CompTIA NETWORK +

TRAINING
Who Needs CompTIA Network+?
I Just Want to Learn about Networks!

Is your goal only to get a solid handle on networks and a jump start on
the basics? Are you looking for that training that starts installing and
troubleshooting a network? Do you want to know what’s involved with
running network cabling in your walls or getting your new wireless
network working? Are you tired of not knowing enough about TCP/ IP
and how it works? If these types of questions are running through your
mind, then rest easy— you are in the right training class. You’ll look at
real-world networking as performed by real techs. This is a class that
understands your needs and goes well beyond the scope of a single
certification.
What CompTIA N+ expects as to know
Exams N10-005 to N10 - 006

• CompTIA N+ has listened carefully to industry partners and subject

matter experts when developing the new Network+ exam (N10-006).
These experts have indicated that professional-level knowledge of
networking has increased in complexity.
• Today, individuals who have 9 months of networking experience are
expected to analyze technologies and weigh decisions more than ever
before.
What CompTIA N+ expects as to know
Exams N10-005 to N10 - 006

In particular, we have noted the following

• Skills in virtualization, security, managing mobile devices, and using
cloud technologies have greatly increased in importance since 2011.
They are vitally important at the Network+ level.
• Troubleshooting has become more complex, and is considered even
more important than in 2011. Therefore, 24% of the exam is
dedicated to troubleshooting skills.
 Course Content CompTIA N+
Understanding Networks The Physical Network The World of TCP/IP
Network Models Cabling and Topology Introduction to IP address and binary
Meet the Frame Coaxial Cabling Introduction to ARP
The Mac Address UTP and STP cabling Subnet mask
Broadcast vs Unicast Classful addressing
Fiber-optic cabling Sub netting with CIDR
Hubs and Switches
Introduction to IP addressing Introduction to Ethernet Dynamic and static IP
Packets and ports Early Ethernet Rogue DHCP servers
The OSI model vs. The TCP/IP The Daddy of Ethernet 10BaseT Special IP Addresses
model Modern Ethernet Quiz
Walking through the OSI and Modern Ethernet, switches and duplex
TCP/IP Model Connecting switches Routing
Quiz Gigabit Ethernet and 10 -gigabit Ethernet Introducing routing
Switch backbones Understanding ports
Introduction and structured cabling Network Address Translation (NAT)
Crimping cables Implementing NAT
Punch down blocks Port Forwarding
MDF, Demarc, and tour of the equipment room DMZ, port range forwarding, port
Testing cable triggering
Troubleshooting structured cables SOHO router
Advance troubleshooting structured cabling Routing and protocols -RIP
Using toner and probe Open short path first(OSPF)
Quiz Border gateway protocol
Quiz
Making TCP/IP Work TCP/IP Advanced IP Networking Beyond the Typical Network
Applications Advance Networking Devices Wireless Networking
Introduction to TCP and UDP Client /Server vs peer-to peer Introduction to Wi-Fi and wireless access points
ICMP and IGMP Virtual Private Networks (VPNs) 802.11 standards
Introduction to Wireshark Introduction to VLANs Power over Ethernet (POE)
The netstat command InterVLAN routing Wireless security standards
Web servers Implementing wireless security
Interfacing with managed switches
File Transfer protocol (FTP) Threats to your wireless network
Email servers and clients Port bonding Retro threats
Telnet and SSH Port mirroring Wi-Fi Protected Setup (WPS)
Quiz Quality of service Wireless problem scenarios
IDS vs IPS Planning and installing a wireless network
Network Naming Quiz Quiz
What is DNS
How is DNS? IPv6 Virtualization and cloud computing
How DNS works Introduction to IPv6 Virtualization basics
The HOST File Advance IPv6 addressing Your first virtual machine
Nbstat IPv6 tunnels Infrastructure as a service(laaS)
Dynamic DNS Quiz Platform as a service (SaaS)
DNS troubleshooting Cloud ownership
Quiz Remote Connectivity Quiz
Telephony Technologies
Securing TCP/IP Optical carriers Building a Real-World Network
Symmetric encryption Packet switching Network types
Asymmetric encryption Connecting with dial-up Network design
Cryptographic hashes Digital Subscriber Line (DSL) SCADA and ICS
Access control Connecting with cable modems Unified communications
AAA Connecting with satellites Quiz
Kerberos /EAP Cellular WAN
Cryptographic tunnel with SSH ISDN and BPL
Network Time Protocol Remote connectivity
Quiz Quiz
 Managing the Network
Managing Risk
Risk management
Security policies
Change management
User training
Point of failure
Standard business documentation
Quiz

Protecting your network

Threats
Social engineering
Access control
Testing network security
Mitigating network threats
Introduction to firewalls
Firewalls
DMZ
Quiz

Network Monitoring
SNMP
Documenting logs
Quiz

Network Troubleshooting
MTU problems
Bad connection solutions
Titanium tech
Quiz
 LESSON 1
Understanding Networks
 Meet the frame
LESSONS POINTS

. Devices on a network send

and receive data in discreet
chunks called frames (or
packets)

. Frames are a maximum of

1500 bytes in size

. Frames are created and

destroyed inside the network
interface card (NIC)

. 8bit to a byte
 The Mac Address
How do frame know how to get to the right computer

LESSONS POINTS Using the MAC address is a great way to move data around, but this process raises
an important question. How does a sending NIC know the MAC address of the NIC
to which it’s sending the data? In most cases, the sending system already knows
. A MAC address is a unique the destination MAC address because the NICs had probably communicated
48-bit identifier for a NIC earlier, and each system stores that data.
. Frames have a destination If it doesn’t already know the MAC address, a NIC may send a broadcast onto the
and source MAC addresses network to ask for it. The MAC address of FF-FF-FF-FF-FF-FF is the broadcast
address—if a NIC sends a frame using the broadcast address, every single NIC on
. NICs use MAC addresses to the network will process that frame. That broadcast frame’s data will contain a
decide whether or not to request for a system’s MAC address. Without knowing the MAC address to begin
process a frame. with, the requesting computer will use an IP address to pick the target computer
out of the crowd. The system with the MAC address your system is seeking will
. MAC addresses are also read the request in the broadcast packet and respond with its MAC address.
known as physical addresses.
• Data into a network from a computer > sends it to a NIC> NIC creates a frame >
sends to a HUB( repeater) repeater makes multiple copies and send them to the
various computers on the network. // what is wrong with this kind of data
transfer//
• MAC address is HEXADECIMAL CHARACTERs each character represent 4 binary
characters
• MAC address across on the network is a unique identifier to represent the
destination of the frame. so 12 hexadecimal characters FF-FF-FF-FF-FF-FF each of
these characters is 4 bits so we have 48 bits identifier for NIC
• FF-FF-FF-FF-FF-FF

OEM-Manufacture ID Unique ID
Realtek, Broadcom etc

B A FRAME CRC
cyclic redundancy check
good or bad data
After the NIC creates the frame it adds the
FCS and then dumps it and the data into
the frame

The NIC puts both the destination MAC

address and its own MAC address onto the
frame. It waits until no other NIC is using the
cable and then sends the frame through the
cable to the network
 Broadcast vs. Unicast
When data is sent to a destination, a destination NIC decides to
LESSONS POINTS save the MAC address of the SOURCE for future sending back
. A unicast transmission is
of data to the source,
address to a single device on a
network BUT NICs in a network do not always know their destination so
. A broadcast transmission is
it sends out a broadcast to ask NICs in a network to share their
sent to every device in a mac addresses – Hence the term Broadcast Domain.
broadcast domain.

. A broadcast address looks

like this FF-FF-FF-FF-FF-FF
Getting data from one system to another in a simple network (defined as one in which all
the computers connect to one switch) takes relatively little effort on the part of the NICs.

But one problem with simple networks is that computers need to broadcast to get MAC
addresses. It works for small networks, but what happens when the network gets big, like
the size of the entire Internet? Can you imagine millions of computers all broadcasting? No
data could get through. Equally important, data flows over the Internet using many
technologies, not just Ethernet. These technologies, such as SONET, ATM, and others, don’t
know what to do with Ethernet MAC addresses. When networks get large, you can’t use the
MAC addresses anymore.

Large networks need a logical addressing method, like a postal code or telephone
numbering scheme, that ignores the hardware and enables you to break up the entire large
network into smaller networks called subnets.
 Switches & Hub
• Hub makes multiple copies of a frame and distribute across the
LESSONS POINTS
network
. A hub repeats each frame to • Switch is smart keeps a track of the MAC address of the
every connected device computers that are hook to the network based on ports
. A switch knows the MAC • This allow ports to work at full bandwidth
addresses of the connected
devices and only sends frames Trouble shooting Hubs and Switches
to the appropriate one. The hubs and simple switches function flawlessly for years without any need
for a tech to do more than wipe dust off the top. Very occasionally you’ll run
into a hub or switch that has problems. These problems fall into three
categories
• Obvious physical damage
• Dead ports
• General flakiness
Introduction to IP Addressing
LESSONS POINTS To move past the physical MAC addresses and start using
logical addressing requires some special software called a
. An IP address looks like this network protocol. Network protocols exist in every
32.44.17.231 operating system. A network protocol not only has to create
unique identifiers for each system, but also must create a
. A router connects multiple set of communication rules for issues like how to handle
local area networks
data chopped up into multiple packets and how to ensure
. An IP packet always exist those packets get from one subnet to another. Let’s take a
inside a frame. moment to learn a bit about the most famous network
protocol—TCP/IP—and its unique universal addressing
system.
• To be accurate, TCP/IP is really several network protocols designed to work
together—better known as a protocol suite—but two protocols, TCP and IP, do
so much work that the folks who invented all these protocols named the
whole thing TCP/IP. TCP stands for Transmission Control Protocol, and IP
stands for Internet Protocol. IP is the network protocol
• No two systems on the same network share the same IP address; if two
machines accidentally receive the same address, unintended side effects may
occur. These IP addresses don’t just magically appear—they must be
configured by the end user (or the network administrator). What makes logical
addressing powerful is the magic box—called a router—that connects each of
the subnets. Routers use the IP address, not the MAC address, to forward
data. This enables networks to connect across data lines that don’t use
Ethernet, like the telephone network. Each network type (such as Ethernet,
SONET, ATM, and other) uses a unique frame.
Mac address issue
1.To many broadcast create issues and confuses the network
2.They don’t identify that all computers are on a single network
192.168.0.X
So to work with bigger networks you need a new type of addressing call Broadcast Domain

LOGICAL ADRESSING (IP ADRESSING)

1. IP address are not fixed to the NIC so you can apply the address to the NIC Router
2. It is used to identify a particular network ( 192.168.0.1)
3. The computers on the network will take all the three values of the IP the forth value will 172.16.26.X
be the number for the individual computer. Broadcast Domain

How do you add two broadcast domain together?

HOW DATA IS SENT ACROSS TWO BROADCAST MAC B
Computer looks at the destination IP and realize it is not part of his network so it going to MAC A
add MAC address of the router . When the router is sending the frame it will add the Source
192.168.0.x
MAC address as well as the destination(different network) Mac Address of the different 172.16.26.X
network.
• IP PACKET is DATA + Destination IP + Source IP IP PACKET
Frame
• Routing table is built-into every router – tells router where to send data
CRC
• To send the data your router will start adding all data component including the source
mac address of the sending computer and the destination computer.
 Packets and ports
LESSONS POINTS How do l get the data to the right application ?
How do l make sure the data is complete full working guaranteed ?

. Port Numbers help direct IP Packet

packet traffic between the
source and the destination

. Packets have a sequencing Port Numbers

number so that the network Port numbers are unique to
software can reassemble the individual applications used
file correctly all over the internet
80 16394 Return ports
. TCP is connection – oriented;
UDP is connectionless How the data gets back to my computer
after the webserver starts responding
Practice exams
http://www.examcompass.com/comptia/net
The first 1024 ports are well known ports
work-plus-certification/free-network-plus- and cannot not be used are return port number
practice-tests
 Ethernet Frame DATA
Source

MAC B IP B Port B

CRC
MAC A IP A Port A Sequencing
No.

Destination
 IP Packet DATA
Source

IP B Port B

IP A Port A Sequencing
No.

Destination
 What is a MODEL
LESSONS POINTS What is a MODEL
Networking is hard. It takes a lot of pieces, both hardware and software, to get
. We use the term modelling anything done.
to represent how a network
functions Just making Google appear in your Web browser requires millions of hours in
research, development, and manufacturing. Whenever we encounter highly complex
. There are two very popular technologies, we need to simplify
network models. the overall process by breaking it into discrete, simple, individual processes. We do
this using models.
. The OSI7 - Layer Model and
the TCP/IP Modeling is critical in networking. We use models to understand and communicate
with other techs about networks.
TIP
Memorize the OSI and TCP/IP
model
 The OSI model vs. The TCP/IP model
LESSONS POINTS To help make interconnectivity work the OSI was born
7 distinct functions that a network must do.
The OSI is being supplanted with the TCP/IP model
. Know the 7 layers of the OSI
level OSI Model 1. Physical layer – what types of cable
2. Data link – anything that works with a mac address
7 Application 3. Network layer – logical addresses
. Know the four layers of the 6 Presentation 4. Transport layer – assembles and disassembles data in good order makes
TCP/IP model 5 Session sure data is in perfect shape
4 Transport 5. Session layer – the kind of connections between two systems – ( tcp
connection b/n a client server etc.)
Practice exams
3 Network 6. Presentation layer – It is used to convert data to formats that your
http://www.examcompass.com/comptia/net 2 Data link application can read
work-plus-certification/free-network-plus- 7. Application layer – is the API you find in application software's that make
practice-tests
1 Physical
the network aware

TCP/IP Model 1. Network interface – cabling and mac address devices

2. Internet – IP address, logical addressing
4 Application 3. Transport – does assembling and disassembling also does what ever it
3 Transport takes to connect data between systems
2 Internet 4. Application layer is – Session + Presentation + Application in the OSI
1 Network Interface
 Walking through the OSI and TCP/IP Model
LESSONS POINTS
OSI Model TCP/IP Model
. Learn how the OSI Model 7 Application 4 Application
correspond to the TCP/IP 6 Presentation 3 Transport
Model 5 Session 2 Internet
4 Transport 1 Network Interface
Practice exams
3 Network
http://www.examcompass.com/comptia/net 2 Data link
work-plus-certification/free-network-plus-
practice-tests
1 Physical
 LESSON 2
The Physical Network
Cabling and Topology
• Cabling and Connectors The majority of networked systems link
together using some type of cabling. Different types of networks over
the years have used a number of different types of cables—and you
need to learn about all these cables to succeed on the CompTIA
Coaxial Network+ exam! This section explores both the cabling types used in
Cable older networks and those found in today’s networks. All cables used in
the networking industry can be categorized in two distinct groups:
copper and fiber-optic.

• All styles of cables have distinct connector types that you need to know.
Shielded twisted Copper Cabling and Connectors The most common form of cabling uses
copper wire wrapped up in some kind of protective sheathing, thus the
term copper cables. The two primary types of copper cabling used in
the industry are coaxial and twisted pair. Both cable types sport a
variety of connector types, none of which are actually copper
connectors, but that’s the term used in the CompTIA Network+
objectives to lump them together.

