CompTIA Network+ Certification Exam N10-006 Objectives
1.0 Network Architecture1.1 Explain the functions and applications of various network devices.
• Router • Switch • Multilayer switch • Firewall • HIDS • IDS/IPS • Access point (wireless/wired) • Content filter • Load balancer • Hub • Analog modem • Packet shaper • VPN concentrator 1.2 Compare and contrast the use of networking services and applications. • VPN - Site-to-site/host-to-site/host-to-host - Protocols - IPsec - GRE - SSL VPN - PTP/PPTP • TACACS/RADIUS • RAS • Web services • Unified voice services • Network controllers 1.3 Install and configure the following networking services/applications. • DHCP - Static vs. dynamic IP addressing - Reservations - Scopes - Leases - Options (DNS servers, suffixes) - IP helper/DHCP relay • DNS - DNS servers - DNS records (A, MX, AAAA, CNAME, PTR) - Dynamic DNS • Proxy/reverse proxy • NAT - PAT - SNAT - DNAT • Port forwarding 1.4 Explain the characteristics and benefits of various WAN technologies. • Fiber - SONET - DWDM - CWDM • Frame relay • Satellite • Broadband cable • DSL/ADSL • ISDN • ATM • PPP/multilink PPP • MPLS • GSM/CDMA - LTE/4G - HSPA+ - 3G - Edge • Dialup • WiMAX • MetroEthernet • Leased lines - T-1 - T-3 - E-1 - E-3 - OC3 - OC12 • Circuit switch vs. packet switch 1.5 Install and properly terminate various cable types and connectors using appropriate tools. • Copper connectors - RJ-11 - RJ-45 - RJ-48C - DB-9/RS-232 - DB-25 - UTP coupler - BNC coupler - BNC - F-connector - 110 block - 66 block • Copper cables - Shielded vs. unshielded - CAT3, CAT5, CAT5e, CAT6, CAT6a - PVC vs. plenum - RG-59 - RG-6 - Straight-through vs. crossover vs. rollover • Fiber connectors - ST - SC - LC - MTRJ - FC - Fiber coupler • Fiber cables - Single-mode - Multimode - APC vs. UPC • Media converters - Single-mode fiber to Ethernet - Multimode fiber to Ethernet - Fiber to coaxial - Single-mode to multimode fiber • Tools - Cable crimpers - Punchdown tool - Wire strippers - Snips - OTDR - Cable certifier 1.6 Differentiate between common network topologies. • Mesh - Partial - Full • Bus • Ring • Star • Hybrid • Point-to-point • Point-to-multipoint • Client-server • Peer-to-peer 1.7 Differentiate between network infrastructure implementations. • WAN • MAN • LAN • WLAN - Hotspot • PAN - Bluetooth - IR - NFC • SCADA/ICS - ICS server - DCS/closed network - Remote terminal unit - Programmable logic controller • Medianets - VTC - ISDN - IP/SIP 1.8 Given a scenario, implement and configure the appropriate addressing schema. • IPv6 - Auto-configuration - EUI 64 - DHCP6 - Link local - Address structure - Address compression - Tunneling 6to4, 4to6 - Teredo, miredo • IPv4 - Address structure - Subnetting - APIPA - Classful A, B, C, D - Classless • Private vs. public • NAT/PAT • MAC addressing • Multicast • Unicast • Broadcast • Broadcast domains vs. collision domains 1.9 Explain the basics of routing concepts and protocols. • Loopback interface • Routing loops • Routing tables • Static vs. dynamic routes • Default route • Distance vector routing protocols - RIPv2 • Hybrid routing protocols - BGP • Link state routing protocols - OSPF - IS-IS • Interior vs. exterior gateway routing protocols • Autonomous system numbers • Route redistribution • High availability - VRRP - Virtual IP - HSRP • Route aggregation • Routing metrics - Hop counts - MTU, bandwidth - Costs - Latency - Administrative distance - SPB 1.10 Identify the basics elements of unified communication technologies. • VoIP • Video • Real-time services - Presence - Multicast vs. unicast • QoS - DSCP - COS • Devices - UC servers - UC devices - UC gateways 1.11 Compare and contrast technologies that support cloud and virtualization. • Virtualization - Virtual switches - Virtual routers - Virtual firewall - Virtual vs. physical NICs - Software-defined networking • Storage area network - iSCSI - Jumbo frame - Fibre Channel - Network attached storage • Cloud concepts - Public IaaS, SaaS, PaaS - Private IaaS, SaaS, PaaS - Hybrid IaaS, SaaS, PaaS - Community IaaS, SaaS, PaaS 1.12 Given a set of requirements, implement a basic network. • List of requirements • Device types/requirements • Environment limitations • Equipment limitations • Compatibility requirements • Wired/wireless considerations • Security considerations 2.0 Network Operations2.1 Given a scenario, use appropriate monitoring tools.
