CompTIA Network+ N10-009 Study Guide

PART 01

Networking Fundamentals

Domain 1 · 24%

Network Types

Type	Full Name	Scope
PAN	Personal Area Network	Bluetooth range (~10m). Single user's devices.
BAN	Body Area Network	Wearable devices on a person. Subset of PAN.
LAN	Local Area Network	Single building or floor. Ethernet switches.
CAN	Campus Area Network	Multiple buildings on one campus. Connects LANs.
MAN	Metropolitan Area Network	City-wide. ISP infrastructure.
WAN	Wide Area Network	Geographically dispersed. Connects LANs across cities/countries. The Internet is a WAN.
SAN	Storage Area Network	Dedicated high-speed storage network. Fibre Channel or iSCSI. Block-level access.
WLAN	Wireless LAN	Wireless version of a LAN. 802.11 standard.

Network Architecture

Peer-to-PeerDevices connect directly to each other. Each manages its own security and resources. Simple but does not scale. Good for home or small office. Client/ServerClients request resources from centralized servers. Centralized management, scales well. The Internet is a massive client/server network.

The OSI Model — 7 Layers

The OSI model is the most tested concept on the Network+ exam. Know every layer, its PDU, and which devices/protocols operate at it.

#	Layer	PDU	What It Does	Key Protocols / Devices
7	Application	Data	User-facing protocols. Interface between software and network.	HTTP, HTTPS, FTP, SMTP, DNS, DHCP, SNMP
6	Presentation	Data	Data formatting, encryption, compression. Translates between app and network formats.	SSL/TLS, JPEG, ASCII, EBCDIC, MPEG
5	Session	Data	Opens, manages, and closes communication sessions between applications.	NetBIOS, SQL sessions, RPC
4	Transport	Segment (TCP) / Datagram (UDP)	End-to-end delivery, port numbers, flow control, error recovery.	TCP, UDP
3	Network	Packet	Logical addressing (IP), routing between networks.	IP, ICMP, OSPF, RIP, Routers
2	Data Link	Frame	Physical addressing (MAC), switching, error detection at the frame level.	Ethernet, 802.11, Switches, ARP, MAC
1	Physical	Bits	Raw electrical/optical/radio signals. Cables, connectors, signal transmission.	Hubs, Cables, NICs, Fiber, RJ-45

Mnemonic bottom-to-top: Please Do Not Throw Sausage Pizza Away (Physical, Data Link, Network, Transport, Session, Presentation, Application). Encapsulation goes DOWN the stack (sender). De-encapsulation goes UP (receiver). Each layer adds its own header.

TCP vs UDP

Feature	TCP	UDP
Connection	Connection-oriented (3-way handshake)	Connectionless — just sends
Reliability	Guaranteed delivery, sequenced, acknowledged	Best-effort, no guarantee or ordering
Speed	Slower (reliability overhead)	Faster (no overhead)
Flow Control	Windowing	None
Use Cases	HTTP/S, FTP, SSH, SMTP, RDP — accuracy matters	DNS queries, VoIP, streaming, DHCP — speed over accuracy

TCP 3-Way Handshake: SYN → SYN-ACK → ACK. Client sends SYN, server replies SYN-ACK, client completes with ACK. Session is then established. TCP uses sequence numbers to reassemble out-of-order segments.

Communication Types & Contention Methods

Duplex Modes

SimplexOne direction only. TV broadcast, fire alarm. No response channel. Half DuplexOne direction at a time. Walkie-talkie. Hubs, WLANs. Both can transmit but not simultaneously — must take turns. Full DuplexBoth directions simultaneously. Switches, wired Ethernet. No collisions — dedicated transmit and receive pairs.

Contention Methods

CSMA/CDCarrier Sense Multiple Access / Collision Detection. Wired Ethernet. Detects collision after it happens, then backs off and retries after random delay. CSMA/CACarrier Sense Multiple Access / Collision Avoidance. Wireless (802.11). Announces intent before transmitting to avoid collisions.

Broadcast & Collision Domains

Broadcast DomainAll devices that receive a broadcast frame. Only routers separate broadcast domains. Each VLAN is its own broadcast domain. Collision DomainNetwork segment where collisions can occur. Switches create one collision domain per port (each port = separate domain). Hubs create ONE shared collision domain for all ports.

Hub = one collision domain, one broadcast domain. Switch = many collision domains (one per port), one broadcast domain. Router = many collision domains, many broadcast domains. VLAN = separate broadcast domain without a physical router.

PART 02

Cabling & Connectors

Domain 2

Twisted Pair Copper

UTPUnshielded Twisted Pair. Most common. 4 pairs, no shielding. Inexpensive. Susceptible to EMI. STPShielded Twisted Pair. Foil or braid around pairs. Reduces EMI. More expensive. Used near interference sources. Must be properly grounded. F/UTPFoiled UTP. Overall foil shield, unshielded pairs. S/FTPShielded Foiled Twisted Pair. Both overall shield AND foiled individual pairs. Best EMI protection.

Cable Categories

Category	Max Speed	Max Distance	Notes
Cat 5	100 Mbps	100m	Legacy. 100BASE-TX. Not recommended for new installs.
Cat 5e	1 Gbps	100m	Most common existing infrastructure. 1000BASE-T.
Cat 6	1 Gbps / 10 Gbps	100m / 55m	10G only at 55m. Internal spline separator. 10GBASE-T.
Cat 6a	10 Gbps	100m	Augmented. Full 10G at full distance. Thicker cable.

Wiring Standards

T568B (US Standard)Pin 1: O/W · Pin 2: Orange · Pin 3: G/W · Pin 4: Blue · Pin 5: B/W · Pin 6: Green · Pin 7: Br/W · Pin 8: Brown. Most common in US commercial installs. T568AGreen and orange pairs are swapped vs T568B. Used by US government and older installs. Pin 1: G/W · Pin 2: Green · Pin 3: O/W · Pin 4: Blue · Pin 5: B/W · Pin 6: Orange. Straight-ThroughSame standard both ends (T568B–T568B). Connects different device types: PC to switch, switch to router. CrossoverT568A one end, T568B other. Connects like devices: PC to PC, switch to switch. Auto-MDIX on modern switches makes this largely unnecessary. Rollover / ConsolePin 1↔8, 2↔7, etc. (reversed). RJ-45 to DB9/USB adapter. Used for CLI access to Cisco device console ports.

