Mike Meyers' CompTIA A_TM Core 1 networking.pdf
Document Details
Uploaded by FoolproofTopaz
Jefferson
CompTIA
Tags
Full Transcript
Networking Domain Objectives 2.1 Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes. 2.2 Compare and contrast common networking hardware. 2.3 Compare and contrast protocols for wireless networking. 2.4 Summarize services pro...
Networking Domain Objectives 2.1 Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes. 2.2 Compare and contrast common networking hardware. 2.3 Compare and contrast protocols for wireless networking. 2.4 Summarize services provided by networked hosts. 2.5 Given a scenario, install and configure basic wired/wireless small office/home office (SOHO) networks. 2.6 Compare and contrast common network configuration concepts. 2.7 Compare and contrast Internet connection types, network types, and their features. 2.8 Given a scenario, use networking tools. Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes I n the standard network reference models, such as the TCP/IP and OSI models, the respective Transport layers define two protocols: the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), which are the primary data transfer protocols of any TCP/IP network. Although both are used to transport information, they are as different as an eye dropper and a fire hose—a difference we explore in this objective. Ports and Protocols Protocols handle data transfer details, such as how to pack and unpack data into protocol-specific packet formats. The Internet runs on the Transmission Control Protocol/Internet Protocol (TCP/IP) suite, which is a stack (collection) of protocols and services that individually are designed to manage, package, transmit, and operate networks large and small. NOTE The terms packet and frame are often used interchangeably. However, they are actually two different message formats used on separate layers of a network reference model. A frame is a Data Link layer message format, most commonly used in Ethernet networks. A packet is a Network or Internet layer message format typically associated with TCP/IP networks, such as the Internet. TCP and UDP both use port numbers to identify the type of connection being used. Table 2.1-1 provides a quick reference to application protocols and the TCP port numbers they use. Table 2.12 provides a quick reference to utility protocols (protocols that are hidden “behind the scenes” protocols) and the TCP and UDP port numbers they use. TABLE 2.1-1 Application Protocols TABLE 2.1-2 Utility Protocols EXAM TIP Be able to identify the various TCP/UDP ports and the associated protocol of each port. ADDITIONAL RESOURCES Apps with network support use many additional TCP and UDP ports. To see a comprehensive real-time report on TCP and UDP activity on a computer running Windows, download the free LiveTcpUdpWatch utility from NirSoft at https://www.nirsoft.net/utils/live_tcp_udp_watch.xhtml. Connection-Oriented vs. Connectionless When transmitting data over a network, whether it’s over the same network or between two different networks, the protocol in use and the communication interfaces of the sending and receiving stations determine which of the two available connection types is to be used. The two connection types are connection-oriented and connectionless. A connection-oriented protocol, as its name implies, focuses on creating, managing, and operating the connections and data transmission over the circuit established between them. A connectionless protocol, as its name implies, doesn’t create formal connections and focuses instead on the data transmission. Connection-Oriented The connection-oriented communication method is an outgrowth of the telephone system. Before signals can be transmitted over an end-to-end link, each end of the link must agree to the configuration of the line and the protocol in use. The link is confirmed using what is called a handshake, which involves an exchange of specialized packets that represent a request to synchronize (SYN), a request to send (RTS), indications that the line is clear to send (CTS), and the acknowledgments (ACKs) for each packet sent and received by either end. Once the connection is verified, data packets are transmitted and received in a fixed serial order. Because of its rigid protocol requirements, TCP, which is a connection-oriented protocol (COP), is considered to be a reliable communication protocol. Connectionless Earlier TCP and UDP were likened to an eye dropper and a fire hose, respectively. With its fixed requirements for establishing and managing a communication link, the connection-oriented TCP is something like an eye dropper. A connectionless protocol—namely, UDP—is then more like a fire hose. A connectionless protocol doesn’t manage the connection, the transmission link, or the data flow. Data is merely transmitted on the line without the use of RTSs, CTSs, or ACKs. Data flows at the speed available, much like water through a fire hose. UDP, which is a connectionless protocol (CLP), is considered to be an unreliable protocol. Figure 2.1-1 shows a simplified comparison of connectionoriented and connectionless protocols. FIGURE 2.1-1 A comparison of the connection methods used by TCP and UDP TCP vs. UDP TCP accomplishes the reliable transfer of data with communication rules that require both machines to acknowledge each other to send and receive data. Thus, TCP is referred to as a connection-oriented protocol. UDP is much faster because it lacks these checks—which is fine if your data can tolerate some errors, or if the chance of errors is low. For example, speed might be more important than a few dropped packets for a Voice over IP (VoIP) call or video chat. Because UDP simply sends data without checking to see if it is received, it is referred to as a connectionless protocol. When data moving between systems must arrive in good order, we use the connection-oriented Transmission Control Protocol (TCP). If it’s not a big deal for data to miss a bit or two, the connectionless User Datagram Protocol (UDP) is the way to go. Most TCP/IP applications use TCP (that’s why we don’t call it UDP/IP) because it transfers data reliably. Other Connection-Oriented Protocols Although TCP is often given as the primary example of a connectionoriented protocol, there are others. In situations where an assurance of integrity or confidentiality is needed, there is very likely a COP that fits the bill. Other commonly used COPs are HTTPS, FTP, SMTP, and SSH. TCP, HTTPS, and SSH are the COPs you can expect to see on the A+ Core 1 exam. Let’s look at the latter two a bit deeper. Hypertext Transport Protocol Using TLS At one time, the S in HTTPS represented the Secure Sockets Layer (SSL), but SSL is in the process of being replaced by the Transport Layer Security (TLS) protocol, but more on that later. First, it’s important to understand how HTTPS incorporates connectionoriented communication. Like TCP, an HTTP session involves an exchange of messages between the requester and the server, which can require several back-and-forth messages. These messages help the client and the server come to an agreement on the characteristics of the transmission, such as bandwidth, speed, and more. However, one of these characteristics isn’t security, and HTTP data packets are plain text, which is why TLS is added to the mix. HTTPS encrypts the standard HTTP packet within a TLS wrapper (packet). So, in this relationship, HTTP provides the connection-oriented assurance of the communication and TLS supplies the security. Secure Shell The Secure Shell (SSH) protocol is a secured replacement for the unsecured Telnet protocol, which is a COP for unencrypted communication between network nodes. In addition to a lack of security, Telnet doesn’t provide authenticate policies or encryption. The SSH protocol is included in all later versions of macOS and Linux, but a utility, such as PuTTY, is required for Windows systems. SSH operates on a client/server model using TCP port 22 and uses a TCP authentication handshake to verify a session and, once verified, sets up the secure shell and connection. Other Connectionless Protocols There are functions and services performed by several TCP/IP protocols that require less assurance and more efficiency than would be possible with a connection-oriented protocol. Some of the more commonly used connectionless protocols are UDP, Internet Protocol (IP), Internet Control Message Protocol (ICMP), Dynamic Host Configuration Protocol (DHCP), and Trivial FTP (TFTP). The A+ Core 1 exam may include questions or references about DHCP and TFTP. Dynamic Host Configuration Protocol The Dynamic Host Configuration Protocol (DHCP) is a connectionless protocol that functions on UDP. DHCP is a client/server model protocol that responds to a client’s request for IP configuration data with data drawn from a pool of predefined values. DHCP also manages the “lease” period for the data supplied to the client and its renewal or expiration. DHCP operates as a connectionless service because the data is needed immediately by the requesting station. Trivial File Transfer Protocol The legacy File Transfer Protocol (FTP) is a connection-oriented service based on the need for accuracy in the transfer. However, smaller files, command sets, or files not requiring verification can use a connectionless service. Trivial FTP (TFTP) is a lightweight version of FTP that operates without authentication and a structured flow control as a connectionless protocol. REVIEW Objective 2.1: Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes Application protocols use TCP ports to perform functions such as file transfer, terminal emulation, web page transfers, and remote desktop connections. TCP ports are connection-oriented, meaning that both ends of a connection must acknowledge the connection. TCP connections are more reliable but slower than UDP connections. Utility protocols use primarily UDP ports, as well as some TCP ports, to perform functions such as file and directory services, folder sharing, and services discovery. UDP ports are connectionless, meaning that a service using UDP does not verify that the connection is working. UDP connections are faster but less reliable than TCP connections. HTTPS and SSH are connection-oriented protocols. DHCP and TFTP are examples of connectionless protocols. 2.1 QUESTIONS 1. An incorrect firewall setting results in port 110 being blocked. Which of the following services will not work until the port is unblocked? A. Secure web pages B. Receiving POP3 e-mail C. Remote desktop D. Upgrading to Windows 11 2. A computer that uses automatic IP addressing relies on which of the following ports? A. 21 B. 25 C. 143 D. 67, 68 3. Which of the following protocols are considered connectionoriented? (Choose two.) A. HTTPS B. SSH C. DHCP D. TFTP 4. Sometimes, for greater security, e-mail providers change the default ports used for sending and receiving e-mail. If an e-mail provider changes from port 143 to a different port, which of these services would need to be configured to use the new port? A. POP3 B. SMTP C. IMAP D. HTTP E. SSH 5. A user reports that she can connect to insecure websites (http://) but not to secure websites (https://). Which port is being blocked by a firewall? A. 80 B. 445 C. 25 D. 443 2.1 ANSWERS 1. B The default port used by POP3 to receive e-mail is 110. 2. D The ports used by the DHCP service for automatic IP addressing are 67 and 68. 3. A B HTTPS and SSH are connectionless protocols. 4. C IMAP normally uses port 143. 