CompTIA Network+ (N10-009) – Core Vocabulary

Key vocabulary terms distilled from the CompTIA Network+ (N10-009) study notes, covering foundational concepts, protocols, security, troubleshooting, and modern networking practices. Use these flashcards to reinforce essential definitions and prepare for exam objectives.

CompTIA Network+

Vendor-neutral certification covering configuration, management, and troubleshooting of network infrastructure.

OSI Model

Seven-layer reference framework used to categorize network functions (Physical through Application).

TCP/IP Model

Practical four-layer model (Link, Internet, Transport, Application) underpinning modern networks.

Physical Layer

OSI Layer 1; transmits raw bits over a medium and defines cabling, connectors, and signaling.

Data Link Layer

OSI Layer 2; frames bits, performs MAC addressing, and handles error detection.

Network Layer

OSI Layer 3; responsible for logical addressing and routing using IP.

Transport Layer

OSI Layer 4; provides end-to-end communication with TCP (reliable) or UDP (unreliable).

Session Layer

OSI Layer 5; establishes, manages, and terminates sessions between hosts.

Presentation Layer

OSI Layer 6; formats, compresses, and encrypts data for the application layer.

Application Layer (OSI)

OSI Layer 7; interface where user applications access network services.

Protocol Data Unit (PDU)

Generic term for data at each OSI layer (bits, frames, packets, segments, data).

MAC Address

Unique 48-bit hardware address assigned to a network interface card (NIC).

IP Address

Logical 32-bit (IPv4) or 128-bit (IPv6) address used for host identification and routing.

Subnet Mask

Bitmask that separates the network portion from the host portion of an IPv4 address.

CIDR Notation

Slash format (/24) expressing how many bits are in the network prefix.

Default Gateway

Router IP address that a host uses to send traffic to other networks.

DHCP

Dynamic Host Configuration Protocol; automatically assigns IP settings to clients.

DNS

Domain Name System; translates human-readable names into IP addresses.

NTP

Network Time Protocol; synchronizes clocks across network devices.

TCP

Transmission Control Protocol; connection-oriented, reliable transport with three-way handshake.

UDP

User Datagram Protocol; connectionless, best-effort transport with minimal overhead.

ICMP

Internet Control Message Protocol; sends diagnostic and error messages (e.g., ping).

Socket

Combination of IP address and port number that uniquely identifies a network service.

Well-Known Ports

Port numbers 0–1023 reserved for common services (e.g., 80 HTTP, 443 HTTPS).

Registered Ports

Port numbers 1024–49151 assigned for specific applications by IANA.

Ephemeral Ports

Dynamic ports 49152–65535 chosen by clients for temporary connections.

HTTP

Hypertext Transfer Protocol; unencrypted web traffic on port 80.

HTTPS

Encrypted web traffic using SSL/TLS on port 443.

FTP

File Transfer Protocol; uses ports 20 (data) and 21 (control) to transfer files.

SFTP

SSH File Transfer Protocol; encrypted file transfer over port 22.

SMTP

Simple Mail Transfer Protocol; sends e-mail, port 25 (or 465/587 secure).

IMAP

Internet Message Access Protocol; retrieves e-mail while leaving it on the server, port 143 / 993 secure.

POP3

Post Office Protocol v3; downloads e-mail, port 110 / 995 secure.

SSH

Secure Shell; encrypted remote login and tunneling over port 22.

Telnet

Unencrypted remote terminal protocol on port 23 (insecure, replaced by SSH).

RDP

Remote Desktop Protocol; GUI remote access to Windows hosts on port 3389.

SNMP

Simple Network Management Protocol; monitors devices (UDP 161/162).

Syslog

Standard for sending event messages to a logging server (UDP 514).

Spanning Tree Protocol (STP)

Layer 2 protocol (802.1D) that prevents switching loops by blocking redundant paths.

VLAN

Virtual Local Area Network; logically segments Layer 2 broadcast domains on a switch.

Trunk Port

Switch port carrying traffic for multiple VLANs, typically using 802.1Q tagging.

Native VLAN

Untagged VLAN on an 802.1Q trunk; should match on both ends.

Voice VLAN

Dedicated VLAN configured to prioritize VoIP traffic.

Link Aggregation

Combines multiple physical links into one logical link for redundancy/bandwidth (LACP).

PoE

Power over Ethernet; delivers electrical power to devices through network cabling.

Collision Domain

Network segment where Ethernet frames can collide; each switch port is its own domain.

Broadcast Domain

Layer 2 area where a broadcast packet is forwarded; separated by routers or VLANs.

