Back to Article List
Pass CompTIA’s Network + Exam
By Troy A. Thompson, MCSE+I, CCNA, CCAI, Network +, A+
March 7, 2004
Network + Exam Information
Understanding networking fundamentals will bolster your ability to understand information security issues. Obtaining a reputable network certification makes it clear to prospective employers that you understand the basic fundamentals of computer networking and are ready to take on bigger challenges. To that end, Troy Thompson helps you understand what you need to know to pass the CompTIA Network + exam (N10-002).
The Network + exam consists of 72 questions for which you are given 90 minutes to complete. According to the information on the screens prior to taking the exams, some of the questions are for evaluation only and will not be counted toward your grade. You must score 646 out of 900 in order to pass. The majority of questions will be multiple choice. There are different types of multiple choice questions – those requiring a single correct answer and those requiring multiple correct answers. When multiple answers are required, the question will tell you how many answers to choose. On a question requiring multiple answers, you must select all correct choices in order to get credit; there is no partial credit for a multiple answer question. You may also face a fill-in-the-blank or drag and drop question. Unlike the Cisco’s CCNA exam, you can mark a question and return to it later. Similar to the Microsoft exams, you will face some scenario questions or questions that display an exhibit.
Another word to the wise is to be careful where you click. For some reason, the test engines that are used by Cisco, Microsoft and CompTIA may actually change your answer inadvertently if you click out to the side of the question. Make sure that when you click on a choice, that it really marked it. Be careful clicking anywhere on the screen. In order to obtain your Network + certification, you need only pass this exam. If you are interested in pursuing the MCSA track by Microsoft, you can substitute the elective course required if you have passed the Network+ and A+ exams. The Network + exam is broken into four categories: Media and Topologies, Protocol and Standards, Network Implementation and Network Support.
Media and Topologies
Protocols and Standards
The types of devices you must be able to identify are: routers, bridges, switches, Wireless access Points(WAP), Channel Service Unit/Data Service Unit (CSU/DSU) and gateways.
Routers operate at the Network layer and define your broadcast domain. Bridges and switches use hardware addresses to decide which frames to pass and which to filter out. Bridges and switches can help avoid broadcasts, but don’t eliminate them. Repeaters do not protect against broadcast storms. They simply regenerate and re-transmit all signals to extend the maximum length of cable. A WAP is a device that connects hosts to the network without using traditional cables. CSU/DSUs connect a network to a data line such as a T1. Gateways translate protocols and do not protect against broadcast storms either. As a rule of thumb, bridges and switches increase collision domain, but do nothing for broadcast domains. Routers and VLANs, on the other hand, deal with broadcast domains, although a router can also be used to break up large collision domains.
You need to be familiar with the different types of media connectors. Each is explained below.
Fiber uses straight tip (ST) and subscriber connector (SC). The ST is the most commonly used fiber connector. The SC is also known as the square connector and uses a latching mechanism. A BNC connector is used on thinnet cable (10Base2) and locks with a twist. An RJ-45 connector has 8 wires in four pairs and is used on Unshielded Twisted Pair (UTP) cable. An RJ-11 connector is used with standard telephones. An Attachment Unit Interface (AUI) connector has 15 pins and is used with thicknet cable (10Base5). It attaches to the cable with a vampire tap. A Transceiver is a device that converts an Ethernet signal on a thicknet cable into a form the computer can recognize.
Ethernet Cable Standards
||More difficult than Thinnet
Ethernet types and topologies
|Type of Connector
||1,024 on Network
|Maximum Network Length
|Maximum Cable Length for a single run
||UTP or STP
Token Ring (802.5) provides equal access for all computers on a network and runs at speeds of 4 or 16 Mbps. There are no collisions on a Token Ring network because only the workstation with the token can transmit. A Network Interface Card (NIC) on a Token Ring Network may not work properly until the speed is set. It does not require terminators or Cat 5 cable. Fiber Distributed Data Interface (FDDI) uses a dual ring topology.
In a Bus topology, all computers are attached to a backbone cable. Only one computer at a time can transmit.
In a Star topology, all signals transmitted by computers are passed through a hub to all computers on the network. It requires more cabling that bus. If a single computer is unplugged from the network, it does not affect other computer. This is the most popular Ethernet (802.3) network today.
The Mesh topology connects every workstation to every other workstation to provide fault tolerance. It is the most expensive network topology.
Wireless (802.11b) is not a topology by itself, but you also need to be aware that it can be integrated into other types of networks.
