Uploaded by Run the Numbers

network+ cheatsheet

advertisement
CompTIA Network+ Cheat Sheet
About CompTIA Network+
The CompTIA Network+ exam tests your fundamental skills in essential computer
networking functions.
\
You’ll need to answer at most 90 questions in this 90-minute examination and complete a
survey after it ends. The passing score is 720 on a scale of 100–900.
The latest CompTIA Security+ exam code is N10-008, available from September 2021 to
sometime in 2024. The exam objectives (domains) are as follows:
\
CompTIA Network+ Exam Domains
Domains
This Net+ cheat sheet arranges concepts according to our Total Seminars Network+ course
subtopics. Diagrams put concepts into a visual form and tables compartmentalize
information. Here’s a key to finding items by domain:
Hashtag (Remember to type the #
symbol)
#nf
#ni
#no
#ns
#nt
Domain (N10-008)
Networking Fundamentals
Network Implementations
Network Operations
Network Security
Network Troubleshooting
Network Models
This section lays the foundation for all other Network+ sections.
Domain
#nf
Concept
OSI model
#nf
Unicast/Broadcast
#nf #ni
DHCP
Elaboration
Open Systems Interconnect:
1. Physical
2. Data Link
3. Network
4. Transport
5. Session
6. Presentation
7. Application
Memory aid: Please Do Not
Throw Sausage Pizza
Away
One/All network devices
receive data
Dynamic Host Configuration
Protocol
Cabling and Topology
\
Be careful: it’s easy to provide incorrect answers to exam questions related to the different
fiber connector types.
Domain
#nf
Concept
Network topology
#nf
TIA/EIA-568A
#nf
TIA/EIA-568B
#nf
#nf
Coaxial
Twinaxial/twinax
#nf
#nf
Twisted pair
STP/UTP
#nf
Fiber optic
Elaboration
● Mesh
● Star (hub-andspoke)
● Bus
● Ring
● Hybrid
1. White/green
2. Green
3. White/orange
4. Blue
5. White/blue
6. Orange
7. White/brown
8. Brown
Swap “green” and “orange”
in TIA/EIA-568A
F-type, BNC
Has two inner conductors
instead of one as in coaxial
R J -45, R J -11
Shielded/Unshielded twisted
pair
S C, ST, LC, FC, MT-R J
#nt
Plenum-rated
#nf
Multimode/Single-mode
#nf
UTP category
Fire-resistant cable;
compare with riser-rated,
non-plenum rated, and PVC
Cables carry LED/laser
signals
Define speed and length of
cables:
● Cat 3
● Cat 5
● Cat 5e
● Cat 6/6a
● Cat 7
● Cat 8
Ethernet Basics
Recognizing the Ethernet naming syntax (10Base5, 100Base5, 1000Base5, 10Broad5,
10BaseT, etc.) is crucial to the Network+ exam.
\
Domain
#ni #nt
Concept
(Auto-)MDI-X
#ni #nt
Uplink port
#ni #nt
CSMA/CD
Elaboration
(Automatic) medium
dependent interface
crossover
Enable connection between
two switches using a
straight-through cable
Carrier sense multiple
access with collision
detection
Ethernet Standards
Familiarize yourself with 1000Base and 10GBase types (names, distances, node numbers,
cable types, etc.).
Domain
#nf
Concept
100BaseT
#nf
#nf
Half-duplex
Full-duplex
#nf
#nf
#nf
GBIC
S FP, S FP+
QS FP
#ni #nt
Switching/Bridging loop
Elaboration
Maximum cable length:
100m; max speed: 1,000
Mbps (1 Gbps)
For one-way communication
For simultaneous two-way
traffic
Gigabit interface converter
Small form-factor pluggable
Quad small form-factor
pluggable
Two or more data link layer
paths between two
endpoints
#ni #nt
Layer 2 attack
#ni #nt
Flood guard
Attacks on OSI model layer
2 (data link)
Block malicious traffic from
entering a network
Installing a Physical Network
Remember the following concepts in structured cabling:
\
Domain
#nf
Concept
66-punchdown
#nf
110-punchdown
Elaboration
Typically used in non-VoIP
telephone systems
For copper-wired networks
#nf
Fiber distribution panel
For fiber-optic networks
#nt
Wiremap
#nt
TDR
Simple test to confirm each
wire terminates correctly
Time domain reflectometer
#nt
OTDR
Optical TDR
#nt
NEXT
Near-end crosstalk
#nt
F EXT
Far-end crosstalk
#nf #ns #no
MDF
Main distribution frame
#nf #ns #no
IDF
#nf #ns
U (unit)
#nf #ns
Demarc
Intermediate distribution
frame
Standard height for rack
components; 19-inch wide
and a multiple of 1¾-inch
tall
Separate the telecom
company’s property from
your responsibility
TCP/IP Basics
Review additional information on IPv4 on your own.
