Introduction

If you’re like most of us in the networking community, you probably have one or more network certifications. If that’s you, you’re very wise in choosing a CompTIA Network+ (N10-005) certification to proudly add to your repertoire because that achievement will make you all the more valuable as an employee. In these challenging economic times, keeping ahead of the competition—even standing out among your present colleagues—could make a big difference in whether you gain a promotion or possibly keep your job instead of being the one who gets laid off! Or maybe this is your first attempt at certification because you’ve decided to venture into a new career in information technology (IT). You’ve realized that getting into the IT sector is a good way to go because as the information age marches on, the demand for knowledgeable professionals in this dynamic field will only intensify dramatically.

Either way, obtaining certification is one of the best things you can do for your career if you are working in, or want to break into, the networking profession because it proves that you know what you’re talking about regarding the subjects in which you’re certified. It also powerfully endorses you as a professional in a way that’s very similar to a physician being board certified in a certain area of expertise.

In this book, you’ll find out what the Network+ exam is all about because each chapter covers a part of the exam. I’ve included some great review questions at the end of each chapter to help crystallize the information you learned and solidly prepare you to ace the exam.

A really cool thing about working in IT is that it’s constantly evolving, so there are always new things to learn and fresh challenges to master. Once you obtain your Network+ certification and discover that you’re interested in taking it further by getting into more complex networking (and making more money), the Cisco CCNA certification is definitely your next step; you can get the skinny on that and even more in-depth certifications on my blog at www.lammle.com/forum.

What Is the Network+ Certification?

Network+ is a certification developed by the Computing Technology Industry Association (CompTIA) that exists to provide resources and education for the computer and technology community. This is the same body that developed the A+ exam for PC technicians.

Way back in 1995, members of the organization got together to develop a new certification that tests skills for IT. To ensure industry-wide support, it was sponsored by many past and present IT industry leaders like these:

• Compaq Computers
• Digital Equipment Corporation (a part of Compaq)
• IBM
• Lotus
• Microsoft
• Novell
• TSS
• U.S. Robotics
• US West
• Wave Technologies

The Network+ exam was designed to test the skills of network technicians with 18 to 24 months of experience in the field. It tests areas of networking technologies such as the definition of a protocol, the Open Systems Interconnection (OSI) model and its layers, and the concepts of network design and implementation—the minimum knowledge required for working on a network and some integral prerequisites for network design and implementation.

Why Become Network+ Certified?

Because CompTIA is a well-respected developer of vendor-neutral industry certifications, becoming Network+ certified proves you’re competent in the specific areas tested by the Network+ exam.

The following are the major benefits are associated with becoming Network+ certified:

Proof of professional achievement Networking professionals are pretty competitive when it comes to collecting more certifications than their peers. And because the Network+ certification broadly covers the entire field of networking, technicians want this certification a lot more than having just Microsoft certifications—Network+ is a lot more prestigious and valuable. Because it’s rare to gain something that’s worth a lot with little effort, I’ll be honest—preparing for the Network+ exam isn’t exactly a lazy day at the beach. (However, beaches do happen to be really high on my personal list of great places to study!) And people in IT know that it isn’t all that easy to pass the Network+ exam, so they’ll definitely respect you more and know that you’ve achieved a certain level of expertise about vendor-independent networking-related subjects.

Opportunity for advancement We all like to get ahead in our careers—advancement results in more responsibility and prestige, and it usually means a fatter paycheck, greater opportunities, and added options. In the IT sector, a great way to make sure all that good stuff happens is by earning a lot of technology certifications, including Network+.

Fulfillment of training requirements Network+, because of its wide-reaching industry support, is recognized as a baseline of networking information. Some companies actually specify the possession of a Network+ certification as a job requirement before they’ll even consider hiring you, or as a goal to be met before your next review. And often, gaining a Network+ certification will get you a pay raise at review time.

Customer confidence As companies discover the CompTIA advantage, they will undoubtedly require qualified staff to achieve these certifications. Many companies outsource their work to consulting firms with experience working with security. Firms that have certified staff have a definite advantage over firms that don’t.

How to Become Network+ Certified

As this book goes to press, there are two Network+ exam providers: Prometric and Pearson VUE. The following table contains all the necessary contact information and exam-specific details for registering. Exam pricing might vary by country or by CompTIA membership.

Vendor	Website phone	Phone number
Prometric	http://securereg3.prometric.com	US and Canada: 800-977-3926
Pearson VUE	www.vue.com/comptia	US and Canada: 877-551-PLUS (7587)

When you schedule the exam, you’ll receive instructions regarding appointment and cancellation procedures, ID requirements, and information about the testing center location. In addition, you’ll receive a registration and payment confirmation letter. Exams can be scheduled up to six weeks out or as late as the next day (or, in some cases, even the same day).

After you’ve successfully passed your Network+ exam, CompTIA will award you a certification. Within four to six weeks of passing the exam, you’ll receive your official CompTIA Network+ certificate and ID card. (If you don’t receive these within eight weeks of taking the test, contact CompTIA directly using the information found in your registration packet.)

