CompTIA Network+ Certification Guide电子书

Title Page

Copyright and Credits

CompTIA Network+ Certification Guide

About Packt

Why subscribe?

Packt.com

Contributors

About the authors

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Reviews

The OSI Reference Model and the TCP/IP Stack

The OSI reference model

Relationship between the Protocol Data Unit (PDU) and Service Data Unit (SDU)

The seven layers of the OSI model

Application Layer

Presentation Layer

Session Layer

Transport Layer

Network Layer

Data Link Layer

Physical Layer

Communication using the relay system

The TCP/IP protocol suite

The four layers of the TCP/IP protocol suite

Communication using the TCP/IP protocol suite

Summary

Questions

Network Ports, Protocols, and Topologies

Technical requirements

Network port numbers

Network protocols

Protocol types

ICMP

ICMP message types

ICMP Type 0 – Echo Reply

ICMP Type 3 – Destination Unreachable

ICMP Type 5 – Redirect

ICMP Type 8 – Echo Request

ICMP Type 11 – Time Exceeded

TCP

User Datagram Protocol (UDP)

Comparison of TCP and UDP

IP

Protocols and ports

File Transfer Protocol (FTP)

Secure Shell (SSH), Secure Copy (SCP), and Secure FTP (SFTP)

Telnet

Simple Mail Transfer Protocol (SMTP)

Domain Name System (DNS)

Dynamic Host Configuration Protocol (DHCP)

Trivial File Transfer Protocol (TFTP)

Hypertext Transfer Protocol (HTTP)

Post Office Protocol (POP)

Network Time Protocol (NTP)

Internet Message Access Protocol (IMAP)

Simple Network Management Protocol (SNMP)

Lightweight Directory Access Protocol (LDAP)

HTTP Secure (HTTPS)

Server Message Block (SMB)

Remote Desktop Protocol (RDP)

Network topologies

Star

Ring

Bus

Hub and spoke

Mesh

Hybrid

Tree

Types of networks

Introducing Ethernet and its evolution

Summary

Questions

Further reading

Ethernet

What is Ethernet?

The sublayers of Ethernet

The Data Link Layer

The LLC sublayer

The MAC sublayer

Fields in an Ethernet frame

MAC addresses

Transmission types at the Data Link Layer

The CAM table

Summary

Questions

Understanding IPv4 and IPv6

IPv4 concepts

Converting binary into decimal

Converting decimal into binary

The format of an IPv4 packet

Public IPv4 addresses

Private IPv4 addresses

Subnet mask

Determining the Network ID

The laws of ANDing

Special IPv4 addresses

Loopback addresses

Link-local

TestNet

IPv4 transmission types

Subnetting

Step 1 – determining an appropriate class of address and why

Step 2 – creating subnets (subnetworks)

Step 3 – assigning each network an appropriate subnet and calculating the ranges

Step 4 – VLSM and subnetting a subnet

IP version 6 concepts

The format of an IPv6 packet

IPv6 coexistence on a network

IPv6 address representation

Prefix length

Types of IPv6 addresses

IPv6 transmission types

Configuring an IP address on a Windows system

Configuring an IP address on a Linux system

Configuring an IP address on a Cisco IOS router

Summary

Questions

Further reading

Routing and Switching Concepts

Properties of network traffic

Collision domain

Broadcast domain

Contention-based communication

Carrier Sense Multiple Access/Collision Detection (CSMA/CD)

Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)

Maximum Transmission Unit (MTU)

Network segmentation

Virtual Local Area Network (VLAN)

Types of VLANs

Trunks

Port mirroring

Spanning Tree Protocol (STP)

Port roles

Routing protocols

Routing types

Static routing

Dynamic routing

Default route

Distance-vector routing protocols

Routing Information Protocol (RIP)

Enhanced Interior Gateway Routing Protocol (EIGRP)

Link-state routing protocols

Open Shortest Path First (OSPF)

Path vector routing protocol

Border Gateway Protocol (BGP)

Network Address Translation (NAT)

Static NAT

Dynamic NAT

PAT

Summary

Questions

Wireless and Cloud Technologies

Wireless technologies

Z-Wave

ANT+

Bluetooth

IEEE 802.15

Near Field Communication (NFC)

Infrared

Radio-Frequency Identification (RFID)

