Network Plus Courseware

COMPTIA
Network Plus
Courseware Notes
Version 2.2
www.firebrandtraining.com
COMPTIA NETWORK+
N10-006
1
7/30/2015
7/30/2015 1 ©2007 – Body Temple
The CompTIA Network+ certification is an internationally

recognized validation of the technical knowledge required
of foundation-level IT network practitioners.
It is recommended for CompTIA Network+ candidates to
have the following:
CompTIA A+ certification or equivalent knowledge, though
CompTIA A+ certification is not required.
Have at least 9 to 12 months of work experience in IT
networking
2
7/30/2015
7/30/2015 2 ©2007 – Body Temple
1
CompTia Network+ Objectives
The table below lists the domains measured by the exam and the extent
to which they are represented.
CompTIA Network+ exams are based on these objectives.
DOMAIN % OF EXAM
1.0 Network Architecture 22%
2.0 Network Operations 20%
3.0 Network Security 18%
4.0 Troubleshooting 24%
5.0 Industry Standards, 16%
Practices and Network
Theory
3
7/30/2015
7/30/2015 3 ©2007 – Body Temple
CompTia Network+ Objectives
A full list of the CompTia Network+ Objectives and

official Network+ Acronym List is provided at:
http://certification.comptia.org/Training/testingc
enters/examobjectives.aspx
4
7/30/2015
7/30/2015 4 ©2007 – Body Temple
2
Network+ Modules DAY 1
Module 1: Introduction to Networks

Module 2: The OSI Reference Model
Module 3: Networking Topology, Connectors and
Wiring Standards
Module 4: Ethernet Specifications
Module 5: Network Devices
Module 6: TCP/IP
Module 7: IP Addressing
5
7/30/2015
7/30/2015 5 ©2007 – Body Temple
Network+ Modules – DAY 2
Module 8: Routing
Module 9: Switching and VLANs
Module 10: Wireless Networking
Module 11: Authentication and Access Control
Module 12: Network Threats
Module 13: Wide Area Networking
Module 14: Troubleshooting
6
7/30/2015
7/30/2015 6 ©2007 – Body Temple
3
Network+ Modules – DAY 3
Module15: Management, Monitoring and

Optimisation
Exam N10-006
7
7/30/2015
7/30/2015 7 ©2007 – Body Temple
MODULE 1
INTRODUCTION TO NETWORKS
8
7/30/2015
7/30/2015 8 ©2007 – Body Temple
4
What is a Network
“Two or more connected computers that can

share resources such as data and applications”
Determined by:
Type of Computer
Topology
Interconnection device
9
7/30/2015
7/30/2015 9 ©2007 – Body Temple
Clients and Servers
Types of Computer
Workstation / Client
Server
Types of Network
Peer-Peer
Client-Server
10
7/30/2015
7/30/2015 10 ©2007 – Body Temple
5
Networking Topology
BUS
11
7/30/2015
7/30/2015 11 ©2007 – Body Temple
Networking Topology
Star (Hub and Spoke)
12
7/30/2015
7/30/2015 12 ©2007 – Body Temple
6
Networking Topology
RING
13
7/30/2015
7/30/2015 13 ©2007 – Body Temple
Networking Topology
MESH
14
7/30/2015
7/30/2015 14 ©2007 – Body Temple
7
Networking Topology
Backbone and Segments
VLAN 1
SALES
SEVERS
COMMS ROOM
BACKBONE
VLAN 2
MARKETING
15
7/30/2015
7/30/2015 15 ©2007 – Body Temple
MODULE 2
THE OSI REFERENCE MODEL
16
7/30/2015
7/30/2015 16 ©2007 – Body Temple
8
The Open Systems Interconnection Model
The OSI model is the primary architectural model

for networks.
It describes how data and network information are
communicated from an application on one
computer through the network media to an
application on another computer.
The OSI reference model breaks this approach into
7 layers.
17
7/30/2015
7/30/2015 17 ©2007 – Body Temple
OSI Reference Model
7 APPLICATION
6 PRESENTATION
5 SESSION
4 TRANSPORT
3 NETWORK
2 DATALINK
1 PHYSICAL
18
7/30/2015
7/30/2015 18 ©2007 – Body Temple
9
OSI
7 APPLICATION
The application layer provides connectivity between users

and application processes to access network services. This
layer contains a variety of commonly needed functions:
• Resource sharing NFS FTP HTTP
• Network management SNMP TELNET
• Directory services LDAP
• Electronic messaging (such as mail) SMTP, POP3
19
7/30/2015
7/30/2015 19 ©2007 – Body Temple
OSI
6 PRESENTATION
The presentation layer formats the data to be presented to

the application layer. It acts as the ‘translator’ for the
network.
The presentation layer provides:
• Character code translation.
• Data conversion.
• Data compression: reduces the number of bits that need to be transmitted on the
network.
• Data encryption: encrypt data for security purposes. For example, password encryption.
20
7/30/2015
7/30/2015 20 ©2007 – Body Temple
10
OSI
5 SESSION
The session layer allows session establishment between

processes running on different stations. It provides:
• Session Management – establishment and termination between two
application processes on different machines
• Session support allowing processes to communicate over the network,
performing security, name recognition, logging, and so on.
21
7/30/2015
7/30/2015 21 ©2007 – Body Temple
OSI
4 TRANSPORT
The transport layer ensures that messages are delivered

error-free, in sequence, and with no losses or duplications.
The transport layer provides:
• Message segmentation
• Message acknowledgment
• Message traffic control
• Session multiplexing
• Transmission Control Protocol (TCP) / User Datagram Protocol (UDP)
both work at Layer 4 22
7/30/2015
7/30/2015 22 ©2007 – Body Temple
11
OSI
3 NETWORK
The network layer controls the operation of the subnet,

deciding which physical path the data should take based on
network conditions, priority of service, and other factors. It
provides:
• Routing
• Subnet traffic control through the use of a router (Layer 3 Intermediate
system)
• Frame fragmentation
• Logical-physical address mapping
• Internet Protocol (IPv4 / IPv6) 23
7/30/2015
7/30/2015 23 ©2007 – Body Temple
OSI
2 DATALINK
The data link layer provides error-free transfer of data

frames from one node to another over the physical layer.
The data link layer provides:
• Link establishment and termination
• Frame traffic control
• Frame sequencing
• Frame acknowledgment
• Frame error checking
• Media access management
24
7/30/2015
7/30/2015 24 ©2007 – Body Temple
12
OSI – DATALINK LAYER
The IEEE Ethernet Data Link layer has two sublayers

Media Access Control (MAC)
Logical Link Control (LLC)
Devices which work at Layer 2 include:

• Switch
• Network Adaptor
• Bridge
25
7/30/2015
7/30/2015 25 ©2007 – Body Temple
OSI – DATALINK LAYER – IEEE 802 Standards
IEEE 802. STANDARD Topic
802.1 LAN/MAN Management

802.2 Logical Link Control
802.3 CSMA/CD ETHERNET
802.8 Fiber-Optic LAN/MAN
802.10 LAN/MAN Security
802.11 Wireless LAN
26
7/30/2015
7/30/2015 26 ©2007 – Body Temple
13
OSI
1 PHYSICAL
The physical layer is concerned with the transmission and reception

of the unstructured raw bit stream over a physical medium. It
provides:
• Data encoding
• Physical medium attachment
• Physical medium transmission
Devices that work at Layer 1 include:

• Hub
• Repeater
• Media Convertor 27
7/30/2015
7/30/2015 27 ©2007 – Body Temple
PLEASE DO NOT THROW SAUSAGE PIZZA AWAY!
7 AWAY
6 PIZZA
5 SAUSAGE
4 THROW
3 NOT
2 DO
1 PLEASE
28
7/30/2015
7/30/2015 28 ©2007 – Body Temple
14
MODULE 3
NETWORKING TOPOLGY, CONNECTORS
AND WIRING STANDARDS
29
7/30/2015
7/30/2015 29 ©2007 – Body Temple
CABLE CHARACTERISTICS
Cost
Installation issues
PLENUM Rating
Bandwidth/Speed/Capacity
Duplex/Half Duplex
Serial/Parallel
Distance/Attenuation
Noise immunity
7/30/2015
Security 30
7/30/2015 30 ©2007 – Body Temple
15
Types of Cable
COAXIAL
31
7/30/2015
7/30/2015 31 ©2007 – Body Temple
Types of Cable
Coax connectors
BNC
32
7/30/2015
7/30/2015 32 ©2007 – Body Temple
16
Types of Cable
Twisted Pair
UTP
STP
CAT standards
Connectors
33
7/30/2015
7/30/2015 33 ©2007 – Body Temple
RJ45
RJ45 plugs and sockets are most commonly used as

connectors for Ethernet cable (UTP)
Also known as 8P8C (8 position 8 Contact)
Eight equally spaced conductors
Terminated using a crimp tool
34
7/30/2015
7/30/2015 34 ©2007 – Body Temple
17
RJ45 Wiring Standards
T568A
T568B
STRAIGHT THROUGH
CROSSOVER
ROLLOVER
LOOPBACK
35
7/30/2015
7/30/2015 35 ©2007 – Body Temple
T568A / T568B
T568B is more common

36
7/30/2015
7/30/2015 36 ©2007 – Body Temple
18
CROSSOVER
37
7/30/2015
7/30/2015 37 ©2007 – Body Temple
Rollover and Loopback CABLE
Console Cable used to connect Administrator

to console port of a Router or Switch
Loopback Cable used for diagnostics and

testing.
38
7/30/2015
7/30/2015 38 ©2007 – Body Temple
19
FIBER OPTIC
ST Connector (Straight Tip)

SC Connector (Subscriber Connector)
LC Connector (Local Connector)
MTRJ (Mechanical Transfer Registered Jack)
Single Mode Fiber (SMF)
Multimode Fiber (MMF)
39
7/30/2015
7/30/2015 39 ©2007 – Body Temple
Media Converter
Allow the conversions between different

types of Fiber Optic or between Fiber and
Ethernet.
These include:
• Single Mode Fiber to Ethernet
• Multi Mode Fiber to Ethernet
• Fiber to Coaxial
40
7/30/2015
7/30/2015 40 ©2007 – Body Temple
20
Types of Cable
Other types of communications cables

include:
RS232
USB
FIREWIRE
THUNDERBOLT
41
7/30/2015
7/30/2015 41 ©2007 – Body Temple
Patching and Cabling
MDF – Main Distribution Frame is a terminating point where

cables are connected and can be jumpered to different
locations
IDF – Intermediate Distribution Frame, a smaller version of
the MDF maybe on each floor of a building
Patch Panel – where circuits can be rerouted through the
use of CAT 5 patch leads
42
7/30/2015
7/30/2015 42 ©2007 – Body Temple
21
66 / 110 Block
66 Block used for Telephone systems

110 Block used for Cat 5/6 UTP systems
43
7/30/2015
7/30/2015 43 ©2007 – Body Temple
Demarcation Point
The DEMARC or demarcation point is the point at which the

telephone company or circuit provider network ends and
connects to the wiring at the customer’s premises.
A box such as an NIU (Network Interface Unit) or a CSU
(Channel Service Unit) which carries out code or protocol
conversion is commonly referred to as a SMART JACK. This
is the terminating point between the TELCO and the
customer network
44
7/30/2015
7/30/2015 44 ©2007 – Body Temple
22
MODULE 4
ETHERNET SPECIFICATIONS
45
7/30/2015
7/30/2015 45 ©2007 – Body Temple
Ethernet Standards 802.3
Ethernet descriptive labels

Eg: 10Base5
Equates to:
10 Mbps
Baseband signalling (one channel of communication at
any time)
500 Metres maximum length
10Base2 (runs for 185 Metres)
46
7/30/2015
7/30/2015 46 ©2007 – Body Temple
23
Carrier Sense Multiple Access / Collision Detection
CSMA/CD
CSMA/CD is known as a contention method because

computers on the network contend, or compete, for an
opportunity to send data.
The more computers there are on the network, the more
network traffic there will be.
With more traffic, collision avoidance and collisions tend to
increase, which slows the network down, so CSMA/CD can be
a slow-access method.
47
7/30/2015
7/30/2015 47 ©2007 – Body Temple
CSMA/CD
CSMA/CD is used by all implementations of

Ethernet regardless of the media or the data
throughput.
CSMA/CD working without a collision:

1.Listens to check media to see if it is clear
2.If clear then a host will place data on the media
3.Then listens to see if data sent has a collision
48
7/30/2015
7/30/2015 48 ©2007 – Body Temple
24
CSMA/CD
CSMA/CD working with a collision:

1.Listens to check media to see if it is clear
2.If clear then a host will place data on the media
3.Then listens to see if data sent has a collision
4.Collision occurs
5.Both devices send a jam signal
6.Both devices start a timer (back off algorithm)
7.First host whose timer expires repeats steps 1-3
8.Then the second node will perform steps 1 - 3
9.Then operation returns to normal and all devices have equal access to the media
49
7/30/2015
7/30/2015 49 ©2007 – Body Temple
CSMA/CA (Collision Avoidance)
Used on Wireless Networks

Nodes must ‘listen’ out to detect if network
is busy before sending
Optionally may be implemented with
Request To Send/Clear To Send (RTS/CTS)
50
7/30/2015
7/30/2015 50 ©2007 – Body Temple
25
MAC Address
Media Access Control (MAC)

Works at Datalink Layer (2)
48 bit Hexidecimal address unique to every
Network Interface (Organizationally Unique
ID/Vendor ID)
51
7/30/2015
7/30/2015 51 ©2007 – Body Temple
Common Ethernet Cable Types

Ethernet Name Cable Type Max Distance Notes
10Base5 COAX 500m Thicknet
10Base2 COAX 185m Thinnet
10BaseT UTP 100m
100BaseTX UTP/STP 100m Cat5 upwards
10BaseFL FIBER 500-2000m Ethernet over
Fiber
100BaseFX MMF 2000m
1000BaseT UTP 100m Cat5e upwards
1000BaseSX MMF 550m SC Connector
1000BaseCX Balanced Shielded 25m Special Connector
Copper
1000BaseLX MMF/SMF 550m (Multi) SC and LC
/2000m(Single) Connector
52
7/30/2015
7/30/2015 52 ©2007 – Body Temple
26
Common Ethernet Cable Types
Ethernet Name Cable Type Max Distance Notes

10GBaseT UTP 100m
10GBaseSR MMF 300m
10GBaseLR SMF 10km
10GBaseER SMF 40km
10GBaseSW MMF 300m
10GBaseLW SMF 10km Used with SONET
10GBaseEW SMF 40km
53
7/30/2015
7/30/2015 53 ©2007 – Body Temple
Ethernet over other standards
Ethernet over Power Line (Broadband over

Power Line (BPL))
Ethernet over HDMI
54
7/30/2015
7/30/2015 54 ©2007 – Body Temple
27
MODULE 5
NETWORK DEVICES
55
7/30/2015
7/30/2015 55 ©2007 – Body Temple
Common Network Devices
Network Interface Card (NIC)