Tips for Taking the Network+ Exam

Here are some general tips for taking your exam successfully:

• Bring two forms of ID with you. One must be a photo ID, such as a driver’s license. The other can be a major credit card or a passport. Both forms must include a signature.
• Arrive early at the exam center so you can relax and review your study materials, particularly tables and lists of exam-related information. After you are ready to enter the testing room, you will need to leave everything outside; you won’t be able to bring any materials into the testing area.
• Read the questions carefully. Don’t be tempted to jump to an early conclusion. Make sure you know exactly what each question is asking.
• Don’t leave any unanswered questions. Unanswered questions are scored against you. There will be questions with multiple correct responses. When there is more than one correct answer, a message at the bottom of the screen will prompt you to either “choose two” or “choose all that apply.” Be sure to read the messages displayed to know how many correct answers you must choose.
• When answering multiple-choice questions you’re not sure about, use a process of elimination to get rid of the obviously incorrect answers first. Doing so will improve your odds if you need to make an educated guess.
• On form-based tests (nonadaptive), because the hard questions will take the most time, save them for last. You can move forward and backward through the exam.
• For the latest pricing on the exams and updates to the registration procedures, visit CompTIA’s website at www.comptia.org.

Who Should Read This Book?

You—if want to pass the Network+ exam, and pass it confidently! This book is chock full of the exact information you need and directly maps to Network+ exam objectives (listed later in this introduction), so if you use it to study for the exam, your odds of passing shoot way up.

And in addition to including every bit of knowledge you need to learn to pass the exam, I’ve included some really great tips and solid wisdom to equip you even further to successfully work in the real IT world.

What Does This Book Cover?

This book covers everything you need to know to pass the Network+ exam. But in addition to studying the book, it’s a good idea to practice on an actual network if you can.

Here’s a list of the 20 chapters in this book.

Chapter 1, “Introduction to Networks” An introduction to what a network is, and an overview of the most common physical network topologies you’ll find in today’s networks.

Chapter 2, “The Open Systems Interconnection Specifications” This chapter covers the OSI model, what it is, what happens at each of its layers, and how each layer works.

Chapter 3, “Networking Topologies, Connectors, and Wiring Standards” This chapter covers the various networking media and topologies, plus the cable types and properties used in today’s networks.

Chapter 4, “The Current Ethernet Specifications” This chapter covers how a basic Ethernet LAN works and describes and categorizes the different Ethernet specifications.

Chapter 5, “Networking Devices” It’s important for you to understand all the various devices used in today’s networks, and this chapter will describe how hubs, routers, and switches, and some other devices work within a network.

Chapter 6, “Introduction to the Internet Protocol” This is your introduction to the all-important IP protocol stack.

Chapter 7, “IP Addressing” This chapter will take up from where Chapter 6 left off and move into IP addressing. It also contains information about public versus private addressing and DHCP.

Chapter 8, “IP Subnetting, Troubleshooting IP, and Introduction to NAT” Beginning where Chapter 7 ends, we’ll be tackling IP subnetting in this one. But no worries here—I’ve worked hard to make this not-so-popular-yet-vital topic as painless as possible.

Chapter 9, “Introduction to IP Routing” This is an introduction to routing that basically covers what routers do and how they do it. This chapter, along with Chapter 10 and Chapter 11, cover routing and switching in much more detail than what is necessary to meet the CompTIA Network+ objectives because this knowledge is so critical to grasp when working with today’s networks.

Chapter 10, “Routing Protocols” This chapter goes into detail describing the protocols that run on routers and that update routing tables to create a working map of the network.

Chapter 11, “Switching and Virtual LANs” This chapter covers Layer 2 switching, the Spanning Tree Protocol (STP), and virtual LANs. Just as I went in deeper than needed for the exam with the routing chapters, I’ll cover switching and virtual LANs (which are also vital in today’s corporate networks) more thoroughly.

Chapter 12, “Wireless Networking” Because wireless is so important for both home and business networks today, this chapter is loaded with all the information you need to be successful at wireless networking at home and work.

Chapter 13, “Authentication and Access Control” This is the first of three security chapters. There are tons of exam objectives about network security that are so important that I took three chapters to cover all of them. In this chapter, I’ll introduce security, security filtering, tunneling, and user authentication.

Chapter 14, “Network Threats and Mitigation” This is probably the most fun of the three security chapters because I’ll tell you all about security threats and how to stop them. The only way to get good at network security is to implement it, and this chapter shows you how.

Chapter 15, “Physical and Hardware Security” This chapter’s focus is on explaining basic firewalls, security devices, and device security.

Chapter 16, “Wide Area Networks” In this chapter, you get to learn all about things like Frame Relay, E1/T1, DSL, cable modems, and more. All of the CompTIA Network+ WAN objectives are covered in this chapter.

Chapter 17, “Troubleshooting Tools” This is also a fun chapter because again, you can follow along and run all the troubleshooting commands yourself. And I repeat, it’s a really good idea to run through all the commands, again and again!

Chapter 18, “Software and Hardware Tools” This chapter introduces you to the network tools you will use to help you run your networks. Both software and hardware tools will be discussed.

Chapter 19, “Network Troubleshooting” In almost every chapter, I discuss how to verify and fix problems, but this chapter will really get into the nuts and bolts of detailed network troubleshooting and documentation.

