriate location using best practices.

Intermediate distribution frame Main distribution frame Cable management Patch panels Power management Power converters Circuits UPS Inverters Power redundancy Device placement Air flow Cable trays Rack systems Server rail racks Two-post racks Four-post racks Free-standing racks Labeling Port labeling System labeling Circuit labeling Naming conventions Patch panel labelling Rack monitoring Rack security

5.8 Explain the basics of change management procedures.

Document reason for a change Change request Configuration procedures Rollback process Potential impact Notification Approval process Maintenance window Authorized downtime Notification of change Documentation Network configurations Additions to network Physical location changes

5.9 Compare and contrast the following ports and protocols.

80 HTTP 443 HTTPS 137-139 NetBIOS 110 POP 143 IMAP 25 SMTP 5060/5061 SIP 2427/2727 MGCP 5004/5005 RTP 1720 H.323 TCP Connection-oriented UDP Connectionless

*5.10 Given a scenario, configure and apply the appropriate ports and protocols.

20,21 FTP 161 SNMP 22 SSH 23 Telnet 53 DNS 67,68 DHCP 69 TFTP 445 SMB 3389 RDP"

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.