IEEE 802.16

802.11 wireless standards

802.11a

802.11b

802.11g

802.11n

802.11ac

802.11 comparison table

Frequencies

2.4 GHz

5 GHz

Cellular technologies

GSM

TDMA

CDMA

4G and LTE

Antenna and power requirements

Site surveys

Types of wireless LAN topologies

Wireless router configurations

Cloud computing

Types of cloud services

Software as a Service (SaaS)

Platform as a Service (PaaS)

Infrastructure as a Service (IaaS)

Cloud delivery models

Private

Public

Hybrid

Community

Summary

Questions

Further reading

Network Components

Networking cables and connector types

Copper cables

Unshielded Twisted Pair (UTP) copper cables

Shielded Twisted Pair (STP) copper cables

Coaxial copper cables

Copper cable and termination standards

Fiber cables

Single-mode fiber (SMF) cables

MMF cables

Plenum-rated cables

Connector types

Copper cable connector types

Registered Jack (RJ)-45

RJ-11

Bayonet Neill-Concelman (BNC)

F-type

DB-9 and DB-25

Fiber cable connector types

Little Connector (LC)

Straight Tip (ST)

Subscriber Connector (SC)

Mechanical Transfer Registered Jack (MT-RJ)

Angled Physical Connector (APC) versus Ultra Polished Connector (UPC)

Transceivers

Gigabit Interface Converter (GBIC)

Small Form-Factor Pluggable (SFP), Enhanced Small Form-Factor Pluggable (SFP+), and Quad Small Form-Factor Pluggable (QSFP)

Duplex and bidirectional transceivers

Termination points

66 and 110 blocks

Patch panels

Copper termination standards

TIA/EIA 568A versus TIA/EIA 568B

Crossover versus straight-through

Networking devices and their deployment

Layer 1 devices

Hubs

Modulators/Demodulators (Modems)

Media converters

Wireless Access Points (WAPs) and Wireless Repeaters

Layer 2 devices

Bridges and switches

Layer 3 and higher devices

Routers

Security appliances

Voice over Internet Protocol (VoIP) devices

Servers

Summary

Questions

Further reading

Network Virtualization and WAN Technologies

Virtualization with networking concepts

Hypervisors

Type 1 hypervisor

Type 2 hypervisor

Virtual networking components

Virtual Switch (vSwitch)

Virtual firewall

Virtual routers

Storage technologies

NAS

SAN

Connection type

FC

Fibre Channel over Ethernet (FCoE)

Fibre Channel over IP (FCIP)

Jumbo Frame

WAN technologies

WAN topologies

P2P

Hub and spoke

Full mesh

Dual-homed

WAN service types

Integrated Services Digital Network (ISDN)

Leased lines

T1/T3

E1/E3

Digital Subscriber Line (DSL)

Metropolitan Ethernet

Cable broadband

Dial-up

MPLS

ATM

Frame Relay

Point-to-Point Protocol (PPP)

Point-to-Point Protocol over Ethernet (PPPoE)

Dynamic Multipoint VPN (DMVPN)

Transmission mediums

Satellite

Wireless

Copper cable

Fiber optic

WAN termination

Summary

Questions

Further reading

Business Continuity and Disaster Recovery Concepts

The role of documentation and diagrams

General documentation and diagramming concepts

Physical infrastructure documentation

Operational documentation

Business continuity and disaster recovery

Designing high-availability networks

Redundancy in power delivery

Recovery processes

Availability metrics

Common operational processes

Scanning and patching processes

Continuous monitoring

Summary

Questions

Further reading

Network Identity Management and Policies

Remote access methodologies

VPN

IPsec

Confidentiality

Encryption

Symmetric algorithm

Asymmetric algorithm

Integrity

Authentication

Anti-replay

Diffie-Hellman

IPsec protocols

Authentication Header (AH)

Encapsulation Security Payload (ESP)

SSL

Transport Layer Security (TLS)

VPN topologies

Site-to-site VPN

Remote access VPN

Remote Desktop Protocol (RDP)

Secure Shell (SSH)

Telnet

HTTPS

Identity policies and best practices

AUP

BYOD policy

Internet access policy

Password policy

Remote access policy

User account policy

Wireless network policy

Summary

Questions

Network Security Concepts

Wireless security

Wireless encryption standards

Wired Equivalent Privacy (WEP)