Chapter 20, “Management, Monitoring, and Optimization” This last chapter will provide configuration-management documentation and covers wiring, logical diagrams, baselines, policies, and regulations.

What’s Included in the Book

I’ve included several learning tools throughout the book:

Assessment test At the end of this introduction is an assessment test that you can use to check your readiness for the exam. Take this test before you start reading the book; it will help you determine the areas you might need to brush up on. The answers to the assessment test questions appear on a separate page after the last question of the test. Each answer includes an explanation and a note telling you the chapter in which the material appears.

Objective map and opening list of objectives On the inside front cover of this book is a detailed exam objective map showing you where each of the exam objectives is covered in this book. In addition, each chapter opens with a list of the exam objectives it covers. Use these to see exactly where each of the exam topics is covered.

Exam essentials Each chapter, just before the summary, includes a number of exam essentials. These are the key topics you should take from the chapter in terms of areas to focus on when preparing for the exam.

Written lab Each chapter includes a written lab. These are short exercises that map to the exam objectives. Answers to these can be found in Appendix B.

Chapter review questions To test your knowledge as you progress through the book, there are review questions at the end of each chapter. As you finish each chapter, answer the review questions and then check your answers—the correct answers and explanations are in Appendix A. You can go back to reread the section that deals with each question you got wrong to ensure that you answer correctly the next time you’re tested on the material.

We’ve included a number of additional study tools that can be found on the book’s companion site at www.sybex.com/go/netplus2e:

Sybex test engine Using this custom software, you can identify up front the areas in which you are weak and then develop a solid studying strategy using the test engine for each of the robust testing features included with this book. In addition to taking the assessment test and the chapter review questions with the test engine, you’ll find two practice exams. Take these practice exams just as if you were taking the actual exam (without any reference material). When you’ve finished the first exam, move on to the next one to solidify your test-taking skills. If you get more than 90 percent of the answers correct, you’re ready to take the certification exam.

Electronic flashcards Use these handy flashcards for quick and convenient review.

PDF of glossary of terms The glossary of terms is on the companion site in PDF format.

How to Use This Book

If you want a solid foundation for the serious effort of preparing for the Network+ exam, then look no further because I’ve spent countless hours putting together this book with the sole intention of helping you to pass it!

This book is loaded with valuable information, and you will get the most out of your study time if you understand how I put the book together. Here’s a list that describes how to approach studying:

1. Take the assessment test immediately following this introduction. (The answers are at the end of the test, but no peeking!) It’s okay if you don’t know any of the answers—that’s what this book is for. Carefully read over the explanations for any question you get wrong, and make note of the chapters where that material is covered.

2. Study each chapter carefully, making sure that you fully understand the information and the exam objectives listed at the beginning of each one. Again, pay extra-close attention to any chapter that includes material covered in questions you missed on the assessment test.

3. Complete the written lab at the end of each chapter. Do not skip these written exercises because they directly map to the CompTIA objectives and what you’ve got to have nailed down to meet them.

4. Answer all the review questions related to each chapter. Specifically note any questions that confuse you, and study those sections of the book again. And don’t just skim these questions—make sure you understand each answer completely.

5. Try your hand at the practice exams. In addition, check out www.lammle.com for more CompTIA Network+ exam prep questions. The questions found on my site will be updated at least monthly, maybe weekly or even daily. Before you take your test, be sure to visit my website for questions, videos, audios, and other useful information.

6. Test yourself using all the electronic flashcards. These are brand-new and updated flashcard programs to help you prepare for the latest CompTIA Network+ exam, and they’re really great study tools.

I tell you no lies—learning every bit of the material in this book is going to require applying yourself with a good measure of discipline. So try to set aside the same time period every day to study, and select a comfortable and quiet place to do so. If you work hard, you will be surprised at how quickly you learn this material.

If you follow the steps listed here and study with the review questions, practice exams, electronic flashcards, and all the written labs, you would almost have to try to fail the CompTIA Network+ exam. However, studying for the Network+ exam is like training for a marathon—if you don’t go for a good run every day, you’re not likely to finish very well.

Exam Objectives

Speaking of objectives, you’re probably pretty curious about those, right? CompTIA asked groups of IT professionals to fill out a survey rating the skills they felt were important in their jobs, and the results were grouped into objectives for the exam and divided into six domains.

This table gives you the extent by percentage that each domain is represented on the actual examination.

Domain	% of Examination
1.0 Network Technologies	21%
2.0 Network Installation and Configuration	23%
3.0 Network Media and Topologies	17%
4.0 Network Management	20%
5.0 Network Security	19%
Total	100%

Next, I’m going to give you the outline of the Network+ exam objectives.