5. D 443 is the port used for HTTPS (secure HTTP). Compare and contrast common networking hardware N etworks are all about interconnecting computing devices (also called hosts) so they can communicate. More specifically, your local host can communicate with remote hosts to access the resources (such as printers, files, web pages, and so on) those systems share, and to share its own resources. In each exchange, the system providing a resource is the server, and the system using the resource is the client; when we call an entire system a server, what we really mean is that the system’s primary job is serving some resource(s) to clients. For a variety of different devices to share resources over a network, the network components need a shared connectivity standard, an addressing method clients and servers can use to find and communicate with each other, and shared software protocols that each system in an exchange understands. Let’s look at many of the concepts and components that come together to form a network. Routers A router is a device that connects LANs to a WAN (see Figure 2.21). Hosts send signals for destinations outside of the LAN to the router, which routes traffic between networks. FIGURE 2.2-1 Two broadcast domains connected by a router—a WAN Switches Switches connect hosts on a local area network (LAN) and pass signals between them. Switches memorize the MAC address of each device to smartly repeat signals to the appropriate host. A group of computers connected by one or more switches is a broadcast domain (see Figure 2.2-2). FIGURE 2.2-2 Two broadcast domains—two separate LANs EXAM TIP A LAN is a group of networked computers within a few hundred meters of each other, whereas a wide area network (WAN) is a group of computers on multiple LANs connected with long-distance technologies. Managed A managed switch is a switch in which each port can be configured with different settings. For example, you can set a single managed switch to function as two or more virtual LANs (VLANs), control quality of service (QoS) settings on a per-port basis, and more. Unmanaged An unmanaged switch is the type of switch sold for small office/home office (SOHO) use, such as the one shown in Figure 2.2-2. It has no management features, and all devices connected to it are in the same LAN. EXAM TIP Be ready to identify the various networking hardware devices. Know the differences between routers, managed switches, and unmanaged switches. Access Points An access point (AP) centrally connects wireless network nodes into a wireless LAN (WLAN) in the same way a switch connects wired devices into a LAN. Many APs also act as high-speed switches and Internet routers (see Figure 2.2-3). APs are sometimes referred to as wireless APs (WAPs). FIGURE 2.2-3 Device that acts as access point, switch, and router (inset shows ports on back side) Patch Panel A patch panel (shown in Figure 2.2-4) has a row of permanent connectors for horizontal cables on the back and a row of female port connectors on the front, enabling you to use short stranded-core UTP patch cables (shown in Figure 2.2-5) to connect the patch panel to the switch. Premade patch cables make it simple to get multiple colors for organization and often come with booted (reinforced) connectors. FIGURE 2.2-4 Typical patch panels FIGURE 2.2-5 Typical patch cable NOTE A patch cable is a specific length (usually short but can be up to 100 feet) of cable terminated at each end with a plug or socket. Also called a patch cord. Firewall Firewalls generally protect an internal network from unauthorized access to and from the Internet at large with methods such as hiding IP addresses and blocking TCP/IP ports, but firewalls at internal boundaries can also help limit the damage a compromised node can do to important resources. Hardware firewalls are often built into routers (or standalone devices), whereas software firewalls run on individual systems. Hardware firewalls protect your LAN from outside threats by filtering packets before they reach your internal network and its resources and devices. You can configure a SOHO router’s firewall from its browser-based settings utility provided by virtually all hardware firewalls. Hardware firewalls use stateful packet inspection (SPI) to inspect individual packets and block incoming traffic that isn’t a response to your network’s outgoing traffic. You can even disable ports entirely, blocking all traffic in or out. Most software firewalls don’t provide the advanced features found on larger hardware firewalls, but they are primarily designed to protect a single host computer rather than entire networks or enterprise systems. Figure 2.2-6 shows a sampling of the firewall settings on the Comodo Internet Security Pro system. FIGURE 2.2-6 The configuration settings on a software firewall Power over Ethernet Most network hardware, including APs, draw power from an electrical outlet. Advanced APs and networked devices such as security cameras can instead operate on electricity supplied by a Power over Ethernet (PoE) injector or PoE switch. Both types of devices enable a standard Ethernet cable to carry power and data simultaneously. PoE Standards PoE provides electrical power from power sourcing equipment (PSE), such as a PoE switch, to a powered device (PD) over Ethernet cables that carry both the electrical power and transmitted data. PoE standards, discussed next, are developed and published by the IEEE (Institute of Electrical and Electronics Engineers) primarily to control how much power is supplied to different types of PDs. The PoE standards define four types or levels of power, detailed in IEEE 802.3af, IEEE 802.3at, and IEEE 802.3bt, which defines two types. Each of these PoE standards specifies the minimum power a PSE can source and the maximum power a PD can expect to receive. The three standards, which are defined within the IEEE 802.3 Ethernet group, are as follows: IEEE 802.3af (Standard PoE) Also known as Type 1, this standard defines a power source of 44–57 volts and the maximum power output of a port to be no more than 15.4 watts. Used for voice over the Internet (VoIP) and Wi-Fi APs. IEEE 802.3at (PoE+) Also known as Type 2, this standard is essentially an update to the 802.3af standard. However, the 802.3at standard doesn’t replace or obsolete the earlier standard and is backward compatible with it. PoE+ supplies a range of 50–57 volts. Each port of a PSE can supply up to 30 watts of power, but not less than 25 watts. PoE+ supports LCD displays, biometric sensors, and tablets. IEEE 802.3bt (PoE++) Also known as Type 3 and Type 4, these two standards increase the maximum PoE power by sending additional power over two or more previously unused pairs of Ethernet cables: Type 3 (PoE++) Carries up to 60 watts on each PoE port with a minimum power of 51 watts on a single RJ-45 cable. Type 4 (higher-power PoE) Supplies maximum power of 100 watts on each port of a PSE and ensures a minimum of 71 watts. Table 2.2-1 summarizes the specifications of the PoE standards. TABLE 2.2-1 IEEE PoE Standards Injectors A PoE injector (also known as a midspan) is plugged into a standard Ethernet cable coming from a switch and a source of AC power. The injector adds the power to the Ethernet cable running from the injector to the PoE device. Switch A PoE switch detects whether connected devices are standard Ethernet devices or PoE devices. It supplies power to PoE devices but does not supply power to standard Ethernet devices. Hub An Ethernet hub resembles a switch but takes a signal from one port and blindly broadcasts it out the others. This slows down traffic, and to make matters worse, hubs subdivide the total bandwidth of the network by the number of connected devices. Take, for example, a 100Base-T (Fast Ethernet) network. Use a switch, and you get the full 100-Mbps speed to each port. Replace that switch with a hub, and if you have four devices connected, the effective speed per port is only 25 Mbps. Don’t use Ethernet hubs (USB hubs, on the other hand, are very useful). Optical Network Terminal Fiber-to-the-curb/-cabinet (FTTC), fiber-to-the-premises (FTTP), and fiber-to-the-home (FTTH) are becoming more and more available throughout the United States and in many countries around the world. If you subscribe to a fiber optic service for Internet, you’ll find that just like most all other communication service types, there is a device that serves as the demarcation point (demarc). In a fiber installation, the demarc is a device for which the responsibility for the service connection is divided. The service provider is responsible for all aspects of the service (quality, availability, speed, and so on) from its originating source, like a central office (CO). The subscriber is responsible for the service either at or beyond the demarc (as it enters the premises). The responsibility of the demarc and the service responsibility change are typically tied to who owns the demarc. In a fiber optic service, the demarc can be an optical network terminal (ONT), or the service provider may install a termination unit as the demarc, as illustrated in Figure 2.2-7. This device operates like a modem that is converting digital to analog and back again. An ONT, however, converts light signaling into electrical impulses, and vice versa. An ONT device can be about the same size as a cable modem but may also be the size of a bathroom medicine cabinet. Typically, an ONT is installed out of sight in a utility or service area. FIGURE 2.2-7 An ONT provides the conversion between fiber optic service and a premises network. Cable/DSL Modem At one time, DSL was one of the more common types of broadband services for SOHO networks. However, it’s now just one of several services available for SOHO Internet connections, along with cable, satellite, and wireless. The A+ Core 1 (220-1101) exam focuses on only two of these services: cable and DSL. This section looks at the differences between these services and their respective modem interfaces. Cable Modem Cable uses regular RG-6 or RG-59 cable TV lines to provide upload speeds from 1 to 20 Mbps and download speeds from 6 Mbps to 1+ Gbps. Cable Internet connections are theoretically available anywhere you can get cable TV. The cable connects to a cable modem that itself connects (via Ethernet) to a small home router or your NIC. Some cable modems also include support for VoIP telephony, such as the one shown in Figure 2.2-8. FIGURE 2.2-8 Cable modem with VoIP telephone support DSL Modem A digital subscriber line (DSL) modem connects to a standard RJ-11 telephone line, enabling the conversion of high-speed digital signals to and from the telephone line. DSL modems frequently are combined with wireless routers and are referred to as DSL gateways. DSL speeds vary widely from location to location because the greater the distance from the DSL modem to the telephone company’s central switch, the slower the performance. CrossReference To learn more about DSL service, see the “DSL” section in Objective 2.7. Network Interface Card A network interface card (NIC) was originally an add-on card that connected a computer to an Ethernet or other wired network. Although most computers and network devices use integrated wired or wireless network connections instead of a card, the term NIC is used for both network cards and integrated network adapters. Older computers can use PCI-based NICs, while current computers can use PCIe NICs, such as the wireless NIC shown in Figure 2.2-9. FIGURE 2.2-9 Wireless PCIe add-on NIC If a computer needs an upgrade to a faster or more capable NIC, it’s usually easier to use a USB NIC, like the one shown in Figure 2.2-10. Tablets and other devices with USB ports but no Ethernet ports can use a USB to Ethernet adapter (see Figure 2.2-11). FIGURE 2.2-10 External USB wireless NIC FIGURE 2.2-11 External USB to Ethernet adapter Each network adapter (or NIC) has a 48-bit built-in binary media access control (MAC) address that uniquely identifies it. Before a NIC sends data out, it breaks that data into transmission-friendly frames (see Figure 2.2-12), each tagged with the MAC address of the sender and recipient, along with information the receiver can use to detect any possible errors. A network switch uses the MAC address to forward frames to the port on which the correct host can be reached. FIGURE 2.2-12 Generic frame NOTE A cyclic redundancy check (CRC) is a common mechanism for detecting data transmission errors. Software-Defined Networking Unlike hardware-based networking—where the configurations of a network’s switches, routers, and firewalls specify its operations, pathing, and decisions—software-defined networking (SDN) provides an approach to network management that enables the network configuration to be set using dynamic, programmatic settings to define the network environment. SDN provides a more flexible way to configure a network’s operation, performance, and monitoring functions. SDN is more like cloud computing than traditional hardware-based network management. An SDN network is defined on three layers: an application layer, a control layer, and an infrastructure layer. This architecture isn’t something you need to know for the exam, but what each layer represents may help you to answer a question in