Topic |
Details |
Networking Fundamentals – 24%
|
Compare and contrast the Open Systems Interconnection (OSI) model layers and encapsulation concepts. |
– OSI model
- Layer 1 – Physical
- Layer 2 – Data link
- Layer 3 – Network
- Layer 4 – Transport
- Layer 5 – Session
- Layer 6 – Presentation
- Layer 7 – Application
– Data encapsulation and decapsulation within the OSI model context
- Ethernet header
- Internet Protocol (IP) header
- Transmission Control Protocol (TCP)/User Datagram Protocol (UDP) headers
- TCP flags
- Payload
- Maximum transmission unit (MTU)
|
Explain the characteristics of network topologies and network types. |
– Mesh – Star/hub-and-spoke – Bus – Ring – Hybrid – Network types and characteristics
- Peer-to-peer
- Client-server
- Local area network (LAN)
- Metropolitan area network (MAN)
- Wide area network (WAN)
- Wireless local area network (WLAN)
- Personal area network (PAN)
- Campus area network (CAN)
- Storage area network (SAN)
- Software-defined wide area network (SDWAN)
- Multiprotocol label switching (MPLS)
- Multipoint generic routing encapsulation (mGRE)
– Service-related entry point
- Demarcation point
- Smartjack
– Virtual network concepts
- vSwitch
- Virtual network interface card (vNIC)
- Network function virtualization (NFV)
- Hypervisor
– Provider links
- Satellite
- Digital subscriber line (DSL)
- Cable
- Leased line
- Metro-optical
|
Summarize the types of cables and connectors and explain which is the appropriate type for a solution. |
– Copper
- Twisted pair
1. Cat 5 2. Cat 5e 3. Cat 6 4. Cat 6a 5. Cat 7 6. Cat 8
- Coaxial/RG-6
- Twinaxial
- Termination standards
1. TIA/EIA-568A 2. TIA/EIA-568B
– Fiber
– Connector types
- Local connector (LC), straight tip (ST), subscriber connector (SC), mechanical transfer (MT), registered jack (RJ)
1. Angled physical contact (APC) 2. Ultra-physical contact (UPC)
- RJ11
- RJ45
- F-type connector
- Transceivers/media converters
- Transceiver type
1. Small form-factor pluggable (SFP) 2. Enhanced form-factor pluggable (SFP+) 3. Quad small form-factor pluggable (QSFP) 4. Enhanced quad small form-factor pluggable (QSFP+)
– Cable management
- Patch panel/patch bay
- Fiber distribution panel
- Punchdown block
1. 66 2. 110 3. Krone 4. Bix
– Ethernet standards
- Copper
1. 10BASE-T 2. 100BASE-TX 3. 1000BASE-T 4. 10GBASE-T 5. 40GBASE-T
- Fiber
1. 100BASE-FX 2 .100BASE-SX 3. 1000BASE-SX 4. 1000BASE-LX 5. 10GBASE-SR 6. 10GBASE-LR 7. Coarse wavelength division multiplexing (CWDM) 8. Dense wavelength division multiplexing (DWDM) 9. Bidirectional wavelength division multiplexing (WDM)
|
Given a scenario, configure a subnet and use appropriate IP addressing schemes. |
– Public vs. private
- RFC1918
- Network address translation (NAT)
- Port address translation (PAT)
– IPv4 vs. IPv6
- Automatic Private IP Addressing (APIPA)
- Extended unique identifier (EUI-64)
- Multicast
- Unicast
- Anycast
- Broadcast
- Link local
- Loopback
- Default gateway
– IPv4 subnetting
- Classless (variable-length subnet mask)
- Classful
1. A 2. B 3. C 4. D 5. E
- Classless Inter-Domain Routing (CIDR) notation
– IPv6 concepts
- Tunneling
- Dual stack
- Shorthand notation
- Router advertisement
- Stateless address autoconfiguration (SLAAC)
– Virtual IP (VIP) – Subinterfaces
|
Explain common ports and protocols, their application, and encrypted alternatives. |
– Protocol sand Ports
- File Transfer Protocol (FTP) 20/21
- Secure Shell (SSH) 22
- Secure File Transfer Protocol (SFTP) 22
- Telnet 23
- Simple Mail Transfer Protocol (SMTP) 25
- Domain Name System (DNS) 53
- Dynamic Host Configuration Protocol (DHCP) 67/68
- Trivial File Transfer Protocol (TFTP) 69
- Hypertext Transfer Protocol (HTTP) 80
- Post Office Protocol v3 (POP3) 110
- Network Time Protocol (NTP) 123
- Internet Message Access Protocol (IMAP) 143
