CompTIA A+ Core 1 - TCP and UDP
Document Details
Uploaded by FoolproofTopaz
Jefferson
CompTIA
Mike Meyers
Tags
Summary
This document provides a comparison of TCP and UDP transport layer protocols used in computer networking. It details the concepts of connection-oriented and connectionless protocols, highlighting the differences in their reliability and speed.
Full Transcript
Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes I n the standard network reference models, such as the TCP/IP and OSI models, the respective Transport layers define two protocols: the Transmission Control Protocol (TCP)...
Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes I n the standard network reference models, such as the TCP/IP and OSI models, the respective Transport layers define two protocols: the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), which are the primary data transfer protocols of any TCP/IP network. Although both are used to transport information, they are as different as an eye dropper and a fire hose—a difference we explore in this objective. Ports and Protocols Protocols handle data transfer details, such as how to pack and unpack data into protocol-specific packet formats. The Internet runs on the Transmission Control Protocol/Internet Protocol (TCP/IP) suite, which is a stack (collection) of protocols and services that individually are designed to manage, package, transmit, and operate networks large and small. NOTE The terms packet and frame are often used interchangeably. However, they are actually two different message formats used on separate layers of a network reference model. A frame is a Data Link layer message format, most commonly used in Ethernet networks. A packet is a Network or Internet layer message format typically associated with TCP/IP networks, such as the Internet. TCP and UDP both use port numbers to identify the type of connection being used. Table 2.1-1 provides a quick reference to application protocols and the TCP port numbers they use. Table 2.12 provides a quick reference to utility protocols (protocols that are hidden “behind the scenes” protocols) and the TCP and UDP port numbers they use. TABLE 2.1-1 Application Protocols TABLE 2.1-2 Utility Protocols EXAM TIP Be able to identify the various TCP/UDP ports and the associated protocol of each port. ADDITIONAL RESOURCES Apps with network support use many additional TCP and UDP ports. To see a comprehensive real-time report on TCP and UDP activity on a computer running Windows, download the free LiveTcpUdpWatch utility from NirSoft at https://www.nirsoft.net/utils/live_tcp_udp_watch.xhtml. Connection-Oriented vs. Connectionless When transmitting data over a network, whether it’s over the same network or between two different networks, the protocol in use and the communication interfaces of the sending and receiving stations determine which of the two available connection types is to be used. The two connection types are connection-oriented and connectionless. A connection-oriented protocol, as its name implies, focuses on creating, managing, and operating the connections and data transmission over the circuit established between them. A connectionless protocol, as its name implies, doesn’t create formal connections and focuses instead on the data transmission. Connection-Oriented The connection-oriented communication method is an outgrowth of the telephone system. Before signals can be transmitted over an end-to-end link, each end of the link must agree to the configuration of the line and the protocol in use. The link is confirmed using what is called a handshake, which involves an exchange of specialized packets that represent a request to synchronize (SYN), a request to send (RTS), indications that the line is clear to send (CTS), and the acknowledgments (ACKs) for each packet sent and received by either end. Once the connection is verified, data packets are transmitted and received in a fixed serial order. Because of its rigid protocol requirements, TCP, which is a connection-oriented protocol (COP), is considered to be a reliable communication protocol. Connectionless Earlier TCP and UDP were likened to an eye dropper and a fire hose, respectively. With its fixed requirements for establishing and managing a communication link, the connection-oriented TCP is something like an eye dropper. A connectionless protocol—namely, UDP—is then more like a fire hose. A connectionless protocol doesn’t manage the connection, the transmission link, or the data flow. Data is merely transmitted on the line without the use of RTSs, CTSs, or ACKs. Data flows at the speed available, much like water through a fire hose. UDP, which is a connectionless protocol (CLP), is considered to be an unreliable protocol. Figure 2.1-1 shows a simplified comparison of connectionoriented and connectionless protocols. FIGURE 2.1-1 A comparison of the connection methods used by TCP and UDP TCP vs. UDP TCP accomplishes the reliable transfer of data with communication rules that require both machines to acknowledge each other to send and receive data. Thus, TCP is referred to as a connection-oriented protocol. UDP is much faster because it lacks these checks—which is fine if your data can tolerate some errors, or if the chance of errors is low. For example, speed might be more important than a few dropped packets for a Voice over IP (VoIP) call or video chat. Because UDP simply sends data without checking to see if it is received, it is referred to as a connectionless protocol. When data moving between systems must arrive in good order, we use the connection-oriented Transmission Control Protocol (TCP). If it’s not a big deal for data to miss a bit or two, the connectionless User Datagram Protocol (UDP) is the way to go. Most TCP/IP applications use TCP (that’s why we don’t call it UDP/IP) because it transfers data reliably. Other Connection-Oriented Protocols Although TCP is often given as the primary example of a connectionoriented protocol, there are others. In situations where an assurance of integrity or confidentiality is needed, there is very likely a COP that fits the bill. Other commonly used COPs are HTTPS, FTP, SMTP, and SSH. TCP, HTTPS, and SSH are the COPs you can expect to see on the A+ Core 1 exam. Let’s look at the latter two a bit deeper. Hypertext Transport Protocol Using TLS At one time, the S in HTTPS represented the Secure Sockets Layer (SSL), but SSL is in the process of being replaced by the Transport Layer Security (TLS) protocol, but more on that later. First, it’s important to understand how HTTPS incorporates connectionoriented communication. Like TCP, an HTTP session involves an exchange of messages between the requester and the server, which can require several back-and-forth messages. These messages help the client and the server come to an agreement on the characteristics of the transmission, such as bandwidth, speed, and more. However, one of these characteristics isn’t security, and HTTP data packets are plain text, which is why TLS is added to the mix. HTTPS encrypts the standard HTTP packet within a TLS wrapper (packet). So, in this relationship, HTTP provides the connection-oriented assurance of the communication and TLS supplies the security. Secure Shell The Secure Shell (SSH) protocol is a secured replacement for the unsecured Telnet protocol, which is a COP for unencrypted communication between network nodes. In addition to a lack of security, Telnet