Unshielded twisted
 Coaxial cable

LESSONS POINTS
Coaxial Cable Coaxial cable contains a central conductor wire (usually copper)
. Coaxial cables use RG surrounded by an insulating material, which, in turn, is surrounded by a braided
numbers. metal shield. The cable is referred to as coaxial (coax for short) because the center
. Coaxial Cables have an wire and the braided metal shield share a common axis or centerline
impedance measured in ohms. Coaxial are label RG ( radio grade ) rating
. For the test be able to RG8 50ohms
recognize a BNC connector, a RG58 50ohms
T Connector and F-connector RG6 75ohms – cable modems – has F type connector
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Fiber optics
install and properly terminate the various cable types using the appropriate tools

LESSONS POINTS There 2 types of fiber cables – Multimode and Single mode
Multimode is designed to propagate light ( fiber network see light flashing )
They carry LED signals
. Multimode cables carry LED Single mode is designed to use lasers and much thinner – for long distance –
signals NOTE : you cannot have a switch or a network card design for multimode using
Single mode cable
. Single mode cables carry
laser signals
. For the test, be able to
recognize the different types
of fiber connectors
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Connectors

ST Connector
looks like a BNC SC Connector FC connector
Looks like your f connector

Fiber was always running two cables with two connectors

So there was an idea to run one connector with 2 fibers
Called High Density connector

LC Connector MT RJ connectors
Polishing ferro
When you cut off fiber it has to go through polishing before you put on the feral holder – connector piece
The Term is polishing – There are 3 types of polishing

regular polish Connector

Angle polish connector
for a really good connection

Ultra –polish connector

Roundness allows to propagate light better
than the regular PC
 STP & UTP cables
Twisted Pair The most common type of cabling used in networks consists of
LESSONS POINTS twisted pairs of cables, bundled together into a common jacket. Twisted-pair
cabling for networks is composed of multiple pairs of wires twisted around each
other at specific intervals. The twists reduce interference, called crosstalk: the
. UTP comes in CAT levels; Cat more twists, the less crosstalk. Networks use two types of twisted-pair cabling:
3 is the minimum for 10-Mbps shielded twisted pair and unshielded twisted pair
networks NOTE Have you ever picked up a telephone and heard a distinct crackling noise?
That’s an example of crosstalk.
.For the test be able to
recognize an RJ 11 and RJ-45 Shielded Twisted Pair (STP), as its name implies, consists of twisted pairs of wires
surrounded by shielding to protect them from EMI. STP is pretty rare, primarily
.Know the difference between because there’s so little need for STP’s shielding. The shielding only really matters in
a UTP and STP locations with excessive electronic noise, such as a shop floor with lots of lights,
and know their ratings electric motors, or other machinery that could cause problems for other cables.
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Cat 6 Ratings Very Important Note
UTP cables are rated to handle a certain
frequency or cycles per second, such as 100
MHz or 1000 MHz. You could take the
frequency number in the early days of
networking and translate that into the
maximum throughput for a cable. Each cycle
per second (or hertz) basically accounted for
one bit of data per second. A 10 million cycle
per second (10 MHz) cable, for example,
could handle 10 million bits per second
(10 Mbps). The maximum amount of data
that goes through the cable per second is
called the bandwidth. For current networks,
developers have implemented bandwidth-
Telecommunications Industry Association (TIA). The Electronic Industries efficient encoding schemes, which means
Alliance (EIA) (until 2011) worked with TIA to set the standards for UTP they can squeeze more bits into the same
signal as long as the cable can handle it.
cabling, among many other things.
Thus, the CAT 5e cable can handle a
EXAM TIP The CompTIA Network+ exam is only interested in your knowledge throughput of up to 1000 Mbps, even
of CAT 3, CAT 5, CAT 5e, CAT 6, and CAT 6a, 6E cables. though it’s rated to handle a frequency of
only up to 100 MHz.
Fire Rating – PVC – Riser - Plenum
Connectors

RJ 11

RJ 45
 Ethernet Basics
Introduction to Ethernet

LESSONS POINTS Ethernet is a standard for a family of network technologies that share the same basic bus
topology, frame type, and network access method. Because the technologies share these
essential components, you can communicate between them just fine. The implementation
Ethernet is defined by of the network might be different, but the frames remain the same. This is true for Ethernet
the IEEE802.3 standard running on a physical bus topology (the ancient 10Base5 and 10Base2) and a logical bus
topology (10BaseT and later). Ethernet’s designers faced the same challenges as the
designers of any network: how to send data across the wire, how to identify the sending
The IEEE has defined and receiving computers, and how to determine which computer should use the shared
many versions of the cable at what time.
Ethernet The engineers resolved these issues by using data frames that contain
MAC addresses to identify computers on the network and by using a process
For the test be able to called CSMA/CD to determine which machine should access the wire at any given time.
recognize the naming
syntax
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Standard Ethernet Nomenclature
10 Base 5
10 Base T
- 10mbps
- Base
Speed in Mbps The length of the cable – 500meters - Running unshielded twisted pair
with a switch in the middle

Base Or Broad

Base band is more like one Broadband

Channel for all voice, data etc. Run lot of different conversation- lots of channels
But every thing being used is Like cable TV
set on conversation at a time
 Early Ethernet
LESSONS POINTS The original cabling standard for Ethernet that uses coaxial cables. The name derives
from the fact that the maximum data transfer speed is 10 Mbps, it uses baseband
transmission, and the maximum length of cables is 500 meters.
CSMA/CD stands for carrier 10Base5 is also called thick Ethernet.
sense multiple access/collision
detection

10base 5 and 10 base 2

required terminating resistors
at both ends of a segment (
cable )

When connecting to 10Base 2

you must always use a T
connector
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Segmented Ethernet
no switch one big cable in the ceiling
CSMA/CD Ethernet networks use a system called carrier sense multiple access/collision detection (CSMA/CD) to
determine which computer should use a shared cable at a given moment. Carrier sense means that each node using
the network examines the cable before sending a data frame .
If another machine is using the network, the node detects traffic on the segment, waits a few milliseconds, and then
rechecks. If it detects no traffic—the more common term is to say the cable is “free”—the node sends out its frame.
 EXAM TIP CSMA/CD is a network access method that maps to the IEEE 802.3 standard
for Ethernet networks.

Multiple access means that all machines have equal access to the wire. If the line is free, any Ethernet node may begin
sending a frame. From Ethernet’s point of view, it doesn’t matter what function the node is performing: it could be a
desktop system running Windows 8 or a high-end file server running Windows Server or Linux. As far as Ethernet is
concerned, a node is a node and access to the cable is assigned strictly on a first-come, first-served basis. So what
happens if two machines, both listening to the cable, simultaneously decide that it is free and try to send a frame? A
collision occurs, and both of the transmissions are lost .A collision resembles the effect of two people talking at the same
time: the listener hears a mixture of two voices and can’t understand either one.
It’s easy for NICs to notice a collision. When two NICs send at the same time, the hub sends out the overlapping
signals, and the NICs immediately know that a collision has occurred. When they detect a collision, both nodes
immediately stop transmitting. They then each generate a random number to determine how long to wait before
trying again. If you imagine that each machine rolls its magic electronic dice and waits for that number of seconds,
you wouldn’t be too far from the truth, except that the amount of time an Ethernet node waits to retransmit is
much shorter than one second. Whichever node generates the lowest random number begins its retransmission
first, winning the competition to use the wire.

The losing node then sees traffic on the wire and waits for the wire to be free again before attempting to retransmit
its data. Collisions are a normal part of the operation of an Ethernet network. Every Ethernet network wastes some
amount of its available bandwidth dealing with these collisions. A properly running average Ethernet network has a
maximum of 10 percent collisions. For every 20 frames sent, approximately 2 frames will collide and require a
resend. Collision rates greater than 10 percent often point to damaged NICs or out-of-control software.
It’s easy for NICs to notice a collision. When two NICs send at the same time, the hub sends out the
overlapping signals, and the NICs immediately know that a collision has occurred. When they detect a
collision, both nodes immediately stop transmitting. They then each generate a random number to determine
how long to wait before trying again. If you imagine that each machine rolls its magic electronic dice and waits
for that number of seconds, you wouldn’t be too far from the truth, except that the amount of time an
Ethernet node waits to retransmit is much shorter than one second . Whichever node generates the lowest
random number begins its retransmission first, winning the competition to use the wire. The losing node then
sees traffic on the wire and waits for the wire to be free again before attempting to retransmit its data.
Collisions are a normal part of the operation of an Ethernet network. Every Ethernet network wastes some
amount of its available bandwidth dealing with these collisions. A properly running average Ethernet network
has a maximum of 10 percent collisions. For every 20 frames sent, approximately 2 frames will collide and
require a resend. Collision rates greater than 10 percent often point to damaged NICs or out-of-control
software.
Bus Ethernet 10BaseT In 1990, the IEEE 802.3 committee created a new
The original Ethernet networks employed a version of Ethernet called 10BaseT to modernize the first
true bus topology, meaning every computer generations of Ethernet. Very quickly, 10BaseT became the
on a network connected to the same cable, most popular network technology in the world, replacing
the bus. In a Thicknet (10Base5) network, for competing and now long-gone competitors with names like
example, devices tapped directly into a thick Token Ring and AppleTalk. Over 99 percent of all networks use
yellow cable that snaked throughout the 10BaseT or one of its faster, newer, but very similar versions.
network. The classic 10BaseT network consists of two or more
computers connected to a central hub. The NICs connect with
wires as specified by the 802.3 committee. 10BaseT hubs
10Base2 networks—some are still in use come in a variety of shapes and sizes to support different
today—use RG-58 coaxial cable with BNC sizes of networks. The biggest differentiator between hubs is
connectors on the end. The complete network the number of ports (connections) that a single hub provides.
is limited to 185 meters. The big quirk with bus A small hub might have only 4 ports, whereas a hub for a
networks involves the signal. The ends of the large network might have 48 ports. As you can imagine, the
bus have to be terminated, otherwise the more ports on a hub, the more expensive the hub. Figure 4-
signal reflects and the whole network goes 10 shows two hubs. On the top is a small 8-port hub for small
down. 10Base2 can handle 30 devices per offices or the home. It rests on a 12- port rack-mount hub for
segment larger networks.
 Modern Ethernet, switches and duplex
LESSONS POINTS
100Base TX Fiber version which is 100Base Fx
know your 10BaseT types: 100Base F
100Mbps
names, distances, node - 1024 nodes per hub
1024 nodes per hub
number, etc. - Multimode
100 meters from node to hub
CAT 5e or better - 2 Kilometers
Know your 100Base types:
names, distance, node
number, etc. Full duplex being able to send and receive at the same time
For networks it started with 100Base T
For the test, be able to Eg. Of Half duplex is a hub, or a walker talky
recognize have vs full duplex. Eg. Of a full duplex is the operation of a switch
Practice exams
http://www.examcompass.com/comptia/net Now a days full duplexes are auto setup on your network card
work-plus-certification/free-network-plus- A rear case of manually setting half duplex is when you are using a cross cable
practice-tests
 Connecting switches
Given a scenario configure a switch using the proper features
Given a scenario where there is a need to expand our network – how will we go about it
LESSONS POINTS

Straight -through cables have I have a 24 port switch and l want to expand my broadcast domain l can
identical ends as 568B Add another 24 port switch and interconnect them
To inter connect these cables we use straight through cables or cross over cables
Crossover cables have
different ends- 568A and 568B Some Switches have an uplink port that is pre crossover port
For todays switches all ports are auto sensing ports so they detect if a cable is switch
Connect switches directly with To switch
crossover cables
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Gigabit Ethernet and 10 -gigabit Ethernet
Given a scenario, deploy the appropriate wired connectivity standard
Gigabit Ethernet and 10 Gigabit Ethernet

LESSONS POINTS Gigabit Ethernet 10 Gigabit Ethernet (10GbE)

1000mbps (1000Base xxxx) This is designed to work with the backbone
We have 4 Gigabyte standards Of the internet called the SONET.
Know your 1000Base types: 1.1000Base CX
name, distances node number Copper standard use a coax cable called 1. 10GBaseT this designed to work with
Twinax CAT6 – 55m CAT6A 100m
Know your 10GBase types: 25 meters between switch and node
names, distances, cable types FIBER 2. 10GBaseSR
Practice exams 2. 1000Base SX multimode 26m – 400m
http://www.examcompass.com/comptia/net Uses multimode fiber 10GBaseSR/SW
work-plus-certification/free-network-plus-
practice-tests Distance of 500 meters
3. 1000Base LX 3. They use the light wavelength (single mode )
Single –mode a. 10GBaseLR (Single mode) 1310NM 10KM
5 Meters b. 10GBase ER ( single mode) 1550nm 40km
4. 1000BaseT c. 10GBaseER/EW Designed to work on SONET
CAT 6 d. 10GBaseLR/LW
100meters
 Switch backbones
Given a scenario, configure a switch using proper features

LESSONS POINTS A world with running different speeds in a

network – we can run 1 and 10 gb on a network Bridge Loop HS
To run both we will have to deal with some
Improper cabling creates issues
bridge loops
HS HS HS 1GB
How do you wire everything together
Spanning Tree Protocol ( BACKBONE) Central
automatically shuts down
Switch 10GB
bridge loops NB GBIC gigabit interface convertor – help us to Low speed network
connect flexible switch to high speed back
High-speed switches bones that runs at high speeds than the rest of
connecting secondary the network.
switches are backbones . NB – bridge loop ( Luckily we have a spanning
Practice exams tree protocol (STP)helps to automatically turn
http://www.examcompass.com/comptia/net A port off )
work-plus-certification/free-network-plus-
practice-tests
 Introduction and structured cabling
Given a scenario, install and configure equipment in the appropriate location using best practices

LESSONS POINTS If you want a functioning, dependable, real-world network, you need a
solid understanding of a set of standards, collectively called structured cabling.
Structured cabling defines These standards, defined by the Telecommunications Industry Association/Electronic
how we install cabling Industries Alliance (TIA/EIA)—yup, the same folks who tell you how to crimp an RJ-45
onto the end of a UTP cable—give professional cable installers detailed
Telecommunication closet standards on every aspect of a cabled network, from the type of cabling to use to
/equipment room horizontal the position of wall outlets.
runs work area.
Structured cabling setup
Patch panel terminate one end Rack 8u
of horizontal runs
4U
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Crimping cables
Install and properly terminate various cable types and connectors using the appropriate tools

LESSONS POINTS

For the test, be able to

recognize the pinout for
T568A and T568B

Straight – through cables have

the same TIA connection on
each end

Crossover cables have Lets make Ethernet Cat6E A / B straight & Cross over cables
different TIA connections on
each end
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Punch down blocks
Install and properly terminate various cable types and connectors using appropriate tools

LESSONS POINTS

RJ – 45 crimps are used only

on patch cables

Horizontal runs are terminated

with 110 Punch downs
RJ45 outlet / Keystone
That sets on the wall face plate
Patch panel and RJ – 45 plugs
Let punch down cat6 into it
also have CAT ratings
Lets Punch down 24 port patch panel with
Practice exams Our 110 punch down tool
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus- Note the back of the patch panel is called 110 punch
practice-tests down
 MDF, Demarc, and tour of the equipment room
Given the scenario, install and configure equipment in the appropriate location using best practices

LESSONS POINTS There 2 ways which we can look at the equipment room
MDF – Main distribution frame is stack of servers and switches
in a rack
The primary equipment room
–
is called the main distribution
Other racks that connects with MDF will be called
frame ( MDF)
Intermediate Distribution frame ( IDF)
Rack-mounted equipment is
On the equipment rack has a standard height for the components
standardized at 19inches wide
In a rack Called a U – height of a U is 1.75 inches
and a multiple of 13/4 tall
1.75inches
Demarc this separates equipment from the cable company and
That of your equipment – hence yours is to tap service from the
The demark separate's the
Cable company devices for your LAN or TV
telecom company’s property
from your responsibility
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 Testing cable
Given a scenario, analyze and interpret the output of trouble shooting tools

LESSONS POINTS Wiremapping is a simple test that confirms that each wire is hooked up correctly,
with no opens or shorts. UTP intended only for POTS (plain old telephone service)
Make sure you understand voice applications actually only needs to be tested for wiremap. Wiremapping is
how to read and interpret the very straightforward.
wiremap feature of your tester
Continuity
Continuity testing show if the is when all the 8 trands of cable light up in a test
cable has any breaks Continuity Problem
This when the test indicates that a strand in a cable does not show up in a test
A time domain refectometer
(TDR) will show the length of Testing for distance ( Time domain reflectometer – TDR)
the cable and help pinpoint For UTP we are allowed 100meters between a node and switch but are true
mid-cable breaks max length will be 90meters to allow for patch cables
In the fiber optic situation we call it the OTDR
Practice exams
http://www.examcompass.com/comptia/net
Cross talk is interference within pairs on individual cable is measured in decibels
work-plus-certification/free-network-plus-
practice-tests
 Troubleshooting structured cables

LESSONS POINTS If you suspect that you a problem with your structured cabling
1. Verify if the operating system see the problem
2. Verify id there is a link light on your system
Loopback plugs test the NIC’s 3. Go to the switch to see if there is a link light there too
ability to send and receive 4. Remember if you do not have to link light your network is not in good
shape
Loopback plugs aren’t 5. Go to device panel and check for the network card – enabled, do you
effective but N+ thinks they have good IP information
are 6. Remember you can also have bad device drivers

Patch cables and wall outlets 7. We can also consider an RJ 45 Loop back which connects are RJ45 to PIN
are the most common part of 1 to PIN3 PIN 2 – PIN 6
structured cabling to fail 8. We can use the loop back to run a ping and it should tell us if the
Network card is good ( 127.0.0.1)
Practice exams 9. We need to watch out for our patch cables for damages
http://www.examcompass.com/comptia/net 10. We also need to check for our wall outlet they damage easily
work-plus-certification/free-network-plus-
practice-tests
 Advance troubleshooting structured cabling
Given a scenario, troubleshoot and resolve common copper issues

Problems with the structured cabling environment one please we look

out for is the work area
LESSONS POINTS
Time and time if we have an issue that tends to affect more that one user
Voltage monitors track and The we have to turn to the MDF of our equipment room
records problems with power 1. What if the main switch goes down, electricity can be the issue – so a volt meter can
Help to test the electricity, volt monitor can help check for voltage surges
Environmental/ temperatures For this issues you get a ups installed to cater for issues like these.
monitors track and records
problems with heat and Also remember they are electronics – they will not like moisture, heat so
humidity we can have environmental/ temperature monitor