which SDN is material. The application layer of an SDN contains hardware or software edge devices, such as a load balancer or a firewall (or both) and other mechanisms that operate at the edge of the network. The control layer contains the device (for example, a router or switch) that runs the software and acts as the brains for the network. The infrastructure layer is made up of the switching systems and devices that direct the flow of network traffic. The most important element of all of this is that the functions and interactions of the SDN layers are software-defined. REVIEW Objective 2.2: Compare and contrast common networking hardware Networks interconnect devices for communication and sharing resources. Network components share a connectivity standard, an addressing method, and protocols. A router connects LANs to WANs, and a switch connects devices on a LAN. Switches use the MAC address of a device, and routers use IP addresses to forward data to a destination. A LAN is a group of networked computers in close proximity, and a WAN is a group of computers on multiple LANs connected with long-distance technologies. Each port on a managed switch can be configured with different settings. An unmanaged switch has no management features. An AP centrally connects wireless network nodes into a WLAN. A firewall protects an internal network from unauthorized access to and from external networks. A network firewall can be either hardware or software. PoE devices provide electrical power over cables that carry both electrical power and transmitted data. An Ethernet hub takes a signal from one port and broadcasts it to all its other ports. An ONT is a fiber optic service’s demarc that converts light into electrical impulses, and vice versa. A DSL modem converts high-speed digital signals to and from the telephone line. A cable modem performs the same function on a cable service line. An SDN network is defined on three layers: an application layer, a control layer, and an infrastructure layer, which contain hardware or software edge devices, the control software, and the switching systems, respectively, that define and control a network. 2.2 QUESTIONS 1. Company A wants to create two separate networks in a building but only wants to use a single-point connection. Which of the following does the company need? A. Unmanaged switch B. Router C. Hub D. Managed switch 2. You wish to install a digital PoE security camera over an outside storage area that requires 60 watts of power. To operate, what is the minimum PoE standard for this camera? A. PoE+ B. Standard PoE C. Type 3 PoE++ D. PoE is not available for digital cameras. 3. Company B has just moved into a new building and has found an existing Internet connection that use RG-6 wiring. Which of the following is being used? A. Cable B. DSL C. PoE D. Fiber 4. Your client is a company that has two locations in the same city, both of which get their Internet service from the same provider in the same city. Both locations use the same type of service, but one location has service that is about three to five times faster than the other. What type of service is most likely being used? A. Cable B. Satellite C. DSL D. PoE 5. What feature of all network adapters can be used to determine which device a frame is sent from or going to? A. IP address B. MAC address C. Switch port D. Router 2.2 ANSWERS 1. D A managed switch can be used to create multiple networks. 2. C A 60-watt PoE device requires Type 3 PoE++ standard support. 3. A RG-6 is a type of wiring used for cable Internet and cable TV. 4. C DSL service varies widely in speed, which is dependent on the distance from a client site to the central switch (central office) used by the phone company; longer distances have slower connections. 5. B Every network adapter, including those built into other devices, has a unique 48-bit MAC address. Compare and contrast protocols for wireless networking S etting up a small office/home office (SOHO) network is a great way to learn about networking and its benefits, such as easy file sharing and more flexible printing. The principles and methods you learn in this objective will help you understand the operations of wireless networking protocols. Frequencies The U.S. Federal Communications Commission (FCC) and the International Telecommunication Union (ITU) work together to provide interference-free transmission across the spectrum of RF bands. The ITU’s authority also extends to assigning satellite orbits and developing and coordinating worldwide technical standards. Figure 2.3-1 shows a graphic of the frequency allocations in U.S. radio spectrum. FIGURE 2.3-1 The frequency allocations in U.S. radio spectrum ADDITIONAL RESOURCES For a better view of the poster shown in Figure 2.3-1, visit the National Telecommunications and Information Administration (NTIA) at www.ntia.doc.gov/files/ntia/publications/january_2016_spectrum_ wall_chart.pdf. The two primary radio frequency bands used in SOHO wireless networks are those that contain the 2.4-GHz and 5-GHz frequencies. These frequency bands are unlicensed, meaning there is no registration or licensing fees or requirements for their use. Industrial, Scientific, and Medical Bands The Industrial, Scientific, and Medical (ISM) bands were originally designated for use by machinery that emits RF signals as a byproduct of its use, such as welders, heaters, and microwave ovens. In 1985, these bands were opened for use with mobile communications and LAN networking. The ISM bands are open and free to use without restriction. However, the downside to using ISM bands is that ISM bands are used for other purposes beside Wi-Fi. Many household, first responder, microwave, and several other wireless connections are also permitted to use these frequencies. As shown in Table 2.3-1, the ISM bands used in Wi-Fi are in the 2.40-GHz to 2.48-GHz band and the 5.73-GHz to 5.83-GHz band. ISM bands are the basis of two IEEE 802.11 standards: 802.11b and 802.11g. Within these standards, wireless devices communicate over non-overlapping channels (channels 1, 6, and 11), as shown in Figure 2.3-2. All other channels overlap one or more other channels, making them unreliable to use. TABLE 2.3-1 Bandwidth for the ISM RF Bands FIGURE 2.3-2 The channels in a wireless frequency band Unlicensed National Information Infrastructure Bands The Unlicensed National Information Infrastructure (UNII) bands include three separate frequency bands: UNII-1 (lower bands), UNII2 (middle bands), and UNII-3 (upper bands), as shown in Table 2.32. Each of these frequency groupings is 100 MHz wide. Like the ISM bands, UNII bands are unlicensed. TABLE 2.3-2 Standard UNII Bands Channels Each of the 802.11-based wireless network standards uses a single frequency range in either of the two radio band allocations (ISM or UNII) for sending and receiving data. Although 14 ISM channels are defined internationally, not all the channels can be used in certain countries. In the U.S., the FCC identifies only 11 channels, for example. Each of the 11 U.S. channels is 5 MHz in width. Unfortunately, in the 11-channel designation, only channels 1, 6, and 11 are available for use on a wireless local area network (WLAN), as these channels aren’t overlapped by other channels, as illustrated in Figure 2.3-2. The UNII frequencies have 24 non-overlapping channels that can be used on a WLAN, but not all are available on each of the UNII band levels. Table 2.3-3 lists the non-overlapping channels available for each of the bands. TABLE 2.3-3 UNII Non-overlapping Channels Wireless Networking Standards Wi-Fi, or wireless networking, is made up of a series of standards published by the IEEE. These standards define different levels of range, bandwidth, and compatibility with other standards for the medium in a WLAN. For each of the Wi-Fi standards, all of which are in the 802.11 series, two primary measurements are used to differentiate them: speed and frequency. Speed designates the amount of data a standard can transmit from one wireless device to another in millions of bits per second, or Mbps. Frequency specifies the RF frequency of the wireless medium. Table 2.3-4 lists these characteristics for the current wireless standards. TABLE 2.3-4 Current Wireless Network Standards EXAM TIP You should know the characteristics of the various WiFi/802.11 standards for the A+ Core 1 exam. NOTE Wi-Fi 5, or 802.11ac, operates only in the 5-GHz band. However, Wi-Fi 4, Wi-Fi 6, and after are dual-band and operate in either the 2.4-GHz or 5-GHz band. Bluetooth As explained in Objective 1.4, Bluetooth devices communicate directly with each other. Whereas a wireless LAN needs an intermediary device, such as a router or an access point, Bluetooth devices are able to connect directly by “pairing.” Bluetooth data transmission uses a limited-distance frequency between 2.1 and 2.48 GHz that a wireless network may also use. A Bluetooth device operates on either Bluetooth Low Energy (LE), which is the more popular of the two types, or legacy Bluetooth, which is also called Basic Rate/Enhanced Data Rate (BR/EDR). Bluetooth LE has a lower data transfer rate (1 to 2 Mbps) than the Bluetooth BR/EDR, which operates at 3 Mbps. Bluetooth devices, such as computing and handheld devices, can be all or part of a personal area network (PAN), which is accomplished by pairing Bluetooth devices together (important to remember for the exam). The following section provides a basic outline of the pairing process for a Bluetooth device. Enabling and Pairing Bluetooth Before you can connect via Bluetooth one device with another, you must first enable the Bluetooth capability on the device(s). Enabled Bluetooth devices can then be paired to establish interaction between them. For example, you can pair two smartphones together or a PC to a keyboard, mouse, printer, or another Bluetooth device. Assuming the device you wish to pair with has Bluetooth active and ready, the following sections describe the steps you need to take on a Windows, macOS, or Linux device to enable and pair it. Windows 10/11 To enable Bluetooth on a Windows 10 or Windows 11 device, do the following: 1. Open the Settings app from the Start menu. 1. Choose Devices to open the Bluetooth & Other Devices page. 4. Move the slide switch to On to enable Bluetooth (see Figure 2.3-3). FIGURE 2.3-3 The Bluetooth & Other Devices settings page Once Bluetooth is enabled on a Windows device, it can be paired with (connected to) another Bluetooth device. On a Windows device, open the Settings | Devices | Bluetooth & Other Devices page, as described. Click the plus sign associated with the Add a Bluetooth or Other Device option, and the Add a Device applet page will appear (see Figure 2.3-4). Choose Bluetooth to open the page that lists the Bluetooth devices within range to which your device can be paired. Choose the device to complete the pairing. FIGURE 2.3-4 The Add a Device applet is used to pair Bluetooth devices to a Windows device. Many Bluetooth devices, such as wireless headsets, mice, keyboards, and the like, will ask for a PIN code (number) to complete the pairing. For most devices, the pairing process is timed, which means you only have about 30 seconds (or less) to complete the pairing. Typically, this code is found in the device’s user manual or on a sticker on the device itself. If you cannot find the code cannot, access the manufacturer’s website or contact them directly. macOS To enable Bluetooth on an Apple macOS device, use the following steps: 1. On the Control Center or on the menu bar, click the Bluetooth icon (see Figure 2.3-5). FIGURE 2.3-5 The Bluetooth symbol 2. Click the Bluetooth switch to On (to enable) or Off (to disable). NOTE On a macOS system, turning off Bluetooth may also disable hotspot and other services. To pair a Bluetooth device to macOS, make sure the device is on and Bluetooth is enabled. Open System Preferences on the Apple menu and click Bluetooth to list the devices in range and choose the device. Enter the passcode if required. Linux On a Linux system, depending on its distro, the required daemons are bluez, gnome-bluetooth, Xfoe, LXDE, and i3, all of which are typically available in the blueman package. To start the Bluetooth daemon, enter the command sudo apt-get Bluetooth start in the Terminal. To pair a Bluetooth device to a Linux system, use the following series of commands at the command line: 1. Check