CompTIA Network+ (N10-009) (Concise) (Personal) (Continuously Editing)

Personal flash cards based on what I got wrong and need to study more. I frequently edit and update them to try to get only Net+ Necessary info while being concise (15-20 words max). Terms and definitions largely based on DionTraining's Udemy exams

Network Baseline

• Documented measurement of normal network performance & traffic

• Used to detect abnormalities, misconfigurations, or security incidents

Dedicated Leased Line

• Private WAN connection between sites

• Dedicated bandwidth (not shared)

• Low latency & high reliability

• Common for site-to-site connectivity

Duplex Mismatch

• Devices use different duplex settings

• One full-duplex, one half-duplex

• Causes collisions & CRC errors

• Often appears under high traffic

DSCP (Differentiated Services Code Point)

• QoS marking in IP header

• Operates at OSI Layer 3

• Used to prioritize & classify network traffic

CoS (Class of Service)

• QoS marking in Ethernet frame (layer 2)

• Classifies/Prioritizes traffic

• Ensuring QoS for VoIP/video/data

• Uses 802.1Q VLAN tag priority

VXLAN VLAN scalability solution

• Uses 24-bit VXLAN Network Identifier (VNI)

• ~16 million segments

• VLANs (12 bit) limited to 4096

Data Center Interconnect (DCI)

• Connects data centers together

• Enables

  • Workload mobility

  • Replication

• Shares resources

• Synchronizes data

• Best implemented with VXLANs

Default Route

• Used when destination not in routing table

• Sends traffic to default gateway (next-hop router)

• Typically toward internet

• IPv4: 0.0.0.0/0

• IPv6: ::/0

Missing or Misconfigured Default Route (Symptoms)

• Local subnet communication works

• Other internal networks may work

• Internet access fails

• No route for unknown destinations

Fibre Channel (FC)

• High-speed storage networking technology

• Use:

  • Storage Area Networks (SANs)

• Connects servers to storage devices

• Reliable, low-latency data transfer

Ad Hoc vs Mesh Wireless Networks

• Ad Hoc:

  • Peer-to-peer

  • Direct communication only

• Mesh:

  • Nodes

    • Interconnect with multiple nodes

    • Relay traffic for other nodes (multi-hop routing)

Ad Hoc wireless network

• Peer-to-peer wireless network

• Direct connect between devices

• No access point/central controller

• Supports multiple participating devices

Routing Convergence Time

• Time required for routers to agree on best paths after a topology change

  • Or the network state of convergence

NIDS (Network Intrusion Detection System)

• Monitors network traffic

• Detects:

  • Suspicious activity

  • Potential attacks

  • Policy violations

• Alerts but doesn’t block traffic

• Uses signatures/anomaly detection

Best Remediation Methods for Embedded ICS (Network-Based Compromise)

• Segmentation (isolates ICS from main network)

• Disable unused services (reduces attack surface)

• Bad: Patching often ineffective (ICS updates rare/unavailable)

Disabling Unused Services (ICS Security)

• Reduces exposed attack surface

• Many ICS devices run unnecessary default services

• Disabling limits compromise paths

Network Segmentation (ICS Security)

• Isolates ICS devices from main network

• Limits attacker lateral movement

• Reduces exposure to network-based attacks

• Common ICS protection strategy

Industrial Control System (ICS)

• Used in manufacturing, utilities, & infrastructure

• Often embedded devices with specialized software

• Frequently difficult to patch/update

Route Poisoning

• Distance-vector loop prevention method

• Failed route advertised with infinite metric

• Marks route as unreachable

• Propagates failure information to neighbors

Hold-Down Timer

• Prevents route updates for a period

• Activated after route failure detected

• Allows network time to converge

• Helps prevent routing loops

Unicast (IP Communication)

• One sender, one receiver

• Standard host-to-host communication

• Supported in IPv4 & IPv6

Multicast (IP Communication)