TDR are great tools to check - Problems with horizontal run – use the TDR to check for break
for breaks on horizontal runs - Interference eg someone installed air-conditions,
( some one can gie you a clue – it only happens When is 5 in the day )
- UTP are likely to be affected by interference
Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus- - Fiber optical cable is susceptible to an interference called modal distortion this happens
practice-tests
In multimode, and is when light brakes into different rays of light
 Using toner and probe

LESSONS POINTS
Tone generator and tone probe
They are designed to find cables when you forget to label them
Tone generators and tone
probes are used to locate
cables and connections

Tone generator create the

signal for the probe

Tone probes translate the

signal into an audible tone

Practice exams
http://www.examcompass.com/comptia/net
work-plus-certification/free-network-plus-
practice-tests
 LESSON 3
The World of TCP/IP
LESSONS POINTS Introduction to IP address and binary
Given a scenario implement and configure the appropriate addressing schema
Each computer on a
TCP/IP must have a
unique IP address 192.168.0.1
- Every computer on a computer network must have a unique IP address
IP addresses are - IP address are distant and is four values separated by three dots.
written as four octets, - Real IP is 32 ones and zeros
such as 192.168.4.12 - There are no dots in IP they are separators
Lets break 32 shapes of ones and zeros to 8 of 4 groups Ones Zeros
Each octet represent a Dotted decimal notation
binary string, 192 for Is a short hand we use, to represent 32 ones and zeros
eg. Is 11000000 There are 256 combinations – in the IP world we start with zero
So it is 0-255 each octet is valued between 0 and 255

Practice exams
http://www.examcompass.com/co
mptia/network-plus-
certification/free-network-plus-
practice-tests
 192.168.0.1

128 64 32 16 8 4 2 1 =192

128 64 32 16 8 4 2 1 =168

128 64 32 16 8 4 2 1 =0

128 64 32 16 8 4 2 1 =1
 Introduction to ARP
LESSONS POINTS I have an IP packet, and l need to send to a computer on the network
But l do not have the mac address to make a frame so l need to use a process
Called ARP ( Address Resolution protocol) it sends a broadcast to say l know your IP add
ARP resolves IP address If this is your IP please respond – ( ARP resolves MAC addresses from IP addresses)
Type arp –a to see ARP Who has Will this mean that anytime l want to send a
cache 192.168.15.163? frame I will have to do ARP? .. Will it not be efficient
Tell 192.168.15.23 For the network cards to keep the list of MAC and IP
ARP request a of the computers on the network?
broadcast over a You can do arp –a to see what you computer has keep
network Track off.
I am
192.168.15.163?
Practice exams My MAC address is
http://www.examcompass.com/co C9-60-00-01-2e-ac
mptia/network-plus-
certification/free-network-plus-
practice-tests

Send it to all on the network

But the one with the IP will respond
 Subnet mask
Given a scenario, implement and configure the appropriate addressing schema

LESSONS POINTS Arp is a tool that is used to get a mac address when you only have an IP address of a
Destination computer – ARP gets into difficulty when we start adding a router to our
Network
Subnet mask is used on every 192.168.15.21
computer to determine if a
packet is local or outside the 192.168.15.20
network.

A subnet mask is a string of Router

ones followed by a string of Gateway
zeros
192.168.15.1
All computers on the same Switch
broadcast domain should have
the same network ID

192.168.15.22
Practice exams 192.168.15.23
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 192.168.15.21 So if computer A wants to send data he needs
To check if destination computer is part of the
192.168.15.20 Network so he send a local ARP or send outside
B The network, that case he need to talk to the
Router to send it over to the internet.
Router
A To take care of that you have 2 setting you need to
Gateway Add your computer
1. Subnet mask – the only job it does is to tell the
192.168.15.1
Individual computer to send the data locally or
Switch Send it to the router ( we need to know the location
Of the router HENCE)
2. Default gateway - is the IP of your router

D
192.168.15.22
C 192.168.15.23
LINUX SYSTEM MAC SYSTEM
 Subnet Mask
Is a series of ones and series of zeroes, a subnet musk is always going to be 32bit long
And always ones followed by zeroes 24 ones and 8 zeroes

255 255 255 0

1. Every thing on the left has to be the same to be
Octet on my network – call the network ID
Network ID Host ID 2. The part that is unique is called the Host ID
GATEWAY

168 15 163
192

IP Address

23
168 15
192

Network card simulator

 Wake 24
192.168.1.0/24

Wake 16
192.168.12.12/16

Wake 20
192.168.13.20/20

- Everyone on the broadcast domain has to have the same subnet mask
- Your network admin decides how many ones and zeroes on your subnet mask
- The small your subnet mask the more computers you can have in your broadcast domain
- If you have 255.255.255.0 you only have the last 8 bits to work with and that is 1-254 computers
- 255.255 .0.0 gives us 16bits 16 power 16 minus 4 - IP Addresses
- When we talk about subnet mask we talk about how many ones are here
 Classful addressing
LESSONS POINTS Every computer attach to the internet has to have a unique IP address – called a
Public IP address this IP is passed on by the Internet Assigned Number Authority
Recognize a Class A first octet (IANA)
from 1-126 ISP

Recognize a Class B first octet

from 128-191

Recognize a Class C first octet

Regional internet Registries (RIRs)
from 192-223 IANA
Over the world

Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 Passing IP Addresses – by class licenses 3 of them

255.0.0.0

Class A /8
First octet between 1 and 126

255.255.0.0

/16
Class B
First octet between 128 to 191

255.255.255.0

Class C /24
First octet between 192 to 223
Sub netting with CIDR NOTE
CIDR is the short for Classless Inter-Domain Routing, an IP addressing scheme that replaces the Host ID cannot
older system based on classes A, B, and C. A single IP address can be used to designate many be all zeros
unique IP addresses with CIDR. A CIDR IP address looks like a normal IP address except that it ends and all ones
with a slash followed by a number, called the IP network prefix. CIDR addresses reduce the size of
routing tables and make more IP addresses available within organizations.
255 255 255 128 LESSONS POINTS
/25
Extending the subnet by a
208 190 121 1 single digit creates two subnets

127-1 =126 nodes Extending the subnet mask by

two digits creates four subnet
255 255 255 128

/26 Practice exams

http://www.examcompass.com/comptia/netw
192 ork-plus-certification/free-network-plus-
practice-tests

64-2 =62 nodes

What will the subnet mask be if l wanted to have 4 different subnet
NOTE Extending the subnet by a single digit creates two subnets

255 255 255 192

208 190 121 1

Can you support 16 networks that support a minimum of 7 computers each

LESSONS POINTS
2 to 4th power = 16 -2 =14
It helps to memorize the
How may individual host/computers will l have if l have 7 subnet subnet mask for /25 and
greater subnets
2 to the 5th power = 32 – 2 = 30 computers The number of host is inverse
to the number of subnets

Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 Dynamic and static IP
install and configure the following networking services/application Practical's
Set up dhcp in
Every computer on your IP network will have to have windows with a
LESSONS POINTS 1. IP address router
2. Subnet Ipconfig /release
You have a signle DHCP server 3. Default gateway Ipconfig / renew
in every broadcast domain
This information have in someway be inserted into
Every modern operating the network card …
system comes with DHCP Static – inserting it manually
enabled by defuailt Dynamic – automatic using dynamic host
configuration protocol (DHCP or BootP)
DHCP relay enables a single What it mean is your machine needs a dhcp server
dhcp server to service more
than one broadcast domain

Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
1. DHCP discover
2. DHCP Request

1. Unicast traffic back – DHCP offer over back

2. DHCP acknowledge – once this happens is going to store all the computers
 Rogue DHCP servers
Given a scenario, troubleshoot and resolve common network issues

LESSONS POINTS When you dhcp server is not working

1. Go to command prompt
2. Ipconfig and find your network card – you most often see a 169.254.226.210 and
If you get a APIPA address, /16 subnet what you are seing
check to see if you are Is a APIPA – automatic private IP addressing , design as a fall back if you cannot find a
connected to the DHCP server dhcp server.

If you are connected to a DHCP Any IP address from a dhcp server that is unknown to your network is a rogue dhcp
server and still get an APIPA server -
address, make sure the DHCP
server is working

If you get an IP address other

than your correct network ID
you may have a rogue DHCP
server.
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 APIPA – automatic private IP addressing
Given a scenario, troubleshoot and resolve common network issues

LESSONS POINTS

If you get a APIPA address,

check to see if you are
connected to the DHCP server

If you are connected to a DHCP

server and still get an APIPA
address, make sure the DHCP
server is working

If you get an IP address other

than your correct network ID
you may have a rogue DHCP
server.
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 Special IP Addresses
LESSONS POINTS * 169.254.20.134/16 – APIPA

Recognize an APIPA address 127.0.0.0/8 loopback

Private addresses work on private networks, not on the internet
Recognize a loopback address
All routers destroy private IP addresses. Those
Recognize a private address addresses can never be used on the Internet, making them a handy way to hide
Practice exams
systems.
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus- 10.0.0.0/8
practice-tests
172.16.0.0/16
192.168.0.0/24

10.0.0.0 through 10.255.255.255 (1 Class A network block)

172.16.0.0 through 172.31.255.255 (16 Class B network blocks)
192.168.0.0 through 192.168.255.255 (256 Class C network blocks)
 Routing
Introduction to routers
Routers are used to interconnect two or more network ID together
LESSONS POINTS Routers filter and forward based on IP Address
NOTE switches filter and forward based on mac address

Routers only care about

destinations

Routers can use any network

medium

All routers have routing table

Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 Notes
Fig 3 LESSONS POINTS

Every router has a routing table

containing routes for any IP
address
1. Routers have IP address assigned to all their ports
2. The data comes in the router strips off the ethernet part of It the (purple) and only looks at the IP staff
router don’t care which port the data came in from and they only look at the destination IP . Although a All routing tables have a
lot tries to default route
do FIFO – first in first out
3. To figure out where to send it uses fig 3. which is a routing table they are created statically by the person
Metrics are used to determine
setting up the
router. We have four rolls and each form of a roll is called a route which route to use when there
are more than two
98.201.164.214 ( gateway is 98.201.164.214) Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests

192.168.15.1 172.17.3.1
Routing Table Routing Table
Address Subnet Gateway Interface Address Subnet Gateway Interface Metric
192.168.15.0 255.255.255.0 0.0.0.0 192.168.15.1 192.168.15.0 255.255.255.0 0.0.0.0 192.168.15.1 100
98.201.164.0 255.255.254.0 0.0.0.0 98.201.164.215 98.201.164.0 255.255.254.0 0.0.0.0 98.201.164.215 100
172.17.3.0 255.255.255.0 0.0.0.0 172.17.3.1 172.17.3.0 255.255.255.0 0.0.0.0 172.17.3.1 100
0.0.0.0 0.0.0.0 98.201.164.1 98.201.164.215 0.0.0.0 0.0.0.0 98.201.164.1 98.201.164.215 10
0.0.0.0 0.0.0.0 202.190.44.1 202.190.44.1 11
Go find another router
Send it out on

The Default route / don’t care about the Address/Subnet

Project
• Setup PFSENSE /ClearOS open source router OS on a computer that
has two LAN cards
• Download PFSENSE/ClearOS and make it bootable
• Setup NIC for WAN/LAN
• Based on your ISP lans setting, make wan TCP/IP connection static
• Set our network LAN, 192.168.0.0
Routing Table
1. We will have four columns for each interface for the router
2. The router identifies anything that says 192.168.15.0/24
network
3. 0.0.0.0 means the router is directly connected to
192.168.15.0/24
4. It says send it out to the interface 192.168.15.1
Default route

In computer networking, the default route is a setting on a

computer that defines the packet forwarding rule to use when
no specific route can be determined for a given Internet
Protocol (IP) destination address.
All packets for destinations not established in the routing
table are sent via the default route.

What routes do read the destination IP address and change

The mac address depending on where they want to send it to
internet connections to LAN
Our
routing
table

Router metrics are metrics used by a router to make routing decisions.

A metric is typically one of many fields in a routing table. ...
Router metrics can contain any number of values that help the router
determine the best route among multiple routes to a destination.

You can set the Metric to a lower value based on which

of the internet providers you prefer sending your data
It could be based on speed or reliability, so if the preferred
route or internet provider is down you can use the second
One automatically
 Understanding ports
LESSONS
POINTS Data Data Check Port B Port A Source IP Destination IP – Web server

32
Every tcp packet Data crc 80 32.44.17.231 144.22.17.191
18
has two ports
numbers

Well know ports

numbers run from IP Packet
0 to 1023 1. Every time you send out a packet you will have a destination port number and a source port
number
2. The destination port number is set by the type of application you are using
Clients generate
3. The first 0 – 1023 port are well known ports used by application
ephemeral
4. The source port number is generated by the computer as a ephemeral port (lasting for a very
numbers that are
short time.) it Incrementally generated and is a number well beyond the 1024 well
always between
known ports put up to 65535 depending on your operating system
1024 and 65535
 NAT – Network Address Translation
LESSONS POINTS
• Internet rule
Static NAT( SNAT)send specific
1. All devices that get on the internet must have a legitimate IP Address traffic to one internal IP
address( Port forwarding) say
we about 4 webservers on our
Let say we camera’s, webservers, Game server etc. on our network, network
they are all using private network .. We want to get them
on the internet DNAT has a limited pool of
internet addresses to give to a
To get these devices; back in the days was to request for legitimate number of internal devices
IP’s for all these devices from my ISP for an extra fee, the IPV4 has 2 IP for router against 4
about 4billion IPs but they were running out webservers – only two at a
time
SO NAT was invented and built into routers
PAT translates internal IP
address to internet address
and tracks the packets
How a NAT Works in a router
DATA

From my computer

Local private IP …
Will change from local IP to Public IP done by the router on the WAN side
Destination IP
DATA

From my router

Destination IP Router IP on the wan side, but store the local IP, the ports into a table
so that when the data comes back it know were to sent it to
Say want to setup webservers that etc.
• In this case we have different version of NAT
1. Static NAT – this means l have to assign a static ip to the webserver
so anybody that comes in will be looking for the webserver ( Port
forwarding)
2. Dynamic NAT or pooled NAT – this allow you to have multiple public
ips so that when a computer on your network want to get on the
internet they queue to use the gateway WAN of the router
3. Port Address Translation (PAT), is an extension to network address
translation (NAT) that permits multiple devices on a local area
network (LAN) to be mapped to a single public IP address. The goal
of PAT is to conserve IP addresses.
Implementing NAT
• By default NAT is turned on in every SOHO router LESSONS POINTS
SOHO routers ship with NAT
enabled

NAT on a SOHO router can be

disabled from the routers
configuration page

Some older routers call this

setting gateway/router mode
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 Port Forwarding
LESSONS POINTS In computer networking, port forwarding or port mapping is an application of
network address translation (NAT) that redirects a communication request from
Port forwarding is used to
one address and port number combination to another while the packets are
access server systems behind a
traversing a network gateway, such as a router or firewall.
NAT router

Any outside queries based on Let practically set up a CCTV camera to view remotely
specific port number are
forwarded to a specific
computer

It is common to use a non-

standard port number for
security
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 DMZ, Port Range forwarding, and Port
Triggering
LESSONS POINTS DMZ – Demilitarize Zone
When you setup a DMZ it means you are exposing one particular computer
And any request coming in from the internet (ftp, http, https, etc. ) will be directed to this machine.
Port range forwarding opens
more than one port Port range forwarding
number to a server behind a
NAT router

DMZ opens a single computer

to the internet and is not
recommended

Port triggering opens a

network to accept other
ports numbers from incoming
connections
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
To every rule there is an exception
We have port that send with a different port number and receive on another port number and that is FTP
They send request with port 21 and send request back on port 20.
This becomes an issue with our router because the routers is expecting to receive a message from port 21 so when that
Happens we need to tell the router to be prepared to receive from 21 or 20 and that is what we call port triggering.
 Tour of a SoHo router
LESSONS POINTS 1. Lets find the default IP for the router
2. Most often the default user/password is admin/admin
3. Introduction to ACLs on the router
All home router have a default
4. Introductions to the 30 30 30 rule
IP address, username, and
password

Almost all home routers are

DHCP servers

Routers WAN connection are

commonly DHCP clients by
Default
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
Project
• Port forward a router on campus A to show a cctv camera on Campus B
CCTV IP

radio radio
Point to Point

Router

Switch
Switch

Windows Server

Work stations
 Introduction to Routing Protocols
LESSONS POINTS
When we think about large networks, and in particular, the Internet itself, by now,
you should be visualizing the Internet as what it really is: a lot of routers carrying a
Dynamic routing protocols use
lot of data for a whole bunch of computers.
metric to determine routers
That's not too terribly inaccurate of a description. The problem we have
and are either Distance Vector
with this is that routers go down.
or link state
we don't have what we call
Dynamic routing protocols are "convergence," and that is when everybody knows where everybody is and
either interior Gateway everything's working.
protocols or
Exterior gateway protocol

BGP is the protocol that runs

between autonomous systems.
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 STATIC ROUTING PROTOCOLS – Routes are manually entered during setup.
They are not detected by the routers themselves.

