Free Study Guide for Network Plus 4.4 – Dumps4shared

Free Study Guide for Network Plus 4.4

4.4 Summarize common networking attacks.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our free study guide for Network Plus 4.4. In this edition, we will cover the topics outlined in Network+ Objective 4.4 – “Summarize common networking attacks.”


A DoS (Denial-of-Service) attack prevents legitimate users from accessing normal content such as from a web server. This attack sends a flood of illegitimate SYN requests to a server, exhausting its resources. This attack comes from sources owned by the attacker. Please review the following types of DoS attacks.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

A DDoS (Distributed DoS) attack is much more sophisticated than a simple DoS attack. This attack infects hosts with malware and turns them into an army of bots or zombies. The infected machines are controlled by the attacker, unknowing to the user. The users unwittingly become a part of this coordinated attack.

A DRDoS (Distributed Reflective DoS) attack is a DDoS attack that uses uninfected computers to bounce the attack to the target. The packets in this attack are spoofed echo requests that appear to be sent from the target. When the echo requests are sent to the target, the target becomes flooded.

Amplified DRDoS attacks optimize the attack by sending simple requests that require larger responses from the target. This floods the targets with requests that require more resources to respond, amplifying the effectiveness of the DRDoS attack.

Social engineering

Employees present a security risk since human nature can cause employees to divulge information to the attacker. This is referred to as social engineering and uses a perceived sense of trust in order to trick users into revealing confidential information. The attacker may be posing as an authorized employee asking to gain information about the network. For example, a “help desk” intruder may be able to get a password from a user with little to no effort. There are many types of social engineering and we will cover those described in the objectives.

Phishing is a highly effective attack type. During this attack, the attacker sends a seemingly legitimate email to the victim asking them to log on to a retailer’s URL and submit their username and password for verification.

Insider threat

A user may become dissatisfied with their job and may decide to act maliciously. This is an extremely serious threat. They have extensive knowledge about the organization’s infrastructure. A user with high-level rights and permissions can do serious damage.

Logic bomb

There are many types of malware constantly attempting attacks by viruses, worms, and trojan horses. We will cover those types listed in the objectives.

A logic bomb is malware that has infected a PC but will not execute until a specific date or under certain conditions. Logic bombs are harmless and lie dormant until it has been triggered.


Ransomware is malware that locks the user’s computer and encrypts the data on all connected drives, including online storage. The user receives a locked screen with instructions detailing the ransom demand and payment information. There may be a deadline for payment or a threat to delete data if the ransom is not paid. Computers infected with ransomware are not generally recoverable until the ransom is paid. Even then, you may not regain access. Ransomware is a multimillion-dollar operation.

Rogue access point

Rogue access points are set up using the same SSID as valid access points. A rogue access point is also known as an evil twin. Once a user accesses the rogue access point, their data in transit can be hijacked or even access to the user data is possible.


An amazingly effective security threat is called war driving. In this case, the hacker simply drives around looking for unprotected wireless networks. There is an astonishing number of access points broadcasting their SSID that is setup using the default password. Once an open access point is discovered, the hacker can attempt to penetrate the network or just scan the traffic to attempt an exploit.

DNS poisoning

DNS poisoning, or DNS spoofing, attacks DNS servers by changing a webserver’s DNS record, redirecting legitimate traffic to a spoofed or compromised server. This enables the hacker to gather all the data intended for the legitimate server. The DNS system constantly updates other servers with its records so the poisoned address can spread quickly. ARP poisoning works in much the same way, however the ARP tables are attacked, changing the IP address and MAC address information stored on them.


This attack type redirects secure transmissions and captures them in order to obtain information such as passwords. Users may also be redirected to a fraudulent website that looks legitimate but contains links to other malicious sites.


Wireless clients must authenticate with a wireless access point. There are times when this authentication can be revoked. For example, if the AP is overloaded, some users may be deauthenticated (knocked off). This requires them to log back onto the network. The deauthorization process can be broadcasted, prompting the user to resend their login credentials and other information in order to log back in. This data can be collected and used to cause damage.

Brute force

Passwords are the bane of computing today. Users and hackers prefer short and simple passwords. Administrators prefer long and complex passwords in order to avoid security issues. Please follow the advice of administrators. Use a mix of numbers, upper and lower case letters, and symbols. Ensure the password is at least eight characters long. Having said that, a complex password is not immune to brute force hacking. A complex password is just harder to crack.

VLAN hopping

VLAN hopping is an attack that exploits the way VLANs are tagged. In this attack, the hacker sends transmissions to the switch that appear to be a part of the protected VLAN. Hackers are then free to travel across VLANs in order to gain sensitive information. Attackers can modify the VLAN tag by double tagging it or by spoofing the switch into thinking this is a trunk.

Exploits vs. vulnerabilities

The terminology we use is important to understand. Here any weakness in a system that could be compromised is called a vulnerability. Not all vulnerabilities are attacked. When vulnerabilities are used to gain access or information, this is called an exploit.

Click here to go back to the Network+ 4.0 Table of Content

That’s it for objective 4.4. See you in 4.5!

We hope you liked our free study guide for Network Plus 4.4. If you did, please let us know (you can use “contacts”. If you found any typos or the like, then please let us know about that too! This is a communal effort to bring studying costs down and we need all the help we can get to keep improving it.

Click here for more info about our Exam Simulator for Network+ Exam N10-007


Screenshot of the CompTIA Exam Objectives for Network+ N10-007
CompTIA Objectives for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


Free Study Guide for Network Plus 4.3 – Dumps4shared

Free Study Guide for Network Plus 4.3

4.3 Given a scenario, secure a basic wireless network.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our Free Study Guide for Network Plus 4.3. In this installment, we will explore the Network+ Objective 4.3 – “Given a scenario, secure a basic wireless network.”

