Guide to CompTIA Network+ (N10-005)

See also: Providing professional services: Formal credentials: CompTIA Network+ and (Glossary) terms provided with the N10-005 objectives.

The N10-005 expiration date has been quoted as August 31, 2015. (Network+ N10-006's was launched February 28, 2015, and the expiration dates for that version are: English August 31, 2018. Other languages: January 31, 2019. The Network+ N10-007 launched March 2018.)

Status of document

The document has been created, and then a second pass applied. The second pass made many corrections, and filled in many areas where details were incomplete.

This document may not be quite up to the standards of many other areas of ][CyberPillar][. However, substantial time (most minutes, while awake, over a period of weeks) was implemented to just get this guide into the current state. (So some degree of polish has been applied.)

The guide adds information. It would be nice if some of the guide's custom/added information was somehow identified, to distinguish that information from any official objectives by CompTIA. For now, though, the information is a bit of a merged mess, as the goal was more about getting lots of quality information up quickly, and not worrying quite as much about style.


Note: This is just one study guide for the Network+. It was based on objectives of the N10-005. That particular version of the exam seemed to have increased number of topics that are rather related to phone companies (and might not be quite as useful for more generalized networks, such as common Ethernet networks, or even competing utility companies). Specifically, sections 2.8 and 3.4 (and maybe also section 1.9?) stick out as some examples of this.

Historically, CompTIA Network+ has been rather useful at covering many topics related to computer networking, including technologies useful for small businesses run by those people who are operating Ethernet LANs. Hopefully the usefulness of this certification does not diminish due to a desire to try to appease larger organizations, and include a lot of specialized information that is less useful to those who more frequently work at the local level. (An additional, more specialized exam may be a more sensible way to help with getting people sufficiently qualified for those more focused needs.)

Guide to objectives

CompTIA Network+ N10-005 Objectives Section 1.0 : Networking Concepts
[#n10005s11]: CompTIA Network+ N10-005 Objectives Section 1.1: Compare the layers of the OSI Model and TCP/IP model
OSI Model

See: OSI Model notes.

TCP/IP Model

The TCP/IP model is similar in concept to the OSI Model. This model is mentioned by the OSI Model notes.

[#n10005s12osihow]: CompTIA Network+ N10-005 Objectives Section 1.2: Classify how applications, devices, and protocols relate to the OSI model layers.

The notes (referenced material) related to section 1.1: the OSI Model do contain some of this sort of information about how the OSI Model applies to various technologies.

Address types
MAC address

See: EUI-48/MAC-48 address and the subsection for OUI-24 (24-bit version of an OUI). Both of these are part of the broader section about EUI addresses which also mentions the newer EUI-64 (which is another term that CompTIA has indicated test takers should be familiar with). These types of addresses are used by protocols that use the OSI Model's Layer 2: the “Data Link” layer. For example, Ethernet uses this.

[#n10005s12ip]: IP address

This term refers to either an IPv6 address or, historically more likely (and probably more likely for this version of the CompTIA Network+ exam), an IPv4 address. As noted by the OSI Model notes, this type of address (an IP address, whether the IPv6 variation or the older IPv4 variation) is related to Layer 3 of the OSI Model (the “Network” layer).

This is mentioned by the section about EUI addresses.

Ethernet uses this. The OSI Model notes identify this as layer 2. This is a “protocol data unit” (“PDU”). At this layer of the OSI Model, the name used for such a PDU is a “frame”.


Layer 3 protocols, including IP (both IPv6 and the older IPv4) use a “protocol data unit” (“PDU”) which is called a “packet”. The OSI Model notes identify this as layer 3.

[#n10005s12switch]: Switch
This is covered by the section communiations hardware: section about a network “switch” and is also referenced by the OSI Model notes. A switch provides the outer boundaries of a “collision domain”. What this basically means is that if a switch notices there was a collision, the switch just handles the problem on that port. The switch does not relay information about the problem to any of the other ports, so other devices are not even informed about the collision (and, therefore, the other devices do not need to start trying to properly handle the collision).

This is covered by the section communiations hardware: router.

A router is also referenced by the OSI Model notes. A router typically provides the outer boundaries of a “broadcast domain”. (Exceptions may be made, such as relaying DHCP traffic. However, such exceptions are not universally desirable, and so are expected to be disabled by default (until anyone chooses to change the configuration)). What that basically means is that the routers do not typically re-transmit a “broadcast” PDU (neither a layer 3 “broadcast packet”, nor a layer 2 “broadcast frame”) to devices that are part of other subnets. This can help reduce load overall, especially when it prevent spreading the effects of a “broadcast storm”.

Multilayer switch
This is covered by the section communiations hardware: section about a network “switch” and is also referenced by the OSI Model notes.

This is covered by the section communiations hardware: section about Ethernet hubs and is also referenced by the OSI Model notes.

(Technically, the term “hub” is also often used by some other hardware, perhaps most famously a “USB hub”. However, the CompTIA Network+ examination is far more likely to be referring to Ethernet hubs.)

A similar device is a bridge.

Encryption devices

Some devices may include circuitry which is meant to be optimized for performing some certain mathematical functions that are commonly performed with encryption and decryption processes.


See Glossary entry for “cable”. Then, for more technical details, see communiations hardware: cabling page. (Actually, at the time of this writing, that page may primarily provide information about copper cabling.) Other sections of the exam may also discuss cabling: see: CompTIA Network+ N10-005 Objectives Section 3.1: Categorize standard media types and associated properties. (People seeking to take the CompTIA Network+ certification examination should become familiar with those sections. Doing so will lead to familiarity with standard cabling.)

[#n10005s12nic]: NIC

See: Glossary: NIC (and its referenced page, communiations hardware: NIC).


This is covered by the section about a bridge, and is also mentioned by the OSI Model notes.

[#n10s005s13ipaddr]: CompTIA Network+ N10-005 Objectives Section 1.3: Explain the purpose and properties of IP addressing.
Classes of addresses
[#n10005s13ipv4clas]: Class A, B, C, and D

IPv4 classes. The classes are mentioned by IPv4 Usage.

It may be good to know that all addresses in class A start with the first bit set to 0. Likewise, all addresses in class B start with the first two bits set to 01. All addresses in class C start with the first three bits set to 001. All addresses in class D have the first nibble set to 0000. All addresses in class E have the first nibble set to 0001.

Knowing these details can help people to remember the boundaries. Class A uses addresses from 0 through 127, and those are the only numbers where the first bit of the first octet is a zero.

[#10005s13pubprv]: Public vs. Private

For IPv4, see: IETF BCP5: Address Allocation for Private Internets. Actually, in most cases, being familiar with the IETF BCP numbers is preferred over remembering the specific RFC numbers. However, this may be one exception: If there is one RFC number worth memorizing, it is number 1918. This is because RFC 1918 (“Address Allocation for Private Internets”) is often referred to by the industry. Official documentation of network products. One example is the manual page for the /etc/pf.conf file used by OpenBSD's pf. Additionally, (other) online documentation by that firewall mentions RFC 1918. Cisco documentation may also refer to these as “RFC 1918” addresses.

For further details about these addresses, see: the 10/8 IPv4 address range (which provides some references to the other similar address ranges). People expecting to take a knowledge test/examination should be familiar with those ranges.

For IPv6, see fd00::/8 address range and FEC0::/10 address range. While discussing FEC0::/10, that may be an appropriate time to launch into discussing the ex-6bone addresses: see 3FFE::/16

[#n10005s13cidr]: Classless (CIDR)

This really doesn't make much sense to discuss prior to Subnetting. (First, see the section about subnetting.) Classless Inter-Domain Routing (CIDR) is barely discussed by Glossary: CIDR. (See also: Glossary: Variable Length Subnet Masking)

[#n10005s13ipstacks]: IPv4 vs. IPv6 (formatting)

I choose to assume this means the format of the network addresses. See: network addresses.

While on the topic, let's quickly cover some of the differences between IPv4 vs. IPv6.

Key differences are the sizes of addresses, and how automatic addressing works.

A lot of other things require very little change to be able to support both IPv6 and IPv4. The TCP and UDP work identically. (They use port numbers, and not the addresses of individual computer systems. Therefore, these protocols required no real difference.) From an end user's perspective, most end users typically use DNS, so there really may be no visible difference that many end users will even need to notice.

Some people believe you need to understand IPSec in order to be able to use IPv6. Nah... just that a fully compliant IPv6 network stack should be able to do IPSec. IPv6 can be implemented/deployed without active IPSec just like IPv4 can. It seems likely that many people may have heard that IPSec is a part of IPv6, and so decided to learn IPSec first, but then never got around to learning IPSec, and perhaps didn't even remember why they decided to make learning IPv6 a low priority (but did remember that they did make that decision). There is likely no way to be able to calculate/determine how much IPv6 adoption has been slowed because of just that one concept effectively scaring off numerous experienced professionals.

It seems likely that IPv6 and IPv4 are likely to both remain deployed for quite a while. Although there is a compelling reason for IPv6 on the public Internet, IPv4 has been proven to be functional and uses less bits for the addresses.

IPv6 may often have higher overhead than IPv4, if for no other reason than just because the addresses are bigger. Sometimes people claim that IPv6 was designed to be more efficient. IPv6 may do some things different than IPv4, including allowing larger packet sizes. This means that large amounts of data can be broken up into fewer packets. Each packet has overhead, so when the larger packet sizes translate into fewer packets, less overhead may result because of the reduction in how many packets get used (even though the individual packets are larger in size). This might be a large part of the claims of IPv6 being more efficient.

That arguement will be more effective for larger data transfers, such as streaming video, where multiple packets are likely. It is a less compelling argument for traffic that comes from smaller communications like a single DNS lookup. However, for small communications such as a couple of small DNS packets (one sent in each direction of two-way communication), the larger address sizees in the IP header might push IPv6 into being the “less efficient” protocol. So, IPv4 may very well thrive at providing connectivity within a single site, likely for years even after the time when IPv6 begins to get heavily utilized on the public Internet.

Although IPv4 may continue to languish/exist in some ways, and for quite a while, the move to IPv6 is widely expected as IPv4 addresses are allocated.

MAC address format
EUI-48/MAC-48 address, and specifically the subsection called “Formats”. Knowing about EUI-48/MAC-48 canonical form is technically related to the format of how a MAC address is displayed, so perhaps that might be part of what gets covered.
[#n10005s13subnet]: Subnetting

Some details are provided by subnetting. Som related information may be seen in the more broad topic of information about subnets.

Multicast vs. unicast vs. broadcast
See: multicast.
See: Network basics: Unicast.
[#n10005s13broadcast]: Broadcast

(This is listed in the section about LAN technologies: section 3.7 subsection about “broadcast”.)

See: Network basics: broadcast. This standard to how the network communicates is something that applies to IPv4, and doesn't really apply to IPv6 (because IPv6 just uses multicast to accomplish the same goal).

For similar topics, see also: broadcast address, broadcast domain, broadcast storm.

A similar topic would be “anycast”.

[#n10005s13apipa]: APIPA

Automatic Private IP Addressing

See: IPv4 link local and IPv4 automatic address (“link local” section).

APIPA might be IPv4 only. (This is probably true, because there is likely different code for determining the IPv6 link-local addresses.)

When studying this, it would make sense to also become familiar with link-local addresses with IPv6. First, make sure people know about the terms host and node, as defined by RFC 2460 section 2. Then, using those definitions, see: fe80::/1. Specifically, the reference to RFC 4291 section 2.1 (paragraph two, first sentence), and the first bullet point under RFC 4291 section 2.8. Although that bullet point says it is for “A host”, later the first bullet point under “A router” shows that these requirements for hosts are also requirements for nodes.

At some point, and probably when reviewing these topics about link-local, it will make sense to also discuss other forms of automatic addressing. See: section 2.3: subsection on DHCP (and the notes in that section, which may also pertain to IPv6).

[#n10005s14]: CompTIA Network+ N10-005 Objectives Section 1.4: Explain the purpose and properties of routing and switching.

Enhanced IGRP (clearly named after the older Interior Gateway Routing Protocol (“IGRP”). Like IGRP, EIGRP is by Cisco. (May be licensed by some competitors.)

[#n10005s14ospf]: OSPF

Open Shortest Path First. Link state.

Historical notes: (This is being written from memory, and may need verification.) Windows Server 2003's RRAS supported OSPF. Almost inconceivably, Windows Server 2008 (or R2?) dropped support for OSPF (while retaining support for RIP). This is mind-boggling: perhaps RRAS was somehow re-written for the new operating system and OSPF was just considered a low priority. However, OSPF is an open standard that is sufficiently popular, and so probably should be widely utilized (moreso than the more aged RIPv2).

Wikipedia's article on “Asynchronous Transfer Mode”: “Virtual circuit routing” section states, “PNNI uses the same shortest-path-first algorithm used by OSPF and IS-IS to route IP packets to share topology information between switches and select a route through a network.”

(As OSPF is often referred to as IGP, perhaps the main difference between OSPF and IS-IS is that OSPF is more commonly deployed for internal use?)

[#n10005s14rip]: RIP
Router Information Protocol. This is considered to be a Distance vector (as described by Link State vs. Distance Vector).

The first version of RIP did not support VLSM (which is extremely similar in nature to CIDR, and related to subnets). It would make assumptions on the subnet mask for a route, assuming that it matched whatever subnet mask was used on the network interface that received the route.

(At the time of this writing, ][CyberPillar][ may not have a whole lot of specific details about setting up these sort of protocols. When such information is to be added, it may be added to using a routing protocol.)


Supports VLSM (which is extremely similar in nature to CIDR, and related to subnets).

(At the time of this writing, ][CyberPillar][ may not have a whole lot of specific details about setting up these sort of protocols. When such information is to be added, it may be added to using a routing protocol.)

For IPv6
[#n10005s14linkstatedvhy]: Link state vs. distance vector vs. hybrid

OSPF is link state. Information about an entire network gets spread about with OSPF. This may require more bandwidth initially, as well as requiring more processing power to be utilized on the routers. However, it converges very quickly.

In contrast, RIP simply sends an update to its neighbor, and does so at a pre-scheduled interval. If the routers are three or four routers deep, there may be a greater, noticeable length of time before all routers have the updated information. (When all the routers are up to date regarding how routing should ideally work, the network is said to be in a state of “convergence”.)

RIP is considered “distance vector”, as key information provided includes a “distance” (measured in “hops”, often shown as the “cost” related to a route) and a vector. In mathematics, a vector may refer to a combination of an amount of speed, and a direction. In this case, the term “vector” is simply referring to a direction. A route may indicate which IP address or network interface needs to be used to get the traffic closer to the destination, or at least closer to the destination. The traffic may then be sent in that direction.

EIGRP may somehow be sometimes classified sort of a hybrid between link state and distance vector. That is likely what is implied by the CompTIA objectives list.

Static vs. dynamic

Dynamic routes are learned from remote systems (via using a routing protocol). Static routes may be able to be configured manually. See adding a network route.

Routing metrics
Hop counts

How big the network is. Each time traffic goes through a router, that is considered to be a “hop”.

[#n10005s14mtubw]: MTU, bandwidth

Maximum transmission unit. This has to do with the largest size of unit that can be transmitted in one “chunk” (e.g. PDU/packet/frame).

The term “bandwidth” basically refers to how many bits are getting trasmitted. This is typically referred to as speed, measuring a number of bits per second. Note that a lot of specifications will often mention a speed like Mbps, when it really refers to mbps (millions of bits per second, NOT “megabits” that contain 1,048,576 bits due to using binary-based units). See: Attack of the kibibits!


Cost is a concept. Humans can define cost as desired. It may relate to the financial cost, or some other method of measuring the desirability of sending traffic. For example, a high-speed network may be more expensive, but have lower cost in terms of time that it will take to deliver the traffic.


Latency refers to how long it takes to get traffic from one place to another. For instance, some satelite connections have been known to transmit huge amounts of data at once (meaning there is high bandwidth), but to take a long time for even the first bit of data to be transmitted. Once the first bit is transmitted, then all the massive amounts of data gets received very quickly.

Next hop

A “hop” basically refers to when traffic goes through a router. (Side note: every hop reduces the TTL value of a packet.) RIP does not have full details, but simply ends up knowing which nearest device needs information. So, RIP simply knows enough detail to get the traffic needed to the next hop. The term might sometimes refer to the short-term destination that gets used along the way as a packet gets routed through multiple hops.

Spanning-Tree Protocol

When a cable is plugged into a port of a “switch” (or, perhaps, another network infrastructure device) that is using the Spanning-Tree Protocol is used, then the device sends out some traffic. The device also listens for the traffic. If the device notices the traffic, then the device will bring the port into a state called “down”, and traffic will not go out that port. The intent is to prevent routing loops (which can cause a simple problem, such as a cable being plugged into the wrong place, from causing a broadcast storm, which is a more serious problem that may cause network infrastructure equipment to become overloaded and unable to function until the problem gets fixed).

As a result, it is possible that some users may plug a cable into a switch, and then that specific cable isn't usable. Knowing about Spanning-Tree Protocol can help detrmine the cause.

[#n10005s14vlan]: VLAN (802.1q)

Tagging packets. Infrastructure devices (like switches) might only allow traffic to certain ports if the traffic has been “tagged”, meaning that the traffic has the appropriate VLAN marker. So this ends up affecting traffic routing.

(This topic does come up again: section 2.1 subsection about VLANs.)

[#n10005s14portmir]: Port mirroring
See: port mirroring
Broadcast domain vs. collision domain

This is phrased funny... These things aren't against/“versus” each other.

See: broadcast domain. (It may also be sensible to become familiar with the topic of a broadcast storm, as the separation of broadcast domains may help in such a situation.)

See: collisions and then see collision domain.

[#n10005s14igpegp]: IGP vs. EGP

Interior Gateway Protocol, Exterior Gateway Protocol.

The key difference between an IGP and an EGP is that an IGP is designed for communication within a single “autonomous system” (“AS”). EGPs are designed to share information with devices in a different AS. (Speculation: EGP's may be more prone to consider the factor of cost, or perhaps even trust, when determining which network route to use.)

(This may need some checking.) Namely: The Border Gateway Protocol is EGP. IS-IS might be sorta half of each? Other common ones (OSPF, RIP, (E)IGRP) are IGP.

Initially, the term “Exterior Gateway Protocol (“EGP”) referred to a specific protocol (which has now been replaced by a newer protocol, BGP). Nowadays, though, the term “exterior gateway protocol” is used as a classification which includes the older “Exterior Gateway Protocol (“EGP”), and now the much more commonly deployed Border Gateway Protocol (“BGP”). The exterior gateway protocols are about getting data from one organization to another organization, while the “interior gateway protocols” may be focused more on getting data properly routed within a single organization. (While an “interior gateway protocol” may be more optimized for performance, because cost is less of an issue, an “exterior gateway protocol” may be used to connect to a less trusted network.) Basically, BGP version 4 is the standard protocol used by some organizations, most notably ISP's, for determining how to get traffic routed across the public Internet. Organizations that have multiple routes to the public Internet may find BGP to be useful.

