CompTIA Network+ N10-009 Exam Cram

Flashcards to help review the key networking concepts.

Open Systems Interconnection (OSI) Model

A conceptual framework used to understand network interactions in seven layers, facilitating the design and understanding of network architectures by segregating the network communication process into manageable layers, promoting interoperability and standardization across diverse network technologies and protocols.

Physical Layer (Layer 1)

Responsible for the physical transmission of data over network media, dealing with the hardware aspects of networking, including cables, switches, and the electrical signals or light pulses that carry data, and defining the standards for devices and media to connect and transmit raw bits rather than logical data packets.

Data Link Layer (Layer 2)

Responsible for node-to-node data transfer and error detection and correction in the physical layer, establishing, maintaining, and terminating connections between two physically connected devices, and handling the framing of data packets, including addressing.

Media Access Control (MAC) layer

A sublayer of the OSI model's Data Link Layer that manages protocol access to the physical network medium and is responsible for the addressing and channel access control mechanisms that enable several terminals or network nodes to communicate within a multipoint network, typically using MAC addresses.

Logical Link Control (LLC) layer

The upper sublayer of the OSI model's Data Link Layer that provides multiplexing mechanisms that allow multiple network protocols to coexist within a multiaccess network and provides flow and error control, acting as an interface between the networking software in the upper layers and the device hardware in the lower layers, ensuring data integrity and specifying which mechanisms are to be used for addressing and controlling the data link.

Network Layer (Layer 3)

Responsible for the logical addressing and routing of packets across different networks, determining the best path for data transmission from the source to the destination using routing protocols, and managing packet forwarding, including routing through intermediate routers, and handling network congestion and packet filtering.

Transport Layer (Layer 4)

Responsible for providing reliable, transparent transfer of data between end systems, ensuring complete data transfer with mechanisms for error correction, flow control, and segmentation/de-segmentation of data, and enabling seamless communication between devices by managing end-to-end message delivery in the network.

Session Layer (Layer 5)

Manages the setup, maintenance, and termination of sessions between presentation layer entities, establishing, managing, and terminating the connections between the local and remote applications, and providing mechanisms for controlling the dialog between the two end systems, either half-duplex or full-duplex.

Presentation Layer (Layer 6)

Responsible for the translation, encryption, and compression of data between the application and network formats, ensuring that data is presented in a usable format and mediates between the data formats and protocols used by the network and the applications, and acts as a translator, providing data encryption and compression services to ensure secure and efficient data transfer.

Application Layer (Layer 7)

Serves as the interface between the user and the network services, facilitating the end-user processes and applications to access network services, and defining protocols for various network services like file transfers, email, and web browsing, ensuring seamless communication between software applications and the network.

Physical appliances

Dedicated hardware devices focused on specific network functions, offering high performance and reliability but at a higher cost and with space requirements

Virtual appliances

Software-based solutions that run on virtual machines, providing similar functionalities with greater flexibility, scalability, and cost efficiency, but potentially at the expense of raw performance.

Router

Operates at the network layer of the OSI model, directing data packets between different networks based on IP addresses by using routing tables to determine the best path for forwarding packets to their destination, connecting multiple networks together, such as a local network to the Internet, and providing network security features like firewalls and VPN support.

Layer 2 Switch

Operates at the data link layer of the OSI model, forwarding data based on MAC addresses, and creating separate collision domains for each port, improving network efficiency by reducing collisions as used to connect devices within the same network or VLAN.

Firewall

Functions as a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules, and is crucial for establishing a barrier between secure internal networks and untrusted external networks, such as the internet, and can be hardware-based, software-based, or a combination of both.

IPS/IDS Device

Monitors network and/or system activities for malicious activities or policy violations, passively monitors and alerts system administrators of suspicious activity, whereas an actively blocks or prevents such activities based on detected anomalies, signatures, and policies to protect the network from threats.

Proxy Server

Acts as an intermediary between a user's device and the internet, receiving requests from clients, forwarding them to the relevant server, and returning the server's response to the client while providing additional functionality such as content caching, access control, and filtering, enhancing security and performance.