• Packet/network analyzer • Interface monitoring tools • Port scanner • Top talkers/listeners • SNMP management software - Trap - Get - Walk - MIBS • Alerts - SMS • Packet flow monitoring • SYSLOG • SIEM • Environmental monitoring tools - Temperature - Humidity • Power monitoring tools • Wireless survey tools • Wireless analyzers 2.2 Given a scenario, analyze metrics and reports from monitoring and tracking performance tools. • Baseline • Bottleneck • Log management • Graphing • Utilization - Bandwidth - Storage - Network device CPU - Network device memory - Wireless channel utilization • Link status • Interface monitoring - Errors - Utilization - Discards - Packet drops - Interface resets - Speed and duplex 2.3 Given a scenario, use appropriate resources to support configuration management. • Archives/backups • Baselines • On-boarding and off-boarding of mobile devices • NAC • Documentation - Network diagrams (logical/physical) - Asset management - IP address utilization - Vendor documentation - Internal operating procedures/ policies/standards 2.4 Explain the importance of implementing network segmentation. • SCADA systems/industrial control systems • Legacy systems • Separate private/public networks • Honeypot/honeynet • Testing lab • Load balancing • Performance optimization • Security • Compliance 2.5 Given a scenario, install and apply patches and updates. • OS updates • Firmware updates • Driver updates • Feature changes/updates • Major vs. minor updates • Vulnerability patches • Upgrading vs. downgrading - Configuration backup 2.6 Given a scenario, configure a switch using proper features. • VLAN - Native VLAN/default VLAN - VTP • Spanning tree (802.1d)/rapid spanning tree (802.1w) - Flooding - Forwarding/blocking - Filtering • Interface configuration - Trunking/802.1q - Tag vs. untag VLANs - Port bonding (LACP) - Port mirroring (local vs. remote) - Speed and duplexing - IP address assignment - VLAN assignment • Default gateway • PoE and PoE+ (802.3af, 802.3at) • Switch management - User/passwords - AAA configuration - Console - Virtual terminals - In-band/out-of-band management • Managed vs. unmanaged 2.7 Install and configure wireless LAN infrastructure and implement the appropriate technologies in support of wireless capable devices. • Small office, home office wireless router • Wireless access points - Device density - Roaming - Wireless controllers - VLAN pooling - LWAPP • Wireless bridge • Site surveys - Heat maps • Frequencies - 2.4 Ghz - 5.0 Ghz • Channels • Goodput • Connection types - 802.11a-ht - 802.11g-ht • Antenna placement • Antenna types - Omnidirectional - Unidirectional • MIMO/MU-MIMO • Signal strength - Coverage - Differences between device antennas • SSID broadcast • Topologies - Adhoc - Mesh - Infrastructure • Mobile devices - Cell phones - Laptops - Tablets - Gaming devices - Media devices |