1.0 Network Concepts

1.1 Compare the layers of the OSI and TCP/IP models.

• OSI model:
  • Layer 1 – Physical
  • Layer 2 – Data link
  • Layer 3 – Network
  • Layer 4 – Transport
  • Layer 5 – Session
  • Layer 6 – Presentation
  • Layer 7 – Application
• TCP/IP model:
  • Network Interface Layer
  • Internet Layer
  • Transport Layer
  • Application Layer
  • (Also described as: Link Layer, Internet Layer, Transport Layer, Application Layer)

1.2 Classify how applications, devices, and protocols relate to the OSI model layers.

• MAC address
• IP address
• EUI-64
• Frames
• Packets
• Switch
• Router
• Multilayer switch
• Hub
• Encryption devices
• Cable
• NIC
• Bridge

1.3 Explain the purpose and properties of IP addressing.

• Classes of addresses
  • A, B, C and D
  • Public vs. Private
• Classless (CIDR)
• IPv4 vs. IPv6 (formatting)
• MAC address format
• Subnetting
• Multicast vs. unicast vs. broadcast
• APIPA

1.4 Explain the purpose and properties of routing and switching.

• EIGRP
• OSPF
• RIP
• Link state vs. distance vector vs. hybrid
• Static vs. dynamic
• Routing metrics
  • Hop counts
  • MTU, bandwidth
  • Costs
  • Latency
• Next hop
• Spanning-Tree Protocol
• VLAN (802.1q)
• Port mirroring
• Broadcast domain vs. collision domain
• IGP vs. EGP
• Routing tables
• Convergence (steady state)

1.5 Identify common TCP and UDP default ports.

• SMTP – 25
• HTTP – 80
• HTTPS – 443
• FTP – 20, 21
• TELNET – 23
• IMAP – 143
• RDP – 3389
• SSH – 22
• DNS – 53
• DHCP – 67, 68

1.6 Explain the function of common networking protocols.

• TCP
• FTP
• UDP
• TCP/IP suite
• DHCP
• TFTP
• DNS
• HTTPS
• HTTP
• ARP
• SIP (VoIP)
• RTP (VoIP)
• SSH
• POP3
• NTP
• IMAP4
• Telnet
• SMTP
• SNMP2/3
• ICMP
• IGMP
• TLS

1.7 Summarize DNS concepts and its components.

• DNS servers
• DNS records (A, MX, AAAA, CNAME, PTR)
• Dynamic DNS

1.8 Given a scenario, implement the following network troubleshooting methodology:

• Identify the problem:
  • Information gathering
  • Identify symptoms
  • Question users
  • Determine if anything has changed
• Establish a theory of probable cause
  • Question the obvious
• Test the theory to determine cause:
  • Once theory is confirmed determine next steps to resolve problem.
  • If theory is not confirmed, re-establish new theory or escalate.
• Establish a plan of action to resolve the problem and identify potential effects
• Implement the solution or escalate as necessary
• Verify full system functionality and if applicable implement preventative measures
• Document findings, actions and outcomes

1.9 Identify virtual network components.

• Virtual switches
• Virtual desktops
• Virtual servers
• Virtual PBX
• Onsite vs. offsite
• Network as a Service (NaaS)

2.0 Network Installation and Configuration

2.1 Given a scenario, install and configure routers and switches.

• Routing tables
• NAT
• PAT
• VLAN (trunking)
• Managed vs. unmanaged
• Interface configurations
  • Full duplex
  • Half duplex
  • Port speeds
  • IP addressing
  • MAC filtering
• PoE
• Traffic filtering
• Diagnostics
• VTP configuration
• QoS
• Port mirroring

2.2 Given a scenario, install and configure a wireless network.

• WAP placement
• Antenna types
• Interference
• Frequencies
• Channels
• Wireless standards
• SSID (enable/disable)
• Compatibility (802.11 a/b/g/n)

2.3 Explain the purpose and properties of DHCP.

• Static vs. dynamic IP addressing
• Reservations
• Scopes
• Leases
• Options (DNS servers, suffixes)

2.4 Given a scenario, troubleshoot common wireless problems.

• Interference
• Signal strength
• Configurations
• Incompatibilities
• Incorrect channel
• Latency
• Encryption type
• Bounce
• SSID mismatch
• Incorrect switch placement

2.5 Given a scenario, troubleshoot common router and switch problems.

• Switching loop
• Bad cables/improper cable types
• Port configuration
• VLAN assignment
• Mismatched MTU/MUT black hole
• Power failure
• Bad/missing routes
• Bad modules (SFPs, GBICs)
• Wrong subnet mask
• Wrong gateway
• Duplicate IP address
• Wrong DNS

2.6 Given a set of requirements, plan and implement a basic SOHO network.

• List of requirements
• Cable length
• Device types/requirements
• Environment limitations
• Equipment limitations
• Compatibility requirements

3.0 Network Media and Topologies

3.1 Categorize standard media types and associated properties.

• Fiber:
  • Multimode
  • Singlemode
• Copper:
  • UTP
  • STP
  • CAT3
  • CAT5
  • CAT5e
  • CAT6
  • CAT6a
  • Coaxial
  • Crossover
  • T1 Crossover
  • Straight-through
• Plenum vs. non-plenum
• Media converters:
  • Singlemode fiber to Ethernet
  • Multimode fiber to Ethernet
  • Fiber to Coaxial
  • Singlemode to multimode fiber
• Distance limitations and speed limitations
• Broadband over powerline

3.2 Categorize standard connector types based on network media.

• Fiber:
  • ST
  • SC
  • LC
  • MTRJ
• Copper:
  • RJ-45
  • RJ-11
  • BNC
  • F-connector
  • DB-9 (RS-232)
  • Patch panel
  • 110 block (T568A, T568B)

