← CompTIA Network+ Networking Fundamentals

CompTIA Network+ Certification Study Guide

Key concepts, definitions, and exam tips organized by topic.

36 cards covered

CompTIA Network+ Networking Fundamentals Study Guide


Overview

This study guide covers the core networking fundamentals tested on the CompTIA Network+ exam, including the OSI model, network topologies, IP addressing, protocols, devices, and essential networking concepts. Mastery of these topics forms the backbone of the Network+ certification and real-world network administration. Use this guide alongside practice questions to reinforce understanding and identify knowledge gaps.


---


The OSI Model


Overview

The OSI (Open Systems Interconnection) model is a 7-layer conceptual framework that standardizes how network communication functions are divided and implemented. Every layer has a specific role and communicates only with the layers directly above and below it.


Layer-by-Layer Breakdown


| Layer | Number | PDU | Key Devices | Key Protocols |

|---|---|---|---|---|

| Physical | 1 | Bits | Hubs, Cables, Repeaters | Ethernet (physical) |

| Data Link | 2 | Frame | Switches, NICs | Ethernet (MAC), 802.1Q |

| Network | 3 | Packet | Routers | IP, ICMP, ARP |

| Transport | 4 | Segment | — | TCP, UDP |

| Session | 5 | Data | — | NetBIOS, RPC |

| Presentation | 6 | Data | — | SSL/TLS, JPEG, MPEG |

| Application | 7 | Data | — | HTTP, DNS, FTP, SMTP |


Key Concepts Per Layer


  • Layer 1 – Physical: Deals with raw bit transmission over physical media (cables, signals, voltages). No intelligence — just moves bits.
  • Layer 2 – Data Link: Organizes bits into frames, uses MAC addresses for local delivery, handles error detection via trailers (CRC). Managed switches operate here using 802.1Q VLAN tagging.
  • Layer 3 – Network: Routes packets between different networks using IP addresses. Routers operate at this layer.
  • Layer 4 – Transport: Provides end-to-end communication, error recovery, flow control, and segmentation. TCP = reliable; UDP = fast but unreliable.
  • Layer 5 – Session: Establishes, manages, and terminates communication sessions between applications. Handles checkpointing and session recovery.
  • Layer 6 – Presentation: Translates, encrypts, and compresses data. Acts as the network's translator between application and network formats.
  • Layer 7 – Application: The layer users and applications interact with directly (HTTP, DNS, FTP, etc.).

    • Mnemonic

    > "Please Do Not Throw Sausage Pizza Away" — Physical, Data Link, Network, Transport, Session, Presentation, Application (Layers 1→7)

    >

    > Reverse (top-down): "All People Seem To Need Data Processing"


    Key Terms

  • PDU (Protocol Data Unit): The name for data at each OSI layer (Bits → Frames → Packets → Segments → Data)
  • Encapsulation: The process of wrapping data with headers (and trailers) as it travels down the OSI model
  • De-encapsulation: The reverse process, stripping headers as data travels up the layers on the receiving end
  • MAC Address: A hardware address used at Layer 2 for local frame delivery
  • 802.1Q: The IEEE standard for VLAN tagging at Layer 2

    • Watch Out For ⚠️

  • • The Data Link layer PDU is a Frame — not a packet. Packets are Layer 3.
  • • Routers operate at Layer 3; standard (unmanaged) switches at Layer 2; hubs at Layer 1.
  • ARP is often listed as Layer 2/3 — it resolves Layer 3 IP addresses to Layer 2 MAC addresses. Know it belongs conceptually to Layer 3 in most exam contexts.
  • • TLS/SSL encryption happens at Layer 6 (Presentation), not Layer 4.
  • • A managed switch using VLANs operates at Layer 2; a Layer 3 switch can route between VLANs and operates at both Layers 2 and 3.

    • ---


    Network Topologies & Types


    Physical Topologies


    | Topology | Description | Pros | Cons |

    |---|---|---|---|

    | Bus | All devices share a single cable | Simple, cheap | Single point of failure; entire network fails if cable breaks |

    | Star | All devices connect to a central switch/hub | Easy troubleshooting; isolated failures | Switch = single point of failure |

    | Ring | Devices connected in a circular loop | Predictable performance | One break can disrupt the network |

    | Mesh | Devices interconnect directly with each other | Highly redundant | Expensive and complex |

    | Hybrid | Combination of two or more topologies | Flexible | Complex to manage |


    Mesh Topology Formula

    > Full mesh links = n(n-1)/2

    > - 4 nodes: 4(3)/2 = 6 links

    > - 6 nodes: 6(5)/2 = 15 links


    Network Types by Geographic Size


    | Type | Coverage Area | Example Use |

    |---|---|---|

    | PAN (Personal Area Network) | ~10 meters | Bluetooth headset, USB devices |

    | LAN (Local Area Network) | Building/campus | Office network |

    | MAN (Metropolitan Area Network) | City/campus region | ISP city-wide network |

    | WAN (Wide Area Network) | Country/global | The Internet |


    Key Terms

  • Star Topology: The most common modern wired Ethernet deployment — all nodes connect to a central switch
  • Bus Topology: Legacy topology; single shared medium; a cable break affects all devices
  • Full Mesh: Every node connects directly to every other node — maximum redundancy
  • Partial Mesh: Some nodes have redundant connections; balances cost and redundancy
  • PAN: Personal Area Network — Bluetooth and USB; range typically within 10 meters

    • Watch Out For ⚠️

  • • A hub-based star topology is still a single collision domain — only switches create per-port collision domains.
  • Bus topology failures are total network failures — a break anywhere takes everyone down.
  • • Don't confuse MAN with WAN — a MAN is city/campus-scale, typically owned by one org or ISP; a WAN spans much larger geographies.
  • • The mesh formula n(n-1)/2 only applies to full mesh — memorize this for exam calculations.