Ethernet Standards Reference

Standard	Speed	Medium	Max Distance
100Base-TX	100 Mbps	Cat 5 UTP	100m
100Base-FX	100 Mbps	MMF	412m
1000Base-T	1 Gbps	Cat 5e UTP	100m
1000Base-SX	1 Gbps	MMF	220–550m
1000Base-LX	1 Gbps	SMF	3–10 km
10GBase-T	10 Gbps	Cat 6a UTP	100m
10GBase-SR	10 Gbps	MMF	2–300m
10GBase-LR	10 Gbps	SMF	2m–10 km
10GBase-ER	10 Gbps	SMF	2m–40 km

Naming convention: Speed + Base + Medium. SR = Short Range (MMF). LR = Long Range (SMF). ER = Extended Range (SMF). T = Twisted pair copper. SX = Short wavelength (MMF). LX = Long wavelength (SMF).

Fiber Optic Cable

Type	Core	Jacket	Distance	Source
Single-Mode (SMF)	9 µm	Yellow	Up to 10+ km	Laser. One light path. Long-haul WAN and campus.
Multi-Mode (MMF)	50 or 62.5 µm	Orange / Aqua	Up to 550m	LED or VCSEL. Multiple light paths. Data center and intra-building.

Fiber Connectors

LC (Lucent)Small form-factor. RJ-45-style latch. Most common in data centers. Used with SFP transceivers. Often duplex pairs. SC (Subscriber)Square push-pull. Larger than LC. Common in older enterprise and telecom installs. ST (Straight Tip)Round bayonet twist-lock. Older standard. Common in legacy patch panels. MTRJRJ-45-sized. Connects two multimode fibers in one connector. Snap-to-lock. Less common.

Fiber Polish Types

PC (Physical Contact)~−40 dB back reflection. Most applications. Standard polish. UPC (Ultra Physical Contact)~−55 dB. Better than PC. Digital CATV and telephony. Blue connector body typically. APC (Angled Physical Contact)~−70 dB. 8-degree angled polish. Best performance. CATV and analog applications. Green connector body. Cannot mate with UPC.

Transceivers

SFPSmall Form-factor Pluggable. 1 Gbps. Hot-swappable. Converts electrical to optical signal. SFP+Enhanced SFP. 10 Gbps. Most common in modern enterprise switches and servers. QSFP / QSFP+Quad SFP. Four channels. 40 Gbps (QSFP+). Used in spine-layer switches and high-speed interconnects. QSFP28100 Gbps. Current high-speed data center standard.

Cable Issues & Properties

AttenuationSignal loss over distance. Every cable type has a max rated distance for a reason. Crosstalk (NEXT / FEXT)Interference between adjacent wire pairs. Near-End Crosstalk (NEXT) at source end. Far-End Crosstalk (FEXT) at destination. Caused by bad cable or sharp bends. EMIElectromagnetic Interference from external sources (motors, lighting, HVAC). Mitigate with STP or rerouting. OpenBroken wire — no continuity. Shows as failed pin on cable tester. ShortTwo conductors touching that shouldn't be. Bad crimp or damaged cable jacket. Plenum-ratedFire-resistant jacket for use in air ducts and ceiling plenum spaces. Required by building codes where cable runs through air-handling spaces.

PART 03

Networking Devices

Domain 1 / 2

Devices by OSI Layer

Device	OSI Layer	Function
Hub	Layer 1	Dumb repeater. Sends signal to ALL ports. One shared collision domain. Obsolete.
Switch	Layer 2	Forwards frames using MAC address table. One collision domain per port. Learns MACs dynamically.
Multilayer Switch	Layer 2–3	Switches AND routes. Layer 3 switching = inter-VLAN routing without a separate router.
Router	Layer 3	Routes packets between networks using IP addresses. Separates broadcast domains.
Firewall	Layer 3–4 (NGFW = 7)	Filters traffic by rules. NGFW does deep packet inspection at Layer 7.
WAP	Layer 1–2	Wireless Access Point. Bridges wireless clients to wired network. NOT a router.
Load Balancer	Layer 4–7	Distributes traffic across multiple servers. Prevents overload. Provides redundancy.
Proxy Server	Layer 7	Intermediary for client requests. Caching, filtering, logging. Forward or reverse.
IDS	Layer 3–7	Intrusion Detection System. Monitors and alerts — does NOT block. Passive / out-of-band.
IPS	Layer 3–7	Intrusion Prevention System. Monitors AND blocks inline. Must be in traffic path.
VPN Concentrator	Layer 3	Terminates VPN tunnels. Handles encryption/decryption for many VPN sessions.
Media Converter	Layer 1	Converts between media types — fiber to copper Ethernet. Extends distance.

DNS — Domain Name System

FunctionResolves domain names to IP addresses. Port 53 (UDP for queries, TCP for zone transfers). FQDNFully Qualified Domain Name. Complete address including hostname, domain, and TLD. Example: mail.google.com A RecordMaps hostname → IPv4 address. AAAA RecordMaps hostname → IPv6 address. CNAMEAlias — points one hostname to another hostname. MX RecordMail Exchange. Specifies mail server for domain. Lower priority number = higher priority. PTR RecordReverse lookup — maps IP address back to hostname. Used by spam filters and logging. TXT RecordText data. SPF (spam prevention), DKIM (email signing), DMARC, domain verification. DNSSECAdds cryptographic signatures to DNS records to verify authenticity. Prevents DNS poisoning. DoHDNS over HTTPS. Encrypts DNS queries inside HTTPS traffic. Port 443. DoTDNS over TLS. Encrypts DNS queries using TLS. Port 853.

DHCP — Dynamic Host Configuration Protocol

DORA ProcessDiscover → Offer → Request → Acknowledge. Client broadcasts discover, server offers, client requests, server confirms. AssignsIP address, subnet mask, default gateway, DNS servers, domain name, lease duration. Ports67 (server receives) / 68 (client receives). UDP only. DHCP RelayRouter or Layer 3 switch forwards DHCP broadcasts to a server on a different subnet. Allows one DHCP server to serve multiple VLANs. DHCP ReservationAssigns the same IP every time based on MAC address. Combines static-IP predictability with DHCP management. IPAMIP Address Management. Software to centrally manage both DNS and DHCP. Tracks which IPs are assigned and available.

PART 04

IP Addressing

Domain 1

IPv4 Address Classes

Class	First Octet Range	Default Mask	Purpose
A	1 – 126	/8 (255.0.0.0)	Large networks. 16 million hosts per network.
B	128 – 191	/16 (255.255.0.0)	Medium networks. 65,534 hosts per network.
C	192 – 223	/24 (255.255.255.0)	Small networks. 254 hosts per network.
D	224 – 239	—	Multicast. Not assignable to hosts.
E	240 – 255	—	Experimental. Reserved.