the Bluetooth status: sudo systemctl status Bluetooth 2. Enable Bluetooth discovery: bluetoothctl discoverable on 3. List Bluetooth devices in range: bluetoothctl scan on 4. Pair with a device: bluetoothctl pair 5. Connect to the paired device: bluetoothctl connect 6. Set the paired device to trust status: bluetoothctl trust 7. List paired devices: bluetoothctl paired-devices Long-Range Fixed Wireless Often the cost of pulling cable over long distances to provide access to rural homes and businesses isn’t feasible. In this case, alternative solutions, such as digital subscriber line (DSL), satellite, and fixed wireless access (FWA), can provide access to Internet-based resources. DSL may not be a viable solution in all situations. It has distance limitations and may not be available. Satellite and FWA may also not be viable as they are point-to-point and typically line-of-sight (LoS) services. Satellite services require the installation of a dish and typically have expensive bandwidth increments. FWA does require an antenna, but it is smaller than a satellite dish. Like satellite, FWA doesn’t require long pulls of fiber optic and copper cables for last mile connection. If you have a satellite service, such as Dish Network, DirectTV, or Hughes Internet, you are already using a form of FWA. FWA isn’t a new technology, and it’s possible you use some form of it, in one way or another, including 4G/LTE and Wi-MAX, both of which have proven to be expensive to install and operate. The deployment of 5G Fixed Wireless Access (5G-FWA) or any of the fixed wireless legacy systems, such as Local Multipoint Distribution Services (LMDS) and ISM 2.4-MHz point-to-point services, will depend on local ordinances and policy. IEEE 802.11ah The IEEE 802.11ah standard defines a WLAN that operates on an unlicensed 1-GHz band. Its lower frequency gives it a longer transmission range than other Wi-Fi WLAN standards. IEEE 802.11ah is used for extended-range hotspots and cellular traffic offloading. Local Multichannel Distribution Service Local multichannel distribution service (LMDS) has proven to be a cost-effective two-way wireless LoS microwave service for all Internet media types. In the U.S., LMDS operates on the 28-GHz frequency band (the EU uses 40 GHz), which is limited to a range of two or three miles, depending on what may be encountered in its path. Licensed Frequencies In the U.S., the Federal Communications Commission (FCC) controls who can broadcast on the available RF spectrums. Licensed bands of the RF spectrum are assigned (for a fee) to broadcasting and cellular networks, among others. A licensed RF band grants the holder the sole right to broadcast their signals over one specific frequency in a specified geographic area (for example, your favorite radio station might broadcast on the licensed frequency of 98.7 FM). EXAM TIP For the A+ Core 1 exam, you should know and understand what long-range fixed wireless is and how it’s used as well as the difference between licensed and unlicensed frequencies. You should also have a general understanding of the power and signal strength elements of wireless signaling. WLAN Devices: Power and Signal Strength In a WLAN, transmitting and receiving devices convert wired signals to wireless signals and back again. The signals transmitted between the wireless devices are in the form of radio frequency signals, which can attenuate over set distances, depending on the signal strength. The primary signal strength and the power of the transmission are defined by the following: Radio transmit power Measured in decibel mW to indicate the power level of a transmitted signal. Equivalent isotopically radiated power (EIRP) The equivalent of the transmit power less the signal strength loss between the transmitter and the antenna plus the signal strength gain of the antenna. Received signal strength indicator (RSSI) As its name says, this is the measurement of the signal strength received at any receiver within the range of a WLAN. It indicates the signal strength residual after distance and obstacle attenuations. Near-Field Communication Near-field communication (NFC) allows wireless devices to communicate with other wireless devices within a range of 4 centimeters (cm), or about 1.6 inches. NFC transmits and receives RF waves, which can make it seem much like Bluetooth, RFID, or even Zigbee, but NFC differs because its signal generation is produced from electromagnetic induction. This allows passive devices with no power source to transmit to an active device, such as a smartphone or tablet, that enters its range. NFC has three modes of operations: read/write, card emulation, and peer-to-peer, which has been redacted. NFC is most commonly used with tap-to-go payment systems, such as Apple Pay, Google Pay, and other form of cashless payment services. Radio-Frequency Identification Radio-frequency identification (RFID) is a technology in which digital data, burned into labels or tags, is emitted as RF waves that can be received by nearby readers. RFID is an automatic identification and data capture (AIDC) technology that automatically identifies objects, collects data about them, and inputs the data into another system without external intervention. At its core, an RFID system has three components: an RFID tag or label, a reader, and an antenna. An RFID tag or label contains an integrated circuit and an antenna that transmits data to an RFID reader on a receiver device. The reader converts the signal into usable data that is transferred to a host computer system and then stored. RFID devices can be used for asset, inventory, and people tracking as well as to limit access into controlled areas. RFID technology is also used in ID badges. REVIEW Objective 2.3: Compare and contrast protocols for wireless networking The two primary RF spectrums used in SOHO wireless networks are the unlicensed ISM and UNII spectrums (2.4 GHz and 5 GHz, respectively). ISM WLAN devices communicate over non-overlapping channels (channels 1, 6, and 11). The IEEE 802.11 wireless networking standards have evolved from the 802.11a to the current 802.11ax. Wi-Fi 802.11 standards use two measurements to differentiate them: speed and frequency. Speed designates the data transmitted in Mbps. Frequency specifies the RF frequency. Bluetooth devices communicate directly, but a WLAN requires an intermediary device, such as a router or an access point. Bluetooth transmits on a limited-distance frequency between 2.1 and 2.48 GHz in the ISM frequencies. NFC wireless devices communicate in a range of 4 cm. NFC has three modes of operations: read/write, card emulation, and peer-to-peer. RFID labels or tags emit RF waves that can be received by nearby readers. RFID systems have three components: an RFID tag or label, a reader, and an antenna. 2.3 QUESTIONS 1. The wireless LAN RF frequencies are specified in the 2.4-GHz and 5-GHz ranges, which are known commonly as what? (Choose two.) A. ISM B. WLAN C. NTIA D. UNII 2. Bluetooth transmits on a limited-distance frequency between which two ISM frequencies? A. 2.57 GHz to 2.8 GHz B. 2.1 GHz to 2.48 GHz C. 5.725 GHz to 5.825 GHz D. 28 GHz to 36 GHz 3. Which of the following is not one of the factors used to define the primary signal strength and transmission power of an RF wireless signal? A. Radio transmit power B. EIRP C. RSSI D. DHCP 4. What is the maximum range of NFC wireless devices? A. 4 cm B. 4.6 inches C. 4 mm D. 4 mW 5. Which of the following is not a component of an RFID system? A. RFID tag B. RFID label C. RFID printer D. RFID reader 6. Which Wi-Fi standard has a maximum speed of 9.6 Gbps and uses the 2.4-GHz and 5.8-GHz frequencies? A. 802.11ac B. 802.11n C. 802.11ax D. 802.11z 2.3 ANSWERS 1. A D ISM frequencies begin with 2.4 GHz, and UNII frequencies begin with 5 GHz. 2. B Bluetooth transmits on a limited-distance frequency between 2.1 GHz to 2.48 GHz. 3. 4. D DHCP is not a factor of the primary signal strength and transmission power of an RF wireless signal. A The maximum range of NFC wireless devices is 4 cm. 5. C RFID systems are wireless and do not print physical elements. 6. C 802.11ax, also known as Wi-Fi 6, has a maximum speed of 9.6 Gbps and uses the 2.4- and 5.8-GHz frequencies. Summarize services provided by networked hosts N etwork hosts can be used as servers to provide file, print, and other types of services; as network appliances to provide security and network protection features; and as embedded and legacy devices to provide ATM, traffic light, machine control, and other specialized services. Server Roles A server is any computer or device that provides services to connected devices. Depending on the size and types of networks in use, some servers are built into devices such as routers, and some computers on the network can perform server roles. The following sections describe these roles. EXAM TIP Know the various server roles by name and function. For example, know that a syslog server is used to store (log) events and can send alerts to administrators. DHCP Server A Dynamic Host Configuration Protocol (DHCP) server provides IP addresses, default gateways, and other network settings such as DNS server addresses to connected devices. Typically, a DHCP server’s function is incorporated into a device such as a router on a small office/home office (SOHO) network. However, larger networks might use dedicated DHCP servers. DNS Server A Domain Name Service (DNS) server maintains a database of IP addresses and their matching host names. When a host name, such as www.totalsem.com, is entered into a web browser, the DNS server used by that system matches that host name to the appropriate IP address. DNS servers are provided by ISPs as well as by public DNS services such as Google DNS and OpenDNS. Although your device typically is configured with DNS servers by the DHCP server, it is possible to manually configure the DNS servers you prefer. File Server A file server or a file share stores files that are used by other computers and devices on a network. For residential or small business networks, a file server–like function can be enabled through file sharing on Windows, Linux, or macOS computers. Larger organization networks typically use dedicated file servers and computers. File server hardware generally features very large highspeed storage devices, high-performance network adapters, and sufficient memory to support the server software it hosts. Print Server A print server manages a network print queue for printers that are attached to the server or are connected directly to the network. Depending on the network, a single physical server might be used for both file and print server tasks, or separate servers might be used. Mail Server A mail server sends and receives e-mail. Incoming servers (where you check for new e-mail) typically use Post Office Protocol version 3 (POP3) or Internet Message Access Protocol version 4 (IMAP4), while outgoing servers (where you send e-mail) use Simple Mail Transfer Protocol (SMTP). These addresses come from your e-mail provider (usually your ISP, company, school, or other organization). Syslog Syslog is a protocol that network devices use to send event messages to a server that logs them for viewing. The syslog server can send alerts that can be reviewed by network administrators. Syslog is not natively supported on Windows, but third-party software can be used to convert messages from Windows apps into syslog-compatible messages. ADDITIONAL RESOURCES To learn more about syslog, see the article “The Original Windows Syslog Server” at https://www.winsyslog.com/. Web Server A web server runs software designed for serving websites. For example, Microsoft Internet Information Services (IIS) functionality is available as an optional feature of Windows Server and businessoriented editions of Windows 10 and Windows 11. Most Linux distributions include Apache or Nginx web servers. Apache can also be used on macOS. Authentication, Authorization, and Accounting Server An authentication, authorization, and accounting (AAA) server program processes user requests to authenticate (identify) that the requestor is valid, may be authorized for specific access levels, and is to be tracked by audit and accounting functions. Authentication typically requires the verification of a user name and password, but additional factors can be used or required. Authorization assigns the predefined