IANA Protocol Numbers has reserved protocol number 9 for “IGP”, described as “any private interior gateway” (protocol). (The RFC cites Cisco's IGRP as an example. This number may have been chosen to assist compatability with Cisco's existing IGRP protocol.) Also, IANA's list of protocol numbers shows that protocol number nine is reserved for “Exterior Gateway Protocol”. These protocol numbers are used by the “Protocol” field of IPv4 packets, as well as the “Next Header” field of IPv6 packets.

Routing tables

netstat -nr

Perhaps see: viewing routing tables and adding a networking route.

[#n10005s14convergence]: Convergence (steady state)

When all the routers have updated information regarding how routing should ideally work, the network is said to be in a state of “convergence”. (This may also refer to “steady state”, as the data in routing tables probably do not need to be getting changed.)

Changes to a network, such as when network cabling is changed (e.g. a network cable being unplugged), can disrupt convergence. Routing protocols may be able to figure out different possible paths that traffic can go through a network. Routers will typically just want to utilize whatever path is “best” (often meaning “fastest”, although possibly meaning “cheapest”). If there had been multiple paths available, but one of the paths becomes unavailable, then the routers may need to re-determine what route is optimal (or even what route(s) may be possible). In that situation, the router may not be in a “steady state”, and the network is not longer experiencing “convergence”.

For each routing protocol, it may be good to know some details about how long does it takes for all routers to get all of the necessary updates whenever there is a change (such as a router being taken down, or a router becoming newly available).

Namely, know that RIP is considered to be quite slow compared to OSPF which, by design, has much faster convergence times.

The speed of OSPF's faster convergence time is because of its design, which is called “link state”. In contrast, the much slower RIP is “distance vector”. (See section 1.4: subsection on “link state”/“distance vector”/“hybrid”.)

Note: the term “convergence” may also refer to what has happened with network design. Many modern networks are considered to be “converged” networks, which basically refers to the fact that the networks perform the functionality of what used to be separate networks (one for computer data, one for telephony communications, and possibly another one for a video feed such as cable television). However, as much as Cisco may like to promote buying advanced hardware to support such “converged networks”, the term “steady state” does indicate that this term “convergence” is meant to refer to routing protocols.

[#n10005s15ports]: CompTIA Network+ N10-005 Objectives Section 1.5: Identify common TCP and UDP default ports.
[#n10005s15smtp]: SMTP : 25

TCP port 25 is used by Simple Mail Transport Protocol (“SMTP”). This is about E-Mail servers getting E-Mail. When clients send E-Mail, they contact an E-Mail server using SMTP. When E-Mail servers need to send E-Mails to other servers (especially if those servers are owned by other organizations), then SMTP gets used.

The most related information on ][Cyber Pillar][ is likely to be at: Servers getting E-Mail. Also, E-Mail section does currently mention ESMTP. (However, it does look like this particular website may currently have little publicly published information already pre-written about the protocols themselves.)

[#n10005s15http]: HTTP : 80
Hypertext Transport Protocol is used for web page content (commonly HTML, but also commonly supporting data, such as graphics). See: Web-based file transfering.
[#n10005s15https]: HTTPS : 443
Hypertext Transfer Protocol: Secure connections, a.k.a. Hypertext Transfer Protocol (HTTP)/Secure Sockets Layer (SSL) (or the upgraded variation: using TLS rather than SSL). For now, probably see: Web-based file transfering.
[#n10005s15ftp]:FTP : 20, 21

Some basics about TCP should be covered. Namely, that each TCP connection has two related TCP ports: the destination port and the source port. Since TCP is a two-way communication, both machines listen for traffic. Both machines listen for traffic on one of those two TCP port numbers.

File Transfer Protocol uses TCP port 21 for a client to contact a server. Then, the old/traditional documented defaults specify that in order to transfer a file, an FTP server creates a new connection from TCP port 20 (to a random port). So, in both cases, the TCP port numbers on the client are randomly chosen, and the TCP port numbers on the server are using these default numbers.

For more details about the file transfer protocol, see: section about FTP: the File Transfer Protocol.

[#n10005s15telnet]: TELNET : 23

The term TELNET is frequently shown in all capital letters: I believe this is actually not an acronym. It is simply an all-capitalized name. Many times the protocol is also spelled with just the first letter capitalized, or the common name of the Unix command line executable (which is all lowercase) gets used.

Uses TCP port 23.

See: Telnet.

This protocol may also be covered by section 1.6: subsection about Telnet.

[#n10005s15imap]: IMAP : 143
IMAP4 is really the only common version. This protocol is about Users getting E-Mail. This is similar to POP3 but does have some more features, such as supporting folders (within an “E-Mail box”) and message statuses, and in some cases, decreated bandwidth (due to only having some information from headers transmitted, instead of entire message bodies). MAPI is also similar. Some details comparing IMAP4 to POP3 may be at E-Mail Basic Settings, section with an anchor titled “imaorpop”.
[#n10005s15rdp]: RDP : 3389

TCP port 3389 is related to RDC/RDP. Note that there are other solutions mentioned in the broader remote access section. The key advantages to RDP are just that it is bundled in Microsoft Windows and, as a result, it is widely deployed (so sometimes already-deployed firewalls might already have exceptions for this protocol).

Perhaps see aslo: section 5.2: subsection about RDP

[#n10005s15ssh]: SSH : 22

Secure Shell (“SSH”) uses TCP port 22. The basic functionality of SSH is to provide encryption. A common usage is for remote access. Another usage, which is probably not common enough (this is a useful but underutilized technology, probably just because of unfamiliarity), is tunneling traffic (using SSH port forwarding). This protocol is often used as a basis of other protocols, such as SCP, which uses SSH and does not use a different default TCP port number. (So, SCP uses a default TCP port number of 22.)

[#n10005s15dns]: DNS : 53

Perhaps when discussing all these different protocols, focus on the simple communications aspects: The basic purpose of DNS and the ports. Other aspects of DNS are covered in a different section. The primary port is UDP port 53. This is the most important protocol that makes heavy use of UDP. This protocol may also use TCP port 53, specifically when using zone transfers.

See also: section 1.7 (DNS).

[#n10005s15dhcp]: DHCP : 67, 68

Dynamic Host Control Protocol provides automatic IPv4 addressing. (Dynamic Host Control Protocol version 6 (“DHCPv6) provides automatic IPv6 addressing. It may be worthwhile to mention the defintion of a host. First, see Glossry: node, and then check out the definitions provided by RFC 2460 (IPv6) section 2: Terminology for router and host.

DHCP uses the same ports as the ports used by BOOTP. See: DHCP. For related material, see: Automatic addressing of IPv4 addresses, and more generally Automatic addressing (which also hyperlinks to Automatic addressing of IPv6 addresses).

There is also a section (section 2.3) of the CompTIA Network+ objectives that is more focused on DHCP. This protocol may also be covered by section 1.6 (subsection for DHCP) on the certification exam.

[#n10005s16protocol]: CompTIA Network+ N10-005 Objectives Section 1.6: Explain the function of common networking protocols
[#n10005s16tcp]: TCP

Transmission Control Protocol (“TCP”) fulfills the purposes of the Transport Layer (Layer 4) of the OSI model. (This is discussed further on the page about the OSI model. See: section 1.1: OSI Model and TCP/IP Model.)

TCP provides some features that are not found in the UDP protocol.

One of the most well-known features is “sequencing”. TCP segments may (at least in theory) be routed in different directions as they traverse a network (especially the world-wide network known as the Internet). It is possible that some segments may arrive faster than other segments, and the segments may arrive out of order. However, segments are identified by a number, and so the computer receiving TCP data can recognize the proper order, and re-assemble the segments in the desired order. Therefore, programs that rely on TCP don't need to worry about what order these segments arrive in.

Perhaps an even more well known feature of TCP is “reliability”. When a computer sends TCP traffic, it remembers the contents that were sent until the receiver has acknowledged receipt of the segment containing that traffic. If a segment of data gets dropped by the Internet, then the receiver will never acknowledge the packet. In that case, the sending computer may need to re-send the needed TCP payload. (The duplicate copy may be received out of order compared to other segments, but that is okay because TCP also supports sequencing.) Because of this, dropped packets are likely to cause slowdown, but programs don't need to worry much about the potential for data loss as data gets transmitted over a network.

TCP is primarily defined by RFC 791, which is dated September 1981. There have been some updates/enhancements over the years, but the core functionality really remains in tact from September 1981.

IANA Protocol Numbers, as well as some older RFC's, have reserved protocol number 6 for TCP. This protocol number is used by the “Protocol” field of IPv4 packets, as well as the “Next Header” field of IPv6 packets.


See that section about “common” port numbers for details: section 1.5 subsection related to FTP.

[#n10005s16udp]: UDP

User Datagram Protocol (“UDP”) fulfills the purposes of the Transport Layer (Layer 4) of the OSI model. (This is discussed further on the page about the OSI model.)

UDP (and some other protocols, such as SNMP are part of the TCP/IP suite. That suite is named after the two protocols which have been most heavily used (at least prior to the deployment/adoption of IPv6, which is the successor to one of those protocols). However, despite the name, the suite does actually support more protocols, such as UDP.

UDP's primary advantage over TCP is lower overhead. TCP requires three segments as part of the “three-way handshake”. However, a typical DNS conversation is often completed by the second packet. By not worrying about sequencing, UDP requires less bits of overhead. However, UDP does continue to perform the basic features expected of the Transport Layer. So, UDP datagrams may get processed (e.g. transmitted) a bit quicker than TCP segments.

Time-sensitive applications may often use UDP. As a couple of examples: a ticker showing stock market prices, or an Internet server that supports a game. Both of these are about providing current details. If somebody's Internet connection gets slowed down, perhaps some data will be lost. In that case, there is no desire to receive old updates. There may be little to no benefit by having TCP re-send old data about what things used to be. When playing a game, a player probably does not want to know about where other characters used to be. The player wants to know the most recent data, not a re-transmission of older data. The same logic is likely used for stock market pricing. If data is lost, a client can just re-request a report of the data, and is then likely to get the most recent data.

VoIP is also likely to use UDP for much of the same reason. If data gets dropped, then the best thing may be to just lose the data (which will probably cause silence to be heard for a bit). That may be distracting (if noticed), but may be less painful than trying to use old data. If some part of a voice conversation got lost, then people don't expect the telephones to try to replay what should have been heard seven seconds ago. Instead, people will be expecting the telephone to be playing the sound of what a person has said more recently.

IANA Protocol Numbers, as well as some older RFC's, have reserved protocol number 17 for UDP. This protocol number is used by the “Protocol” field of IPv4 packets, as well as the “Next Header” field of IPv6 packets.

[#n10005s16tcpipsuite]: TCP/IP suite

(This is currently discussed a bit in the section about UDP.)

[#n10005s16dhcp]: DHCP

See section 2.3: subsection on DHCP. Also, section 1.5 (common port numbers): subsection about DHCP lists port numbers.

[#n10005s16tftp]: TFTP
See: section about TFTP: the Trivial File Transfer Protocol.

The CompTIA Network+ (exam N10-005) goals has a subsection (1.7) specifically about DNS. See: N10-005 section 1.7 subsection on DNS.

Also, see that section about “common” port numbers for details: section 1.5 subsection related to DNS.


See that section about “common” port numbers for details: section 1.5 subsection related to HTTPS.


See that section about “common” port numbers for details: section 1.5 subsection related to HTTP.

[#n10005s16arp]: ARP

ARP is used for identifying which Layer 2 (MAC-48) address corresponds to the device that is using a IPv4 address. The Address Resolution Protocol. See: ARP and NDP. (On a related note: Inverse ARP which is quite different from RARP.)


Session initiation protocol. (This text is based on a provided description. Accuracy checking has not been performed.) Basically, SIP handles the creation of a conversation, and performs functions similar in nature to a dial tone (letting equipment know that the media is ready), dialing (identifying the destination, and any complexity like dealing with phone extensions), and issues (such as a “busy signal”).

Once a session has been initiated, then a protocol like RTP may be used for carrying the voice data.

[#n10005s16rtp]: RTP (VoIP)

Wikipedia's page for Real-time Trnasport Protocol notes, “While RTP carries the media streams (e.g., audio and video), RTCP is used to monitor transmission statistics and quality of service (QoS) and aids synchronization of multiple streams. RTP is originated and received on even port numbers and the associated RTCP communication uses the next higher odd port number.” (Internal hyperlink replaced from quoted material.)

The next paragraph starts by stating, “RTP is one of the technical foundations of Voice over IP”.

RFC 3550: “RTP: A Transport Protocol for Real-Time Applications”.


See that section about “common” port numbers for details: section 1.5 subsection related to SSH.

[#n10005s16pop]: POP3

The “Post Office Protocol”. Uses TCP port 110. This is about Users getting E-Mail. IMAP4 is a more advanced protocol (and so is MAPI) and provides the same sort of features.

See also: references to POP at: Post Office Protocol

[#n10005s16ntp]: NTP

Network Time Protocol uses TCP port 123. This synchronizes time. Time synchronization can be critical. Perhaps the most impactful reason is that some security authorization protocols will expect that time is rather synchronized. If a computer sends a message, and if that message has a timestamp, and if that timestamp indicates that the message was created at some point that is too far into the future, then the receiving computer may reject the message. After all, the timestamp is clearly incorrect, and computers do not like to deal with incorrect/dishonest information when making decisions related to security authorization.

Note: There is also a standard called Simple Network Time Protocol (“SNTP”, or perhaps occassionally abbreviated as “Simple NTP”). This is sufficiently described, quite abbreviated, by Wikipedia's article on “Network Time Protocol”: section called “SNTP”. (SNTP is a term referenced by a glossary CompTIA provided along with a list of objectives.)


See that section about “common” port numbers for details: section 1.5 subsection related to IMAP. (Know that IMAP4 is the only version of IMAP in modern widespread use.)

[#n10005s16telnet]: Telnet

See that section about “common” port numbers for details: section 1.5 subsection related to TELNET.


See that section about “common” port numbers for details: section 1.5 subsection related to SMTP.

[#n10005s16snmp]: SNMP 2/3

Simple Network Management Protocol is a standard method to be able to get information from network devices, and to make changes to configuration options from the network devices.

RFC 1180 section 8.5 describes this protocol, including the following: “Simple Network Management Protocol (SNMP) uses” ... “central network management stations.  It is a well known fact that if given enough data, a network manager can detect and diagnose network problems. The central station uses SNMP to collect this data from other computers on the network.”

Many SOHO environments do not use this protocol frequently, if at all. Instead, most devices in SOHO may provide other methods of management, such as running a web server that can be utilized for configuring the device. For a more automated method, some devices may allow SSH or Telnet access. Some larger organizations do seem to like using SNMP for reporting and other tasks that involve automation.

This protocol was part of the original (IPv4) TCP/IP suite.

(It is believed that, for at least some versions) SNMP is fairly simple, to the point that unencrypted communications can reasonably be effectively managed using Telnet. (Or maybe not? See: “Literally IPv6” article states, “SMTP was one of a small number of IP application protocols that eschewed the use of binary-packed control protocols, such as the later-defined SNMP and its use of ASN.1, and instead used simple lines of ASCII text as the base language of the protocol exchange. It may not have quite the same compactness of expression, but it certainly makes debugging the operation of the protocol, and even hand-cranking the protocol fantastically easy!” Note that this is calling SMTP easy, not SNMP.)

The term “community string” may be an important part of interacting with SNMP.”

See also: N10-005 section 4.4 subsections related to SNMP.

[#n10005s16icmp]: ICMP

Currently, related information is hiding out on the page about firewalls in the section called “Types of traffic”.

Other sections of this guide that may refer to ICMP may include: section 2.5: subsection on Mismatched MTU/MUT black hole, section 4.3: subsection on ping.

[#n10005s16igmp]: IGMP

Internet Group Management Protocol (“IGMP”) allows a computer to join/“subscribe to” a multicast group in IPv4. In IPv6, this has effectively been replaced by the Multicast Listener Discovery (“MLD”) protocol.

IGMP shares at least one similarity to ICMP: There is a list of “message types” tracked by IANA. IANA's list of IGMP Type Numbers.

See also: IGMP.

[#n10005s16tls]: TLS

“Transport Layer Security”

TLS replaces SSL, the “Secure Sockets Layer” standard that was the basis of secure communications used by web browsers (HTTPS). However, TLS is not extremely different than SSL. RFC 2246: TLS version 1.0 notes, “The differences between this protocnol and SSL 3.0 are not dramatic, but they are significant enough that TLS 1.0 and SSL 3.0 do not interoperate (although TLS 1.0 does incorporate a mechanism by which a TLS implementation can back down to SSL 3.0).” The differences are so minor that many people refer to TLS and SSL support as “TLS/SSL” (meaning “TLS or SSL”). The differences between SSLv3 and the slightly-more-updated standard TLS are so minor that most software supporting either will also support the other. If software provides an option to use such security, a single option will generally enable or disable both SSL 3.0 and TLS support at the same time.

SSL was designed by Netscape and is the primary method of using security by websites.

[#n10005s17dns]: CompTIA Network+ N10-005 Objectives Section 1.7: Summarize DNS concepts and its components
DNS servers
DNS Servers, DNS Servers for clients to use. Also related: DNS Client software
[#n10005s17dnstypes]: DNS records (A, MX, AAAA, CNAME, PTR)
DNS Record types has information about: “A” Records, “MX” Records, “AAAA” Records (and “A6” Records), “CNAME” Records (and “DNAME” Records), “PTR” Records, and some other types (probably most notably: “SOA” Records, which is mentioned by the Glossary of items from CompTIA Network+ Objectives documentation).
Dynamic DNS

This is probably not covered extensively by ][Cyber Pillar][, but it is covered somewhat in the section for Dynamic DNS updates.

When discussing this, it may also make sense to discuss other DNS updates. (Example #1: Update the serial number. Example #2: Discuss manually-initiated zone trasfers. For that matter, discuss what a DNS zone is.)

(See also: section 1.5 subsection on DNS.)

The list of CompTIA Network+ objectives also listed a term, EDNS. (See: EDNS.)

CompTIA Network+ N10-005 Objectives Section 1.8: Given a scenario, implement the following network troubleshooting methodology
Identify the problem:

The CompTIA Network+ might be quite likely to ask about this. Accurately identifying a problem should be successfully done before spending a lot of time trying to fix the problem. Otherwise, a lot of time may be spent taking care of something that is not being impactful.