CIDR Subnetting Formula

Number of hosts per subnet = 2^h − 2, where h = host bits.

Private IPv4 Ranges

10.0.0.0/8, 172.16.0.0–172.31.255.255/12, 192.168.0.0/16 (RFC 1918).

Loopback Address

127.0.0.1 (IPv4) or ::1 (IPv6); used to test local TCP/IP stack.

APIPA

Automatic Private IP Addressing; 169.254.x.x self-assigned when DHCP fails.

SLAAC

Stateless Address Autoconfiguration; IPv6 hosts self-assign addresses using router advertisements.

Anycast

IPv6 addressing method where multiple devices share the same address; traffic goes to nearest host.

NAT

Network Address Translation; translates private IP addresses to public ones at a router or firewall.

PAT

Port Address Translation (NAT overload); many private IPs share one public IP using port numbers.

Routing Table

Data structure in a router listing destination networks and the next hop to reach them.

Administrative Distance

Metric that ranks the trustworthiness of routing information sources (lower = preferred).

OSPF

Open Shortest Path First; link-state IGP using cost metric.

RIP

Routing Information Protocol; distance-vector IGP using hop count.

BGP

Border Gateway Protocol; path-vector EGP that routes between autonomous systems on the Internet.

First Hop Redundancy Protocol (FHRP)

Provides default-gateway redundancy (e.g., HSRP, VRRP, GLBP).

HSRP

Hot Standby Router Protocol (Cisco); elects active/standby routers for gateway redundancy.

GRE Tunnel

Generic Routing Encapsulation; encapsulates many protocols in IP tunnels.

VPN

Virtual Private Network; encrypted tunnel over public networks for secure remote connectivity.

IPsec

Suite that secures IP traffic with authentication (AH) and encryption (ESP).

Split Tunnel

VPN setup where only corporate traffic passes through the tunnel; internet traffic goes directly out.

Captive Portal

Web page forcing authentication or agreement before granting network access.

WEP

Original Wi-Fi security using RC4; vulnerable and deprecated.

WPA2

Wi-Fi security standard using AES-CCMP; common in modern networks.

WPA3

Latest Wi-Fi security standard introducing SAE for stronger authentication.

SSID

Service Set Identifier; human-readable name of a Wi-Fi network.

RSSI

Received Signal Strength Indicator; measurement of wireless signal power at a client device.

Attenuation

Loss of signal strength as it travels through a medium.

Multipath

Phenomenon where RF signals reach a receiver via multiple paths, causing fading or distortion.

Cable Certifier

Tool that tests and documents cable performance to a given category standard.

OTDR

Optical Time Domain Reflectometer; locates faults and measures loss in fiber cables.

Loopback Plug

Connector that routes transmit pins to receive pins to test network interfaces.

Packet Sniffer

Software (e.g., Wireshark, tcpdump) that captures and analyzes network frames.

NetFlow

Cisco protocol exporting summarized flow statistics for traffic analysis.

SIEM

Security Information and Event Management platform aggregating logs and alerts for analysis.

Mean Time To Repair (MTTR)

Average time required to fix a failed component and restore service.

Mean Time Between Failures (MTBF)

Average operational time between inherent failures of a system.

RTO

Recovery Time Objective; maximum acceptable time to restore a service after an outage.

RPO

Recovery Point Objective; maximum acceptable data loss (time) measured in backups.

Hot Site

Fully equipped alternate location ready for immediate use after a disaster.

Patch Management

Process for assessing, testing, and deploying software updates to fix vulnerabilities.

Change Management

Formal process to request, assess, approve, and document modifications to IT systems.

Baseline Configuration

Documented, secure standard settings from which systems are deployed and measured.

Automation

Use of scripts or tools to perform repetitive tasks without human intervention.

Orchestration

Coordinating multiple automated tasks across systems to achieve a workflow.

Infrastructure as Code (IaC)

Managing and provisioning infrastructure via machine-readable definition files.

Git

Distributed version-control system for tracking changes in files and coordinating work.

REST API

Representational State Transfer interface using standard HTTP verbs and JSON payloads.

SNMP

Simple Network Management Protocol; queries and sets device parameters (v3 adds security).

Syslog Severity 0

Emergency – system is unusable; highest priority in syslog.

Syslog Severity 7

Debug – lowest priority informational messages for troubleshooting.

Ping

ICMP Echo utility verifying host reachability and measuring round-trip time.

Traceroute

Diagnostic tool displaying the path packets take to a destination hop by hop.

ARP Cache

Table mapping IP addresses to MAC addresses on a local host.

Split Horizon

Distance-vector technique preventing routing loops by not advertising a route back on the interface it was learned.