Access Point (AP)

A networking device that allows wireless devices to connect to a wired network using Wi-Fi or related standards operating at the data link layer, bridging the wireless and wired segments of a network by extending the wireless coverage of a network and manage multiple connections simultaneously, providing network access to wireless devices within their range.

Virtual Private Network (VPN)

A technology that creates a safe and encrypted connection over a less secure network, such as the Internet, used to establish secure connections between remote users or remote sites and an organization's private network, allowing for secure data transmission across public networks as if the devices were directly connected to the private network.

Network Functions Virtualization (NFV)

Involves the decoupling of network functions from hardware devices and running them as software instances on virtual machines or containers, allowing for flexible deployment and management of networking services like firewalls, load balancers, and intrusion detection systems, and reducing the need for dedicated hardware and enables dynamic scaling and management, which enhances resource utilization and reduces costs.

Network Security Groups

Used to control inbound and outbound traffic to cloud resources within a VPC, acting as a virtual firewall for associated instances to control traffic based on rules that specify allowed or denied ports, protocols, and source/destination IP addresses, and helping in implementing security at the protocol and port access level, ensuring only legitimate traffic reaches the cloud resources.

Cloud Connectivity Options

Various methods through which data and applications can connect to and interact with cloud environments for ensuring efficient, secure, and reliable access to cloud resources from different locations.

Deployment Models

Specific configurations and environments in which technology services and infrastructure are implemented, such as public, private, hybrid, and community which vary based on the management, location, and accessibility.

Software as a Service (SaaS)

To deliver applications over the internet, accessible through a web browser, eliminating the need for installations and maintenance on individual devices, allowing users to access software applications on a subscription basis, providing convenience and cost savings on software licensing and infrastructure.

Scalability

The capability of a system, network, or process to handle a growing amount of work, or its potential to be enlarged to accommodate that growth easily and cost-effectively, supporting growth without compromising performance or reliability.

Elasticity

The ability to automatically scale computing resources up or down as needed, ensuring that applications always have the right amount of resources to meet demand without manual intervention, optimizing both performance and cost, and is crucial for handling varying workloads, making it a fundamental characteristic of cloud services.

Multitenancy

A software architecture principle where a single instance of software serves multiple tenants, or users, where each tenant's data is isolated and remains invisible to other tenants, providing a cost-effective way for providers to manage a single application across various users.

File Transfer Protocol (FTP)

A standard network protocol used for the transfer of computer files between a client and server on a computer network, using two ports: 20 for data transfer and 21 for control (commands and responses), and allowing users to upload, download, delete, and manage files on a remote server but does not encrypt its traffic, including credentials.

Secure File Transfer Protocol (SFTP)

Extension of SSH to provide a secure method for transferring files that utilizes SSH's port 22 to ensure all data and commands are encrypted and secure, providing a more secure alternative to traditional FTP, and offers advanced features like file access, file transfer, and file management functionalities over any reliable data stream.

Telnet

A network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection that operates on port 23 and is known for being insecure since it transmits data, including login credentials, in plaintext, making it susceptible to interception and eavesdropping.

Domain Name System (DNS)

A hierachical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network that associates various information with domain names assigned to each of the participating entities and uses port 53 for queries, which can be sent via TCP or UDP.

Trivial File Transfer Protocol (TFTP)

A simple, lock-step, file transfer protocol with no authentication, used for transferring files smaller in size that uses UDP port 69 and is typically used for transferring boot files or configurations to devices in a local network, such as routers and switches, but due to simplicity and lack of security features, TFTP is generally used in controlled environments.

Hypertext Transfer Protocol (HTTP)

The foundation of data communication for the World Wide Web, where it provides a standard for web browsers and servers to communicate by operating on TCP port 80 and is used to transfer hypermedia documents, such as HTML though it is a stateless protocol, meaning each command is executed independently, without any knowledge of the commands that came before it.

Lightweight Directory Access Protocol (LDAP)

A protocol for accessing and maintaining distributed directory information services over an IP network, operating on TCP/UDP port 389 and is used for querying and modifying items in directory service databases like Microsoft Active Directory, OpenLDAP, and other directory services that follow the X.500 standard, and providing a mechanism for connecting to, searching, and modifying internet directories.