DYNAMIC ROUTING PROTOCOLS – Routes are detected automatically by the

routers and they update their routes automatically. They talk to each other
to know each other’s routing tables.

Dynamic routing is nothing more than putting some smarts inside of these
routers so that they can literally rewrite their own routing tables on the fly to
adjust for changes and to bring all the routers back into a world of
convergence.
They look into situations like
Convergence 1. HOP Count ie the shortest distance to get to a destination using the metric
value – also factures like MTU, Bandwidth, Latency(distance), Cost
2. How do get info between routers – distance vector, link state.
 DISTANCE VECTOR PROTOCOLS – Based on cost of hops. Routers send out
their entire routing tables to each other till convergence. These are sent out
roughly every 30 seconds.

 RIP – Routing Information Protocol (version 1 and version 2)

LINK STATE PROTOCOLS – Routers send out only changes to their routing
tables to each other.
 OSPF – Open Shortest Path First. Based on Area IDs.

Convergence
 Routing information protocol (RIP)
A
LESSONS POINTS z
Rip is a distance vector
protocol that uses hop count to x
determine routes y
C
RIP used only classful networks B

RIPs maximum hop count is 15 - RIP stands for routing information protocol, and it's one of the oldest dynamic routing
Practice exams protocols around. So let's get a few basics down.
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests - Number one, RIP is an interior gateway protocol, so we're not going to be using it to
connect autonomous systems. NB: An Autonomous System (AS) is one or more
networks that are governed by a single dynamic routing protocol within that AS

So that's RIP in a nutshell. Make sure you understand the big issues. RIP had a
maximum hop count of 15 hops, so you couldn't have a network bigger than 15 hops
between 2 network IDs or it simply didn't work.
 Open Shortest Path First z
A

x y
LESSONS POINTS
C
OSPF is a link state protocol B

OSPF uses Area IDs The interior gateway protocol that is out there on the Internet today is called OSPF. OSPF stands for
Open Shortest Path First, and it is the number one dynamic routing protocol that you're going to see
on individual areas on the Internet itself.
OSPF converges quickly
Practice exams OSPF, is IGP, and secondly, it uses link-state protocols. The COST is calculated based on bandwidth.
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
That's the big, big improvement of OSPF over, in particular, RIP, is that convergence can happen in
seconds, and that's a big reason people like to use it. OSPF is completely compatible with CIDR based
IP addresses. It's really fast, it's relatively easy to configure once you understand how it works. And it
also works very, very well with the Big Kahuna, which is BGP.

You won’t find OSPF on inexpensive home routers, because making it work takes a
lot of computational firepower.
 Border Gateway Protocol - BGP
Router Network
LAN

LESSONS POINTS
BGP is a hybrid protocol
LANS
BGP is the primary protocol for
the internet

BGP is based around the

concept of autonomous
systems
Practice exams
http://www.examcompass.com/comptia/netw Router network Routers & LAN connections in the USA
ork-plus-certification/free-network-plus-
practice-tests
 The third and last and, in my opinion, most interesting of the dynamic routing protocols . BGP or Border
Gateway Protocol. BGP has been around for a long time. It's a hybrid protocol in that it has aspects both of
distant vector and link state, but the most interesting part about BGP is that it is the cornerstone of how the
big internet service providers connect on this huge, incredible network that we call the internet.

The best way to see this is to watch it in action. Let's watch BGP. We claim that we can break the entire
LANS internet into two distinct types of networks. First are what I'm going to call the LANS, the millions, the tens
of millions of local area networks each with its own separate subnet that we use to do most of the actual
work on the internet. If you've got a web server, if you've got an e-mail server, if you have a client, all of
these computers are connected to a LAN.

Second are what I'm going to call router networks.

These are the groups of highly connected routers owned by a single organization, usually an ISP, often many
miles apart that carry the data from LAN to LAN. So, let's start by representing LANs as just a circle and
router networks as a bunch of lines like this. Next, let's simplify the internet down to just the continental
Router network United States. Now, as you might imagine, the USA is covered in LANs, millions of, tens of millions of them.

Now, let's interconnect those LANs with a few router networks. You'll notice in this case we are using three
colors. These three colors represent three router networks and the many, many LANs that use those router
networks to connect to the internet. You'll also notice that there are places where these router networks
interconnect. That's because no single router network covers everything. We need interconnection facilities
so that these ISPs can share traffic to get complete interconnection across the internet.

Router Network LAN

 The problem here is that based on what you see in front of you, we need to be able to get data from one LAN to any
other LAN and routing protocols like OSPF simply aren't designed to handle routing tables that have 10 million

BGP
entries in them. It just doesn't exist. If every router needed to know the path to every LAN on the internet, it would
simply fail. We need something better. And that's where Border Gateway Protocol comes into play.

BGP breaks the entire internet into just over 20 thousand autonomous systems, often simply called an AS. An
autonomous system is a group of one or more router networks under the control of a single entity like a big ISP, a
branch of the federal government, a big university system, whatever. An AS has direct or indirect control of all the
routers, all the networks, all the subnets within their own AS.

AS
So, here we are breaking the entire US into only three autonomous systems. Every AS on the internet has a 32 bit
autonomous systems number and that number starts at one and goes to just over a billion. However, for many
years, ASN's were only 16 bit numbers from one to about 64 thousand. So the vast majority of ASN's that are
actually out there and working for a living go from one to right now around 50 thousand. Since autonomous
systems have total control on their own network routes, they can route between their routers anyway they want
and it's usually done via OSPF, but as far as the internet is concerned, we don't care.

When these autonomous systems interconnect though, they must use BGP. BGP is a heavy duty routing protocol
that is designed from the ground up to do only one thing well and that is route data between autonomous systems.
A router sending a chunk of data out to the internet only needs to know where its own BGP router is located. That
BGP router at the edge, as we say, of the autonomous system only needs to know the AS number of where that
number is going and, in essence, it greatly reduces the load on all BGP routers.

With that now, we understand the position of BGP as an exterior gateway protocol. We also see that BGP can be
used for some large organizations as an internal gateway protocol. We now can also appreciate that OSPF is used all
over the place and RIP, well, you don't see it too much.
• INTERIOR GATEWAY PROTOCOL
• Eg: OSPF, RIP, etc
• EXTERIOR GATEWAY PROTOCOL.
• Eg: BGP
 LESSON 4
Making TCP/IP Work
 Introduction to TCP and UDP

ETHERNET FRAME
LESSONS POINTS
TCP segment UDP Datagrams TCP Segment

TCP is a connection oriented

Protocol. This lets the
computers detect when a IP Part
packet is lost

UDP is a connectionless IP PACKET

protocol used when is
important then reliability
Practice exams MAC Address
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 TCP Segment is made up of:

DATA – ACK – SEQUENCE NUMBER – SENDER PORT – DESTINATION PORT

Ethernet Frame

IP Packet
TCP segment
 Three way hand shake
TCP Process
Three Way Hand Shkae

1. Client Sends a SYN to Server

2. Server sends SYN, ACK to Client
3. Client Sends ACK

TO End

1. Server sends FIN to Client

2. Client sends FIN ACK to Server

Closing the session

 UDP Datagrams is made up of:

UDP Datagrams DATA – CHECKSUM – LENGTH – SENDER PORT – DESTINATION PORT

Example of UDP is DHCP process.

 ICMP Packet

ICMP & IGMP

Internet Control Message Protocol (ICMP)
ICMP handles mundane issues such as disconnect messages (host
LESSONS POINTS unreachable) that applications use to let the other side of a session know what’s
happening. It works at the IP layer. There are no port numbers with ICMP.
ICMP works at the IP Layer of
Eg: PING, ARP
the OSI model
Ping and ARP are ICMP
Internet Group Management Protocol (IGMP)
applications
It enables routers to communicate with hosts to determine a “group” membership.
Used in multicast. multicast is in the Class D range (224/4). Multicast addresses use
IGMP provides multicasting
only a small subnet of the Class D range; specifically, they are assigned the network ID
support.
of 224.0.0.0/4
Multicast addresses always
start with 224
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 Introduction to Wireshark If you want to pass the Network + you're going to
have to learn about a lot of different types of
networking utilities. Now CompTIA works hard to
concentrate on networking utilities that are built into
LESSONS POINTS operating systems. For example ping. However there
is one big exception on the Network +. and that is the
incredibly popular, totally free, incredibly powerful,
Wireshark is a packet analyzer Wireshark. Wireshark is a protocol analyzer. It looks
literally at every frame coming in and out of the
Wireshark is a free - party tool system and allows you to look at them and make
decisions and determine what's going on in your
system.
The CompTIA Network+ exams So, let's take a look at Wireshark.
expects you to know what
Now this is Wireshark by default.
Wireshark is, not to be an
And this is the interface you get when you open the
expect using it guy up. So the idea behind Wireshark is that we're
going to begin capturing data and then We do this all
Practice exams
http://www.examcompass.com/comptia/netw
the time in the networking world It's extremely
ork-plus-certification/free-network-plus- useful. So to do a capture all you have to do is you
practice-tests click on Capture and we have to pick an interface. I
have a lot of network cards on this system.
So right now it's preset to my wired Ethernet card,
there's a gigabit Ethernet card. And I'm just going to
hit Start.
To really get traffic going lets open a website say cheese.com you understand
the reason, we want to get some activity going on the network for Wireshark
to capture. There's some traffic!

When running Wireshark you need to appreciate that you have three pieces of
the interface. The top piece shows every individual frame coming in and out of
your system. The middle one is details on that particular frame that you have
highlighted. Whatever frame you particularly want to choose you'll get the
details. And the lower one is in the RAW binary format and we don't use that
one too often because, well, I don't read binary that well.

So what we're seeing here is a whole bunch of a webpage coming in. So here's
a part of it, it's trying to get one particular JPEG. So lets load that, I'm sure it's
coming from that cheese.com that I looked at and it's trying to load this one
particular JPEG. And all of these underneath it are as the JPEG is coming in. So
let's take a look at this one right here.

So this is what's known as a Get Command. The client is getting a particular

JPEG called 3.jpg. Now what makes Wireshark really cool is this part right here
cause you can literally strip it apart based on the OSI model, it works with the
TCP IP model too, but better with the OSI.
 Class work
Now that we understand the basics of the Wireshark interface
let's put it to use doing something. So lets capture the entire
DHCP transaction. Lets get rid of the IP address. Ipconfig/
release, so no IP address on this system go ahead and I start up
Wireshark, so I get the capture going, then go to a command
prompt and type ipconfig/renew to get my IP address back.
So hopefully we'll watch the entire DHCP process.
 TCP/IP APPLICATIONS
Networking Tools: The netstat command
Netstat list all open ports and connections on your computer via CMD
NETSTAT allows you to see what connections are established between your computer and other
LESSONS POINTS computers at any given moment.

The netstat command lists all To run netstat, just get to a Command Prompt and type netstat, N-E-T-S-T-A-T and these are the
open ports and network results that you're going to get.
connections on your computer

Run netstat at the command

prompt

Make sure you know the

netstat switches
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 TCP/IP APPLICATIONS
Variants of NETSTAT Command:

1. netstat –n: What that says is don't put nice words and stuff in there, just give me the raw numbers.
So this gives you the IP Address of the connected ports and devices.
 TCP/IP APPLICATIONS

If you close an application and keep running netstat, you'll see that things have gone from ESTABLISHED to
TIME-WAIT.
So what is happening here is that they've been closed or we're waiting for the time-out to kick in and this
will eventually shut down completely
 TCP/IP APPLICATIONS
Variants of NETSTAT Command:

2. netstat –b: This shows us who is making these connections and right now. It lists the program associated
with it.
 TCP/IP APPLICATIONS
Variants of NETSTAT Command:

2. netstat –bno: This shows show the process ID of the exe we are running in addition to all the
information from the previous netstat commands.
 TCP/IP APPLICATIONS
Variants of NETSTAT Command:
3. netstat –a: This shows all active ports.
 TCP/IP APPLICATIONS
Webservers
HTTP:- Hyper Text Transfer Protocol, Is the basis of what we
LESSONS POINTS call the world wide web.
Web servers host web sites;
Web clients access web server A Server is just software on a Computer. – It can be a simple
HTTP uses TCP port 80 by
computer. Not only a Huge machine with Lots of ram and
default sitting on a big rack system.
Eg: Microsoft's IIS (Internet Information Service), Apache.
HTTPS uses TCP port 443 by
default
Practice exams HTTPS :- Hyper Text Transfer Protocol over SSL, is the secure
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus- version of HTTP. Is used for secure connections and encrypts
practice-tests
the data transferred between the client and the webserver.
Uses 2 protocols:
 SSL (Secure Sockets Layer ) which is an old protocol.
 TLS (Transport Layer Security) which is the newer protocol.
 TCP/IP APPLICATIONS

FTP. File transfer protocol

LESSONS POINTS
• This is a computer programme that allows us to transfers files
FTP is and old but still popular from one computer ( Client)to another (server)
protocol for transferring files
• FTP runs on port 21, but servers will respond back on port 20
FTP server listen on port 21 • Lets setup ftp server/client with FileZilla open source software
and send data back to the
clients on port 20 • ACTIVITY: Do a Web search for Public FTP servers and try
accessing them from your Web browser. Then download a
FTP is NOT encrypted so all
passwords and data are sent in dedicated FTP client (Filezilla) and try again!
the clear
• Use SFTP for encryption of login details.
Practice exams
http://www.examcompass.com/comptia/netw • TFTP (Trivial FTP) uses UDP and runs on port 69
ork-plus-certification/free-network-plus-
practice-tests
 TCP/IP APPLICATIONS

Email Servers & Clients

LESSONS POINTS Email Involves a MAIL SERVER and a MAIL CLIENT.
The client sends a mail to another client through the server using a protocol called
SMTP uses port 25 SMTP -Simple Mail Transfer Protocol ( tcp PORT 25)
o Two Ways of getting our mail from the server:
POP3 uses port 110  POP3 of post office protocol V3 ( TCP port 110)
 downloads email from a server to a single computer, then deletes it from
IMAP uses port 143 the server.
 IMAP - Internet messaging access protocol v4 ( TCP 143)
 Your mails are stored on the server
Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
ACTIVITY: Set up a mail clients like Outlook, or thunder bird
running on your local computer. With your Email.
 POP3 and IMAP, Which will you choose for your Email Setup and why?
 Web-based mail (a popular alternative)
 TCP/IP APPLICATIONS

Telnet and SSH

Will it not be great with just a tiny peace of software to be magically
LESSONS POINTS transported back to a server to download or configure a server?

Telnet is unencrypted and runs TELNET runs on port 23. TELNET enables you to access a remote computer. It
over TCP port 23 allowed you to get to another's remote computers command prompt
 Disadvantage:
SSH runs over port TCP port 22
 Telnet has a downside and that is login details and command typed
SSH is fully encrypted and has in by the user is revealed
almost completely replaced  It has no encryption
Telnet So TELNET should never be used on the internet. Only in your LAN
Practice exams
when necessary.
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests SSH means Secure Shell. It runs on port 22. Every aspect of SSH, however,
including both login and data transmittal, is encrypted.
 TCP/IP APPLICATIONSCV
REVIEW:
Use this table as a review tool to help you remember each Internet application:
 NETWORK NAMING

NAMING SITES: Host files

LESSONS POINTS  Old Technology used when there was no internet,

The HOST file contains IP  Has been supplanted by DNS.

addresses and their
corresponding names  The host file was a bunch of names and their associated IP address.

Every computer that runs  The HOST file still appears on Windows and linux systems, and it takes
TCP/IP has a HOST file precedence over DNS.

