Comptia Network+ N10-009 Exam Objectives

Switch

Type:

Physical or Virtual device

What it does:

Connects devices within the same network (LAN) and forwards data based on MAC addresses, sending traffic only to the intended device.

Key facts:

Operates at the Data Link layer (2); this is more efficient than old hubs.

Firewall

Type:

Physical or Virtual device/software

What it does:

Monitors and controls incoming/outgoing traffic based on security rules to block unauthorized access.

Key fact:

Can be stateful (tracks connections) and protects against threats.

Intrusion Detection System (IDS)

Type:

Physical or Virtual device/software

What it does:

Monitors network traffic for suspicious activity and alerts administrators (passive).

Key fact:

Detects but does not block threats; Often placed out of the main traffic path.

Intrusion Prevention System (IPS)

Type:

Physical or Virtual device/software.

What it does:

Monitors traffic like IDS but actively blocks or prevents malicious activity in real-time.

Key fact:

inline device that can stop attacks automatically.

Load Balancer

Type:

Physical or Virtual device/software

What it does:

Distributes incoming network traffic across multiple servers to prevent overload and improve performance/reliability.

Key facts:

Uses methods like round-robin or least connection.

Proxy Server

Type:

Device or software (often virtual)

What it does:

Acts as an intermediary between clients and servers; can Cache content, Filter requests, Hide IPs, or Improve security.

Key fact:

Forward proxy (for clients), reverse proxy (for servers).

Network Attached Storage

Type:

Physical Device

What it does:

Provides file-level storage over a network for easy sharing and access by multiple users/devices.

Key fact:

Connects via Ethernet; Simpler than SAN for home/small offices.

Storage Area Network

Type:

Network (often with dedicated devices)

What it does:

High-speed network providing block-level storage access, typically for enterprise databases/servers.

Key fact:

Uses protocols like Fibre Channel; Faster and more scalable than NAS.

Wireless Access Point

Type:

Physical Device

What it does:

Allows wireless devices to connect to a wired network using Wi-Fi.

Key fact:

Extends network coverage; Can be standalone or managed.

Wireless Controller

Type:

Physical or Virtual device

What is does:

Centrally manages multiple wireless access points, handling configuration, security, and performance.

Key fact:

Ideal for large wireless networks like offices or campuses.

Content Delivery Network (CDN)

Type:

Application/service (distributed network)

What it does:

Delivers web content (videos, images, pages) from servers closest to the user for faster loading.

Key fact:

Reduces latency; Used by sites like Netflix.

Virtual Private Network (VPN)

Type:

Function/service

What it does:

Creates a secure, encrypted tunnel over public networks for private remote access.

Key fact:

Hides your traffic and allows safe connection to private networks.

Quality of Service

Type:

Function

What it does:

Prioritizes certain network traffic (e.g. voice/video over downloads) for better performance.

Key fact:

Prevents critical apps from lagging during congestion.

Time To Live (TTL)

Type:

Function (field in IP packets)

What it does:

A counter that decreases with each hop; Prevents packets from looping forever in the network.

Key fact:

When TTL reaches 0, the packet is discarded.

Network Functions Virtualization (NFV)

Type:

Technology/Function

What it does:

Replaces dedicated hardware appliances (like routers or firewalls) with software-based virtual versions running on standard servers.

Key fact:

Enables faster deployment, cost, savings, and easier scaling in networks.

Virtual Private Cloud (VPC)

Type:

Virtual Service

What it does:

A logically isolated section of a public cloud where you can provision resources like servers and databases in your own defined virtual network.

Key fact:

Combines the scalability of public cloud with the control of a private environment (e.g. AWS VPC).

Network Security Groups (NSG)

Type:

Virtual security feature

What it does:

Acts as a virtual firewall to control inbound and outbound traffic to cloud resources like virtual machines or subnets.

Key fact:

Commonly used in Azure; Filters based on source/destination IP, Port, and protocol.

Network Security Lists

Type:

Virtual security feature

What it does:

Defines ingress and egress rules to control traffic to and from instances in a virtual cloud network.

Key fact:

Used in Oracle Cloud Infrastructure; Similar to security groups but applied at the subnet level.