127.x.x.x = loopback (127.0.0.1). 169.254.x.x = APIPA (DHCP failure). These are special ranges — they are NOT regular host addresses and will appear in troubleshooting scenario questions.

Special Address Ranges

Private (RFC 1918)10.0.0.0/8 · 172.16.0.0–172.31.255.255/12 · 192.168.0.0/16. Not routable on Internet. NAT at router converts to public IP. Loopback127.0.0.1. Always = local device. Tests TCP/IP stack. Pinging loopback does NOT test the physical cable or NIC hardware. APIPA169.254.0.0/16. Auto-assigned when DHCP fails. Can only communicate with other APIPA hosts on same segment. Symptom: DHCP is unreachable. Broadcast255.255.255.255 = limited broadcast (stays on local subnet). x.x.x.255 = directed broadcast (sent to all hosts on a specific subnet).

IPv4 Message Types

UnicastOne-to-one. Sent from one host to one specific destination host. BroadcastOne-to-all. Sent to all hosts on a subnet. Routers do not forward broadcasts. Only IPv4. MulticastOne-to-many-specific. Sent to a defined group (D class: 224–239). Used by OSPF, video streaming. Both IPv4 and IPv6. AnycastOne-to-nearest-of-many. Sent to the nearest member of a group of potential receivers. Used in IPv6 and CDN routing.

NAT — Network Address Translation

Type	Mapping	Use Case
Static NAT (SNAT)	One private IP ↔ One public IP	Public-facing servers with consistent external address.
Dynamic NAT (DNAT)	Many private IPs → Pool of public IPs	Organizations with multiple public IPs to distribute.
PAT (Port Address Translation)	Many private IPs → One public IP (different ports)	Most common. Home routers. Also called NAT overload.

IPv6

Format128-bit. Eight groups of 4 hex digits separated by colons: 2001:0db8:85a3:0000:0000:8a2e:0370:7334 Shortening Rule 1Omit leading zeros in each group: 0001 → 1, 00ab → ab. Shortening Rule 2Replace ONE consecutive group of all-zero hextets with ::. Can only use :: once per address. Loopback::1 (equivalent of 127.0.0.1) Link-LocalFE80::/10. Auto-configured on every IPv6 interface. Not routable beyond local segment. Neighbor Discovery Protocol (NDP) uses this. Global Unicast (GUA)2000::/3. Publicly routable. Assigned by ISP. Equivalent of a public IPv4 address. No BroadcastIPv6 uses multicast instead of broadcast. FF00::/8 = multicast range. NDP replaces ARP. SLAACStateless Address Autoconfiguration. Devices configure their own IPv6 address from Router Advertisement messages — no DHCP required.

PART 05

Subnetting

Domain 1 — High Priority

Why Subnet?

Reduce broadcast traffic — smaller broadcast domains = better performance
Improve security — isolate segments from each other
Efficient use of IP address space
Simplify management and documentation

Core Concepts

Network AddressThe first address in any subnet. All host bits = 0. NOT assignable to a host. Example: 192.168.1.0 in a /24. Broadcast AddressThe last address in any subnet. All host bits = 1. NOT assignable to a host. Example: 192.168.1.255 in a /24. Usable HostsTotal addresses − 2 (network + broadcast). Formula: 2ʰ − 2, where h = number of host bits. Subnet Bits (n)Bits borrowed from host portion to create subnets. More bits borrowed = more subnets, fewer hosts per subnet. Magic Number256 minus the last non-zero octet of the subnet mask. Gives you the subnet increment (block size). Example: /26 = 255.255.255.192 → 256 − 192 = 64.

Always subtract 2 from total addresses to get usable hosts. The network address (all zeros) and broadcast address (all ones) are never assigned to hosts. This applies to every subnet regardless of size.

How an IP Address Breaks Down

A /24 address like 192.168.10.50 breaks into three parts:

192

Network

.

168

Network

.

10

Network

.

50

Host

/24 → first 24 bits are network

A /26 splits the last octet between network and host bits:

192

Network

.

168

Network

.

10

Network

.

50

Net+Host

/26 → 2 bits of last octet are network, 6 bits are host

Complete Subnetting Reference Chart

This table covers all commonly tested CIDR values. For any subnet on the exam: identify the CIDR → look up the mask and usable hosts. The magic number gives you where each subnet starts.

/8

255.0.0.0

16,777,216

16,777,214

—

24

0

/16

255.255.0.0

65,536

65,534

—

16

8

/17

255.255.128.0

32,768

32,766

128

15

9

/18

255.255.192.0

16,384

16,382

64

14

10

/19

255.255.224.0

8,192

8,190

32

13

11

/20

255.255.240.0

4,096

4,094

16

12

/21

255.255.248.0

2,048

2,046

8

11

13

/22

255.255.252.0

1,024

1,022

4

10

14

/23

255.255.254.0

512

510

2

9

15

/24

255.255.255.0

256

254

1

8

16

/25

255.255.255.128

128

126

128

7

17

/26

255.255.255.192

64

62

64

6

18

/27

255.255.255.224

32

30

32

5

19

/28

255.255.255.240

16

14

16

4

20

/29

255.255.255.248

8

6

8

3

21

/30

255.255.255.252

4

2

4

2

22

/31

255.255.255.254

2

0 (P-t-P link)

2

1

23

/32

255.255.255.255

1

1 (host route)

1

0

24

Gold = CIDR · Green = Usable Hosts · /30 = point-to-point links · /31 = RFC 3021 point-to-point (no net/broadcast) · /32 = specific host route

Magic Number Method — Worked Examples

The Magic Number is the fastest way to solve subnetting questions on the exam. It gives you the increment between each subnet's start address.

Step-by-Step Process

Find the subnet mask from the CIDR notation using the chart above.

Find the interesting octet — the octet where the mask is neither 0 nor 255.

Calculate the magic number: 256 minus the interesting octet value.

List subnets by counting up in multiples of the magic number in the interesting octet.

For each subnet: network address = start of block. Broadcast = one before next subnet. Usable = everything in between.