The HOST file takes precedence  To locate a HOST file on windows, go to: c:\windows\system32\drivers\etc
over DNS
Practice exams Exercise
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus- Use the HOST file to redirect a website anytime a user visits a website
practice-tests Get the IP address for myjoyonline.com (use ping)
change the HOST file to call it news
now visit “news” with the web browser and see what happens
 NETWORK NAMING

DNS – DOMAIN NAME SYSTEM

LESSONS POINTS Webserver Secondary Domain TLD
Top level domain
DNS resolves FQDNs to IP www.admintelecomacademy.com
address

www.admintelecomacademy.c Just as we have contact list on our phones to help is memorize numbers or
om is an example of FQDN convert numbers to names we know, we have the same contact list on the web
called DNS( Domain Name Systems)
.com.edu.com.gh are examples
of top-level domains (TLDs) This helps us to convert ip addresses of servers to the names DNS servers help
us is to resolve IP address based of a Fully Qualified Domain Name (FQDN).
Practice exams
http://www.examcompass.com/comptia/netw They match the FQDN to IP addresses
ork-plus-certification/free-network-plus-
practice-tests
Note the total length of a fully qualified domain name should not be more that
256 characters
 NETWORK NAMING

DNS – DOMAIN NAME SYSTEM

LESSONS POINTS NOTE The DNS root for the entire Internet consists of 13 powerful DNS
server clusters scattered all over the world. Go to www.root-servers.org to
see exactly where all the root servers are located.
DNS servers primarily use UDP
port 53 and sometimes TCP
Even though you may use uppercase or lowercase, DNS does not
port 53.
differentiate between them.
The original top-level domain
names were com, org, net, edu,
gov, mil, and int A complete DNS name, including the host
name and all of its domains (in order), is
called a fully qualified domain name (FQDN),
and it’s written with the root on the far right,
Practice exams followed by the names of the domains (in
http://www.examcompass.com/comptia/netw order) added to the left of the root, and the
ork-plus-certification/free-network-plus-
practice-tests host name on the far left.
Eg: Mikes-PC.ABCDEF.
 NETWORK NAMING

Process Of Visiting a Webpage On The Internet

 NETWORK NAMING

Process Of Visiting a Webpage On The Internet

 NETWORK NAMING

Process Of Visiting a Webpage On The Internet

After your PC gets the IPs of the FQDN it

stores it in its cache.

We can Use Command prompt to see this:

ipconfig /displaydns :
 NETWORK NAMING
NBTSTAT We need to appreciate windows naming and Microsoft has these proprietary
protocols on port 137, 138, 139, 445 they are used so that when you open the
network you can see the names of the computers .. There are times when you have to
LESSONS POINTS look into the naming issues a little bit. The big tool we use is nbtstat -netbios over IP

Type nbtstat -c to show the Exercise

NBT cache of names and IP 1. let take a look at the cache nbtstat -c this shows cache of names and IPs
addresses 2. Sessions keep track of computers am connected to right now nbtstat -s

Type nbtstat -s to show

sessions ( current connections )

Memorize the output from

running nbtstat commands for
the exams

Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 NETWORK NAMING
Dynamic DNS
LESSONS POINTS The TCP/IP folks came up with a new protocol called Dynamic DNS (DDNS) in
1997 that enabled DNS servers to get automatic updates of IP addresses of
Dynamic DNS enables you to computers in their forward lookup zones, mainly by talking to the local DHCP
use a DHCP - assigned IP server.
address for connection

DDNS providers can update IP

information

Practice exams
http://www.examcompass.com/comptia/netw
ork-plus-certification/free-network-plus-
practice-tests
 NETWORK NAMING

Trouble shooting DNS server

l have a dns problem so l want to check for misconfiguration
LESSONS POINTS 1. at command prompt type ipconfig/all to check for my dns server to check if you
are running the right dns server your ISP gave you
Use an IP address of a web site
to test connectivity without 2. We need to clear our cache - sometimes service change IP and we need to clear
DNS cache in other to update our computers with the new IP from the website we are
visiting. type IP config/displaydns – so to get raid of that cache we type
Run ipconfig /flush to clear the ipconfig/flushdns
DNS resolver cache
3. also you can manual enter the dns of google
Run nslookup or dig to check
the status of a DNS server 4. nslookup is used to query a dns server so when you type nslookup is should resolve
back with the domain name of your dns server or you can type nslookup 8.8.8.8 your
Practice exams
http://www.examcompass.com/comptia/netw dns server
ork-plus-certification/free-network-plus-
practice-tests
5. we can also use a third party software called dig to do the same job for us

6. The good old ping can also be used to test if a dns server is working
 SECURING TCP/IP
Security of TCP/IP in modern Networks
LESSONS POINTS Involves 5 Main Areas: encryption, integrity, nonrepudiation, authentication, and
authorization
These 5 areas of security may
be separate • Encryption means to scramble, mix up, or change data in such a way that bad guys
issues, but they overlap a lot in can’t read it.
TCP/IP security practices.
• Integrity is the process that guarantees that the data received is the same as
In TCP/IP security, you have originally sent.
protocols that combine
encryption, • Nonrepudiation is the process of making sure data came from the person or entity it
integrity, nonrepudiation was supposed to come from.
(sometimes), authentication,
and authorization to create • Authentication means to verify that whoever is trying to access the data is the
complete security solutions for person you want accessing that data.
one TCP/IP application or
another. • Authorization defines what an authenticated person can do with that data.
Eg: Permissions in windows (Administrator and Guest account)
 SECURING TCP/IP
Encryption - Symmetric Encryption
LESSONS POINTS
Encryption is done every where in the computer world, to understand how this
Plaintext/cleartext is any unencrypted work let create a string of text, say 'llovemynetworkingclass'
data we try an old method called Caesar cypher - which each text is going to change
to the increment of text by three
A cypher is a general term for a way to
encrypt data A=D B=E C=H etc. this can easily be hacked, to do this better we employ the help
of Algorithms = KEY (is 8 characters must be between 0-9) so
An algorithm is the mathematical (llovemynetworkingclass)
formula that underlies the cipher. (1234567891234567891234)

Algorithms use keys to encrypt cleartext so say we have clear text like a word document, in order to encrypt we have to
into ciphertext generate a key we put the key into an algorithm and run the cleartext through
the algorithm and we get a cyphertext.
An algorithm that uses the same key to
encrypt and decrypt is symmetric This is what we call symmetric Encryption - so when you want to read the text
encryption you put your key and your cyphertext through the algorithm to get clear text

Symmetric Encryption is very common ALMOST ALL TCP/IP APPLICATIONS HAVE MOVED TO
you find them in wireless connections ( ADVANCED ENCRYPTION STANDARD (AES)
RC4 or AES)
 SECURING TCP/IP

Asymmetric Encryption
In a symmetric encryptions environment same keys are needed to decrypt a text
LESSONS POINTS hence keys are passed all over the internet, which make it more a bit easy to hack
because if someone can get their hands on the keys and the cypher text they can
Asymmetric encryption uses a pretty much hack it.
public and a private key
So Asymmetric encryption was created here you have two keys, ( public key and
Private Key) when you put a public key into our algorithm it will encrypt a private key
Public keys encrypt will decrypt. A private key and its associated public key is a key pair. and these keys
Private keys decrypt are generated with the help of the
algorithm
For two people to
communicate they must l will send my public key to Rex based on an encrypted word document, Rex will
exchange public keys send me his public key

Public keys are distributed so others can send you encrypted data -the process of
exchanging keys is called key exchange.

Then we use our private keys to decrypt the data

 SECURING TCP/IP

Encryption On The OSI Model

 LAYER 1 - No common encryption done at this layer.

 LAYER 2 - A common place for encryption using proprietary encryption devices. These
boxes scramble all of the data in an Ethernet frame except the MAC address information.
Devices or software encodes and decodes the information on-the-fly at each end.

 LAYER 3 - Only one common protocol encrypts at Layer 3: IPsec. IPsec is typically
implemented via software that takes the IP packet and encrypts everything inside the
packet, leaving only the IP addresses and a few other fields unencrypted.

 LAYER 4 - Neither TCP nor UDP offers any encryption methods, so little happens
security-wise at Layer 4.

 LAYERS 5, 6, and 7 - Important encryption standards (such as SSL and TLS used in
e-commerce) happen within these layers, but don’t fit cleanly into the OSI model.
 SECURING TCP/IP
Integrity - Cryptographic Hashes
This is not encryption but it use to verify the data you are expecting or to findout if
LESSONS POINTS the data is good. so whiles sending data to someone we just wont to make sure that
data remains the same.
Hashes are used to verify data,
A Hash is an algorithm that takes a big data and converts it to a string of text a binary
and is not for encryption
value that is fixed inside
Hash values are always fixed in
NOTE: - A hash algorithm creates a fixed-size has value
size
It does not matter the size of data or documents, you still get a fix amount of a binary
Two common hashes are MD5
value which is 128bit hexadecimal value
and SHA-1
A hash can also help as to determine if a document or data has been change,
e.g. is if you are have an error in you downloads

NOTE: - hashes are used to verify data integrity

 SECURING TCP/IP

Access Control
LESSONS POINTS This means how do we provide Authentication and Authorization.
Authentication means what will it take to get into the network the system the
Mandatory Access Control Uses resources - this usernames and passwords, certificates RSA tokens to allow the world
Labels to know that, you are who you are suppose to be.

Discretionary Access Control Now when you are in what can you access, and that is what authorization comes in
gives the creators control over (Access Control List) and this is every where, your computer ( username/Password)
permissions
Mandatory access control List
Role-Based Access Control uses Define what you could or could not do on a resource (top secret) - folder sharing
groups
Discretionary Access control - Owner/read/write/

Role based Access Control - /groups/

create uses define them to a group and define right & Permissions to the group
THIS IS THE MOST POPULAR, USED IN FILE SHARING
 SECURING TCP/IP

AAA - authentication, authorization, and accounting

LESSONS POINTS This is an authentication software that is running on system - Microsoft IAS, Steel
belted Radius, Open Radius..
A RADIUS Client is a an
intermediary agent between a Two Standards for AAA:
RADUIS supplicant and a RADIUS and TACACS+
RADIUS server
 RADIUS (Remote Authentication Dial-In User Service). was created to support
A RADIUS database of ISPs with hundreds if not thousands of modems in hundreds of computers to
authenticated users and connect to a single central database
passwords may reside outside
the RADUIS server  TACACS+ (Terminal Access Controller Access Control System Plus) :- CISCO
created this AAA because they wanted people to login once and manage all
these kinds of switches and routers they required logins to each one of them
when working with them.

RADIUS uses a UDP 1812 – 1813 1645-1646

TACACS+ uses TCP port 49
 SECURING TCP/IP
Kerberos & EAP
Kerberos is an authentication protocol for TCP/IP networks
LESSONS POINTS
with many clients all connected to a single authenticating
Kerberos handles server
authentication and
authorization for wired When you computer wants to login it sends a Hash with values to the server - the
network. AS will look at it and send a Ticket Granting ticket (TGT) token to the computer.
that gives the client authentication but not authorized - the computer time
Kerberos relies heavily on time stamps the TGT back to the server .. The TGS also time stamps and create a token,
stamps and the token is sent back to the computer or the client - this token can last for
8hrs, this token can used
EAP enables flexible to access any resources on the network as long as they are part of the domain
authentication controller
network.

 Downside of Kerberos
Everything is timestamp - all computers will have the same time stamp
Expensive to buy a windows server
Designed for wire network
 SECURING TCP/IP
Kerberos & EAP
Because of the Downside of Kerberos, EAP was created.

EAP (Extensible Authentication Protocol ) has 5 types:

EAP-PSK Easily the most popular form of authentication used in wireless networks
today, EAP-PSK (Personal Shared Key) is nothing more than a shared secret code that’s
stored on both the wireless access point and the wireless client, encrypted using the
powerful AES encryption

EAP-TLS EAP with Transport Layer Security (TLS) defines the use of a RADIUS
server as well as mutual authentication, requiring certificates on both the server and every
client

EAP-TTLS EAP-TTLS (Tunneled TLS) is similar to EAP-TLS but only uses a single
server-side certificate

EAP-MS-CHAPv2 More commonly known as Protected Extensible Authentication

Protocol (PEAP),

EAP-MD5 This is a very simple version of EAP that uses only MD5 hashes for transfer
 SECURING TCP/IP
Tunneling Through SSH
LESSONS POINTS unencrypted protocols

VNC VNC
Very few internet protocols are
SERVER CLIENT
encrypted
At work at home
You can either make them
encrypted or ride on an
encrypted protocol

Tunnels are used to encrypt encrypted VNC

unencrypted protocols VNC SSH CLIENT
SERVER SSH PUTTY at home
Simply, a tunnel is an encrypted At work PUTTY
link between two programs on
two separate computers.
A tunnel starts by making an encrypted connections between two computers
Tunnels are used to encrypt unencrypted protocols
 SECURING TCP/IP
NTP-Network Time protocol
LESSONS POINTS
The network time protocol tells
the current time

NTP uses UDP port 123

There are hundreds of NTP

servers worldwide

- NTP runs on UDP port 123 and usually manifest it self as some application that
needs to check the time every windows computer has this feature

- A lot of protocols rely on NTP, a system with incorrect time can course trouble on
a network
 LESSON 5
Building A Real World Network
 ADVANCED IP NETWORKING
Client Server Vs Peer to Peer
Clients
LESSONS POINTS Peer to Peer
Bit torrent
Older client /Server networks modern peer to peer
had dedicated servers and
clients

In classic peer to peer Server

networks each machine could
act as both a client and a
server

The terms are now used more

in the sense of a Web client
accessing a web server
 ADVANCED IP NETWORKING
VPN – Virtual Private Network A site to site VPN
connects distant networks
into a single network

LESSONS POINTS
Client to site
A VPN creates a secure tunnel
so a remote machine or
network can be part of a local
network

A client to site VPN connects a

remote computer to a local
network VPN Concentrator
A VPN concentrator that is
not a router is a VPN end point
A site to site VPN connects Router
distant networks into a single VPN pass through
network
 ADVANCED IP NETWORKING
VPN – How VPNs Work

LESSONS POINTS
A system connected to a VPN
looks as though it’s on the local
network, but performs much
slower than if the system was
connected directly back at the
office because it’s not local at
all.
 ADVANCED IP NETWORKING
VPN – How VPNs Work
 PPTP VPNs - Point-to-Point Tunneling Protocol (PPTP)s
o the PPTP endpoints on the client and the server. The server endpoint is a
LESSONS POINTS special remote access server program. On the Windows client side, you
A system connected to a VPN run Create a New Connection.
looks as though it’s on the local o When your computer connects to the RRAS server (Routing and
network, but performs much Remote Access Service) on the private network, PPTP creates a
slower than if the system was secure tunnel through the Internet back to the private LAN
connected directly back at the
office because it’s not local at  L2TP VPNs - Layer 2 Tunneling Protocol
all.  The endpoint on the local LAN went from a server program to a VPN-
capable router, called a VPN concentrator.
 Network people often directly connect two Cisco VPN
concentrators to connect two separate LANs permanently
This is called a site-to-site VPN connection

Cisco 2811 Integrated Services Router

 ADVANCED IP NETWORKING
Managed Switches – more capabilities
 Managed switches have the extra programming and logic to handle switching,
security, and many other functions, taking the concept of a switch well beyond
LESSONS POINTS the simple switches
A managed
switch needs an IP address to
enable configuration on Layer 3  WE CAN CONNECT TO CONFIGURE THEM IN 3 WAYS:
1. Directly plug into a serial interface and use a virtual terminal program to
A managed switch enables you connect to a command-line interface.
to configure every port on the 2. Get the switch on the network and then use a virtual terminal over SSH to
switch in a lot of different ways, connect to the same command-line interface.
depending on the purpose and 3. Get the switch on the network and use the switch’s built-in Web interface.
complexity
of the switch.  You configure a default gateway on a switch by telling the
switch the IP address of the gateway router. For most implementations, type
in the IP of your Internet connection box, such as DSL or cable modem.

 Managed Switches allow us to Have Virtual Local Area Networks

 ADVANCED IP NETWORKING
VLAN – Virtual Local Area Network
LESSONS POINTS  VLANs allow One Broadcast  TRUNKING is the process of transferring
Domain to be divided into VLAN traffic between two or more switches
A VLAN splits one broadcast several without using routers.
domain into two or more
broadcast domains  This is most simply done by
assigning each port to a
A managed switch that specific VLAN.
supports VLANS requires
configuration

 TAGGING allows frames to move from PC to

PC in the same VLAN even if they are several
routers apart.
 ADVANCED IP NETWORKING
interVLAN Routing
Router

LESSONS POINTS
Managed switch
VLAN create separate Managed switch
broadcast domain

Connect the broadcast After creating separate networks from a Vlan, sometimes you want these
domains with physical routers separate networks to talk to each, we will be using a router to help me do
that but the down side is anytime l come up with a new Vlan l need to be
you can also connect broadcast adding Routers what l need is to have a router that can do interVLAN
domains with virtual routers routing
using interVLAN routing
interVLAN routing is a virtualization of the functions of a router that is
put into higher end switches. InterVLAN routing acts like one or more
virtual routers
 ADVANCED IP NETWORKING
Interfacing with managed switches
We look at two typical routers where we use a console port to manage switches
LESSONS POINTS and routers without even knowing an IP address. You will need a rollover cable
to connect to your switch/router
Managed switches require
configuration

you can connect to a managed

switch via an IP address or a
console port

Cisco routers use an operating

system called IOS
 ADVANCED IP NETWORKING

Port bonding We have two switches are plugin together on a trunk line
but traffic on it becoming heavy so we need to add additional
LESSONS POINTS ports to help increase the bandwidth of the trunk line, and that is where
port bonding comes in ..