doesn’t provide authenticate policies or encryption. The SSH protocol is included in all later versions of macOS and Linux, but a utility, such as PuTTY, is required for Windows systems. SSH operates on a client/server model using TCP port 22 and uses a TCP authentication handshake to verify a session and, once verified, sets up the secure shell and connection. Other Connectionless Protocols There are functions and services performed by several TCP/IP protocols that require less assurance and more efficiency than would be possible with a connection-oriented protocol. Some of the more commonly used connectionless protocols are UDP, Internet Protocol (IP), Internet Control Message Protocol (ICMP), Dynamic Host Configuration Protocol (DHCP), and Trivial FTP (TFTP). The A+ Core 1 exam may include questions or references about DHCP and TFTP. Dynamic Host Configuration Protocol The Dynamic Host Configuration Protocol (DHCP) is a connectionless protocol that functions on UDP. DHCP is a client/server model protocol that responds to a client’s request for IP configuration data with data drawn from a pool of predefined values. DHCP also manages the “lease” period for the data supplied to the client and its renewal or expiration. DHCP operates as a connectionless service because the data is needed immediately by the requesting station. Trivial File Transfer Protocol The legacy File Transfer Protocol (FTP) is a connection-oriented service based on the need for accuracy in the transfer. However, smaller files, command sets, or files not requiring verification can use a connectionless service. Trivial FTP (TFTP) is a lightweight version of FTP that operates without authentication and a structured flow control as a connectionless protocol. REVIEW Objective 2.1: Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes • Application protocols use TCP ports to perform functions such as file transfer, terminal emulation, web page transfers, and remote desktop connections. • TCP ports are connection-oriented, meaning that both ends of a connection must acknowledge the connection. TCP connections are more reliable but slower than UDP connections. • Utility protocols use primarily UDP ports, as well as some TCP ports, to perform functions such as file and directory services, folder sharing, and services discovery. • UDP ports are connectionless, meaning that a service using UDP does not verify that the connection is working. UDP connections are faster but less reliable than TCP connections. • HTTPS and SSH are connection-oriented protocols. • DHCP and TFTP are examples of connectionless protocols. 2.1 QUESTIONS 1. An incorrect firewall setting results in port 110 being blocked. Which of the following services will not work until the port is unblocked? A. Secure web pages B. Receiving POP3 e-mail C. Remote desktop D. Upgrading to Windows 11 2. A computer that uses automatic IP addressing relies on which of the following ports? A. 21 B. 25 C. 143 D. 67, 68 3. Which of the following protocols are considered connectionoriented? (Choose two.) A. HTTPS B. SSH C. DHCP D. TFTP 4. Sometimes, for greater security, e-mail providers change the default ports used for sending and receiving e-mail. If an e-mail provider changes from port 143 to a different port, which of these services would need to be configured to use the new port? A. POP3 B. SMTP C. IMAP D. HTTP E. SSH 5. A user reports that she can connect to insecure websites (http://) but not to secure websites (https://). Which port is being blocked by a firewall? A. 80 B. 445 C. 25 D. 443 2.1 ANSWERS 1. B The default port used by POP3 to receive e-mail is 110. 2. D The ports used by the DHCP service for automatic IP addressing are 67 and 68. 3. A B HTTPS and SSH are connectionless protocols. 4. C IMAP normally uses port 143. 5. D 443 is the port used for HTTPS (secure HTTP). Compare and contrast common networking hardware N etworks are all about interconnecting computing devices (also called hosts) so they can communicate. More specifically, your local host can communicate with remote hosts to access the resources (such as printers, files, web pages, and so on) those systems share, and to share its own resources. In each exchange, the system providing a resource is the server, and the system using the resource is the client; when we call an entire system a server, what we really mean is that the system’s primary job is serving some resource(s) to clients. For a variety of different devices to share resources over a network, the network components need a shared connectivity standard, an addressing method clients and servers can use to find and communicate with each other, and shared software protocols that each system in an exchange understands. Let’s look at many of the concepts and components that come together to form a network. Routers A router is a device that connects LANs to a WAN (see Figure 2.21). Hosts send signals for destinations outside of the LAN to the router, which routes traffic between networks. FIGURE 2.2-1 Two broadcast domains connected by a router—a WAN Switches Switches connect hosts on a local area network (LAN) and pass signals between them. Switches memorize the MAC address of each device to smartly repeat signals to the appropriate host. A group of computers connected by one or more switches is a broadcast domain (see Figure 2.2-2). FIGURE 2.2-2 Two broadcast domains—two separate LANs EXAM TIP A LAN is a group of networked computers within a few hundred meters of each other, whereas a wide area network (WAN) is a group of computers on multiple LANs connected with long-distance technologies. Managed A managed switch is a switch in which each port can be configured with different settings. For example, you can set a single managed switch to function as two or more virtual LANs (VLANs), control quality of service (QoS) settings on a per-port basis, and more. Unmanaged An unmanaged switch is the type of switch sold for small office/home office (SOHO) use, such as the one shown in Figure 2.2-2. It has no management features, and all devices connected to it are in the same LAN. EXAM TIP Be ready to identify the various networking hardware devices. Know the differences between routers, managed switches, and unmanaged switches. Access Points An access point (AP) centrally connects wireless network nodes into a wireless LAN (WLAN) in the same way a switch connects wired devices into a LAN. Many APs also act as high-speed switches and Internet routers (see Figure 2.2-3). APs are sometimes referred to as wireless APs (WAPs). FIGURE 2.2-3 Device that acts as access point, switch, and router (inset shows ports on back side) Patch Panel A patch panel (shown in Figure 2.2-4) has a row of permanent connectors for horizontal cables on the back and a row of female port connectors on the front, enabling you to use short stranded-core UTP patch cables (shown in Figure 2.2-5) to connect the patch panel to the switch. Premade patch cables make it simple to get multiple colors for organization and often come with booted (reinforced) connectors. FIGURE 2.2-4 Typical patch panels FIGURE 2.2-5 Typical patch cable NOTE A patch cable is a specific length (usually short but can be up to 100 feet) of cable terminated at each end with a plug or socket. Also called a patch cord. Firewall Firewalls generally protect an internal network from unauthorized access to and from the Internet at large with methods such as hiding IP addresses and blocking