Example 1 — /26 on 192.168.10.0

Mask255.255.255.192. Interesting octet = 4th (192). Magic Number256 − 192 = 64. Subnets increment by 64. Subnet 1Network: 192.168.10.0 · Broadcast: 192.168.10.63 · Usable: .1 – .62 (62 hosts) Subnet 2Network: 192.168.10.64 · Broadcast: 192.168.10.127 · Usable: .65 – .126 (62 hosts) Subnet 3Network: 192.168.10.128 · Broadcast: 192.168.10.191 · Usable: .129 – .190 (62 hosts) Subnet 4Network: 192.168.10.192 · Broadcast: 192.168.10.255 · Usable: .193 – .254 (62 hosts)

Example 2 — /27 on 10.0.0.0

Mask255.255.255.224. Interesting octet = 4th (224). Magic Number256 − 224 = 32. Subnets increment by 32. SubnetsStart at: .0, .32, .64, .96, .128, .160, .192, .224 (8 subnets). Each has 30 usable hosts. Example host checkIs 10.0.0.45 in the same subnet as 10.0.0.33? Both fall in the .32 block (32–63). Yes — same subnet.

Quick Binary Reference

Decimal	Binary	CIDR Position
128	10000000	/25 (1 subnet bit borrowed)
192	11000000	/26 (2 subnet bits borrowed)
224	11100000	/27 (3 subnet bits borrowed)
240	11110000	/28 (4 subnet bits borrowed)
248	11111000	/29 (5 subnet bits borrowed)
252	11111100	/30 (6 subnet bits borrowed)
254	11111110	/31 (7 subnet bits borrowed)
255	11111111	/32 (8 subnet bits borrowed)

Subnet mask patterns: each octet can only be one of these 9 values: 0, 128, 192, 224, 240, 248, 252, 254, 255. Any other value in a subnet mask is invalid. Know the binary for each — the exam may give you binary and ask for the CIDR or host count.

PART 06

Routing

Domain 2

Routing Basics

Static RoutesManually configured by admin. Does not adapt to topology changes. Good for small networks or specific paths. More secure (no routing protocol to exploit). Dynamic RoutesLearned automatically via routing protocols. Adapts to network changes. Uses CPU and memory. Required for large or complex networks. Default Route0.0.0.0/0. "Gateway of last resort." Used when no more specific route exists. Points to the next hop toward the Internet. Longest Prefix MatchRouter always uses the most specific route. A /28 match wins over a /24 match for the same destination. Specificity wins over everything else.

Routing Protocols

Protocol	Type	Metric	Max Hops	AD	Notes
RIP	Distance vector	Hop count	15	120	Simple, slow convergence. 16 hops = unreachable. Legacy.
OSPF	Link state	Cost (bandwidth)	None	110	Open standard. Enterprise choice. Fast convergence. Uses Dijkstra algorithm.
EIGRP	Hybrid (distance vector + link state)	Bandwidth + delay	255	90	Cisco proprietary. Very fast convergence. DUAL algorithm.
BGP	Path vector	AS path attributes	—	20 (eBGP)	Routes between Autonomous Systems. The Internet's routing protocol. ISPs use BGP.

Administrative Distance: lower = more trusted. Directly connected = 0. Static = 1. EIGRP = 90. OSPF = 110. RIP = 120. If router learns same route via OSPF and RIP, it uses OSPF (lower AD). AD only matters when routes compete — it does not affect path selection within one protocol.

Routing Table Codes

CDirectly connected network LLocal interface address SStatic route (manually configured) OOSPF-learned route DEIGRP-learned route RRIP-learned route S*Default route (gateway of last resort = 0.0.0.0/0)

PART 07

Switching & VLANs

Domain 2

Three Switch Functions at Layer 2

Address Learning — switch reads source MAC address from each incoming frame and stores it in the MAC address table (CAM table) with the port it arrived on.

Forward / Filter — if destination MAC is in the table, send the frame only to that port. If unknown, flood to all ports except the source (unknown unicast flood).

Loop Avoidance — STP detects and logically blocks redundant paths to prevent switching loops and broadcast storms.

VLANs

VLANVirtual LAN. Logically segments a physical switch into separate broadcast domains. Devices in different VLANs cannot communicate without a router or Layer 3 switch. Access PortSwitch port assigned to one VLAN. Connects end devices (PCs, phones, printers). Frames are untagged — device doesn't know about VLANs. Trunk PortCarries multiple VLANs between switches using 802.1Q tagging. Each frame is tagged with a VLAN ID. Connects switch-to-switch or switch-to-router. 802.1Q TaggingStandard for VLAN tagging on trunk ports. Adds a 4-byte tag to Ethernet frame containing VLAN ID (12-bit = up to 4,094 VLANs). Native VLANThe VLAN whose traffic is sent untagged on a trunk port. Default is VLAN 1 — should be changed for security (double-tagging VLAN hopping attack targets native VLAN). Inter-VLAN RoutingVLANs communicate via a router (router-on-a-stick using sub-interfaces) or a Layer 3 switch (SVI — Switched Virtual Interface). Voice VLANSeparate VLAN for IP phone traffic. QoS applied to prioritize voice. Access port can carry both data and voice VLAN simultaneously.

Spanning Tree Protocol (STP) — IEEE 802.1D

PurposePrevents switching loops by logically blocking redundant paths. Without STP, broadcast storms occur — frames loop endlessly and crash the network. Root BridgeThe switch elected as the reference point for the STP topology. Switch with lowest Bridge ID (priority + MAC address) wins. All paths are calculated relative to the root bridge. Port States (STP)Blocking → Listening → Learning → Forwarding → Disabled. Convergence takes ~30–50 seconds — slow for modern networks. RSTP (802.1w)Rapid STP. Faster convergence (seconds, not 30–50s). Port states: Discarding → Learning → Forwarding. Backward compatible with STP. Broadcast StormWhat happens without STP. Broadcast frames loop endlessly between switches, consuming all bandwidth and crashing devices. Can take down an entire network in seconds.

STP port stuck in Blocking = intentional (preventing loop). Port in Listening = STP is running but not yet forwarding. If a port stays in Listening for too long = STP issue. An amber port LED on a Cisco switch = STP blocking state.

PART 08

Wireless Networking

Domain 2

802.11 Standards

Standard	Wi-Fi Name	Frequency	Max Speed	Notes
802.11a	—	5 GHz	54 Mbps	First 5 GHz standard. Limited range.
802.11b	—	2.4 GHz	11 Mbps	Long range, heavy interference.
802.11g	—	2.4 GHz	54 Mbps	Backward compatible with 802.11b.
802.11n	Wi-Fi 4	2.4 / 5 GHz	600 Mbps	MIMO. First dual-band standard.
802.11ac	Wi-Fi 5	5 GHz only	1.3+ Gbps	MU-MIMO. Beamforming. Wider channels.
802.11ax	Wi-Fi 6 / 6E	2.4 / 5 / 6 GHz	9.6 Gbps	OFDMA. Better in high-density environments. 6E adds 6 GHz band.