Port bonding links switch ports after assigning ports and groups we need to use LACP( link aggregation
to increase bandwidth control protocol) this allows us to interconnect to other brand of switches and
this is set to active and basically means if lookout for a port that is ready to
Use LACP for the trunking do port ponding == Active -active and active - passive work
protocol
when mean when you set it to active for both switch they work
set ports to active and when you set it to active and passive they will work, but cisco recommend
we set both active. If you set it up as passive it basically means l will
wait for active port to sent me traffic both we see my link light.

for the exams if you do active - passive it will work, but passive=passive
it will not work.
 ADVANCED IP NETWORKING
Port Mirroring
LESSONS POINTS
Port mirroring gives us that ability to remotely monitor data that is going in and out
of a particular source, through a configured port number. We can set it up for an
Port Mirroring enables the
entire Vlan and know all the traffic going in and out of my vlan, and set it to a
traffic flowing through one port
particular port number.
to be monitored on another
port

This features enables

administrators to inspect traffic
remotely from a suspected
machine

Port mirroring is configured on

a switch by proving a source
port and a destination
port
ADVANCED IP NETWORKING

Checking this router

Using wireshark
 ADVANCED IP NETWORKING

Quality of service
LESSONS POINTS

Quality of service controls help

you better to manage available
bandwidth

one try of QoS is traffic shaping

Simple QoS on SOHO routers

allow you to set priorities for
different protocols
 ADVANCED IP NETWORKING
Intrusion Detection System (IDS) vs
Intrusion Prevention System (IPS) IDS

LESSONS POINTS Firewall

Router
Firewalls are hardware or software
tools that filter traffic based on
various criteria, such as port
number, IP address, or protocol
Broadcast Domain
Intrusion detection system detect Firewalls are imperfect
and report possible attacks to the So we need to have something that will watch for naughtiness..
administrators And that is where Intrusion detections systems come in (IDS)
Turns to be part of the internal network, can be a software on a machine or
Intrusion prevention systems run A box . If they detect something they send txt or email
inline with network and act to stop
detected attacks Active IDS will tell the firewall to shut a port down based on what it has observer
Is called IPS ( Intrusion Prevention system)
A firewall filters; and IDS notifies;
and IPS to acts and to stop Network – IPS – Router - Firewall
 ADVANCED IP NETWORKING

Introduction To IPv6
LESSONS POINTS
128-bit IPV6 addresses are
replacing 32 –bit IPv4
addresses

We have a total of 2128

addresses

Know the rules for abbreviating

IPv6 addresses

The IPV6 loop back address is

::1

IPv6 can support up to 340,282,366,920,938,463,463,374,607,431,768,211,456 IP addresses!!!

 ADVANCED IP NETWORKING
IPv6 addresses are written like this:
IPV 6 2001:0000:0000:3210:0800:200C:00CF:1234

When we talk about IPv6 = 8 groups separated by 7 colons. these addresses are
LESSONS POINTS hexadecimals that is why we have letters and numbers
WAYS TO SHORTEN IT:
128-bit IPV6 addresses are
• leading zeroes can be dropped from any group so 00CF becomes CF and
replacing 32 –bit IPv4
0000 becomes 0
addresses
2001:0:0:3210:800:200C:CF:1234
• you can use a pair of colons (::) to represent a string of consecutive groups
Know the rules for abbreviating
with a value of zero
IPv6 addresses
2001: :3210:800:200C:CF:1234
The IPV6 loop back address is
Eg: IPv6 for a loopback address is
::1
0000:0000:0000:0000:0000:0000:0000:0001

Using the shortform, this can be written as

::1
FOR SUBNETS, IT USES CIDR Addressing. So An IP Address And Subnet For A
Typical Ipv6 Host:
FEDC::CF:0:BA98:1234/64
 ADVANCED IP NETWORKING
Advance IPv6
LESSONS POINTS
IPV6 is not yet fully
implemented on the internet

IPv6 addresses can be assigned

automatically or manually

Internet -capable systems will

have both link-local and IPv6 c9:4d7:0:f8ff::fe21:67cf
addresses This is our IPv6 address so when we are typing in we will never type a subnet
mask because all ipv6 subnet mask are /64 We can have IPv6 and IPv4 running
side by side this is called dual stack

In the IPv6 the front half comes from some where and the back half comes from
your mac address, or a random number
fe80 -> link local address ( fe80::) or fe80:0000:0000:0000
ADVANCED IP NETWORKING
the last half is the mac address on a mac address we have a 48bit identifier but we need 64bit to make that last
part of the IPv6 so they shove in 16bit to make a 64bit
fe80::8939:7684:d84b:a5a4%19
fe80::711b:lc9:f462:7ed4%20
fe80::2112:1234:88a4:b421%21

Zone ID is the percentage

Zone ID locally significant and enables us to define out which interface we want to send some traffic.
If you want to ping a neighbor computer, you will need to specify the neighbor's IPv6 Link-Local address plus the
Zone ID of your computer’s network adapter that is going towards that computer.
0000:0000:0000:0000: 0000:0000:0000:0000
|
V
64bit
Link Local Mac address - Extended Unique Identifier 64 (EUI-64) or generated randomly

Link local is what makes a request like arp to take place, is not routable that is an IP
that is used locally.
 ADVANCED IP NETWORKING
The routable ipv6 is the IPv6 address which is the internet capable address, the addresses began in 2001 when they
started passing out these addresses, and these address are generated upstream on the network, your computer will
be listing to the first half of the address that is passed by a router given out IPv6 addresses
the last half is generated from your computer with the mac address and some random numbers

Aggregation is the tool used to get a legitimate

IP address on the internet

DUID – DHCP Unique identifier this is used by the router to get

DHCP information
I need IPv6
ISP address

Router
 ADVANCED IP NETWORKING
Aggregation is the tool used to get a legitimate IP address on the internet

I need IPv6 Router is ready to pass Ip addresses via router advertisements

ISP address
2001:470:b8f9:ff00:2110:a10e:9c:23ac

Router
Computer

Delegated Prefix
2001:470:b8f9:ff00
WAN Side DNS
2001:470:1A33:101F:121:232:1:f7 2001:4860:4860::8888
 ADVANCED IP NETWORKING
IPv6 Tunneling
LESSONS POINTS Encapsulating IPv6 into IPv4
and when it get to an end point it
Today you need a tunneling will strip the IPv4 off
protocol to get to the IPv6
internet

Microsoft provides some

tunnels, Like Teredo and 6TO4

Try the gogo client from

www.gogo6.com third party
tool, then use test-ipv6.com
To check if you are on IPV6
 ADVANCED IP NETWORKING
Telephony Technologies Trunk line

LESSONS POINTS
Original telephone systems
used frequency division
multiplexing, today they use
time division multiplexing
Analogue systems has a problem
T1 =24 DS0s = 1.5Mbps With in distance so interconnecting Frequency Division Multiplexing
T3 - 28 DS1s = 43.2Mbps Handset has to be with 3 miles of exchange
So at the exchange a human being will see
light Coming from some electrical pulses and
E1 and E3 are European carries she will intern connect the call to who ever
you want to talk to

Analogue
Digital Pieces - Signals Digital
All of the digital pieces are being sampled with 8bit, sampled
ADVANCED IP NETWORKING
eight thousand times per second so each bit of the
conversation is 64kbps this is a good sample rate to hear a
good conversation

Note: Sample rate is the number of samples of audio carried

per second.

So the TRUNK like will change to a Time division multiplexing

So the signals which are frames are called DS0 signals and through
the trunk line are they are combine to a DS1 = 24 DS0 signals and DS1
one runs on a cable type called T1
24 DS0 x 64kbps = 1.5mbps this is on copper
We also have a DS3 and this runs 28 DS1 simultaneously
In Europe we have E1 similar to T1

Note these T connections are point to point connections no numbers

associated …but you can have them run a cable of T1 to your office
because they also good at holding data so at the end of each like is a
CSU/DSU is a router that understands EI/TI conversations - if you
have EI/TI problem you do a BERT test which is a button on the router
you press .. Bit error rate

Another thing we need to know is a T1/E1 cross over used to emulate

a full connections between CSU/DSU
 ADVANCED IP NETWORKING
Optical carriers
LESSONS POINTS
Sonet

OC1 = STS1 = 51.85 Mbps The very top of the internet is all fiber optics the main fiber
optic standard is called Sonet this some kind of optic carrier equivalence
OC3 = STS3 -155.52 Mbps of T1/E1 called OS lines the slowest OC line is called OC1 = 51.85Mbps
OC3 is 3 x of OC1
OC12 = STS12 = 622.08 Mbps
Try to remember OC1 , OC3,OC12 and the STS number . Sonet is now in
competition with Gigabit or 10Gigabit ethernet. Sonet has come up with a
rival called DWDM - Dense wave division multiplexing this using multiple
light colors for one piece of fiber and can take an existing connection and
multiply it by as much as 150 times. We called Sonet on steroids
 ADVANCED IP NETWORKING
Packet Switching
Back in the old days we used a concept called circuit switching and you will have
and analogue signal that will travel from one telephone to the next and you will
LESSONS POINTS have to manually switch the signals to get to the other phone so that they can
talk to each other.
Know your types of telephony
packet switching Frame relay was a type of packet switching that did not care about errors
and was very quick. Frame relays are most associated with T1 lines, is the type
Frame Relay, ATM, MPLS of switching that is on top of the T1 line

ATM - Asynchronous transfer mode - is a complete networking solutions, they

are used on the back bone of the sonet lines. ATM is some kind of do it for all
kind of switching technology is was deign to handle, voice, data, video and
everything.. ATMs frame is 53bits long so for it to running in an ethernet packet
will badly fracture as it has to be dispatched through an ATM network

Today we are looking at switching technology that are IP centric ( MPLS)

This was design for IP based network - It does not matter whether you will be
sending data on a T1 line or some cable modem, dsl satellite or ethernet, MPLS
work for all of these
 ADVANCED IP NETWORKING
Connecting with dial-up
The thing with dial-up, is that it was the vast
thing that most of us saw as the way to
LESSONS POINTS connect to the internet. Dial-up run on a
56kbps, granted it will be using DS1 that our
voice uses, the overheads( error etc)
Dial-up is slow and is not good will be bring it down to the 56kbps of the
backup actual 64kbps.

So to setup we go to the ISP for a telephone

To use dial-up you need a
and a contract, then buy a modem or be
modem provided with one by the ISP

Your ISP will give you a To Setup

1.Go to network and sharing center
username and a password - 2.Click on set up a new connection
Dial-up uses the PPP protocol 3 Click on connect to the internet
4.Set up a new connection anyway
4.connect using dial-up modem or ISDN
6. Set up a connection anyway

Practical set up a Dial-up Dial-up as a last mile connection is

incredibly slow.
Connection on your windows
machine It uses the PPP protocol for it
connection which is built-in in most
operating systems
 ADVANCED IP NETWORKING
Digital Subscriber Line (DSL)
The Idea behind DSL is to use telephone lines to give us high
LESSONS POINTS speed internet. There is synchronous DSL where your
upload speed is equal to your download.
DSL was the first common Asynchronous DSL is where your upload speed is much
slower than that of your download speed
broadband connection.
We have fiber to the premise which is Vdsl ( very high
speed DSL) some say the medium being is copper line but
Synchronous DSL: upload=download N+ says is finer to the premise.
Asynchronous DSL: Upload < download The was an issue with DSL when Linksys introduce a router
that you can plugin your dsl and serve many customers.
DSL requires filters to use so they took the old PPP protocol and created a protocol
called PPPoE that PPP Over Ethernet. this means the DSL
regular telephones modem came with a software and you will have to login
 ADVANCED IP NETWORKING
Connecting with cable modem
LESSONS POINTS
Cable modems come from the
cable company like DSTV

Cable rarely requires PPPoE

Cable modems use F-type

Connectors

Cable modems are faster

Than Dsl
 ADVANCED IP NETWORKING
Connecting with satellite
One of the downside of DSL is that they
LESSONS POINTS require you to
be in 18000feet of from some central
Satellite modems enable office cable modem do have some kind
connecting to the internet of limitation but very invisible to use.
through a satellite
A satellite dish transmit and receives,
Satellite connections have a they not that fast. todays satellite are
terrible latency Asynchronous download 12mbps and
uploads of 3mbps. from the dish is two
Run a RG-6 cable from the dish RG-6 Cable one for receiving and one for
to the modem sending and they lead to the satellite
modem

Satellite Latency is mentioned in N+

exams and you might find out that time
for a satellite to respond will be high
because of the distance to the satellite
from earth
 ADVANCED IP NETWORKING
Cellular LAN
When it comes to internet connectivity we have two choices - Cellular WAN and
WiMAX this both use Cell towers for access points.
LESSONS POINTS
WiMAX is an extension of the Wi-Fi network the 802.11 standard the WiMAX is
WiMAX is the 802.16 standard based on the 802.16 standard. This has a long feet of range a little over 17miles
this uses existing cell towers to receive connectivity from the ISP. Runs in
multiple per second range downside the
Cell Phones are on many usual substantially of where you place it for connectivity
standards know as G term
The Cell technology was originally designed to carry voice but the soon came up
with the technology to carry data there are two types of data transfer that
HSPA/HSPA+ and LTE network plus is aware of HSPA = 1mbps consider 3g network but has been
improved to HSPA+ running in the multiple per second range and considered a
4g technology
Do Multiple Users Using the
We also have LTE that runs in the 10mbps range must often when we talk about
Internet Affect Speed? 4g technology they are talking about 4g technology. To run this you will need a
device for WiMAX and cell phone but in cell phone you will need
to turn-on tethering.
 ADVANCED IP NETWORKING
ISDN BPL
LESSONS POINTS
ISDN ran at two speeds 64kbps
and 128 kbps

ISDN has a telephone number

BPL uses power line to move

internet data

Integrated Digital Services Network this an old way we used to use for last mile dial-up
connection ISDN is digital and has a telephone number associated with it so you could use
a telephone number to call between ISDN devices. ISDN ran at 64kbps and 128 kbps, they
came with terminal adaptors that will be setting in your office or home and you plug your
special ISDN phones to it and computers.

BPL Broadband over Powerlines is passing your electric with data lines, and problem has
been interference
 ADVANCED IP NETWORKING
Remote connectivity
LESSONS POINTS We talk about remote connectively generally is to have the ability remotely connect to a
computer and gave access to the desktop and perform some kind of functions and
Tight VNC runs on port 5900 rarely transfer files.

Microsoft RDP runs on port Remote desktop was spearheaded by a company called Citrix and they developed a
3389 stranded called ICA to provide over an IP network to do remote connectivity.

Use remote help to control Free Remote Desktop Tools

desktop of the user you are Tight VNC : download TightVNC and it runs on port 5900 but you can change it.
assisting the other remote connectivity

Remote Desktop tool from Microsoft

Two ways to do remote desktop.
One way is to have a remote desktop server / remote desktop connection this runs on
port 3389
I need assistance – a must tool for every tech person
ADVANCED IP NETWORKING
Practical's
With so many Windows features, you’re bound to run into something that doesn’t work right
or isn’t easy to figure out. One of the best ways to solve problems is to connect to
Remote Assistance and watch while a more experienced friend sorts it out.

Remote Assistance is a feature of the Help and Support System in which you
allow another user take over your computer via the Internet and figure out your problem for you.
You can sit back, watch, and learn. And if you don’t like what’s happening, you can drop the
connection with a click. To enable Remote Assistance

Let enable that in windows 7

1 .Choosing Start→Control Panel→System and Security→System→Remote Settings.

Be sure the Remote tab of the System Properties dialog box is showing.

2. Select the Allow Remote Assistance Connections to This Computer check box and then click OK.
The System Properties dialog box will close.
3. Open Windows Help and Support. Click the Ask button and then click the Windows Remote Assistance link.
On the window that appears, click the Invite Someone You Trust to Help You link.