Click here for more info about our Exam Simulator for Network+ Exam N10-007


Wireless network traffic can be seen and captured. WEP (Wired Equivalent Privacy) was the original encrypted WiFi protocol. WEP has some shortcomings, for example, the same static network key is used on all clients. This key can only be changed manually.

WPA (Wireless Protected Access) was developed in order to increase security and dynamically create new keys for every transmission. WPA uses TKIP (Temporal Key Integrity Protocol) which utilizes the RC4 (Rivest Cipher 4) stream cipher. Each packet gets a unique 128-bit key.

The WPA2 certification was introduced in 2004 and replaced the RC4 encryption algorithm with AES (Advanced Encryption Standard) for faster and more secure transmissions. CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) is used to replace the now deprecated TKIP. CCMP supports data confidentiality, authentication, and access control. A Pre-Shared Key (PSK) can be created with WPA2-personal in a home or small office.

Circling back to WEP (Don’t use it!), WEP supports two testable authentication methods. OSA (Open System Authentication) requires no key and the client needs only the SSID to begin. SKA (Shared Key Authentication) uses the same key across all wireless nodes and communications can be encrypted.

Authentication and authorization

Authentication on WPA2-Enterprise networks very often use RADIUS servers and the EAP (Extensible Authentication Protocol). EAP is supported by modern operating systems and can be used with physical authentication methods. EAP-TLS uses the public key infrastructure with TLS encryption. EAP-TLS is Certificate based.

PEAP (Protected PEAP) and EAP-FAST (EAP-Flexible Authentication via Secure Tunneling) both create secure tunnels between the endpoints. PEAP creates an outer tunnel before beginning the normal EAP process. This creates an inner tunnel to be used for data.


Many enterprises using WWAN to serve their mobile users use MDM (Mobile Device Management) software in order to secure their mobile assets. The MDM uses the device’s GPS in order to determine whether a device is in an approved area. Access is restricted to clear geographic areas.

Click here to go back to the Network+ 4.0 Table of Content

That’s all for objective we hope you enjoyed our Free Study Guide for Network Plus 4.3.  – “Given a scenario, secure a basic wireless network.” See you in 4.4!


Click here for more info about our Exam Simulator for Network+ Exam N10-007

In this short video, you will get a quick overview of the Network+ Exam Objectives:


Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


free study guide for Network plus 4.2 – Dumps4shared

free study guide for Network plus 4.2

4.2 Explain authentication and access controls.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our free study guide for Network plus 4.2. In this edition, we will cover objective 4.2 “Explain authentication and access controls.”

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Authentication, Authorization, and Accounting

The three major elements of network access are known as AAA. This stands for Authentication, Authorization, and Accounting. AAA answers the following questions anytime a user is validated for network access.

  • Authentication: Who are you? Can you provide the correct credentials for access to the network?
  • Authorization: What are you allowed to do? Here, the user’s authorization to access resources, perform tasks, or execute commands is verified.
  • Accounting: When did you attempt to access and what did you do? Accounting logs the users’ activity and retains the log for auditing.

The answers to these questions can be provided through several access control technologies. These will be discussed next.

RADIUS (Remote Authentication Dial-In User Service) is the most popular service that centralizes resource management and conforms to AAA functions. RADIUS is an open source standard that can run on a dedicated device, called a RADIUS server, or it can run as software on a server which provides other network services. With regards to security, RADIUS only encrypts passwords making it less secure than TACACS+.

TACACS+ (Terminal Access Controller Access Control System Plus)  is a proprietary AAA protocol designed by Cisco in order to run on routers or switches. TACACS+ encrypts all transmissions and provides separation in the protocols used for AAA. Its design allows protocols such as Kerberos to be used for authentication while TACACS+ provides the authorization and accounting service.

Kerberos is the default authentication protocol for Active Directory. Key encryption is used for client verification and communication. Kerberos uses SSO (Single sign-on) authentication which allows a user to sign on once and conveniently access multiple resources, eliminating the need to sign into each resource individually. In AD, Kerberos is the default authentication protocol but is not the only one supported. LDAP (Lightweight Directory Access Protocol) serves as a common model for accessing the existing directory structure. AD and LDAP can run concurrently.

Local authentication describes an AAA model where all processes are performed on the local device.

Certificates are used to authenticate users. In Certificate-Based Authentication, an authentication request is sent that contains the user’s public key that is then used to validate its authenticity.

Multifactor authentication

Multifactor authentication provides greater security by requiring multiple authorization components from two of the five factors presented below. Here is how CompTIA defines them:

Something you know – This is a password or PIN.

Something you have – This can be a smart card, smartphone, or a digital key fob.

Something you are – Stored physical data is used for authentication. The geometry of your face, your fingerprint, and your iris all represent something you are.

Somewhere you are – This method requires your location to match the stored data.

Something you do – This represents the individual aspects of the way you enter data. Speech recognition allows your speech pattern to be compared with the sample. Even the speed at which you type can be used.

Access control

The 802.1x standard was developed in order to allow wired and wireless users to access the LAN. EAPoL  (EAP over LAN) is used for this process.

NAC (Network access control) uses network policies in order to control and set the appropriate type and level of access for each device. Access control lists are an example of access control policy.

Port security is the practice of securing ports against unauthorized access using software or hardware. MAC address filtering is used to block unauthorized traffic based on the source MAC address and an updateable address table. The switch-port can be easily disabled.

Captive portal is generally configured in order to provide the Wi-Fi Guest account settings for a network. The user is brought to a log on page that will usually require consent to the terms of use and connection related information such as privacy and security.