- Simple Network Management Protocol (SNMP) 161/162
- Lightweight Directory Access Protocol (LDAP) 389
- Hypertext Transfer Protocol Secure (HTTPS) [Secure Sockets Layer (SSL)] 443
- HTTPS [Transport Layer Security (TLS)] 443
- Server Message Block (SMB) 445
- Syslog 514
- SMTP TLS 587
- Lightweight Directory Access Protocol (over SSL) (LDAPS) 636
- IMAP over SSL 993
- POP3 over SSL 995
- Structured Query Language (SQL) Server 1433
- SQLnet 1521
- MySQL 3306
- Remote Desktop Protocol (RDP) 3389
- Session Initiation Protocol (SIP) 5060/5061
- IP protocol types
1. Internet Control Message Protocol (ICMP) 2. TCP 3. UDP 4. Generic Routing Encapsulation (GRE) 5. Internet Protocol Security (IPSec) – Authentication Header (AH)/Encapsulating Security Payload (ESP)
– Connectionless vs. connection-oriented
|
Explain the use and purpose of network services. |
– DHCP
- Scope
- Exclusion ranges
- Reservation
- Dynamic assignment
- Static assignment
- Lease time
- Scope options
- Available leases
- DHCP relay
- IP helper/UDP forwarding
– DNS
- Record types
1. Address (A vs. AAAA) 2. Canonical name (CNAME) 3. Mail exchange (MX) 4. Start of authority (SOA) 5. Pointer (PTR) 6. Text (TXT) 7. Service (SRV) 8. Name server (NS)
- Global hierarchy
1. Root DNS servers
- Internal vs. external
- Zone transfers
- Authoritative name servers
- Time to live (TTL)
- DNS caching
- Reverse DNS/reverse lookup/forward lookup
- Recursive lookup/iterative lookup
– NTP
|
Explain basic corporate and datacenter network architecture. |
– Three-tiered
- Core
- Distribution/aggregation layer
- Access/edge
– Software-defined networking
- Application layer
- Control layer
- Infrastructure layer
- Management plane
– Spine and leaf
- Software-defined network
- Top-of-rack switching
- Backbone
– Traffic flows
– Branch office vs. on-premises datacenter vs. colocation – Storage area networks
- Connection types
1. Fibre Channel over Ethernet (FCoE) 2. Fibre Channel 3. Internet Small Computer Systems Interface (iSCSI)
|
Summarize cloud concepts and connectivity options. |
– Deployment models
- Public
- Private
- Hybrid
- Community
– Service models
- Software as a service (SaaS)
- Infrastructure as a service (IaaS)
- Platform as a service (PaaS)
- Desktop as a service (DaaS)
– Infrastructure as code
– Connectivity options
- Virtual private network (VPN)
- Private-direct connection to cloud provider
– Multitenancy – Elasticity – Scalability – Security implications
|
Network Implementations – 19%
|
Compare and contrast various devices, their features, and their appropriate placement on the network. |
– Networking devices
- Layer 2 switch
- Layer 3 capable switch
- Router
- Hub
- Access point
- Bridge
- Wireless LAN controller
- Load balancer
- Proxy server
- Cable modem
- DSL modem
- Repeater
- Voice gateway
- Media converter
- Intrusion prevention system (IPS)/intrusion detection system (IDS) device
- Firewall
- VPN headend
– Networked devices
- Voice over Internet Protocol (VoIP) phone
- Printer
- Physical access control devices
- Cameras
- Heating, ventilation, and air conditioning (HVAC) sensors
- Internet of Things (IoT)
1. Refrigerator 2. Smart speakers 3. Smart thermostats 4. Smart doorbells
- Industrial control systems/supervisory control and data acquisition (SCADA)
|
Compare and contrast routing technologies and bandwidth management concepts. |
– Routing
- Dynamic routing
1. Protocols [Routing Internet Protocol (RIP), Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Border Gateway Protocol (BGP)] 2. Link state vs. distance vector vs. hybrid
- Static routing
- Default route
- Administrative distance
- Exterior vs. interior
- Time to live
– Bandwidth management
- Traffic shaping
- Quality of service (QoS)
|
Given a scenario, configure and deploy common Ethernet switching features. |
– Data virtual local area network (VLAN) – Voice VLAN – Port configurations