Information gathering

Know what details and resources are available, including who is available to discuss the situation.

Identify symptoms

Identify what is actually impacting people now, or what will be severely impacting people in the near future.

Question users

A great skill to have is being able to identify facts without taking up another person's time. However, it will generally be more worthwhile to figure out what a user is actually seeking, than to try to fix something that is not being viewed as broken.

Determine if anything has changed

Recent changes are often the cause of actual problems, as well as situations that somebody may recently be perceiving to be a problem. It is helpful to know if there has been any recent changes, such as an upgrade of software running on a server. This might be able to be identified by checking documentation to see if there have been any recent projects that may have led to the cause. Asking users questions about what has changed may help to identify what might have caused other types of changes.

Establish a theory of probable cause
Question the obvious

Do not assume that things are set up properly! For example, if a device has an incorrect subnet mask, some communications may have been able to work, despite the error. Then, some changes may cause the error to become more noticeable. Do not just assume that the core/root problem is definitely related to recent activity.

If a user is complaining about a piece of software on a specific host (computer system, device, etc.), the problem might actually be caused by some other software which may or may not be running on the same host. Consider how that device relies on information provided by other hosts. Consider how a problem with another host might be affecting the host that the user is complaining about.

Test the theory to determine cause:
Once theory is confirmed determine next steps to resolve problem.

This can be the trickiest part of the whole process. Determine what will fix the problem.

If theory is not confirmed, re-establish new theory or escalate.

“Escalate” means to forward the problem (and the details figured out) to someone else; presumably a more advanced technician. The details about when to escalate can vary: different organizations will have their own processes.

Establish a plan of action to resolve the problem and identify potential effects

Before implementing steps, consider what their expected impact will be. Determine whether these likely impacts are acceptable.

Implement the solution or escalate as necessary

A technician who is authorized may be able to proceed with making a change. Larger scale changes may be something that supervisors should be brought up to date on. The first steps to implementing the solution may be to notify people of expected changes, and waiting until a scheduled time for the downtime to be performed.

Verify full system functionality and if applicable implement preventative measures

Confirm that things look good.

Document findings, actions and outcomes

One of the expected outcomes is that end users are made aware that the problem has been rectified.

There are various approaches, such as top-down (check application first) or bottom-up (check physical first). Many experienced technicians aim for closer to the middle: “Literally IPv6” article says, “So, like all network engineers my first response is to check the network path, and to do this I turn to ping”. (This is from a website hosted by APNIC, so the author is likely to be familiar with common network troubleshooting practices.)

The above is a general guideline of how troubleshooting may occur, and is the list from CompTIA's official objectives for the N10-005 Network+ examination. There may certainly be variations, such as a more elaborate process that includes details like keeping end users informed when there is a delay. Letting end users know about progress, and providing end users with assurance that there is a process being followed (even if that process is “I need to research some specific information” or “I need to coordinate this with other staff”) can help to put many end users at ease.

CompTIA Network+ N10-005 Objectives Section 1.9: Identify virtual network components.

Disclaimer: The information in this section was based on a review/conversation with a professional in the computer networking industry (the lead technician at an ISP). This does not necessarily represent any official standards.

Virtual switches

It is believed that this simply refers to virtual equipment, not substantially different in concept than a virtual machine.

Virtual desktops

This probably refers to a virtual machine that runs an operating system that is used by end users. A key reason that this definition seems most likely is from the existence of the term “Virtual servers”.

In theory, this terminology could also refer to a “desktop” produced when logging in, such as what happens when an RDC/RDP remote access connection is created.

Virtual servers

A virtual machine that runs “server” software; often these user “server”-grade operating systems (such as “Ubuntu Server” or “Windows Server 2008” or “Windows NT 3.1 Advanced Server”, not “Ubuntu Desktop” or “Windows 7” or “Windows XP” or “Windows NT 3.1 Workstation”). (Those examples are theoretical - by the time virtual machines started to become popular, the number of new installations of Windows NT had greatly declined.)

Virtual PBX

A PBX stands for “Private Branch Exchange”, and generally refers to hardware that provides some services similar to what a phone company provides. Using software such as Asterisk can provide PBX services from a computer. A Virtual PBX would be a virtual machine running such PBX server software.

Onsite vs. offsite

Infrstructure can be hosted on-site, or remotely. The concept of a remotely hosted servers has often been referred to as “cloud” services.

Network as a Service (NaaS)

This term more likely refers to virtual equipment such as virtual switches, while “Infrastructure as a Service” (“IaaS”) may more commonly refer to running the virtual computers.

CompTIA Network+ N10-005 Objectives Section 2.0: Network Installation and Configuration
[#n10005s21rtswitch]: CompTIA Network+ N10-005 Objectives Section 2.1: Given a scenario, install and configure routers and switches
Routing tables

Perhaps info at Routing features

[#n10005s21nat]: NAT

NAT is often performed by firewalls. ][Cyber Pillar]['s information about firewalling network traffic has a brief blurb about setting this up. (For the most part, this might be largely uncovered at this point.)

Some further information may be found at: ][CyberPillar][ Glossary: network address translation (“NAT”)

See also: section 2.1: PAT. This topic may also come up with section 5.5: subsection titled “NAT/PAT”.

[#n10005s21pat]: PAT

Some further information may be found at: Port Address Translation, ][CyberPillar][ Glossary: network address port translation (“NAPT”), Network address translation

See also: section 2.1: PAT. This topic may also come up with section 5.5: subsection titled “NAT/PAT”.

[#n10005s21vlan]: VLAN (trunking)
802.1q. VLANs are mentioned at N10-005 section 1.4: subsection about VLANs.
Managed vs. unmanaged

This is likely referring to switches. See: info about switches which has a section mentioning a “Managed switch”.

Interface configurations
Full duplex

Both sides of a communications link are able to communiate at once. If collisions occur due to simultaneous communications, the reflections are effectively measured to figure out what was said by the other end. Both ends are able to transmit.

Half duplex

Both methods are able to communicate, but not simultaneously. (This is better than “one-way” communications like an old-style AM/FM radio setup, where a tower transmits and a consumer may own a receiver, but the receiver is not able to transmit back to the tower.)

One of the big advantages to using a switch, rather than a hub, is that switches can usually enable full duplex for point-to-point links. If a hub is being used, consider replacing it: often replacing that one piece of equipment may enable the full-duplex support by other devices.

Port speeds

Faster is generally preferred.

Getting full duplex is often worth pursuing: A whole network can be forced to half-duplex just because of the use of a hub.

IP addressing
This sounds similar to Seciton 1.2 which specified “IP address”, but may refer to the actual act of assigning the address. See Automatic addressing
[#1000521macfilter]: MAC filtering

Network infrastructure (managed switches, wireless access points, and routers) can block connectivity to equipment that does not use a recognized and pre-authorized MAC address. This is not generally considered to be worthwhile, as this often involves a fair amount of effort and the security benefits are considered too low since devices can spoof MAC addresses.

See also: section 5.2: MAC filtering, N10-005 section 5.5, subsection on “Port security”, MAC address filtering.


Power over Ethernet. This may require equipment that supports PoE (a lot of consumer devices don't support PoE). (This might require special wiring?) The advantage is that some devices may not require an electrical outlet. For example, a wireless access point (“WAP”) that connects to a switch/router might receive electrical power via POE. Then, only one wire is needed, as the WAP won't need to use a standard power outlet.

[#n10005s21trafficfilter]: Traffic filtering

VLANs may be able to support this. In general, though, this sounds more like a process typically implemented by firewalls. See: Blocking/denying traffic, TCP-Wrappers (for Unix). Related sections may be discussed in subsections underneath N10-005 section 5.2: subsection on “ACL”, section 5.5: firewall rules

Perhaps this is meant to refer to data monitoring/catpuring: see Network monitoring/sniffing

Perhaps see also: section 4.1: subsection on content filtering, section 5.5: port security, stateful inspection vs. packet filtering.


Figuring out whether equipment works can often be done by testing it. (See if ping works.) Figuring out how well equipment is working may involve taking some more detailed measurements.

There are some terms abbrevaited “BERT” One meaning for BERT is “Bit error rate test” (abbreviated “BERT”) mentioned in CompTIA's glossary, so know that term. It basically involves running some tests of different known patterns of bits.

The other meaning for BERT is “Bit error rate tester”. These terms are mentioned and discussed by Wikipedia's article for “Bit error rate” (starting at the section titled “Bit error rate test”).

(Possibly related material: hardware testing. Perhaps somewhat related: speed testing. hardware testing: network speed testing, checking net speed)

Also perhaps related: See RFC 2544: “Benchmarking Methodology for Network Interconnect Devices”, 198.18/15 (IETF BCP 153).

[#n10005s21qos]: QoS
Quality of Service: Prioritization. See also: section 4.6 subsection on QoS.
[#n10005s21portmir]: Port mirroring

This would not be possible on a basic switch, but could be for a managed switch. (A brief reference is mentioned by switches.) This basically sends a copy of traffic to a specific mirrored/monitored port on a switch, which allows for Network monitoring/sniffing (and capturing/logging the packets or information about the packets). On a hub, all ports are effectively mirrored ports.

A “mirrored port” and a “monitored port” are two terms that are commonly used for the same thing. Maybe there is a technical difference (a mirrored port could be sending traffic for possible redundancy, even if it isn't monitored, and the term “monitored port” would imply that some actual monitoring is going on), but very commonly these individual terms are used for a port that is being intentionally mirrored because the port is actively being monitored. The monitoring may be done by software (running on hardware), and isn't meant to suggest that a human is necessarily actively monitoring the traffic. This monitoring may be happening just for the purpose of analyzing traffic, or so that the traffic may be effectively captured (presumably to be analyzed later).

This is also covered by section 1.4: port mirroring.

[#n10005s22wireless]: CompTIA Network+ N10-005 Objectives Section 2.2: Given a scenario, install and configure a wireless network.

See also: “CompTIA Network+ N10-005 Objectives Section 3.3: Compare and contrast different wireless standards.”

WAP placement

Centralized locations are good. For the antennas, make sure the polarities match. This basically means to make antennas using the same frequency should all be vertical or all be for horizontal. Vertical is more commonly used by end users.

Antenna types

A high gain antenna may cause a signal to reach further, but less broad. Still transmitting the same amount of power, the end result is that the coverage area looks less circular and more oval-shaped.

Consider changing channels or frequencies.
[#n10005s22freq]: Frequencies

802.11b and its successor, 802.11g, use 2.4GHz. 802.11a uses 5GHz. 802.11n may use both 2.4GHz and/or 5GHz.

This may also be covered by N10-005 section 3.3: Frequency.

[#n10005s22channels]: Channels

Channels refer to a segment of frequency. The channels are generally considered to be not overlapping when they sufficiently far apart. If there are 14 channels, then non-overlapping channels may include 1, 5, 9, and 13. However, due to government restrictions, channel numbers above 11 are typically not used in the North America, so the commonly used channel numbers are 1, 6, and 11.

This is also covered by N10-005 section 3.3: subsection on channels.

Wireless standards
Standardization is good. (See the standards listed in the section called “Compatability”.)
[#n10005s22ssid]: SSID (enable/disable)

Of course the SSID is enabled (except, maybe, when using ad hoc/peer to peer?). What this must be referring to is the concept of enabling or disabling the broadcast of the SSID.

See also: N10-005 section 2.4 (Wireless problems): subsection on “Configurations”.

[#wifiabgn]: Compatability (802.11 a/b/g/n)

Upcoming standards include 802.11ac and 802.11ad

802.11b is old. 802.11g upped the speed from 11mbps to 54mbps. Both use the 2.4MHz frequency. This frequency has been heavily used by many devices, including standard Wi-Fi and other wireless technologies. (Cordless phones are a commonly cited example of a wireless device that may use the frequency, even though it might not be using standard Wi-Fi. Another commonly cited example is a “baby monitor”, which is essentially a walkie talkie (and perhaps something more elaborate, like a camera, and perhaps some sort of sensors).

802.11n increased the speed and range, including adding support for MIMO (on devices that do have multiple antennas.)

802.11g is backwards compataible with 802.11b. 802.11n is backwards compataible with 802.11g (and 802.11b). However, this backwards compatability is optional; it can be shut off. Whenever a device does use one of the older standards, it forces newer devices to communicate in a compatability mode, which requires slow communicating whenever the wireless devices make some standard communications (like stating an intent to use the airwaves for a length of time).

802.11a uses the 5MHz frequency.

[#n10005s23dhcp]: CompTIA Network+ N10-005 Objectives Section 2.3: Explain the purpose and properties of DHCP.

(See also: section 1.5: subsection about DHCP.)

Static vs. dynamic IP addressing

Assinging static IP addresses has nothing to do with DHCP. (See: also, the next topic: Reservations, which provides similar functionality.) This must just be referring to the general concept of comparing static IP addresses to dynamically assigned addresses.

Static addressing is covered: see manual network addressing. That topic, and Automatic Addressing, as well as address scheme planning, are all covered by the Network addressing section.

Dynamic addresses are addresses that may change. These do tend to get assigned automatically (e.g. with DHCP) rather than manually.


This isn't discussed much on a conceptual level, although DHCPv4 section may show how to do this with a DHCPv4 server. Specifically, details are provided for ISC DHCP, which is a common server for Unix.

Similar in concept is an exclusion. An exclusion makes sure that a specific address does not get handed out to any device. A reservation, on the other hand, will hand out the address if the request comes from a pre-recognized device. (With DHCPv4, the most common way to recognize a device is by the MAC address used in the Layer 2 Ethernet frame.) Microsoft certification exams are known to ask people questions to verify that people realize that an address cannot simultaneously be used for both a reservation and also an exclusion. So, no the difference between a reservation and an exclusion.


A scope refers to a range of addresses. Addresses can be handed out from this range. Reservations and exclusions might reduce the usability.

To think about this simply, a scope may be a range of addresses to hand out. However, a scope might also be a different range of addresses. For instance, at least in theory, a scope could be made for a range of addresses that entirely has exclusions. However, if a client from that address range contacts the DHCP server, the DHCP server may be able to hand out information other than the IP address to use (such as which IP address has an available “gateway”/“router” and/or which IP address has an available DNS server. The information provided by the DHCP server can be customized based on which scope the request came from.

Microsoft Windows Server operating systems may come with a DHCP server which supports a concept of a “superscope” A “superscope” may contain references to mulitple scopes, and some options can apply to an entire “superscope” (The “superscope” doesn't really contain the “scopes”. The reason this is stated is that deleting the “superscope” doesn't actually delete the “scopes”. Instead, the “superscope” just contains references to the “scopes”. When the “superscope” and its references get removed, the scopes may still remain behind.) This might not be covered by CompTIA but may be covered by Microsoft exams.


A lease refers to a bunch of information, including an expiration time. Clients are required to stop using information when a lease expires. The solution is for clients to renew, meaning to get a new lease, before the old one expires. This allows servers to be able to re-use IP addresses without worrying that they are taking an address away from a system that may be legitimately using the address. If a client doesn't renew, a server may feel extremely free to re-use that address.

Options (DNS servers, suffixes)

Specifying which IP addresses may be contacted to provide DNS services may be done. See: DHCP Options for overview information. The technical specs are probably shown in RFC 2132 section 3.8; otherwise section 3.7? For the suffix, this is probably by section 3.17 (or else 3.14?)

In ISC DHCP, this can be done using the option domain-name-servers, and this is shown by the broad section about DHCPv4 .

An additional note about DHCP: Multiple books related to Microsoft certifications seem to have referenced DORA.

[#n10005s24]: CompTIA Network+ N10-005 Objectives Section 2.4: Given a scenario, troubleshoot common wireless problems.

Change channels. If all of the channels are in use, see what frequencies are available. If 2.4 GHz is being saturated, but the WiFi standard being used supports 5GHz, try flipping to use the other frequency. Replacing equipment with other equipment that supports different frequencies may be an option. If the problem is measurable, perhaps try to find the source of the frequency and stop it. (Random idea: would surrounding an object by a Faraday cage help?)

Signal strength

This can be configured.

If laptops can see a device, but cannot connect to it reliably, consider lowering the range. This will cause the laptops to not see the device. Then, end users will likely figure they are out of range, and get closer. If they can see the device, but not use it, they are likely to think that something is broken. If lowering the range diminishes coverage too much, then coverage may be solvable by adding some additional infrastructure equipment. (In other words: buy more WAPs.)

[#n10005s24config]: Configurations

Many WAPs can be managed by using a device on the internal network and then accessing it using HTTP (or perhaps HTTPS) on either the default port (80 for HTTP, or 443 for HTTPS) or perhaps an alternate port number 8080. Such configuration might often only be possible when connecting from a device plugged into a physical LAN port.

Disable WPS (unless the device is known to not be affected by the widespread WPS problem that can be exploited by Reaver. See the section on WPA for details).

Use WPA2 if possible. TKIP is not preferred (from a security perspective). WEP is terrible from a security perspective, and is definitely unacceptable for organizations where untrusted people (potential attackers) may be within radio range.

A WAP may come with a default password enabled. This should be changed. A custom SSID should be set up, as attackers are often prone to attack a WAP that uses a well-recognized SSID that is known to be the default SSID used by an equipment manufacturer. WiGLE stats on SSID shows popular SSIDs. Wikipedia's article on “Wi-Fi Protected Access”, “Weak password” section notes, “To further protect against intrusion, the network's SSID should not match any entry in the top 1000 SSIDs as downloadable rainbow tables have been pre-generated for them and a multitude of common passwords.” (Citations removed from quoted text.)


Of course, make sure that the correct connection settings are used.

The Wi-Fi Alliance is supposed to take care of this. (Namely, the Wi-Fi Alliance only rates equipment that appears to be doing a sufficient job of following standards. Manufacturers should be making equipment that is compatible enough to appease the standards required for the Wi-Fi alliance to certify that model of device.)

Some features, such as roaming, may be a bit vendor-specific. (That situation used to be even more vendor-specific, but has gotten a bit better over time. If older equipment is used, such problems may be even more likely.) Using newer equipment that is more compatible may help. As unfortunate as it is that giving this advice may be helpful, the reality is that using equipment that is all created by the same vendor may help with that specific situation.

Incorrect channel
If the channel is not automatically detected, then make sure that the correct channel is used. Otherwise, communications may fail.

Getting closer to an antenna may help boost signal strength to enable communications that require stronger singal strength. Backwards compatability with older communications standards (802.11b rather than 802.11g, or 802.11g rather than 802.11n) can cause noticeable overhead, even for devices that support the later standards. (If an 802.11n device detects an 802.11b device, then 802.11-b compatability is used for communications regarding whether the airwaves are in use. Even though the data may transmit at 802.11n if the receiving device is also 802.11n, the overhead from these CSMA/CA communications will cause substantial overhead.) Breaking compatability (by disabling the compatability options) may cause this to not happen.