2.4 GHz: 3 non-overlapping channels (1, 6, 11). Better range, more interference, slower. 5 GHz: more channels, faster, shorter range. 6 GHz (Wi-Fi 6E only): newest, least congestion, shortest range. Use 5 GHz for performance, 2.4 GHz for range.

Wireless Security Protocols

Protocol	Encryption	Status
WEP	RC4 (40/128-bit key)	Broken. Never use. Crackable in minutes.
WPA	TKIP (RC4-based)	Legacy. Being phased out. Weak.
WPA2	AES-CCMP	Current standard. Strong but vulnerable to PMKID and KRACK attacks.
WPA3	GCMP-256 / SAE	Newest. Strongest. SAE (Simultaneous Authentication of Equals) replaces PSK. Forward secrecy.

Wireless Modes & Components

Ad-Hoc (IBSS)Devices communicate directly with each other. No access point. Independent Basic Service Set. Used for temporary connections. Infrastructure (BSS)All traffic goes through an access point. Basic Service Set. Standard mode for all enterprise and home wireless. ESS (Extended Service Set)Multiple APs with same SSID. Enables seamless roaming. APs must overlap by at least 10–15% for uninterrupted roaming. Thick APStandalone. Has its own full OS and configuration. Managed independently. Good for small deployments. Thin APController-based. Lightweight — controller handles most intelligence and configuration. Required for large enterprise deployments. Centralized management. Captive PortalWeb page presented on first connection requiring authentication or agreement. Used at airports, hotels, coffee shops. Omnidirectional AntennaRadiates signal in all directions equally. Used for general coverage areas. Most WAPs use this. Directional / Yagi AntennaFocused beam in one direction. Used for long-distance point-to-point links or to cover a specific area.

IoT & Short-Range Technologies

Z-WaveMesh network for home automation. ~900 MHz. Designed for smart home devices (locks, lights, thermostats). ZigbeeMesh network, 2.4 GHz. Low power. Used in smart home and industrial IoT. ANT+Sensor data monitoring. Fitness trackers, heart rate monitors, bike computers. Very low power. Bluetooth~10m range. Personal device pairing. Attacks: Bluejacking (unsolicited messages), Bluesnarfing (unauthorized data access). NFCNear Field Communication. ~4cm range. Contactless payments, device pairing, transit cards. RFIDRadio Frequency Identification. Asset tracking, access cards, inventory management. Passive (no battery) or active (battery-powered, longer range). IR (Infrared)Line-of-sight, short range. Universal remote control. Some phones include IR blaster.

PART 09

Remote Access & VPNs

Domain 2

VPN Types

Site-to-Site VPNPermanent encrypted tunnel between two office networks. Configured on routers/firewalls. Transparent to end users — no client software needed on user devices. Client-to-Site VPNRemote user connects to corporate network using VPN client software. Appears as if on local network. Most common for remote workers. Clientless VPNUses SSL/TLS in a standard web browser — no client installation needed. Access to specific resources only (not full network access). Common for contractor/partner access. Full TunnelALL traffic (including personal internet browsing) goes through VPN. More secure — corporate can inspect all traffic. Slower for user. Split TunnelOnly corporate-bound traffic goes through VPN. Internet traffic goes direct. Better performance but corporate loses visibility of internet traffic.

VPN Protocols

IPsecMost common enterprise VPN protocol. Two components: AH (authentication + integrity, no encryption) and ESP (authentication + integrity + encryption). IKE handles key exchange. SSL/TLS VPNUses TLS for encryption. Port 443. Works through firewalls easily. Used by clientless VPNs and SSL VPN clients. PPTPPoint-to-Point Tunneling Protocol. Legacy. Port 1723. Considered insecure — vulnerable to multiple attacks. Do not use. L2TPLayer 2 Tunneling Protocol. No encryption on its own — always paired with IPsec (L2TP/IPsec). Port 1701. OpenVPNOpen source. Uses TLS. Highly configurable. Crosses firewalls easily. Common in commercial VPN services.

Remote Access Protocols

RDP (Port 3389)Microsoft Remote Desktop. Full GUI remote access. Supports drive, printer, clipboard redirection. Encrypt with TLS. Should not be exposed directly to internet. RDP GatewayProvides secure RDP access over HTTPS (port 443) without a VPN. Authenticates and proxies RDP connections. VNCVirtual Network Computing. Open-source remote desktop. Uses RFB (Remote Framebuffer) protocol. Cross-platform alternative to RDP. SSH (Port 22)Secure Shell. Encrypted CLI remote access. Replaced Telnet. Used to manage Linux servers, routers, switches. Supports tunneling and SFTP. Telnet (Port 23)Cleartext — all data visible on the wire. Completely replaced by SSH. Never use on production networks.

PART 10

Network Operations

Domain 3 · 16%

Performance Monitoring Thresholds

Device / Chassis

CPU >85%Processor overloaded. Check for runaway processes, routing protocol issues, or DoS attack. CPU Interrupts >15%Excessive hardware interrupt handling. Check NIC, disk I/O issues. TemperatureOverheating causes random reboots. Dust is the most common cause. Check fans and airflow.

Memory

Committed bytes >80%Memory pressure. Add RAM or reduce running processes. Available MB <5%Critically low memory. System will begin paging aggressively. Pages/second >1,000Excessive paging (thrashing). System desperately needs more physical RAM.

Network Interface

NIC utilization >70%Interface saturated. Upgrade bandwidth or implement QoS to prioritize traffic. Output queue length >2NIC not keeping up with traffic. Frames being queued — introduces latency. Latency (RTT)Round Trip Time. Consistent delay in ms. High latency = routing issue, congestion, or physical distance. JitterVariance in delay. Devastating for VoIP and real-time video. Mitigate with QoS.

Interface Statistics to Monitor

Link StateUp or down. Most fundamental check — is the interface physically connected? Speed / DuplexMust match on both ends. Mismatch causes slow speeds, high error rates, and half-duplex collisions on a "full-duplex" link. CRC ErrorsData corruption. Almost always a bad or incorrect cable. Replace the cable first. GiantsFrames larger than 1518 bytes. May indicate MTU mismatch or misconfiguration. RuntsFrames smaller than 64 bytes. Often caused by collisions — indicates a duplex mismatch.