Cloud Gateways

Type:

Virtual or Physical devices/services

What it does:

Serve as entry/exit points connecting on premises networks or other clouds to a cloud provider's environment.

Key fact:

Handles routing, security, and protocol translation for hybrid setups.

Internet Gateway

Type:

Virtual device

What it does:

Enables resources in a virtual private cloud to access the internet and allows internet traffic to reach those resources.

Kay fact:

Highly available and scalable; Required for public-facing applications in clouds like AWS.

Network Address Translation Gateway (NAT Gateway)

Type:

Virtual service

What it does:

Allows instances in private subnets to initiate outbound internet traffic while preventing unsolicited inbound connections.

Kay fact:

Performs NAT to map private IPs to public ones; Managed service in clouds like AWS.

Direct Connect - Cloud connectivity

Type:

Function/service

What it does:

Provides a dedicated private network connection from on-premises to the cloud, bypassing the public internet for higher bandwidth and reliability.

Kay fact:

Offered by providers like AWS (direct connect) or Azure (ExpressRoute); Ideal for large data transfers.

Public Deployment Model

Type:

Cloud model

What it does:

Delivers computing resources over the public internet, shared among multiple users from a provider's infrastructure.

Key fact:

Cost-effective and scalable (e.g. AWS, Google Cloud); No hardware ownership.

Private Deployment Model

Type:

Cloud Model

What it does:

Provides dedicated infrastructure for a single organization, either on-premises or hosted by a provider.

Key fact:

Offers maximum control and security; Suits regulated industries.

Hybrid Deployment Model

Type:

Cloud model

What it does:

Combines public and private clouds, allowing data and apps to move between them for flexibility.

Key fact:

Balances cost, scalability, and security; Common for bursting workloads to public clouds.

Software As A Service (SaaS)

Type:

Cloud service model

What it does:

Delivers fully managed applications over the internet on a subscription basis (e.g. email, CRM).

Key fact:

No installation needed; Examples include Google Workspace or Salesforce.

Infrastructure As A Service (IaaS)

Type:

Cloud service model

What it does:

Provides virtualized computing resources like servers, storage, and networking on-demand.

Key fact:

Users manage OS and apps; Examples include AWS EC2 or Azure VMs.

Platform As A Service (PaaS)

Type:

Cloud service model.

What it does:

Offers a platform for developing, running, and managing applications without handling underlying infrastructure.

Key fact:

Focuses on app development; Examples include Heroku or Google App Engine.

Scalability

Type:

Function/Characteristic

What it does:

Allows a system to handle increased load by adding resources, either vertically (more power) or horizontally (more instances).

Key fact: Essential for growing applications; Measured in ability to expand without redesign.

Elasticity

Type:

Function/Characteristic

What it does:

Automatically scales resources up or down based on demand, often real-time.

Key fact:

A subnet of scalability; Key in clouds for cost optimization (e.g. Auto-scaling groups).

Multitenancy

Type:

Function/Characteristic

What it does:

Enables multiple customers (tenants) to share the same infrastructure or application while keeping data isolated.

Key fact:

Core to cloud efficiency; Ensures security and privacy through virtualization.

File Transfer Protocol (FTP)

Type:

Application protocol/File transfer

What it does:

Allows the transfer of files between a client and a server over a network, supporting commands for uploading, downloading, and managing files.

Key fact:

Operates in active or passive mode; Transmits data in plain text (insecure). commonly uses ports 20 (data) and 21 (control).

Secure File Transfer Protocol (SFTP)

Type:

Application protocol/ Secure file transfer

What it does:

Provides secure file transfer capabilities over an encrypted SSH connection, supporting file upload, download, and management with encryption.

Key fact:

Part of the SSH protocol suite; All traffic is encrypted; Uses port 22 (same as SSH).

Secure Shell (SSH)

Type:

Application protocol/ Remote access

What it does:

Provides secure remote login and command execution on a remote host, along with secure tunneling for other protocols.

Key fact:

Replaces insecure protocols like Telnet; Uses strong encryption and authentication; Defualt port 22 (same as SFTP).