[#n10005s24enctyp]: Encryption type

e.g.: WEP, WPA, WPA2. See section 5.1: encryption protocols.


This may be referring to reflected signals?

Signal reflections cause difficulties for equipment that is not optimized to handle such reflections, which includes equipment using 802.11g and older standards. With 802.11n, the newer standard supports MIMO which actually benefits from the redundancy of reflections.

Or, perhaps the term refers to disabling/re-enabling (e.g. power cycling) equipment?

[#n10005s24ssid]: SSID mismatch
err... make the SSIDs match. There, that's easy.
Incorrect switch placement
Unknown exactly what this means. However, some laptops have been known to turn off Wi-Fi using some sort of an externally-touchable physical switch. Placing the switch in the “off” position can be an easy way to increase battery life. It can also have an impact on how well the internal wireles circuitry functions.
CompTIA Network+ N10-005 Objectives Section 2.5: Given a scenario, troubleshoot common router and switch problems.
[#n10005s25switchlp]: Switching loop

See: Glossary entry for “switching loop”. If there is a switching loop, prepare for the broadcast storm!

This may involve manually tracing wires. Spanning Tree Protocol may help prevent problems, although that may require some configuration/setup.

[#n10005s25badcable]: Bad cables/improper cable types

This can cause communications to break.

This can cause a “flapping NIC”, which basically means that the network interface goes “down” (and then automatically comes back “up”) regularly, perhaps extremely frequently (multiple times per minute or even second). This may cause some interesting logs. Sometimes some drivers seem to stop working, and then start working; it is believed that hardware problems (possibly from cabling) may be a possible cause of that.

For copper cabling: Using a crossover cable, when a patch cable is needed, can cause problems. Higher speed equipment can benefit from using higher “category” of cable. Using such higher quality cable is generally recommended (as budgets permit), and may often be viewed as required for reliability, or may even be absolutely required to enable the desired speed of communication.

A similar topic would be section 3.6: subsection on “cable problems” (and its subsections).

Port configuration

“on” is a great value to use. This value might not be default for some equipment (such as “routers”, or perhaps the more preferred term is “layer 3 switch”, by Cisco... This may be resolvable by using IOS commands.

Examples of other configuration options for a port may be enabling Spanning-Tree Protocol, MAC-48 address filtering (permitting only a device using an authorized MAC-48 address), or options related to VLANs.

VLAN assignment

VLANs basically prevent communications between ports. This can be used to help segregate networks: one port may be unable to communicate to another port unless the traffic is “tagged” with an appropriate VLAN marker.

[#n10005s25mtu]: Mismatched MTU/MUT black hole

McGraw-Hill Professional: Mike Meyers' CompTIA Network+ Guide to Managing and Troubleshooting Networks, 3rd Edition (Exam N10-005) Chapter 19: Building a SOHO Network (PDF file) has noted, “The CompTIA Network+ objectives use the term MUT/MTU black holes. There's no such thing as "MUT" so, hopefully, CompTIA will have fixed this by the time you're reading this book.” Well, um... nope. Not fixed yet.

When a router does not accept a packet size that is too large, the router should typically respond with an appropriate ICMP packet. Then, TCP/IP network stacks should be configured to adjust communications based on that received ICMP packet. The problem is that sometimes this technique doesn't work. MS KB 314825 gives two possible reasons: “if the router does not send an appropriate Internet Control Message Protocol (ICMP) response to this condition or if a firewall on the path drops such a response.”

MS KB 314825 then goes on to say, “You can locate a black hole router by using the Ping utility”. Simply using a standard ICMP packet using Ping's default settings will likely only work if all of ICMP is failing. If a firewall allows ICMP Echo Response messages, but does not allow ICMP messages regarding MTU size, a problem may still occur. However, MS KB 314825 does provide some parameters to help with this situation. The article also provides some details about possible techniques to resolve or workaround the issue.

[#n10005s25elecfail]: Power failure

The Net+ Glossary (Glossary of items from CompTIA Network+ Objectives documentation) mentions UPS, so knowing what a UPS is may be useful.

Could power failure possibly have an impact? Silly question.

More serious question: What can be done about it? One step is to make sure that the devices are plugged into a battery-powered outlet on a UPS. Specifically, if the UPS is one of the cheaper variety that provides some outlets which are not attached to the battery (but which are outlets that do provide surge protetion), then make sure that the most critical equipment is attached to the outlets which get provided with electricity from the battery. (Look on the UPS near the outlets. If some outlets are identified as being “Surge” while others are identified with the word “Battery”, use the outlets that are near the marking that says “Battery”.)

Longer term outages may involve using alternate supplies of electricity, such as an electricity generator that burns up fuel.

For additional information that may be a bit related, see: electrical power. (However, much of that material may be well beyond what is likely to be covered by the CompTIA Network+.)

Bad/missing routes

Using traceroute (or traceroute6 or tracert) may be helpful to narrow down some likely causes.

Network monitoring/sniffing may be helpful to figure out how far the traffic does reach. In the case of translated traffic, network sniffing could potentially help to ultimately reveal where the traffic is really getting sent to.

Bad modules (SFPs, GBICs)
Small form-factor pluggable transceiver, Gigabit Interface Converter
Wrong subnet mask

This can cause communications to partially work. (Don't think that a wrong subnet mask will always break all communications. Thinking that can lead to incorrect conclusions, such as thinking that the subnet mask must be right if some communications work.)

A primer in basic routing may help to explain the purpose of a subnet mask. This is probably covered in some content on ][Cyber Pillar][. (Finding that content may be another story... Perhaps in the section about Routing features, or in details about the process of setting up virtual machines?))

Perhaps see also: subnet.

Wrong gateway

Devices that need to use the gateway will be unreachable. Devices that don't need to use that gateway may be unimpacted. Often, this means that the local network will still be reachable. (The term “local network” is calculated using the IP address and the network size prefix (a.k.a. the “subnet mask”/“netmask”).

Duplicate IP address

Disrupts communication with equipment with the IP address. Computers using IPv6 SLAAC should perform DAD (“duplicate address detection”) and auto-compensate.

The event logs may report this. (This does happen with at least newer versions of Microsoft Windows.) If this is suspected, then have some machines that are struggling to communicate report their ARP tables, and see if the MAC address matches what is expected.

One possible cause: a rogue DHCP server. (This could, in theory, be referring to an authorized DHCP server that is just not successfully coordinating with other authorized DHCP servers.) Have the affected devices report what DHCP server granted their lease.

Wrong DNS

Uh... this breaks communication. This term seems so vague, it is not clear exactly what is being asked for here.

Being that the other subsections refer to issues with IP addresses and a subnet mask, this probably refers to a computer not having correct information (and only correct information) about a valid DNS server to use. This would generally be expected to break name resolution. However, because computers may use other methods of name resolution (such as DNS resolver cache, hosts files, or perhaps WINS), a broken setting might not immediately cause all name resolution to fail. (This can add a challenge when trying to troubleshoot.)

[#n10005s26soho]: CompTIA Network+ N10-005 Objectives Section 2.6: Given a set of requirements, plan and implement a basic SOHO network.
List of requirements

This will vary by business. Communicating with the business management/owners will help clarify what the business seeks to have done. Anticipate some universal basics: Backups of critical business data, and genrally also a switch (unless there are so few machines that other infrastructure devices, like a firewall and/or WAP can provide enough ports), Internet access, and with that, a firewall, anti-virus software, data redundancy (RAID), and a battery backup unit (UPS). Some remote access functionality will probably also be a good idea.

Cable length

Commomly SOHO is using Ethernet or Wi-Fi. However, “Cable length” would only be applying to Ethernet. (Wi-Fi is not going to focus on using cables, although the Wi-Fi devices may themselves be attached to some wired network, likely using Ethernet.) For Ethernet, this topic is discussed elsewhere: see “CompTIA Network+ N10-005 Objectives Section 3.1: Categorize standard media types and associated properties.”

Device types/requirements

Every business (that connects to the Internet) should have a firewall.

Anticipate the need for a switch. If the business really only has a few computers, perhaps the use of a switch is optional as other equipment may be able to perform such functionality. However, there may be some drawbacks to trying to do that. Using another device to act like a switch may require some additional setup effort. This approach may not provide much (or any) expandability. Also, sometimes a device focused on communicating with the Internet may not support as fast of network speeds, which might not be a big deal as long as those network speeds are sufficient for communicating to the Internet as fast as the Internet connection will allow. Getting a switch that supports faster speed ports may permit faster internal communications. Also, relying only on a device like a firewall causes the firewall to be a single point of failure for not only Internet communications, but also intranet communications.

Environment limitations

Especially if trying to muck around with supporting Wi-Fi?

Equipment limitations

Determine compatability requirements. Details will vary based off of what equipment is being proposed.

Compatibility requirements

To figure this out, some possible solutions need to be considered. So, this should be happening after the requirements have been determined and considered.

CompTIA Network+ N10-005 Objectives Section 3.0: Network Media and Topologies
[#n10005s31media]: CompTIA Network+ N10-005 Objectives Section 3.1: Categorize standard media types and associated properties.
[#n10005s31fiber]: Fiber:
[#n10005s31mmf]: Multimode

The difference between “Singlemode” (a.k.a. “single-mode” or “single mode”) and Multimode (a.k.a. “multi-mode” or “multi mode”) is that multimode fiber is thicker. This extra thickness protects the light stream, allowing for lower quality lights to be utilizied. So, multimode is capable of using LEDs, while single-mode requires the use of more expensive laser technology. (Some of the comparision made so far is based on information from Wikipedia's article on “Multi-mode optical fiber”: section called “Comparison with single-mode fiber”. Details are also given at Wikipedia's article for “10 Gigabit Ethernet”: section called “Optical fiber”.)

Wikibook on CompTIA Network+ Certification: Cabling section: subsection about Multimode fiber (“MMF”)

[#n10005s31smf] Singlemode

(See the description under Multimode.)

This has been more rare, and expensive (probably why more rare) than multimode. Wikibook on CompTIA Network+ Certification: Cabling section: sub-section about Single-mode fiber (“SMF”)

Fiber is not susceptible to EMI (Electromagnetic Interference).

Fiber does tend to be pricier than twisted cable.

Fiber may also be considered fairly fragile, at least compared to twisted pair.

Perhaps see also: the “Media converters” sub-section, which is a later sub-section under this same “CompTIA Network+ N10-005 Objectives Section 3.1: Categorize standard media types and associated properties.”.

See also: CompTIA Network+ N10-005 Objectives Section 3.2: Categorize standard connector types based on network media : section 3.2: subsection about Fiber connectors. The topic is also covered by section 3.4: subsection about Fiber(-optic).

[#n10005s31copper]: Copper:
[#n10005s31utp]: UTP
See: communications hardware (section about UTP)
[#n10005s31shieldtp]: STP
See: communications hardware (section about shielded twisted pair) page. This mentions some of the other meanings that “STP” may refer to.
See: communications hardware (section on “category” of copper cabling)
[#n10005s31cat5]: CAT5
See: communications hardware (section on “category” of copper cabling) page, Wikibook on CompTIA Network+ Certification: Cabling section: subsection about Category 5.
[#n10005s31cat5e]: CAT5e
See: communications hardware (section on “category” of copper cabling) page, Wikibook on CompTIA Network+ Certification: Cabling section: subsection about Category 5e.
See: cat6 cabling, Wikibook on CompTIA Network+ Certification: Cabling section: subsection about Category 6 (and 6a)
See: cat6 cabling, Wikibook on CompTIA Network+ Certification: Cabling section: subsection about Category 6 (and 6a)

A shield, made of metal, surrounds a wire in the center. So there are two pieces of metal that exist throughout the length of the wire. Both may be round in shape (the wire is round, and the shield is circular surrounding the wire). Both of these pieces of metal may have the same center “center” (which is the center of the wire), and that is where the term comes from.

For those who are familiar with “coax” cable from old television sets, that is what this refers to.


For 100mbps and slower, this involves T568A on one end, and T568B on the other. Wikipedia's article on “Category 6 cable” states, “T568B is a deprecated standard in the US and no longer supported by TIA.”

See: crossover cable.

Gigabit communications may require more wires to actually be used during communication, and so there is a such thing as a “gigabit crossover” cable that crosses more of the wires. However, this likely doesn't matter much, as Gigabit equipment tends to support auto-MDIX.

Wikipedia's page for “Crossover cable” shows a couple of pictures of ends. Nicely, it shows how looking at cable ends that are facing different directions will have wires reversed (just like in real life, the brown and blue wires look backwards in the chart, but they aren't).

T1 Crossover

See: Wikipedia's article for “Crossover cable”, section called “Other technologies”. This is exactly the same general concept as what is found in a standard Ethernet crossover cable, but different wires are swapped because of which wires a standard T1 connection uses.


This is also often known as a “patch cable”. Short straight-through cables are often used at a “patch panel”. See text about network “patch” equipment, most especially patch cable.

An official standard may be to use T568A ends on both sides. This is discussed by the section about the topic of “patch cable”.

Side note: Another type of writing is: rollover cable. This may be used for configuring some Cisco hardware. Mentioned by MC MCSE free CompTIA Network+ N10-004 study guide (in the section called “Domain 2.2: Common Connector Types”, Wikibook on CompTIA Network+ Certification: Cabling section: Rollover cable)

Plenum vs. non-plenum
plenum cabling
[#n10005s31mediaconv]: Media converters:

The publicly available CompTIA Network+ N10-005 objectives lists these types of converters:

Singlemode fiber to Ethernet
Multimode fiber to Ethernet
Fiber to Coaxial
Singlemode to multimode fiber

This guide does not have a lot of specific knowledge that applies to just one of these terms, but not the other. One good thing to know is that these types of converters do exist. Being familiar with what they look like may be a good thing. (Some references may become available for a future version of this guide.)

These types of technologies are just not commonly utilized in the many, many businesses that have been quite happily using standard copper-based Ethernet connections utilizing cabling such as CAT5e or CAT6.

When CompTIA releases the publicly-available list of topics to be familiar with, CompTIA does not really disclose exactly what people are expected to be knowing about the topic. That is fine for some topics, where competant and trained industry professionals generally have a good grasp of what technicians should generally know. This is one of the relatively unfortunate topics where multiple successful and skilled industry professionals did not instantly conclude just what details about the topic are tidbits that test-takers should know.

So, the author of this text had found little use of these types of connections in the industry. As a result, the author of this text contacted a leading technician of the local premier datacenter where he had lived, and asked if this professional had any input. That professional recommended knowing the knowledge mentioned in the last paragraph (knowing that these eist, and that they may be a good thing).

This lead technician also described his experiences and attitudes, which are probably opinions that some other technology professionals will disagree with. In his opinion, these sort of converters are typically best avoided. Not only are they potentially pricey, but they can fail and so they can effectively add an additional layer of required troubleshooting and initial setup. Often, the superior solution is to just use whatever is built into equipment (and to purchase different equipment if a different implementation is desired).

Also, getting an inappropriately-powered adapter can be an issue. The term “fiber” is generally just an abbreviation of the longer name, “fiber-optic”. These “fiber-optic” technologies involve sending laser light through the cable. Sometimes very large distances (many kilometers/miles long) can be covered by using a transmitter that emits a rather powerful beam of light. The expectation is that the light signal will end up weakening a bit as it travels over the long distance through these fiber-optic cables. If the same type of fiber-optic transmitter is used over a much shorter connection, using a cable that is a small number of meters/yards or even shorter, then the receiver will be receiving too strong of a light signal. This may actually function in the short term, but the overwhelming strength of the powerful light signal will wear out the receiver fairly quickly, which will lead to failed hardware. A converter that costs over a dozen times the price may be meant for specific situations, and might not be the better fit.

The solution to this is to be careful about selecting what converters to use.

Perhaps see also: “CompTIA Network+ N10-005 Objectives Section 2.5: Given a scenario, troubleshoot common router and switch problems.” (sub-section about “Bad modules (SFPs, GBICs)”)?

Perhaps see also: the “Fiber” sub-section, which is the first sub-section under “CompTIA Network+ N10-005 Objectives Section 3.1: Categorize standard media types and associated properties.”.

[#n10005s31dist]: Distance limitations and speed limitations

These do vary. Fast Ethernet may have a limit of about 100 meters, while fiber may be able to reach a length that is kilometers long. Wikipedia's article on “10-gigabit Ethernet” states that 10Gb Ethernet supporst a WAN PHY (Wide Area Network, physical) specification that “can support maximum link distances up to 80 km depending on the fiber standard employed.”

Wikibook for Network+ Certification: Objective 2.1: Cables lists several distances. Some of the distances shown may be 100 meters. However, it may be a bit more complicated than that. See: copper twisted 4pair length limits.

See also: notes regarding length in the section about 10GBaseT: cat6 cabling.

This topic may also be covered by section 3.4: Distance. For troubleshooting, see section 3.6: subsection related to distance.

A more powerful signal may allow communication to function over a larger distance. In some cases, using an overly powerful signal may quickly wear out a receiver. This is discussed in a bit more length in the section about Media converters (in the discussion about wearing out a receiver).

[#n10005s34brdbndpwr]: Broadband over powerline

See: bits over power lines.

CompTIA Network+ N10-005 Objectives Section 3.2: Categorize standard connector types based on network media.
[#n10005s32fiberconn]: Fiber:
[#n10005s32stsclc]: Notes common to ST, SC, and LC

Some official names for the connections are given by Wikiepdia's article for “Optical fiber connector”: section called “Types”. Additionally, some information about each of these types is mentioned in a section called Wikipedia's article on “Optical fiber connection: section called “Mnemonics”. (The word “mnemonic” refers to using an easier-to-remember knowledge to try to memorize some harder material.)

Photos of some standard connectors are available at Wikipedia's article on “Optical fiber connector”: “Images” section. Photos of some standard connectors (ST, SC, and LC) are shown at MC MCSE free CompTIA Network+ N10-004 study guide (in the section called “Domain 2.2: Common Connector Types”). For each of the three types that were covered in that N10-004 study guide, that guide notes the adapter type is “half duplex”.


Not much to say here (in this section just about SC connectors). See: Notes common to ST, SC, and LC

[#nt10005s32lc]: LC

Not much to say here (in this section just about SC connectors). See: Notes common to ST, SC, and LC

[#n10005s32mtrj]: MTRJ

Mechanical Transfer-Registered Jack

Wikipedia's article on “Optical fiber connection: section called “Mnemonics” notes, “MT-RJ connectors look like a miniature 8P8C connector&emdash;commonly (but erroneously) referred to as RJ-45.” (Citations are available.)