rights and permissions of an authenticated user to control access and action with resources. Accounting is the tracking mechanism in use to record the actions and results of the user. An AAA server verifies the user’s identity and controls and tracks access to system resources while the user is logged in to a network. Examples of AAA servers include RADIUS servers used by WPA2 and WPA3 encryption on corporate networks and servers that inspect RSA tokens provided by users with RSA key fobs. Internet Appliance Internet appliances are special-purpose devices that are incorporated into networks, typically to provide various types or levels of network security. The following sections provide a brief overview of the types of Internet appliances you need to know for the CompTIA A+ 220-1101 exam. Spam Gateways Anti-spam appliances (aka spam gateways) are devices that use onboard software to filter out incoming spam e-mail messages and instant messaging (or “spim”) to prevent them from entering a system. Spam gateway devices are primarily in use in enterprise organizations, but many ISPs, academic institutions, and small businesses also employ some version of this function. Unified Threat Management Unified threat management (UTM) involves the use of hardware or software to provide a combination of several security functions. Typically, a UTM device provides security protections that may include firewall, remote access, VPN support, web traffic filtering, anti-malware, and network intrusion prevention. UTM replaces the need to install separate devices or systems for each of its supported security functions. A UTM solution can be a specialized appliance that is placed between an internal network and an end or gateway device, or it may be installed on a virtual machine running cloudbased services. EXAM TIP Know the purposes of and understand the differences between Internet appliances such as UTM devices, intrusion detection systems (IDSs), and intrusion prevention systems (IPSs). For example, an IDS can identify threats and send alerts. However, the more powerful IPS can actually act on the threat and possibly stop it! Load Balancers The purpose of a load balancer is to spread out the processing required to respond to incoming request traffic as evenly as possible, or desired, across a group of network or specific-purpose servers. Load balancers typically sit on the network between client devices and the servers to be balanced. Incoming requests are assigned to the next available server with the capability of processing the request. Proxy Server A proxy server is an intermediary between its users and the resources they request. Applications send requests to the proxy server instead of trying to access the Internet directly, and the proxy server fetches the resources on behalf of the users. This enables the proxy server to monitor usage, to restrict access to or modify insecure or objectionable content, as well as to cache, compress, or strip out resources to improve performance—and more. Enterprise proxy servers are usually implemented as software running on a multipurpose server. EXAM TIP Many security appliances include context-based rules called data loss prevention (DLP) to avoid data leaks. DLP scans outgoing packets and stops the flow if they break a rule. Legacy/Embedded Systems Networked devices don’t necessarily look like computers. Many are, but you can find narrow-purpose computers or servers embedded in all sorts of machines and other equipment—CompTIA calls these legacy/embedded systems. It can be easy to overlook networked devices embedded in this equipment, but they may represent massive investments your network must remain compatible with. Some examples of legacy/embedded systems include machine controllers, digital watches, digital music players, traffic light controllers, aviation equipment, bank ATMs, and more. If these systems are running operating systems that are no longer supported with security or other patches (such as Windows XP or Windows 7), they represent a significant security threat. Supervisory Control and Data Acquisition Supervisory control and data acquisition (SCADA) systems perform real-time data collection for analysis of the efficiency, cost reduction, and operation improvements in an industrial setting. Because there can be an almost overwhelming amount of data available, SCADA is used to help organizations select and access specific data and control the functions of the equipment and machinery involved. SCADA applications can be used to view, collect, analyze, and graph a range of process characteristics, such as temperature, power consumption, operating levels, and many other measurable conditions. Internet of Things Devices Internet of Things (IoT) devices, also called “smart devices,” include those devices and objects capable of being connected to a WAN or the Internet. IoT devices, or “things,” is an ever expanding group, but characteristically they are devices that have the capability to send and receive data over a network. This includes automobiles, home appliances, smartphones and watches, residential and security lighting, home security detection and alarm systems, and more. For example, a car may have a system that helps it locate an empty parking space, or a refrigerator can alert its owner when the inventory of a required food or liquid item falls below a certain level. REVIEW Objective 2.4: Summarize services provided by networked hosts Web servers run software that serves websites. File servers store files and folders for use on the network. Print servers manage network print queues. DHCP servers provide IP addresses to connected devices. DNS servers handle DNS/IP address lookups. Proxy servers reroute requests for Internet content to their own copy of that content, or they can block requests. Mail servers send and receive e-mail. Authentication servers verify a user’s identity. The syslog protocol is used to send event messages to a server where they can be logged and viewed. Internet appliance categories include spam gateways, load balancers, IDSs, IPSs, UTM devices, and end-point management servers, all of which can be used to protect the network. Legacy/embedded systems such as ATMs and machine controllers represent a significant security threat if their operating systems are no longer being patched. SCADA systems perform real-time data collection for analysis of the efficiency, cost reduction, and operation improvements in an industrial setting. IoT devices include automobiles, home appliances, smartphones and watches, residential and security lighting, home security detection and alarm systems, and more! 2.4 QUESTIONS 1. Microsoft IIS and Apache are examples of which type of server? A. DHCP server B. File server C. Web server D. Print server 2. Company H is setting up a RADIUS server as part of its wireless network. This server will perform which of the following tasks? A. Mail server B. Authentication server C. Proxy server D. Print server 3. Company J wants to install an Internet appliance that will provide protection as well as load balancing and VPN services. Which of the following categories has the device they need? A. B. C. D. IPS DLP IDS UTM 4. Your client’s network is able to receive e-mail but unable to send it. Which of the following is not working? A. SMTP B. UTM C. Authentication server D. DNS server 5. Your department is considering an Internet appliance. Which of the following is the most likely reason to get one? A. Print serving B. Security C. Wireless AP D. Web server 2.4 ANSWERS 1. C These are examples of web servers. 2. B A RADIUS server is used for authentication on a WPA2 or WPA3 Wi-Fi enterprise network. 3. D UTM (unified threat management) includes broad protection against threats as well as bundles network security services. 4. A SMTP (Simple Mail Transfer Protocol) is used to send email messages. If this protocol is disabled or blocked, e-mail cannot be sent. 5. B Internet appliances are used to provide additional security features to an Internet connection. Given a scenario, install and configure basic wired/wireless small office/home office (SOHO) networks S mall office/home office (SOHO) networks tend to be simpler in design and layout, and they typically have fewer components than the networks in larger organizations and enterprises. This doesn’t mean that the same network functions aren’t required, because they are. A SOHO network often uses a single device to implement multiple network processes, but this capability isn’t always available. This objective provides an overview of the processes used to configure and install a basic network, wired or wireless, in a SOHO setting. Internet Protocol Addressing The most important activity in the configuration of a network, regardless of its size, is the assignment of its Internet Protocol (IP) addressing scheme. On Ethernet networks, which most SOHO networks are, the addressing choices are Layer 2 Media Access Control (MAC) addresses (also called physical addresses) and IP version 4 (IPv4) or IP version 6 (IPv6) addresses (also called logical addresses). MAC addresses are the default addressing on any Ethernet network. Each component capable of communicating on the network’s medium is permanently assigned a MAC address by its manufacturer. If the communication between one network node and another remains totally on the local network, only the MAC address is needed. However, should network communication need to exit the local network and be forwarded on a WAN or the Internet, IP addressing becomes a necessary part of the configuration of the network and each of its nodes. A network address, also called a logical address, must uniquely identify any device capable of communicating on the network medium, regardless of the medium being wireline (or wired) or wireless. A network address becomes the means by which a device is located on the network. In the addressing schemes of a TCP/IP network, an IP address identifies both a device and the network on which it resides. There are two versions of IP: IPv4 and IPv6. The following sections cover their essentials features and differences. EXAM TIP Know the differences between IPv4 and IPv6. For example, an IPv4 address uses 32 bits while an IPv6 address uses 128 bits. IPv4 Addresses An IPv4 address is expressed in dotted-octet notation, which formats the address in four sets of eight binary numbers (octets), separated by periods (or dots). Network devices see IP addresses in binary form (for example, 11001010.00100010.00010000.00001011), but this isn’t human-friendly. Therefore, the dotted-decimal form is used to express the IPv4 address (for example, 202.34.16.11), which is easier for people to read. The IPv4 standard reserves certain address ranges for special purposes and uses. Table 2.5-1 lists these special-purpose address ranges. TABLE 2.5-1 Reserved IPv4 Nonroutable Addresses Loopback Addresses An IPv4 loopback address is the logical address assigned to the network adapter in a computer or network-capable device. On most computers, the loopback address refers to the network interface controller (NIC) or its network adapter. Because the address range of the lookback address block is a set standard, the loopback address is almost always the same on all network-enabled computers. This means that on any single PC, the loopback address is likely to be 127.0.0.1. The same is true for any other PC, even if it’s on the same network. Network-capable devices, especially computers, can have multiple network adapters (referred to as being “multihomed”). In this case, each of the network adapters is assigned a different loopback address from the 127.0.0.0–127.255.255.255 loopback address range. Private Addresses When it began to be apparent that the available IPv4 addresses were running out, one of the changes made to the IPv4 standard was to set aside three blocks of addresses, one from each address class, that could be used repeatedly for local area networks (LANs) and other private networks. To ensure that these addresses could be reused on different networks and to avoid any possible routing problems, these addresses, designated as private addresses, were blocked from being forwarded outside of an organization’s edge routers. Similar to the reusability of loopback addresses, multiple LANs in the same or in different organizations may use the same block of private addressing. All