Hub
Bridge
Switch
Router
Firewall
Intrusion Detection System (IDS)
Intrusion Prevention System (IPS)
Access Point
56
7/30/2015
7/30/2015 56 ©2007 – Body Temple
28
NETWORK INTERFACE CARD (NIC)
Unique identifier – Media Access Control address

(MAC)
57
7/30/2015
7/30/2015 57 ©2007 – Body Temple
HUBS AND REPEATER – LAYER 1 DEVICES
HUB enables a number of nodes to

connect to a network (one per port)
REPEATER retransmit signals (may
clean and strengthen the signal) to
increase distances between nodes
58
7/30/2015
7/30/2015 58 ©2007 – Body Temple
29
BRIDGE – LAYER 2 DEVICE
A BRIDGE (or ‘Transparent Bridge’) connects two

similar network segments together. Its primary
function is to keep traffic separated on either side
of the bridge, breaking up Collision Domains within
a single Broadcast Domain
BROADCAST DOMAIN
Collision Domain Collision Domain
BRIDGE
59
7/30/2015
7/30/2015 59 ©2007 – Body Temple
SWITCH – LAYER 2 DEVICE
Multiport bridges
Operate at DATALINK layer
Control collision domains
Now used extensively instead of Hubs and Bridges
May also incorporate LAYER 3 technology
60
7/30/2015
7/30/2015 60 ©2007 – Body Temple
30
ROUTER – LAYER 3 DEVICE
Traditional LAYER 3 device (NETWORK Layer)

Forwarding based upon network layer IP address
Control Broadcast and Collision Domains
Can use multiple routing protocols
61
7/30/2015
7/30/2015 61 ©2007 – Body Temple
FIREWALL
Provide the first layer of defence in network

security
May be hardware or software (or both)
Based on configuration rules
Used to established Demilitarised Zones
(DMZ)
62
7/30/2015
7/30/2015 62 ©2007 – Body Temple
31
FIREWALLS - DMZ
Used to protect the LAN from External

attacks/intrusion
DMZ
LAN
63
7/30/2015
INTERNET
7/30/2015 63 ©2007 – Body Temple
FIREWALL - Rules
64
7/30/2015
7/30/2015 64 ©2007 – Body Temple
32
IDS/IPS
Intrusion Detection System (IDS)

• Host Based (HIDS) or Network Based (NIDS)
• Passive Monitoring
• Anomaly Detection
• Signature Detection
• Heuristics
Intrusion Protection System

Host Based (HIPS) or Network Based (NIPS)
Active Monitoring
65
7/30/2015
7/30/2015 65 ©2007 – Body Temple
IDS/IPS
Honeypot / Honeynet
Used to monitor intrusion / attacks and conduct
intelligence gathering
Used to deflect potential attacks
HONEYPOT
DMZ
IDS
INTERNET
66
7/30/2015
7/30/2015 66 ©2007 – Body Temple
33
Wireless Access Points (WAP)
Connects computers with wireless adapters to a

network
Access Point is a translational bridge
802.11b/g Access Points use CSMA/CD to connect to
network (LAN) and CSMA/CA to communicate with
other wireless devices
67
7/30/2015
7/30/2015 67 ©2007 – Body Temple
Dynamic Host Configuration Protocol (DHCP)
Dedicated Server Role or

Integrated with Network Device
68
7/30/2015
7/30/2015 68 ©2007 – Body Temple
34
DHCP
DHCP Client sends Broadcast packets to DHCP Server in

order to acquire an IP address from the DHCP Scope
• DHCP Discover
• DHCP Offer
• DHCP Request
• DHCP Ack
69
7/30/2015
7/30/2015 69 ©2007 – Body Temple
DHCP Settings
Reservations (set on MAC address of client)

Exclusions (used for statically assigned clients)
Authorised on the network
Scope must be activated
Clients will default to APIPA address if no DHCP

available
Internet Connection Sharing (ICS) includes DHCP
service
70
7/30/2015
7/30/2015 70 ©2007 – Body Temple
35
Specialised Network Devices
Multilayer Switch (MLS)

Works at Layer 2 and Layer 3 (Routing)
Very popular devices
71
7/30/2015
7/30/2015 71 ©2007 – Body Temple
Load Balancer
Fault Tolerance / Redundancy
Used to support servers such as:
• Web Servers
• FTP Servers
• Remote Desktop Servers
• VPN Servers
72
7/30/2015
7/30/2015 72 ©2007 – Body Temple
36
Domain Naming System (DNS)
Resolves FQDN to IP addresses (Forward Lookup)

Resolves IP addresses to FQDN (Reverse Lookup)
DNS entries held in a database on a server called a
Zone
Zone is an area of contiguous namespace for which
a DNS server is authoritative
DNS Server is able to Forward requests and Cache
responses in support of clients
73
7/30/2015
7/30/2015 73 ©2007 – Body Temple
DNS Resolution
Host File
Local Resolver Cache Local Host
File
DNS Local
Resolver
Cache
NetBios Cache
DNS Server
WINS
Broadcast
LMHosts
74
7/30/2015
7/30/2015 74 ©2007 – Body Temple
37
DNS on the INTERNET
ROOT (.)
. COM
Google.com FirebrandTraining.com
UK.FirebrandTraining.com
WWW.UK.FirebrandTraining.com
75
7/30/2015
7/30/2015 75 ©2007 – Body Temple
DNS Records
RECORD INFO
A Host Record (IPv4)
AAAA Host Record (IPv6)
PTR Reverse Lookup Record
NS Named Server Record (DNS Server)
MX Mail Exchange (Email Server)
Alias (Cname) Used to point friendly name records to
other hosts
SOA Start of Authority (controls DNS Zone
transfers and records)
SRV Service Locator records (eg. location of
Domain Controllers and associated
services)
76
7/30/2015
7/30/2015 76 ©2007 – Body Temple
38
Proxy Server
Two main types: LAN
• Caching Proxy ROUTER
• Web Proxy INTERNET
PROXY SERVER
Reverse proxy (incoming from the Internet)
77
7/30/2015
7/30/2015 77 ©2007 – Body Temple
PACKET SHAPER (TRAFFIC SHAPER)

Allow for traffic management (bandwidth)
Set against network profile
May work with Quality of Service (QOS)
configurations
78
7/30/2015
7/30/2015 78 ©2007 – Body Temple
39
VPN CONCENTRATOR
Dedicated device to handle multiple VPN
(Virtual Private Network) connections and
associated configurations
79
7/30/2015
7/30/2015 79 ©2007 – Body Temple
Basic Network Device layout
VLANS
SWITCH
SERVERS
ROUTER
FIREWALL
DMZ
80
7/30/2015
7/30/2015 80 ©2007 – Body Temple
40
MODULE 6
TCP/IP
81
7/30/2015
7/30/2015 81 ©2007 – Body Temple
Department of Defence (DoD) TCP/IP Model
Application
Presentation APPLICATION
Session
Transport TRANSPORT
Network
INTERNET
Datalink
Physical NETWORK INTERFACE
82
7/30/2015
7/30/2015 82 ©2007 – Body Temple
41
PORTS
Allow applications or protocols to use specific

values for connections
Range from 0-65535
0-1023 are reserved for specified TCP/IP
applications and are known as “Well Known Ports”
Destination and Source port numbers
Sockets include IP address and Port Number
83
7/30/2015
7/30/2015 83 ©2007 – Body Temple
PORT NUMBERS
Application Layer Port (s) Transport Protocol