Fiber connectors may be pricey (compared to the connectors at the end of copper twisted pair cabling, which are quite cheap). Some preliminary research suggests that the connectors are not just fancy pieces of plastic that hole wires in (like an 8P8C connector used with Ethernet), but may actually perform some functionality (and have an attached chip). This might be more true with some (newer?) connector types. For example, ([#n10005s32sfp]) Wikipedia's article for “Small form-factor pluggable transceiver” (“SFP” transceiver) - section called “Mechanical dimensions” shows a photo of a 6cm SFP module, which appears to contain a board connector.

Certainly, see the material related to Fiber, as that is certainly a related topic. Some details are in: CompTIA Network+ N10-005 Objectives Section 3.1: Categorize standard media types and associated properties. section 3.1: subsection about fiber. Perhaps see also: the “Media converters” sub-section, which is a later sub-section under “CompTIA Network+ N10-005 Objectives Section 3.1: Categorize standard media types and associated properties.”.


This looks like an RJ-11 jack, but is bigger: about twice as wide. Standard Ethernet cables use this.

Some sources note that the term is used “incorrectly” when it is most commonly used to refer to the connectors used so often with the Cat5e cables that get plugged into Ethernet cards. This claim is made because the official RJ45 standard actually refers to a specific standard for connecting equipment, and that standard is not what is being used by computer equipment. This is discussed by Glossary entry for RJ-45.

Standard phone jack. (See: Glossary entry for RJ11.)
[#n10005s32bnc]: BNC

There may be multiple expansions of the “BNC” acronym. What is meant by that is that there is no universal agreement for a single meaning of the term “BNC”. CompTIA's N10-005 Certification Exam Objectives has a glossary that refers to this as “British Naval Connector / Bayonet Niell-Concelman”. (That's “Naval”, so it is referring to the British Navy, not a “navel”.)

Photos of some standard connectors (ST, SC, and LC) are shown at MC MCSE free CompTIA Network+ N10-004 study guide (in the section called “Domain 2.2: Common Connector Types”). Using a BNC connector involves lining up the connector (symetrical, rotated the cable 180 degrees from a correct orientation that works would end up resulting in another correct orientation that would work), and then twisting the connector clock-wise so that it wouldn't just fall off. Removing the connector involves first twisting it counter-clockwise, and then pulling on it.


This is a bit of an unknown, really. The author of this text has never heard of this, other than being on this list of items to know. Research specifically designed to learn more about this obscure term did not really turn up any further details. This author has been Comptia Network+ certified for years and who has worked for a company that provides IT support and as a lead instructor of the IT program at a college. He contacted another part time instructor at the college, who also had a full time job as a leading technician of the premier datacenter in the local area. This datacenter guy had also never heard of this.

Perhaps it might be related to: Wikipedia's article on “Category 7 cable”: section called “Class F cable” or Wikipedia's article on “ISO/IEC 11801” : “Class F Cable” section?

Regardless, the consensus by many industry professionals is that this term does not seem to represent any seriously important technology. The recommendation for people wanting the Network+ is to focus efforts on becoming familiar with more important topics, and hope that this obscure topic does not end up representing a large part of the certification exam. To those who find a question on the certification exam about an F-connector and then fail the exam, seemingly by one question, realize that there is a chance that question was actually answered successfully. Regardless, if a failure to describe this more thoroughly ends up hurting anybody, we can offer no superior solution. Sorry.

DB-9 (RS-232)
More commonly known as DB-9, but more technically it fits the description of DE-9. See: DE9. For other, similar connectors, see DB shell used with D-sub ports. These are, in general, rather obsolete. Newer computers do not have the ports to plug compatible devices into. There are USB adapters (where the adapter plugs into a USB port, and provides a DB-9 port), with varying accounts regarding how well they work.
Patch panel
Network “patch” equipment
[#n10005s32block110]: 110 block (T568A, T568B)
Data cables are often attached to a connector called a “110 block”. See photo at: Wikipedia's article on “110 block”. (This may be used by equipment that connects to many Ethernet ports, such as a patch panel.)
[#n10005s33wifi]: CompTIA Network+ N10-005 Objectives Section 3.3: Compare and contrast different wireless standards.

See also: “CompTIA Network+ N10-005 Objectives Section 2.2: Given a scenario, install and configure a wireless network.”

802.11 a/b/g/n standards

When newer standards, such as 802.11ac and 802.11ad, get released, they should also be covered.

See also the section called “Compatability (802.11 a/b/g/n)

[#n10005s33dist]: Distance

(It appears this is referring to WiFi distance.)

Wikipedia's article on 802.11n: section called “Comparison” provides some details comparing protocols. 802.11a and 802.11b and 802.11g were pretty comparable. 802.11n supported twice as much range as 802.11b.

Distance might also be covered by N10-005 section 3.4: subsection on distance.


802.11b can get up to 11mbps. 802.11g can get up to 54mbps. 802.11a has the same maximum speed, but is different, most notably using the frequency ranges close to 5MHz instead of the frequency ranges close to 2.4MHz. 802.11n can get higher. Note that these speeds are maximum speeds for the raw communication between devices. Distance between objects may reduce this maximum speed. Sharing the medium with other devices may reduce this maximum speed. Even if only two devices are communicating (directly to each other, with no third device in the area), the Wi-Fi protocol specifies how communications work, and this standard does involve a certain amount of overhead. This overhead can communicate at the specified speed (such as 54mbps). This does not mean that the actual amount of data transmitted over 802.11g can successfully communicate a full 54 megabits of “payload” (user data) within an actual second.


Generally higher than wired communications.

[#n10005s33freq]: Frequency

802.11a uses frequencies around 5MHz. 802.11b and 802.11g use the same frequencies as each other, which are frequencies around 2.4MHz.

This may also be used by: N10-005 section 2.2: frequencies.

[#n10005s33channels]: Channels
See: N10-005 section 2.2: subsection about Channels.

Multiple Input, Multiple Output. Refers to having multiple antennas. Really did not tend to be very widespread until the 802.11n standard, because the “reflections” caused problems with earlier technology. With 802.11n, the reflections were able to be effectively utilized, making them beneficial rather than harmful.

Channel bonding

This sounds a whole lot like “link aggregation”, which is the process of “bonding” (“connecting”) multiple network connections to the same location. This process achieves goals such as higher speeds (because the speeds can likely be combined), and perhaps also redundancy (in case one of the network connections fails). (See: Wikipedia's article on “Link aggregation”). Furthermore, the term sounds like it may be used with Wi-Fi channels.

In fact, Wikipdia's article for “Channel bonding” does describe it this way, including mentioning that it may be done with Wi-Fi (e.g. this is how “Super G” achieved double speed), but the term can also be used for wired technologies (dial-up modems, Broadband including DSL, and Ethernet).

[#n10005s34wan]: CompTIA Network+ N10-005 Objectives Section 3.4: Categorize WAN technology types and properties.

Note: A lot of the technical information in this section came straight from Wikipedia. (The information was needed fairly quickly. Fully sourcing the details, and/or obtaining some independent verification, would have taken additional time, which was in short supply.) For those who aren't inclined to trust Wikipedia, additional verification of these details may be needed.

[#n10005s34t1e1]: T1/E1

Provided by phone companies.

T1 refers to a physical line. Wikipedia's note for “Digital Signal 1” states that the term DS1 refers to “the logical bit pattern used over a physical T1 line; however, the terms "DS1" and "T1" are often used interchangeably.”

While “North America, Japan, and South Korea” (according to Wikipedia's note for “Digital Signal 1”) may commonly use the T-carrier family, such as T1, other nations use an improvement: Wikipedia's article on E-carrier states, “The European Conference of Postal and Telecommunications Administrations (CEPT) originally standardized the E-carrier system, which revised and improved the earlier American T-carrier technology, and this has now been adopted by” ITU-T. So, other nations use E1, which is considered a slight improvement. (Wikipedia's note on T-carrier: section called “Historical note on the 193-bit T1 frame” discusses E1 having eight framing bits (instead of 1).)

The more well known bandwidth quoted for this is 1.544mbps. Although that is the speed of the physical connection, what customers actually get as usable bandwidth is the lower DS1 speed. The T1 speed includes 8kbps of overhead from a framing bit. A DS1 essentially provides bandwidth from 24 DS0 level channels which each provide 8 bits of data at a time, and do that 8000 times per second. (A “DS0 level channel” may also just be called a “DS0”.) Those 8 simultaneous bits, at 8,000 times per second, equates to 64,000 bits per second (64kbps). (64kbps per DS0 times 24 = 1,536,000 bps = 1,536 kbps = 1,500 Kbps = 187KBps). The speed of a T1 line may often be cited as being 1.544 mbps. That often-documented speed, which many technicians have memorized, comes from the 1.536 kbps of data that may be moved, plus the 8kbps DS0 connection that is used for the framing bit.

Mike Meyer's A+ book (Ch. 16) has also identified J1: “J-1 is identical to T1 in every way with the exception of a few signaling differences.” Wikipedia's article on “T carrier”: section called “T-carrier and E-carrier systems comparison” compares North American, European, and Japanese specifications.

In Europe, an E1 connection may typically contain 32 channels, offering 2,048 kbps (which is more than the 1,536 kbps offered by the 24 data channels of a T1).

A connection that offers the speed of 18 DS0 channels (1.152kbps, which is three fourths of 1.536kbps) is an example of a connection that may be called a “Fractional T1”.

A DS0 is not necessarily a type of physical connection. A DS0 might be implemented by sharing the physical media of another connection. In that case, a DS0 might be better thought of as a segment of time that data could be transmitted on a wire that is capable of transmitting even faster. Because specific equipment only has access to the wire for a specific fraction of time, the maximum throughput is a smaller amount of data compared to if the device had access to the wire 100% of the time. Using this technique may be called “Time Division Multiplexing” (“TDM”/“tmux”).

[#n10005s34t3e3]: T3/E3

(See the section about T1/E1 for comparison of T1, E1, and DS1. T3, E3, and DS3 pretty much have the same relationship.) Provided by phone companies. Data rate consists of 28 DS1 signals (each of which have 24 DS0 signals, totalling bandwidth equal to 672 DS0 signals). This would equate to 5,236KBps, approximately 44.736mbps.

Note: Many technical companies related to fun (namely video games) have been known to participate in an “Electronic Entertainment Expo” which is also called “E3” (with the 3 being superscripted) or “E3”.

[#n10005s34ds3]: DS3

Digital Signal 3. See section about T3/E3 (primarily the reference to go check out T1/E1).

J-3 may have only 480 channels, resulting in 32 kbps (Or perhaps notably fewer: 30,720,000 bps?)

[#n10005s34ocx]: OCx
Optical Carrier. OCx refers to standards like OC-1, a.k.a. OC1, and its successors like OC-3. The speed is 51.84Mbps per second times whatever value is used for x. (OC-1 is 51.84Mbps, while OC-3 is three times faster.) An OC-1's speed of 51.84mbps is notably faster than a 1.544mbps speed offered by a T1/DS1.
[#n10005s34sonet]: SONET

Synchronous Optical Network: fiber-optic networks. Uses lasers or LEDs. Wikipedia's page for Synchronous Optical Networking states, “SONET and SDH, which are essentially the same”. Later it states, “Both SDH and SONET are widely used today: SONET in the United States and Canada, and SDH in the rest of the world. Although the SONET standards were developed before SDH, it is considered a variation of SDH because of SDH's greater worldwide market penetration.” (An advantage of the term SONET is that it is an easier acronym to pronounce.)

For further details, see info on Synchronous Digital Hierarchy (“SDH”).

[#n10005s34sdh]: SDH

Synchronous Digital Hierarchy. Used outside of America and Canada. In USA and Canada, SONET is used. Wikipedia's article for Synchronous Digital Hierarchy is actually a redirection to the page on SONET.

The Wikipedia page notes a “primary difficulty” ... “prior to SONET/SDH was that the synchronization sources of” ... “various circuits were different. This meant that each circuit was actually operating at a slightly different rate and with different phase. SONET/SDH allowed for the simultaneous transport of many different circuits of differing origin within a single framing protocol. SONET/SDH is not itself a communications protocol” “per se,” “but a transport protocol.”

What this ends up meaning is that SONET/SDH deals with encapsulating data, which effectively prepares that data for easy transport across networks. However, one the data is standardized for easy transmission, SONET/SDH doesn't proceed to deal with the actual transmission process.

The next paragraph from the Wikipedia page starts off by noting, “Due to SONET/SDH's essential protocol neutrality and transport-oriented features, SONET/SDH was the obvious choice for transporting the fixed length Asynchronous Transfer Mode (ATM)” data.

[#n10005s34dwdm]: DWDM
Dense Wavelength-division Multiplexing. Wikipedia's article on “Wavelength-division multiplexing”: section on “Dense WDM” identifies this as “optical signals” designed to utilize “erbium doped fiber amplifiers” which “were originally developed to replace SONET/SDH optical-electrical-optical (OEO) regenerators, which they have made practically obsolete.”
[#n10005s34satelite]: Satellite

High bandwidth, high latency. This communication method can be fairly slow, but a large amount of data can be transmitted at once. So, once the data is done taking its time, and finally does arrive, a large amount of data may arrive all at once. This can be suitable for some applications (transmitting large amounts of data) as long as the data isn't needed right away.

As an example, a video signal carrying television content has been effectively used. Many bits can be sent, one after another. The bits may then take a relatively long time to be transmitted through airspace. However, once the first slow bits arrive, all of the other slow bits may be received soon afterward (just like they were transmitted soon after the earlier bits). Because the broadcaster knows the subsequent data to transmit, the end user's experience can be quite sufficient.

In contrast, a telephone call would not work nearly as well for this type of connection. The amount of data required by an average phone call is fairly small (low bandwidth). However, there are also high expecations for low latency. People talking on a telephone generally expect an interactive experience, and so people will be much more likely to notice the delays in having their input being recognized and responed to.

[#n10005s34isdn]: ISDN

Integrated Services Digital Network. A service provided by phone companies to give wired Internet service. Faster than POTS, but may be notably slower than DSL. However, the price for ISDN might not be much cheaper than DSL. If DSL is supported in an area, then using the older ISDN probably makes fairly little sense. Two advantages to ISDN: One is historical: It was deployed first (meaning that it pre-dated DSL). The other is that it (or IDSL) can sometimes be deployed in areas that may not be fully supported by a full standard DSL type of connection.

This did differ from DSL in that ISDN can channel a voice phone number over the data cable. When this is done, the voice takes up the channel, and that channel cannot be used for bandwidth. So, maximum speed is lessened when the voice line is in use. With DSL, this is not considered to be as much of an issue: the voice is not widely known to take a substantial portion of the bandwidth. (Perhaps that is because the voice and data are separated sufficiently, or maybe it is just due to DSL's notably higher bandwidth.)


Companies that provided television service have evolved to support transmitting other signals, including Internet service.

Historically, such companies may have been far less regulated than phone companies. There have been some severe issues, such as customers being able to connect to the networks of other customers. This has led to accidents where even people with limited knowledge of computer networks have sent data to a printer in another customer's home. However, widespread Internet access was still in its youth, and so the subscriber base was still fairly small, so this probably didn't get a whole lot of media attention. Back in the day, though, even within a local market there could be multiple reports of this happening.

Presumably, subsequent decade(s) have been sufficient time, and awareness sufficiently increased, that this sort of security issue has been rectified. (Well, we would hope so anyway!)

See: Glossary entry for “cable” (which discusses both this type of “cable” service, and also cabling).

[#n10005s34dsl]: DSL

Digital Subscriber Line. A service provided by phone companies to give wired broadband service.

There may be some variations which may be far lower quality than a more full DSL connection. Examples may include IDSL (which stands for “ISDN Digital Subscriber Line”) or XDSL (“Extended Digital Subscriber Line”, which provides DSL over a more extended range, but does not have the same capabilities as a more “standard” DSL variation). (IDSL may be more similar, in speed/usefulness, to ISDN.) The price might not be substantially lower than a full DSL connection, though, so be wary about signing up for (and then helping to financially support) inferior technology. (The setup might be more profitable for the company, by requiring less infrastructure investment, but is being called “inferior” based on the user experience.)

Though DSL had been marketed as symmetrical (SDSL refers to symmetric DSL, meaning that upload speeds match download speeds), that is not always as true anymore. A newer variation is ADSL (Asynchronous DSL) which may be less useful for certain applications (such as providing services that are accessible to the Internet). Wikipedia's article on ADSL: “Overview” section describes some reasons for ADSL, which might not entirely be focused on extracting more money from home users. (So, unlike IDSL and XDSL, ADSL may actually provide higher speeds, and may be a more sensible offering.) However, ADSL can have limits that could be quite impactful on some types of service.

As a general note about asymmetric downloads (which might not be a real big deal with most ADSL connections), even downloads may often be designed to require that the downloader sends TCP acknowledgements, so upload latency can be impactful.)


Some of the earlier mobile phone technology used a sort of analog technology and used “cells”. So, it was “cellular” phone service. Later, technology migrated people to using digital service. However, the term “cell phone” endured. Most likely, the inclusion of “cellular” on the Network+ was meant to refer to cell service.

Experiences vary. Some carriers can be quite expensive for transmitting any more than a minimal amount of data. (Such providers may be primarily making money off of low bandwidth voice calls.) Other carriers may design their pricing to support more reasonable charges for higher amounts of bandwidth, as the network may be designed with the assumption that there will be more customers who will happily use up (and pay for) the higher amounts of bandwidth. (Because the specific details are likely to change, and be localized, this text is not directly making strong statements that identify specific companies. For the USA, though, Jason Hiner's article, at Tech Republic, about claims of 4G support was more bold.)


Wireless communications: Details at communiations hardware page.


Wireless communication. The term may be an acronym for “long-term evolution”. Wikipedia's page on “LTE (telecommunication)” states that, as a sensible upgrade to both GSM and CDMA, LTE is “anticipated to become the first truly global mobile phone standard”. (Localized restrictions on frequency usage will still differ, so, still, “multi-band” phones may be required for International use.)

This was first deployed in 2009, and supported higher speeds than previously deployed systems.


Technology used by some wireless phone companies. The “+” signifies “Evolved High-Speed Packet Access”, supporting all-IP (which means that is has some better support for handling different types of traffic, including voice traffic and data used by computers/devices accessing the Internet).

Wikipedia's article for “Evolved HSPA” notes, “HSPA+ enhances the widely used WCDMA (UMTS) based 3G networks with higher speeds for the end user that are comparable to the newer LTE networks.” (However, Jason Hiner's article, at Tech Republic, about claims of 4G support notes higher latency with HSPA+. (Higher latency is a bad thing.)

[#n10005s34fiber]: Fiber

Likely referring to fiber optic.

See: section 3.1: Fiber, and other related sections that are referenced from that section.