You will likely get 5-7 questions regarding the OSI model. Each layer is discussed in detail below.
The Application Layer provides network services to user applications. Some protocols at this level are FTP and SMTP.
The Presentation Layer is responsible for managing data and protocol conversion, compression, decompression, encryption, and decryption. It includes the following file formats: MPEG, MIDI, PICT, TIFF, JPEG, ASCII, and EBCDIC.
The Session Layer establishes, manages, and terminates sessions between nodes. It also handles security and name recognition. Protocols associated with this layer include NFS, SQL, RPC and AppleTalk.
The Transport Layer is responsible for setting up and defining how two nodes will communicate. The window works at this level to control how much information is transferred before an acknowledgement is required. This layer deals with segments and uses both connection-oriented (TCP) and connectionless protocols (UDP).
The Network Layer is responsible for path determination and for maintaining routing tables. Routers operate at this level.
The Data Link Layer is responsible for handling error notification, network topology and flow control. It is broken into two different layers: Media Access Control (MAC) and Logical Link Control (LLC). Bridges and switches operate at this layer.
The Media Access Control Sublayer builds frames from the 1’s and 0’s from the Physical layer.
The Logical Link Control Sublayer acts as a managing buffer between the upper layers and the lower layers. It is responsible for timing, and flow control.
The Physical Layer deals with physical transmission of data such as voltage, wiring and connectors.
Synchronous Optical Network (SONET) defines rates as optical carrier (OC) levels. OC-1 operates at 51.85 Mbps, OC-3 operates at 155.52 Mbps, OC-12 operates at622.08 Mbps, and OC-48 operates at 2.488 Gbps.
Frame relay is a WAN technology that uses packet switching. It uses permanent virtual circuits (PVCs) between the sender and receiver. It has speeds ranging up to 1.544 Mbps.
The T-series connections you need to be familiar with are T1 and T3. A T1 operates at 1.544 Mbps and uses two pairs of UTP wires. T3 uses fiber-optic cable or microwave to provide 44.736 Mbps.
Asynchronous Transfer Mode (ATM) is a cell switching technology that operates at speeds of 51.84 Mbps and 155.52.
Fiber Distributes Data Interface (FDDI) uses fiber-optic cable and dual counter-rotating rings. This connection operates at 100 Mbps.
Domain Name System (DNS) translates domain names to a given IP address on a network on the Internet.
Windows Internet Naming Service (WINS) translates NetBIOS names to IP addresses on a Windows based network.
Dynamic Host Configuration Protocol (DHCP) dynamically assigns an IP address to a host device. This service prevents network administrators from having to manually configure TCP/IP settings on all hosts.
Network Address Translation (NAT) allows you to translate private IP addresses to a single public IP addresses. A host from outside your network sees all traffic coming from a single IP address. Routers and Proxy servers use NAT.
Internet Connection Sharing (ICS) is somewhat similar to NAT in that it allows multiple hosts to use the Internet connection of another computer.
Integrated Services Digital Network (ISDN) is a digital service designed to run over existing telephone networks. It can carry voice and data simultaneously, is faster than a typical modem and has a faster call setup. ISDN Basic Rate Interface (BRI) consists of two “B” channels of 64 Kbps and one “D” channel of 16Kpbs.
TCP is the connection-oriented protocol in the IP protocol suite. UDP is the connectionless protocol in the IP protocol suite. UDP has less overhead than TCP.
File Transfer Protocol (FTP) is used to transfer files on a TCP/IP network or the Internet. FTP is connection oriented and uses TCP to connect.
Trivial File Transfer Protocol (TFTP) is used for diskless devices, such as routers and switches. TFTP is connectionless and uses UDP to connect.
Internet Control Message Protocol (ICMP) is the protocol used by the Ping command.
Point-to-Point Protocol (PPP) provides router-to-router and host-to-network connections over synchronous and asynchronous circuits. It replaced SLIP, which was an older WAN protocol. PPP does not handle address management and is fully compatible between vendors.
Access Control Lists (ACL) are used to limit access in to or out of a network. A Proxy server is used to request information from the Internet on behalf of a client. This keep the client’s information protected behind the Proxy, which also works as a firewall.
If you have root access on a UNIX server, then you have complete control. To make changes to the UNIX operating system, you recompile the kernel. Linux is an operating system based on UNIX that is freely distributed.