Protocol
FTP File Transport 20/21 TCP
Protocol
TELNET 23 TCP
SSH 22 TCP
DNS 53 TCP/UDP
DHCP 67/68 UDP
TFTP 69 UDP
HTTP 80 TCP
HTTPS 443 TCP
SMTP 25 TCP
84
7/30/2015
7/30/2015 84 ©2007 – Body Temple
42
PORT NUMBERS
Application Layer Port Number (s) Transport Protocol

Protocol
NETBIOS 137,138,139 TCP
LDAP 389 TCP
IGMP 463 UDP
LPR 515 UDP
RDP 3389 TCP
NTP 123 UDP
NNTP 119 UDP
POP3 110 TCP
IMAP4 143 TCP
SNMP 161 UDP
85
7/30/2015
7/30/2015 85 ©2007 – Body Temple
Transport Protocols
Transmission Control Protocol (TCP)

Connection Orientated
TCP Three Way Handshake
Receives an Acknowledgement for packets sent
User Datagram Protocol (UDP)
Connection-less
Used for streaming media and VOIP
86
7/30/2015
7/30/2015 86 ©2007 – Body Temple
43
Internet Layer Protocols
Internet Protocol (IP)

Internet Control Message Protocol (ICMP)
Address Resolution Protocol (ARP)
87
7/30/2015
7/30/2015 87 ©2007 – Body Temple
IP
IPv4
IPv6
Windows Clients use dual stack
Command Line Utilities:
• IPCONFIG
• IFCONFIG (Linux/Unix)
88
7/30/2015
7/30/2015 88 ©2007 – Body Temple
44
ICMP
Management and messaging for IP

Command line utilities:
• PING
• PATHPING
• TRACERT
89
7/30/2015
7/30/2015 89 ©2007 – Body Temple
ARP
Address Resolution Protocol

IP to MAC Address
Reverse ARP (RARP) resolves IP from MAC
address
90
7/30/2015
7/30/2015 90 ©2007 – Body Temple
45
MODULE 7
IP ADDRESSING
91
7/30/2015
7/30/2015 91 ©2007 – Body Temple
Internet Protocol (IP)
IPv4
32 Bit Address Scheme
Divided into Network Address and Host
Subnet Mask
Broken in 4 Octets (8 bits)
Represented by dotted-decimal notation
Eg. 192.168.2.200 / 24
Or 192.168.2.200
255.255.255.0
92
7/30/2015
7/30/2015 92 ©2007 – Body Temple
46
Subnetting
PUBLIC and PRIVATE address ranges allocated by IANA (Class-

full Addressing)
PUBLIC Ranges: (Routable on the Internet)
Class Range Hosts

A 1-126 / 8 16,777, 214
B 128-191 /16 65,534
C 192-223 254
D 224-239 Multicast
E 240-254 Development
93
7/30/2015
7/30/2015 93 ©2007 – Body Temple
IP
Private Ranges: (Not routable on the Internet)

Class Range
A 10.0.0.0-10.255.255.255
B 172.16.0.0-172.31.255.255
C 192.168.0.0-192.168.255.255
APIPA – Automatic Private IP Address

169.254.X.X 255.255.0.0
94
7/30/2015
7/30/2015 94 ©2007 – Body Temple
47
SUBNETTING
Subnetting allows you to break up large networks into

smaller broadcast segments
Allows for conservation of host addresses
Security
95
7/30/2015
7/30/2015 95 ©2007 – Body Temple
IPv6
128 bit Address Range

Displayed in hexadecimal format of eight 16bit
groups, separated by a colon (:)
Eg: 2001:0db8:85a3:0042:0000:8a2e:0370:7334
May also be written as:
2001:db8:85a3:42::8a28:370:7334
(lead zeros removed)
96
7/30/2015
7/30/2015 96 ©2007 – Body Temple
48
IPv6 Addresses
Unicast – one to one (Same as IPv4)

Multicast – one to many (Similar to IPv4)
Anycast – one to one of many (Unique to IPv6)
97
7/30/2015
7/30/2015 97 ©2007 – Body Temple
IPv6
Unicast Addresses:
 Global Unicast (similar to Public IPv4 addresses)
 Link Local Unicast (similar to APIPA IPv4
addresses)
 Unique Local Unicast (similar to Private IPv4
addresses)
98
7/30/2015
7/30/2015 98 ©2007 – Body Temple
49
Special IPv6 Addresses
Loopback Address
::1 (127.0.0.1)
Link Local Addresses
FE80:: (Similar to APIPA addresses)
99
7/30/2015
7/30/2015 99 ©2007 – Body Temple
ICMPv6
Replaces IGMP with Multicast Listener Discovery

(MLD)
Replaces ARP with Neighbour Discovery (ND)
100
7/30/2015
7/30/2015 100 ©2007 – Body Temple
50
Troubleshooting IP
Physical Network Components (NIC, Cables,

Switches, Routers)
Network Interface Card Configuration
IPCONFIG
PING
TRACERT
ARP
101
7/30/2015
7/30/2015 101 ©2007 – Body Temple
Network Address Translation (NAT)
NAT allows for the continuation of private IPv4

addressing
Translates between Private and Public IP networks
(different to Routing)
Simply replaces the source IP address (private) with
that of the external (public) IP address to enable
routing on the Internet
Addition security features (Firewall)
102
7/30/2015
7/30/2015 102 ©2007 – Body Temple
51
NAT
Basic NAT
NAT-T (IPSEC)
NAT-PT (IPv6) External – Public
Interface
101.102.103.104
Internal – Private LAN

192.168.2.0/24
103
7/30/2015
7/30/2015 103 ©2007 – Body Temple
MODULE 8
ROUTING
104
7/30/2015
7/30/2015 104 ©2007 – Body Temple
52
Routing Tables
Routing table provides the router with a ‘map’ of

the network configuration and where it can receive
and send packets to/from
Typically routing table includes:
 Destination addresses
 Gateway locations
 Interfaces
 Cost (Metric)
105
7/30/2015
7/30/2015 105 ©2007 – Body Temple
Windows Routing Table
Route Print
Netstat -r
106
7/30/2015
7/30/2015 106 ©2007 – Body Temple
53
Routing information
Routing Tables are updated by:

STATIC Routing (Routing information is
manually configured)
DYNAMIC Routing (Routing protocols
automatically update routing information)
107
7/30/2015
7/30/2015 107 ©2007 – Body Temple
Static Routing
ROUTE ADD
Router Config
108
7/30/2015
7/30/2015 108 ©2007 – Body Temple
54
DYNAMIC ROUTING
Routing Protocols
Distance Vector
 Use algorithms to calculate best routes based on distance
(cost) and direction (vector)
 Transfer the whole routing table to other routers (up to a
maximum number of hops)
 Routing tables are broadcast at regular intervals
 Used for small/medium size networks
109
7/30/2015
7/30/2015 109 ©2007 – Body Temple
Distant Vector Routing Protocols
Routing Internet Protocol (RIP)v1

RIPv2 – increased security (authentication)
Border Gateway Protocol (BGP) – used to connect
Autonomous Systems (AS) across the Internet
(Autonomous Systems use classes of routing protocols
Interior and Exterior Gateway Protocol (IGP and EGP))
110
7/30/2015
7/30/2015 110 ©2007 – Body Temple
55
Dynamic Routing Protocols
Link State
Open Shortest Path First (OSPF)
More common IGP (OSPFv2 for IPv4, OSPFv3 for IPv6)
IS-IS (Intermediate System – Intermediate System)
111
7/30/2015
7/30/2015 111 ©2007 – Body Temple
Routing Protocols
AUTONOMOUS SYSTEM (AS) AUTONOMOUS SYSTEM (AS)
Exterior Gateway
Protocol:
BGP
Interior Gateway Protocols:

RIP, IGRP, EIGRP, OSPF
112
7/30/2015
7/30/2015 112 ©2007 – Body Temple
56
High Availability Routing
Use of ‘Virtual Routers’

Hot Standby Router Protocol (HSRP) – Cisco
proprietary
Virtual Router Redundancy Protocol (VRRP)
113
7/30/2015
7/30/2015 113 ©2007 – Body Temple
IPv6 Dynamic Routing
RIPng
EIGRPv6
OSPFv3
114
7/30/2015
7/30/2015 114 ©2007 – Body Temple
57
MODULE 9
SWITCHING AND VLANs
115
7/30/2015
7/30/2015 115 ©2007 – Body Temple
Switches
LAYER 2 Device
Used to create separate collision domains
Managed or Unmanaged devices
Learn the MAC address of host locations using MAC
address forward/filter table
116
7/30/2015
7/30/2015 116 ©2007 – Body Temple
58
Spanning Tree Protocol (STP)
Eliminates bridging loops (aka switching loops)

Enables switches to detect loops, communicate
with other switches and block potential loops
taking place
ROOT BRIDGE
ROOT PORT
117
7/30/2015
7/30/2015 117 ©2007 – Body Temple
Virtual LAN (VLAN)
Switches provide a method of broadcast domain

segmentation called Virtual LANs (VLANs)
Layer 2 method of creating more broadcast

domains
VLANs logically divide a switch into multiple,

independent switches at Layer 2, each in their own
broadcast domain
118
7/30/2015
7/30/2015 118 ©2007 – Body Temple
59
VIRTUAL LAN (VLAN)
VLAN 2
VLAN 3
VLAN 4
ROUTER
119
7/30/2015
7/30/2015 119 ©2007 – Body Temple
VLANs
Each VLAN behaves as if it were a separate switch

Packets are forwarded only to ports on that VLAN
VLANS require a TRUNK to span multiple switches
VLAN Trunking Protocol (VTP)
• manages VLANs across a switched internetwork and maintains
consistency throughout that network
A port can be assigned to a given VLAN
120
7/30/2015
7/30/2015 120 ©2007 – Body Temple
60
VLAN
VLAN 2
VLAN 3
Trunk Link
VLAN 2
VLAN 4
ROUTER
121
7/30/2015
7/30/2015 121 ©2007 – Body Temple
VLAN
122
7/30/2015
7/30/2015 122 ©2007 – Body Temple
61
Additional Switch settings/properties
Dependant upon the type/manufacture of the device

Quality of Service (QOS)
Port Security
Port Mirroring
Port Bonding
Flood Guards
Multicasting
Power over Ethernet (PoE) 802.3af/802.3at
123
7/30/2015
7/30/2015 123 ©2007 – Body Temple
MODULE 10
WIRELESS NETWORKING
124
7/30/2015
7/30/2015 124 ©2007 – Body Temple
62
802.11 Standards
Standard Max Throughput Frequency Notes

802.11a 54Mbps 5GHz
802.11b 11Mbps 2.4GHz
802.11g 54Mbps 2.4GHz
802.11n Up to 600Mbps 2.4/5GHz MIMO
802.11ac Up to 1Gbps 5GHz MIMO
125
7/30/2015
7/30/2015 125 ©2007 – Body Temple
WLAN Setup
Ad hoc mode
Wireless clients connect to each other without an AP
Infrastructure mode
Clients connect through an AP through one of two
modes
BSSid (Basic Service Set ID) uses one AP
ESSid (Extended Service Set ID) More than one access
point exists
126
7/30/2015
7/30/2015 126 ©2007 – Body Temple
63
Wireless Components
Wireless Access Point (WAP)

Wireless NIC
Wireless LAN (WLAN) Controller
127
7/30/2015
7/30/2015 127 ©2007 – Body Temple
Wireless Antennas
Transmit and Receive

Two Classes:
• Omni-directional (point to multipoint)
• Directional/Yagi (point to point)
128
7/30/2015
7/30/2015 128 ©2007 – Body Temple
64
WLAN Setup
Site Survey
Signal Degradation:
• Distance
• Building construction
• Interference
Wireless Security
129
7/30/2015
7/30/2015 129 ©2007 – Body Temple
Wireless Security
Threats
• Rogue AP
• Evil Twin
• WAR Driving/WAR Chalking
• Man in the Middle (MitM) Attacks
• Denial of Service (DOS)
130
7/30/2015
7/30/2015 130 ©2007 – Body Temple
65
Wireless Security
SSID Broadcast
Default security settings
MAC Filters
Shielding
Authentication
Encryption
131
7/30/2015
7/30/2015 131 ©2007 – Body Temple
Wireless Encryption
There are three main types of encryption available for

wireless networks:
Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access (WPA)
Wi-Fi Protected Access version 2 (WPA2)
132
7/30/2015
7/30/2015 132 ©2007 – Body Temple
66
Wireless Encryption
WEP – Wired Equivalent Privacy was the first attempt at wireless

encryption
Uses RC4 for encryption and each frame also contains a 24 bit
initialisation vector (IV) that is clear text
The encryption level is either 40 bit (+24bitIV) or 104 bit (+24bit IV)
The IV makes WEP very weak
WEP is easily cracked after a number of packets have been captured by
sniffing
133
7/30/2015
7/30/2015 133 ©2007 – Body Temple
Wireless Encryption
WPA – Wi-Fi Protected Access replaced WEP and initially

was more secure. Still in common use but now relatively
easy to crack.
Also uses RC4 encryption but this time with a 48 bit IV but
uses TKIP as part of the encryption process
TKIP – Temporal Key Integrity Protocol combines the IV with
the key before encrypting and also changes the session key
dynamically after a number of packets
The weakness of WPA is the passphrase, a length of under
12 characters makes it breakable in a reasonable time
134
7/30/2015
7/30/2015 134 ©2007 – Body Temple
67
Wireless Encryption
WPA2 is the replacement for WPA and conforms to the

802.11i standard for security
Uses the AES encryption algorithm along with CCMP
Has been broken but is still seen as secure
CCMP – Cipher block Chaining Message authentication
Protocol is the process used with AES to provide encryption
and provide confidentiality along with authentication of
frames
135
7/30/2015
7/30/2015 135 ©2007 – Body Temple
Wireless Encryption
Wireless authentication can be handled by the access point or by an

external server such as RADIUS or TACACS+
The standard that covers external authentication is IEEE 802.1x
There are other authentication mechanisms that are part of the EAP –
Extensible Authentication Protocol framework. This allows for new
technologies to be compatible with wireless. EAP is not usually
encrypted
LEAP – Lightweight EAP was developed by Cisco and was designed to
replace TKIP in WPA
PEAP – Protected EAP encapsulates EAP in a TLS tunnel which provides
encryption
136
7/30/2015
7/30/2015 136 ©2007 – Body Temple
68
MODULE 11
AUTHENTICATION AND ACCESS
CONTROL
137
7/30/2015
7/30/2015 137 ©2007 – Body Temple
Access Control List (ACL)
Often ACLs are utilised on routers to determine which

packets are allowed to route through, based on the
requesting device’s source or destination Internet Protocol
(IP) address or Port Number (Port Filtering)
138
7/30/2015
7/30/2015 138 ©2007 – Body Temple
69
Tunneling
Virtual Private Network (VPN)

Provides a secure connection between 2 endpoints
using a variety of authentication and encryption
techniques for the following:
• Remote Access (RAS) – Host-to-Site
• Site-to-Site / Host-to-Host
• Business-to-Business (B2) / Extranet VPN
139
7/30/2015
7/30/2015 139 ©2007 – Body Temple
VPN Types
The main types of tunnels to be familiar

with:
• Secure Socket Layer (SSL)
• Layer 2 Tunneling Protocol (L2TP)
• Point to Point Tunneling Protocol (PPTP)
• IP Security (IPSEC)
• Generic Routing Encapsulation (GRE)
140
7/30/2015
7/30/2015 140 ©2007 – Body Temple
70
VPN Types
VPN Port Notes