4. On the page that appears, you can choose to use your e-mail to invite somebody to help you.
 LESSON 6
Beyond the typical network
 Network Types Router

LESSONS POINTS
Know the difference between
all the area network acronyms

Geographical LAN. WAN, CAN,

LAN – Same broadcast domain WAN
MAN Internet
They can ping each other The moment there is a router
Wireless: WLAN, PAN that joins another broadcast domain
It becomes a WAN

MAN
Metropolitan area network
CAN
Say the city of ACCRA
We have a WAN inter
connected across campus
 INTERNET
Inter connecting cities

Blue tooth
Note if you have your own
Private network we call it Intranet

Wireless Access Point If l pair these two phones

Together l have form
WLAN a personal area network
As long as all the client has the same PAN
SSID we can have more AP with the same
SSID, as long as we don’t put a router in
between them
 Network Design
LESSONS POINTS 1. Network design begins by assessing customer needs
Network design starts with 2. Assess current networking infrastructure - structured cabling
assessing customer needs 3. Incorporate security considerations early in the design process
4. Analyze existing network documentation
Design considerations include 5. With structured cabling - we check for compatibility with existing network
documentation, compatibility hardware
with existing hardware and
software 6. Access wireless needs, we look at security
7. Interconnectivity to help the company deal with intranet, extranet, like HQ to
Bring in security early and branch office,
make sure to access external 8. How do we connect to ISP’s - ISP's do go down so it will be best to have two
connectivity aleast
 SCADA and ICS
LESSONS POINTS
Industrial control systems
control machines with sensors
and actuators connected to ICS is industrial control systems is where we use automation to control any type
an ICS server. of systems eg imagine a chocolate making plant where we have ICS controlling,
the temperature of melting chocolate bar being packaged
Supervisory control and Data
acquisition systems handle ICS ICS are computers (PCs) that are doing the jobs of humans, these machines do
over a large area have senses that watch for something to take place before they react, they do
so using actuators, they have an interface were the ICS talks to a human being
Key pieces : Programable login to monitor the process
control, human machines
interface, remote terminal unit There is another form of ICS called SCADA, supervisory control and Data
Acquisition, it applies to things that have a lot of distance - like oil field
pipelines .The controllers in this case has be to autonomous, they must be able
to take care of something because it might take a while for people to get there.
 These are screens that are used to monitor
the processes

SCADA is ICS but is

designed to work on it own

The ICS Server is a bunch of computers running thier

own operating system or known OS like windows
 Unified communications - Not that long ago, your typical office phone looks
something like this. Now, this is a little bit of an old school
office phone because it has an RJ-11 connector in the
back. This is designed to be worked with what we call a
LESSONS POINTS PBX system. Now, if you take a look at your typical office
system, you're going to have a certain number of phones,
Unified communication everyone has their own phones, but you need to be able
combines VOIP phones, video, to transfer calls and do voicemail and all that stuff, and
fax chat, and more into a single that was the job of PBX for many, many years. Today,
system though, the world of Voice over IP is taking over.

Key component of UC are the - Now, there's a lot of Voice over IP out there. For example,
UC Devices, UC Server, and UC there's something, when we talk about Voice over IP,
Gateway you'll hear things like, Google Talk or Skype

Ports: RTP[5004.5005(TCP)] SIP Voice over IP we are talking about, which is eventually
[5060,5061(TCP)] H.323 going to become Unified Communications, is really more
of the world where people expect to have a phone, so
VOIP today is really where people have very special types
of phones to do special stuff.
here is a old school PBX system. The PBX is simply a box, arguably a computer, but it's really a
switching device and it's completely analog. Everything you're seeing here are RJ-11 connections,
and what I would have is I would have my specific PBX-style phones that would plug into the PBX
box, and then the PBX box could go out then, and I would have phone line connections directly
to the PBX box, and it could do all kinds of amazing stuff, and most of this should be pretty
common.

When we take a look at Voice over IP, we're going to start with a box again, but this time, we're
simply going to connect this box to our Local Area Network itself, so you could see it's just plugged
into this switch here. In fact, while you can get dedicated VoIP boxes, in most cases, really what you
have is a server that's running very specific VoIP software, so this would be a fairly typical setup.

Now, in order to connect to the outside world, this box is going to be connected, often in the old
days, it would still be connected to an old PBX system but it would have some way to get out to your
regular publicly-switched telephone network, but the question is, "If I'm already an IP, why don't I
take advantage of the actual internet itself?" So a more modern Voice over IP system would have a
connection to the internet, and once you have a connection to the internet, it almost makes the
whole idea of having your own wired connections sort of unimportant because you'd have some
type of service in the cloud where if you actually needed to call a landline, they would take care of
that for you.

So, once we have VoIP, once we have this connection, we can actually do a lot more than that. We
actually get into the world of what we call Unified Communication.
 let's talk about Video Conferencing versus Real Time Video.
So, when we talk about Video Conferencing, we usually have
one person, a speaker, and this speaker is giving some kind of
presentation, and this is then propagated over the internet.

Now, there's nothing wrong with that but when we talk

about this type of presentation, it's usually very much a one-
way type communication. There's an old methodology in
here with Video Conferencing. There are weird ways but
there's no normal way for this to be a two-way conference.
So, it takes us a while but then everybody gets to watch
Video Conferencing whatever video it might be. Things change when you talk
about Real Time Video. When we get into Real Time Video,
everybody's kind of like a peer, and everybody has their own
camera, and everybody has their own microphone, and
everybody has their own interface, and when this takes
place, anybody can pretty much talk to anybody whenever
they want, so it's important that you're comfortable of the
Real Time Video
difference between Video Conferencing versus Real Time
Video.
Collaborative Tools or Workflow Tools and Presence
Information.
Now, when you're doing Real Time Video, one of the things
you can do is if everybody's got their own camera, everybody's
got their own speakers, everybody's got their own
microphone, is that you can literally have everybody on there The first device is called a UC Device. Now, a UC Device is what
at the same time, so you can handle a Workflow by individuals we would've called a Voice over IP phone not that long ago. Yes,
being able to speak to each other in whatever particular order it has an RJ-45 in the back, but compared to a typical VoIP phone,
a UC Device is going to have a microphone, not just a speaker
you want.
and a handset. It's going to have a camera so people can see you,
and it's going to have a big display that you can actually look and
Presence simply means to be able to determine who's there, see and tell what's happening on. Next, is the UC Server. The UC
who isn't there. Unified Communication really kind of took Server is the switchboard of any Unified Communication system.
over the whole office environment when it came to talking to
other people. For example, in the old days, we used to have He's your local connector. He's the one who's going to be storing
our network connection and our phone connection, but with your voicemail. He's the one who's going to be making, when you
Unified Communication, we are almost starting to find a lot of call somebody else in another office within your same
organization, he's the one who switches the call, so the UC
offices where the whole phone line system is sitting kind of
Server is the cornerstone of any local Unified Communication.
dark and unused. What you need to remember is that Unified Communication is
not just for one little network. What if I have an organization that
Now, Unified Communication really is a Cisco term, but has an office in Topeka, KS and in Houston, TX? Well, in that case,
Network+ has come to love and embrace it, so let define the what I'll do is I'll create a UC Gateway, and the UC Gateway will
different aspects of Unified Communication devices, and while act as an interconnection between my two offices at the edge of
we're at it, we got some port numbers. each network so they can talk to each other.
Now I want you to think about that UC Gateway for a minute.
Imagine, if you would... let's say I've got an organization that has five
locations. It's got headquarters in Houston, it's got Video Production
in St. George, UT, it's got Marketing in Evansville, IN, and it's got
Accounting in Orlando, FL and somebody's up there in Walla Walla,
WA, .I want to use my network to be able to send Voice and Video
just like l would have it to send data.

The challenge that I have is that if it takes a while to send a Word

document, it's not that big of a deal. If my Video, my Real Time Video
in particular, is choppy, I've got a problem. So what we do is we
create what's known as a
Medianet. A Medianet is a bunch of UC Gateways, that using Quality
of Service techniques, makes sure that our Voice and our Video data
gets from one place to the next in a timely basis. So, make sure you The last one is Media Gateway Control Protocol or MGCP. As the
understand the word Medianet. Now, as you can imagine, there's name implies, it's really used for Media Gateways and you'll see
going to be a lot of ports involved with UC so let's go through them this with Medianets. MGCP is going to use ports 2427 and 2727.
all. And that, my friends, is enough of the basics of Unified
Communication to get you through to Network+. It's an amazing
First of all, there's Real-time Transport Protocol. An RTP uses TC ports area and one of the areas that I would also like to see more
5004 and 5005. Second is Session Initiation Protocol. SIP uses TCP people getting involved with. In fact, Cisco provides certifications
ports 5060 and 5061. Next, is going to be H.323. H.323 is a ITU just in their Voice over IP/Unified Communication methodology,
protocol, the International Telecommunication Union, and what they so have fun with it, make sure you know the ports (phone rings)
did is they came up with a way to switch and control how different and oops, sorry.
types of audio and video go over a network, and if you're using this,
and a lot of people do, you'll be using TCP port 1720.
 Virtualization means : to Virtualize any thing on a computer system into a
virtual system. When we virtualize a computer it means we take every hard of the
computer virtualize it within it own system.
Virtualization The Idea behind virtualization is am going to have some kind of host system that has hardware and am
going to take that hardware and virtualize it.
There is a difference between virtualization and Emulation
LESSONS POINTS
Emulation uses software to imitate hardware. Virtualization does not pretend to be anything that is not.
If you have a certain amount of RAM in a machine your virtual machine can only take that amount of
Don't Confuse virtualization RAM.
with emulation Virtualization uses a system's actual hardware.

Make sure you recognize the Importance of virtualization

benefits of virtualization 1. Power Saving
2. Virtualization consolidates hardware
There are two types of 3. Virtualization makes system recovery easy - say if your system is hack- all, you need to do is shut the
hypervisors; Type 1 bare metal virtual machine down and copy the files on the server and recreate a new server and you are up
and type 2 Hosted. 4. help in duplication - easy to copy servers and power it up
5. Virtualization is handy for IT research

Windows server has a Hypervisor that is what runs and managers the virtual machines for us there 2
What is a hypervisor? kinds of hypervisors , this hypervisor runs on top of the windows OS.
There is another kind of hypervisor and this kind of hypervisor boots up a system, you normally see a
thumb drive inside the computer .

1. hypervisor that boot up a computer - bare metal

2. hypervisor that runs on a host - hosted
 IaaS – infrastructure as a service
LESSONS POINTS Virtualization has come to stay and having powerful hardware's are the
driving force behind
IaaS enables you to quickly virtualization. Companies with the money can build servers for use with out
configure network resources the need to build our own
hosted by someone else
Let talk about Infrastructure as a service (IaaS)
Amazon web service is a great This when someone far from us sets up a computer system as in
example of IaaS infrastructure. that will cost us money and rent as
the infrastructure for us to setup our software's and all that we wont to run
AWS, like most IaaS providers, from this setup.
only bills you for the time you
are actually running a server eg. is aws.amazon.com
 Your first Virtual machine
LESSONS POINTS We are going to use host based hypervisors to create a virtual machine -
when it comes to hypervisors we have a lot of choices out there - the bigger names
Virtual machines need an are VMware and Microsoft - most of them cost money
operating system
We have a completely free Hypervisor and it comes from oracle is called virtual box
Snapshots store the current We will Practically install virtual Box
sate of a virtual system
Most hypervisors enable you to read an ISO image as though it were an optical disc
Most virtual hardware can be
changed
 PaaS – Platform as a service
LESSONS POINTS Let’s say am a programmer and l want my application that l build, to be up and
running on a internet, like a Facebook, Gmail, WhatsApp etc. l don't want to go
PaaS enables you to access a through the setting of servers, bandwidth, diskspace, iP adresses etc.
software development
platform without the need to what l will be looking for will be a platform that is already setup to help me build
host it yourself my apps and it takes care of all l need to be up and running on the internet. That
is a PaaS platform
Heroku is a great example of good example is heroku.com
PaaS

A PaaS lets you very quickly get

your software running live on
the internet
 SaaS – Software as a service
LESSONS POINTS Software as a service does away with optical media or drive, hence SaaS is;
instead of you buying a software from the shelf. what you do is buy a
SaaS enables you to access subscription which allows you to download various
applications via subscription versions of the software eg. Microsoft 365
and downloads

Microsoft office 365 is a great

example of SaaS

Other SaaS examples include

Dropbox and Google Docs
 Cloud Ownership
LESSONS POINTS When you have a cloud - you have servers, storage and the people who run these
servers so ownership is very important..

Four Clouds to remember Owning a cloud - a good example we can start with is aws- amazon web services
this is a public cloud and anybody can put their data on this cloud. Another way to
1. Public own a cloud is private l could own the hardware but what is important is only l will
2. Private be using the cloud .
3. Community
4. Hybrid l can have a private cloud and invite others to join me hence l will be forming a
community cloud

The other form of cloud is a hybrid one and that is me combining my private cloud
to a public one
 Introduction to Wi-Fi and Wireless Access
Point (WAP) Wi-Fi - is short rage radio to be used for distributing data instead of cable for a LAN.
Wi-Fi has been around for a while but it wasn't until a company called Linksys started creating some little boxes the
black and blue that Wi-Fi really took off.
LESSONS POINTS The Wi-Fi that we use is based on the 802.11 standard

The primary wireless standard You can have wire devices in the form PCi/PCie card, Dongle etc.
everyone with a wireless device will have to plug into a network - will need a WAP - wireless access point. WAP is a
is 802.11 bridging devices that connects a LAN to Wireless network.

in 802.11 you have wireless clients and wireless access point

The infrastructure mode in 802.11 you have two choices how you use this staff
requires a WAP, but any a. infrastructure mode - must have WAP
wireless network need an SSID b. Ad hoc mode - no WAP

in infrastructure mode you will need to setup SSID that will be broadcasting one type of connection- this created a
There are 14 channels used in Basic Service Set identifier (BSSID)
you can have a group of WAPs with the same SSID connected to the same switch -
802.11 to get ESSID ( extended SSID)

802.11 is design to work on ISM - industrial Scientific Medical band

the two bands are 2.4GHz and 5 GHz the developers knew there will be a lot of people setting up networks so the came
up with the concept of channels. The 2.4ghz has a set of channels, the 5ghz has also a set off complicated Channels

The N+ is only interested in only 2.4ghz set of channels the channels are 1-14
the rest of the world uses 1-13 USA 1-11 Japan 1-14 . these channels do sometimes overlap easily so in the USA 1,6,11
are what they permanently use based on devices that are manufactured in the US.
 802.11 standard
Things have gotten better since the 802.11 standard was created for WAP
so the devices have become better and now what we see is the standard having extension 802.11b - 802.11n,
LESSONS POINTS 802.11ac

802.11b - was the grand daddy of them all - 11mbps /2.4ghz band
Early wireless standards are 802.11a - runs on 5ghz band 54mbps had a short range
802.11b(2.4-GHz) and 802.11a 802.11g - 2.4ghz band 54mbps support 802.11b devices
(5.0=GHz) 802.11n - 2.4/5ghz band runs as slow as 74mbps and fast as 600mbps - they introduced something called
MIMO multiple in/multiple out it allowed multiple channels to talk to different devices.

First widely -used standard was The 802.11n were difficult to configure because if you migrate from 802.11b/g you will need to change devices
802.11g (2.4-GHz) that connected to it or we needed to be on a Green field mode = all n devices on network, which means all
connecting cards will need to be upgraded to work with 802.11n. The 802.11n WAP supports 802.11b/g devices

Current fastest standards are 802.11ac - 5ghz has 3 antenna’s for N and 3 antenna for AC ( can run of 2.4/5 for ac/n) 1gbps is built on multi-
802.11n and 802.11ac user MIMO ( MUMIMO)
it support 802.11b/g/n devices on 2.4ghz frequency

802.11ac
 POE
Power over ethernet

LESSONS POINTS
POE provides a power to
networking devices without
the need for power cords
POE Injector POE Switch
POE is used frequently in WAPs

POE injectors provide

additional power to devices
that need it

POE WAP
 Wireless security standard
LESSONS POINTS By default anybody can connect to a wireless access point, and there is nothing you
can do about that so there is not much in the way of authentication.
WEP is the oldest wireless
The real power of 802.11 is encryption
encryption standard and it uses
1. WEP - Wired Equivalent Privacy
40/64 or 104/128 -bit
2. Wi-Fi Protected Access (WPA) is still WEP but includes TKIP
encryption
( Temporal key integrity protocol)
WPA can be cracked TKIP is a suite of algorithms that works as a "wrapper" to WEP, which allows users of legacy WLAN equipment to upgrade to
TKIP without replacing hardware. TKIP uses the original WEP programming but "wraps" additional code at the beginning and
end to encapsulate and modify it. Like WEP, TKIP uses the RC4 stream encryption algorithm as its basis. The new protocol,
WPA2 is the strongest wireless however, encrypts each data packet with a unique encryption key, and the keys are much stronger than those of its
encryption standard predecessor. To increase key strength, TKIP includes four additional algorithms

3. WPA2 is using AES encryption which means all the wireless devices must support
AES - Advanced Encryption Standard ( symmetric encryption )
4. WPA2 Mixed TKIP+AES
5. Radius
 Implementing Wireless Security
LESSONS POINTS 1. turnoff SSID broadcast - what is the downside?
2. Mac address Filtering - what is the downside?
Disable SSID broadcast 3. Setup Multiple SSID
4. Limit DHCP - what is the downside?
Use MAC Filtering 5. Change default password
6. Remote management - also change ports
Limit the number of DHCP - 7. Client isolation - means every one can connect to the SSID but they cannot see each
issued addresses other
 LESSON 7
Managing the Network
 IT Risk management
When we talk about IT risk management we talk about infrastructure, and our job is to secure the
LESSONS POINTS infra from treats .. so when we are setting up enterprise network we hire people big organizations
have like chief security officers who specialize in providing the security we need.
Security policies are
When we talk about IT risk management we talk about people who sit in boardrooms that setup
documents with broad
overview statements that define techs like you what you are how to set the securities up.
overview statements
Security policies incorporate practices require by laws and standards
Security control provide more Let learns some terms from them
details
1. Laws - from healthcare
Procedures discuss specific 2. Standards - NIST - National Institute of Standards and Technology
implementation of policies 3. Best Practices - eg Microsoft will say if you are setting up a windows network these are the
things we do to provide security

So you pay experts to generate security policies

Security policies are documents and they are documents that define how you will do the security
to your infra. for your organization.
These policy say all kinds of staff

1. Acceptable use policy

2. Ownership of equipment policy
3. Password Policies etc.

A password policy may say we will use complex passwords - eg.