Domain
#nf #ni
#nf #ni
#nf #ni
#nf #ni
Concept
Internet Protocol (IP)
Transmission Control
Protocol (TCP)
User Datagram Protocol
(UDP)
IPv4 address
Elaboration
IPv4 and IPv6
Connection-oriented
Connectionless
32-bit number, consisting of
four decimals from 0 to 255
#nf #ni
#nf #ni
#nf #ni
IPv4 loopback
APIPA/link-local
Classless Inter-Domain
Routing (CIDR)
separated by period (.), e.g.,
192.168.1.1
127.0.0.1
169.254.x.x
CIDR IPv4 addresses have
a prefix; e.g., “/24” in
“10.150.23.58/24” denotes a
255.255.255.0 subnet mask.
Routing
Review router-related abbreviations below.
\
Domain
#nf #ni
#ni
#ni
#nf #ni
#nf #ni
Concept
BGP
OSPF
RIP
MTU
IGP/EGP
#nf
NAT
#nf
PAT
Elaboration
Border Gateway Protocol
Open Shortest Path First
Routing Information Protocol
Maximum transmission unit
Interior/Exterior Gateway
Protocol
Network Address
Translation
Port Address Translation
TCP/IP Applications
Remember to check out our Common Ports Cheat Sheet.
Domain
#nf
Concept
NTP
Elaboration
Network Time Protocol
#nf
SNTP
Simple Network Time
Protocol
#nt
IGMP
#nf #nt
#nt
IPAM
Networking troubleshooting
tools
\
Network Naming
Network administrators cannot skip this section.
Internet Group Management
Protocol
IP Address Management
Windows: tracert
Linux:
● traceroute
● ifconfig
● pathping
● netstat
Domain
#nf
#nf
#nf
#nf
#nf
#nf
Concept
DNS
SOA
A/AAAA
CNAME
MX
PTR
Elaboration
Domain Name System
Start of authority
DNS record for IPv4/IPv6
Canonical name or alias
Mail exchange
Pointer record
Securing TCP/IP
Review key network security acronyms here.
\
Domain
#ns
Concept
RADIUS
#ns
#ns
TACACS+
Kerberos
#ns
EAP
#ns
PEAP
#nt
#ns
PKI
SAML
Elaboration
For authentication,
authorization, and
accounting
For access control
For authentication and
authorization on wired
networks
Extensible Authentication
Protocol
Protected Extensible
Authentication Protocol
Public Key Infrastructure
Security Assertion Markup
Language
Switch Features
The definition for VLAN (virtual local area network) is in the section Integrating Networked
Devices.
Domain
#ni
#ni #ns #nt
#ni #ns #nt
#ni #no
Concept
VTP
STP
BPDU
LACP
#ni
#ni
#ni
QoS
IDS
IPS
IPv6
Here are IPv6 concepts for quick learning:
Elaboration
VLAN Trunking Protocol
Spanning Tree Protocol
Bridge protocol data unit
Link Aggregation Control
Protocol
Quality of service
Intrusion detection system
Intrusion prevention system
Domain
#nf #ni
#nf #ni
Concept
NDP
IPv6 address
#nf #ni
#nf
IPv6 loopback
VLSM
Elaboration
Neighbor Discovery Protocol
128-bit hexadecimal
number, e.g.,
2001:7120:0000:8001:
0000:0000:0000:1F10
::1 (unicast)
Variable-length subnet mask
WAN Connectivity
Review additional information on WAN construction by yourself.
Domain
#nf #ns
Concept
VPN
Elaboration
Virtual Private Network
#nf
WDM/BWDM
#nf
DWDM
#nf
MPLS
Bidirectional wavelength
division multiplexing
Dense wavelength division
multiplexing
Multiprotocol Label
Switching
#ni
GSM
#ni
TDMA
#ni
EDGE
#ni
CDMA
#nf #ns
ICA
\
Global System for Mobile
Communications
Time-division multiple
access
Enhanced Data rates for
GSM Evolution
Code-division multiple
access
Independent Computing
Architecture (Citrix)
#nf #ns
TightVNC
#nf #ns
RDP
#nf #ns
PPTP
#nf #ns
L2TP/IPsec
#nf #ns
EAP
#nf #ns
GR E
Tight Virtual Network
Computing
Microsoft Remote Desktop
Protocol
Point-to-Point Tunneling
Protocol
Layer 2 Tunneling Protocol
over IPsec
Encapsulating Security
Payload
Generic Routing
Encapsulation
Wireless Networking
The ubiquity of mobile devices makes mastering wireless networking a necessity.