PPTP 1723
L2TP 1701
IPSEC 500 ESP (id 50) / AH (id51)
GRE 47
SSL 443
141
7/30/2015
7/30/2015 141 ©2007 – Body Temple
IPSEC
Encapsulating Security Payload (ESP)

Authenticating Header (AH)
Security Association (ISAKMP)
Tunnel Mode
Transport Mode
142
7/30/2015
7/30/2015 142 ©2007 – Body Temple
71
ENCRYPTION
SYMMETRIC
• DES
• 3DES
• AES
ASYMMETRIC
• PUBLIC & PRIVATE Key
• Diffie-Hellman
• RSA (Rivest, Shamir, Adleman)
• PGP (Pretty Good Privacy)
143
7/30/2015
7/30/2015 143 ©2007 – Body Temple
Citrix
Terminal Emulation
Microsoft based Terminal Services on this
technology
144
7/30/2015
7/30/2015 144 ©2007 – Body Temple
72
Remote Desktop
Microsoft Remote Desktop Services / Terminal Services

Uses Remote Desktop Protocol (RDP – Port 3389)
May be secured with HTTPS
Allows for Remote Desktops for Administration, Remote
Assistance and Remote Applications
May also be utilised in Virtual Desktop Infrastructure
145
7/30/2015
7/30/2015 145 ©2007 – Body Temple
USER AUTHENTICATION
AUTHENTICATION – Proving you are who you say

you are!
Authentication protocols:
• Something that you know – Password/Pin
• Something that you have – Smartcard/token
• Something that you are - Biometric
146
7/30/2015
7/30/2015 146 ©2007 – Body Temple
73
User Authentication
Certificate Services (Public Key Infrastructure –PKI)

Kerberos
Active Directory (Domain)
Local Authentication – Security Accounts
Management (SAM)
147
7/30/2015
7/30/2015 147 ©2007 – Body Temple
Authentication Protocols
Password Authentication Protocol PAP

Challenge Handshake Protocol CHAP
Microsoft CHAP MS-CHAP (MS-CHAPv2)
Extensible Authentication Protocol EAP
802.1x – Network Access Control NAC
148
7/30/2015
7/30/2015 148 ©2007 – Body Temple
74
Network Access Control
Cisco NAC / Microsoft NPAS (NAP)

Posture Assessment
• Antimalware
• Updates
• Firewall
Guest Networks
Quarantine Networks
149
7/30/2015
7/30/2015 149 ©2007 – Body Temple
AAA
Centralized Authentication, Authorization and

Accounting:
Remote Authentication Dial-in User Service RADIUS
Terminal Access Controller Access-Controller
System TACACS+ (Cisco)
150
7/30/2015
7/30/2015 150 ©2007 – Body Temple
75
KERBEROS
Authentication protocol for TCP/IP networks

allowing centralization of authentication on a single
server (Domain Controller)
Uses UDP / TCP port 88
Key Distribution Center
TGT (Ticket Granting Ticket)
TGS (Ticket Granting Session)
151
7/30/2015
7/30/2015 151 ©2007 – Body Temple
Authorization
Permissions
Rights
Access Controls
Share / Security
Permissions
Security Groups
152
7/30/2015
7/30/2015 152 ©2007 – Body Temple
76
MODULE 12
NETWORK THREATS
153
7/30/2015
7/30/2015 153 ©2007 – Body Temple
SECURITY
CIA
• Confidentiality
• Integrity
• Availability
AAA
• Authentication
• Authorization
• Accounting 154
7/30/2015
7/30/2015 154 ©2007 – Body Temple
77
SECURITY THREATS
Denial of Service (DOS)

Distributed DOS (DDOS)
• Smurf
• Fraggle
• Botnet
• SYN Flood
155
7/30/2015
7/30/2015 155 ©2007 – Body Temple
SECURITY THREATS
DNS Poisoning
ARP Cache Poisoning
IP Spoofing
Session Hijacking
VLAN Hopping
156
7/30/2015
7/30/2015 156 ©2007 – Body Temple
78
Malicious Software (Malware)
Virus
Worm
Trojan Horse
Rootkit
Adware/Spyware
Antimalware / Antivirus
System well patched and maintained
157
7/30/2015
7/30/2015 157 ©2007 – Body Temple
VULNERABILITIES
Unnecessary Services/Applications
Unpatched Systems/Applications
Open Ports
Unencrypted systems
RF Emanation/TEMPEST
Insider Threats
158
7/30/2015
7/30/2015 158 ©2007 – Body Temple
79
WIRELESS SECURITY
WAR Driving / WAR Chalking

WEP/WPA/WPA2 Cracking
Rogue Access Point
Evil Twin
Bluejacking
Bluesnarfing
159
7/30/2015
7/30/2015 159 ©2007 – Body Temple
SOCIAL ENGINEERING
Using or manipulating users for nefarious

gain – Flattery and Authority
• Phishing
• Vishing
• Tailgating
• Shoulder Surfing
• Hoax
160
7/30/2015
7/30/2015 160 ©2007 – Body Temple
80
SECURITY POLICIES
Security Audit
Clean Desk Policy
Password Policy
Acceptable Usage Policy
161
7/30/2015
7/30/2015 161 ©2007 – Body Temple
MITIGATION
User Training and Awareness

Patches and Upgrades
• OS
• Application
• Drivers
• Firmware
Anti-Malware Software
162
7/30/2015
7/30/2015 162 ©2007 – Body Temple
81
Network Security - MITIGATION
Firewalls
IDS
IPS
PROXY SERVERS
163
7/30/2015
7/30/2015 163 ©2007 – Body Temple
VULNERABILITY SCANNERS
NESSUS
NMAP
MBSA
164
7/30/2015
7/30/2015 164 ©2007 – Body Temple
82
PHYSICAL SECURITY
Security Zones
• Proximity readers
• Mantraps
• Badges/Tags
Comms Room Security
CCTV
Access Controls
165
7/30/2015
7/30/2015 165 ©2007 – Body Temple
RISK AVOIDANCE
Disaster Recovery
• Disaster Recovery Plan (DRP)
Business Continuity
• Business Continuity Plan (BCP)
Power
• Redundant systems
• Uninterruptable Power Supply (UPS)
166
7/30/2015
7/30/2015 166 ©2007 – Body Temple
83
REDUNDANCY
DISKS
• RAID
POWER
• UPS
SERVERS
• Clustering
• Virtualization
NETWORK
• Redundant Switches / NICs
7/30/2015
167
7/30/2015 167 ©2007 – Body Temple
RAID
RAID 0
RAID 1
RAID 5
RAID 10
168
7/30/2015
7/30/2015 168 ©2007 – Body Temple
84
MODULE 13
Wide Area Networking
169
7/30/2015
7/30/2015 169 ©2007 – Body Temple
WAN Terminology
CPE - Customer Premises Equipment

Demarc – (demarcation point) marks the interface between
customer-premises equipment and network service provider
equipment.
NI – Network Interface (coincides with Demarc)
CSU/DSU (Channel service unit/data service unit) - Connects WAN to
customer network
Local loop
• Connects Demarc to Switching Office (Carrier’s POP)
• From Phone Room Closet to Demarc
CO – Central Office which connects customer to switched network
SOHO – Small Office Home Office
170
7/30/2015
7/30/2015 170 ©2007 – Body Temple
85
WAN Media
Copper Carriers (Telephone Industry)