Click here to go back to the Network+ 4.0 Table of Content

That’s all for objective 4.2. See you in 4.3!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Here is a short video showing a performance-based question in our Network+ Exam Simulator:

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


Free Study Guide for Network Plus 4.1 – Dumps4shared

Free Study Guide for Network Plus 4.1

4.1 Summarize the purposes of physical security devices.

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared. Free Study Guide for Network Plus 4.1. This edition will cover physical security types and their purposes as outlined in objective 4.1 -“Summarize the purposes of physical security devices.” Enjoy!


When discussing physical security, let’s start with the methods used to detect unauthorized intrusion into protected areas and the devices they contain.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Motion detection is used to monitor for physical activity, often triggering an alarm or alerting security personnel. The sensitivity of the detector is calibrated in order to prevent false alarms. These detectors can trigger event monitoring, recording the date and time of the activity along with turning on the lights and enabling video recording.

Video surveillance, in the form of closed-circuit TV (CCTV), has greatly reduced the manpower needed to visually monitor protected areas. Strategically placed video cameras can cover areas that once required physical surveillance. The video cameras send their imaging to a central monitoring station, enabling security personnel to view and record activity throughout the entire coverage area(s). The video camera can connect to the central monitoring station using a coaxial cable or through the existing network.

Regardless of the connection method used, remember that these cameras can be motion activated or can remain on at all times. As a rule, all video should be recorded and saved.

Asset tracking tags are placed on all valuable assets owned by the company. This serves several purposes. The tag is linked to a database of assets and uses the object’s type, make, model, acquisition date, and current location. The tag is usually a barcode but can also be an RFID tag. These tags are used to identify the object for depreciation, routine maintenance, or security.

A common form of Tamper detection is a sticker which when broken, indicates the opening of a device enclosure. This is not the only tamper detection that may be encountered. More sophisticated tamper detectors are mounted inside the device and can trigger alarms, lights, and cameras.


ID Badges are used to identify employees. Depending on the access model, the ID badge can also provide electronic information to allow access to restricted areas. Badge readers are also placed strategically around locked areas in order to permit access to authorized parties.

Biometrics uses a person’s unique physical characteristics to authenticate them. This could be as simple as a fingerprint or hand scan and as complex as a retinal scan. The scanned results are compared to the stored biometric data for authentication. While this method is more expensive to implement and maintain, it possesses a very high accuracy level.

Smart cards are electronic access badges that are used to unlock doors to authorized areas. These badges often contain a photograph of the user.

A Key fob is easily recognizable to anyone with remote locks on their vehicle. This device is used to allow access to secure areas. However, it is not as easy as pushing a button. The key fob and door are time-synchronized and use a random sequence in order to permit access.

All of the prevention methods listed above control locks. Access to a locked area can be as simple as a physical key or as complicated as a biometric lock. It is important to realize that multiple prevention methods can be combined, creating multi-factor authentication which will be described in the following posts.

Click here to go back to the Network+ 4.0 Table of Content

we hope you liked our free study guide for Network Plus 4.1. See you in 4.2!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

screenshot of a Performance Based Question (PBQ) in the Dumps4shared Network+ simulator
Example of Performance Based Question (PBQ) in the Dumps4shared Network+ simulator

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


Free Study Guide for Network plus 3.5 – Dumps4shared

Free Study Guide for Network plus 3.5

Free Study Guide for Network plus 3.5

Click here to go back to the Network+ 4.0 Table of Content

Welcome to Exam Notes by Dumps4shared! This is our free study guide for Network plus 3.5 “Identify policies and best practices.” Enjoy!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

A successful company will have a group of organizational policies to ensure strategic objectives and also regulatory compliance, adherence to corporate policy and the satisfaction of vendor agreements. These are high-level policies that affect the whole organization. We will here look at some of these policies and procedures as defined by the CompTIA exam objectives.

Privileged user agreement

This agreement is applied to employees that have access to Personal health records. This including Doctors and staff. The employee agrees not to disclose any information relative to these records.

Password policy

Weak, and compromised passwords are a primary threat to our system security.  Your company will have a clear password policy the covers the length of the password, and the specifications for the character types that must be used. There will be a list of dos and don’ts. Do not divulge your password to anyone, be they a co-worker or your superior. Don’t leave the password written down and stored in your office. The length and complexity of your password are important, and it is equally important to safeguard your password.

Screenshot of Strong password generator
Strong password generator

On-boarding/off-boarding procedures

Permitting wireless network access for a device is called on-boarding and the removal of a device is called off-boarding. Today’s office environments contain a mix of company assets and personal devices to perform work. Care must be exercised when permitting devices to access the network. Here mobile device management (MDM) software will allow greater control over this process.

Licensing restrictions

All software is covered by a licensing agreement that you must accept before installation. This agreement contains information on your right to use the software and what information the software collects.

International export controls  

The Windows operating system is one of the largest examples of the international export of software. In Windows 10, versions were created for use in Europe (N) and Korea (KN). These versions contain all of the basic features of the operating system without the Windows Media Player, Music, and Skype.

Data loss prevention

DLP (data loss prevention) is a risk mitigation technique that prevents network data classified as sensitive from being downloaded, transmitted or copied.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Remote access policies

A remote access policy outlines and clearly defines your company’s acceptable remote access methods for hosts. Adherence to this policy is crucial for workers connecting over insecure public networks and even home networks.

Incident response policies

When an incident occurs the actions to be taken are laid out clearly in the Incident Response Policy. The document will contain the preparatory information the response team will need to act. The detection methods and threat authentication process is defined. The impact of an incident is quickly contained and further problems are prevented.


Bring your own device (BYOD) is the method of allowing employees to bring their own personal devices into the workplace. The permissions for these devices will be determined by the On-boarding / off-boarding section described above.