TCP/IP ports, but firewalls at internal boundaries can also help limit the damage a compromised node can do to important resources. Hardware firewalls are often built into routers (or standalone devices), whereas software firewalls run on individual systems. Hardware firewalls protect your LAN from outside threats by filtering packets before they reach your internal network and its resources and devices. You can configure a SOHO router’s firewall from its browser-based settings utility provided by virtually all hardware firewalls. Hardware firewalls use stateful packet inspection (SPI) to inspect individual packets and block incoming traffic that isn’t a response to your network’s outgoing traffic. You can even disable ports entirely, blocking all traffic in or out. Most software firewalls don’t provide the advanced features found on larger hardware firewalls, but they are primarily designed to protect a single host computer rather than entire networks or enterprise systems. Figure 2.2-6 shows a sampling of the firewall settings on the Comodo Internet Security Pro system. FIGURE 2.2-6 The configuration settings on a software firewall Power over Ethernet Most network hardware, including APs, draw power from an electrical outlet. Advanced APs and networked devices such as security cameras can instead operate on electricity supplied by a Power over Ethernet (PoE) injector or PoE switch. Both types of devices enable a standard Ethernet cable to carry power and data simultaneously. PoE Standards PoE provides electrical power from power sourcing equipment (PSE), such as a PoE switch, to a powered device (PD) over Ethernet cables that carry both the electrical power and transmitted data. PoE standards, discussed next, are developed and published by the IEEE (Institute of Electrical and Electronics Engineers) primarily to control how much power is supplied to different types of PDs. The PoE standards define four types or levels of power, detailed in IEEE 802.3af, IEEE 802.3at, and IEEE 802.3bt, which defines two types. Each of these PoE standards specifies the minimum power a PSE can source and the maximum power a PD can expect to receive. The three standards, which are defined within the IEEE 802.3 Ethernet group, are as follows: • IEEE 802.3af (Standard PoE) Also known as Type 1, this standard defines a power source of 44–57 volts and the maximum power output of a port to be no more than 15.4 watts. Used for voice over the Internet (VoIP) and Wi-Fi APs. • IEEE 802.3at (PoE+) Also known as Type 2, this standard is essentially an update to the 802.3af standard. However, the 802.3at standard doesn’t replace or obsolete the earlier standard and is backward compatible with it. PoE+ supplies a range of 50–57 volts. Each port of a PSE can supply up to 30 watts of power, but not less than 25 watts. PoE+ supports LCD displays, biometric sensors, and tablets. • IEEE 802.3bt (PoE++) Also known as Type 3 and Type 4, these two standards increase the maximum PoE power by sending additional power over two or more previously unused pairs of Ethernet cables: • Type 3 (PoE++) Carries up to 60 watts on each PoE port with a minimum power of 51 watts on a single RJ-45 cable. • Type 4 (higher-power PoE) Supplies maximum power of 100 watts on each port of a PSE and ensures a minimum of 71 watts. Table 2.2-1 summarizes the specifications of the PoE standards. TABLE 2.2-1 IEEE PoE Standards Injectors A PoE injector (also known as a midspan) is plugged into a standard Ethernet cable coming from a switch and a source of AC power. The injector adds the power to the Ethernet cable running from the injector to the PoE device. Switch A PoE switch detects whether connected devices are standard Ethernet devices or PoE devices. It supplies power to PoE devices but does not supply power to standard Ethernet devices. Hub An Ethernet hub resembles a switch but takes a signal from one port and blindly broadcasts it out the others. This slows down traffic, and to make matters worse, hubs subdivide the total bandwidth of the network by the number of connected devices. Take, for example, a 100Base-T (Fast Ethernet) network. Use a switch, and you get the full 100-Mbps speed to each port. Replace that switch with a hub, and if you have four devices connected, the effective speed per port is only 25 Mbps. Don’t use Ethernet hubs (USB hubs, on the other hand, are very useful). Optical Network Terminal Fiber-to-the-curb/-cabinet (FTTC), fiber-to-the-premises (FTTP), and fiber-to-the-home (FTTH) are becoming more and more available throughout the United States and in many countries around the world. If you subscribe to a fiber optic service for Internet, you’ll find that just like most all other communication service types, there is a device that serves as the demarcation point (demarc). In a fiber installation, the demarc is a device for which the responsibility for the service connection is divided. The service provider is responsible for all aspects of the service (quality, availability, speed, and so on) from its originating source, like a central office (CO). The subscriber is responsible for the service either at or beyond the demarc (as it enters the premises). The responsibility of the demarc and the service responsibility change are typically tied to who owns the demarc. In a fiber optic service, the demarc can be an optical network terminal (ONT), or the service provider may install a termination unit as the demarc, as illustrated in Figure 2.2-7. This device operates like a modem that is converting digital to analog and back again. An ONT, however, converts light signaling into electrical impulses, and vice versa. An ONT device can be about the same size as a cable modem but may also be the size of a bathroom medicine cabinet. Typically, an ONT is installed out of sight in a utility or service area. FIGURE 2.2-7 An ONT provides the conversion between fiber optic service and a premises network. Cable/DSL Modem At one time, DSL was one of the more common types of broadband services for SOHO networks. However, it’s now just one of several services available for SOHO Internet connections, along with cable, satellite, and wireless. The A+ Core 1 (220-1101) exam focuses on only two of these services: cable and DSL. This section looks at the differences between these services and their respective modem interfaces. Cable Modem Cable uses regular RG-6 or RG-59 cable TV lines to provide upload speeds from 1 to 20 Mbps and download speeds from 6 Mbps to 1+ Gbps. Cable Internet connections are theoretically available anywhere you can get cable TV. The cable connects to a cable modem that itself connects (via Ethernet) to a small home router or your NIC. Some cable modems also include support for VoIP telephony, such as the one shown in Figure 2.2-8. FIGURE 2.2-8 Cable modem with VoIP telephone support DSL Modem A digital subscriber line (DSL) modem connects to a standard RJ-11 telephone line, enabling the conversion of high-speed digital signals to and from the telephone line. DSL modems frequently are combined with wireless routers and are referred to as DSL gateways. DSL speeds vary widely from location to location because the greater the distance from the DSL modem to the telephone company’s central switch, the slower the performance. CrossReference To learn more about DSL service, see the “DSL” section in Objective 2.7. Network Interface Card A network interface card (NIC) was originally an add-on