CompTIA Network+ N10-009 Domain 3.0

Physical vs. Logical Diagrams

Physical: Shows actual equipment placement, rack locations, cable runs, and physical connections
Logical: Shows network relationships, IP addressing schemes, VLANs, and data flow independent of physical layout

Rack Diagrams

Detailed layouts showing equipment placement within racks:

• Device positioning (front/rear view)
• Power requirements and connections
• Patch panel assignments
• Airflow and cooling considerations

Cable Maps & Diagrams

Comprehensive cable documentation including:

• Cable types and specifications
• Source and destination endpoints
• Cable routing and pathways
• Testing results and certifications

Network Layer Diagrams

Layer 1: Physical connectivity and media
Layer 2: Switch topology, VLANs, spanning tree
Layer 3: Routing topology, IP addressing, subnets

Hardware Inventory

Complete tracking of physical network equipment:

• Model numbers and serial numbers
• Purchase dates and locations
• Configuration specifications
• Performance capabilities

Software Inventory

Tracking of all network software components:

• Operating system versions
• Firmware versions
• Application software
• Security patch levels

Licensing Management

Compliance and optimization of software licenses:

• License types and quantities
• Expiration dates
• Compliance auditing
• Renewal tracking

Warranty Support

Tracking support coverage and contracts:

• Warranty expiration dates
• Support contract details
• Service level agreements
• Escalation procedures

IPAM (IP Address Management)

Centralized tracking of IP address allocation:

• Available and allocated IP ranges
• DHCP scope management
• DNS record correlation
• Historical usage tracking

Service Level Agreements (SLA)

Formal agreements defining service expectations:

• Uptime targets: 99.9%, 99.99%
• Response times: Incident resolution
• Performance metrics: Bandwidth, latency
• Penalties: Non-compliance consequences

Wireless Survey & Heat Maps

RF coverage analysis and optimization:

• Signal strength measurements
• Coverage area visualization
• Interference identification
• Access point placement recommendations

End-of-Life (EOL) & End-of-Support (EOS)

EOL: Manufacturer stops selling product
EOS: Support and updates discontinued
Planning: Migration strategies before support ends

Software Management

Patches: Security and bug fixes
OS Updates: Operating system maintenance
Firmware: Hardware-level software updates
Testing: Validation before production deployment

Decommissioning Process

Secure retirement of network equipment:

• Data sanitization/wiping
• Configuration backup and removal
• Asset disposal procedures
• Environmental compliance

Change Management Process

Structured approach to network modifications:

• Request: Formal change proposal
• Approval: Review and authorization
• Testing: Pre-production validation
• Implementation: Controlled deployment
• Verification: Post-change validation

Configuration Management

Production: Current active configurations
Backup: Stored copies for restoration
Baseline/Golden: Standard reference configurations for consistency

SNMP (Simple Network Management Protocol)

Industry standard for network device monitoring and management

SNMP Components

Traps: Unsolicited alerts sent by devices to management station
MIB (Management Information Base): Database of manageable objects
Community Strings: Shared secrets for SNMP access (v1/v2c)
Authentication: User credentials and encryption (v3)

Flow Data Analysis

Network traffic pattern analysis using:

• NetFlow: Cisco's flow technology
• sFlow: Statistical packet sampling
• IPFIX: IP Flow Information Export standard
• Benefits: Bandwidth utilization, security analysis

Packet Capture

Deep packet inspection for troubleshooting:

• Tools: Wireshark, tcpdump, TShark
• Analysis: Protocol decoding, timing
• Filtering: Specific traffic isolation
• Storage: PCAP file formats

Baseline Metrics & Anomaly Detection

Establishing normal operational parameters:

• Performance baselines: CPU, memory, bandwidth
• Traffic patterns: Typical usage flows
• Anomaly alerting: Deviation from normal
• Thresholds: Warning and critical levels

Log Aggregation

Syslog Collector: Centralized log collection from network devices
SIEM: Security Information and Event Management for correlation and analysis
Benefits: Centralized analysis, compliance reporting

Integration & Mirroring

API Integration: Programmatic access to monitoring data
Port Mirroring: Copy traffic to monitoring tools

• SPAN: Switch Port Analyzer (Cisco)
• Mirror ports: Traffic replication
• Remote monitoring: RSPAN, ERSPAN

Network Discovery

Ad Hoc: Manual, on-demand device discovery
Scheduled: Automated, periodic network scanning
Methods: SNMP, ping sweeps, ARP table analysis

Traffic Analysis

Understanding network traffic patterns:

• Bandwidth utilization
• Protocol distribution
• Top talkers identification
• Security threat detection

Performance Monitoring

Key performance indicators (KPIs):

• Latency: Round-trip time measurements
• Throughput: Data transfer rates
• Packet loss: Reliability metrics
• Jitter: Timing variation

Availability & Configuration Monitoring

Availability: Device and service uptime tracking
Configuration: Change detection and compliance monitoring
Alerting: Immediate notification of issues

Recovery Point Objective (RPO)

Definition: Maximum acceptable data loss measured in time
Example: RPO of 1 hour means maximum 1 hour of data loss
Impact: Determines backup frequency requirements

Recovery Time Objective (RTO)

Definition: Maximum acceptable downtime for system recovery
Example: RTO of 4 hours means system must be restored within 4 hours
Impact: Determines infrastructure and staffing requirements

Mean Time to Repair (MTTR)

Definition: Average time required to repair failed system
Calculation: Total repair time ÷ Number of incidents
Goal: Minimize through better processes and tools

Mean Time Between Failures (MTBF)