An Acceptable Use Policy (AUP) is where the company defines what and what is not acceptable use of company resources. You will sign and consent to this policy which is legally binding.


The Non-Disclosure Agreement (NDA) is a critical document to protect the company as a whole. It describes how data classifications like private and confidential are to be treated. As you advance in your career you will be exposed to more important information. A casual cup of coffee with a stranger is an opportunity for them to gain strategic information. Your NDA will address any breach and the penalties associated.

System life cycle

The system development lifecycle is a continuous process that consists of several distinct and clearly defined phases. The process is a plan that enables engineers and developers to manage a system from its inception through its useful life until its ultimate disposal.

– Initiation The process begins when a need is identified. Even better to capitalize on an opportunity.  Here you will create a proposal.

– System concept development Now the fun begins. Your documentation should address the scope of concept., a cost-benefit analysis, feasibility study and a good risk management plan.

– Requirement analysis This phase covers user requirements and a functional requirements document.

– Design Here the detailed requirements are used to create a detailed design document that delivers the desired functionality.

– Development Here is where you use the information gathered to create a complete system. You will test the new system arduously creating databases, compiling programs and testing all aspects of functionality.

– Integration and test In this phase you demonstrate the system performance and adherence to requirements.

– Implementation Here you prepare the system for introduction to the production environment and resolve any issues.

– Operation and maintenance Here you describe the tasks necessary to keep the system running optimally.

– Disposition This phase describes the actions to be taken when a system is retired. Primarily data preservation is a key aspect here.

– Asset disposal All company assets should be tagged and logged for tracking. When a system is retired it is vital to remove and safely destroy any objects that can store data. Your local municipality can advise you in this area.

Safety procedures and policies

In all properly run corporations, safety is a top priority in the workplace. We’re not discussing paper cuts here but will look at some major factors you need to be aware of. The Occupational Safety and Health Administration (OSHA) oversees workplace safety from the federal level. They have established procedures for the use and disposal of hazardous material and other workplace guidelines. If your job includes a potential hazard you will be issued personal protective equipment (PPE). This can be a hard-hat, gloves and most importantly eye protection. There are other hazards in your space like cleaners, solvents and other potentially hazardous material. OSHA requires manufacturers to label products that are physically or environmentally hazardous. Like old faithful below.

Graphic of an OSHA Class 6 placard denoting is material, other than a gas, which is known to be so toxic to humans as to afford a hazard to health during transportation.
OSHA Class 6 placard with DOT approved graphic

Be aware of your surroundings at all times. Look out for things like wires that could trip someone. Assess the situations you find yourself in. For example, if you are asked to move something heavy try to determine its weight and center of gravity. Keep the object close to your body and lift with your legs. When lifting, do not strain, get help.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Well with Domain 3.5 you just concluded Main Domain 3.0, congratulations! We hope you enjoyed our free study guide for Network plus 3.5. See you in Main Domain 4.0!

Click here to go back to the Network+ 4.0 Table of Content


Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


Network Plus N10-007 Objective 3.4 – Dumps4shared

Network Plus N10-007 Objective 3.4

3.4 Given a scenario, use remote access methods.

Click here to go back to the table of content for Network+ Main Domain 3.0

Welcome to Exam Notes by Dumps4shared! In this edition, we will address topics covered in Network Plus N10-007 Objective 3.4 “Given a scenario, use remote access methods.” All remote access technology brings with it a certain amount of risk. Be aware of any risks before deploying any remote access software.

Click here for more info about our Exam Simulator for Network+ Exam N10-007


Virtual Private Networks (VPN) provide a secure, private, encrypted, host-to-host connection called a tunnel. The tunnel is established between a host and a network server in a client to site configuration or as a site to client tunnel.

Screenshot of VPN connection properties
VPN connection properties


Secure Sockets Handling (SSH) can be used to initiate console screens on routers, switches and other network devices for analysis or configuration. Consider the SSH key as a substitute for your username and password for authentication. The SSH protocol provides a secure cryptographic connection at both ends.


IPsec is a Layer 3 network protocol that can provide encryption, authentication and key management for every packet transmitted.


Many browser-based communications are protected using the SSL (Secure Socket Layer) TLS (Transport Layer Security (TLS). Your browser address bar will display. Look for this padlock in the address bar before entering any information.

Secure browser padlock

Remote file access

Basically FTP (File Transport Protocol) is used to transfer files between devices.

FTP/FTPS FTP uses either open unauthenticated connections or those that require credentials.

SFTP Is an extension of the SSH protocol that uses SSH to Secure FTP connections. Remember that FTPS and FTP Secure and not compatible with each other.

TFTP is the least secure of the FTP options. It provides fast file transfers on the local network but it is not suited to transfers across the public internet.


Microsoft’s implementation of the Remote Desktop Protocol (RDP) dates back to some of the OS’s earlier releases that provided a Terminal interface that required extensive knowledge of commands. Features were added to create more effective control with each release. It is now possible to view and control the host you are connected to. VNC (Virtual Network Computing) is the open-source version of this technology allowing vendors and manufacturers to modify the app as needed.


Remote users can still “remote in” to computers using the Telnet command. While this is fast and efficient it is not secure. It has largely been replaced by more secure transfer methods.

HTTPS/management URL

Our network devices once required individual command line configuration. Today’s devices often provide access to all settings through an SSL secured management URL.

Out-of-band management

In-band management requires that the program be installed on each device being configured. The device (s) being configured must be powered on limiting some of your options.

Out-of-band management provides the capability of managing your network from an external connection. Your connection can be initiated with a dial-up connection or a cable modem. A console router on the server side can centralize the management of these devices. Here is a look at the management console from a SOHO router.