• One sender, multiple specific receivers

• Devices join multicast group

• Supported in IPv4 & IPv6

Broadcast (IP Communication)

• One sender, all devices on network segment

• Used in IPv4 networks

• Not used in IPv6

Anycast (IPv6 Communication)

• One sender, nearest receiver in group

• Multiple devices share same address

• Router delivers packet to logically closest destination

• Used in IPv6

Tx and Rx (Fiber Optics)

• Tx (Transmit): sends optical signal

• Rx (Receive): receives optical signal

• Fiber links often require two separate fibers (transmit & receive)

ST Connector (Straight Tip)

• Fiber connector

• Bayonet twist-lock

• Separate connectors for Tx & Rx

• Common in LAN fiber installations

MT-RJ Connector

• Duplex fiber connector

• Single connector/ferrule housing Tx & Rx fibers

• Common on switches & network devices

• Similar size to RJ-45

Forward DNS Zone

• Maps domain names to IP addresses

• Used for normal DNS name resolution

• Example: example.com → 192.168.1.10

Reverse DNS Zone

• Maps IP addresses to domain names

• Used for reverse lookups

• Uses PTR records

Primary DNS Zone

• Read-write DNS zone

• Stores original DNS records

• Accepts direct updates

Secondary DNS Zone

• Read-only copy of primary zone

• Obtained through zone transfer

• Provides redundancy and load distribution

Authoritative DNS Zone

• DNS server has authority to manage DNS records for specific domain

Port Security

• Limits what devices can connect to switch interface/port

• Based on MAC addresses

• Disables port/sends alert if unknown device connected

Sticky MAC/Persistent MAC

• Port security feature on switches

• Enables interface to permanently retain dynamically learned MAC addresses

• Locks authorized devices to specific ports

Port Mirroring/SPAN (Switched Port Analyzer)/Traffic mirroring

• Switch duplicates traffic from source port(s)/VLANs

  • Copies to monitoring port

• Use:

  • Packet capture

  • Traffic analysis

• Original traffic flow unaffected

Spectrum Analyzer

• Analyzes signal frequency spectrum

• Used for RF troubleshooting

• Identifies interference sources

• Not used for fiber break detection

Optical Time Domain Reflectometer (OTDR)

• Sends light pulses through fiber

• Measures reflected signal loss

• Calculates fault distance

• Tests overall fiber integrity

Visual Fault Locator (VFL)

• Uses visible laser light

• Identifies fiber breaks

• Detects sharp bends and micro-bends

• Pinpoints fault location visually

802.1X

• Network access control framework

• Uses WPA-Enterprise

• Uses EAP for authentication

• Communicates with RADIUS

• Authenticates users, not shared keys

EAP (Extensible Authentication Protocol)

• Authentication framework

• Used within 802.1X

• Supports multiple authentication methods

• Used in WPA-Enterprise environments

EAP-TTLS

• EAP method using tunneled TLS

• Creates encrypted tunnel first

• Client authenticates inside tunnel

• Often uses username/password

MSCHAPv2

• Password-based authentication protocol

• Often used inside EAP methods

• Provides mutual authentication

• Used with 802.1X environments

Central Repository (IaC)

• Shared storage for configuration files

• Enables team collaboration

• Supports version control (e.g., Git)

• Single source of truth

Configuration Management (IaC)

• Maintains systems in desired state

• Automates configuration enforcement

• Detects & remediates drift

• Manages updates across infrastructure

Continuous Integration (CI)

• Automatically integrates code changes

• Runs automated tests on commits

• Validates changes before deployment

• Uses shared repository workflow

Template-Based Configuration (IaC)

• Uses predefined configuration templates

• Standardizes infrastructure deployment

• Reduces manual configuration errors

• Promotes repeatability

Three-Tier Network Model

• Each layer has own features & functionality

• Improves scalability, reliability, & performance

• Layers:

  • Access

  • Distribution

  • Core

Access Layer of 3 tier model

• End-user connectivity

• Controls access to network resources

• Layer 2 switching

Distribution Layer of 3 tier model

• Communication point between access & core layer

• Routes

• Filters traffic

• WAN access

• Controls access between segments

Core Layer of 3 tier model

• High-speed network backbone

• Fast packet switching

• Provides interconnectivity between distribution layer devices

Rollover Cable Pinout

• Used for PC to (e.g. router) console connections

• Completely reversed pinout:

  • 1 → 8

  • 2 → 7

  • 3 → 6

  • 4 → 5

  • 5 → 4

  • 6 → 3

  • 7 → 2

  • 8 → 1

Patch Cable (Straight-Through) Pinout

• 1 → 1

• 2 → 2

• 3 → 3

• 4 → 4

• 5 → 5

• 6 → 6

• 7 → 7

• 8 → 8

T568A or T568B on both ends

Crossover Cable Pinout

• Pinout crosses transmit/receive pairs:

  • 1 → 3

  • 2 → 6

  • 3 → 1

  • 6 → 2

• 4,5,7,8 stay the same

• One end T568A, other end T568B

NS (Name Server) record

• Specifies authoritative DNS servers for a domain

• indicates which servers are responsible for resolving that domain’s DNS records

TXT record

• Stores text in DNS

• Commonly used for SPF, DKIM, & domain verification

• Enhances email security & ownership validation

EIGRP automatic summarization

• Automatically summarizes routes at classful network boundaries

• Reduces number of routes advertised

• Decreases routing table size

TFTP (Trivial File Transfer Protocol)

• UDP

• Port 69

• Simple file transfers without authentication

FTP (File Transfer Protocol)

• TCP

• Port 21

• Standard file transfer

• Supports authentication

DNS (Domain Name System)

• Port 53

• (UDP and TCP)

• Translates domain names into IP addresses

SNMP (Simple Network Management Protocol)

• UDP

• Port 161, 162

• Manages/monitors network devices

• Collects performance/configuration data

3G

• Composed of:

  • HSPA+ (GSM)

  • EV-DO (CDMA)

4G cellular technology

• Composed of:

  • LTE

  • LTE-Advanced

Last octet of subnet mask to CIDR conversion

• X = IPs per subnet

• Y = Digits of last octet

• X = 2^{Host bits}

• 256 - X = Y

• 256 - Y = X

Repeaters and other devices

• Any active device that regenerates the signal works like a repeator

• Resets maximum cable length

• E.g. switch, hub, repeater

Examples of device hardening

• Changing default passwords

• Disabling unused ports/services

• Reduces exposed attack surface on network devices

Device hardening

• Reducing device’s attack surface

• By

  • Disabling unnecessary services

  • Changing insecure defaults

  • Restricting configuration to minimize exploitation risk

Reducing attack surface

• Decreases number of exposed entry points

• Strengthens remaining entry points by making them harder to exploit

Attenuation

• Gradual signal loss over distance or through media

• Reduces signal strength

• Potentially causes degraded or unreliable communication

Cable short

• Electrical fault where two conductors unintentionally connect

• Disrupts signal transmission

• Causing intermittent or complete connectivity failure

Lightweight Access Point (LAP)

• Access point managed by centralized wireless controller

• Enables:

  • Centralized configuration

  • Monitoring

  • Seamless roaming in large-scale deployments

Autonomous/Standalone Access Point

• Self-contained access point

• Configured & managed individually

• No central controller

• Suited for small deployments

• Not optimized for roaming

Mesh Access Point

• Access points that wirelessly connect to each other

• Extend coverage without wired backhaul connections

BPDU (Bridge Protocol Data Unit)

• Control frames used by Spanning Tree Protocol

• For:

  • Exchanging topology information

  • Detecting Layer 2 switching loops

Split horizon (Routing Rule)

• Prevents router from advertising route back out the interface it was learned on

• Prevent routing loops in distance-vector protocols

SSH (Secure Shell)