IP Protocol Types

Refers to the various protocols used in the layers of the IP suite, each serving different purposes in the network communication process while defining the rules and conventions for routing and transmitting data packets across networks, ensuring reliable and secure data transfer.

Cellular technology

A wireless communication method that utilizes a network of cell sites, each covering a specific area known as a cell where the fundamental feature is the ability to re-use frequencies to increase the capacity and coverage of mobile services through modern networks divided into generations: 2G, 3G, 4G, and 5G, each supporting increased data speeds and connectivity features.

Fiber-Optic cabling

Using light to transmit data, offering significantly higher speeds and greater bandwidth than traditional copper cables by consisting of glass or plastic fibers that carry light signals over long distances with minimal loss, making it ideal for high-speed data transmission in telecommunications and internet backbone infrastructures.

Plenum Rating

A fire resistance of cables designed to resist fire and emit low smoke when exposed to flame, making them safe for use in the air spaces of buildings while being safer for use in the air spaces of buildings.

Network Topologies

Describe the layout or arrangement of elements (links, nodes, etc.) of a computer network, each with unique configurations and characteristics, influencing the network's performance, reliability, and scalability.

Mesh topology

Network setup where each node connects directly to an arbitrary number of other nodes, creating a network with no central connecting point, ensuring high availability and redundancy as if any one link fails, data can be rerouted through multiple alternative paths.

Hybrid topology

Combines two or more different topologies to form a resultant topology that leverages the advantages and mitigates the disadvantages of the constituent topologies, offering flexibility in network design and can be tailored to meet specific needs or constraints of an organization.

Three-tier Hierarchical Model

Is a structured approach to network design that breaks the network into three distinct layers with Each layer is designed to serve a specific purpose, optimizing scalability, performance, and maintainability.

North-South Traffic

The flow of network traffic between the data center and the outside world (e.g., the internet or other data centers), focusing on inbound and outbound traffic patterns that typically involves client-to-server communication, where clients access services hosted in the data center.

Automatic Private IP Addressing (APIPA)

A feature of Windows operating systems that automatically assigns a unique IP address from the range 169.254.0.1 to 169.254.255.254 to a computer when it fails to obtain an IP address from a DHCP server, allowing for automatic, ad hoc network communication within a single subnet when a DHCP server is not available, but it does not provide internet access.

RFC1918

A standard that specifies the ranges of IP addresses reserved for private networks, preventing them from being routed on the public internet which reserved IP address ranges include 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255.

Software-defined networking (SDN)

An innovative networking paradigm that decouples the network control and forwarding functions, enabling network management through software applications.

SD-WAN

A specific application of software defined networking (SDN) technology applied to WAN connections, which are used to connect enterprise networks—including branch offices and data centers—over large geographic distances

Content Delivery Network (CDN)

A globally distributed network of proxy servers and data centers designed to deliver internet content rapidly to users by caching content like web pages, videos, and images in multiple locations around the world to reduce latency and improve access speed for users regardless of their location.

Policy Based Authentication

Requires all users, both internal and external, to be authenticated and continuously validated for security configuration and posture before being granted access to data and applications.

Infrastructure as Code (IaC)

Is a key practice in cloud computing and DevOps that involves managing and provisioning computing infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools that enables IT infrastructure to be automatically managed, monitored, and provisioned through code, improving consistency, efficiency, and reducing manual errors.

IKE

Protocol used to set up a secure, authenticated communication channel between two parties that is commonly employed in VPN (Virtual Private Network) environments to establish security associations (SAs) that provide the necessary encryption and authentication.

Routing

the process of selecting paths in a network along which to send network traffic by devices known as routers, which use routing tables and algorithms to determine the most efficient path for data packets to travel from their source to their destination.

EIGRP

an advanced distance-vector routing protocol Cisco proprietary combines features of both distance-vector and link-state protocols that provides rapid convergence and efficiency with less bandwidth usage and supports multiple network layer protocols.

Administrative Distance

Metric used to rank the trustworthiness of routes received from different routing protocols where Lower values indicate more preferred routes, helping routers decide which routes to use when multiple paths to the same destination exist from different sources.