Click here to go back to the table of content for Network+ Main Domain 3.0

Well, that’s all for objective 3.4 and main domain 3! See you in domain 4!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


Network Plus N10-007 Objective 3.3 – Dumps4shared

Network Plus N10-007 Objective 3.3

3.3 Explain common scanning, monitoring and patching processes and summarize their expected outputs.

Click here to go back to the table of content for Network+ Main Domain 3.0

Welcome to Exam Notes by Dumps4shared. In this edition, we will examine the topics in Network Plus N10-007 Objective 3.3 “Explain common scanning, monitoring, and patching processes and summarize their expected outputs.” Enjoy!

Click here for more info about our Exam Simulator for Network+ Exam N10-007



Log reviewing

Each time a device like a switch, router, firewall or the Webserver OS performs an action it records the activity in a log file. A good example is a honeypot log that reveals attacks and exploit attempts. That log file is viewable and stored in a central location using the syslog format. These files contain an enormous amount of information and require a lot of effort and concentration if they are being reviewed line by line. Fortunately, there is software available that allows you to view the information graphically. More on that later in SIEM. The important point here is that the logs be monitored and reviewed regularly.

Vulnerability scanning 

Our networks are continuously under attack. Vulnerability scans are used to detect potential network weaknesses without taking any action. Your network can be tested for vulnerabilities by your internal IT staff. You can also use an outside party to perform vulnerability tests. To attempt to exploit any vulnerabilities discovered, the penetration testing process uses the available tools and utilities to simulate an attack, attempt an exploit. and determine the scope of the vulnerability. Consider vulnerability scans as a non-invasive action versus the invasive nature of a penetration test scan. Remember that there are constant exploit attempts and more importantly the hackers are using the same tools against you. The topics that follow describe some of the methods of detection and defense.

Port scanning

Open network ports on a system are examined by port scanning. You can scan for devices and open ports from the command line using the Nmap utility. Nmap can provide the information about the operating systems and services running on hosts. Third-party utilities provide more features and use a GUI.

Screenshot of zenmap
zenmap is a free and open source GUI for nmap.


Penetration testing tools like Metasploit are highly effective penetration testing tools. Metasploit can perform external network analysis, build and remotely control exploits. It also maintains a database of compromised devices. Pen tests performed by authorized parties is known as Ethical hacking. Another popular pen test program is Nessus. Nessus performs tests to seek unauthorized access to sensitive information. This is an effective tool for full analysis using real-time vulnerability updates enabling your team to identify and mitigate threats as they occur.

The software and operating systems are continuously being probed for weaknesses. When one is found Patch management software can be used to provide additional protection. After applying a software patch, you should run a security baseline to check your current results against the latest stored baseline.

Reviewing baselines helps you track the impact of your changes and review them for problems.

If you apply a patch that degrades your performance or security that patch can be uninstalled (Rollback) to neutralize any negative effects caused by the patch.

Event management

All actions on your network are logged. The log files can be analyzed individually, or they can be displayed graphically in a SIEM (System Information and Event Management) program.

Notifications can be issued by the SIEM as an alert and sent to the IT staff for investigation. Our example demonstrates a vulnerability scan on an unpatched OS.

SIEM Monitor


When testing our performance metrics. The GUI output of SIEM and event management software provide real-time running graphical feedback on your operation. Your network can be tested for:

Error rate

The error rate is a metric that counts the packets that require retransmission. It is expressed as a percentage.


This metric displays the actual throughput versus the bandwidth available.

Packet drops

When a packet is dropped it must be retransmitted. This takes a toll on network performance that increases as long as the condition exists.

Click here to go back to the table of content for Network+ Main Domain 3.0

That’s all for objective 3.3! See you in 3.4!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


Network Plus N10-007 Objective 3.2 – Dumps4shared

Network Plus N10-007 Objective 3.2

3.2 Compare and contrast business continuity and disaster recovery concepts.

Click here to go back to the table of content for Network+ Main Domain 3.0

Welcome to Exam Notes by Dumps4shared. This edition covers Network Plus N10-007 Objective 3.2 “Compare and contrast business continuity and disaster recovery concepts.” You could be tested on any of the bolded terms. If you are unsure about any terms do further research.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Availability concepts

Fault tolerance plays a critical role in maintaining network availability. Simply put faults lead to failures and failures are not acceptable. Your goal is to have the highest network uptime. So here we will look at some of the practices that reduce faults and thereby minimize or circumvent failures.

Redundancy enables your network to remain up in the event of a failure. Redundancy takes several forms in this area. It could be a Battery backup/UPS on critical devices or even a power generator onsite to provide reliable power during an outage. Your UPS will protect your equipment against power anomalies like blackouts, brownouts, and surges. It also will provide clean power that is free from electrical noise or EMI.

Photo of UPS-Battery Backup
UPS-Battery Backup

Your server itself can have dual power supplies installed. The second power supply will take over if the primary one fails.

Within the server(s) you can use a Redundant Array of Independent disks (RAID) configuration. RAID can tolerate a disk failure and continue to operate normally. The failed disk can be replaced and automatically be restored without service interruption.

Everything fails or needs to be replaced, that’s a fact. Your inventory management software should include the date equipment was put in use. You should be aware of two factors that will help in planning preventative maintenance. You will define the time expectancies in the SLA (Service Level Agreement).

MTTF (Mean Time Between Failure) Is the predicted operational life of a device before it fails. This is based on manufacturer testing. This metric is quite useful as equipment nears the end of its life expectancy, you can plan replacements or upgrades.

MTTR (Mean Time To Repair) As the name implies this is the average time it will take to repair an outage condition. Your ISP will define these times in your SLA.