Wi-Fi Protected Access (WPA)

Wi-Fi Protected Access 2 (WPA2)

Authentication and security on a wireless network

Extensible Authentication Protocol (EAP)

EAP Flexible Authentication via Secure Tunneling (EAP-FAST)

EAP Transport Layer Security (EAP-TLS)

EAP Tunneled Transport Layer Security (EAP-TTLS)

Protected Extensible Authentication Protocol (PEAP)

MAC filtering

Geofencing

Network attacks and threats

Denial-of-Service (DoS)

Reflective

Amplified

Distributed

Social engineering

Insider threat

Logic bomb

Rogue Access Point (AP)

Evil twin

War-driving

Ransomware

DNS poisoning

ARP poisoning

Deauthentication

Brute force

Virtual Local Area Network (VLAN) hopping

Exploits versus vulnerabilities

Securing networking devices

Changing default credentials

Microsoft Windows

Linux

Other devices

Avoiding common passwords

Device hardening

Disabling unnecessary services

Disabling services in Windows

Linux

Cisco

Network scanning

Disabling physical ports

Mitigation techniques

Network segmentation – Demilitarized Zone (DMZ)

Network segmentation – VLANs

Changing the native VLAN

Spanning Tree Protocol (STP) threat mitigation techniques

Bridge Protocol Data Unit (BPDU) guard

Root guard

DHCP snooping

Honeypot and honeynet

Penetration testing

Summary

Questions

Further reading

TCP/IP Security

Vulnerabilities at the Application Layer

Cross Site Scripting (XSS)

SQL injection (SQLi)

Lightweight Directory Access Protocol (LDAP) injection

Cross-Site Request Forgery (CSRF)

Session hijacking

Cookie poisoning

DNS

Distributed Denial-of-Service (DDoS)

Registrar hijacking

Cache poisoning

Typosquatting

Vulnerabilities at the Transport Layer

Fingerprinting

Enumeration

DNS enumeration

DNS zone transfer

Microsoft RPC Endpoint Mapper

SMTP

SYN flooding

TCP reassembly and sequencing

Vulnerabilities at the Internet Layer

Route spoofing

IP address spoofing

Internet Control Message Protocol (ICMP)

DoS vulnerability in ICMP

Smurf attack

Teardrop attack

Ping of Death (PoD)

Vulnerabilities at the Network Access/Link Layer

Data Link Layer

Address Resolution Protocol (ARP) poisoning

Sniffing

Broadcast storms

VLAN hopping

Physical Layer

Wiretapping

Other physical issues

Securing TCP/IP using a DiD approach

Mitigating security threats

Implement a next-generation firewall

Implement an IPS

Implement Web Security Appliance (WSA)

Implementing Email Security Appliance

Implement layer 2 security on switches

Implement Virtual Private Networks (VPNs)

Other important security checks

Summary

Questions

Organizational Security

Physical security

Video surveillance

Asset-tracking tags

Tamper detection

Prevention techniques

Badges

Biometrics

Security tokens

Locks

Authentication concepts

Remote Authentication Dial-In User Service (RADIUS)

Terminal Access Controller Access Control System (TACACS)

Kerberos

Multi-Factor Authentication (MFA)

Summary

Questions

Troubleshooting a Network

Proper network troubleshooting methodology

Utilizing appropriate troubleshooting tools

Hardware-based troubleshooting tools

Software-based troubleshooting tools

Common issues on wired networks

Common issues on wireless networks

Common network service issues

Summary

Questions

Further reading

Assessment

Chapter 1: The OSI Reference Model and the TCP/IP Stack

Chapter 2: Network Ports, Protocols, and Topologies

Chapter 3: Ethernet

Chapter 4: Understanding IPv4 and IPv6

Chapter 5: Routing and Switching Concepts

Chapter 6: Wireless and Cloud Technologies

Chapter 7: Network Components

Chapter 8: Network Virtualization and WAN Technologies

Chapter 9: Business Continuity and Disaster Recovery Concepts

Chapter 10: Network Identity Management and Policies

Chapter 11: Network Security Concepts

Chapter 12: TCP/IP Security

Chapter 13: Organizational Security

Chapter 14: Troubleshooting a Network

Other Books You May Enjoy

Leave a review - let other readers know what you think