[#n10005s34dialup]: Dialup

Limited (by regulation) to approximately 56kbps. See: Glossray entry for POTS, dial-up POTS modem, download POTS speed increases, Glossary for PSTN.

Likely referring to “Passive optical network”. Wikipedia's article on “Passive optical network” says, “A passive optical network (PON) is a point-to-multipoint,” “fiber-optic access network” which can reach all the way to the premises (land and buildings) of a subcriber.
Frame relay

Wikipedia's article for “Frame relay” notes, “Originally designed for transport across Integrated Services Digital Network (ISDN) infrastructure, it may be used today in the context of many other network interfaces.”

Verizon page on ATM states, “Verizon Enterprise Solutions is a leader in ATM testing, deployment, and operations.” Yet, at the top of the page, “***ANNOUNCEMENT***” has been written in red text, with the brief note, “ATM Service has been retired.” A hyperlink to Verizon Enterprise Washington Interagency Telecommunications System 3 (WITS 3) Technical Upgrade 112912 states, “Verizon intends to grandfather our Frame Relay Services, as well as our ATM services.” (“ATM” refers to Asynchronous Transfer Mode (not automatic/automated teller machine).) FCC document indicates that Verizon Select Services Inc. mailed customers by December 14, 2012, of the service they would stop accepting new orders by February 15th (2013). Telecom Wholesale's note on Frame Relay stted, “Frame Relay will be grandfathered” ... “on 31 December 2010.”

[#n10005s34atm]: ATMs

ATMs would generally refer to “Automatic Teller Machines”. (The term “ATMs” would be the plural version of “ATM” when ATM stands for “Automatic Teller Machines”.)

However, when studying computer networking, the abbreviation “ATM” has often commonly referred to “Asynchronous Transfer Mode”. In many cases, Asynchronous Transfer Mode is more likely what the term “ATM” has referred to.

Perhaps the most common technology that both uses ATM, and which consumers may be likely to be familiar with, is DSL. Wikipedia's page on “Digital subscriber line”: “Protocols and configurations” section notes, “Many DSL technologies implement an Asynchronous Transfer Mode (ATM) layer over” lower data transmission layer(s) “to enable the adaptation of a number of different technologies over the same link.” “Wikipedia's article on “Asymmetric digital subscriber line” (“ADSL”) : “Transport protocols” section says, “ In home installation, the prevalent transport protocol is ATM. On top of ATM” other protocols may be used, like “the all-important TCP/IP at layer 4 of the OSI model”.

Wikipedia's page on ATM: Citation from ATM Forum quotes a book by the ATM Forum, stating that ATM carries “a complete range of user traffic, including voice, data, and video signals.” Wikipedia goes on to note, “ATM is a core protocol used over the SONET/SDH backbone of the public switched telephone network (PSTN) and Integrated Services Digital Network (ISDN), but its use is declining in favour of” a new standard which is called “next-generation network” (“NGN”), also known as “All IP”/“all IP”.

ATM used relatively small packets. This helped from a QoS standpoint by allowing small voice traffic to be transmitted quickly.

Verizon page on ATM states, “Verizon Enterprise Solutions is a leader in ATM testing, deployment, and operations.” Yet, at the top of the page, “***ANNOUNCEMENT***” has been written in red text, with the brief note, “ATM Service has been retired.” A hyperlink to Verizon Enterprise Washington Interagency Telecommunications System 3 (WITS 3) Technical Upgrade 112912 states, “Verizon intends to grandfather our Frame Relay Services, as well as our ATM services.”


It seems likely that knowing these details, about each of the above communication types, would be good.

[#n10005s34circsw]: Circuit switch

A connection is made from one endpoint to the other endpoint. As this is a two-way communication, the connection is effectively a circle; hence the term “circuit”. Once a circuit connection is made, it is generally fairly reliable in the sense that traffic is likely going to be able to use the established connection. There isn't the concern (that packet switching does have) of some other packets saturating the connection and bringing the connection to a crawling speed.

However, this style of technology does tend to require full connectivity resources (e.g. bandwidth) even when no active traffic is occurring. Regarding the sharing connectivity resources (physical connectivity) with other applications, circuit switch technology is far less capable than packet switching.

A T1 uses a circuit.

[#n10005s34packetsw]: Packet switch
A connection is made with nearby equipment, which then forwards information a-packet-at-a-time. IP uses packets. The term is probably often used to describe technologies used by phone companies, contrasting with the term “circuit switch”. ATM is packet-based.
Faster is better
Transmission media
Knowing whether connectioan standards utilize copper, fiber-optic, or airwaves. Common copper-based Ethernet cabling using Cat5e and RJ-45, and also telephone equipment (including standard telephones, T1 connections, and DSL connections), and coax “cable”, all use copper-based connectivity. Wi-Fi and satellite use EMR (electromagnetic radiation) in airwaves.
[#n10005s34dist]: Distance

Technologies may have a maximum distance. Memorizing these may be helpful for certain certification exams. Being able to look them up, when seriously considering deployment, can also be useful.

(Note: Information, in other sections, are also provided with details about section 3.1: distance for LAN technologies, and distance related to Wi-Fi technologies. For troubleshooting issues related to the length of cables, see section 3.4: distance.)

Similar topic to WANs: The 10GBaseSW, 10GBaseLW, and 10GBaseEW standards are designed for WANs.

[#n10005s35topology]: CompTIA Network+ N10-005 Objectives Section 3.5 Describe different network topologies.

Some drawings of the various topologies may be helpful. (Acknowledging that... the drawings are not (yet) provided here.)

[#n10005s35mpls]: MPLS

Multiprotocol Label Switching

Wikipedia's article on “Multiprotocol Label Switching”, it appears that this is about assigning some short names (names that use fewer bits) to localized networks, which can allow for simpler routing within the more localized network. The Wikipedia page notes, “MPLS supports a range of access technologies, including T1/E1, ATM, Frame Relay, and DSL.” (Those tend to be technologies that have been used with phone companies.)

Therefore, this seems like an odd thing to refer to as a “network topology”. However, Demystifying MPLS (The MPLS framework in OpenBSD) describes this a bit further: “By default on every hop an IP route lookup has to be done. So every router along the path to the destination does his own lookup and decision. Label switching changes this so that only the edge routers of an MPLS network are doing a route lookup.” So this may not work as well with a network using independently maintained pieces like the Internet, but may be an alternative to standard IP routing that works on a network where all of the network infrastructure is rather trusted because the entire network is maintained by the same group of people (or the same single person).

The same article contains this little tidbit about the complexity of MPLS: the fact that there are “over 150 RFC about MPLS shows that this is more than just simple label switching.”

Point to point

When learning about these sort of physical topologies, a picture may often communicate the concept quite well. See: Free CompTIA Network+ Study Guide by MC MCSE, under “Domain 2.3: Common Physical Network Topologies” (next to the section that says “Point-to-point”).

A direct connection from one device to another. Ethernet switches can often get a full duplex connection on point-to-point connections.

Point to multipoint

When learning about these sort of physical topologies, a picture may often communicate the concept quite well. See: Free CompTIA Network+ Study Guide by MC MCSE, under “Domain 2.3: Common Physical Network Topologies” (next to the section that says “Point-to-Multipoint”).

Communication goes from one point to mulitple points. For example, a broadcast signal sent over a hub, or a wireless device (a WAP, or a tower used for wireless phones) that communicates to multiple devices.


When learning about these sort of physical topologies, a picture may often communicate the concept quite well. See: Wikibooks: Network+ Certification: Media and Topologies: Phsycial Topologies (section on “Ring”), which shows a bit of a “ring”-shaped drawing. As an alternative, Free CompTIA Network+ Study Guide by MC MCSE, under “Domain 2.3: Common Physical Network Topologies” (next to the section that says “Ring”) essentially shows a “square”. Indeed, the term “ring”, in this sense, is not technically trying to indicate roundness.

The communication occurs over wiring that forms a loop. It is like a bus, but with the endpoints connected.

A network technology famous for this sort of topology is a “Token Ring” network. Even after Token Ring equipment often stopped using a physical topology that was ring-shaped, the protocol was designed so that communications operated over a “logical ring”, so equipment pretended like there was a ring for communication (even if that wasn't true).

Although Token Ring has fell out of favor, to Ethernet, this obsolete technology may still be worth knowing about, just so that the concept can be briefly considered. After all, many times concepts have fell out of favor but then found to have new life later.

[#n10005s35star]: Star

When learning about these sort of physical topologies, a picture may often communicate the concept quite well. See: Wikibooks: Network+ Certification: Media and Topologies: Phsycial Topologies (section on “Star”), and/or Free CompTIA Network+ Study Guide by MC MCSE, under “Domain 2.3: Common Physical Network Topologies” (next to the section that says “Star”).

Also known as “hub-and-spoke”. (The term “hub” just refers to the concept of a centralized device, and may include switches or other devices, and not just the older network infrastructure device called a hub.) A centralized device is connected to by mulitple points. This device is the “hub” of a “hub-and-spoke” network. Since drawing this cabling would involve a bunch of lines joining at a single location, (if the hub was physically centralized, located in between all of the other devices) then the drawing could look like a simple multi-pointed star.

A hub-and-spoke/star implementation is an example of “point-to-multipoint” technology.

[#n10005s35mesh]: Mesh

There are multiple paths to the same equipment.

Full mesh

When learning about these sort of physical topologies, a picture may often communicate the concept quite well. Wikipedia's picture of a full mesh, found from Wikipedia's article on “Network topology”: section called “Mesh”, shows a picture of a fully conected mesh. Free CompTIA Network+ Study Guide by MC MCSE, under “Domain 2.3: Common Physical Network Topologies” (next to the section that says “Mesh” shows a simple “full mesh”.

Sometimes also called a “fully connected” mesh, or a “true mesh”

Every piece of equipment on the network has the ability to communicate directly to every other piece of equipment on the network (without needing to have information relayed by other electronic devices). This seems like the most straight-forward networking model, as every device can communicate directly. This is essentially what can happen in a peer-to-peer wireless network. However, for wired connections, wiring/cabling gets very complex very quickly, and each device may need a number of network connectors/ports. The concept of a full mesh quickly gets impractical as more computers get added. (Every time a new computer is added, every pre-existing computer will need to support a new connection.)

Partial mesh

When learning about these sort of physical topologies, a picture may often communicate the concept quite well. See: Wikibooks: Network+ Certification: Media and Topologies: Phsycial Topologies (section on “Mesh”).

May also be called a “partially connected” mesh.

There may be multiple paths, but it is not true that every single device has a direct connection to every single other device. There may be multiple routes to get to a destination. This is likely/certain to involve creating some sort of “loop” in the wiring, which can be okay and even beneficial (by allowing for redundancy). The mesh is not called a “full mesh” unless every single device is plugged into every single other device on the network.

This may often be caused by having multiple “hubs” in what might otherwise look like a “hub-and-spoke” type of topoligies. If there are multiple hubs, then this is not a “hub-and-spoke” network (because there are “hubs”, not just one “hub”), and so the result is a partial mesh.

[#n10005s35bus]: Bus

When learning about these sort of physical topologies, a picture may often communicate the concept quite well. See: Wikibooks: Network+ Certification: Media and Topologies: Phsycial Topologies (section on “Bus”), and/or Free CompTIA Network+ Study Guide by MC MCSE, under “Domain 2.3: Common Physical Network Topologies” (next to the section that says “Bus”).

Systems are connected via cabling that runs in a line. Communication between one system and another may need to traverse the entire line. So, other systems in the middle may be able to listen to (and possibly might be expected to relay) messages between the outer systems.


A general concept, stating that two devices communicate. Each device is considered to be approximately as useful as the other device. Sometimes “peer-to-peer”, or “peer to peer”, is abbreviated as P2P.


A centralized system, called a server, provides services to clients. This is not a “peer-to-peer” setup.


In a nutshell, this ends up meaning that there are multiple topologies being used.

There may be some other terms used for other topologies. See: Wikipedia's “Star network”, “See also”, and or Wikipedia's Network topology. For example, a “tree” (see: Wikipedia's article on “Network topology”, section called “Tree”) may be like a bus, but with the capability of having multiple spokes. As the Network+ does not discuss this particular physical topology, it might just be classified as a hybrid (adding a “point to point” to what is otherwise a “bus”).

Physical toplogies and logical topologies

There also may be a difference between the “physical” topology, which relates to how things are actually wired, and the “logical” topology. Wikipedia's article on Network topology (“Topology” section) says “the original twisted pair Ethernet using repeater hubs was a logical bus topology with a physical star topology layout. Token Ring is a logical ring topology, but is wired a physical star”. (That latter sentence may just be true when a Token Ring MAU is being used: see Glossary entry for Token Ring.)

Using the latter example: Token Ring was initially implemented by physically wiring a ring topology, and the Token Ring protocol was designed to use this style. When the Token Ring MAU came out, it allowed people to change the physical wiring to a “hub-and-spoke” model. All of the computers could continue communicating using the Token Ring protocol. The computers communicating using logic that treated every device as if it was connected via a ring, and so the devices did not communicate directly but rather expected information to be relayed as necessary.

With Ethernet, devices send communication as if the destination is connected directly to the cable that the sending device is using. This is how things would work on a physical bus network, such as a 10base2 network using BNC-style T-connectors (see Wikipedia's article on “10BASE2”, especially the picture of a 10base2 T connector). Now, when Ethernet is using Cat5 cables/connectors with hubs or switches, using a “hub-and-spoke”/star physical topology/layout, the average NIC in a computer still sends signals as if it was talking directly with the destination. So, it is still using a “logical bus” topology. (When a device is communicating via IP through a router, that could be logical “hub-and-spoke”/star logical topology (or some other topology, such as “hybrid”), because the device is intentionally sending traffic to the router before the traffic gets to the final destination.)

CompTIA Network+ N10-005 Objectives Section 3.6: Given a scenario, troubleshoot common physical connectivity problems.
[#n10005s36cableprob]: Cable problems:
Bad connectors

This could cause a lack of a link light. The wiring might be more fragile as it goes from a cable to a connector, so this may be the most likely spot for a wire to break. (For a simple copper-based Ethernet cable, this might be able to be fixed with relatively little effort, by cutting off the bad cabling and the connector, and then attaching a new connector to the end of the remaining good cabling. Opinions can vary regarding whether such an approach (instead of just using a commercially produced cable, which may have a higher price) is worthwhile.

[#n10005s36badwiring]: Bad wiring

This may cause a lack of link light. A connection may be unstable. (See: bad cabling.)

Open, short

This would be a form of bad wiring. An “open” connection does not close a needed circuit, which basically means that necessary connectivity does not occur. (For example, if a wire does not reach the expected destination, there may be “open” space between where thewire needs to go, and where it goes.) A physically broken wire may cause an “open” circuit in the middle of a cable.

A “short circuit”, sometimes referred to as a “short”, refers to electricity going somewhere that electricity should not be going. (In some cases, a “short” means that electricity has found a quicker/shorter path to a certain location, when the electricity was supposed to take a longer route.) For instance, if the insulation of wires becomes damaged, electricity might flow from one exposed wire to another exposed wire.

Split cables

A “split pair” refers to cables where one pair of cables has a wire connecting to an endpoint meant for another pair. (If all 8 wires in a standard Ethernet cable are connected, then at least one other pair of wires has a split cable.) For instance, if wire four should connect to pin number 4 on both ends, but connects to pin number 3 on one end (and wire number 3 connects to pin number 4 on that same end). Presumably wires 4 and 5 are commonly wrapped around each other, so they should be a pair, but wire 5 is interacting with connections meant for another pair.

This would typically represent an improperly made cable.

[#n10005s36dbloss]: DB loss

This is believed to be related to decibel loss.

The loss refers to the loss of signal as it travels over medium. This could refer to a wired medium (for wired technologies) or the medium known as airwaves (for wireless technologies). The “loss of strength” or “loss of intensity” of a signal can often be measured in dB.

TXRX reversed

Transmit and receive are reversed? Perhaps this is an issue of using a crossover cable when a straight-through is expected, or vice-versa. If so, either use a crossover adapter (or see if the equipment has an option, such as a physical switch, to alter whether a port is adjusted), or replace the cable, or plug the wires into a different device. (If two computers cannot communicate using a couple of straight-through cables, one option may be to plug them into a network infrastructure device which provides the appropriate and necessary connectivity crossing.)

Cable placement

Cables should be in low traffic areas (meaning areas where people, or similar things like wheeled chairs, are unlikely to be moving). Ideally, cables should be covered. Sometimes businesses will have coverings at the bottom of the walls; they might be able to be pulled out a quarter-inch so that a cable can be inserted.

Copper cabling in walls may be better off being “solid core”, which offers better connectivity than stranded cable. Such “solid core” cable is more fragile, but that isn't a big deal for professionally laid cable that generally doesn't get interacted with (because it is located within the space between walls).

If cabling crosses a floor (particularlily where anyone may walk), there is often safety regulations that may require that it be covered. (Ideally it may be covered by flooring, so that it is really unnoticeable. However, sometimes a plastic covering, or a rug/mat, or even duct tape may be better than a lose cable.) A cable that seems pretty tight can often become very loose very quickly if someone's foot snags the cable in just the wrong way, which can trip up the person who loosened the cable and also remain a more noticeable hazard.

[#n10005s36emi]: EMI/Interference

EMI stands for Electro-Magnetic Interference (or Electrical/Magnetic Interference).

The best solution is often to start by finding the cause of the interference.

Moving wires may be the easiest solution. Using fiber-optic cabling, rather than copper, will resolve this (but may be a pricey solution). Otherwise, using copper wires that have better insulation (ScTP rather than UTP) might help.

Simliar topic: see Crosstalk.

[#n10005s36dist]: Distance

If the signal loss over a cable is being too significant due to the length of the cable, workarounds can include using higher quality cabling, or placing a device (such as a repeater, or any more advanced device like a switch) in the middle. Switching from copper cabling to fiber-optic cabling might be another way to increase the usable distance.

For other details related to cable distance, see: section 3.1: subsection related to distance and section 3.4: subsection related to distance.

[#n10005s36crosstalk]: Cross-talk
Think of cross-talk like EMI (section 3.6: subsection about EMI). However, cross-talk can happen within a cable: one wire in the cable might affect other wires in the cable. (This is why USB is serial, rather than parallel : to avoid internal cross-talk.) Using fiber-optic cabling, rather than copper, is expected to resolve this. Switching to more protected cabling (specifically, Shielded Twisted Pair: section 3.1: subsection about shielded twisted pair)) might also help in some cases?
[#n10005s36lantechs]: CompTIA Network+ N10-005 Objectives Section 3.7 Compare and contrast different LAN technologies.