card that connected a computer to an Ethernet or other wired network. Although most computers and network devices use integrated wired or wireless network connections instead of a card, the term NIC is used for both network cards and integrated network adapters. Older computers can use PCI-based NICs, while current computers can use PCIe NICs, such as the wireless NIC shown in Figure 2.2-9. FIGURE 2.2-9 Wireless PCIe add-on NIC If a computer needs an upgrade to a faster or more capable NIC, it’s usually easier to use a USB NIC, like the one shown in Figure 2.2-10. Tablets and other devices with USB ports but no Ethernet ports can use a USB to Ethernet adapter (see Figure 2.2-11). FIGURE 2.2-10 External USB wireless NIC FIGURE 2.2-11 External USB to Ethernet adapter Each network adapter (or NIC) has a 48-bit built-in binary media access control (MAC) address that uniquely identifies it. Before a NIC sends data out, it breaks that data into transmission-friendly frames (see Figure 2.2-12), each tagged with the MAC address of the sender and recipient, along with information the receiver can use to detect any possible errors. A network switch uses the MAC address to forward frames to the port on which the correct host can be reached. FIGURE 2.2-12 Generic frame NOTE A cyclic redundancy check (CRC) is a common mechanism for detecting data transmission errors. Software-Defined Networking Unlike hardware-based networking—where the configurations of a network’s switches, routers, and firewalls specify its operations, pathing, and decisions—software-defined networking (SDN) provides an approach to network management that enables the network configuration to be set using dynamic, programmatic settings to define the network environment. SDN provides a more flexible way to configure a network’s operation, performance, and monitoring functions. SDN is more like cloud computing than traditional hardware-based network management. An SDN network is defined on three layers: an application layer, a control layer, and an infrastructure layer. This architecture isn’t something you need to know for the exam, but what each layer represents may help you to answer a question in which SDN is material. The application layer of an SDN contains hardware or software edge devices, such as a load balancer or a firewall (or both) and other mechanisms that operate at the edge of the network. The control layer contains the device (for example, a router or switch) that runs the software and acts as the brains for the network. The infrastructure layer is made up of the switching systems and devices that direct the flow of network traffic. The most important element of all of this is that the functions and interactions of the SDN layers are software-defined. REVIEW Objective 2.2: Compare and contrast common networking hardware • Networks interconnect devices for communication and sharing resources. Network components share a connectivity standard, an addressing method, and protocols. • A router connects LANs to WANs, and a switch connects devices on a LAN. Switches use the MAC address of a device, and routers use IP addresses to forward data to a destination. • A LAN is a group of networked computers in close proximity, and a WAN is a group of computers on multiple LANs connected with long-distance technologies. • Each port on a managed switch can be configured with different settings. An unmanaged switch has no management features. • An AP centrally connects wireless network nodes into a WLAN. • A firewall protects an internal network from unauthorized access to and from external networks. A network firewall can be either hardware or software. • PoE devices provide electrical power over cables that carry both electrical power and transmitted data. • An Ethernet hub takes a signal from one port and broadcasts it to all its other ports. • An ONT is a fiber optic service’s demarc that converts light into electrical impulses, and vice versa. • A DSL modem converts high-speed digital signals to and from the telephone line. A cable modem performs the same function on a cable service line. • An SDN network is defined on three layers: an application layer, a control layer, and an infrastructure layer, which contain hardware or software edge devices, the control software, and the switching systems, respectively, that define and control a network. 2.2 QUESTIONS 1. Company A wants to create two separate networks in a building but only wants to use a single-point connection. Which of the following does the company need? A. Unmanaged switch B. Router C. Hub D. Managed switch 2. You wish to install a digital PoE security camera over an outside storage area that requires 60 watts of power. To operate, what is the minimum PoE standard for this camera? A. PoE+ B. Standard PoE C. Type 3 PoE++ D. PoE is not available for digital cameras. 3. Company B has just moved into a new building and has found an existing Internet connection that use RG-6 wiring. Which of the following is being used? A. Cable B. DSL C. PoE D. Fiber 4. Your client is a company that has two locations in the same city, both of which get their Internet service from the same provider in the same city. Both locations use the same type of service, but one location has service that is about three to five times faster than the other. What type of service is most likely being used? A. Cable B. Satellite C. DSL D. PoE 5. What feature of all network adapters can be used to determine which device a frame is sent from or going to? A. IP address B. MAC address C. Switch port D. Router 2.2 ANSWERS 1. D A managed switch can be used to create multiple networks. 2. C A 60-watt PoE device requires Type 3 PoE++ standard support. 3. A RG-6 is a type of wiring used for cable Internet and cable TV. 4. C DSL service varies widely in speed, which is dependent on the distance from a client site to the central switch (central office) used by the phone company; longer distances have slower connections. 5. B Every network adapter, including those built into other devices, has a unique 48-bit MAC address. Compare and contrast protocols for wireless networking S etting up a small office/home office (SOHO) network is a great way to learn about networking and its benefits, such as easy file sharing and more flexible printing. The principles and methods you learn in this objective will help you understand the operations of wireless networking protocols. Frequencies The U.S. Federal Communications Commission (FCC) and the International Telecommunication Union (ITU) work together to provide interference-free transmission across the spectrum of RF bands. The ITU’s authority also extends to assigning satellite orbits and developing and coordinating worldwide technical standards. Figure 2.3-1 shows a graphic of the frequency allocations in U.S. radio spectrum. FIGURE 2.3-1 The frequency allocations in U.S. radio spectrum ADDITIONAL RESOURCES For a better view of the poster shown in Figure 2.3-1, visit the National Telecommunications and Information Administration (NTIA) at www.ntia.doc.gov/files/ntia/publications/january_2016_spectrum_ wall_chart.pdf. The two primary radio frequency bands used in SOHO wireless networks are those that contain the 2.4-GHz and 5-GHz frequencies. These frequency bands are unlicensed, meaning there is no registration or licensing fees or requirements for their use. Industrial, Scientific, and Medical Bands The Industrial, Scientific, and Medical (ISM) bands were originally designated for use by machinery that emits RF signals as a byproduct of its use, such as welders, heaters, and microwave ovens. In 1985, these bands were opened for use with mobile communications and LAN networking. The ISM bands are open and free to use without restriction. However, the downside to using ISM bands is that ISM bands are used for other purposes beside Wi-Fi. Many household, first responder, microwave, and several other wireless connections are also permitted to use these frequencies. As shown in Table 2.3-1, the ISM bands used in Wi-Fi are in the 2.40-GHz to 2.48-GHz band and the 5.73-GHz to 5.83-GHz band. ISM bands are the basis of two IEEE 802.11 standards: 802.11b and 802.11g. Within these standards, wireless devices communicate over non-overlapping channels (channels 1, 6, and 11), as shown in Figure 2.3-2. All other channels overlap one or more other channels, making them unreliable to use. TABLE 2.3-1 Bandwidth for the ISM RF Bands FIGURE 2.3-2 The channels in a wireless frequency band Unlicensed National Information Infrastructure Bands The Unlicensed National Information Infrastructure (UNII) bands include three separate frequency bands: UNII-1 (lower bands), UNII2 (middle bands), and UNII-3 (upper bands), as shown in Table 2.32. Each of these frequency groupings is 100 MHz wide. Like the ISM bands, UNII bands are unlicensed. TABLE 2.3-2 Standard UNII Bands Channels Each of the 802.11-based wireless network standards uses a single frequency range in either of the two radio band allocations (ISM or UNII) for sending and receiving data. Although 14 ISM channels are defined internationally, not all the channels can be used in certain countries. In the U.S., the FCC identifies only 11 channels, for example. Each of the 11 U.S. channels is 5 MHz in width. Unfortunately, in the 11-channel designation, only channels 1, 6, and 11 are available for use on a wireless local area network (WLAN), as these channels aren’t overlapped by other channels, as illustrated in Figure 2.3-2. The UNII frequencies have 24 non-overlapping channels that can be used on a WLAN, but not all are available on each of the UNII band levels. Table 2.3-3 lists the non-overlapping channels available for each of the bands. TABLE 2.3-3 UNII Non-overlapping Channels Wireless Networking Standards Wi-Fi, or wireless networking, is made up of a series of standards published by the IEEE. These standards define different levels of range, bandwidth, and compatibility with other standards for the medium in a WLAN. For each of the Wi-Fi standards, all of which are in the 802.11 series, two primary measurements are used to differentiate them: speed and frequency. Speed designates the amount of data a standard can transmit from one wireless device to another in millions of bits per second, or Mbps. Frequency specifies the RF frequency of the wireless medium. Table 2.3-4 lists these characteristics for the current wireless standards. TABLE 2.3-4 Current Wireless Network Standards EXAM TIP You should know the characteristics of the various WiFi/802.11 standards for the A+ Core 1 exam. NOTE Wi-Fi 5, or 802.11ac, operates only in the 5-GHz band. However, Wi-Fi 4, Wi-Fi 6, and after are dual-band and operate in either the 2.4-GHz or 5-GHz band. Bluetooth As explained in Objective 1.4, Bluetooth devices communicate directly with each other. Whereas a wireless LAN needs an intermediary device, such as a router or an access point, Bluetooth devices are able to connect directly by “pairing.” Bluetooth data transmission uses a limited-distance frequency between 2.1 and 2.48 GHz that a wireless network may also use. A Bluetooth device operates on either Bluetooth Low Energy (LE), which is the more popular of the two types, or legacy Bluetooth, which is also called Basic Rate/Enhanced Data Rate (BR/EDR). Bluetooth LE has a lower data transfer rate (1 to 2 Mbps) than the Bluetooth BR/EDR, which operates at 3 Mbps. Bluetooth devices, such as computing and handheld devices, can be all or part of a personal area network (PAN), which is accomplished by pairing Bluetooth devices together (important to remember for the exam). The following section provides a basic outline of the pairing process for a Bluetooth device. Enabling and Pairing Bluetooth Before you can connect via Bluetooth one device with another, you must first enable the Bluetooth capability on the device(s). Enabled Bluetooth devices can then be paired to establish interaction between them. For example, you can pair two smartphones together or a PC to a keyboard, mouse, printer, or another Bluetooth device. Assuming the device you wish to pair with has Bluetooth active and ready, the following sections describe the steps you need to take on a Windows, macOS, or Linux device to enable and pair it. Windows 10/11 To enable Bluetooth on a Windows 10 or Windows 11 device, do the following: 1. Open the Settings app from the Start menu. 1. Choose Devices to open the Bluetooth & Other Devices page. 4. Move the slide switch to On to enable Bluetooth (see Figure 2.3-3). FIGURE 2.3-3 The Bluetooth & Other Devices settings page Once Bluetooth is enabled on a Windows device, it can be paired with (connected to) another Bluetooth device. On a Windows device, open the Settings | Devices | Bluetooth & Other Devices page, as described. Click the plus sign associated with the Add a Bluetooth or Other Device option, and the Add a Device applet page will appear (see Figure 2.3-4). Choose Bluetooth to open the page that lists the Bluetooth devices within range to which your device can be paired. Choose the device to complete the pairing. FIGURE 2.3-4 The Add a Device applet is used to pair Bluetooth devices to a Windows device. Many Bluetooth devices, such as wireless headsets, mice, keyboards, and the like, will ask for a PIN code (number) to complete the pairing. For most devices, the pairing process is timed, which means you only have about 30 seconds (or less) to complete the pairing. Typically, this code is found in the device’s user manual or on a sticker on the device itself. If you cannot find the code cannot, access the manufacturer’s website or contact them directly. macOS To enable Bluetooth on an Apple macOS device, use the following steps: 1. On the Control Center or on the menu bar, click the Bluetooth icon (see Figure 2.3-5). FIGURE 2.3-5 The Bluetooth symbol 2. Click the Bluetooth switch to On (to enable) or Off (to disable). NOTE On a macOS system, turning off Bluetooth may also disable hotspot and other services. To pair a Bluetooth device to macOS, make sure the device is on and Bluetooth is enabled. Open System Preferences on the Apple menu and click Bluetooth to list the devices in range and choose the device. Enter the passcode if required. Linux On a Linux system, depending on its distro, the required daemons are bluez, gnome-bluetooth, Xfoe, LXDE, and i3, all of which are typically available in the blueman package. To start the Bluetooth daemon, enter the command sudo apt-get Bluetooth start in the Terminal. To pair a Bluetooth device to a Linux system, use the following series of commands at the command line: 1. Check the Bluetooth status: sudo systemctl status Bluetooth 2. Enable Bluetooth discovery: bluetoothctl discoverable on 3. List Bluetooth devices in range: bluetoothctl scan on 4. Pair with a device: bluetoothctl pair <MAC address> 5. Connect to the paired device: bluetoothctl connect <MAC