Telnet

Type:

Application protocol/ Remote access.

What it does:

Enables remote reminal access to a host for command-line interaction.

Key fact:

Transmits all data (including passwords) in plain text (highly insecure); Largely obsolete; Uses port 23.

Simple Mail Transfer Protocol (SMTP)

Type:

Application protocol/ Email delivery.

What it does:

Handles the sending and relaying of email messages between mail servers and from clients to servers.

Key fact:

Responsible for outbound email only; Plain text by default; Standard port 25 (or 587 for submission).

Secure Simple Mail Transfer Protocol (SMTPS)

Type:

Application protocol/ Secure email delivery.

What it does:

Provides encrypted transmission of email using SSL/TLS for SMTP traffic.

Key fact:

Encrypts the entire SMTP session; Prevents eavesdropping on email transmission; Commonly uses port 465 (implicit TLS) or 587 (STARTTLS).

Domain Name System (DNS)

Type:

Application protocol/ Name resolution.

What it does:

Translates human-readable domain names (e.g. example.com) into IP addresses.

Key fact:

Critical for internet navigation; Can be vulnerable to spoofing/DNS hijacking; Uses port 53 (UDP for queries, TCP for zone transfers).

Dynamic Host Configuration Protocol (DHCP)

Type:

Application protocol/ IP assignment.

What it does:

Automatically assigns IP addresses, subnet masks, gateways, and other network configuration parameters to devices on a network.

Key fact:

Simplifies network administration; Uses broadcast discovery; Ports 67 (server) and 68 (client), UDP.

Trivial File Transfer Protocol (TFTP)

Type:

Application protocol/ Simple file transfer.

What it does:

Provides a lightweight, connectionless method for transferring files, often used for booting devices or firmware updates.

Key fact:

No authentication or encryption; Faster but less reliable than FTP; Uses port 69 (UDP).

Hypertext Transfer Protocol (HTTP)

Type:

Application protocol/Web communication.

What it does:

Facilitates the transfer of web pages and resources between clients (browsers) and servers.

Key fact:

Stateless protocol; Transmits data in plain text (insecure); Default port 80.

Hypertext Transfer Protocol Secure (HTTPS)

Type:

Application protocol/ Secure web communication

What it does:

Provides encrypted HTTP communication using SSL/TLS to protect data in transit.

Key fact:

Essential for secure websites (e.g. e-commerce); Uses certificates for authentication; Default port 443.

Network Time Protocol (NTP)

Type:

Application protocol/ Time synchronization.

What it does:

Synchronizes clocks of computers and network devices to a reference time source.

Key fact:

Critical for logging, authentication, and security; Stratum levels indicate accuracy; Uses port 123 (UDP).

Simple Network Management Protocol (SNMP)

Type:

Application protocol/Network management.

What it does:

Collects and organizes information about managed devices on IP networks for monitoring and configuration.

Key fact:

Versions 1/2c are insecure; Version 3 add encryption/authentication; Uses ports 161 (agent) and 162 (traps), UDP.

Lightweight Directory Access Protocol (LDAP)

Type:

Application protocol/Directory service.

What it does:

Accesses and maintains distributed directory information services (e.g. user authentication databases) over a network.

Key fact:

Used by Active Directory, OpenLDAP; Query-based protocol; Default port 389.

Lightwieght Directory Access Protocol over SSL (LDAPS)

Type:

Application protocol/ Secure directory service.

What it does:

Provides encrypted LDAP communication using SSL/TLS.

Key fact:

Secures sensitive directory data (e.g credentials); Also called LDAP over TLS; Default port 636.

Server Message Block (SMB)

Type:

Application protocol/File/Printer sharing.

What it does:

Enables file sharing, printer sharing, and network resource access primarily in Windows environments.

Key fact:

Versions 2/3 have security improvements; Vulnerable to exploits like EternalBlue; Default ports 137-139 (NetBIOS) and 445 (direct).

Syslog

Type:

Application protocol/Logging.

What it does:

Standard protocol for message logging, allowing devices to send event notification messages to a central server.

Key fact:

Used for system monitoring and troubleshooting; Traditionally unencrypted; Port 514 (UDP/TCP).