IPv4 addresses that are not in the set-aside ranges of private addresses are public addresses. This means that unlike private addresses, a public address cannot be duplicated anywhere on the Internet or on the WANs and LANs that make up the Internet. Link-Local Addresses Sometimes a node on a local network is unable to obtain its configuration data from a Dynamic Host Configuration Protocol (DHCP) server. Rather than being blocked from communicating on the local network, which typically uses MAC addresses, the node’s operating system can assign a placeholder link-local address, which is an address that’s valid only for interactions within the network segment (broadcast domain) on which its node is located. This address is blocked from communicating outside of its LAN until it can obtain a valid IPv4 address. On a Windows system, the link-local address that is assigned is an Automatic Private IP Addressing (APIPA) address, which is chosen randomly from the reserved IPv4 address range of 169.254.0.1 to 169.254.255.254 and assigned with a Class B 16-bit subnet mask (255.255.0.0). To ensure that the address assigned is unique to the local network, the system broadcasts the random address and uses it if there is no response. EXAM TIP If your system can communicate with other systems on your local network but can’t reach the Internet, chances are the DHCP server is down and you have been assigned an APIPA address. You can find out if you are using an APIPA address by running ipconfig. IPv6 Addresses IPv6 is a Network layer protocol that was first defined by the Internet Engineering Task Force (IETF) in a draft proposal in December 1998 because of a concern that we would soon be running out of IPv4 addresses to assign. In September 2015, the American Registry for Internet Numbers (ARIN) announced that officially there were no more IPv4 addresses to issue. In July 2017, IETF issued the IPv6 standard to expand the available address pool and to supersede IPv4. The format of an IPv6 address is shown in this example: 2001:0000:0000:3210:0800:200C:00CF:1234 The structure of IPv6 involves the following characteristics: It has 128 bits in its addressing scheme, which provides for 340 undecillion (2128) addresses. It has eight hexadecimal number groups separated by colons. An IPv6 address can be shorted using the following rules: Leading zeros may be omitted from a group; therefore, 00CF becomes CF, and 0000 becomes 0. Any number of consecutive all-zero groups (0000) can be omitted and indicated with two-colon separators from the beginning and end of the string. For example, the shortened version of the IPv6 address 2001:0000:0000:3210:0800:200C:00CF:1234 is 2001::3210:800:200C:CF:1234 EXAM TIP IPv6 addresses aren’t case sensitive and can use either uppercase or lowercase letters. You may encounter lowercase or uppercase notation on the exam. Operating system (OS) developers have two options for the last 64 bits (host ID) of an IPv6 address. Windows OS generates a random value when a NIC is configured, and that number never changes. Linux and macOS build the host ID (called the Extended Unique Identifier-64-bit, or EUI-64) from the MAC address of the NIC. IPv6 includes a loopback address for a network adapter that can be used for testing. The full address is 0000:0000:0000:0000:0000:0000:0000:0001/128, which can be abbreviated as ::1/128 (using the two-colon abbreviation for consecutive all-zero groups). IPv4 vs. IPv6 IPv4 and IPv6 differ in many ways. Table 2.5-2 helps you compare the differences. TABLE 2.5-2 IPv4 vs. IPv6 Dynamic Address Assignment Dynamic address configuration on a Windows, Linux, or macOS computer is performed by the TCP/IP protocol DHCP. Dynamic addressing allows a network’s devices to be possibly configured with a different IP address each time it connects to a network. A node configured through dynamic address assignment is able to use network services like DNS and communication protocols based on UDP or TCP. Dynamic Host Configuration Protocol On a local network, or multiple LANs connected via a relay, the DHCP infrastructure consists of one or more DHCP servers and usually one or more network nodes or DHCP clients. The DHCP server supplies IP configuration information from a pool configured by the network administrators in response to requests made by DHCP clients. The primary elements of a DHCP implementation are as follows: DHCP server As a server in a client/server arrangement, a DHCP server responds to IP configuration or lease requests to provide an IP address, monitor it during its lease period, and renew the lease if it expires. DHCP client As a client in a client/server arrangement, a DHCP client is the endpoint that requests and receives configuration data from a DHCP server. Most network clients receive DHCP configuration data by default. IP address pool The IP address provided to a network node is drawn from a pool of unassigned addresses defined in a pool of available addresses. IP address lease DHCP configuration items, including the IP address, have expiration dates. This data indicates the time period (present to future) in which a DHCP client can hold its DHCP configuration. If the lease expires, the affected client must renew it. NOTE Each time a DHCP client reboots, the DHCP configuration is assigned without regard to any configuration data previously assigned. IPv4 DHCP DHCP is the default dynamic addressing service for Windows and macOS and can be configured on most Linux distros. In response to a request from a node, DHCP automatically provides an IP address (IPv4, IPv6, or both), the associated subnet mask, the default gateway address, and the primary DNS address. The addressing provided is selected from a configured pool of available addresses. To view the address assignment configuration of a Windows system, use the following steps: 1. Open the Control Panel and select Network and Sharing Center. 2. Click Change Adapter Settings. 3. Select the adapter that provides the primary connection to the network. 4. Click Properties. 5. Click Internet Protocol Version 4 (as shown in Figure 2.5-1). FIGURE 2.5-1 The adapter properties dialog box 6. Click Properties. Figure 2.5-2 shows a typical example of the settings for dynamic IP addressing on a Windows system. FIGURE 2.5-2 Network adapter configured to get an IP address from a DHCP server automatically Here are the steps used in the DHCP client/server configuration acquisition process, as illustrated in Figure 2.5-3: FIGURE 2.5-3 The DHCP client/server configuration acquisition process 1. Discover After the client has completed its startup or if the ipconfig/ifconfig command is used, the client broadcasts a message asking the DHCP server to identify itself with its network addressing. 2. Offer The DHCP server responds to the client with an IP address assigned from its pool of available addresses. If no addresses are available, the server sends a nonacknowledgment (NAK) message, and the client assigns itself a link-local address and terminates the dialog. 3. Selection On some larger networks, there may be two or more DHCP servers offering IP address configurations, each sending its own DHCP offer. The client can respond to each of the offers with a DHCP request for additional information or merely respond with a request to the server that provided the first offer it received. 4. Acknowledgment When the server receives the DHCP request message from the client, it creates an Address Resolution Protocol (ARP) mapping and responds to the client directly (unicast) with a DHCP ACK message. IPv6 Link-Local Address When a computer running IPv6 boots or restarts, the system is configured with a link-local address using the Stateless Address Autoconfiguration (SLAAC) service. SLAAC provides IPv6 systems with most of their link-local configurations. The first 64 bits of a linklocal address are always FE80:0000:0000:0000 (which shortens to FE80::). IPv6 DHCPv6 Whereas IPv4 DHCP (DHCPv4) uses broadcasting requests and responses, IPv6 DHCP (DHCPv6) uses multicasting (IPv6 doesn’t include a broadcasting capability). One limitation of DHCPv6 is that it doesn’t provide a default gateway to a node. DHCP Reservations A DHCP reservation is a DHCP-supplied IP address that never changes. It is meant for devices whose IP address needs to remain constant (for example, a print server). DHCP reservations are created on the DHCP server. This feature is available in DHCP servers as well as in some SOHO routers. Static Addresses A static IP address is a permanent, manually assigned IP address. Typically, static IP addresses are used in networks for systems that must always have the same IP address because they are used as servers or because they use different protocol settings than other devices on the network. When a static IP address is used, the IP address, subnet mask, default gateway, and DNS servers must also be assigned. See Figure 2.5-4 for a typical example. FIGURE 2.5-4 Network adapter configured with a static IP address EXAM TIP Know the various IP addressing concepts, including static, dynamic, APIPA, and link local. Practice using the ipconfig and ipconfig /all commands at a command prompt to see if you can identify any of these IP address assignments. Gateway A gateway is a link connecting two networks. When a computer uses DHCP for its IP address, it receives the default gateway’s IP address as part of its configuration. However, if you configure a device with a static IP address, you must also provide the default gateway’s IP address. The default gateway on most private networks is an address such as 192.168.0.1 or 192.168.1.1. To see the current IP address, subnet mask, default gateway, and DNS servers in Windows, open a command prompt and use the command ipconfig /all. Scroll to the current local area connection after running the command (a typical example is shown in Figure 2.5-5). The comparable command to use in Linux and macOS is ifconfig. FIGURE 2.5-5 Using ipconfig /all to display the current IP configuration on the author’s PC EXAM TIP Make sure you know how to use ipconfig /all and how to identify the settings displayed by ipconfig /all. Practice using ipconfig and ipconfig /all (or ifconfig and ifconfig -a) on different computers. NOTE The “(Preferred)” after an IP address in an adapter’s ipconfig display indicates the address assigned to the interface. This address has no restrictions on its use. REVIEW Objective 2.5: Given a scenario, install and configure basic wired/wireless small office/home office (SOHO) networks A dynamic IP address is received from a DHCP server by a device on the network. An APIPA address is generated if the DHCP server cannot be reached. A link-local address is IPv6’s equivalent to an APIPA address. A static IP address is an address that is manually assigned. If a static IP address is assigned, a DNS server must also be assigned. A DHCP reservation is a DHCP-supplied IP address that doesn’t change. IPv4 uses dotted-octet notation and a subnet mask. IPv6 uses up to eight groups of numbers and supports methods to shorten its address. A gateway is a link connecting two networks. 2.5 QUESTIONS 1. A user cannot connect to the Internet. When you ask her for her current IP address, she tells you it is 169.254.0.18. Which of the following is not working? A. APIPA B. Static IP C. Link-local D. DHCP 2. An IPv4 address of 10.10.10.10 is best described as which of the following? A. Class C address B. Loopback address C. Private address D. DHCP address 3. Which of the following are characteristics of an IPv6 address? (Choose two.) A. Link-local B. 128 bits C. Zeroes omitted D. Colon separated 4. A DHCP-provided IP address that never changes is classified as which of the following? A. IP permanency B. IP reservation C. Link-local D. APIPA address 5. A network node using IPv6 can get its IP configuration from which of the following services and protocols? (Choose two.) A. VPN B. SLAAC C. DHCPv6 D. ipconfig 2.5 ANSWERS 1. D The IPv4 address 169.254.x.x is generated when the DHCP server cannot be reached. 2. C Three address ranges are reserved for use as private network addressing. 3. B D IPv6 addresses are 128 bits in length and formatted into eight groups of four-digit hex numbers separated by colons. 4. B An IP reservation is an address set up by a DHCP server that doesn’t change. 