Documentation Types

Physical DiagramShows physical layout: cable runs, rack locations, device physical positions. Used for installation and physical troubleshooting. Logical DiagramShows IP addresses, VLANs, subnets, logical connections. Used for configuration and logical troubleshooting. BaselineNormal performance metrics documented when system is healthy. Compare against baseline to detect problems. Without baseline, "slower than normal" is subjective. MDF / IDFMain Distribution Frame (core switching). Intermediate Distribution Frame (floor/building distribution). Document what's in each.

Policies & Standards

SLAService Level Agreement. Defines expected uptime, performance, and response time. Legal contract between provider and customer. Change ManagementFormal process for making changes: Request → Review → Approve → Schedule → Implement → Verify → Document. No unauthorized changes. AUPAcceptable Use Policy. Defines what users are permitted to do on company systems and networks. Users must sign before getting access.

SNMP & Syslog

SNMPSimple Network Management Protocol. Port 161 (queries). Port 162 (traps). Manager polls agents using OIDs (Object Identifiers). Agents send unsolicited traps when events occur. v3 adds encryption and authentication. MIBManagement Information Base. Database of OIDs on a device. SNMP manager queries MIB to get device metrics. SyslogPort 514 (UDP). Sends log messages to a central syslog server. Eight severity levels 0–7: Emergency, Alert, Critical, Error, Warning, Notice, Informational, Debug. NetFlowCisco standard for traffic flow data collection. Records source/dest IP, port, protocol, byte count. Used for capacity planning and security analysis.

PART 11

High Availability & Disaster Recovery

Domain 3

Redundancy Concepts

NIC TeamingMultiple physical NICs combined into one logical interface. Provides fault tolerance (failover) and/or increased throughput (aggregation). LACP (802.1ax) is the standard. Switch ClusteringMultiple switches managed as a single logical entity using Cluster Management Protocol. Simplifies administration of stacked switches. FHRPFirst Hop Redundancy Protocol. Provides a virtual IP/gateway that clients use. If primary router fails, standby takes over using the same virtual IP — transparent to clients. HSRPHot Standby Router Protocol. Cisco proprietary FHRP. Active/standby model. Uses a virtual IP as the client gateway. VRRPVirtual Router Redundancy Protocol. IEEE open standard FHRP. Equivalent to HSRP. Vendor-neutral.

HA Configurations

Active/ActiveBoth (all) devices actively handle traffic simultaneously. Provides both load balancing and fault tolerance. If one fails, others absorb its load. Active/PassiveOne device active, one on standby. Passive only takes over if active fails. Simpler but wastes standby capacity. Multiple ISPsRedundant internet connections from different providers. Prevents single ISP outage from taking down all internet access. BGP used for failover. Diverse PathsMultiple physical paths between sites using different routes, cables, or carriers. Protects against fiber cuts and provider outages.

Disaster Recovery Sites

Site Type	Equipment	Data Currency	Recovery Time	Cost
Hot Site	Fully operational. All hardware mirroring production.	Real-time or near-real-time	Minutes to hours	Highest
Warm Site	Infrastructure ready, not fully active.	Recent backup required	Hours to days	Medium
Cold Site	Physical space only. No equipment.	Must restore from backup	Weeks	Lowest
Cloud Site	Provisioned through CSP on demand.	Depends on replication	Variable	Variable

Key DR Metrics

RTORecovery Time Objective. Maximum acceptable downtime. "How long can we be offline?" Low RTO = need hot site or automated failover. RPORecovery Point Objective. Maximum acceptable data loss measured in time. "How much data can we lose?" Low RPO = need frequent backups or synchronous replication. MTBFMean Time Between Failures. Average time a device operates before failing. Higher = more reliable hardware. MTTRMean Time to Repair. Average time to restore a failed component. Lower = faster recovery.

RTO = time. RPO = data. Both are maximums — you must recover within the RTO and lose no more data than the RPO allows. Hot site satisfies low RTO. Synchronous replication satisfies near-zero RPO.

Facility Support

UPSUninterruptible Power Supply. Battery backup for graceful shutdown during outages. Runtime measured in minutes typically. PDUPower Distribution Unit. Distributes power to rack equipment. Smart PDUs allow remote monitoring and individual outlet control. GeneratorLong-term backup power for extended outages. Diesel or natural gas. Takes seconds to minutes to start — UPS bridges the gap. Fire SuppressionWet pipe (water, fastest). Dry pipe (slower, less accidental risk). Preaction (two triggers required, best for data centers). Clean agents (FM-200, Novec, Argon — no water damage).

PART 12

Cloud & Data Center

Domain 1 / 3

Cloud Deployment Models

Public CloudMulti-tenant. CSP owns and operates all infrastructure. AWS, Azure, GCP. Cheapest. Shared resources = less isolation. Private CloudDedicated to one organization. On-premises or hosted. Full control. Most expensive. Best for regulated industries (healthcare, finance). Community CloudShared by organizations with common needs (government, healthcare). Cost is shared. Higher security than public. Hybrid CloudAny combination of the above. Sensitive data on-premises, scalable workloads in public cloud. Best of both worlds.

Cloud Service Models

Model	You Manage	Provider Manages	Examples
IaaS	OS, apps, data, runtime	Hardware, network, virtualization	AWS EC2, Azure VMs, Rackspace
PaaS	Apps and data only	OS, hardware, runtime, middleware	AWS Elastic Beanstalk, Google App Engine
SaaS	Nothing — just use it	Everything	Office 365, Salesforce, Gmail

IaaS = sysadmin territory. PaaS = developer territory. SaaS = end user territory. As you move IaaS → PaaS → SaaS, the provider manages more and you manage less.

Software-Defined Networking (SDN)

ConceptSeparates the control plane (decisions) from the data plane (forwarding). Network devices managed centrally from a controller rather than individually. Application LayerNetwork applications that use the network (IDS/IPS, load balancers, firewalls). Communicate with the control layer via APIs. Control LayerSDN controller. The "brain." Processes configuration and monitoring. Pushes forwarding rules to infrastructure layer. Infrastructure LayerActual network hardware (switches, routers). Forwarding plane only — receives instructions from controller. No independent routing decisions.