High availability (HA) is a term used to identify the uptime of a network. Availability is measured as an average percentage. Downtime is calculated and then rated. For example, a system that functions reliably nearly all the time may be rated as 99.999% which equates to about 5 minutes a year downtime or less than 30 seconds a month. Compare that to a network rated at 99% which will be down roughly 8 hours a month.

The availability is you require relative to your business needs and budget. Your SLA with customers is an important consideration here. The more 9’s your network supports the higher the equipment cost and technical support you will need. A four 9’s network will be down 8 seconds a day or less than an hour per year on average. A five 9’s network will average out to around .4 seconds a day.

An essential element of availability is to eliminate a single point of failure. Redundant circuits prevent a switch or firewall failure from bringing the network down.

On the devices NIC teaming allows you to configure two or more NICs in a Windows device and have it appear as a single logical interface. On Cisco devices, this method is called port aggregation. Whatever you call it performance is increased as this practice provides higher throughput, failover protection, and practical load balancing.

Screenshot of a NIC settings page.
NIC settings page.

In a case where you have a Webserver, you will need at least one identical server. Both servers can be configured as a cluster. The cluster will appear as a single device If it is online using a dedicated load balancer will intelligently distribute the traffic intelligently maximizing your performance in peak periods.


A good disaster recovery plan is essential to business continuity. The recovery option you use will depend on several factors like planning, cost, hardware, software and the level of employee involvement required. You will always deploy your recovery site in another location. This could be a different building or another geographic location. There are three types of recovery sites:

Cold Site – This site will contain all of the hardware and software necessary to restore operations. The devices are not configured or connected. You have the task of installing the OS(s) on the server(s) and configuring it. This is true for all routers and switches necessary, representing a considerable amount of time and effort. It is the least expensive option and takes the longest time to recover.

Warm site – A warm site can be brought online more quickly than a cold site. The warm site will contain all of the hardware and software. It will be updated regularly, but not necessarily often. The updates to the site may be monthly and any interim restoration will require recent data to be retrieved from backups. This is still quicker than a cold site restoration.

Hot site – The fastest recovery method is the hot site. This site has all of the hardware and connectivity is up to date and ready to be deployed. There is minimal downtime. Your servers can be configured to mirror data to these sites. This is the most expensive option.

Backups – When planning backups, you need to know what needs to be backed up and how often it should be backed up. We cover four backup types here:

Full backups back up everything each time it is performed.

Differential backups back up everything that has changed since the last full backup.

Incremental backups back up everything that has changed since the last backup.

Snapshots can’t replace the backup types outlined above. They are very useful for frequently used files. The snapshots are taken frequently, even while the files are being modified. Consider it as a frequent incremental backup.

Click here to go back to the table of content for Network+ Main Domain 3.0

That’s all for objective 3.2! You’re half-way through Main Domain 3.0. Good luck on the test!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


Network Plus N10-007 Objective 3.1 – Dumps4shared

Network Plus N10-007 Objective 3.1

3.1 Given a scenario, use appropriate documentation and diagrams to manage the network.

Click here to go back to the table of content for Network+ Main Domain 3.0

Welcome to ExamNotes for Network Plus N10-007 Objective 3.1. This installment deals with the required documentation you are expected to generate for optimal network management.

Standard operating procedures/work instructions

In order to function properly, every organization will have standard operating procedures and policy documentation governing all aspects of the operation. This documentation will vary from one organization to another in specifics, but will all cover the network configuration, special instructions and contact information of administrators and vendors.

Click here for more info about our Exam Simulator for Network+ Exam N10-007

There will also be detailed floor plans indicating the physical locations of all hardware covering everything from devices like switches, routers and Telco closets (IDF/MDF) to the water and power cutoffs. This information will also include the manufacturer, device type and asset tracking information.

Your instructions should be vetted by management to ensure that there are no negative events caused by your activity.

Change management documentation

There will always be changes to your network like hardware, installations, upgrades and software patches. In a well-structured environment, any moves adds or changes to the network will be documented. When any change is necessary you must be sure that anything you do is documented and that there is a fallback procedure to the “last known good” in the event of problems with the latest change.

Logical vs. physical diagrams

There are two ways to document your network topology. A logical diagram provides a broad illustration of the network configuration from a high level. The logical diagram will include the entire WAN layout as opposed to the routers and other devices involved. When more detail is required you will use a physical map. The physical map will show the components of your network and the connections used.

Logical Network Diagram

Diagram symbols

When working with either logical or physical diagrams there are standard network symbols that are used to identify the devices used on the network. These symbols allow you to demonstrate the network topology to a third party.  Cisco makes these symbols available for free. Depending on the mapping software you may see them colorized.

Here are a few:








Cell Phone


Rack diagrams

Every network connection from the wall jack to the IDF/MDF will be clearly labeled. Your routers, switches, and servers will be mounted in a rack in the IDF/MDF closet (room). The wiring and port location information for each connection will be labeled on the switch. The available space for this label is small and will usually be coded. The cables should be tagged with similar coded information containing the floor of the building, office or area where the destination jack is located. In addition to the coded tag, the cables may also be color-coded and barcoded based on their application. Here is an actual rack containing a router, switches and patch panels.

IDF/MDF documentation

In the rack diagram section above we described how the devices and cables are labeled. This labeling must be documented. The documentation enables technicians to quickly understand the cable purpose and the location it serves.

Network configuration and performance baselines

We have established the network configuration using logical and physical diagrams. An important method of analyzing your network’s performance is by using a performance baseline. Once established the baseline allows you to compare your current performance metrics like throughput and response time against those of the baseline. Baselines allow you to analyze your network’s performance against previous baselines. Your network will experience higher demand based on the time of day, day of the week or even longer periods. Knowing your network utilization will help you spot problems or plan for events that will increase demand.