5. B C DHCP is not a default configuration method in IPv6, but SLAAC is. Optionally, DHCPv6 can be configured. Compare and contrast common network configuration concepts T o enable a network to work properly, an IP address must be assigned to each device on the network, a mechanism must be available for translating between website names and IP addresses, and methods must exist for connecting different networks to each other. This objective explains these features. DNS The Domain Name System (DNS), also referred to as the Domain Naming Service, exists because humans use the Internet. In the siteto-site operations of the Internet, the binary-encoded addresses of the sites, whether IPv4 or IPv6, guide the transfer of data across the network. A binary IPv4 address like 10010000.10101000.11001010.10110110 could be hard to remember. For this very reason, DNS was developed as a means to convert the binary addressing and its decimal equivalent (such as 144.168.202.182) into a uniform resource locator (URL) or a fully qualified domain name (FQDN). DNS Operation Figure 2.6-1 illustrates the interaction of a local device with DNS to request a URL from a DNS server. Although greatly simplified, this illustration shows the process involved to resolve a URL to an IP address. FIGURE 2.6-1 A request and response between a local device and a DNS server 1. The user enters a URL into a browser. 2. DNS responds with the IP address associated with that URL. 3. The browser sends out an HTTPS request with the IP address. 4. The appropriate web server provides the requested content. DNS Record Types DNS matches IP addresses to host names (and the reverse). Each device on an IP network must have access to at least one DNS server. By default, DNS values are assigned by a DNS server, but they can be manually entered. Although DNS appears to be a simple lookup application, it’s really not. More than 30 separate record types define the relationships between a URL or FQDN and an IP address. The following list includes the DNS record types you are likely to encounter on the A+ Core 1 (220-1101) exam: A record An A record associates a domain name with its corresponding IPv4 address, and it defines the following characteristics for the domain name: The domain name If an “at” sign (@) follows the domain name, the name is a root domain name. The IP address associated with the domain name A records can only hold IPv4 addresses. The TTL (Time to Live) in seconds The default is 14400 (240 minutes or 4 hours). This is the time at which DNS must request new information for this record type. Here is an example of an A record: www.myurl.com @ A 144.168.202.182 14400 AAAA record An AAAA record performs the same function and contains essentially the same data as an A record. However, an AAAA record associates an IPv6 address to a domain name. Remember that A is for an IPv4 address and AAAA is for an IPv6 address. MX record Mail exchanger (MX) records provide SMTP instructions for e-mail to use to reach a particular mail server, which must have an active A record that provides its IP address. In addition to the fields in an A record, the MX record includes a priority. In the example that follows, the MX record has a priority of 10. There is no scale, but the lower the priority in an MX record, the higher its privilege. Here is an example of an MX record: www.myurl.com @ MX 10 mail.myurl.com 14400 TXT record A text (TXT) record can be combined with any other DNS record type to store comments or descriptions that cannot be included in other record types. In a TXT record, the IP address field is replaced with a comments or “value” field that can contain up to 255 alphanumeric characters. As explained in the next section, TXT records can also be used to help prevent spam. Here is an example of a TXT record: www.myurl.com @ TXT “IP expires 10-31-24” 14400 EXAM TIP The important elements and concepts to remember about DNS for the A+ Core 1 exam are addressing, A records, AAAA records, TXT records, and MX records. E-mail Protection in DNS The DNS server’s MX records indicate where e-mail messages are to be forwarded. Specifically, MX records identify the mail servers that can receive messages addressed to a domain name. MX records identify specifically who (which senders) is authorized to send messages to a mail client or mail box. There are other DNS record types that can help to set up controls on the deliverability of email. For the A+ Core 1 exam, you should know the DMARC, SPF, and DKIM record types and their purposes, as explained in the following sections. DMARC Record DMARC stands for Domain-based Authentication, Reporting, and Conformance. DMARC records are composed in DNS TXT record types to help prevent spoofing on the domain in an e-mail address. Essentially what a DMARC does is define what should happen to a message if the sender cannot be authenticated. One of two actions can be taken: The receiving mail server is advised to quarantine the message, reject the message, or accept the message for delivery to the addressee. The receiving mail server reports to the message’s recipient email address (or addresses) with information on messages received from the sending domain. SPF Record A Sender Policy Framework (SPF) record is another type of a DNS TXT record. An SPF record identifies the specific mail servers that are authorized to send out e-mail from a particular domain. One of the primary protections offered by an SPF record is that it can prevent spam being generated from the domain with a spoofed From address. In other words, SPF records act as an e-mail authentication agent that protects against e-mail spoofing. DKIM Record The DomainKeys Identified Mail (DKIM) DNS record attempts to authenticate whether a message’s content can be trusted and has not been modified or tampered with while in transit. DKIM records are also TXT records. An SPF record is often compared to the return address of a message, and DKIM raises the level of a message to something like that of a USPS certified letter, providing enhanced trust to both sender and receiver. DHCP Although the Dynamic Host Configuration Protocol (DHCP) was discussed in the previous objective, we’ll look a bit deeper into some of its characteristics and functions in this section. DHCP Operations DHCP operates with a four-step interactive process to provide an IP configuration to a network node. The steps involved, and the transaction types used, are as follows: 1. When a network node powers up onto a network, typically a LAN, it has no ability to communicate on the network. To gain this ability, it broadcasts a DHCPDISCOVER message to the network with a source address of 0.0.0.0 and a destination address of 255.255.255.255. The local network DHCP server continuously scans for these messages on UDP port 67. 2. The DHCP server responds to the DHCPDISCOVER message with a DHCPOFFER message that includes all of the configuration settings the node needs to become active on the network. The node, which is now a DHCP client, uses the content of the DHCPOFFER message to complete its network configuration. 3. The client replies to the DHCPOFFER message with a DHCPREQUEST message to accept the configuration it was provided. 4. The server acknowledges the client’s DHCPREQUEST message with a DHCPACK message granting permission to the client to use the configuration provided. DHCP Leases As explained in the previous objective, DHCP configuration data is not assigned permanently to a network node. In effect, the configuration is assigned for a specific period of time after which it expires and must, if possible, be renewed. Why is this mechanism needed? Well, at one time, an organization could have more networked workstations needing Internet access than it had IP addresses. So, to give each one the network time needed, IP addresses were pooled and assigned by DHCP on fixed-time leases. The lease time set the number of seconds a client could use the IP configuration before it expired and then possibly assigned to a different node. On networks that allow clients to renew their leases, a lease is renewed when the lease period is about half over. However, if a node with a current DHCP configuration is powered off, the next time it restarts, the complete cycle starts over from scratch. EXAM TIP For the exam, know the difference between a static IP address and a reservation. A static IP address is configured at the client, and the DHCP reservation is created at the server. DHCP Scope A DHCP scope defines a range of IP addresses and other configuration settings available for assignment to requesting network nodes. DHCP scopes can be defined as one of three different types: Normal A normal DHCP scope is created through the DHCP Management Console and the Scope Wizard. Multicast A multicast scope is created and managed by the Multicast Address Dynamic Client Allocation Protocol (MADCAP). Superscope A DHCP server with a superscope is able to provide DHCP configuration settings to clients on multiple subnets. All DHCP scopes share a common format that includes the following data: Network ID for the range of IP addresses in the scope Subnet mask for the network ID The range of IP addresses assigned to the scope The IP address of the network gateway or router The range of any IP addresses excluded from the scope The lease duration in seconds An administrative alphanumeric name for the scope EXAM TIP You can expect to encounter questions about or references to DHCP leases, reservations, and scope types on the A+ Core 1 exam. VPN A virtual private network (VPN) sets up endpoints at each end of an encrypted tunnel between computers or networks to join them into a private network as if they were on a directly connected LAN (though they obviously won’t perform like it). In order to pull off this trick, the endpoint on each LAN gets its own LAN IP address and is responsible for handling traffic addressed to and from the remote network (see Figure 2.6-2). FIGURE 2.6-2 Typical VPN tunnel NOTE When your mobile or portable device connects to an untrusted Wi-Fi hotspot, you can connect to another network with a VPN and do all of your browsing (or other work) through the secure tunnel. In Windows 10/11, type VPN at the Start screen and select VPN Settings. Enter your VPN server information, which your network administrator should provide, in the resulting dialog box (see Figure 2.6-3). This creates a virtual NIC that gets an IP address from the DHCP server back at the office. FIGURE 2.6-3 The Add a VPN Connection dialog box in Windows 11 To set up a VPN connection in macOS, open System Preferences | Network, click Add, and choose VPN. Select the VPN type, server address, account name, and authentication settings and then click OK. Click Connect to connect. To set up a VPN connection in Linux, check the distro’s documentation. VLAN A virtual local area network (VLAN) is a Layer 2 logical construct of switch ports that connect a set of nodes to create a broadcast domain. Typically, a VLAN is created by configuring ports on a managed network switch into a single VLAN. Other VLANs may be configured on the same switch by placing other interfaces into a VLAN configuration. A VLAN is essentially a subgroup of switch ports on an Ethernet LAN. A VLAN is its own broadcast and collision domain and subnetwork, thus increasing the number of domains while reducing the size of each. For example, a 48-port managed switch could be subdivided into six eight-port VLANs. Figure 2.6-4 illustrates a common VLAN in which all of the network hosts exist on the same collision and broadcast domain. Figure 2.6-5 shows an example of how VLANs are configured across a network. FIGURE 2.6-4 A VLAN with all of the hosts in the same broadcast domain FIGURE 2.6-5 VLANs do not need to be configured in a single location or on a single switch. ADDITIONAL RESOURCES To learn more about VLANs, go to www.lifewire.com and search for the article “What Is a Virtual LAN (VLAN) and What Can It Do?” REVIEW Objective 2.6: Compare and contrast common network configuration concepts DNS record types contain specific content: The following are the important address records: A records associate a domain name with an IPv4 address. AAAA records associate a domain name with an IPv6 address. MX records provide SMTP instructions. TXT records hold comments and descriptions. DKIM records are a version of TXT records that provide message authentication. SPF records identify the mail servers authorized to send email from a domain. DMARC records prevent domain spoofing. A VPN is a virtual private network. It enables secure connections over an insecure network such as the Internet. A VLAN is a collection of ports that act as a separate physical network, and it requires a managed switch. 