3.0 Network Security3.1 Compare and contrast risk related concepts.
• Disaster recovery • Business continuity • Battery backups/UPS • First responders • Data breach • End user awareness and training • Single point of failure - Critical nodes - Critical assets - Redundancy • Adherence to standards and policies • Vulnerability scanning • Penetration testing 3.2 Compare and contrast common network vulnerabilities and threats. • Attacks/threats - DoS - Distributed DoS - Botnet - Traffic spike - Coordinated attack - Reflective/amplified - DNS - NTP - Smurfing - Friendly/unintentional DoS - Physical attack - Permanent DoS - ARP cache poisoning - Packet/protocol abuse - Spoofing - Wireless - Evil twin - Rogue AP - War driving - War chalking - Bluejacking - Bluesnarfing - WPA/WEP/WPS attacks - Brute force - Session hijacking - Social engineering - Man-in-the-middle - VLAN hopping - Compromised system - Effect of malware on the network - Insider threat/malicious employee - Zero-day attacks • Vulnerabilities - Unnecessary running services - Open ports - Unpatched/legacy systems - Unencrypted channels - Clear text credentials - Unsecure protocols - TELNET - HTTP - SLIP - FTP - TFTP - SNMPv1 and SNMPv2 - TEMPEST/RF emanation 3.3 Given a scenario, implement network hardening techniques. • Anti-malware software - Host-based - Cloud/server-based - Network-based • Switch port security - DHCP snooping - ARP inspection - MAC address filtering - VLAN assignments - Network segmentation • Security policies • Disable unneeded network services • Use secure protocols - SSH - SNMPv3 - TLS/SSL - SFTP - HTTPS - IPsec • Access lists - Web/content filtering - Port filtering - IP filtering - Implicit deny • Wireless security - WEP - WPA/WPA2 - Enterprise - Personal - TKIP/AES - 802.1x - TLS/TTLS - MAC filtering • User authentication - CHAP/MSCHAP - PAP - EAP - Kerberos - Multifactor authentication - Two-factor authentication - Single sign-on • Hashes - MD5 - SHA 3.4 Compare and contrast physical security controls. • Mantraps • Network closets • Video monitoring - IP cameras/CCTVs • Door access controls • Proximity readers/key fob • Biometrics • Keypad/cipher locks • Security guard 3.5 Given a scenario, install and configure a basic firewall. • Types of firewalls - Host-based - Network-based - Software vs. hardware - Application aware/context aware - Small office, home office firewall - Stateful vs. stateless inspection - UTM • Settings/techniques - ACL - Virtual wire vs. routed - DMZ - Implicit deny - Block/allow - Outbound traffic - Inbound traffic - Firewall placement - Internal/external 3.6 Explain the purpose of various network access control models. • 802.1x • Posture assessment • Guest network • Persistent vs. non-persistent agents • Quarantine network • Edge vs. access control 3.7 Summarize basic forensic concepts. • First responder • Secure the area - Escalate when necessary • Document the scene • eDiscovery • Evidence/data collection • Chain of custody • Data transport • Forensics report • Legal hold 4.0 Troubleshooting4.1 Given a scenario, implement the following network troubleshooting methodology.
• Identify the problem - Gather information - Duplicate the problem, if possible - Question users - Identify symptoms - Determine if anything has changed - Approach multiple problems individually • Establish a theory of probable cause - Question the obvious - Consider multiple approaches - Top-to-bottom/ bottom-to-top OSI model - Divide and conquer • Test the theory to determine cause - Once theory is confirmed, determine next steps to resolve problem - If theory is not confirmed, reestablish new theory or escalate • Establish a plan of action to resolve the problem and identify potential effects • Implement the solution or escalate as necessary • Verify full system functionality and, if applicable, implement preventative measures • Document findings, actions and outcomes 4.2 Given a scenario, analyze and interpret the output of troubleshooting tools. • Command line tools - ipconfignetstat - ifconfig - ping/ping6/ping -6 - tracert/tracert -6/ traceroute6/traceroute -6 - nbtstat - nslookup - arp - mac address lookup table - pathping • Line testers • Certifiers • Multimeter • Cable tester • Light meter • Toner probe • Speed test sites • Looking glass sites • WiFi analyzer • Protocol analyzer 4.3 Given a scenario, troubleshoot and resolve common wireless issues. • Signal loss • Interference • Overlapping channels - Mismatched channels • Signal-to-noise ratio • Device saturation • Bandwidth saturation • Untested updates • Wrong SSID • Power levels • Open networks • Rogue access point • Wrong antenna type • Incompatibilities • Wrong encryption • Bounce • MIMO • AP placement • AP configurations - LWAPP - Thin vs. thick • Environmental factors - Concrete walls - Window film - Metal studs • Wireless standard related issues - Throughput - Frequency - Distance - Channels 4.4 Given a scenario, troubleshoot and resolve common copper cable issues. • Shorts • Opens • Incorrect termination (mismatched standards) - Straight-through - Crossover • Cross-talk - Near end - Far end • EMI/RFI • Distance limitations • Attenuation/Db loss • Bad connector • Bad wiring • Split pairs • Tx/Rx reverse • Cable placement • Bad SFP/GBIC - cable or transceiver 4.5 Given a scenario, troubleshoot and resolve common fiber cable issues. • Attenuation/Db loss • SFP/GBIC - cable mismatch • Bad SFP/GBIC - cable or transceiver • Wavelength mismatch • Fiber type mismatch • Dirty connectors • Connector mismatch • Bend radius limitations • Distance limitations 4.6 Given a scenario, troubleshoot and resolve common network issues. • Incorrect IP configuration/default gateway • Broadcast storms/switching loop • Duplicate IP • Speed and duplex mismatch • End-to-end connectivity • Incorrect VLAN assignment • Hardware failure • Misconfigured DHCP • Misconfigured DNS • Incorrect interface/interface misconfiguration • Cable placement • Interface errors • Simultaneous wired/wireless connections • Discovering neighboring devices/nodes • Power failure/power anomalies • MTU/MTU black hole • Missing IP routes • NIC teaming misconfiguration - Active-active vs. active-passive - Multicast vs. broadcast 4.7 Given a scenario, troubleshoot and resolve common security issues. • Misconfigured firewall • Misconfigured ACLs/applications • Malware • DoS • Open/closed ports • ICMP related issues - Ping of death - Unreachable default gateway • Unpatched firmware/OSs • Malicious users - Trusted - Untrusted users - Packet sniffing • Authentication issues - TACACS/RADIUS misconfigurations - Default passwords/settings • Improper access/backdoor access • ARP issues • Banner grabbing/OUI • Domain/local group configurations • Jamming 4.8 Given a scenario, troubleshoot and resolve common WAN issues. • Loss of Internet connectivity • Interface errors • Split horizon • DNS issues • Interference • Router configurations • Customer premise equipment - Smart jack/NIU - Demarc - Loopback - CSU/DSU - Copper line drivers/repeaters • Company security policy - Throttling - Blocking - Fair access policy/utilization limits • Satellite issues - Latency 5.0 Industry Standards, Practices and Network Theory5.1 Analyze a scenario and determine the corresponding OSI layer.
• Layer 1 – Physical • Layer 2 – Data link • Layer 3 – Network • Layer 4 – Transport • Layer 5 – Session • Layer 6 – Presentation • Layer 7 – Application 5.2 Explain the basics of network theory and concepts. • Encapsulation/de-encapsulation • Modulation techniques - Multiplexing - De-multiplexing - Analog and digital techniques - TDM • Numbering systems - Binary - Hexadecimal - Octal • Broadband/baseband • Bit rates vs. baud rate • Sampling size • CDMA • CSMA/CD and CSMA/CA • Carrier detect/sense • Wavelength • TCP/IP suite - ICMP - UDP - TCP • Collision 5.3 Given a scenario, deploy the appropriate wireless standard. • 802.11a • 802.11b • 802.11g • 802.11n • 802.11ac 5.4 Given a scenario, deploy the appropriate wired connectivity standard. • Ethernet standards - 10BaseT - 100BaseT - 1000BaseT - 1000BaseTX - 10GBaseT - 100BaseFX - 10Base2 - 10GBaseSR - 10GBaseER - 10GBaseSW - IEEE 1905.1-2013 - Ethernet over HDMI - Ethernet over power line • Wiring standards - EIA/TIA 568A/568B • Broadband standards - DOCSIS 5.5 Given a scenario, implement the appropriate policies or procedures. • Security policies - Consent to monitoring • Network policies • Acceptable use policy • Standard business documents - SLA - MOU - MSA - SOW 5.6 Summarize safety practices. • Electrical safety - Grounding • ESD - Static • Installation safety - Lifting equipment - Rack installation - Placement - Tool safety • MSDS • Emergency procedures - Building layout - Fire escape plan - Safety/emergency exits - Fail open/fail close - Emergency alert system • Fire suppression systems • HVAC 5.7 Given a scenario, install and configure equipment in the appropriate location using best practices. • Intermediate distribution frame • Main distribution frame • Cable management - Patch panels • Power management - Power converters - Circuits - UPS - Inverters - Power redundancy • Device placement • Air flow • Cable trays • Rack systems - Server rail racks - Two-post racks - Four-post racks - Free-standing racks • Labeling - Port labeling - System labeling - Circuit labeling - Naming conventions - Patch panel labeling • Rack monitoring • Rack security 5.8 Explain the basics of change management procedures. • Document reason for a change • Change request - Configuration procedures - Rollback process - Potential impact - Notification • Approval process • Maintenance window - Authorized downtime • Notification of change • Documentation - Network configurations - Additions to network - Physical location changes 5.9 Compare and contrast the following ports and protocols. • 80 HTTP • 443 HTTPS • 137-139 NetBIOS • 110 POP • 143 IMAP • 25 SMTP • 5060/5061 SIP • 2427/2727 MGCP • 5004/5005 RTP • 1720 H.323 • TCP - Connection-oriented • UDP - Connectionless 5.10 Given a scenario, configure and apply the appropriate ports and protocols. • 20,21 FTP • 161 SNMP • 22 SSH • 23 Telnet • 53 DNS • 67,68 DHCP • 69 TFTP • 445 SMB • 3389 RDP |