3.3 Compare and contrast different wireless standards.

• 802.11 a/b/g/n standards
  • Distance
  • Speed
  • Latency
  • Frequency
  • Channels
  • MIMO
  • Channel bonding

3.4 Categorize WAN technology types and properties.

• Types:
  • T1/E1
  • T3/E3
  • DS3
  • OCx
  • SONET
  • SDH
  • DWDM
  • Satellite
  • ISDN
  • Cable
  • DSL
  • Cellular
  • WiMAX
  • LTE
  • HSPA+
  • Fiber
  • Dialup
  • PON
  • Frame relay
  • ATMs
• Properties:
  • Circuit switch
  • Packet switch
  • Speed
  • Transmission media
  • Distance

3.5 Describe different network topologies.

• MPLS
• Point to point
• Point to multipoint
• Ring
• Star
• Mesh
• Bus
• Peer-to-peer
• Client-server
• Hybrid

3.6 Given a scenario, troubleshoot common physical connectivity problems.

• Cable problems:
  • Bad connectors
  • Bad wiring
  • Open, short
  • Split cables
  • DB loss
  • TXRX reversed
  • Cable placement
  • EMI/Interference
  • Distance
  • Cross-talk

3.7 Compare and contrast different LAN technologies.

• Types:
  • Ethernet
  • 10BaseT
  • 100BaseT
  • 1000BaseT
  • 100BaseTX
  • 100BaseFX
  • 1000BaseX
  • 10GBaseSR
  • 10GBaseLR
  • 10GBaseER
  • 10GBaseSW
  • 10GBaseLW
  • 10GBaseEW
  • 10GBaseT
• Properties:
  • CSMA/CD
  • CSMA/CA
  • Broadcast
  • Collision
  • Bonding
  • Speed
  • Distance

3.8 Identify components of wiring distribution.

• IDF
• MDF
• Demarc
• Demarc extension
• Smart jack
• CSU/DSU

4.0 Network Management

4.1 Explain the purpose and features of various network appliances.

• Load balancer
• Proxy server
• Content filter
• VPN concentrator

4.2 Given a scenario, use appropriate hardware tools to troubleshoot connectivity issues.

• Cable tester
• Cable certifier
• Crimper
• Butt set
• Toner probe
• Punch down tool
• Protocol analyzer
• Loop back plug
• TDR
• OTDR
• Multimeter
• Environmental monitor

4.3 Given a scenario, use appropriate software tools to troubleshoot connectivity issues.

• Protocol analyzer
• Throughput testers
• Connectivity software
• Ping
• Tracert/traceroute
• Dig
• Ipconfig/ifconfig
• Nslookup
• Arp
• Nbtstat
• Netstat
• Route

4.4 Given a scenario, use the appropriate network monitoring resource to analyze traffic.

• SNMP
• SNMPv2
• SNMPv3
• Syslog
• System logs
• History logs
• General logs
• Traffic analysis
• Network sniffer

4.5 Describe the purpose of configuration management documentation.

• Wire schemes
• Network maps
• Documentation
• Cable management
• Asset management
• Baselines
• Change management

4.6 Explain different methods and rationales for network performance optimization.

• Methods:
  • QoS
  • Traffic shaping
  • Load balancing
  • High availability
  • Caching engines
  • Fault tolerance
  • CARP
• Reasons:
  • Latency sensitivity
  • High bandwidth applications (VoIP, video applications, unified communications)
  • Uptime

5.0 Network Security

5.1 Given a scenario, implement appropriate wireless security measures.

• Encryption protocols:
  • WEP
  • WPA
  • WPA2
  • WPA Enterprise
• MAC address filtering
• Device placement
• Signal strength

5.2 Explain the methods of network access security.

• ACL:
  • MAC filtering
  • IP filtering
  • Port filtering
• Tunneling and encryption:
  • SSL VPN
  • VPN
  • L2TP
  • PPTP
  • IPSec
  • ISAKMP
  • TLS
  • TLS1.2
  • Site-to-site and client-to-site
• Remote access:
  • RAS
  • RDP
  • PPPoE
  • PPP
  • ICA
  • SSH

5.3 Explain methods of user authentication.

• PKI
• Kerberos
• AAA (RADIUS, TACACS+)
• Network access control (802.1x, posture assessment)
• CHAP
• MS-CHAP
• EAP
• Two-factor authentication
• Multifactor authentication
• Single sign-on

5.4 Explain common threats, vulnerabilities, and mitigation techniques.

• Wireless:
  • War driving
  • War chalking
  • WEP cracking
  • WPA cracking
  • Evil twin
  • Rogue access point
• Attacks:
  • DoS
  • DDoS
  • Man in the middle
  • Social engineering
  • Virus
  • Worms
  • Buffer overflow
  • Packet sniffing
  • FTP bounce
  • Smurf
• Mitigation techniques:
  • Training and awareness
  • Patch management
  • Policies and procedures
  • Incident response

