Overview
This study guide covers the core networking concepts tested on the CompTIA A+ exam, including IP addressing, protocols, hardware, wireless standards, and troubleshooting tools. Mastering these fundamentals is essential for both the exam and real-world IT support roles. Use this guide alongside hands-on practice to reinforce each concept.
---
IP Addressing & Subnetting
Summary
IP addressing is the foundation of network communication. You must understand the difference between IPv4 and IPv6, public vs. private ranges, and how subnetting divides networks into manageable segments.
Key Concepts
#### IPv4 Address Classes & Private Ranges
| Class | Private Range | Default Subnet Mask | Hosts per Network |
|-------|--------------|--------------------|--------------------|
| A | 10.0.0.0 – 10.255.255.255 | 255.0.0.0 | ~16 million |
| B | 172.16.0.0 – 172.31.255.255 | 255.255.0.0 | ~65,000 |
| C | 192.168.0.0 – 192.168.255.255 | 255.255.255.0 | 254 |
#### CIDR Notation
• /24 = 255.255.255.0 (first 24 bits are the network portion)
• The remaining bits define the host portion
• More bits in the network portion = smaller network, fewer hosts
#### IPv6
• 128-bit addresses written as eight groups of four hexadecimal digits separated by colons
• Example: `2001:0db8:85a3:0000:0000:8a2e:0370:7334`
• Consecutive groups of zeros can be collapsed using `::`
#### Special Address Ranges
• APIPA: `169.254.0.1 – 169.254.255.254` — self-assigned when no DHCP server is reachable
• Loopback: `127.0.0.1` — used to test the local network stack
• Public IPs: Assigned by ISPs, routable on the internet
• Private IPs: Used internally, not routable on the public internet
Key Terms
• Subnet Mask — Determines which portion of an IP address is the network vs. host
• CIDR (Classless Inter-Domain Routing) — Flexible subnetting method using slash notation
• APIPA (Automatic Private IP Addressing) — Self-assigned fallback address when DHCP fails
• IPv4 — 32-bit addressing scheme supporting ~4.3 billion addresses
• IPv6 — 128-bit addressing scheme designed to replace IPv4
⚠️ Watch Out For
• APIPA as a symptom: If a device shows a `169.254.x.x` address, it means DHCP failed — check the DHCP server, network cable, or Wi-Fi connection first
• 254 usable hosts, not 256: A /24 network reserves one address for the network ID and one for broadcast
• Private ≠ Secure: Private IPs prevent direct internet routing but do not inherently provide security
• IPv6 compression rules: Only one `::` can appear in an IPv6 address
---
Network Protocols & Ports
Summary
Protocols define the rules for communication across a network. Memorizing port numbers and their associated protocols is a high-frequency exam topic and critical for real-world firewall and troubleshooting tasks.
Essential Port Numbers Table
| Port | Protocol | Description |
|------|----------|-------------|
| 22 | SSH / SFTP | Encrypted remote access and secure file transfer |
| 25 | SMTP | Sending/relaying outgoing email |
| 53 | DNS | Domain name resolution (UDP/TCP) |
| 67 | DHCP (Server) | Server listens for client requests |
| 68 | DHCP (Client) | Client receives IP configuration |
| 80 | HTTP | Unencrypted web traffic |
| 443 | HTTPS | Encrypted web traffic (TLS/SSL) |
| 3389 | RDP | Windows remote desktop access |
TCP vs. UDP Comparison
| Feature | TCP | UDP |
|---------|-----|-----|
| Connection | Connection-oriented | Connectionless |
| Reliability | Guaranteed delivery | No guaranteed delivery |
| Order | Ordered packets | No ordering |
| Speed | Slower (overhead) | Faster (low overhead) |
| Use Cases | Web, email, file transfer | DNS, streaming, VoIP |
Protocol Details
#### DHCP
• Automatically assigns IP address, subnet mask, default gateway, and DNS server
• Process: DORA — Discover → Offer → Request → Acknowledge
• Server listens on UDP 67, client sends from UDP 68
#### DNS
• Translates human-readable domain names (e.g., `google.com`) into IP addresses
• Primarily uses UDP 53; switches to TCP 53 for large responses or zone transfers
#### HTTPS & SSH
• HTTPS (port 443) wraps HTTP in TLS/SSL encryption
• SSH (port 22) provides encrypted terminal access; SFTP uses SSH as its transport
Key Terms
• TCP (Transmission Control Protocol) — Reliable, connection-oriented transport protocol
• UDP (User Datagram Protocol) — Fast, connectionless transport protocol
• SMTP (Simple Mail Transfer Protocol) — Protocol for sending email between servers
• RDP (Remote Desktop Protocol) — Microsoft protocol for remote GUI access
• TLS/SSL — Encryption protocols used by HTTPS
⚠️ Watch Out For
• DNS uses both UDP and TCP: Default is UDP 53; TCP 53 is used for zone transfers and large queries
• SMTP sends, it doesn't receive: Receiving email uses IMAP (143/993) or POP3 (110/995)
• SSH ≠ Telnet: Telnet (port 23) is unencrypted — SSH is always preferred
• RDP port is a security target: Changing the default port 3389 is a common hardening practice
---
Network Hardware & Devices
Summary
Understanding how network devices function and interact is essential for designing, managing, and troubleshooting networks. Each device operates at a specific OSI layer and serves a distinct purpose.