Note: A lot of this information came straight from Wikipedia. (The information was needed fairly quickly. Fully sourcing the details would have taken additional time, which was in short supply.) For those who aren't inclined to trust Wikipedia, additional verification of these details may be needed.


This is a protocol. (An alternative had been Token Ring.) Uses CSMA/CD.


Twisted pair, baseband, 10Mbps.

Sometimes written with a hyphen after the word “Base” (“10Base-T”). Sometimes the word “Base” is written in call capital letters.

Twisted pair (“TP”) refers to multiple copper wires being twisted around each other. The twists may reduce cross-talk.

Baseband refers to the idea of one signal being sent at a time. Broadband may be able to send multiple signals at a time. These are electrical terms. Although, after cable companies marketed Internet service as “broadband”, some people believed that referred to the higher bandwidth permitted by higher speeds. Slower dial-up communications became known as “narrowband”. Phone companies started marketing DSL as “broadband” based on having competing Internet speeds, even though their service was a baseband technology.

This is most commonly using Cat5 cabling, or better.


100Mbps variation of 10BaseT. Can fall back to comunicate at 10BaseT. Ethernet operating at “100BaseT” used a standard that was called “Fast Ethernet”. (The name was more appropriate when that speed standard seemed fast, because it was compared to standard “Ethernet” which was 10Mbps. The term feels less sensible now that Gigabit Ethernet makes “Fast Ethernet” seem slow in comparison.) This is most commonly using Cat5e cabling, or better, or perhaps Cat5.

1000Mbps variation of 10BaseT. Can fall back to comunicate at 100BaseT (or 10BaseT).
A form of 100Base-T which involves using two wires of cable which is at least Category 5 (Cat5). (Other alternatives of 100BaseT included 100Base-T2, which used two wires on Cat3, or the half-duplex 100Base-T4, which used four wires on Cat3. Wikipedia's article on “Fast Ethernet”, section titled “Copper” identifies these alternatives as “defunct” and states, “Almost all 100BASE-T installations are 100BASE-TX.” Later statements on the same Wikipedia page notes that the alternatve 100Base-T implementations were “not widely adopted but the technology developed for it is used in 1000BASE-T.”)

Know that this uses a Fiber connector.


Wikipedia's article on “Gigabit Ethernet”: “History” section says “802.3z is commonly referred to as 1000BASE-X, where -X refers to either -CX, -SX, -LX, or (non-standard) -ZX.” Of those, CX uses Twinaxial cabling (similar in style to coax). The others are clearly labelled as fiber connections. Wikiepdia's article on “Gigabit Ethernet”: section called “1000Base-X” says “1000BASE-X is used in industry to refer to gigabit Ethernet transmission over fiber, where options include 1000BASE-CX, 1000BASE-LX, and 1000BASE-SX, 1000BASE-LX10, 1000BASE-BX10 or the non-standard -ZX implementations.” The funny part about this is that the next section, about -CX, says that “1000BASE-T has succeeded it for general copper wiring use.” That does seem to confirm that -CX is non-fiber...

None of those are twisted pair. (1000BaseT does support using twisted pair copper cabling. However, 1000BaseT is not part of what is generally referred to when the term 1000BaseX is used.)

[#n10005s35tengsr]: 10GBaseSR
Fiber. Short reach: 400m. Wikipedia's article for “10 Gigabit Ethernet” : section about “10GBase-SR” states, “10GBASE-SR delivers the lowest cost, lowest power and smallest form factor optical modules.“ Then the article goes on to state, “For 2011, 10GBASE-SR is projected to make up a quarter of the total 10GbE adapter ports shipped.”
Fiber. Long reach. 10km. (See 10GBaseSR which is likely similar.)
Fiber. Extended reach. 40km. (See 10GBaseSR which is likely similar.)
[#n10005s35tengsw]: 10GBaseSW
WAN-based (long distance) variety. Wikipedia's article on “10 gigabit Ethernet” : section on “WAN PHY (10GBASE-W)”. 10GBase-W references to 10GBase-S, -L, and -E standards to create the 10GBase-SW, 10GBase-LW, and 10GBase-EW standards. For more information about 10GBase-S, -L, and -E, see the sections about 10GBase-SR, -LR, and -ER.
[#n10005s35tengsw: 10GBaseLW
See: 10GBaseSW for discussion.
[#n10005s35tengsw]: 10GBaseEW
See: 10GBaseSW for discussion.

IEEE 802.3an-2006.

For some information about distance limitations, see the text about Cat6(a) cabling, as it discusses some of the text about cat6 cabling. (For more generalized details about length limits, see: copper twisted pair length limits.)

[#n10005s35csmacd]: CSMA/CD

Carrier Sense Multi(ple) Access, Collision Detection.

Carrier Sense

Glossary: CSMA has a sub-section describing this.

Multi Access

Glossary: CSMA has a sub-section describing this.

Collision Detection

Glossary: CSMA has a sub-section describing this.

[n10005s35csmaca]: CSMA/CA

Same as the CSMA in CSMA/CD. See: Glossary: CSMA.

Collision Avoidance

Glossary: CSMA also has a sub-section descriing this.

[#n10005s37brdcast]: Broadcast

This may also be covered by section 1.3: subsection about broadcast.


When multiple devices try to use a medium, but that medium does not support multiple transmissions at a time. See: Glossary entry: collision. For similar topics, see also: collision domain, and the sub-topics of Glossary entry for CSMA (CSMA/CA and CSMA/CD).


Using multiple connections for twice the speed, and possibly for reliability in case one link fails. (Some care may need to be done to make sure that switching loops don't lead to broadcast storms. The hardware/drivers may need to support this.)

More = better
Being able to communicate farther is generally nicer. However, in some cases (WiFi, some fiber connections), some longer distances might only be available at slower speeds. So reducing the necessary distance may be useful in helping to achieve higher speeds.
[#n10005s38wiredistr]: CompTIA Network+ N10-005 Objectives Section 3.8: Identify components of wiring distribution.
[#n10005s38idf]: IDF

(It seems to make some sense to look at MDF first.)

Simply from reviewing Wikipedia content such as Wikipedia's page on “Intermedia distribution frame”, it looks like a main difference may be location. An MDF is related to providing phone service and is located at a telephone company, while an IDF is also related to providing wiring for phone technologies but the IDF may be located at customer sites.

Some documentation by Cisco (CCNA Discovery 4.0 module 3: “Introducing Routing and Switching in the Enterprise” slide states, “The telecommuniations room is also referred to as a wiring closest or intermediate distribution facitily (IDF).” (Hyperlink removed from quote, as it went to non-public resource.)

Comparing an MDF to an IDF

It seems that the Intermediate Distribution Frame is designed to require a Main Distribution Facility, and the IDF is focused on connectivity while the MDF is focused on providing functionality (such as moving network traffic to useful locations, routing, creating virtual circuits, etc.) Equipment in an IDF is likely to contain connectivity devices like a switch or WAP, which help people to get access to the network, while the MDF is focused on making sure the network is providing useful functionality to anyone connected to it. Servers, therefore, would go into an MDF.

[#n10005s38mdf]: MDF

Main distribution frame. Wikipedia's article on Distribution Frame states, “In telecommunications, a distribution frame is a passive device which terminates cables, allowing arbitrary interconnections to be made.” Wiring (such as the cabling from another building) goes to the “distribution frame” equipment, and other wiring goes from the “distribution frame” to networking equipment (presumably located inside of a building). From this definition, MDF appears to have a purpose that is similar in nature to the purpose of a patch panel. Indeed, this seems confirmed by some text on Wikipdia's article on Main Distribution Frame which states, “Like other distribution frames the MDF provides flexibility in assigning facilities, at lower cost and higher capacity than a patch panel.”

Another description is available from MC MCSE free CompTIA Network+ N10-004 study guide (in Domain 2.8). The descriptions of an MDF do describe this type of equipment as being physically at a service company (e.g. a phone company), and used as a nicely organized way to complete connections to the cabling that heads out of the company's building to subscriber/customer equipment.

However, documentation by Cisco indicates that a data center may serve has a Main Distribution Center, containing routers. This topic is discussed further in the section about IDF.


The point of demarcation specifies where one company (such as a telephone company) stops having rights/responsibility over equipment, and where another starts. Sometimes there is some shared space, where the responsibility may be a bit hazy: perhaps either party may make changes inside that sort of box. However, all equipment and technology that is clearly on just one side of the demarc point, and not in a shared space, is the responsibility of just one part (such as the telephone company) or the other (such as the owner of the property/building). Modifying equipment that belongs to a utility company (or vice versa ; if someone from such a company tried to modify company equipment) may be prohibited, and even illegal (violating “computer trespassing” law).

The equipment on the customer's side of a demark point may be referred to as “customer premisis equipment” (“CPE”).

True story: The mother of ][Cyber Pillar][ once swapped phone lines. There were two phone numbers being supplied in the house. There was a desire to change which phone lines went to the individual phone jacks. This was successfully done by locating a grey telephone networking box located outside of the house. (See Wikipedia's article for “Network interface device” for photos on what this type of box may look like.) In this box, wires went from the phone company into some telephone jacks. The wires from the phone company were being provided specific phone numbers. By swapping which wire went to which telephone jack, all of the telephone jacks in the house were suddently wired to a different set of wiring from the phone company. The phone numbers were effectively swapped.

Later, this was detected by the phone company. (This was probably detected when the house, which had a business running from it, had a third phone number added, perhaps for fax capabilities... This was before widespread use of the Internet.) Specifically, an employee of the phone company saw this. He noted that the phone company would have typically done this “a different way”. (Perhaps the change would have been made at the MDF?) However, it was acknowledged that this worked. There was no penalty when this got caught because, even though the work had been done without the phone company's knowledge, it was entirely legal.

Sometimes, such a grey box (often attached to the outside of a building, presumably so the utility company's personnel don't need to go inside of a building which might be locked) may have two parts. The larger part might even have a lock that is considered the property of the phone company (even though it is left at the physical address where the building is).

Demarc extension

Based on Wikipedia's article for “Demarcation point extension” (which is redirected to from Wikipedia's article for “Demarc extension”), it seems this term refers to equipment that connects the edge of the CPE to the utility company's equipment that is not physically located on the site. So, if there is a house near a telephone pole, cabling needs to connect that telephone pole to that house. The cabling which is on the customer's property may have some various names, including a “demarc extension”. Wikipedia's article for “Demarcation point extension” notes, “A demarc extension may also be referred to as inside wiring, extended demarc, circuit extension, CPE cabling and riser cabling.” (Note: “riser” cabling probably generally refers to multi-floor wiring: the vertical wiring may be “riser&rdqu; cabling.)

Smart jack

Wikipedia's article for “Network interface device” provides some insight. A “smart jack”, or “smartjack”, is basically a specialized form of what is called a “Network Interface Device” (“NID”) or “Network Interface Unit (NIU), Telephone Network Interface (TNI), System Network Interface (SNI), or telephone network box. A smartjack is a type of NID with capabilities beyond simple electrical connection, such as diagnostics.” (The Wikipedia article for NID does show some photos of what a NID may look like.) Wikipedia's article for “Network interface device”: section called “Smartjack” provides another name for these: a “Intelligent Network Interface Device” (“iNID”).

[#n10005s38csudsu]: CSU/DSU

There used to be equipment called a “Channel Service Unit” (“CSU”) and separate equipment called a “Data Service Unit” (“DSU”). Apparently there must have been very little need for the CSU's functionality to be a different piece of equipment than the equipment providing the functionality of a DSU, because later devices called a “CSU/DSU” performed the functionality of what (probably briefly) used to be separate boxes.

Used for connecting to some equipment from a data provider. This is stored at the customer's site. The point of Demarc might, in theory, be placed between the CSU and the DSU. However, since in reality the CSU and DSU are likely to be on the same circuit board, the CSU/DSU may often be a sort of shared resource (where the demarc is more ambiguous). So the point of Demarc is very often a side of the CSU/DSU, or something very close (such as a Punchdown block that connects to the CSU/DSU.) This may be something typically found in the USA. Other nations may often have a “network terminating unit” which is handled by the phone provider.

The CSU/DSU helps to provide a company's computer network with the ability to use the right kinds of electrical signaling that will work with other types of communications equipment which may be used by a phone company. This is likely (or certain) to be located at the customer's site.

This may well be more detail than what will be needed for an entry level test, but is provided to help satisfy some potential curiosity (that some people are likely to have): The CSU's job is to be able to connect with certain types of connections from a phone company, and takes care of issues related to physical connectivity. A DSU makes sure that the style of frames used on a LAN can be coverted to the style of frames that may be used by the service provider.

CompTIA Network+ N10-005 Objectives Section 4.0 Network Management
CompTIA Network+ N10-005 Objectives Section 4.1 Explain the purpose and features of various network appliances.
[#n10005s41loadbal]: Load balancer

For networking, this refers to a device performing load balancing, so the load balancer tries to send network traffic through or to a device that is likely to be less busy/overwhelmed. Methods of determining which device will be handling the traffic can be as simple as sending half of the traffic in one direction, or sending traffic in a random direction, or may become considerably more complex.

[#n10005s41proxysvr]: Proxy server

The term “proxy” refers to a “representative”. (For example, after Richard Nixon was no longer the active President of the United States, he worked with China and helped to establish some positive relations between the USA and China. Although he was no longer the official leader of the nation, he represented the USA and may have even been given some limited authority. In serving this role, he was a “proxy”.

A “web proxy” typically receives requests from web clients, and determines whether the content is cached. If so, the information is delivered from the web proxy, instead of from the web server. This can greatly speed up communications.

Web browser (client software) typically does have an option to send all traffic to a known proxy. There are other forms of web proxies: transparent proxies (which may perform this task even if the web browser cannot detect that a proxy is being used) and captive portals. (A captive portal is a slightly different, but similar concept: traffic like a web request is not allowed on the Internet. Requests sent to the Internet may be redirected to a local server, which may demand agreement to terms of use.)

A web proxy may provide content filtering.

[#n10005s41contentfilter]: Content filter

Blocking content. Most commonly, this is done by blacklisting content that is expected to have a high likelihood of being undesirable. Commonly blocked content includes content clearly meant to be sexually attractive/enticing/provocative, websites facilitating or promoting illegal behavior (including violations of intellectual property), or less controversial topics such as websites dealing with alcohol (which fewer people may deem to be “immoral”, but which often are not related to business use).

(This topic may be referenced by the topic about section 2.1: traffic filtering.

[#n10005s41vpnconc]: VPN concentrator

A device that receives connections from clients who are trying to use a VPN. Many firewall devices perform this role. There are also devices specializing in performing this role, and they are called VPN concentrators.

CompTIA Network+ N10-005 Objectives Section 4.2 Given a scenario, use appropriate hardware tools to troubleshoot connectivity issues.
Cable tester
Performs basic tests
Cable certifier
Performs more advanced tests, and may “certify” cabling, simply meaning that it reports that the cabling has passed some tests that may be more stingent than what is typically performed by a cable tester.
A device that involves crushing equipment (such as an RJ-45 connector and wiring) in a controlled fashion, causing the equipment to then become attached.
Butt set
Toner probe
Punch down tool

May help connect wiring to a 110 block.

[#n10005s42protocolanaly]: Protocol analyzer

The term can be used to describe a piece of software, or to a piece of hardware that performs the same sort of functionality. See: section 4.3: subsection on protocol analyzer.

Loop back plug
[#n10005s42otdr]: OTDR

“Optical Time Domain Reflectometer”(according to a document providing CompTIA's N10-005 Certification Exam Objectives).


A device with some “probes”, a.k.a. “leads”, which are sticks of metal that are mostly covered by insultation. The ends remain uncovered, though. These metal tips (which may be a bit long, like an inch in length) can be used to touch two other pieces of metal. The multimeter can then report information about what kind of electricity is detected. The name comes from the ability to run multiple different types of tests, so multiple different types of measurements may be reported.

Multimeters can be fairly cheap (about $15USD, or perhalf even about half of that price) or get quite a bit more expensive (and featureful). It seems that the classic Radio Shack 22-802 may be discontinued, although there are similar simple ones. (JustAnswer question on 22-802. page on meters shows a picture of an analog multimeter “at the hardware store for about $6.95.” A company named all-sun has created a similar-looking item, the all-sun EM3081)

Note that multimeters can potentially help to cause severe damage to electrical equipment. For instance, setting a multimeter to run a continuity test might allow electricity to travel through the multimeter. Depending on where probes are touched, this could cause electricity to go from one location to another location that should not have such electricity.

Radio Shack: Information on product # 22-802, Picture of RadioShack 22-802 found from page on meters.

Environmental monitor

Temperature and humidity can be detected. APC is known to provide a card that detects these things; the card is designed to be inserted into a UPS made by APC.

[#n10005s43netswtl]: CompTIA Network+ N10-005 Objectives Section 4.3 Given a scenario, use appropriate software tools to troubleshoot connectivity issues.
[#n10005s43protoanaly]: Protocol analyzer

The term “protocol analyzer” refers to software that uses information about common protocols, so the information in network traffic (such as the destination address) can be clearly identified. The term “protocol analyzer” can also refer to hardware called a “protocol analyzer”, which simply is hardware that performs the functionality of this software, including a computer which runs this software.

This sort of software will also commonly/always include the ability to act as a “network sniffer”.

An example is Wireshark (previously known as Ethereal) and the similar software TShark.

For additional examples: perhaps see: network-watching software; some of that may be classified as a “protocol analyzer”. Also, see Wikipedia's article called “Comparison of packet analyzers”.

Throughput testers

See hardware testing: network speed testing, checking net speed. (Perhaps also see the section about “Diagnostics”?)

Connectivity software


This is very unclear. Perhaps it is referring to communications software (e.g. a dumb terminal), or perhaps propreitary software (installed along with the basic network drivers) that help a Wi-Fi card to make a connection (which was more common before Windows XP SP2 was released, as it came with the “wireless zero configuration”).

[#n10005s43ping]: Ping

Tests whether a remote system is responding. Use ICMP. This is often used to verify if a system is available, if the system is configured to respond and traffic is not blocked in either direction.

See Ping

[#n10005s43tracert]: Tracert/traceroute

See TraceRoute (and similar)

Traceroute is useful for narrowing down problems with remote systems, because it helps to identify which network has a problem. However, if there is known to be a problem on a specific network (such as a local network), about all that Traceroute will effectively do is to identify which network as the problem. So, Traceroute is not necessarily useful/helpful in those cases. (Running Traceroute to a system on the local network probably does not make more sense than using Ping.)

Note: One of the stated objectives of the N10-004 (older version of the CompTIA Network+) section 5.1 was familiarity with Mtr. See also information about mtr in TraceRoute.


See Domain Information Groper.


Unix uses ifconfig to configure network interfaces, while Microsoft Windows has historically used IPConfig. Microsoft still does use IPConfig, although there might be some alternatives (netsh, PowerShell?). These commands are most famous for displaying basic network settings such as an IP address. See: manual network addressing.