• T1 / T3 Lines
Fiber Carriers
• Synchronous Optical Network (SONET)(US)
• Synchronous Digital Hierarchy (SDH)(EUR)
171
7/30/2015
7/30/2015 171 ©2007 – Body Temple
Copper Carriers
CARRIER CHANNELS SPEED

T1 24 1.544 Mbps
T3 672 44.736 Mbps
E1 32 2.048 Mbps
E3 512 34.368 Mbps
172
7/30/2015
7/30/2015 172 ©2007 – Body Temple
86
Optical Carriers (Synchronous Optical Network)
SONET Optical Level Line Speed

OC-1 51.85 Mbps
OC-3 155.52 Mbps
OC-12 622.08 Mbps
OC-24 1.244 Gbps
OC-48 2.488 Gbps
OC-192 9.952 Gbps
OC-255 13.21 Gbps
OC-768 39.82 Gbps
173
7/30/2015
7/30/2015 173 ©2007 – Body Temple
Fiber – Wavelength Division Multiplexing
WDM – Allows for several different optical

carriers on a single optical fiber by using
different wavelengths.
Two technologies used are:
• DWDM – Dense WDM
• CWDM – Coarse WDM
174
7/30/2015
7/30/2015 174 ©2007 – Body Temple
87
Packet Switching
Allows for protocols to use T and OC linked mesh

connections to ‘route’ from one location to another
Originally used X.25 (CCITT Packet Switching
Protocol)
Now mostly uses:
Frame Relay
Asynchronous Transfer Mode (ATM)
175
7/30/2015
7/30/2015 175 ©2007 – Body Temple
FRAME RELAY
Primarily used for T-Carrier lines

Uses Frame Relay Bridges and/or Routers
No guarantee of data integrity but low error rate
Creates a Permanent Virtual Circuit (PVC)
A permanent virtual circuit (PVC) is a virtual circuit established for repeated
use between the same types of equipment.
176
7/30/2015
7/30/2015 176 ©2007 – Body Temple
88
ATM
High speed reliable links used for:

Voice
Data
Fax
Media (Video/Audio/Imaging)
177
7/30/2015
7/30/2015 177 ©2007 – Body Temple
Multi Protocol Label Switching (MPLS)
Replacement for Frame Relay and ATM

The process of transporting IP packets by encapsulating
them and using a label to specify a path through the
network
The idea is based upon removing the need for routing
table lookups
Labels can be based upon source address, QoS value or
other parameters
Labels can override the routing table
MPLS can run over a variety of layer 2 technologies
178
7/30/2015
7/30/2015 178 ©2007 – Body Temple
89
‘The Last Mile’
Connection between user and central office

Dial-up
Digital Subscriber Line (DSL)
Cable
Satellite
Fiber
Broadband over Powerline (BPL)
179
7/30/2015
7/30/2015 179 ©2007 – Body Temple
DIAL UP
POTS or PSTN
Expensive
Unreliable
Requires a dial-up
Uses Point to Point Protocol (PPP) to connect, authenticate
and negotiate network protocol (TCP/IP)
V-Standards
V.22 (1,200Bps) – V.92 (57,600 bps)
180
7/30/2015
7/30/2015 180 ©2007 – Body Temple
90
Integrated Services Digital Network (ISDN)
ISDN consists of two Channels:

Bearer (B Channels)
Carry Data, Voice information
Delta (D Channels)
Carry setup and configuration information
Basic Rate Interface (BRI) uses 2B+D
Primary Rate Interface (PRI) uses 23B+D (US)
8-30B+D (EUR)
181
7/30/2015
7/30/2015 181 ©2007 – Body Temple
DSL
Asymmetric Digital Subscriber Line (ADSL)

Symmetric DSL (SDSL)
Very High Bitrate DSL (VDSL)
Uses existing telephone lines via DSL modem

Standard RJ11 connectors
Low pass filters to remove DSL for telephone calls
Always on
182
7/30/2015
7/30/2015 182 ©2007 – Body Temple
91
Wireless WAN
Cellular WAN
High Speed Packet Access (HSPA+)
WiMAX (World Wide Interoperability for
Microwave Access)
LTE (Long Term Evolution)
183
7/30/2015
7/30/2015 183 ©2007 – Body Temple
VOIP
Uses existing IP network for voice calls

Uses three standards
 RTP – Real Time Transport Protocol
 SIP – Session Initiation Protocol
 H.323
184
7/30/2015
7/30/2015 184 ©2007 – Body Temple
92
Troubleshooting WAN Issues
Key problems areas:

• Lack of Internet connectivity
• Interface errors
• Split Horizon
• DNS
• Router configurations
• Security Policy (Firewalls)
185
7/30/2015
7/30/2015 185 ©2007 – Body Temple
MODULE 14
TROUBLESHOOTING
186
7/30/2015
7/30/2015 186 ©2007 – Body Temple
93
Basics of Troubleshooting
Identify the
Problem
Establish
Document probable
cause
Verify Test
functionality Theory
Implement
Plan of
and test
Action
solution 187
7/30/2015
7/30/2015 187 ©2007 – Body Temple
Tools of the trade
Protocol Analyzer
Throughput Tester
Remote Desktop Software
Command Line Tools
Wireless Analyzer
188
7/30/2015
7/30/2015 188 ©2007 – Body Temple
94
TCP/IP Utilities
IPCONFIG
/all
/displaydns
/registerdns
/flushdns
/release
/renew
189
7/30/2015
7/30/2015 189 ©2007 – Body Temple
IFCONFIG (UNIX/LINUX)
Eth0 up (enables 1st Ethernet Card)
Eth0 down (disables)
190
7/30/2015
7/30/2015 190 ©2007 – Body Temple
95
ICMP
PING
PATHPING
TRACERT
MTR (UNIX/LINUX) (Similar to TRACERT and PING)
191
7/30/2015
7/30/2015 191 ©2007 – Body Temple
ARP
Address Resolution Protocol

IP to MAC Address
192
7/30/2015
7/30/2015 192 ©2007 – Body Temple
96
NETSTAT
-a (connections
and listening
ports)
-o (process ID)
-r (routing table)
193
7/30/2015
7/30/2015 193 ©2007 – Body Temple
NBTSTAT
NETBIOS Names (is case sensitive)

-n (local system)
-c (cache)
-R (purge and reload cache)
194
7/30/2015
7/30/2015 194 ©2007 – Body Temple
97
NSLOOKUP
DNS Diagnosis
-ls (list)
-d (domain)
-t (type)
195
7/30/2015
7/30/2015 195 ©2007 – Body Temple
DIG
UNIX/LINUX addition to NSLOOKUP
196
7/30/2015
7/30/2015 196 ©2007 – Body Temple
98
Network Monitoring
Baselines
• CPU
• RAM
• HDD
• NETWORK
Performance Monitor
System Logs (syslog)
Traffic Analyzer (Wireshark)
SNMP – Simple Network Management Protocol
197
7/30/2015
7/30/2015 197 ©2007 – Body Temple
SIEM
Security information and event management (SIEM)

is a term for software products and services
combining security information management
Used for the collation of the following types of
information:
• Data aggregation
• Correlation
• Alerting
• Compliance
• Retention
• Forensic analysis 198
7/30/2015
7/30/2015 198 ©2007 – Body Temple
99
Windows Performance Monitoring
199
7/30/2015
7/30/2015 199 ©2007 – Body Temple
SNMP Monitoring
200
7/30/2015
7/30/2015 200 ©2007 – Body Temple
100
Simple Network Management Protocol
Allows the administrator to set a ‘trap’ on a

device to collect information
Uses UDP to send communication from the
management system to the agent to get
information or change configuration
SNMPv3 adds message integrity,
authentication and encryption.
Uses port 161
201
7/30/2015
7/30/2015 201 ©2007 – Body Temple
Testing Equipment
Multimeter
Testing resistance for
shorts
202
7/30/2015
7/30/2015 202 ©2007 – Body Temple
101
Tone Locators and Toner Probes
Locate cable runs
203
7/30/2015
7/30/2015 203 ©2007 – Body Temple
Cable Tester
Broken wires
Improperly wired
Cable shorts
May record speed and
settings (Certifier)
204
7/30/2015
7/30/2015 204 ©2007 – Body Temple
102
Cable Tester (advanced)
Time-Domain Reflector (TDR)