- Port tagging/802.1Q
- Port aggregation
1. Link Aggregation Control Protocol (LACP)
- Duplex
- Speed
- Flow control
- Port mirroring
- Port security
- Jumbo frames
- Auto-medium-dependent interface crossover (MDI-X)
– Media access control (MAC) address tables – Power over Ethernet (PoE)/Power over Ethernet plus (PoE+) – Spanning Tree Protocol – Carrier-sense multiple access with collision detection (CSMA/CD) – Address Resolution Protocol (ARP) – Neighbor Discovery Protocol
|
Given a scenario, install and configure the appropriate wireless standards and technologies. |
– 802.11 standards
- a
- b
- g
- n (WiFi 4)
- ac (WiFi 5)
- ax (WiFi 6)
– Frequencies and range
– Channels
– Channel bonding – Service set identifier (SSID)
- Basic service set
- Extended service set
- Independent basic service set (Ad-hoc)
- Roaming
– Antenna types
– Encryption standards
- WiFi Protected Access (WPA)/WPA2 Personal [Advanced Encryption Standard (AES)/Temporal Key Integrity Protocol (TKIP)]
- WPA/WPA2 Enterprise (AES/TKIP)
– Cellular technologies
- Code-division multiple access (CDMA)
- Global System for Mobile Communications (GSM)
- Long-Term Evolution (LTE)
- 3G, 4G, 5G
– Multiple input, multiple output (MIMO) and multi-user MIMO (MU-MIMO)
|
Network Operations – 16%
|
Given a scenario, use the appropriate statistics and sensors to ensure network availability. |
– Performance metrics/sensors
- Device/chassis
1. Temperature 2. Central processing unit (CPU) usage 3. Memory
- Network metrics
1. Bandwidth 2. Latency 3. Jitter
– SNMP
- Traps
- Object identifiers (OIDs)
- Management information bases (MIBs)
– Network device logs
- Log reviews
1. Traffic logs 2. Audit logs 3. Syslog
- Logging levels/severity levels
– Interface statistics/status
- Link state (up/down)
- Speed/duplex
- Send/receive traffic
- Cyclic redundancy checks (CRCs)
- Protocol packet and byte counts
– Interface errors or alerts
- CRC errors
- Giants
- Runts
- Encapsulation errors
– Environmental factors and sensors
- Temperature
- Humidity
- Electrical
- Flooding
– Baselines – NetFlow data – Uptime/downtime
|
Explain the purpose of organizational documents and policies. |
– Plans and procedures
- Change management
- Incident response plan
- Disaster recovery plan
- Business continuity plan
- System life cycle
- Standard operating procedures
– Hardening and security policies
- Password policy
- Acceptable use policy
- Bring your own device (BYOD) policy
- Remote access policy
- Onboarding and offboarding policy
- Security policy
- Data loss prevention
– Common documentation
- Physical network diagram
1. Floor plan 2. Rack diagram 3. Intermediate distribution frame (IDF)/main distribution frame (MDF) documentation
- Logical network diagram
- Wiring diagram
- Site survey report
- Audit and assessment report
- Baseline configurations
– Common agreements
- Non-disclosure agreement (NDA)
- Service-level agreement (SLA)
- Memorandum of understanding (MOU)
|
Explain high availability and disaster recovery concepts and summarize which is the best solution. |
– Load balancing – Multipathing – Network interface card (NIC) teaming – Redundant hardware/clusters
- Switches
- Routers
- Firewalls
– Facilities and infrastructure support
- Uninterruptible power supply (UPS)
- Power distribution units (PDUs)
- Generator
- HVAC
- Fire suppression
– Redundancy and high availability (HA) concepts
- Cold site
- Warm site
- Hot site
- Cloud site
- Active-active vs. active-passive
1. Multiple Internet service providers (ISPs)/diverse paths 2. Virtual Router Redundancy Protocol (VRRP)/First Hop Redundancy Protocol (FHRP)
- Mean time to repair (MTTR)
- Mean time between failure (MTBF)
- Recovery time objective (RTO)
- Recovery point objective (RPO)
– Network device backup/restore
|
Network Security – 19%
|