address> 6. Set the paired device to trust status: bluetoothctl trust <MAC address> 7. List paired devices: bluetoothctl paired-devices Long-Range Fixed Wireless Often the cost of pulling cable over long distances to provide access to rural homes and businesses isn’t feasible. In this case, alternative solutions, such as digital subscriber line (DSL), satellite, and fixed wireless access (FWA), can provide access to Internet-based resources. DSL may not be a viable solution in all situations. It has distance limitations and may not be available. Satellite and FWA may also not be viable as they are point-to-point and typically line-of-sight (LoS) services. Satellite services require the installation of a dish and typically have expensive bandwidth increments. FWA does require an antenna, but it is smaller than a satellite dish. Like satellite, FWA doesn’t require long pulls of fiber optic and copper cables for last mile connection. If you have a satellite service, such as Dish Network, DirectTV, or Hughes Internet, you are already using a form of FWA. FWA isn’t a new technology, and it’s possible you use some form of it, in one way or another, including 4G/LTE and Wi-MAX, both of which have proven to be expensive to install and operate. The deployment of 5G Fixed Wireless Access (5G-FWA) or any of the fixed wireless legacy systems, such as Local Multipoint Distribution Services (LMDS) and ISM 2.4-MHz point-to-point services, will depend on local ordinances and policy. IEEE 802.11ah The IEEE 802.11ah standard defines a WLAN that operates on an unlicensed 1-GHz band. Its lower frequency gives it a longer transmission range than other Wi-Fi WLAN standards. IEEE 802.11ah is used for extended-range hotspots and cellular traffic offloading. Local Multichannel Distribution Service Local multichannel distribution service (LMDS) has proven to be a cost-effective two-way wireless LoS microwave service for all Internet media types. In the U.S., LMDS operates on the 28-GHz frequency band (the EU uses 40 GHz), which is limited to a range of two or three miles, depending on what may be encountered in its path. Licensed Frequencies In the U.S., the Federal Communications Commission (FCC) controls who can broadcast on the available RF spectrums. Licensed bands of the RF spectrum are assigned (for a fee) to broadcasting and cellular networks, among others. A licensed RF band grants the holder the sole right to broadcast their signals over one specific frequency in a specified geographic area (for example, your favorite radio station might broadcast on the licensed frequency of 98.7 FM). EXAM TIP For the A+ Core 1 exam, you should know and understand what long-range fixed wireless is and how it’s used as well as the difference between licensed and unlicensed frequencies. You should also have a general understanding of the power and signal strength elements of wireless signaling. WLAN Devices: Power and Signal Strength In a WLAN, transmitting and receiving devices convert wired signals to wireless signals and back again. The signals transmitted between the wireless devices are in the form of radio frequency signals, which can attenuate over set distances, depending on the signal strength. The primary signal strength and the power of the transmission are defined by the following: • Radio transmit power Measured in decibel mW to indicate the power level of a transmitted signal. • Equivalent isotopically radiated power (EIRP) The equivalent of the transmit power less the signal strength loss between the transmitter and the antenna plus the signal strength gain of the antenna. • Received signal strength indicator (RSSI) As its name says, this is the measurement of the signal strength received at any receiver within the range of a WLAN. It indicates the signal strength residual after distance and obstacle attenuations. Near-Field Communication Near-field communication (NFC) allows wireless devices to communicate with other wireless devices within a range of 4 centimeters (cm), or about 1.6 inches. NFC transmits and receives RF waves, which can make it seem much like Bluetooth, RFID, or even Zigbee, but NFC differs because its signal generation is produced from electromagnetic induction. This allows passive devices with no power source to transmit to an active device, such as a smartphone or tablet, that enters its range. NFC has three modes of operations: read/write, card emulation, and peer-to-peer, which has been redacted. NFC is most commonly used with tap-to-go payment systems, such as Apple Pay, Google Pay, and other form of cashless payment services. Radio-Frequency Identification Radio-frequency identification (RFID) is a technology in which digital data, burned into labels or tags, is emitted as RF waves that can be received by nearby readers. RFID is an automatic identification and data capture (AIDC) technology that automatically identifies objects, collects data about them, and inputs the data into another system without external intervention. At its core, an RFID system has three components: an RFID tag or label, a reader, and an antenna. An RFID tag or label contains an integrated circuit and an antenna that transmits data to an RFID reader on a receiver device. The reader converts the signal into usable data that is transferred to a host computer system and then stored. RFID devices can be used for asset, inventory, and people tracking as well as to limit access into controlled areas. RFID technology is also used in ID badges. REVIEW Objective 2.3: Compare and contrast protocols for wireless networking • The two primary RF spectrums used in SOHO wireless networks are the unlicensed ISM and UNII spectrums (2.4 GHz and 5 GHz, respectively). • ISM WLAN devices communicate over non-overlapping channels (channels 1, 6, and 11). • The IEEE 802.11 wireless networking standards have evolved from the 802.11a to the current 802.11ax. • Wi-Fi 802.11 standards use two measurements to differentiate them: speed and frequency. Speed designates the data transmitted in Mbps. Frequency specifies the RF frequency. • Bluetooth devices communicate directly, but a WLAN requires an intermediary device, such as a router or an access point. Bluetooth transmits on a limited-distance frequency between 2.1 and 2.48 GHz in the ISM frequencies. • NFC wireless devices communicate in a range of 4 cm. NFC has three modes of operations: read/write, card emulation, and peer-to-peer. • RFID labels or tags emit RF waves that can be received by nearby readers. RFID systems have three components: an RFID tag or label, a reader, and an antenna. 2.3 QUESTIONS 1. The wireless LAN RF frequencies are specified in the 2.4-GHz and 5-GHz ranges, which are known commonly as what? (Choose two.) A. ISM B. WLAN C. NTIA D. UNII 2. Bluetooth transmits on a limited-distance frequency between which two ISM frequencies? A. 2.57 GHz to 2.8 GHz B. 2.1 GHz to 2.48 GHz C. 5.725 GHz to 5.825 GHz D. 28 GHz to 36 GHz 3. Which of the following is not one of the factors used to define the primary signal strength and transmission power of an RF wireless signal? A. Radio transmit power B. EIRP C. RSSI D. DHCP 4. What is the maximum range of NFC wireless devices? A. 4 cm B. 4.6 inches C. 4 mm D. 4 mW 5. Which of the following is not a component of an RFID system? A. RFID tag B. RFID label C. RFID printer D. RFID reader 6. Which Wi-Fi standard has a maximum speed of 9.6 Gbps and uses the 2.4-GHz and 5.8-GHz frequencies? A. 802.11ac B. 802.11n C. 802.11ax D. 802.11z 2.3 ANSWERS 1. A D ISM frequencies begin with 2.4 GHz, and UNII frequencies begin with 5 GHz. 2. B Bluetooth transmits on a limited-distance frequency between 2.1 GHz to 2.48 GHz. 3. 