Optical TDR (for Fiber)
205
7/30/2015
7/30/2015 205 ©2007 – Body Temple
Cable Issues
Bad wiring/connectors
Crosstalk
Near End/Far End Crosstalk
Attenuation
Collisions
Shorts
Echo (Open Impedance Mismatch)
Interference/EMI
Split pairs
TX/RX Reverse 206
7/30/2015
7/30/2015 206 ©2007 – Body Temple
103
Fiber Cable Issues
Cable Mismatch
Bad connectors/dirty connectors
Distance limitations
Bend Radius
207
7/30/2015
7/30/2015 207 ©2007 – Body Temple
Cable Stripper / Crimper
208
7/30/2015
7/30/2015 208 ©2007 – Body Temple
104
Butt Set
Used to test Telephone Lines
209
7/30/2015
7/30/2015 209 ©2007 – Body Temple
Other Network Issues
Temperature
Environment (Humidity)
HVAC used to mitigate
210
7/30/2015
7/30/2015 210 ©2007 – Body Temple
105
MODULE 15
Management, Monitoring &
Optimisation
211
7/30/2015
7/30/2015 211 ©2007 – Body Temple
Network Management
Wiring Schematics
Physical Network Diagram
• Physical Connections
• Network Devices
• Computers
• Peripherals
212
7/30/2015
7/30/2015 212 ©2007 – Body Temple
106
Network Management
Logical Network Diagram

• IP Address schemes
• Protocols
Domain
• User accounts
Organizational Unit Organizational Unit
Organizational Unit Organizational Unit
Group Computer User
213
7/30/2015
7/30/2015 213 ©2007 – Body Temple
Network Management
Asset Management
• ISO 19770
IP Address Management
• Documentation
• IPAM
214
7/30/2015
7/30/2015 214 ©2007 – Body Temple
107
Network Management
Policies
• Security Policies
• Change Management
Standard Business Documents
• Statement of Work (SOW)
• Memorandum of Understanding (MOU)
• Master License Agreement (MLA)
• Service Level Agreement (SLA) 215
7/30/2015
7/30/2015 215 ©2007 – Body Temple
Change Management Procedures
Document reason for change

Change request
Configuration procedures
Rollback Process
Potential Impact
Notification
216
7/30/2015
7/30/2015 216 ©2007 – Body Temple
108
Change Management Procedures
Approval Process
Maintenance Window
Authorized Downtime
Notification of Change
Documentation
217
7/30/2015
7/30/2015 217 ©2007 – Body Temple
Network Management
Safety Practices
• Electrical Safety
• Installation Safety
• Material Safety Data Sheet (MSDS)
218
7/30/2015
7/30/2015 218 ©2007 – Body Temple
109
Network Management
Emergency Procedures
• Fire Escape Plan
• Safety/Emergency Exits
• Fail Open/Fail Close
• Emergency Alert System
• Fire Suppression System
219
7/30/2015
7/30/2015 219 ©2007 – Body Temple
Network Optimization
Performance
• QOS
Unified Communications
Bandwidth
• Traffic Shaping
Load Balancing
High Availability
Caching Engines
220
7/30/2015
7/30/2015 220 ©2007 – Body Temple
110
Network Optimization
Backups
• Full
• Incremental
• Differential
Backup Type Data Backup Time Restore Time Storage
Space
FULL All data Slowest Fastest High
INCREMENTAL New/Modified Fast Slower Low

data
DIFFERENTIAL All data since Moderate Faster Moderate
last full
221
7/30/2015
7/30/2015 221 ©2007 – Body Temple
Virtualization
Examples of virtualization technology:

• VMWare vSphere
• Microsoft Hyper-V
• Citrix XenServer
222
7/30/2015
7/30/2015 222 ©2007 – Body Temple
111
Virtualization
Power Saving
Consolidation of Hardware
Recovery / Duplication
Test and Development
Costs
223
7/30/2015
7/30/2015 223 ©2007 – Body Temple
Virtualization
Virtual Networking (Switches)

Virtual Hard Drives
Virtual Desktops
Virtual Applications
Network/Infrastructure As A Service (NaaS)(IaaS)
Platform As A Service (PaaS)
Software As A Service (SaaS)
224
7/30/2015
7/30/2015 224 ©2007 – Body Temple
112
Virtualization
Cloud Concepts
• Private
• Public
• Hybrid
• Community
• Elastic
225
7/30/2015
7/30/2015 225 ©2007 – Body Temple
113

Network Plus Courseware

Uploaded by

Copyright:

Available Formats

Network Plus Courseware

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Network Plus Courseware

Uploaded by

Copyright:

Available Formats

COMPTIA

The CompTIA Network+ certification is an internationally

CompTIA Network+ exams are based on these objectives.

CompTia Network+ Objectives

A full list of the CompTia Network+ Objectives and

Module 1: Introduction to Networks

Network+ Modules – DAY 2

Module15: Management, Monitoring and

“Two or more connected computers that can

Clients and Servers

Star (Hub and Spoke)

Backbone and Segments

The OSI model is the primary architectural model

OSI Reference Model

The application layer provides connectivity between users

The presentation layer formats the data to be presented to

The session layer allows session establishment between

The transport layer ensures that messages are delivered

The network layer controls the operation of the subnet,

The data link layer provides error-free transfer of data

The IEEE Ethernet Data Link layer has two sublayers

Devices which work at Layer 2 include:

OSI – DATALINK LAYER – IEEE 802 Standards

IEEE 802. STANDARD Topic

802.1 LAN/MAN Management

The physical layer is concerned with the transmission and reception

Devices that work at Layer 1 include:

PLEASE DO NOT THROW SAUSAGE PIZZA AWAY!

7/30/2015 30 ©2007 – Body Temple

RJ45 plugs and sockets are most commonly used as

T568B is more common

Rollover and Loopback CABLE

Console Cable used to connect Administrator

Loopback Cable used for diagnostics and

ST Connector (Straight Tip)

Allow the conversions between different

Other types of communications cables

Patching and Cabling

MDF – Main Distribution Frame is a terminating point where

66 Block used for Telephone systems

The DEMARC or demarcation point is the point at which the

Ethernet Standards 802.3

Ethernet descriptive labels

10Base2 (runs for 185 Metres)

CSMA/CD is known as a contention method because

CSMA/CD is used by all implementations of

CSMA/CD working without a collision:

2.If clear then a host will place data on the media

3.Then listens to see if data sent has a collision

CSMA/CD working with a collision:

2.If clear then a host will place data on the media

3.Then listens to see if data sent has a collision

5.Both devices send a jam signal

6.Both devices start a timer (back off algorithm)

7.First host whose timer expires repeats steps 1-3

8.Then the second node will perform steps 1 - 3

CSMA/CA (Collision Avoidance)

Used on Wireless Networks

Media Access Control (MAC)

Common Ethernet Cable Types