← Network+ Network Infrastructure

CompTIA Network+ Certification Study Guide

Key concepts, definitions, and exam tips organized by topic.

28 cards covered

Network+ Network Infrastructure Study Guide


Overview

This study guide covers the core components of network infrastructure as tested on the CompTIA Network+ exam. Topics include network devices and their OSI layer functions, physical and logical topologies, cabling standards, network design models, and VLAN/switching concepts. Mastering these fundamentals is essential for understanding how modern networks are built, segmented, and managed.


---


Network Devices


Summary

Network devices operate at specific OSI layers and perform distinct functions. Understanding which layer a device operates at and how it makes forwarding decisions is critical for both the exam and real-world troubleshooting.


Key Concepts


  • Layer 1 (Hub): Broadcasts all incoming data to every port — no intelligence. Creates a single collision domain.
  • Layer 2 (Switch): Forwards frames based on MAC addresses using a CAM table. Each port is its own collision domain.
  • Layer 3 (Router): Forwards packets between different networks using IP addresses and routing tables.
  • Multilayer Switch: Combines Layer 2 switching and Layer 3 routing in one device; used for inter-VLAN routing at high speed.
  • WAP (Wireless Access Point): Bridges 802.11 wireless signals to the wired Ethernet infrastructure.
  • Load Balancer: Distributes incoming traffic across multiple servers to prevent overload and improve availability.

    • How a CAM Table Works

    1. Frame arrives on a switch port.

    2. Switch records the source MAC address and port in the CAM table.

    3. Switch looks up the destination MAC address.

    4. If found: Forwards the frame only to that port.

    5. If not found: Floods the frame to all ports except the ingress port (unknown unicast flooding).


    Key Terms

  • CAM Table (MAC Address Table): Maps MAC addresses to switch ports for intelligent frame forwarding.
  • Unknown Unicast Flooding: Switch behavior when the destination MAC is not in the CAM table — frame is sent out all ports except the source port.
  • Collision Domain: A network segment where two devices can cause a collision if they transmit simultaneously.
  • Inter-VLAN Routing: The process of routing traffic between VLANs, performed by a router or multilayer switch.

    • Watch Out For

    > ⚠️ Hub vs. Switch confusion: Hubs are Layer 1 and create ONE collision domain for all ports. Switches are Layer 2 and give EACH port its own collision domain — this is a very common exam trick.


    > ⚠️ Switch vs. Router: Switches use MAC addresses (Layer 2); routers use IP addresses (Layer 3). A multilayer switch can do both — don't confuse it with a plain Layer 2 switch.


    > ⚠️ CAM table flooding is normal behavior for unknown destinations, but it is also exploited in MAC flooding attacks to force a switch to act like a hub.


    ---


    Network Topologies


    Summary

    Topology describes how network devices are connected. The exam distinguishes between physical topology (actual wiring) and logical topology (how data flows). Modern enterprise designs have evolved toward spine-and-leaf architectures for data centers.


    Physical vs. Logical Topology


    | Concept | Description |

    |---|---|

    | Physical Topology | The actual physical layout and cable runs |

    | Logical Topology | How data actually flows, regardless of physical layout |


    > Classic Example: Modern Ethernet LANs use a physical star (devices connect to a central switch) but function as a logical bus (all devices share the same broadcast domain).


    Topology Types


  • Star: All devices connect to a central device. Single cable failure = one device down. Central device failure = entire network down.
  • Mesh: Redundant paths between devices. High fault tolerance — if one link fails, traffic reroutes. Full mesh is expensive; partial mesh balances cost and redundancy.
  • Bus: All devices share a single cable (legacy; rarely used today).
  • Ring: Devices connect in a circular loop (legacy; token ring).

    • Spine-and-Leaf Architecture

  • • Modern data center design.
  • Leaf switches: Connect to end devices (servers, workstations); uplink only to spine switches.
  • Spine switches: Interconnect all leaf switches; carry traffic between leaves.
  • Key benefit: Any device can reach any other device in a maximum of two hops (leaf → spine → leaf).
  • • Provides predictable, low latency and easy horizontal scaling.

    • Key Terms

  • Star Topology: Central device connects all nodes; most common in modern LANs.
  • Mesh Topology: Multiple redundant paths between nodes; maximum fault tolerance.
  • Spine-and-Leaf: Scalable two-tier data center architecture with guaranteed two-hop paths.

    • Watch Out For

    > ⚠️ Physical star ≠ logical star. Most Ethernet networks are physical star but logical bus. Know both for any given scenario.


    > ⚠️ Spine-and-leaf vs. hierarchical model: Spine-and-leaf is a data center architecture. The three-tier hierarchical model (Access/Distribution/Core) is for campus/enterprise networks. Don't mix them up.


    ---


    Cabling and Physical Media


    Summary

    Physical media defines the maximum distance, speed, and interference characteristics of a network connection. The exam tests specific cable standards, distances, connector types, and cable ratings.