\
Domain
#ni
#ni
Concept
S SID
BS SID/E S SID
#ni
CSMA/CA
#ni
DS S S
#ni
OFDM
#ni
Wireless Ethernet versions
#ni
PoE
#ni #nt
Wireless antennae
#ni
WPA2
Elaboration
Service Set Identifier
Basic/Extended Service Set
Identifier
Carrier-sense multiple
access with collision
avoidance
Direct-sequence spreadspectrum
Orthogonal frequency-driven
multiplexing
● 802.11a
● 802.11b
● 802.11g
● (802.11i)
● 802.11n
● 802.11ac
● 802.11ax
Power over Ethernet
● PoE injector
● PoE+ 802.3af. 15.4
watts
● PoE+ 802.3at, 30
watts
● Omni
● Dipole
● Patch
● Directional/Yagi
● Directional/Parabolic
● SMA (SubMiniature
version A) connector
Gain measured in dBi
Wi-Fi Protected
#nt
APIPA
#ns
Evil twin
Access version 2,
encryption: CCMP-AE S
Automatic Private IP
Addressing
Fake Wi-Fi access point to
trick people into choosing it
over the genuine one
Virtualization and Cloud Computing
This section covers virtual machines and key ideas in cloud computing.
Domain
#nf
\
Concept
Cloud
#nf
#nf
Hypervisor Type 1
Hypervisor Type 2
#nf
#nf
#nf
#nf
#nf
IaaS
PaaS
SaaS
DaaS
VDI
#nf
#nf
#nf
#nf
IaC
vSwitch
VPC
NFV
#nf
SDN
Elaboration
Considerations:
● Scalability
● Elasticity
● Multitenancy
● Security implications
● Principle of least
privilege
Types:
● Public
● Private
● Community
● Hybrid
Bare or native metal
App-like VM on the
operating system
Infrastructure as a Service
Platform as a Service
Software as a Service
Desktop as a Service
Virtual desktop
infrastructure
Infrastructure as Code
Virtual switch
Virtual private cloud
Network function
virtualization
Software-defined networking
Data Centers
The prevalence of cloud computing makes learning about data centers a necessity.
Domain
#nf
#nf
#nf
#no
Concept
FCoE
FC
HBA
FHRP
#no
VRRP
#no
HS RP
#no
#no
UPS
HVAC
#no
PDU
Elaboration
Fibre Channel over Ethernet
Fibre Channel
Host bus adaptor
First Hop Redundancy
Protocol
Virtual Router Redundancy
Protocol
Hot Standby Router
Protocol
Uninterruptible power supply
Heating, ventilation, and air
conditioning
Power distribution unit
Integrating Networked Devices
Know the differences between every type of “area network.”
\
Domain
#ni #ns
#nf #ni
#ni
#ni
Concept
IoT
VoIP
ICS
SCADA
#nf #ni
#nf
#ni
LAN
WLAN
VLAN
#nf
#nf
#nf
CAN
WAN
SD-WAN
#nf
#nf
#nf
MAN
PAN
SAN
Elaboration
Internet of Things
Voice over IP
Industrial control systems
Supervisory control and
data acquisition system
Local area network
Wireless local area network
Virtual LAN; split one
broadcast domain into two
Campus area network
Wide area network
Software-defined wide area
network
Metropolitan area network
Personal area network
Storage area network
Network Operations
Network operations cover the actions needed to protect a network and its associated
organization. Two main risks are security and business.
\
Domain
#no #ns
#no #ns
Concept
NDA
MOU
#no #ns #nf
#no #ns
#no #ns
#no #ns
#ns
MSA
SLA
BYOD
SOW
Incident response
#no
#no
#no
#no
#no
#no
#no #nt
#no #nt
#no #nt
RPO
RTO
MTTR
MTTF
MTBF
BCP
AUP
MDM
COBO
#no #nt
COPE
#no #nt
CYOD
Elaboration
Nondisclosure Agreement
Memorandum of
Understanding
Multi-Source Agreement
Service Level Agreement
Bring Your Own Device
Statement of Work
● Forensics
● First responder
● Secure the area
● Document the scene
● Collect evidence
● Chain of custody
● Forensics report
● Legal hold
● Electronic discovery
(e-discovery)
Recovery point objective
Recovery time objective
Mean time to repair
Mean time to failure
Mean time between failures
Business continuity plan
Acceptable use policy
Mobile Device Manager
Corporate-owned, business
only
Corporate-owned,
personally enabled
Choose your own device
Protecting Networks
This is a vital section, especially if you intend to embark on a career in cyber security.