OSI Layer Reference for Devices
| Device | OSI Layer | Addressing Used |
|--------|-----------|----------------|
| Hub | Layer 1 (Physical) | None — broadcasts all |
| Switch | Layer 2 (Data Link) | MAC Addresses |
| Router | Layer 3 (Network) | IP Addresses |
| Wireless AP | Layer 2 (Data Link) | MAC Addresses |
Device Deep Dives
#### Switch vs. Hub
• Hub: Broadcasts data to all ports — creates collisions and excess traffic; largely obsolete
• Switch: Forwards data only to the intended port using its MAC address table; far more efficient
#### Router
• Connects different networks together (e.g., your LAN to the internet)
• Makes forwarding decisions based on IP addresses
• Maintains a routing table to determine the best path for packets
#### VLAN (Virtual Local Area Network)
• Logically segments a physical network into separate broadcast domains
• Devices in different VLANs cannot communicate without a Layer 3 router or Layer 3 switch
• Primary purposes: security, traffic management, and organizational separation
#### PoE (Power over Ethernet)
• Delivers both data and electrical power through a single Ethernet cable
• Common uses: IP cameras, VoIP phones, wireless access points
• PoE standard: IEEE 802.3af (15.4W); 802.3at (PoE+, 30W)
#### Patch Panel
• Passive device that organizes cable runs from wall jacks to network switches
• Makes moves, additions, and changes (MACs) easy without disturbing permanent wiring
• Does not actively process network data
#### Wireless Repeater / Range Extender
• Rebroadcasts an existing Wi-Fi signal to extend coverage
• Note: Can reduce throughput by half since it operates on the same channel as the source
Key Terms
• MAC Address — Hardware address burned into a NIC, used at Layer 2
• Broadcast Domain — Network area where broadcasts are forwarded to all devices
• VLAN — Logical network segment on a physical switch
• PoE — Technology to power devices via Ethernet cable
• Patch Panel — Passive cable management and organization device
⚠️ Watch Out For
• Switches ≠ Routers: Switches use MAC addresses (Layer 2); Routers use IP addresses (Layer 3)
• VLANs require routing to communicate: Inter-VLAN traffic must pass through a router or Layer 3 switch
• Hubs create collision domains: Every port on a hub shares the same collision domain; switches eliminate this
• PoE budget: A PoE switch has a total power budget — too many powered devices can exceed it
---
Wireless Networking
Summary
Wi-Fi standards, frequency bands, and security protocols are heavily tested on the A+ exam. Understanding the trade-offs between standards and bands helps with both troubleshooting and network design.
Wi-Fi Standards Comparison
| Standard | Wi-Fi Name | Frequency | Max Throughput |
|----------|-----------|-----------|----------------|
| 802.11b | — | 2.4 GHz | 11 Mbps |
| 802.11g | — | 2.4 GHz | 54 Mbps |
| 802.11n | Wi-Fi 4 | 2.4 & 5 GHz | 600 Mbps |
| 802.11ac | Wi-Fi 5 | 5 GHz | ~3.5 Gbps |
| 802.11ax | Wi-Fi 6 | 2.4 & 5 GHz | ~9.6 Gbps |
Frequency Band Trade-offs
| Feature | 2.4 GHz | 5 GHz |
|---------|---------|-------|
| Range | Longer | Shorter |
| Speed | Slower | Faster |
| Interference | More (crowded) | Less |
| Wall penetration | Better | Worse |
Wireless Security Protocols
| Protocol | Status | Encryption |
|----------|--------|-----------|
| WEP | Broken — do not use | RC4 (weak) |
| WPA | Deprecated | TKIP |
| WPA2 | Minimum standard | AES (strong) |
| WPA3 | Recommended | AES + SAE |
Key Concepts
#### SSID vs. BSSID
• SSID (Service Set Identifier): Human-readable name of the wireless network (e.g., "HomeNetwork")
• BSSID (Basic Service Set Identifier): The MAC address of the specific access point radio; uniquely identifies that AP
#### Channel Bonding
• Combines two or more adjacent channels to increase bandwidth
• 802.11n: Bonds two 20 MHz channels into a 40 MHz channel
• 802.11ac/Wi-Fi 5: Supports up to 160 MHz channel width
• Trade-off: Wider channels increase throughput but increase interference potential
Key Terms
• SSID — Human-readable wireless network name
• BSSID — MAC address of the specific access point
• WPA2 — Current minimum wireless security standard using AES encryption
• Channel Bonding — Combining channels to increase throughput
• 5 GHz — Higher-speed, shorter-range wireless frequency band
• 2.4 GHz — Longer-range but more congested wireless frequency band
⚠️ Watch Out For
• WEP is completely broken: It should never be used — if you see it on an exam scenario, it's the wrong choice
• 802.11ac is 5 GHz only: Unlike 802.11n, it does not support 2.4 GHz
• More channels ≠ always better: Wider channel bonding increases interference risk in dense environments
• Theoretical vs. real-world speeds: Maximum throughput numbers are theoretical; real-world speeds are always lower
---
Network Troubleshooting & Tools
Summary
The A+ exam heavily emphasizes a systematic troubleshooting methodology. Knowing which command-line tool to use and what its output means is essential for diagnosing and resolving network issues efficiently.