5.5 Given a scenario, install and configure a basic firewall.

• Types:
  • Software and hardware firewalls
• Port security
• Stateful inspection vs. packet filtering
• Firewall rules:
  • Block/allow
  • Implicit deny
  • ACL
• NAT/PAT
• DMZ

5.6 Categorize different types of network security appliances and methods.

• IDS and IPS:
  • Behavior based
  • Signature based
  • Network based
  • Host based
• Vulnerability scanners:
  • NESSUS
  • NMAP
• Methods:
  • Honeypots
  • Honeynets

Assessment Test

1. What is the basic purpose of a local area network (LAN)?

A. To interconnect networks in several different buildings

B. To connect one or more computers together so they can share resources

C. To interconnect 2 to 10 routers

D. To make routers unnecessary

2. You need a topology that is easy to troubleshoot and scalable. Which would you use?

A. Bus

B. Star

C. Mesh

D. Ring

3. IP resides at which layer of the OSI model?

A. Application

B. Data Link

C. Network

D. Physical

4. Layer 2 of the OSI model is named ___________________.

A. Application layer

B. Network layer

C. Transport layer

D. Data Link layer

5. Which RG rating of coax is used for cable modems?

A. RG-59

B. RG-58

C. RG-6

D. RG-8

6. Which UTP wiring uses four twisted wire pairs (eight wires) and is rated for 250MHz?

A. Category 3 UTP

B. Category 5 STP

C. Category 5 UTP

D. Category 6 UTP

7. If you are running half-duplex Internet, which of the following is true?

A. Your digital signal cannot transmit and receive data at the same time.

B. Hosts use the CSMA/CD protocol to prevent collisions.

C. The physical connection consists of one wire pair.

D. All of the above.

8. You need to connect a hub to a switch. You don’t like this idea because you know that it will create congestion. What type of cable do you need to use to connect the hub to the switch?

A. EtherIP

B. Crossover

C. Straight-through

D. Cable Sense, Multiple Access

9. Your boss asks you why you just put in a requisition to buy a bunch of switches. He said he just bought you a bunch of hubs five years ago! Why did you buy the switches?

A. Because each switch port is its own collision domain.

B. The cable connecting devices to the hub wore out, and switches were cheaper than new cable.

C. There were too many broadcast domains, and a switch breaks up broadcast domains by default.

D. The hubs kept repeating signals but quit recognizing frames and data structures.

10. Which device would connect network segments together, creating separate collision domains for each segment but only a single broadcast domain?

A. Hub

B. Router

C. Switch

D. Modem

11. Most Application layer protocols use only UDP or TCP at the Transport layer. Which of the following could use both?

A. TCP

B. Microsoft Word

C. Telnet

D. DNS

12. HTTP, FTP, and Telnet work at which layer of the OSI model?

A. Application

B. Presentation

C. Session

D. Transport

13. IPv6 uses multiple types of addresses. Which of the following would describe an anycast address used by an IPv6 host?

A. Communications are routed to the most distant host that shares the same address.

B. Packets are delivered to all interfaces identified by the address. This is also called one-to-many addressing.

C. This address identifies multiple interfaces, and the anycast packet is only delivered to one address. This address can also be called one-to-one-of-many.

D. Anycast is a type of broadcast.

14. Which of the following IP addresses are not allowed on the Internet? (Choose all that apply.)

A. 11.255.255.1

B. 10.1.1.1

C. 172.33.255.0

D. 192.168.0.1

15. What is the subnetwork address for a host with the IP address 200.10.5.168/28?

A. 200.10.5.156

B. 200.10.5.132

C. 200.10.5.160

D. 200.10.5.0

E. 200.10.5.255

16. If you wanted to verify the local IP stack on your computer, what would you do?

A. Ping 127.0.0.0

B. Ping 127.0.0.1

C. Telnet 1.0.0.127

D. Ping 169.5.3.10

E. Telnet 255.255.255.255

17. The OSI model uses an encapsulation method to describe the data as it is encapsulated at each layer. What is the encapsulation named at the Data Link layer?

A. Bits

B. Packets

C. Frames

D. Data

E. Segments

18. Where does a Data Link layer frame have to carry a Network layer packet if the packet is destined for a remote network?

A. Router

B. Physical medium

C. Switch

D. Another host

19. Which of the following are not distance vector routing protocols? (Choose all that apply.)

A. OSPF

B. RIP

C. RIPv2

D. IS-IS

20. Which of the following uses both distance vector and link state properties?

A. IGRP

B. OSPF

C. RIPv1

D. EIGRP

E. IS-IS

21. You need to break up broadcast domains in a Layer 2 switched network. What strategy will you use?

A. Implement a loop-avoidance scheme.

B. Create a flatter network structure using switches.

C. Create a VLAN.

D. Disable spanning tree on individual ports.

22. Why do most switches run the Spanning Tree Protocol by default?

A. It monitors how the network is functioning.

B. It stops data from forwarding until all devices are updated.

C. It prevents switching loops.

D. It manages the VLAN database.

23. Which of the following describes MIMO correctly?

A. A protocol that requires acknowledgment of each and every frame

B. A data-transmission technique in which several frames are sent by several antennae over several paths and are then recombined by another set of antennae

C. A modulation technique that allows more than one data rate

D. A technique that packs smaller packets into a single unit, which improves throughput

24. Which two practices help secure your wireless access points from unauthorized access? (Choose all that apply.)

A. Assigning a private IP address to the AP

B. Changing the default SSID value

C. Configuring a new administrator password

D. Changing the mixed-mode setting to single mode

E. Configuring traffic filtering

25. IPSec is defined at what layer of the OSI model?

A. Network

B. Physical

C. Layer 4

D. Layer 7

26. You want your users to log in and authenticate before they can get onto your network. Which of the following services would you use?