Port numbers that you need to be familiar with are as follows:
FTP – 21
TELNET – 23
SMTP – 25
DNS - 53
DHCP – 67 and 68
HTTP – 80
POP3 – 110
IMAP - 143
SNMP - 161
SSL - 443
Normally, you will perform a full backup of your data every week. In between the full backup, you can do a differential backup or an incremental backup.
Full - This type of backup backs up all files and turns off the archive bits.
Differential - This type of backup backs up only the files whose archive bits are turned on. It does not turn off the archive bits.
Incremental - This type of backup backs up only those files whose archive bits are turned on. Then it turns off the archive bits.
There are several types of disk management strategies. Some of them provide fault tolerance and some do not. RAID 0 is Disk Striping without parity and it is not fault tolerant. RAID 1 is Disk Mirroring and Disk Duplexing, which does provide fault tolerance, but it is the least cost effective. RAID 5 is Disk Striping with Parity on multiple drives and is widely used to protect data with fault tolerance.
Encryption and Security
Kerberos uses strong encryption to establish a user's identity during logon. Windows 2000 uses Microsoft’s implementation of Kerberos for authentication.
Layer 2 Tunneling Protocol (L2TP) works at the Data Link layer and supports non-TCP/IP protocols on VPNs over the Internet.
IPSecurity (IPSec) works at the Network layer and provides authentication and encryption over the Internet.
Secure Sockets Layer (SSL) works at the Session layer and uses RSA public key encryption.
Microsoft and Novell
In a Windows NT domain, there are Primary Domain Controllers (PDC) and Backup Domain Controllers (BDC) used to validate login requests. In Windows 2000, there are just domain controllers and all of them are equal.
A client must have Microsoft Client for Microsoft Networks loaded in order to be able to use all resources on an NT server.
Microsoft Client for Netware Networks allows a Windows client to access a Novell network.
Novell Client for Windows NT allows you to log into NT and Novell servers using a single login.
Address Resolution Protocol (ARP) is sent as a broadcast to all stations on the subnet and is used by TCP/IP to find the MAC Address from a given IP address. Reverse Address Resolution Protocol (RARP) is used by TCP/IP to find the IP address from a given MAC Address. The NETSTAT command displays protocol statistics and the current state of local connections. The IPCONFIG command displays the TCP/IP configuration settings for Windows NT, 2000 and XP. WINIPCFG is used instead of IPCONFIG on Windows 9x clients. The Ping command uses the ICMP protocol to verify the hardware connection at the logical address of the network layer. The Tracert command generates messages from each router used along the path and is helpful because it helps locate failures from the source to the destination. The NBTSTAT command is the diagnostic tool that reports statistics and connections for NetBIOS over TCP/IP.
You would use a Tone Generator to help identify a phone or network cable in a large bundle. A crossover cable is a CAT 5 cable used to connect like devices such as hubs or two computers. The sending and receiving wire pairs are crossed. A Rollover cable is used to connect a PC into the console port of a switch or router. A punchdown tool is used to connect twisted-pair cabling to the patch panel. Wire crimpers are used to attach a connector to the end of bulk cabling.
If there is a good connection between a NIC and a hub, the link light, which is usually green, will be lit on both devices. The link light should remain lit continuously and not flash. If there is no connection, the link light will not be lit. When the link light is lit on one device and not the other, it signals a problem in the cable connection.
The collision light is typically amber. When the collision light flashes, it indicates that a collision has occurred. If the collision light blinks occasionally, it is normal. If the collision light remains lit, that indicates that there is a problem.
Duplicate IP addresses occur if you assign a static IP address that is already assigned to another device.
The troubleshooting strategy that you will have to know for the exam is illustrated below.
A Way to Buy A Little Time
- Establish the symptoms.
- Identify the affected area.
- Establish what has changed.
- Select the most probable cause.
- Implement the solution.
- Test the result.
- Recognize the potential effects of the solution.
- Document the solution.
Before you actually start the exam, you are given an option to fill out a survey on line. It does not take time away from your exam, though. This survey can actually help you by letting you prepare a little. When you enter the test room, you are only allowed to take in the piece of paper and pencil that the exam facility provides. You should write down information that can help you on that piece of paper. During the survey, you can answer a survey question then spend a few seconds jotting down notes before continuing to the next survey question. This will allow you to use the exam time for actually taking the exam and not for writing.
The topics covered in this article will help you prepare to take and pass the Network + exam. Although there is a lot of memorization involved in this exam, much of it is common sense troubleshooting. If you have already passed Cisco’s CCNA exam, you will have no problem with this one.