2.6 QUESTIONS 1. Which of the following is used to define DNS-based security for e-mail? A. DKIM B. DMARC C. SPF D. MX 2. Company K has a sales force that typically uses insecure wireless networks in hotels and coffee shops. Which of the following should you advice the salespeople start using to enhance security? A. VLAN B. VPN C. NAT D. IPv6 3. A DHCP-provided IP address that never changes is known as which of the following? A. B. C. D. IP permanency IP reservation Link-local APIPA address 4. Your client wants to buy a single switch to create three separate wired networks. What type of networks does the client want to create? A. VPN B. Link-local C. VLAN D. IPv6 5. Which of the following DNS record types is a TXT record intended to prevent spoofing of an e-mail address domain? A. MX B. AAAA C. DMARC D. SPF 2.6 ANSWERS 1. D DMARC, SPF, and DKIM records are defined using a TXT record. 2. B A VPN is a virtual private network, which creates a secure “tunnel” for carrying network traffic through insecure connections. 3. B An IP reservation is an address set up by a DHCP server that doesn’t change. 4. C A VLAN is a group of ports on a managed switch that performs as if it’s on a separate network from other ports on the switch. 5. C DMARC records help to block spoofing of a domain name. Compare and contrast Internet connection types, network types, and their features T here are many different methods for connecting to the Internet as well as many different network types. They work together to connect devices into networks ranging in size from small LANs to worldwide networks. Internet Connection Types When you want to connect a LAN to the Internet, you need some way of connecting the LAN to an available data transmission medium. This can only be done through hardware that interconnects your computer, LAN, or WLAN to the data transmission medium and the software that speaks to the hardware. However, this hardware and its associated software as well as where the hardware is located can vary. EXAM TIP Make sure you can explain the differences between these Internet connection types: satellite, fiber, cable, DSL, dialup, cellular, and wireless Internet service provider (WISP). Connection Hardware The type of hardware device used to connect to an Internet service largely depends on the ISP and the type of service it provides. Each of the different Internet connection types uses a different proprietary device suited to the signal type and format. Table 2.7-1 lists the hardware device type used for each of the Internet service types you may encounter on the A+ Core 1 exam. TABLE 2.7-1 Internet Service Connection Devices NOTE Each PC OS has settings to share a direct Internet connection with a LAN or other systems. For example, Windows 10 uses a virtual network adapter and Internet Connection Sharing (ICS), and Windows 11 provides a wireless hotspot. Satellite Satellite connections beam data to a professionally installed satellite dish at your house or office (with line of sight to the satellite). Coax connects the satellite to a receiver or satellite modem that translates the data to Ethernet, which can connect directly to your router or the NIC in your computer. Real-world download speeds in clear weather run from a few to about 25 Mbps; upload speeds vary but are typically a tenth to a third of the download speed. They aren’t stunning, but satellite can provide these speeds in areas with no other connectivity. NOTE Keep in mind satellite latency—usually several hundred milliseconds (ms). It isn’t highly obvious for many purposes but can affect real-time activities like gaming or video/voice calls. Fiber Telephone system providers are in the process of making fiber optic services available. The two primary service types for network (WAN and Internet) are fiber-to-the-node/fiber-to-the-neighborhood (FTTN) and fiber-to-the-premises (FTTP) services. FTTN connections run from a provider’s central office (CO) to a distribution box in a neighborhood. Your home or office connects to the distribution box over coaxial or Ethernet cable. An FTTP connection links the provider’s CO directly to a home or office with fiber cabling the whole way. NOTE Other types of fiber services available include fiber-to-thecurb/fiber-to-the-cabinet (FTTC), fiber-to-the-home (FTTH), and fiber-to-the-building (FTTB). Fiber is also commonly spelled as “fibre.” Fiber services are becoming more available in cities, with several telco and resell providers offering a variety of service packages. These services offer a range of speeds (100 to 5000 Mbps) and subscription costs ($39 to $55 per month). Cable It may seem counterintuitive that a cable TV service could also provide high-speed Internet service. The coaxial cable used to carry the two signal streams is capable of transmitting multiple MHz of signals. The TV service uses only a 6-MHz channel to transmit the available channels and more. The remaining space can then be used for other services, including Internet and possibly telephone. Typically, the service enters a premises through either a modem or router (or a combination of the two) and is capable of supporting either a wired or a wireless SOHO network. The cable Internet services offer a relatively wide range of speeds, mostly asymmetric, meaning a service offers different upload speeds (5 Mbps to 50 Mbps) and download speeds (50 Mbps to 5 Gbps). Cable Internet connections are theoretically available anywhere you can get cable TV. DSL A digital subscriber line (DSL) connects to a provider’s CO on what is called either the plain old telephone system (POTS) or the public switched telephone network (PSTN). A switching device at the CO, a DSL access multiplexor (DSLAM), supports an always-on Internet connection. There are several “flavors” of DSL, and depending on a number of factors, any or all may not be available to any given location. Distance is DSL’s primary limiting factor. DSL’s speed diminishes as the distance between the subscriber’s premises and the provider’s CO increases. In general, DSL has a very limited range in which its maximum speeds are available, commonly less than 18,000 feet (3.4 miles), measured along the cable path of the provider. NOTE The most common forms of DSL are asynchronous (ADSL) and synchronous (SDSL). Cellular Access to an Internet connection has become a necessity for households and SOHOs. Most cellular service providers now offer home and office cellular Internet plans. Cellular Internet connections are increasingly available in 3G, 4G, and 5G in more locations. In addition to being available in smartphones, cellular connections are available for tablets and laptops as an additional wireless feature alongside the usual Wi-Fi and Bluetooth connections. To connect an office or a residence to a cellular Internet service requires a router or a hotspot that connects to a cellular service provider’s network, in the same way that a cellular phone does. A router provides for a wireless LAN, and a hotspot essentially extends the cellular service into the premises. One major limitation on cellular Internet services is that they may be subject to data plans. The amount of data transferred may be included in the cell service plan’s cost, usually with a cap, such as a 10-Gigabit download limit, on a single cellular subscription. Exceeding the data cap could be very expensive. The data speed of the internal network largely depends on location. The closer you are to a cell tower, the higher the speed of the service between the router/hotspot and the tower will be. Another factor that can affect data speeds is congestion; as more devices connect to the tower, its speed can diminish. Weather may also become a factor, although rarely. Typically, the data speeds of a cellular Internet service for homes and offices tend to be lower than those of cable or FTTH server. It is anticipated that 5G services will greatly improve speed, bandwidth, and perhaps even cost. Wireless Internet Service Provider A wireless Internet service provider (WISP) is an ISP that uses wireless technology to provide Internet services to the home. WISP networks are called line of sight. Line-of-sight wireless Internet service (also known as fixed wireless) is a popular choice in some smaller cities and nearby rural areas where cable or DSL Internet services are not available. This type of service uses high-powered directional antennas to connect to fixed locations up to about eight miles away. Speeds can vary from as little as 256 Kbps to 20 Mbps or more, depending on the distance and your ISP. ADDITIONAL RESOURCES To learn more about this type of service, search the Web for “broadband fixed wireless.” Network Types With more network types than ever before, the CompTIA A+ 2201101 exam expects you to know the differences between LANs, WANs, and many more. See the following subsections for a brief introduction to the types you need to know. EXAM TIP Make sure you can explain the differences between these network types: LAN, WAN, PAN, MAN, WLAN, and SAN. LAN A local area network (LAN) is a group of networked computers within a few hundred meters of each other. LAN connections typically use wired Ethernet or Wi-Fi. WAN A wide area network (WAN) is a group of computers on multiple LANs connected with long-distance technologies. The Internet is a WAN. PAN A personal area network (PAN) is a short-range network typically using Bluetooth. It is used to interchange data between personal devices such as smartphones, tablets, and laptops. MAN A metropolitan area network (MAN) is a network larger than a LAN but smaller than a WAN. The term MAN is often used to refer to citywide or campus-wide networks that use fiber optic or fixed-base wireless networks. WLAN A wireless local area network (WLAN) is essentially a LAN with the wired medium replaced by an RF wireless medium, typically with similar range, attenuation, and strength. However, a WLAN can be less secure because its signal is transmitted through the air and can be intercepted. SAN A storage area network (SAN) interconnects two or more storage devices into a single addressable network node. A SAN, which can be connected directly to the network, a server, or a network node, commonly by a fiber channel (FC) protocol, is a self-contained network primarily for servicing data transfers. A SAN is recognized by an accessing device as a single data storage device, which serves to reduce latency and improves data transfer speeds. Because a SAN is made up of multiple storage devices, it can provide redundancy and scalability in that additional devices can be added to the SAN without impacting the existing system. NOTE A SAN is commonly confused with a NAS (network attached storage), which is a control device with multiple storage devices attached. The storage devices of a NAS are typically in a RAID arrangement. REVIEW Objective 2.7: Compare and contrast Internet connection types, network types, and their features Internet service types use a variety of connection devices: Dial-up and DSL services use a modem. Cable service uses a modem and router or a modem/router combination. Satellite service uses a modem/router combination. Cellular (3G/4G/5G) uses a cellular Internet gateway. Satellite connections beam data to a satellite dish with a lineof-sight signal. The two primary options for Internet service over fiber are fiber-to-the-node (FTTN) and fiber-to-the-premises (FTTP). Cable TV services also provide highspeed Internet services on a coaxial cable able to carry the two signal streams. A digital subscriber line (DSL) provides Internet services over the PSTN. Cellular Internet connections are available in 3G, 4G, and 5G on smartphones as well as cellular Internet gateways. Line-of-sight wireless Internet service or fixed wireless service is a popular choice in rural areas where other types of Internet services aren’t available. A local area network (LAN) is a group of networked computers within a few hundred meters of each other. LAN connections typically use wired Ethernet or Wi-Fi. A wide area network (WAN) is a group of computers on multiple LANs connected with long-distance