4. D DHCP is not a factor of the primary signal strength and transmission power of an RF wireless signal. A The maximum range of NFC wireless devices is 4 cm. 5. C RFID systems are wireless and do not print physical elements. 6. C 802.11ax, also known as Wi-Fi 6, has a maximum speed of 9.6 Gbps and uses the 2.4- and 5.8-GHz frequencies. Summarize services provided by networked hosts N etwork hosts can be used as servers to provide file, print, and other types of services; as network appliances to provide security and network protection features; and as embedded and legacy devices to provide ATM, traffic light, machine control, and other specialized services. Server Roles A server is any computer or device that provides services to connected devices. Depending on the size and types of networks in use, some servers are built into devices such as routers, and some computers on the network can perform server roles. The following sections describe these roles. EXAM TIP Know the various server roles by name and function. For example, know that a syslog server is used to store (log) events and can send alerts to administrators. DHCP Server A Dynamic Host Configuration Protocol (DHCP) server provides IP addresses, default gateways, and other network settings such as DNS server addresses to connected devices. Typically, a DHCP server’s function is incorporated into a device such as a router on a small office/home office (SOHO) network. However, larger networks might use dedicated DHCP servers. DNS Server A Domain Name Service (DNS) server maintains a database of IP addresses and their matching host names. When a host name, such as www.totalsem.com, is entered into a web browser, the DNS server used by that system matches that host name to the appropriate IP address. DNS servers are provided by ISPs as well as by public DNS services such as Google DNS and OpenDNS. Although your device typically is configured with DNS servers by the DHCP server, it is possible to manually configure the DNS servers you prefer. File Server A file server or a file share stores files that are used by other computers and devices on a network. For residential or small business networks, a file server–like function can be enabled through file sharing on Windows, Linux, or macOS computers. Larger organization networks typically use dedicated file servers and computers. File server hardware generally features very large highspeed storage devices, high-performance network adapters, and sufficient memory to support the server software it hosts. Print Server A print server manages a network print queue for printers that are attached to the server or are connected directly to the network. Depending on the network, a single physical server might be used for both file and print server tasks, or separate servers might be used. Mail Server A mail server sends and receives e-mail. Incoming servers (where you check for new e-mail) typically use Post Office Protocol version 3 (POP3) or Internet Message Access Protocol version 4 (IMAP4), while outgoing servers (where you send e-mail) use Simple Mail Transfer Protocol (SMTP). These addresses come from your e-mail provider (usually your ISP, company, school, or other organization). Syslog Syslog is a protocol that network devices use to send event messages to a server that logs them for viewing. The syslog server can send alerts that can be reviewed by network administrators. Syslog is not natively supported on Windows, but third-party software can be used to convert messages from Windows apps into syslog-compatible messages. ADDITIONAL RESOURCES To learn more about syslog, see the article “The Original Windows Syslog Server” at https://www.winsyslog.com/. Web Server A web server runs software designed for serving websites. For example, Microsoft Internet Information Services (IIS) functionality is available as an optional feature of Windows Server and businessoriented editions of Windows 10 and Windows 11. Most Linux distributions include Apache or Nginx web servers. Apache can also be used on macOS. Authentication, Authorization, and Accounting Server An authentication, authorization, and accounting (AAA) server program processes user requests to authenticate (identify) that the requestor is valid, may be authorized for specific access levels, and is to be tracked by audit and accounting functions. Authentication typically requires the verification of a user name and password, but additional factors can be used or required. Authorization assigns the predefined rights and permissions of an authenticated user to control access and action with resources. Accounting is the tracking mechanism in use to record the actions and results of the user. An AAA server verifies the user’s identity and controls and tracks access to system resources while the user is logged in to a network. Examples of AAA servers include RADIUS servers used by WPA2 and WPA3 encryption on corporate networks and servers that inspect RSA tokens provided by users with RSA key fobs. Internet Appliance Internet appliances are special-purpose devices that are incorporated into networks, typically to provide various types or levels of network security. The following sections provide a brief overview of the types of Internet appliances you need to know for the CompTIA A+ 220-1101 exam. Spam Gateways Anti-spam appliances (aka spam gateways) are devices that use onboard software to filter out incoming spam e-mail messages and instant messaging (or “spim”) to prevent them from entering a system. Spam gateway devices are primarily in use in enterprise organizations, but many ISPs, academic institutions, and small businesses also employ some version of this function. Unified Threat Management Unified threat management (UTM) involves the use of hardware or software to provide a combination of several security functions. Typically, a UTM device provides security protections that may include firewall, remote access, VPN support, web traffic filtering, anti-malware, and network intrusion prevention. UTM replaces the need to install separate devices or systems for each of its supported security functions. A UTM solution can be a specialized appliance that is placed between an internal network and an end or gateway device, or it may be installed on a virtual machine running cloudbased services. EXAM TIP Know the purposes of and understand the differences between Internet appliances such as UTM devices, intrusion detection systems (IDSs), and intrusion prevention systems (IPSs). For example, an IDS can identify threats and send alerts. However, the more powerful IPS can actually act on the threat and possibly stop it! Load Balancers The purpose of a load balancer is to spread out the processing required to respond to incoming request traffic as evenly as possible, or desired, across a group of network or specific-purpose servers. Load balancers typically sit on the network between client devices and the servers to be balanced. Incoming requests are assigned to the next available server with the capability of processing the request. Proxy Server A proxy server is an intermediary between its users and the resources they request. Applications send requests to the proxy server instead of trying to