• Encrypted remote access protocol

• Used to securely manage network devices & servers

• Used over unsecured networks like Internet

Symptoms of man-in-the-middle (on-path) attack

• Unexpected certificate warnings

• Incorrect certificate details (or in other languages)

• Redirected traffic

Reflective DNS attack

• DDoS technique

• Attacker spoofs victim’s IP in DNS requests

• Causes DNS servers to flood victim with amplified responses

Required DHCP scope options for Internet access

• Must be provided for hosts to communicate internally & access Internet

  • IP address

  • Subnet mask

  • Default gateway

  • DNS server

T-568A vs T-568B Memory Guide

• Pins 4–5 (blue pair) stay the same

• Pins 7–8 (brown pair) stay the same

• Green & orange pairs swap positions between A & B

• T-568A → Green first

• T-568B → Orange first

T-568A pinout (Pin 1 → 8)

white/green, green, white/orange, blue, white/blue, orange, white/brown, brown

T-568B pinout (Pin 1 → 8)

white/orange, orange, white/green, blue, white/blue, green, white/brown, brown

AUP (Acceptable Use Policy)

• Defines permitted & prohibited use of organization’s network or systems

• Often requires user agreement before access

EULA (End-User License Agreement)

• Legal agreement between software vendor & user

• Outlines terms of software installation, use, & restrictions

SLA (Service-Level Agreement)

• Contract between service provider & customer

• Defines expected service performance, uptime, response times, & responsibilities

MOU (Memorandum of Understanding)

• Formal agreement outlining roles, intentions, or cooperation between parties

• Not a legally binding contract

STP switch port roles

• Define port's logical function in network topology

• Roles:

  • Root

  • Designated

  • Alternate

  • Blocked

• Prevents loops by controlling which ports forward traffic

STP port states

• Determines how port processes traffic

• Blocking stops traffic

• Forwarding allows frames

• Listening & learning prepare port before forwarding

NetFlow analyzer

• Collects, analyzes, synthesizes, and visualizes traffic flow data

• Helps identify traffic patterns, bandwidth usage, top talkers, & performance issues

802.1q

• Networking standard that supports VLANs

• Defines system for VLAN tagging ethernet frames

SNMPv3

• Adds authentication & encryption

• Ensures secure communication & data integrity

• Unlike SNMPv1/v2c which use plaintext community strings

RADIUS shared secret key

• Preconfigured password on client & server

• Provides secure connection

• Mismatch causes authentication requests to fail

  • Only local login possible

Unequal-cost load balancing

• Distributes traffic across multiple paths with different metric costs

• Supported by EIGRP

• Increases flexibility & efficiency of network resources

BGP and WAN redundancy

• Multihoming connects network to multiple ISP links

• BGP switches to redundant ISP WAN link if first fails

Endpoint characteristics evaluated by NAC

• Security Software Status

• Operating System & Patch Levels

• Device Identity & Profiling

• Configuration & Application Checks

• User, time, location & Behavioral Attributes

Geo-IP

• Identifies geographical region (down to city level) of device

• Based on its IP address

• Accuracy varies

• Easily tricked w/ VPN

Syslog severity levels

• 0: Emergency

• 1: Alert

• 2: Critical

• 3: Error

• 4: Warning

• 5: Notice

• 6: Informational

• 7: Debug

Routing metric

• Used within single routing protocol

• Chooses best path among its learned routes

• Doesn’t compare routes between different protocols

Administrative Distance (AD)

• Determines route trustworthiness based on each protocol’s reliability

• Compares routes from different protocols to same destination

• Lowest AD preferred

Pre-action fire suppression system

• Heat/smoke detector activation opens water valve

• Sprinkler activation separate

• Both must be tripped for water release

• Minimizes accidental release

Wet pipe system

• Pipes always filled w/ water

• Sprinkler head activation alone releases water

• Simple but higher accidental discharge risk