Network Address Translation (NAT)

A method used to modify network address information in IP packet headers while in transit across a traffic routing device, typically for the purpose of remapping one IP address space into another and allows multiple devices on a private network to access the internet using a single public IP address, enhancing security by hiding internal IP addresses from the external network.

VRRP/FHRP

A protocol that allows for automatic assignment of available routers to participating hosts, ensuring continuous network availability even if one router fails where First Hop Redundancy Protocol (FHRP is a general term for protocols like VRRP that provide the ability to automatically failover to a backup router in case of the primary router failure, minimizing downtime and maintaining network resilience.

VLAN

A subgroup within a network that combines a group of devices from multiple physical LAN segments, allowing them to communicate as if they were on the same physical LAN, enhancing network management and security by isolating broadcast domains in a layer 2 network.

VLAN Database

Where VLAN configurations are stored on a network device, such as a switch which includes information like VLAN IDs and associated properties, enabling the switch to organize and manage network traffic accordingly.

Switch Virtual Interface

A virtual interface on a switch that provides Layer 3 processing for VLANs allowing the switch to route traffic between VLANs by assigning IP addresses to VLAN interfaces, essentially enabling inter-VLAN routing on layer 2 switches.

Native VLAN

The default VLAN on a trunk port that carries untagged traffic and is essential for ensuring that untagged traffic from older devices that don't support VLAN tagging is still routed correctly.

Port Tagging/802.1Q

Based on the IEEE 802.1Q standard, it's a method of inserting a VLAN identifier into Ethernet frames to distinguish between different VLANs on a trunk link by allowing multiple VLANs to share a single physical connection, enabling efficient use of network resources and traffic segregation.

Spanning Tree Protocol

helps prevent network loops in a network's Ethernet topology by creating a spanning tree that logically blocks redundant paths while if a network link fails, STP recalculates the paths and unblocks necessary links to ensure network traffic can still be routed effectively, maintaining network reliability and performance.

WiFi channels

are subdivisions of the frequency bands used for wireless communication, allowing multiple networks to operate simultaneously without interference while the availability and allowed channels can vary by country, subject to regulatory impacts that dictate the specific channels and power levels that can be used.

Band Steering

a network management technology that automatically detects wireless devices capable of dual-band operations and steers them to the less congested 5 GHz or 6 GHz band, helping to balance the network load, maximize throughput, and improve overall wireless performance by minimizing interference found more commonly in the 2.4 GHz band

BSSID

the MAC address for a wireless access point (AP) and is used to differentiate one AP within a larger network or between multiple networks, as it helps client devices identify and connect to the specific physical device providing the network service

ESSID

is used to identify a set of interconnected access points as a single network in larger WiFi deployments that that all APs in an Extended Service Set (ESS) share to allow seamless connectivity for client devices as they move between APs and facilitating the creation of large, scalable wireless networks

Important Installation Implications

The selection of IDF and MDF locations affects accessibility, maintenance, and future expansion capabilities, as the choice of location for network installations impacts signal quality, network speed, and system reliability.

Intermediate Distribution Frame (IDF)

acts as a secondary hub in network infrastructure, positioned to reduce the distance data must travel between the MDF and end users while typically located on each floor or section of a building to handle local network traffic, enhancing performance and reducing latency.

Power Distribution Units (PDUs)

are devices designed to distribute electric power to various components within a network or data center and can range from simple power strips to complex units providing remote monitoring and control over multiple power outlets.

Humidity Control

Essential to prevent corrosion and static electricity buildup, which can damage network components, where Maintaining relative humidity within a specified range helps protect sensitive electronic equipment and ensures optimal performance.

Common Documentation

Encompass visual and textual records essential for the design, management, and troubleshooting of network infrastructures that are crucial for ensuring clarity and consistency across IT and network teams.

Physical Network Diagram

Illustrates the physical connections between network devices such as routers, switches, and firewalls, as well as their physical locations to help in understanding the layout of the network hardware and facilitates troubleshooting and network maintenance.

Rack Diagram

Provides a detailed view of the equipment mounted in server racks, including servers, switches, routers, and other networking devices supporting space management, airflow planning, and the organization of physical assets within data centers or server rooms.