Essential Command-Line Tools
| Command | Purpose | OS |
|---------|---------|-----|
| `ping` | Test basic connectivity (ICMP) | Windows/Linux/Mac |
| `tracert` / `traceroute` | Show packet path and hops | Windows / Linux-Mac |
| `ipconfig` | Display/manage IP configuration | Windows |
| `ifconfig` / `ip` | Display/manage IP configuration | Linux/Mac |
| `netstat` | Show active connections and ports | Windows/Linux |
| `nslookup` | Query DNS for name resolution | Windows/Linux |
| `ipconfig /flushdns` | Clear local DNS cache | Windows |
| `ipconfig /release` | Release DHCP-assigned IP | Windows |
| `ipconfig /renew` | Request new IP from DHCP | Windows |
Command Details
#### `ping`
• Sends ICMP echo request packets to a target
• Confirms basic connectivity and measures round-trip time (RTT)
• A failed ping could mean: host is down, firewall blocking ICMP, or wrong IP
#### `tracert` / `traceroute`
• Maps the path packets take from source to destination
• Lists each router hop along the route with response times
• Useful for identifying where a connection fails along the path
#### `ipconfig` Commands Workflow
```
ipconfig /release → Drop current DHCP lease
ipconfig /flushdns → Clear stale DNS cache entries
ipconfig /renew → Request fresh IP from DHCP server
```
#### `netstat`
• Displays active TCP/UDP connections and their states
• Shows listening ports to identify what services are running
• Useful for spotting unauthorized connections or port conflicts
#### `nslookup`
• Queries a DNS server to resolve domain names to IP addresses
• Useful for verifying DNS is functioning correctly
• Can specify alternative DNS servers to test
Physical Troubleshooting Tools
| Tool | Purpose |
|------|---------|
| Cable Tester | Verifies continuity and proper wiring of network cables |
| Tone Generator & Probe | Identifies and traces cable runs through walls |
| Loopback Plug | Tests NIC and port functionality |
| Wi-Fi Analyzer | Identifies wireless channels, signal strength, and interference |
Troubleshooting Methodology (CompTIA A+ Steps)
1. Identify the problem — Gather information from user
2. Establish a theory — Consider probable causes
3. Test the theory — Confirm or eliminate causes
4. Establish a plan — Determine repair steps
5. Implement the solution — Make changes
6. Verify functionality — Confirm problem is resolved
7. Document findings — Record the issue and solution
Key Terms
• ICMP (Internet Control Message Protocol) — Protocol used by ping and tracert
• DNS Cache — Local store of recently resolved domain names
• Latency — Delay in network communication, measured in milliseconds by ping
• Hop — Each router a packet passes through on its way to a destination
• Cable Tester — Tool used to verify proper cable wiring and continuity
⚠️ Watch Out For
• Ping success ≠ full connectivity: A device can respond to ping but still have a firewall blocking other ports
• DNS cache can cause stale results: If a site moved servers and you can't reach it, try `ipconfig /flushdns`
• `ipconfig /renew` won't work if `/release` wasn't run first in some scenarios — use both sequentially
• tracert shows asterisks (\*): Some routers block ICMP — this doesn't always mean the path is broken
• netstat port states matter: `LISTENING` = waiting for connections; `ESTABLISHED` = active connection; `TIME_WAIT` = closing
---
Quick Review Checklist
Use this checklist before your exam to confirm you've mastered each topic:
IP Addressing & Subnetting