    Copper Cabling Standards


    | Standard | Cable Type | Max Distance |

    |---|---|---|

    | 1000BASE-T (Gigabit Ethernet) | Cat5e or higher UTP | 100 meters |

    | 100BASE-TX (Fast Ethernet) | Cat5 or higher UTP | 100 meters |

    | 10GBASE-T | Cat6a UTP | 100 meters |


    Fiber Optic Cabling


    | Feature | Single-Mode Fiber (SMF) | Multimode Fiber (MMF) |

    |---|---|---|

    | Core size | 8–10 microns | 50–62.5 microns |

    | Light paths | One (single beam) | Multiple (bouncing light) |

    | Distance | Up to 100km+ | Up to ~2km |

    | Cost | Higher | Lower |

    | Use case | Long-haul, WAN, campus backbone | Short distances, within buildings |


    Fiber Connectors

  • LC (Lucent Connector): Small form factor; most common in modern enterprise environments.
  • SC (Subscriber/Standard Connector): Larger, push-pull connector; common in older installations.
  • ST (Straight Tip): Bayonet-style connector; legacy installations.

    • Crosstalk Types


    | Type | Definition |

    |---|---|

    | NEXT (Near-End Crosstalk) | Interference at the transmitting end — strong signal bleeds into adjacent pairs |

    | FEXT (Far-End Crosstalk) | Interference measured at the far end of the cable |

    | ALIEN Crosstalk | Interference between adjacent cables (not pairs within the same cable) |


    Plenum vs. Non-Plenum Cable

  • Plenum-rated: Fire-retardant jacket, low-smoke/low-toxic fumes. Required in plenum spaces (above drop ceilings, below raised floors) per fire/building codes.
  • Riser-rated: Used in vertical runs between floors (not as stringent as plenum).
  • PVC (standard): Used in regular open spaces; not for plenum spaces.

    • Key Terms

  • Plenum Space: Air-handling area (above ceilings, below raised floors) requiring fire-safe cabling.
  • NEXT: Near-End Crosstalk — interference at the transmitting end.
  • SMF: Single-mode fiber — small core, long distances.
  • MMF: Multimode fiber — larger core, shorter distances.
  • LC Connector: Small form factor fiber connector dominant in modern enterprise networks.

    • Watch Out For

    > ⚠️ 100-meter rule: The 100m maximum applies to copper UTP Ethernet segments regardless of speed (100M, 1G, or 10G with Cat6a). This includes up to 90m of permanent link + 10m of patch cables.


    > ⚠️ SMF vs. MMF: SMF = smaller core = LONGER distance. Students often assume bigger core = longer distance. Think of it as: one focused beam (SMF) travels farther than multiple scattered beams (MMF).


    > ⚠️ Plenum vs. Riser: Plenum is required for horizontal air-handling spaces. Riser is for vertical runs between floors. Plenum cable CAN substitute for riser; riser cable CANNOT substitute for plenum.


    ---


    Network Design and Architecture


    Summary

    Network design follows structured models that separate functions into layers or zones. Understanding the three-tier hierarchical model, DMZ placement, segmentation benefits, and out-of-band management are all exam-tested concepts.


    Three-Tier Hierarchical Design Model


    ```

    [ Core Layer ] — High-speed backbone; connects distribution layers

    |

    [ Distribution Layer ] — Aggregates access traffic; enforces routing policies, ACLs, QoS

    |

    [ Access Layer ] — Connects end devices (PCs, phones, printers) to the network

    ```


    | Layer | Primary Function | Typical Devices |

    |---|---|---|

    | Core | Fast backbone transport | High-speed routers, multilayer switches |

    | Distribution | Policy enforcement, aggregation | Multilayer switches, routers |

    | Access | End-device connectivity | Layer 2 switches, WAPs |


    DMZ Architecture

  • DMZ (Demilitarized Zone): A network segment between the public internet and the private internal network.
  • • Hosts publicly accessible servers (web servers, email servers, DNS).
  • • Keeps public-facing services isolated from the internal LAN.
  • • Typically implemented with two firewalls (or a dual-homed firewall with three interfaces).

    • ```

    Internet → [Firewall 1] → [DMZ: Web/Email Servers] → [Firewall 2] → Internal LAN

    ```


    Network Segmentation

  • Definition: Dividing a network into smaller sub-networks or VLANs.
  • Security benefit: Limits lateral movement — if an attacker compromises one segment, they cannot freely access other segments.
  • Blast radius reduction: A breach is contained within the compromised segment.
  • Implementation: VLANs, subnets, firewall rules, ACLs.

    • Out-of-Band Management

  • Definition: A separate, dedicated network used exclusively to manage network devices.
  • Purpose: Allows administrators to access, configure, and troubleshoot devices even when the production network is down.
  • Examples: Dedicated management VLAN, console servers, IPMI/iDRAC interfaces.
  • In-band management (by contrast) uses the same network as production traffic — vulnerable if the network fails.