Inventory management

Inventory management encompasses all the company’s assets. Inventory management software is used to keep track of the assets and their locations. From the demarc to the workstation each device (asset) should be recorded by the manufacturer, model number, date of acquisition and its location. This includes the CSU/ DSU, routers, switches, servers, and even cables. Many companies use asset tags with barcodes to identify the asset. RFID tags are prevalent in asset identification plans.

Click here to go back to the table of content for Network+ Main Domain 3.0

That’s all for objective 3.1! See you in 3.2!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps


Network Plus N10-007 Objective 2.5 – Dumps4shared

Network Plus N10-007 Objective 2.5

2.5 Compare and contrast WAN technologies.

Click here to go back to the table of content for Network+ Main Domain 2.0

Service type

The type of service you use to connect to the internet is classified next. The connection type determines your bandwidth and connection requirements.

Click here for more info about our Exam Simulator for Network+ Exam N10-007


A legacy network type is Dial-up networking it is the original copper-based analog method of connecting PCs using the Public Switched Telephone Network (PSTN). You may also see this called the Plain Old Telephone System (POTS), the terms are interchangeable and describe circuit-switched point to point connections between devices. Since the system was designed to handle voice (analog) communications, the PC to PC connection required modulation to convert the digital PC signal to analog for transmission. On the receiving end, the signal was demodulated back to digital. The device used for this modulation/demodulation is called a Modem. You can expect connection speeds up to 56kbps. You may still see modems on devices that send and receive Faxes. A standard Fax machine requires an analog connection and can not be used with a VoIP line. Here is a look at the dial-up internal PCI modem:

PCI Modem


Another legacy copper-based technology, ISDN uses the PSTN for its connections breaking the transmission into two channel types, the circuit-switched B channel which carried voice data and video, and the packet-switched D channel which carried connection information like initiation and termination, conference calling and caller ID. In its basic configuration, an ISDN connection supported two B channels and one D channel. This is known as the BRI (Basic Rate Interface). Multiple B channels are supported but only a single D channel. Of the two B channels provided in BRI, they can be combined to provide 128 kbps for data, when the telephone is used one of the B channels is allocated to carry the voice signal. In the configuration known as PRI (Primary Rate Interface) Up to 23 B channels of 64kbps each are supported with one 64kbp D channel. ISDN signals have a limited range before a repeater is needed.


DSL (Digital Subscriber Line) is another copper-based connection method capable of using the PSTN to support multiple voice and data channels. DSL can support multiple channels of voice and data at very high speeds. In a best-case scenario, it can be comparable to T1 or cable broadband connections. Your DSL throughput is dependent on your proximity to your telephone company’s Central Office (CO). The DSL signal suffers range limitations like ISDN. As a rule, the closer you are to the CO the greater your throughput. There are several varieties of DSL they are referred to collectively as xDSL with x being the variable. Here are the most common implementations:

ADSL (Asymmetric DSL)

This is the most common DSL implementation. It offers greater download speeds than the upload speed.

SDSL (Symmetric DSL)

Here the upload and download speeds are the same. Maxing out at roughly 2 Mbps in each direction.

VDSL (Variable DSL)

This will be your fastest DSL implementation. You may see it called “very high bit rate” DSL. This is an asymmetric method with upload speeds approaching 50-60 Mbps. This again is relative to the distance to your CO.

Cable broadband

Cable companies have been promoting internet services since the late 1990s. Cable broadband uses the coaxial copper wiring used to carry TV signals inserts a cable modem to use the available bandwidth for internet access. This is an asymmetrical connection that can support downloads of up to 10 Gbps with the latest modems. This is a viable competitor to fiber-optic internet service providers with even the cable companies using fiber-optic backbones to provide more throughput. This implementation is called HFC (hybrid fiber-coaxial). -An enviable cable broadband speed result is shown below.

Cable Broadband Speed Test

T1/T3 – E1/E3

In contrast to the technologies listed so far only the T-carrier, E-carrier in Europe, technology provides a high speed dedicated logical circuit that is used exclusively by the customer. Developed in the 1970s the T-carrier system offered businesses dedicated always available connectivity. To use the service the customer leases the lines according to their bandwidth needs. The cost of the service varies and is dependent on the distance between the provider and the subscriber and the subscriber’s line rate requirements. The T carrier system uses TDM (time-division multiplexing) to allow a single T1 circuit to carry 24 channels with a throughput of 64 Kbps each. A T3 circuit carries 28 channels at 64Kbps each.

In some cases, multiple T1 lines may be more cost efficient than a single T3. The chart below compares the primary U.S. And European service levels.

Network Channels Line Rate
T1 24 channels at 64 kbps each 1.544 Mbps
E1 32 channels at 64 kbps each 2.048 Mbps
T3 28 T1 circuits 672 channels 44.736 Mbps
E3 16 E1 circuits 512 channels 34.368 Mbps

T and E Carrier Comparison

OC-3 – OC-192

The SONET (Synchronous Optical Network) signaling technique uses fiber-optic cabling to provide fault tolerant high-bandwidth WAN connections. SONET uses multiplexing to combine multiple T1 lines. SONET became internationally deployable when the SDH (Synchronous Digital Hierarchy) was implemented. The synchronous data transmission depends on all devices conforming to the timing scheme maintained by a clock that can be checked by individual nodes. When measuring the data rates the OC (Optical Carrier) method is used.