Data Center Locations & IaC

Branch OfficeClosest to end users. Smaller scale. Connected back to main data center via WAN/VPN. On-PremisesOrganization owns and operates its own data center. Full control. Full cost and responsibility. Co-LocationProvider builds and maintains the data center facility. Organization owns equipment, leases rack space and power. Good middle ground. Infrastructure as Code (IaC)Provisioning infrastructure through code/scripts instead of manual configuration. Tools: Terraform, Ansible, Puppet, Chef. Benefits: repeatability, speed, version control, fewer errors.

PART 13

Network Security

Domain 4 · 19%

Security Devices & Architecture

FirewallFilters traffic based on rules. Placed between internet and internal network. Stateless (packet filter) or stateful (tracks connection state). NGFWNext-Generation Firewall. Layer 7 inspection. Deep Packet Inspection (DPI). Application awareness, user identity, IPS built in. DMZDemilitarized Zone. Network segment between two firewalls. Public-facing servers (web, email, DNS) placed here. Isolated from internal LAN. IDSIntrusion Detection System. Passive. Monitors and alerts only. Does not block. HIDS = host-based (on the device). NIDS = network-based (on the wire). IPSIntrusion Prevention System. Active. Inline — must be in traffic path. Monitors AND blocks. Risk of false positives disrupting legitimate traffic. Proxy (Forward)Client-side. Inspects outbound traffic. URL filtering, caching, logging. Clients configured to use proxy. Proxy (Reverse)Server-side. Clients don't see the real servers. Used for load balancing, SSL termination, caching. CDNs use reverse proxies.

Authentication Protocols

Protocol	Port	Transport	Use Case
RADIUS	1812/1813	UDP	Network access authentication (Wi-Fi, VPN, dial-up). Encrypts password only. AAA protocol.
TACACS+	49	TCP	Network device administration (routers/switches). Encrypts entire payload. Cisco-preferred. Separates authentication, authorization, accounting.
Kerberos	88	TCP/UDP	Single sign-on in Active Directory environments. Uses tickets issued by Key Distribution Center (KDC).
LDAP	389	TCP	Directory services queries. Reads and writes to Active Directory / LDAP directories.
LDAPS	636	TCP	LDAP over TLS. Encrypted directory queries. Required for secure AD authentication.

RADIUS = network access (Wi-Fi, VPN). TACACS+ = device administration (CLI access to routers/switches). Both implement AAA. TACACS+ encrypts the full session; RADIUS only encrypts the password. Kerberos = ticket-based SSO for Windows domains.

802.1X Port-Based Access Control

Authenticates devices before granting network access. Three components:

SupplicantThe client device requesting access. Uses EAP (Extensible Authentication Protocol). AuthenticatorThe switch or WAP that enforces access. Passes credentials to authentication server. Authentication ServerRADIUS server that validates credentials and tells the authenticator to allow or deny access.

802.1X prevents rogue devices from connecting to the network even if they physically plug into a switch port or associate with a WAP. The port stays in an unauthorized state until the RADIUS server approves the credentials.

Common Network Attacks

DDoSDistributed Denial of Service. Floods target from many sources simultaneously. Volumetric (bandwidth), protocol (state exhaustion), or application layer (Layer 7). ARP SpoofingAttacker sends fake ARP replies to associate their MAC with a legitimate IP. Enables man-in-the-middle attacks. Mitigate with Dynamic ARP Inspection (DAI). DNS PoisoningCorrupts DNS cache with false records. Redirects users to malicious sites. Mitigate with DNSSEC. VLAN HoppingExploits trunk port negotiation (DTP) or native VLAN double-tagging to jump between VLANs. Mitigate: disable DTP, change native VLAN from default. MAC FloodingOverwhelms switch CAM table with fake MACs. Switch defaults to flooding all traffic (acts like a hub) — attacker can capture all traffic. Mitigate with port security. On-Path (MITM) AttackAttacker intercepts communication between two parties. Both parties think they're talking to each other. Enables eavesdropping and manipulation. Rogue DHCPUnauthorized DHCP server on network. Assigns wrong gateway/DNS for traffic redirection. Mitigate with DHCP Snooping on managed switches. Rogue APUnauthorized WAP on network. May broadcast same SSID as legitimate network (Evil Twin). Users connect unknowingly. Use WIDS/WIPS to detect.

PART 14

Troubleshooting

Domain 5 · 22%

CompTIA 7-Step Troubleshooting Methodology

Identify the problem. Question users, identify recent changes, check logs, determine scope (one device or many?).

Establish a theory of probable cause. Question the obvious first — port speed, duplex mismatch, wrong VLAN, incorrect IP, wrong gateway, wrong DNS, wrong subnet mask.

Test the theory. Investigate to verify your theory. If confirmed → step 4. If not → back to step 2 with a new theory.

Establish a plan of action. Identify potential effects on other systems. Schedule maintenance window if needed. Notify affected users.

Implement the solution or escalate. Make ONE change at a time. Test after each. Reverse changes that don't work.

Verify full system functionality. Confirm fix works. Implement preventive measures to stop recurrence.

Document findings, actions, and outcomes. Record everything for future reference and knowledge base.

Connectivity Testing — Sequential Ping Test

Ping 127.0.0.1 — Tests the local TCP/IP stack. If this fails, TCP/IP is not functioning on the local machine.

Ping your own IP address — Tests the local NIC and its configuration.

Ping the default gateway — Tests connectivity to the local router. If this fails, problem is on the local segment (cable, switch, VLAN).

Ping a remote IP — Tests routing beyond the local network. If this fails but gateway succeeds, routing or ISP issue.

Ping a remote hostname (e.g., google.com) — Tests DNS resolution. If IP works but hostname fails, DNS is the problem.

Command-Line Diagnostic Tools

pingTests ICMP connectivity. Shows RTT (round trip time). Use to test reachability of hosts at each hop. tracert (Windows)Traces packet path to destination showing each router hop. Uses TTL and ICMP Time Exceeded responses. traceroute (Linux)Linux equivalent of tracert. Uses UDP by default (also supports ICMP with -I flag). pathpingWindows only. Combines ping + tracert. Shows per-hop packet loss statistics over time. More thorough than tracert alone. ipconfig (Windows)Shows IP address, subnet mask, default gateway. /all adds MAC, DNS, DHCP server, lease info. ifconfig / ip a (Linux)Shows network interface configuration. ip a is the modern replacement for ifconfig. ipconfig /releaseReleases current DHCP lease. ipconfig /renewRequests a new DHCP lease. ipconfig /flushdnsClears local DNS cache. Use when a DNS change isn't resolving yet. arp -aDisplays ARP cache — IP to MAC address mappings known to the local machine. nslookupQueries DNS records. Can query specific record types (A, MX, CNAME) and specific DNS servers. netstatShows active connections, listening ports, and routing table. -an shows all connections with addresses. -r shows routing table. nmapNetwork scanner. Discovers hosts and open TCP/UDP ports. Also does OS fingerprinting and service version detection. tcpdumpCLI packet capture. Captures and displays raw network traffic. Linux/macOS. Used for deep-dive troubleshooting. WiresharkGUI packet analyzer. Captures and decodes network traffic. Filters by protocol, IP, port. The gold standard for protocol analysis.