A. RADIUS

B. DNS

C. Virtual Network Computing

D. Remote Desktop Protocol

27. Someone calls you and asks for your bank account number because the bank is having problems with your account. You give them this information and later find out that you were scammed. What type of attack is this?

A. Phishing

B. Calling scam

C. Analog scam

D. Trust-exploration attack

E. Man-in-the-middle attack

F. Rogue access point

28. Which three of the following are types of denial of service attacks?

A. Ping of Death

B. Stacheldraht

C. SYN flood

D. Virus FloodSyn

29. You want to stop a hacker in their tracks. Which of the following devices are proactive in providing this service?

A. Access control list (ACL)

B. Content filtering

C. Security zones

D. Intrusion prevention system (IPS)

E. Network Address Translation

F. Virtual LANs

30. You connected your company to the Internet, and security is a concern. What should you install?

A. Higher-quality cables

B. Firewall

C. DNS

D. Switches

31. Which of the following are WAN protocols or technologies? (Choose all that apply.)

A. ATM

B. ISDN

C. MPLS

D. RIP

32. The rate at which the Frame Relay switch agrees to transfer data is referred to as ___________________.

A. BE

B. FECN

C. CIR

D. BECN

33. Which two arp utility switches perform the same function?

A. –g

B. –Z

C. –d

D. –a

E. -h

F. -b

34. You need to purge and reload the remote NetBIOS name table cache. Which nbtstat utility switch will you use?

A. –r

B. –R

C. /r

D. /R

E. -a

F. -A

35. Which tool is used to attach ends to network cables?

A. Punch-down tool

B. Crimper

C. VLAN tool

D. Strippers

E. ARP tool

36. You are using a TDR. Which three of the following actions can you do with this device?

A. Estimate cable lengths

B. Find splice and connector locations and their associated loss amounts

C. Display unused services

D. Define cable-impedance characteristics

37. Which of the following are considered cabling issues? (Choose all that apply.)

A. Crosstalk

B. Shorts

C. Open impedance mismatch

D. DNS configurations

38. You have just tested your theory of a problem to determine the cause. Based on the standard troubleshooting model, what is your next step?

A. Question the obvious.

B. Establish a theory of probable cause.

C. Establish a plan of action to resolve the problem and identify potential effects.

D. Verify full system functionality and if applicable implement preventative measures.

39. Which network performance optimization technique can delay packets that meet certain criteria to guarantee usable bandwidth for other applications?

A. Traffic shaping

B. Jitter control

C. Logical network mapping

D. Load balancing

E. Access lists

40. You need to optimize network traffic by spreading it across multiple connections. Which strategy should be used?

A. Load balancing

B. Traffic shaping

C. Add VLANs

D. A 1Gbps connection

E. Following the regulations

Answers to Assessment Test

1. B. LANs generally have a geographic scope of a single building or smaller. They can be simple (two hosts) to complex (with thousands of hosts). See Chapter 1 for more information.

2. B. Star topologies are the easiest to troubleshoot and can easily scale to large sizes. See Chapter 1 for more information.

3. C. IP is a Network layer protocol. Internet Explorer is an example of an Application layer protocol. Ethernet is an example of a Data Link layer protocol, and T1 can be considered a Physical layer protocol. See Chapter 2 for more information.

4. D. Layer 2 of the OSI model is the Data Link layer, which provides the physical transmission of the data and handles error notification, network topology, and flow control. See Chapter 2 for more information.

5. C. Cable modems use RG-6 coax cables. See Chapter 3 for more information.

6. D. To get the high data-transfer speed, like 1Gbps, you need to use a wire standard that is highly rated, such as Category 5e or Category 6. See Chapter 3 for more information.

7. D. A, B, and C are true. With half duplex, you are using one wire pair with a digital signal either transmitting or receiving (but not both at once). Carrier Sense Multiple Access with Collision Detection (CSMA/CD) helps packets that are transmitted simultaneously from different hosts share bandwidth evenly. See Chapter 4 for more information.

8. B. To connect two switches together or a hub to a switch, you need a crossover cable. See Chapter 4 for more information.

9. A. For the most part, switches are not cheap; however, one of the biggest benefits of using switches instead of hubs in your internetwork is that each switch port is actually its own collision domain. A hub creates one large collision domain. Switches still can’t break up broadcast domains (do you remember which devices do?). Hubs do not recognize frames and data structures but switches do. See Chapter 5 for more information.

10. C. A switch creates separate collision domains for each port but does not break up broadcast domains by default. See Chapter 5 for more information.

11. D. DNS uses TCP for zone exchanges between servers and UDP when a client is trying to resolve a hostname to an IP address. See Chapter 6 for more information.