SONET Line Rate
OC-3 155.52 Mbps
OC-12 622.08 Mbps
OC-48 2.49 Gbps
OC-192 9.95 Gbps

Optical Carrier Data Rates

Metropolitan Ethernet

You may also see Metropolitan Ethernet labeled Metro Ethernet. Both terms can be used to describe the technology used to ensure that cities and municipalities were able to communicate during emergencies that interrupted traditional Ethernet services. The Metro Ethernet has since evolved, through the use of the T-carrier system, into what we now call Carrier-Ethernet Transport (CET). CET establishes a virtual tunnel that uses a predetermined path. The Metro Ethernet has the advantages of familiarity for LAN technicians, cost savings using existing Ethernet hardware and scalability by nature of easily expandable Ethernet configurations.


Transmission mediums


There are close to 5,000 satellites currently orbiting the Earth! They serve various purposes from observation to GPS. Of particular interest to us are the nearly 800 communication satellites. The communication satellites make it possible for us to communicate with nearly every part of the globe delivering data, voice or video. This is made possible by placing the satellites in a geosynchronous orbit, meaning that when viewed from Earth the satellites appear to be stationary. Some communication satellites maintain a geosynchronous orbit above the equator and are called geostationary. This stationary technique allows accurate transmissions between the Earth and the other geosynchronous satellites. Satellite communication relies on line of sight transmission and is subject to physical obstructions like thick storm clouds, a condition known as rain fade. It also has higher latency than other WAN technologies since the signal is transmitted thousands of miles to the satellite then thousands of miles back down.


From the first telegraph line to today’s high-speed networks, copper cabling has been fundamental. While it is being displaced in WANs you will still find copper in last mile implementations like coaxial Broadband, DSL and the T1-T3 local loop. Ethernet and wired phone systems will also be copper. Copper is a low cost, low maintenance installation


Since fiber-optic cabling transmits light it offers very high-speed connections that can travel long distances. Fiber offers very high data rates and is the backbone of SONET.

Fiber-optic cabling is quickly challenging some of the traditional copper connections. You will see fiber to copper deployments. Some service providers are even offering fiber to premise installations that will bring the full features right to your home or office.


The best example of a wireless WAN is the cellular network. Today’s smart devices can access the internet, make calls and send data almost seamlessly. This is important to business travelers and field technicians who may not have alternative options. We say almost seamlessly because your connection quality is relative to your distance from the cell tower. Most cell tower coverage areas overlap and hand the signal off from one tower to another when you are in motion.

Characteristics of service


Multiprotocol Label Switching (MPLS) is a connection-oriented method that is used to route data between nodes on a network over the most efficient route. It allows Layer 3 protocols to operate at Layer 2 It allows packet-switched data to travel over circuit-switched connections. SONET and Metro Ethernet networks use MPLS. The first router to encounter MPLS traffic adds labels called a shim which is placed between Layer 2 and Layer 3 information. Next, a Layer 2 Protocol header is added.

Frame relay

A group of Layer 2 protocols were defined in the 1980s as frame relay, a fast packet-switched network for ISDN connections. Frame relay is connection-oriented. It can be used for virtual circuits. Frame relay data is separated into frames of variable length and are relayed from node to node without any processing. A PVC is established by routers and the frames are tagged with a DLCI (data-link connection identifier) to allow routers to quickly forward the packet without inspection.


Asynchronous Transfer Mode (ATM) is considered Layer 2 WAN technology. Its protocols can extend to Layers 1 and Layer 3. It can employ multiplexing techniques and network access. Since it is asynchronous it is not bound to the timing restrictions of SONET and can transmit data randomly as needed. ATM uses a fixed size 53-byte cell to transmit data. This cell consists of 48-bytes of data plus a 5-byte header and provides predictable efficient network communication. ATM uses virtual circuits using the optimal path determined before the transmission.


The Point-to-Point Protocol (PPP) directly connects two endpoints on a WAN. PPP uses headers and trailers to encapsulate packets into frames using 8 to 10 bytes of additional data. Along with establishing the connection, PPP supports authentication using protocols like EAP or MS-CHAPv2.


PPP over Ethernet (PPPoE) denotes the use of PPP on an Ethernet network.


To support both client-to-site and site-to-site on an enterprise-wide WAN the Dynamic Multipoint VPN (DMVPN) was developed. This technique allows VPN tunnels to be created dynamically on demand. This reduces the need for static site- to site tunnels.

SIP trunk

Where there is an existing broadband connection SIP (Session Initiation Protocol) trunking can use VoIP to create virtual circuits supporting multiple VoIP calls using all available bandwidth. SIP trunking is an economical alternative to the T1 PRI.


Demarcation point

It is important to know where the provider’s responsibilities end and the customer’s begins. This point is called the demarc (demarcation point). Today’s demarks will be a NID (Network Interface Device) or NIU (Network Interface Unit) placed on the outside of your building or directly inside the premise. The provider is responsible for the delivery of the signal to the demarc and its operation while the customer is responsible for the signal distribution from that point. This is a good place to start troubleshooting network issues.

Smart jack

Often you will find that the demarc device is a smart jack capable of monitoring the connection for data errors and reporting them to the carrier. The smart jack can also be checked by the technician by monitoring the status and activity LEDs.


The CSU (channel service unit) is usually a stand-alone device that is placed between the NID and the first internal router. It serves as a digital signal termination point and uses error correction and line monitoring to ensure data integrity. The DSU (data service unit), built-in with the CSU, converts the incoming frames from the T-carrier into Ethernet frames for the network. The process is reversed for transmissions. The evolution of these devices has made the CSU/DSU available as an add-on card in a router lowering cost and maintenance concerns.

Click here to go back to the table of content for Network+ Main Domain 2.0

That’s all for 2.5 and the 2.0 Domain. See you in Domain 3.0!

Click here for more info about our Exam Simulator for Network+ Exam N10-007

Pass Your IT Certification Exams With Free Real Exam Dumps and Questions

Full Version N10-007 Dumps