Definition: Average time between system failures
Calculation: Total operating time ÷ Number of failures
Goal: Maximize through redundancy and quality equipment

Cold Site

Description: Basic facility with power, cooling, and network connectivity
Recovery Time: Days to weeks
Cost: Lowest cost option
Use Case: Non-critical systems with longer RTO requirements

Warm Site

Description: Partially equipped with some systems and data
Recovery Time: Hours to days
Cost: Moderate cost
Use Case: Balance between cost and recovery time

Hot Site

Description: Fully equipped with current data and systems
Recovery Time: Minutes to hours
Cost: Highest cost
Use Case: Mission-critical systems requiring immediate failover

Active-Active

Configuration: Multiple systems simultaneously processing requests
Benefits: Load distribution, no wasted resources
Considerations: More complex configuration, potential data sync issues

Active-Passive

Configuration: Primary system active, secondary on standby
Benefits: Simpler configuration, faster failover
Considerations: Standby resources not utilized during normal operations

Tabletop Exercises

Discussion-based scenario walkthroughs:

• Purpose: Test procedures and communication
• Participants: Key stakeholders and response teams
• Benefits: Low cost, identifies process gaps
• Frequency: Quarterly or semi-annually

Validation Tests

Practical testing of recovery procedures:

• Full testing: Complete system failover
• Partial testing: Individual component testing
• Parallel testing: Test without affecting production
• Documentation: Record results and improvements

DHCP (Dynamic Host Configuration Protocol)

Automatic IP address assignment and network configuration

DHCP Configuration Options

Reservations: Static IP assignment for specific MAC addresses
Scope: Range of IP addresses available for assignment
Lease Time: Duration of IP address assignment
Exclusions: IP addresses withheld from automatic assignment

DHCP Options & Relay

Common Options:

• Option 3: Default gateway
• Option 6: DNS servers
• Option 42: NTP servers
• Option 150: TFTP server

DHCP Relay/IP Helper: Forwards DHCP requests across subnets

SLAAC (Stateless Address Autoconfiguration)

IPv6 automatic address configuration without DHCP:

• Router Advertisement: Network prefix announcement
• Interface ID: Generated from MAC address (EUI-64)
• Privacy Extensions: Temporary addresses for privacy
• Duplicate Address Detection: Ensures uniqueness

DNS Fundamentals

Hierarchical name resolution system translating domain names to IP addresses

DNS Security Extensions

DNSSEC: Cryptographic signatures for DNS data integrity
DNS over HTTPS (DoH): DNS queries over encrypted HTTPS
DNS over TLS (DoT): DNS queries over TLS encryption

Zone Types

Forward Zone: Domain name to IP address resolution
Reverse Zone: IP address to domain name resolution
Benefits: Email validation, logging, security

Authority & Recursion

Authoritative: Definitive source for zone data
Non-authoritative: Cached or forwarded responses
Primary: Master zone with read/write access
Secondary: Replica zone with read-only access
Recursive: Performs full resolution process

Hosts File

Local name resolution file bypassing DNS:

• Location: /etc/hosts (Linux), C:\Windows\System32\drivers\etc\hosts (Windows)
• Priority: Checked before DNS resolution
• Use cases: Testing, blocking, local services

NTP (Network Time Protocol)

Synchronizes system clocks over network with millisecond accuracy

• Stratum levels: Distance from reference clock
• Authentication: Symmetric keys for security
• Port: UDP 123

PTP (Precision Time Protocol)

IEEE 1588 standard for microsecond-level time synchronization in LANs

• Accuracy: Sub-microsecond precision
• Use cases: Industrial automation, financial trading
• Hardware support: Requires specialized network equipment

NTS (Network Time Security)

Security extension for NTP providing authentication and encryption

• TLS handshake: Secure key exchange
• Packet authentication: Prevents time spoofing
• Backward compatibility: Works with existing NTP infrastructure

Site-to-Site VPN

Permanent encrypted connections between network locations:

• Use case: Connecting branch offices
• Protocols: IPSec, GRE over IPSec
• Benefits: Always-on connectivity, transparent to users

Client-to-Site VPN

Remote user access to corporate network:

• Clientless: Browser-based access (SSL VPN)
• Client-based: Software installation required
• Split tunnel: Only corporate traffic through VPN
• Full tunnel: All traffic through VPN

SSH (Secure Shell)

Encrypted command-line access to network devices:

• Authentication: Password or key-based
• Encryption: All communication encrypted
• Port: TCP 22
• Benefits: Secure replacement for Telnet

GUI (Graphical User Interface)

Web-based or application interfaces for device management:

• Web interfaces: HTTPS-based management
• Desktop applications: Vendor-specific tools
• Benefits: User-friendly, visual configuration
• Considerations: May have limited functionality

API (Application Programming Interface)

Programmatic access to device functions:

• REST API: HTTP-based interactions
• NETCONF: Network configuration protocol
• Benefits: Automation, integration with tools
• Authentication: API keys, tokens

Console Access

Direct physical connection to device:

• Serial console: RS-232 or USB connections
• Emergency access: Works when network is down
• Initial configuration: First-time device setup
• Recovery: Password recovery and firmware updates

Jump Box/Bastion Host

Secure gateway for accessing internal network resources:

• Function: Single point of entry
• Security: Hardened system with logging
• Access control: Authentication and authorization
• Monitoring: Session recording and audit trails

Management Network Separation

In-band Management:

• Uses production network infrastructure
• Shared with data traffic
• Cost-effective but less secure

Out-of-band Management:

• Dedicated management network
• Isolated from production traffic
• Higher security and availability