Structured Query Language Server (SQL Server)

Type:

Application service/Database.

What it does:

Microsoft's relational database management system (RDBMS) that accepts database request via SQL queries.

Key fact:

Commonly refers to Microsoft SQL server; Listens for client connections; Default port 1433 (TCP)

Remote Desktop Protocol (RDP)

Type:

Application protocol/Remote desktop.

What it does:

Allows remote control of a computer's desktop interface, primarily in Windows.

Key fact:

Provides graphical remote access; Can be vulnerable if exposed publicly; Default port 3389.

Session Initiation Protocol (SIP)

Type:

Application Protocol/ VoIP signaling.

What it does:

Establishes, modifies, and terminates multimedia sessions such as voice and video calls over IP networks.

Key fact:

Core protocol for VoIP; Often used with RTP for media; Default port 5060 (UDP/TCP), 5061 for TLS.

Transmission Control Protocol (TCP)

Type:

Transport layer protocol (Layer 4).

What it does: Provides reliable, ordered, and error-checked delivery of data streams between applications.

Key fact:

Connection-oriented with three0way handshake; Guarantees delivery; Used by HTTP, FTP, SMTP, etc.

User Datagram Protocol (UDP)

Type:

Transport layer protocol (Layer 4)

What it does:

Enables connectionless transmission of datagrams with minimal overhead and no guaranteed delivery.

Key fact:

Faster than TCP but unreliable; Used for DNS, DHCP, NTP, VoIP; No handshake or retransmission.

Internet Control Message Protocol (ICMP)

Type:

Network layer protocol (layer 3).

What it does:

Reports errors and diagnostic infromation for IP networks (e.g. ping uses ICMP echo).

Key fact: User for troubleshooting (traceroute, ping); Does not carry application datal Often blocked for security.

Generic Routing Encapsulation (GRE)

Type:

Tunneling protocol.

What it does:

Encapsulates a wide variety of network layer protocols inside virtual point-to-point links over IP.

Key fact:

Creates tunnels for VPNs; No encryption by itself; IP protocol number 47.

Internet Protocol Security (IPsec)

Type:

Security protocol suite.

What it does:

Secures UP communications by authenticating and encrypting each IP packet in a session.

Key fact: Operates at layer 3; Uses AH and ESP modes; Often combined with IKE for key exchange.

Authentication Header (AH)

Type:

IPsec component.

What it does:

Provides connectionless integrity, data origin authentication, and optional anti-replay protection for IP packets.

Key fact:

Part of IPsec; Does not encrypt payload (only authenticates); UP protocol 51.

Encapsulating Security Payload (ESP)

Type:

IPsec component.

What it does:

Provides confidentiality (encryption), data origin authentication, integrity, and anti-replay for IP packets.

Key fact:

Core of IPsec encryption; Can be used alone or with AH; IP protocol number 50.

Internet Key Exchange (IKE)

Type:

Key management protocol.

What it does:

Establishes and maintains shared security parameters and authentication keys for IPsec (SA negotiation).

Key fact:

Uses UDP port 500 (and 4500 for NAT-T); Versions IKEv1 and IKEv2.

Unicast

Type:

Traffic type/ Addressing.

What it does:

Delivers data from one sender to one specific receiver (one-to-one).

Key fact:

most common internet traffic (e.g. web browsing, email); Uses standard IP addresses.

Multicast

Type:

Traffic Type/ Addressing.

What it does:

Sends data from one sender to multiple specific receivers who have joined a group (one-to-many).

Key fact:

efficient for streaming/video conferencing; Uses IP addresses 224.0.0.0-239.255.255.255.

Anycast

Type:

Traffic type/Addressing.

What it does:

Routes data from one sender to the nearest receiver in a group sharing the same IP address (one-to-nearest).

Key fact:

Used for load balancing (e.g. DNS root servers, CDNs). Same address on multiple nodes.

Broadcast

Type:

Traffic type/Addressing.

What it does:

Sends data from one sender to all devices an a local network segment (one-to-all).

Key fact:

Limited to local broadcast domain (255.255.255.255 or subnet directed); Used by ARP, DHCP.