    • Key Terms

  • Access Layer: Connects end devices to the network.
  • Distribution Layer: Aggregates traffic and enforces policies.
  • Core Layer: High-speed backbone interconnecting distribution layers.
  • DMZ: Isolated network segment for public-facing servers.
  • Network Segmentation: Dividing a network to limit the scope of breaches and reduce broadcast domains.
  • Out-of-Band Management: Dedicated management network independent of the production network.

    • Watch Out For

    > ⚠️ Distribution layer responsibilities: This layer is commonly tested. It handles routing between VLANs, policy enforcement (ACLs), and traffic aggregation — not just "connecting to the core."


    > ⚠️ DMZ misconception: The DMZ does not protect the internet from your network. It protects your internal network from compromised DMZ servers. Servers in the DMZ should never have direct access to the internal LAN.


    ---


    VLANs and Switching Concepts


    Summary

    VLANs logically segment a physical network, and understanding how frames are tagged, how ports are configured, and how loops are prevented is essential for the Network+ exam. This is one of the highest-density topic areas on the exam.


    VLANs Fundamentals

  • VLAN (Virtual LAN): Logical grouping of devices on a switch regardless of physical location.
  • Problems solved:

    • - Reduces broadcast domain size (less broadcast overhead)

    - Improves security through segmentation

    - Enables logical grouping by department or function without physical recabling


    Access Ports vs. Trunk Ports


    | Feature | Access Port | Trunk Port |

    |---|---|---|

    | VLANs carried | Single VLAN | Multiple VLANs |

    | Frame tagging | Untagged | 802.1Q tagged |

    | Typical connection | End devices (PCs, printers) | Switch-to-switch, switch-to-router |


    802.1Q VLAN Tagging

  • 802.1Q: IEEE standard for VLAN tagging on trunk links.
  • • Inserts a 4-byte tag into the Ethernet frame header.
  • • Tag contains a 12-bit VLAN ID field → supports VLAN IDs 1–4094.
  • • The tag is added by the sending switch and removed by the receiving switch before delivery to end devices.

    • Native VLAN

  • • The VLAN that carries untagged traffic on an 802.1Q trunk port.
  • • Default native VLAN = VLAN 1.
  • Security risk: VLAN hopping attack exploits mismatched or default native VLANs to send traffic across VLAN boundaries without authorization.
  • Best practice: Change the native VLAN to an unused VLAN ID on all trunk ports.

    • Spanning Tree Protocol (STP)


    #### The Problem STP Solves

    Redundant links between switches create switching loops, causing:

  • Broadcast storms (broadcasts loop endlessly)
  • MAC address table instability
  • Network meltdown

    • #### STP Operation (802.1D)

    1. Elect a Root Bridge (switch with lowest Bridge ID).

    2. Each non-root switch finds its Root Port (best path to root bridge).

    3. Each network segment selects a Designated Port (best port for that segment).

    4. All remaining redundant ports are placed in Blocking state.


    #### STP vs. RSTP


    | Feature | STP (802.1D) | RSTP (802.1w) |

    |---|---|---|

    | Convergence time | Up to 50 seconds | ~1–6 seconds |

    | Method | Fixed timers | Active negotiation between switches |

    | Port states | 5 states | 3 states (Discarding, Learning, Forwarding) |


    Key Terms

  • VLAN: Logical network segment on a switch independent of physical location.
  • Access Port: Single-VLAN, untagged port for end devices.
  • Trunk Port: Multi-VLAN, 802.1Q-tagged port between network devices.
  • 802.1Q: IEEE VLAN tagging standard; 4-byte tag, 12-bit VLAN ID, supports 4094 VLANs.
  • Native VLAN: VLAN that carries untagged traffic on a trunk port; default is VLAN 1.
  • STP (802.1D): Spanning Tree Protocol; prevents switching loops by blocking redundant ports.
  • RSTP (802.1w): Rapid STP; faster convergence (~seconds) using active negotiation.
  • VLAN Hopping: Attack that exploits native VLAN mismatches to access unauthorized VLANs.
  • Broadcast Storm: Network failure caused by endlessly looping broadcast frames in a switched loop.

    • Watch Out For

    > ⚠️ Native VLAN = security risk. Any scenario involving VLAN 1 as native on a trunk port is a red flag. Best practice is to change it to an unused VLAN.


    > ⚠️ STP convergence time: STP (802.1D) can take up to 50 seconds to converge. RSTP (802.1w) converges in seconds. Know which is which — the exam will test this difference.


    > ⚠️ 4094 VLANs, not 4096: The 12-bit VLAN ID field theoretically allows 4096 values, but VLAN 0 and VLAN 4095 are reserved. **Usable VLANs = 1–4094

    📝

    Take a Practice Test

    Test yourself with multiple choice questions
    📇

    Study with Flashcards

    Flip through all 28 cards

    Want more study tools?

    Subscribe for $7.99/mo and turn your own notes into personalized flashcards and study guides.

    View Pricing