Asset Inventory in Network Management

Critical for managing the hardware, software, and licensing of network resources effectively that helps in strategic planning, compliance, and budgeting for upgrades and maintenance.

IP Address Management (IPAM)

Is a crucial tool for organizing, tracking, and managing the IP address space within a network that helps prevent IP conflicts by providing a clear inventory of allocated and available IP addresses, supports the integration and management of DHCP and DNS services, and enhances network reliability and security through meticulous tracking of IP address assignments.

Purpose of Wireless Survey

assesses the coverage and performance of a wireless network within a specified area, identifies the optimal placement for access points and detects areas of signal weakness or interference

Decommissioning of Network Assets

the safe removal and disposal of outdated or unnecessary network equipment that ensures data is securely erased and hardware is disposed of in an environmentally friendly manner, following legal and regulatory guidelines to mitigate risks associated with data breaches and environmental impact

Configuration Management

maintenance and control of all hardware and software configurations within an IT infrastructure by ensuring that the system operates as intended by maintaining consistency of performance and security settings across all network devices.

SNMP Traps

SNMP are unsolicited messaged sent from an SNMP enabled device to a management station, notifying it of significant events or conditions while enabling proactive monitoring and alerting, allowing administrators to respond quickly to potential issues.

Security Information and Event Management (SIEM)

provide real-time analysis of security alerts generated by network hardware and applications to aggregates and correlates log data, enabling automated alerting and reporting, and supports proactive security measures by identifying potential threats based on unusual activity patterns.

API Integration in Network Management

allows the use of seamless integration between different software systems while facilitating automated network configurations, data extraction, and the synchronization of network management tools, enhancing efficiency and scalability

Network Solutions

Encompass various tools and techniques used to manage, monitor, and secure the network infrastructure to ensure optimal network performance, security, and reliability through continuous oversight and proactive management.

Recovery Point Objective (RPO)

The maximum acceptable amount of data loss measured in time before a disaster occurs that determines the maximum age of files that must be recovered from backup storage for normal operations to resume without significant losses.

Recovery Time Objective (RTO)

The targeted duration of time and a service level within which a business process must be restored after a disaster or disruption to avoid unacceptable consequences associated with a break in business continuity definingthe maximum allowable downtime after an incident.

Cold Site

A backup location that has the necessary infrastructure to support IT operations (like power and networking) but does not have the servers, storage, or other equipment set up until needed being the least expensive and takes the longest time to become operational after a disaster.

DHCP reservation

A DHCP reservation is a specific IP address within a DHCP scope that is reserved for use by a specific device, identified by its MAC address to ensure the device receives the same IP address every time

Lightweight Directory Access Protocol

To translate domain names to IP addresses where it stores information about users, groups, and devices while supporting strong authentication and encryption.

AAAA Record

A type of DNS record maps a domain name to its corresponding IPv6 address, which accommodates the longer numeric addresses used by the newer IPv6 protocol.

Nameserver (NS) Record

Is that these records identify the DNS servers responsible for a specific domain, indicating authoritative servers that can answer queries for the domain.

Software defined networking (SDN)

An Innovative networking paradigm that decouples the network control and forwarding functions while enabling network management through software applications.

Internet Control Message Protocol (ICMP)

is used for sending diagnostic or control messages between network devices, helping manage and troubleshoot network issues by being utilized for error reporting, such as unreachable hosts or network segments, and for operational queries like echo requests and replies (used by tools like ping).

Deception Technologies

security measures designed to mislead attackers and gather intelligence on their activities where They involve creating decoy systems or networks that mimic real assets, enticing attackers to engage with them and revealing their tactics and techniques.

Least Privilege

requires that users, programs, or processes operate using the minimum set of privileges necessary to complete their tasks, reducing the risk of accidental or malicious misuse of legitimate privileges, significantly enhancing system security by limiting access to sensitive information and critical functions.

Approach Multiple Problems Individually

A methodical approach prevents confusion and ensures that each problem is thoroughly resolved before moving on to the next during Troubleshooting methodology.

Route Selection

A critical process in network routing that determines the best path for data to travel from source to destination using specific criteria such as administrative distance, prefix length, and metric to choose the most efficient route.

Never Trust, Always Verify

The principle of