access the Internet directly, and the proxy server fetches the resources on behalf of the users. This enables the proxy server to monitor usage, to restrict access to or modify insecure or objectionable content, as well as to cache, compress, or strip out resources to improve performance—and more. Enterprise proxy servers are usually implemented as software running on a multipurpose server. EXAM TIP Many security appliances include context-based rules called data loss prevention (DLP) to avoid data leaks. DLP scans outgoing packets and stops the flow if they break a rule. Legacy/Embedded Systems Networked devices don’t necessarily look like computers. Many are, but you can find narrow-purpose computers or servers embedded in all sorts of machines and other equipment—CompTIA calls these legacy/embedded systems. It can be easy to overlook networked devices embedded in this equipment, but they may represent massive investments your network must remain compatible with. Some examples of legacy/embedded systems include machine controllers, digital watches, digital music players, traffic light controllers, aviation equipment, bank ATMs, and more. If these systems are running operating systems that are no longer supported with security or other patches (such as Windows XP or Windows 7), they represent a significant security threat. Supervisory Control and Data Acquisition Supervisory control and data acquisition (SCADA) systems perform real-time data collection for analysis of the efficiency, cost reduction, and operation improvements in an industrial setting. Because there can be an almost overwhelming amount of data available, SCADA is used to help organizations select and access specific data and control the functions of the equipment and machinery involved. SCADA applications can be used to view, collect, analyze, and graph a range of process characteristics, such as temperature, power consumption, operating levels, and many other measurable conditions. Internet of Things Devices Internet of Things (IoT) devices, also called “smart devices,” include those devices and objects capable of being connected to a WAN or the Internet. IoT devices, or “things,” is an ever expanding group, but characteristically they are devices that have the capability to send and receive data over a network. This includes automobiles, home appliances, smartphones and watches, residential and security lighting, home security detection and alarm systems, and more. For example, a car may have a system that helps it locate an empty parking space, or a refrigerator can alert its owner when the inventory of a required food or liquid item falls below a certain level. REVIEW Objective 2.4: Summarize services provided by networked hosts • • • • • • Web servers run software that serves websites. File servers store files and folders for use on the network. Print servers manage network print queues. DHCP servers provide IP addresses to connected devices. DNS servers handle DNS/IP address lookups. Proxy servers reroute requests for Internet content to their own copy of that content, or they can block requests. • Mail servers send and receive e-mail. • Authentication servers verify a user’s identity. • The syslog protocol is used to send event messages to a server where they can be logged and viewed. • Internet appliance categories include spam gateways, load balancers, IDSs, IPSs, UTM devices, and end-point management servers, all of which can be used to protect the network. • Legacy/embedded systems such as ATMs and machine controllers represent a significant security threat if their operating systems are no longer being patched. SCADA systems perform real-time data collection for analysis of the efficiency, cost reduction, and operation improvements in an industrial setting. • IoT devices include automobiles, home appliances, smartphones and watches, residential and security lighting, home security detection and alarm systems, and more! 2.4 QUESTIONS 1. Microsoft IIS and Apache are examples of which type of server? A. DHCP server B. File server C. Web server D. Print server 2. Company H is setting up a RADIUS server as part of its wireless network. This server will perform which of the following tasks? A. Mail server B. Authentication server C. Proxy server D. Print server 3. Company J wants to install an Internet appliance that will provide protection as well as load balancing and VPN services. Which of the following categories has the device they need? A. B. C. D. IPS DLP IDS UTM 4. Your client’s network is able to receive e-mail but unable to send it. Which of the following is not working? A. SMTP B. UTM C. Authentication server D. DNS server 5. Your department is considering an Internet appliance. Which of the following is the most likely reason to get one? A. Print serving B. Security C. Wireless AP D. Web server 2.4 ANSWERS 1. C These are examples of web servers. 2. B A RADIUS server is used for authentication on a WPA2 or WPA3 Wi-Fi enterprise network. 3. D UTM (unified threat management) includes broad protection against threats as well as bundles network security services. 4. A SMTP (Simple Mail Transfer Protocol) is used to send email messages. If this protocol is disabled or blocked, e-mail cannot be sent. 5. B Internet appliances are used to provide additional security features to an Internet connection. Given a scenario, install and configure basic wired/wireless small office/home office (SOHO) networks S mall office/home office (SOHO) networks tend to be simpler in design and layout, and they typically have fewer components than the networks in larger organizations and enterprises. This doesn’t mean that the same network functions aren’t required, because they are. A SOHO network often uses a single device to implement multiple network processes, but this capability isn’t always available. This objective provides an overview of the processes used to configure and install a basic network, wired or wireless, in a SOHO setting. Internet Protocol Addressing The most important activity in the configuration of a network, regardless of its size, is the assignment of its Internet Protocol (IP) addressing scheme. On Ethernet networks, which most SOHO networks are, the addressing choices are Layer 2 Media Access Control (MAC) addresses (also called physical addresses) and IP version 4 (IPv4) or IP version 6 (IPv6) addresses (also called logical addresses). MAC addresses are the default addressing on any Ethernet network. Each component capable of communicating on the network’s medium is permanently assigned a MAC address by its manufacturer. If the communication between one network node and another remains totally on the local network, only the MAC address is needed. However, should network communication need to exit the local network and be forwarded on a WAN or the Internet, IP addressing becomes a necessary part of the configuration of the network and each of its nodes. A network address, also called a logical address, must uniquely identify any device capable of communicating on the network medium, regardless of the medium being wireline (or wired) or wireless. A network address becomes the means by which a device is located on the network. In the addressing schemes of a TCP/IP network, an IP address identifies both a device and the network on which it resides. There are two versions of IP: IPv4 and IPv6. The following sections cover their essentials features and differences. EXAM TIP