The commands may be able to do some other things. Microsoft Windows's IPConfig may be able to flush the local name resolver cache.

See nslookup.
See: ARP protocol. Especially know that “ arp -a ” shows the ARP table, in both Unix and Microsoft Windows. The command can also be used to delete stale ARP entries.
[#n10005s43nbtstat]: Nbtstat

Shows information related to NBT, which stands for “NetBIOS over ARPTCP/IP. Related to NBNS (NetBIOS Name Server) or, more specifically, Microsoft's rather compatible implementation called WINS. For some related info, see NetBIOS Names.


Netstat is most famous for two things. The most prominent is being able to view information about connections (including knowing when software is “listening” for new incoming connections). “ netstat -na ” is supported by both Unix and Microsoft Windows. See Who is using ports.

The other thing that Netstat is known for is to show routing information. Both Unix and Microsoft Windows support using “ netstat -nr ”. The output will be very similar (and probably identical, actually) to the output from appropriately using the route command.


The route command can display a local routing table, as well as create new routes for the routing table. For information, see: routing traffic. e.g., adding a network route

[#n10005s44] CompTIA Network+ N10-005 Objectives Section 4.4 Given a scenario, use the appropriate network monitoring resource to analyze traffic.
[#n10005s44snmp]: SNMP

Simple Network Management Protocol

IETF STD 62 contains several documents related to SNMP (including RFC 3416 - SNMPv2). RFC 3410 - overview of SNMPv3 “explains why using SNMPv3 instead of SNMPv1 or SNMPv2 is strongly recommended.” That RFC 3410 also recommended that several other older SNMP RFC documents to “be retired by moving them to Historic status.” This does appear to have been done: IETF STD 15 (SNMP) is marked as “Historic” by IETF STD list.

(This may be discussed a bit elsewhere: section 1.6: subsection on SNMP.)


Err, don't use, based on RFC 3410.

Simple Network Management Protocol

There are multiple versions of SNMP. RFC 3410 - overview of SNMPv3

A program in Unix that generates log files. It can store log files remotely.

System logs

Unix: See the section about General logs. Specifically, know some of the more common/important logs in /var/log/ such as messages and possibly daemon. Authentication details might be included in authlog or some others.

Windows: See logs (especially the section about Microsoft Windows: most especially the hyperlink for Windows Event Logs).

History logs

Probably referring to logging user activity in Unix.

General logs

See: logs. Unix's /var/log/messages springs to mind. Microsoft Windows's Event Logs, especially the Application Log, may be the most equivilent.

Traffic analysis


This might involve using a protocol analyzer, or perhaps simply comparing current traffic to a recorded baseline.

See also: logging, analyzing, and playing back network traffic.

Network sniffer
Network monitoring/sniffing
CompTIA Network+ N10-005 Objectives Section 4.5 Describe the purpose of configuration management documentation.
Wire schemes
Network maps
Cable management
Asset management

This would most certainly include creating and maintaining an inventory, as well as properly handling of old equipment that is not needed (including erasing data before it leaves the building).


Create a record, which can be compared later. See: Glossary entry for “baseline”.

Change management

See the section about documentation?

CompTIA Network+ N10-005 Objectives Section 4.6 Explain different methods and rationales for network performance optimization.
[#n10005s46qos]: QoS

Quality of Service. Refers to network traffic prioritization. See: Glossary entry for QoS.

QoS is also mentioned by section 2.1 subsection on QoS.

Traffic shaping

Controlling traffic, typically be intentional manipulations such as giving some traffic higher priority and other traffic very little priority. For example: Throttling; reducing the bandwidth available based on what type of network traffic is being used.

[#n10005s46loadbal]: Load balancing

Splitting up a workload (such as the work of transmitting network traffic), so that less utilized resources get utilized more (and more heavily utilized resources can then do less work). Methods of determining which device will be handling the traffic can be as simple as sending half of the traffic in one direction, or sending traffic in a random direction, or may become considerably more complex.

This can also be highly customizable, taking into consideration factors such as the cost of sending data, and the changes in costs if there are different rates during different times of a day.

See also: section 4.1: load balancer.

[#n10005s46highavail]: High availability

Keeping things functional for large percentages of the time. Often utilizes technology that provides “fault tolerance”, by having redundancy in case there is failure.

Caching engines
[#n10005s46faulttol]: Fault tolerance
Ability to recooperate gracefully when there is failure. Generally the most preferable approach would be one that continues to provide/maintain high availability.
[#n10005s46carp]: CARP

Common Address Redundancy Protocol. See: CARP

In the documentation providing Net+ objectives, CompTIA does provide a glossary. This glossary does pretty much confirm that this is the CARP being referred to.

The basic purpose of this protocol may be similar to VRRP (RFC 3768) or HSRP (RFC 2281) or GLBP (Gatweway Load Balancing Protocol). Namely, if a firewall stops working, traffic may go through a redundant firewall.

Latency sensitivity

Being sensitive to something means that the something, or its impacts, are noticed. E-Mail may not have much sensitivity to latency, while VoIP would.

High bandwidth applications (VoIP, video applications, unified communications)

VoIP is voice over IP. This is usually identified as being fairly low bandwidth, although for a large organization it is conceivable that multiple streams of VoIP traffic could add up to be more significant.

Video applications tend to take up quite a lot of bandwidth compared to many other applications such as transmitting text documents or even audio.

The opposite of downtime. Uptime is what the goal of high availability is trying to achieve much of.
CompTIA Network+ N10-005 Objectives Section 5.0: Network Security
CompTIA Network+ N10-005 Objectives Section 5.1: Given a scenario, implement appropriate wireless security measures.
[#n10005s51encpr]: Encryption protocols:
[#n10005s51wep: WEP

This stands for “Wired Equivalent Privacy”. That is true in name only. Usage of WEP may actually be worse than unencrypted connections, according to Glossary entry for WEP.

[#n10005s51wpa]: WPA

Wi-Fi Protected Access

A successor to WEP which came out in 2003, before the 802.11i-2004 standard (WPA2) became finalized in 2004. Avoid using TKIP. (Security issues are in Glossary section about TKIP.) Also, actively disable WPS (unless a suitable fix is known to have resolved the major problem with it.) See: Glossary entry for WPA, Glossary entry for “Wi-Fi Protected Setup” (which currently discusses the WPS security ramifications).

Really, if WPA2 is supported, use that instead of WPA.

[#n10005s51wpatwo]: WPA2


See also: WPA. Some notes from that section may apply to this standard as well.

WPA Enterprise

This involves using RADIUS (or perhaps some similarly complicated authentication mechanism, which is more involved than just using a PSK).

(The category on WiFi encryption types may also reference this section.)

[#n10005s51macfilter]: MAC address filtering

This refers to the practice of telling equipment that it should not allow communications from a device unless the device is authorized. One option is to authorize all devices except for those that are blacklisted. Another (perhaps more common) approach is to only authorize whitelisted devices. Neither (especially blacklisting) is considered to be strong security, due to the relative ease of MAC address spoofing. Furthermore, generating a whitelist is an activity which can require much more work than what is worthwhile considering the fact that the security gained is generally viewed as being neglible. So, this might not actually get used much in practice. However, the option is widely available on many types of network equipment, including WAPs.

The topic of MAC address filtering may also show up in section 5.2: MAC filtering, section 2.1: MAC filtering, N10-005 section 5.5, subsection on “Port security”.

Device placement

Centralized is good. When there are multiple devices, do not have them close enough that they overlap coverage unless the devices are using separate frequencies (which can be done by using sufficiently separate channels).

Signal strength
Lower signal strength can often allow lower-speed communications. For a permanent connection, using a specialized (“high gain”, not omni-directional) antenna may help (although for permanent connections, using a wired connection may often be a superior approach). For mobile devices, getting physically closer to the WAP can help.
CompTIA Network+ N10-005 Objectives Section 5.2: Explain the methods of network access security.
[#n10005s52acl]: ACL:
[#n10005s52macfilter]: MAC filtering

This is mentioned elsewhere: see: N10-005 section 5.1: section on MAC address filtering. Also see: section 2.1: MAC filtering, N10-005 section 5.5, subsection on “Port security”.

IP filtering

Only allow communication from certain IP addresses. Of course, IP address spoofing may be even easier than MAC filtering. However, this may help a bit to keep off someone who is unfamiliar with the network. Also, if a segregated network only assigns a certain range of IP addresses to certain devices, and routers do not route traffic from those IP addresses when the traffic is coming from a less trusted (more vulnerable?) network, then IP address filtering may be a convenient method to allow only authorized devices. (In other words, this might be effective for trusted networks, when other security measures are also being effectively used.)

Port filtering

This may be referring to applying security behaviors for a network interface (which is often called a “port”). (See: section 5.5: “port security”.) Or, perhaps the term port refers to a “port” used by a protocol implementing Layer 4 of the OSI Model: the “Transport” Layer. (For example, a TCP port.) Using that latter definition, firewalls regularly filter traffic based on what ports are being used.

The topic of an ACL may also come up with section 5.5: subsection on “ACL” or perhaps HREF="#n10005s21trafficfilter">traffic filtering.

[#n10005s52tunnel]: Tunneling and encryption:
[#n10005s52sslvpn]: SSL VPN
[#n10005s52ipsec]: IPSec
[#n10005s52tunneltls]: TLS
[#n10005s52tunneltls]: TLS1.2
Site-to-site and client-to-site
[#n10005s52remtaccs]: Remote access

See: Remote access.

[#n10005s52ras]: RAS

Remote access services. (Allow an incoming connection, such as a dial-up connection, and perform the needed services (NAT? VPN?) so that access to resources is provided.

In modern versions of Microsoft Windows, this may be referred to a RRAS. That stands for “Routing and remote access”, because the same software may also perform functions related to routing (such as implementing a routing protocol like OSPF or RIP).

[#n10005s52rdp]: RDP
Remote desktop protocol. This is discussed elsewhere... section 1.5: RDP
PPP over Ethernet
[#n10005s52ica]: ICA
See: “Independent Computing Architecture” protocol related to Citrix. (For some related technologies, see remote access Citrix.)
This is mentioned by the common port numbers. N10-005 section 1.5: subsection about SSH.
CompTIA Network+ N10-005 Objectives Section 5.3: Explain methods of user authentication.

Public Key Infrastructure. Publicly accessible certificate authorities will verify the ongoing legitimacy of public keys. If a private key is compromised, the public certification authority can (after being properly informed) place the key on a Certificate Revocation List. Popular web browsers are typically bundled with a list of some certificate authorities.


Used by Unix, and later on by Microsoft Windows. “Tickets” are used.

[#n10005s53aaa]: AAA (RADIUS, TACACS+)

See: Glossary (AAA (Security))

[#n10005s53radius]: RADIUS
A method of authentication. There's quite a few network infrastructure devices that can communicate with a RADIUS client, and then communicate with a local or remote database to determine whether the client should be authenticated.
[#n10005s53tacacsp]: TACACS+
[#n10005s53nac]: Network access control (802.1x, posture assessment)

The term “network access control” can refer to a number of similar technologies, such as Microsoft's proprietary implementation called “Network Access Protection” (“NAP”). The control/protection can be implemented in some different ways, including using 802.1x which is a standard called port-based Network Access Control (PNAC). See: Wikipedia's article on IEEE 802.1X, policy enforcement.


Used by WPA2 (Wikipedia's article on “Wireless cracking”: section called “Wi-Fi Protected Access (WPA/WPA2)”.)

[#n10005s53twofactorauth]: Two-factor authentication

See: multi-factor authentication. “Two-factor authenitcation” simply refers to using two of the factors.

Multifactor authentication

See: multi-factor authentication.

Single sign-on

The idea that a person who has authenticated may not need to re-authenticate, because some details were remembered when the person was authenticated earlier. Those remembered details may be the actual authentication credentials, or a token.token that can prove that an earlier authentication was successful. See: token.

CompTIA Network+ N10-005 Objectives Section 5.4: Explain common threats, vulnerabilities, and mitigation techniques.
War driving

The process of moving around (traditionally in a motorized vehicle) looking for Wi-Fi networks that may be connected to (either due to open authentication, or due to vulnerability to being attacked).

War chalking

People sharing information about wireless networks. The term comes from the idea of people writing information on a surface (like a sidewalk) using chalk, so people know about nearby access points.

WEP cracking

WEP is highly crackable. See: Glossary entry for WEP which currently has details. N10-005 section 5.1: subsection on WEP discusses WEP.

WPA cracking
N10-005 section 5.1: subsection on WPA discusses WPA.
Evil twin

A rogue access point that is (presumably intentionally) portraying itself as the legitimate access point.

If the authorization to the access point cannot be trusted (which might be true?), a basic solution is to encrypt data in a way so that the contents of the network traffic cannot be understand by any WAP, including rogue WAPs. (Such encryption is the basic premise behind the solutions mentioned by Wikipedia's article on “Evil twin (wireless networks)”: section called “Solutions”).

Rogue access point

An unauthorized access point. This could be an attacker who has set up an evil twin. Another example, though, may be an access point that is set up by an employee who is not a member of the organization's IT staff. Perhaps that employee had no malicious intent. However, it is often still a security risk, as it may be allowing people outside the building to be able to connect and effectively be part of the internal LAN. This would typically sidestep all of the protections of the perimeter devices (firewalls).


Denial of Service. See: See: Glossary entry for DoS.

Distributed DoS. See: Glossary entry for DDoS.
Man in the middle
Social engineering
Buffer overflow
Packet sniffing
Network monitoring/sniffing
FTP bounce
Mitigation techniques:
Training and awareness

User education

Patch management

Ensuring that available software updates (most especially including updates to an operating system, and possibly even firmware updates) are reviewed and, if they enhance security and are safe to apply, they get applied.

Policies and procedures
Incident response

Generally, a good approach is going to be to follow the relevant policies/procedures, such as a “Business Continuity Plan” (that notes a plan for how a business may continue) or a “Disaster Recovery Plan”. (These may simply be different terms for the same thing.)

Of course, this does require that such a plan exists...

[#n10005s55firewallcfg]: CompTIA Network+ N10-005 Objectives Section 5.5: Given a scenario, install and configure a basic firewall.
Software and hardware firewalls

See firewall implementations. It has a section about software firewalls, followed by a section about dedicated firewall hardware.

[#n10005s55portsec]: Port security

This may be referring to a concept such as “MAC address filtering” (see: N10-005 section 5.1: section on MAC address filtering, section 2.1: MAC filtering, section 5.2: MAC filtering).

Or perhaps some other methods of security that may be applied to a specific interface port, or perhaps the term refers to using security based on TCP ports and similar types of port numbers. See: N10-005 section 5.2: ACL for details.

Perhaps also: see N10-005 section 2.1: subsection on “traffic filtering”.

[#n10005s55statevspacketfilter]: Stateful inspection vs. packet filtering
Stateful inspection

Firewalls may keep track of the “state” of a TCP connection (or even some data about multiple UDP packets). For TCP connections, this may be done using SYN cookies.

Subsequent data may be analyzed based on the state of the TCP connection, possibly bypassing some of the rules that are used when creating a TCP connection. This state tracking may take up some resources such as processor time, but those resources may be less than the older alternative, which is to re-process traffic handling rules for every single incoming packet. So, the benefits may outweigh the costs.

An example of documentation for such a feature: OpenBSD's pf: filtering traffic: section on “Keeping State” (and the following section, called “Keeping State for UDP”).

packet filtering

Applying a filter to traffic. This may mean applying traffic handling rules. (Given the title of this section, “Stateful inspection vs. packet filtering”, it does seem likely that the term “packet filtering” refers to processing rules. That would contrast it with “stateful inspection”.)

Perhaps also see: traffic filtering.

[#n10005s55firewallrule]: Firewall rules:
See: Blocking/denying traffic, passing allowed traffic
Implicit deny
A strategy for rules... disallow all traffic except for traffic that matches a rule that authorizes/permits the traffic. This may be an easier way to prevent accientally allowing dangerous traffic.
[#n10005s55acl]: ACL

See N10-005 section 5.2: subsection on “ACL”

[#n10005s55natpat]: NAT/PAT

See: N10-005 section 2.1: NAT and N10-005 section 2.1: PAT. PAT has also been called NAPT.

[#n10005s55dmz]: DMZ
A “demilitarized zone”. Network equipment (including computers) that have been sectioned off from a main internal network. This way, the internal network can be protected from the publicly accessible machines in the DMZ, which might be the machines most likely to be attacked (and, therefore, might be the machines most likely to be negatively affected by an attack, taken over by an attacker, and used to attack other machines on the network).
CompTIA Network+ N10-005 Objectives Section 5.6: Categorize different types of network security appliances and methods.
[#n10005s56idsips]: IDS and IPS:

IDS stands for “Intrusion Detection System”. IPS stands for “Intrustion Prevention System”. An IDS is designed to notice and report problems. An IPS is designed to proactively take steps to try to prevent problems from being ongoing.

Behavior based

Detects problems based on judgements of behavior.

Signature based

Detects problems based on recognition of specific, known problems.

Network based

Generally, a device that sits on a network perimeter. This monitors all traffic that enters a network, and so protects the entire network. May be abbreviated as NIDS / NIPS.

Host based

A firewall which is designed to protect just a single host (computer). This is very commonly a software-based firewall product. The software is running on the host that is being protected. May be appreviated as HIDS / HIPS.

Vulnerability scanners:

Software which detects known problems. It may send some traffic that is designed to figure out whether a remote system is vulnerable to a known vulnerability. The software may then generate a report about known problems.


A program most famous for performing port scans. is now redirected to from

A GUI called Zenmap may be available.

Side note: The organization behind this program may also be behind SecTools.Org, Ncat - Netcat for the 21st Century, and other projects related to

Glossary entry for honeypot.

The idea behind the term “honeynet” is simply a network of honeypots. This may refer to a single network that consists of multiple single computer systems that are individual honeypots. Or, this term could also be used to refer to networks that contain multiple other networks.

The most famous of these is probably “The Honeynet Project”. (The project seems to normally have the word “The” capitalized as if it is part of the name, although that is not entirely clear. The “About The Honeynet Project” page says, “Founded in 1999, The Honeynet Project”..., and “Our vision for the Honeynet Project”. The page also refers to “The Honeynet Project blog”, yet the blog itself is simply titled “Honeynet Project Blog”.) See: Wikipedia's article on “Honeynet Project”

The Honeynet Project: Chapters is also called a “Group directory”. (An individual group that is part of The Honeynet Project may often be called a “Chapter”.) There are chapters in various locations around the planet.

The glossary is at: Glossary of items from CompTIA Network+ Objectives documentation (and additional references/notes).