12. A. HTTP, FTP and Telnet use TCP at the Transport layer; however, they are all Application layer protocols, so the Application layer is the best answer for this question. See Chapter 6 for more information.

13. C. Anycast is a new type of communication that replaces broadcasts in IPv4. Anycast addresses identify multiple interfaces, which is the same as multicast; however, the big difference is that the anycast packet is delivered to only one address: the first one it finds defined in the terms of routing distance. This address can also be called one-to-one-of-many. See Chapter 7 for more information.

14. B, D. The addresses in the range 10.0.0.0 through 10.255.255.255 and 172.16.0.0 through 172.31.255.255 as well as 192.168.0.0 through 192.168.255.255 are all considered private, based on RFC 1918. Use of these addresses on the Internet is prohibited so that they can be used simultaneously in different administrative domains without concern for conflict. See Chapter 7 for more detail on IP addressing and information on private IP addresses.

15. C. This is a pretty simple question. A /28 is 255.255.255.240, which means that our block size is 16 in the fourth octet. 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, and so on. The host is in subnet 160. See Chapter 8 for more information.

16. B. To test the local stack on your host, ping the loopback interface of 127.0.0.1. As a matter of fact, the entire range from 127.0.0.1-127.255.255.254 will test the IP stack. See Chapter 8 for more information.

17. C. The Data Link layer is responsible for encapsulating IP packets into frames and for providing logical network addresses. See Chapter 9 for more information.

18. A. Packets specifically have to be carried to a router in order to be routed through a network. See Chapter 9 for more information.

19. A, D. RIP and RIPv2 are distance vector routing protocols. OSPF and IS-IS are link state. See Chapter 10 for more information.

20. D. EIGRP is called a hybrid routing protocol because it uses the characteristics of both distance vector and link state routing protocols. However, EIGRP can only be run on Cisco routers and is not vendor neutral. See Chapter 10 for more information.

21. C. Virtual LANs break up broadcast domains in Layer 2 switched internetworks. See Chapter 11 for more information.

22. C. The Spanning Tree Protocol (STP) was designed to stop Layer 2 loops. All enterprise model switches have STP by default. See Chapter 11 for more information.

23. B. Part of the 802.11n wireless standard, MIMO sends multiple frames by several antennae over several paths; they are then recombined by another set of antennae to optimize throughput and multipath resistance. This is called spatial multiplexing. See Chapter 12 for more information.

24. B, C. At a minimum, you need to change the default SSID value on each AP and configure new usernames and passwords on the AP. See Chapter 12 for more information.

25. A. IPSec works at the Network layer of the OSI model (Layer 3) and secures all applications that operate above it (Layer 4 and above). Additionally, because it was designed by the IETF and designed to work with IPv4 and IPv6, it has broad industry support and is quickly becoming the standard for VPNs on the Internet. See Chapter 13 for more information.

26. A. RADIUS combines user authentication and authorization into one profile. See Chapter 13 for more information.

27. A. Social engineering, or phishing, refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source. Phishing usually takes one of two forms: an email or a phone call. See Chapter 14 for more information.

28. A, B, C. A denial of service (DoS) attack prevents users from accessing the system. All of the options are all possible denial of service attacks except Virus FloodSyn. See Chapter 14 for more information.

29. D. Changing network configurations, terminating sessions, and deceiving the attacker are all actions that can be taken by an intrusion prevention system (IPS) device. These are all proactive approaches to security. See Chapter 15 for more information.

30. B. Firewalls help provide perimeter network security by allowing or denying connections and types of traffic in or out of the network. See Chapter 15 for more information.

31. A, B, C. Routing Information Protocol (RIP) is not a WAN protocol but a routing protocol used in local area connections. See Chapter 16 for more information.

32. C. The Committed Information Rate (CIR) is the rate, in bits per second, at which the Frame Relay switch agrees to transfer data. See Chapter 16 for more information.

33. A, D. The arp utility’s –a and –g switches perform the same function. They both show the current ARP cache. See Chapter 17 for more information.

34. B. To purge and reload the remote NetBIOS name cache, you must use nbtstat –R. Remember that the R must be uppercase, and it will not work correctly without the hyphen before it. See Chapter 17 for more information.

35. B. A wire crimper or crimper is used to attach ends onto different types of network cables. See Chapter 18 for more information.

36. A, B, D. Due to sensitivity to any variation and impedance to cabling, options A, B, and D are all reasons you’d use a TDR. See Chapter 18 for more information.

37. A, B, C. Because most of today’s networks still consist of large amounts of copper cable, they can continue to suffer from the physical issues (the options are not a complete list) that have plagued all networks since the very beginning of networking. See Chapter 19 for more information.

38. C. You have just tested your theory of a problem to determine the cause. Based on the standard troubleshooting model, the next step would be to Establish a plan of action to resolve the problem and identify potential effects. See Chapter 19 for more information.

39. A. Traffic shaping, also known as packet shaping, is another form of bandwidth optimization. See Chapter 20 for more information.

40. A. Load balancing refers to a technique used to spread work out to multiple computers, network links, or other devices. You can load-balance work on servers by clustering servers so that multiple machines all provide the same service. See Chapter 20 for more information.