Domain
#ns
Concept
CIA triad
#ns
Honeypot/honeynet
#ns #nt
Rogue DHCP server
#ns
Screened subnet
(demilitarized zone, DMZ)
Elaboration
Confidentiality, integrity,
availability
Individual/connected
devices inviting attacks to
capture information
IP address is outside of the
network ID
Five components:
● External network
● External router
● Perimeter network
● Internal router
● Internal network
#ni #ns #nt
\
Man-in-the-middle
(MITM)/on-path attack
#ns
Spoofing
#ni #ns
DTP
#ns
#ns
ITAD
DNS poisoning
#ns
#ns
URL hijacking/typosquatting
Replay attack
#ns
Downgrade attack
#ns
Session hijacking
#no #ns
Brute-force attack
#no #ns
Dictionary attack
#ni #ns
VLAN hopping
#ns
CVE
#ns
#ns
CNA
Zero-day
#ni #ns
DAI
#ni #ns
#ni #ns
RA
Control plane policing
#ni #nt #ns
Firewall
#ni #nt
#ni
#ni
UTM
ACL
DPI
Intercept a two-party
conversation for one’s
advantage
Tools:
● Ettercap
● Wireshark
● tcpdump
Digital misrepresentation
● MAC
● IP
● VLAN
Cisco Dynamic Trunking
Protocol
IT asset disposal
Exploit known DNS
vulnerabilities
Target URL typos
Intercept data and replay
later
Force a network channel to
switch to an unprotected or
less secure data
transmission standard
Seize control of a user’s
browsing session to gain
access
Trying character
combinations
Using lists of probable
passwords
Attacker can move from one
VLAN to another
Common vulnerabilities and
exposure: publicly disclosed
list of security flaws
CVE Numbering Authority
Flaw discovered by third
party sooner than vendor
Cisco Dynamic ARP
Inspection
Router Advertisement
Use QoS to stop Denial-ofService attacks
Filter for network traffic
- Hardware/software
- Stateful/stateless
- Network-based/hostbased
- Context-/applicationaware
Unified threat management
Access control list
Deep-packet inspection
#ns
\
Virus
#ns
Worm
#ns
Trojan Horse
#ns
Spyware
#ns
Rootkit
#ns
Ransomware
#ns
Adware
#ns
#ns
Remote Access Trojans
(RATs)
Logic bomb
#ns
Crypto-malware
#ns
Physical controls
Run on a computer without
the user’s knowledge.
Examples: Boot Sector,
Macro, Program,
Polymorphic, Stealth, and
Multipartite.
Replicate itself across a
network
Perform useful functions
superficially but runs
malicious programs covertly
Spy on a computer and
record its activities.
Examples: keylogger and
browser-hijacking adware
Gain administrator-level
access to the system core
undetected
Hold a computer hostage
until the user pays
Unwanted software
displaying advertisements
Malware to remotely control
an infected computer
Start a malicious program
upon fulfillment of certain
logical conditions
Mine cryptocurrency that
enriches perpetrators
● Deterrent:
○ Preventative
○ Detective
○ Corrective
● Recovery
● Compensating
controls
Network Monitoring
Monitoring a network helps nip problems in the bud.
Domain
#ns
Concept
SIEM
#nf #no #ns
SNMP
#nf #no #ns
NMS
#no
Event Viewer, Syslog
Elaboration
Security Information and
Event Management
Simple Network
Management Protocol
Network management
system/station
Tools to display logs
Network Troubleshooting
Apply the six technical troubleshooting steps (same as A+) to networking problems.
Domain
#nt
\
Concept
Additional considerations on
the “establish theory” step
Elaboration
- Top-tobottom/bottom-to-top
- OSI model
- Divide and conquer
Technical Troubleshooting Best Practice Methodology (borrowed from our A+ Cheat Sheet)
Conclusion
We hope this quick review Network+ cheat sheet helps your learning or career journey.
Check out our other articles on networking, strictly exam-related test taking tips, and
Network+ accelerated certification training programs, which include supplemental sample
tests and chapter-end test questions. No matter where you go next, we wish you all the best.
\
Download