When these policies are generated then we generate a security control

NOTE: Security controls are generated from security policies –

This is everything that is IT risk management.

A security control will be the one to say " we will have all systems using
windows server setup with a complex password rule set or on our Linux system
all system password will be a minimum of eight characters uppercase lower
case and numbers”.

1. So security policy is an overview statement

2. when security control defines what exactly needs to be done.
3. and the procedure is how do we do that security control
 Security Policy
Security policy is document written down that says how we deal with security for some
aspects of our infra.
LESSONS POINTS
Two security policy documents we are going to talk about is
Security policies define aspects 1. Acceptable use policy
of network security What you can ( and Cannot ) do with our companies equipment
a. Ownership - says the company owners the laptop so bring it back when you take it
Acceptable use policy specifies home
what people can do with b. Network Access - you only access info that you are allow to access
network and equipment c. Privacy / Consent to monitoring - anything you do on our network is not private
d. Illegal Use - you cannot do illegal things - selling stoling equipment etc.
Network access policy specifies
who get specific access to the 2. Network security policy - what they mean Network Access Policy and it defines what
network users can do to what resources on the network eg. the account department can have
access to certain
kind of info. whiles the database to different department will be a different database or
only in read only format. We can also say customers have access to this SSID when staff
SSID is different
Change Management
Change management team
In change management what we want to talk about is
LESSONS POINTS Strategic change VS Infra change

Strategic change - is a massive change that is going to affect the business of the infra. it self eg. is
The change management team we are moving to a country, we are wiping out every computer in the company and replacing with
handles infra - level changes something else. we don't discus strategic change with the change manage committee, this is big
corporate kind of decision.
The change process includes
If we want to roll out a new software in a department or division of the company
request, types of changes, then we can discuss that at a committee level - so request is made to the committee by say an IT
configuration procedures, person who want to get a new antivirus, so to initiate what change we need
rollback and more A change document - so the change request will have the following

The end game is Infra change

documentation of all the 1. Type of change - software or hardware ( backup methods, network access, work hours, work flow changes, etc)
2. Configuration procedures - what is going to take to make this happen, who are the plays going to help and how long
changes made will it take
3. Roll back process- for some reason if this change becomes a bad idea, how will we roll back. ( time it will take to get
back to the previous configuration)
4. Potential Impact - what change will it bring, save time, save money, more efficiency, what will be the overall impact of
this change
5. Notification - what steps will be take to notify the organization of this change.
Documentation is the last step in change management process
 User Training
LESSONS POINTS In big corporate world we have HR dept. training employees on
1. Acceptable use policy read and signed
Network techs get called on for 2. User should get training in passwords policies
user training 3. Users need training on systems - eg luck your screen when away, do to write
your passwords down on posted notes
Train users on acceptable use 4. teach users about social engineering - some calls and says l need your
and password policies password...
5. Train users to avoid malware -
Users should recognize social
engineering and avoid malware
 This is were you define what will make your business stop

Point of failure 1. Identify critical assets ( people, internet service provider)

2. Critical nodes are IT assets, like servers, if l have a front end router is a critical node.

if it is a single point failure then we need to do something about it, so we need to get into the world of failover, if
something goes off the we have something to take over.
LESSONS POINTS
Failover means to have something ready to take over in case of failure.. DONT confuse this with backups
Create failover for redundancy
In n+ we talk about two failovers

Clustering can provide high 1. Server that need failover

availability 2. Router that needs failover

One thing on N+ that we need to talk about is Virtual IP = IP address not assigned to a port somewhere. We
Use HSRP or VRRP for Router normally find this in clustering,( This can provide high availability) Basic take one server and mirror it to two other
redundancy servers. So l have two other servers which is constantly in contact with each other constantly updating each
other. so if my primary fails one of these servers can take over, and l don't need to change IP, which means we can
put a router in front of it and properbly use one to many NAT.

So Virtual IP is an IP not overtly assigned to a particular physical port.

Another one is when router fails

To do it we use a protocol called HSRP - Hot Standby Router Protocol,

or Virtual Router Redundancy Protocol ( VRRP)

These protocol allows more than one router to work as a team or as cluster to make sure that one can failover
incase one does not work
 Standard Business Documentation
There is a lot of documentation when it comes to networking
LESSONS POINTS Network plus covers four business documentation.

1. SLA - Service level Agreement

Standard Business a. Between a customer and service provider
documentation is common in b. Scope, quality and terms of the service to be provided
so some of the things you are going to see in an SLA will be
networking a. Definition of the service provided
b. Equipment
Standards on the exams c. Technical Support
include SLA,MOU, MSA, and SLA is used a lot by ISP but it work fine with other service providers
SOW 2. Memorandum of Understanding (MOU)
This is used between organizations who will normal not be able to make legal contracts
These are real-world standards So in a situation where you could not make normal contracts .. make MOU

MOU - Defines an agreement between two parties

- Defines the dues that the parts are going to perform for each other
- Used where a legally binding contract is Inappropriate
- Definition of Agreed Duties
- Time Frame
eg of MOU City hospital Patient exchange disaster MOU
The MOU will talk about Cost, Logistics
3. MSA - Multi Source Agreement ( eg is a gigabit adaptor for a switch)

A multi-source agreement (MSA) is an agreement between multiple manufacturers to make

products which are compatible across vendors, acting as de facto standards, establishing a
competitive market for interoperable products.[1]

Products that adhere to multi-source agreements (MSAs)

include: optical transceivers, such as the SFP, SFP+, XENPAK,
QSFP, XFP, CFP etc.; fiber optic cables; and other networking devices.
MSAs strictly define the operating characteristics of these network devices so
that system vendors may implement ports in their devices
(e.g. Ethernet switches and routers) that allow MSA compliant devices produced
by name brand, as well a third party vendors, to function properly.

4. SOW - Statement of work

1. Legal Contract between a vendor and a customer
2. Scope of the SOW varies by the product or service

- Definition of service/ Product Provided agreed to supply

- Timeframe - Normally delivery time
- Milestone - Time to be mark through the completion of work

Standard Business documentation is common in networking

Standards on the exams include SLA,MOU, MSA, and SOW

These are real-world standards

SNMP – SIMPLE NETWORK MANAGEMENT PROTOCOL
Network Monitoring - SNMP
LESSONS POINTS The ultimate aim of a network engineer a or
network administrator is to sit the entire day
and never get up. When l have a more
SNMP uses UDP port 161 or complicated network, l will have to get up
10161 when using TLS especially when l have to deal with switches,
routers or printers etc.
SNMP Managed devices run an
agent that talks with a network In other to elevate this we use Simple
management station ( NMS) Network Management Protocol - SNMP
SNMP is a tool which allows us to administer
SNMPV1 is unencrypted, and manage network devices from a single
SNMPv2 added basic source
encrytion, SNMPv3 added TLS
SNMP capable
To use SNMP on a device - the device must
Managed Device
be SNMP capable from factory ( Agent )
MIB is a database built in from
Factory that allows us to query that
Particular device.
Some communications we do in SNMP
1. Get is a standard query we use with SNMP Get is
when the MNS sending a Get to a managed device
and the Managed device makes a RESPONSE and we
can ask " how many pages it has printed“

2. Trap - is something we actual set on the device it

self, there are things that you will not want to wait for a
query, what if the printer over heats,… what l have a
switch that is over loaded with
data. A TRAP is a system set on the device to let you
know of an ISSUE …so a trap is set on the managed
device and when ever it hits a particular value it send
information to the MNS

3. Walk - you will want to have a lot of info from the

managed device like get but you go the extra mile to
get other info , and that is when we use WALK
SNMPWALK - is a Unix utility that allows you to talk to
your managed device. This is a Big batch of SNMP GET
There are 3 versions of SNMP

1. SNMP Version 1 does not support encryption

limited command set
2. SNMP Version 2 added based encryption and
expanded the command set, It was good but the
encryption was week
3. SNMP Version 3 added robust TLS for encryption

It common within a network to have different

versions of SNMP

To setup SNMP you need to setup a community

- A SNMP Community is an organization of
managed devices ( all the devices in our network
can be grouped to form a community)
- SNMP is not only for monitoring but querying staff
to make changes - you can set a managed device to
ready only or read write
so that nobody makes changes to it.

- There a lot of NMS software out there one good

one is a free one called cacti it runs on Unix, or
Linux
 Documenting Logs Logs are used to keep track of things
that has happen, they can be turned
LESSONS POINTS on or off, and they
depend on the kind of software you
use for your operating system, or for
your devices.
Review the different types of
logs
So it could be a System or a General
log. Logs can only be kept in a certain
Event viewer is a windows tools
amount of time ,logs can be set to
that displays various types of
track events or not track - that
logs
depends on what you want them to
do
Many Unix systems use syslog,
Log viewers
which works with SNMP
1. Windows Event Viewer
2. SNMP logs comes in the form of
syslog's - they have error priorities,
they go from error 0 to 7
we can use this to work on how we
react on it .
eg. is an interactive syslog viewer
 Network Trouble Shooting
- MTU Problem
There are a lot of error in networking eg. One of such is the configuration error like dhcp server is
LESSONS POINTS down and you get a 169.254 kind of error. However there are some errors which do not fit into
configuration errors.
Recognize MTU errors
MTU/MUT Black Hole ( MTU error or MTU Black hole)
MTU stands for Maximum Transport Unit and with ethernet your maximum MTU size is 1500 bytes
MTU Size problems can course so if you have an ethernet network and you have to take it to an ATM network, the MTU size from the
fragmentation Ethernet will be fragmented because ATM MTU is lower than that of the Ethernet. If there are too
much fragmentation going on it will slow down the network. So what we end up doing is adjusting the MTU
size
The biggest MTU size problems
are on routers Where we do see MTU size problem coming up more often is Routers
MTU Black hole is when you tell the devices do not fragment.. when frames are coming in. this means
routers have been told not to fragment, which means packets that are not up to the MTU size set in the
One method to test and detect a reduced MTU router will be dropped, and the source MAY not know the packets they are sending has been dropped,
size is to use a ping with a large packet size. and you just cannot connect.
Here are some examples of how to do this.
C:\Users\rex> ping -l 1500 192.168.10.1
On a Windows host you can also set the Do Not
So if you are fragmenting is going to slow things down and if you have a Black hole
Fragment (DF) bit to 1 with the “-f” ping when you are not allowed to fragment you are going to drop packets.
parameter.
C:\Users\rex> ping 192.168.10.1 -l 1500 –f
 Bad Connection solutions
Bad Cables,
LESSONS POINTS Bad connectors,
Bad modules on switches like the gigabits adaptors - you can use the link
Isolate the problem lights
Power failures
Check to see if something has
changed When you suspect any of the above try to isolate the problem
Check the obvious Lets come up with 50 troubleshooting tips
 The Troubleshooting procedure
l have setup a computer which is not on the internet.
what is the troubleshooting steps that l need to get it on the internet
LESSONS POINTS
1. Identify the problem ( ask the customer what the problem is)
TECH: Sir what seems to be the problem -
Identify the problem and
Customer: Customer l cannot get on to the internet
establish a theory of probable TECH: can anybody else get on the internet apart from you
cause Customer: yes
TECH: have you done anything to the computer lately?
Test the theory to determine Customer: not sure
cause
2. Establish a theory of probable cause
Establish a plan of action to check if computer is on the network
resolve the problem
3. Test the theory to determine cause
let me check if a DNS issue - ping a FQDNs
if did not work try pinging an IP address - it works so it is dns issue
so l need to check the network settings

4. Establish a plan of action to resolve the problem

reconfigure the dns setting
 Protecting the network
Threats
- Virus and worm
LESSONS POINTS A virus will do two thing
1. make copies of it self
Identify the problem and 2. Is going to activate.
establish a theory of probable
cause A virus predates the internet - and were transferred by floppy desks.
So the classic virus kinds of fades out
Test the theory to determine
cause When the internet came along - people started creating WORMS
A worm is a peace of Malware that uses the TCP/IP network to propagate
Establish a plan of action to All we need to do is get some anti- malware software's on our systems and get that
resolve the problem updated
The other area we worry about is when people try to attack our
network - eg is the Denial of service
attack. (DOS) This is when you make your target so busy that it
cannot response to your request
anymore and in essence you take it down.

so when l identify a target on the internet - l will be sending my

target icmp packets,
usually malware form ping packets - which my target doesn't
know what to do with - and as a result
he who will not know how to respond to it , and his buffers will
end up overflow and it will end up
booting the computer.

We can get a Distributed DOS - and these are small pieces of

software's running on zombie computers
all sending mal-ICMP packets to this target.

Smurf Attack - this is like DDoS attack but what it does is using a
bench of computers - it sends out a spoof source address. that is
a bunch of computers will have the target as the source
address so what will have is all the zombie computers will try to
respond to the source
 Social Engineering
The form social engineering is the Dumpster Diving, you will be shock with the
amount of information
LESSONS POINTS people leave in their trash cans.
Social engineering comes in
Use a shredder to protect against dumpster diving
many forms
Shoulder Surfing
Shoulder Surfing is looking over shoulders to get passwords or PIN codes,
Shred documents to protect
walking up to unattended computer is also shoulder surfing
against dumpster diving
Ways to avoid Shoulder surfing -
Educating users protect against
1. Use a screen privacy filter they lay over the screen and reduce the view angle
surfing and phishing
substantially

2. Use a password enabled screen saver

3. Train people to be aware of shoulder surfing

Phishing - just go an email telling me to change my email
 Access Control

LESSONS POINTS Our gateways routers are also our firewall - A firewall is a software that is define to
protect
Access Control is an important us from the evils of the internet.
part of network security
There are two kinds of firewalls we deal with
Stateless firewalls use pattern 1. Stateless Firewall
analysis and heuristics to 2. Statefull Firewall
decide which packets should
ne blocked Stateless firewall is to just turn them on, they are designed to look at packets coming
in and make decision on it so if it see ICMP packets coming it it may ignor it but when
Stateful firewalls examine each it see a lot is going to do something about it
packet to decide which packets
should be blocked Statefull firewall is looking for something to block or something to allow
 Testing network security
The question how do you know your network is save? in most cases you dont know..

l know you have installed anti malware - when was the last time it was updated
l know your router has acls but don't you thing you have allowed a port that is not to be allowed?
LESSONS POINTS
Open ports ( ports are being open all the time and we don't know about it what we need to do
Open ports allow access into a is scan systems to look for open ports - these are vulnerabilities that need s to be checked
computer or device
We need a tool that is going to help us to that..

nmap can scan a system and Nessus or nmap

identify any open ports service
Scanning is a good thing but we also want to know what bad guys are doing on our network,
and devices and that is why we have thing like intrusion detection - Intrusion detection is good
but sometimes we need to allow the bad guy do what they ae doing on our network, to also know why
Honey pots and honey nets are they are doing it.
designed to bait would-be
We do that though Honey Pots or Honey net - A Computer which is a fake server that attracts
hackers bad guys to attack the server and record their keystrokes and figure out what they are doing

An honey net will be a fake network of computers

there a re software's out there that you can use to setup a honey pot
one is called honeybot
 Mitigating Network Threats
1. Training and Awareness
LESSONS POINTS
2. Patch management - ( always update your softwares )
Implementing proper
mitigation techniques to 3. Policies and Procedures - (what you can and cannot do on my network)
protect your network
4. Incident Response - ( protecting your data )
Start with training and
awareness, as well as patch
management

Complete with policies,

procedures and incident
response
 Introduction to Firewalls

LESSONS POINTS Firewalls filter traffic based on specific criteria ( IP and Ports ) but they can do
more than that
Firewalls filter traffic based on Where does firewalls leave - and they are place at the edge of the network.
specific criteria
Firewalls can inside our router or placed in separate box with the router
Firewalls can be network - Most routers are network firewalls our computers also have firewalls .
based or host based
Host-based software firewall on individual stations
Firewalls come in hardware Unified threat management (UTM) can be a firewall box but does a hole lot of
and software varieties staff, like malware scanners, proxy.