Common Issues Quick Reference

APIPA address (169.254.x.x)DHCP failure. Check DHCP server, connectivity to server, DHCP scope exhaustion. Duplex mismatchOne side full-duplex, other half-duplex. Causes CRC errors, runts, slow performance. Check both ends match. Broadcast stormSTP not running or disabled. Looping broadcasts crash the network. Enable STP — it's on by default on managed switches. MTU mismatchPackets too large for a link in the path. Fragmentation or drops. Common with VPNs. Set MTU to 1400 for VPN traffic. Wrong VLANDevice on incorrect VLAN can't communicate with intended peers. Verify switch port VLAN assignment. CRC errorsData corruption in transit. Almost always a bad cable. Replace the cable. Intermittent dropsFailing NIC, bad cable, or switch port. Swap each component one at a time.

PART 15

Ports Reference

All Domains

Complete Port Reference

20TCPFTP DataFTP

21TCPFTP ControlFTP

22TCPSecure Shell / SFTPSSH

23TCPTelnet (insecure)Telnet

25TCPSimple Mail TransferSMTP

49TCPTACACS+TACACS+

53TCP/UDPDomain Name ServiceDNS

67/68UDPDynamic Host Config ProtocolDHCP

69UDPTrivial File Transfer ProtocolTFTP

80TCPHypertext Transfer ProtocolHTTP

88TCP/UDPKerberosKerberos

110TCPPost Office Protocol v3POP3

123UDPNetwork Time ProtocolNTP

137–139TCP/UDPNetBIOS (legacy)NetBIOS

143TCPInternet Message Access ProtocolIMAP

161UDPSNMP QueriesSNMP

162UDPSNMP TrapsSNMP

389TCPLightweight Directory AccessLDAP

443TCPHTTP SecureHTTPS

445TCPSMB / Windows File SharingSMB

465/587TCPSMTP Secure / SubmissionSMTPS

514UDPSyslogSyslog

636TCPLDAP over TLSLDAPS

853TCPDNS over TLSDoT

993TCPIMAP over TLSIMAPS

995TCPPOP3 over TLSPOP3S

1433TCPMicrosoft SQL ServerMSSQL

1521TCPOracle SQLnetOracle

1720TCPH.323 (Video Conferencing)H.323

1812/1813UDPRADIUS Auth / AccountingRADIUS

3306TCPMySQL / MariaDBMySQL

3389TCPRemote Desktop ProtocolRDP

5004/5005UDPReal-time Transport ProtocolRTP

5060/5061TCP/UDPSession Initiation ProtocolSIP

Key distinctions: SNMP uses 161 for polling, 162 for traps. DHCP 67 = server receives, 68 = client receives. RADIUS 1812 = auth, 1813 = accounting. SIP (5060/5061) sets up VoIP calls. RTP (5004/5005) carries the actual voice data. TFTP (69) = used for network device boot files and configs.

PART 16

WAN Technologies

Domain 2

WAN Connection Types

Leased LineDedicated point-to-point circuit between two sites. T1 (1.544 Mbps), T3 (44.736 Mbps). Symmetric speeds. Expensive but reliable. Uses CSU/DSU at each end. DSLDigital Subscriber Line. Uses existing phone lines. ADSL = asymmetric (faster download). Speed degrades with distance from CO (central office). CableUses coaxial CATV infrastructure. DOCSIS standard. Shared bandwidth with neighborhood — can slow at peak hours. F-type connectors. Fiber (FTTP/FTTC)Fastest available. FTTP = fiber all the way to building. FTTC = fiber to street cabinet, copper for last segment. Symmetric speeds possible. Cellular (4G/5G)Mobile data as WAN backup or primary. 5G sub-6 GHz = better range. mmWave = very fast but short range. Used for branch offices and backup links. SatelliteAvailable anywhere with sky view. Traditional = high latency (~600ms). LEO (Starlink) = ~20–40ms. Last resort for remote locations. Fixed WirelessPoint-to-point or point-to-multipoint radio. No cable needed. Line of sight preferred. Used in rural and underserved areas.

MPLS

Multi-Protocol Label Switching. One of the most popular enterprise WAN technologies. Instead of routing packets by IP address at every hop, MPLS assigns labels at the network edge. Core routers forward based on label only — much faster than full IP lookups. Creates logical connections (LSPs — Label Switched Paths) between sites. Supports QoS for voice and video prioritization. Traffic appears as if on a private network even though it traverses a shared provider backbone.

MPLS operates between Layer 2 and Layer 3 — sometimes called "Layer 2.5." Core routers are called LSRs (Label Switching Routers). Edge routers that attach/remove labels are called LERs (Label Edge Routers). MPLS is commonly used to connect branch offices over a provider network with consistent QoS.

Additional WAN Concepts

SD-WANSoftware-Defined WAN. Centrally manages multiple WAN links (MPLS, broadband, LTE). Automatically routes traffic over best path based on real-time conditions. Reduces reliance on expensive MPLS by using cheaper broadband intelligently. Metro EthernetExtends Ethernet over a metropolitan area using carrier infrastructure. Delivers familiar Ethernet interface to the customer. Scalable bandwidth. Frame RelayLegacy WAN technology. Packet-switched, shared bandwidth. PVC (Permanent Virtual Circuit) connects sites. Largely replaced by MPLS and broadband. CSU/DSUChannel Service Unit / Data Service Unit. Connects router to leased line (T1/T3). Converts between LAN and WAN signal formats. The WAN equivalent of a NIC.

CompTIA Network+ Study Guide

// Exam Domain Weights (N10-009)

Networking Fundamentals

Cabling & Connectors

Networking Devices

IP Addressing

Subnetting

Routing

Switching & VLANs

Wireless Networking

Remote Access & VPNs

Network Operations

High Availability & Disaster Recovery

Cloud & Data Center

Network Security

Troubleshooting

Ports Reference

WAN Technologies