    • ---


    IP Addressing & Subnetting


    IPv4 Address Classes


    | Class | Range | Default Mask | Private Range (RFC 1918) |

    |---|---|---|---|

    | A | 1.0.0.0 – 126.255.255.255 | /8 (255.0.0.0) | 10.0.0.0 – 10.255.255.255 |

    | B | 128.0.0.0 – 191.255.255.255 | /16 (255.255.0.0) | 172.16.0.0 – 172.31.255.255 |

    | C | 192.0.0.0 – 223.255.255.255 | /24 (255.255.255.0) | 192.168.0.0 – 192.168.255.255 |

    | D | 224.0.0.0 – 239.255.255.255 | N/A | Multicast |

    | E | 240.0.0.0 – 255.255.255.255 | N/A | Experimental/Reserved |


    Special IPv4 Ranges


    | Range | Purpose |

    |---|---|

    | 127.0.0.0/8 | Loopback (localhost) |

    | 169.254.0.0/16 | APIPA (no DHCP available) |

    | 0.0.0.0 | Unspecified/default route |

    | 255.255.255.255 | Limited broadcast |


    Subnetting Quick Reference


    | CIDR | Subnet Mask | Total Addresses | Usable Hosts | Block Size |

    |---|---|---|---|---|

    | /24 | 255.255.255.0 | 256 | 254 | 256 |

    | /25 | 255.255.255.128 | 128 | 126 | 128 |

    | /26 | 255.255.255.192 | 64 | 62 | 64 |

    | /27 | 255.255.255.224 | 32 | 30 | 32 |

    | /28 | 255.255.255.240 | 16 | 14 | 16 |

    | /29 | 255.255.255.248 | 8 | 6 | 8 |

    | /30 | 255.255.255.252 | 4 | 2 | 4 |


    Usable Host Formula

    > Usable Hosts = 2^(host bits) – 2

    > - /28 has 4 host bits → 2^4 – 2 = 14 usable hosts


    Worked Example: 192.168.10.64/26

  • Block size: 64 (/26 = 2 bits borrowed, 64 addresses per block)
  • Network address: 192.168.10.64
  • Broadcast: 192.168.10.127
  • Usable hosts: 192.168.10.65 – 192.168.10.126
  • Total usable: 62 hosts

    • IPv6 Essentials


    | Feature | Detail |

    |---|---|

    | Address length | 128 bits (vs. IPv4's 32 bits) |

    | Address space | ~3.4 × 10^38 unique addresses |

    | Notation | 8 groups of 4 hex digits (hextets), separated by colons |

    | :: compression | Replaces one or more consecutive all-zero hextets; used only once per address |

    | Loopback | ::1 |

    | Link-local | fe80::/10 |


    Key Terms

  • CIDR (Classless Inter-Domain Routing): Notation using slash prefix length (e.g., /26) to define subnet masks
  • APIPA: Automatic Private IP Addressing — self-assigned 169.254.x.x when DHCP fails
  • RFC 1918: The standard defining private (non-routable) IPv4 address ranges
  • Subnet Mask: Defines the network vs. host portion of an IP address
  • Broadcast Address: The last address in a subnet — cannot be assigned to a host
  • Network Address: The first address in a subnet — identifies the subnet itself

    • Watch Out For ⚠️

  • 169.254.x.x on a device = DHCP failure — the device cannot reach a DHCP server.
  • 127.x.x.x is loopback — only 127.0.0.1 is commonly used, but the entire /8 is reserved.
  • • Always subtract 2 from total addresses for usable hosts (network + broadcast reserved).
  • 172.16.0.0 – 172.31.255.255 is the full Class B private range — not just 172.16.0.0/16.
  • • The :: in IPv6 can only appear once — placing it twice creates ambiguity.
  • IPv6 does not use broadcast — it uses multicast and anycast instead.

    • ---


    Protocols & Ports


    Critical Port Numbers to Memorize


    | Port | Protocol | Transport | Description |

    |---|---|---|---|

    | 20 | FTP Data | TCP | Active mode data transfer |

    | 21 | FTP Control | TCP | Commands and control |

    | 22 | SSH | TCP | Secure remote access |

    | 23 | Telnet | TCP | Unencrypted remote access |

    | 25 | SMTP | TCP | Server-to-server email relay |

    | 53 | DNS | UDP/TCP | Domain name resolution |

    | 67/68 | DHCP | UDP | IP address assignment |

    | 80 | HTTP | TCP | Unencrypted web traffic |

    | 110 | POP3 | TCP | Email retrieval |

    | 143 | IMAP | TCP | Email retrieval (synced) |

    | 161/162 | SNMP | UDP | Network device monitoring |

    | 389 | LDAP | TCP | Directory services |

    | 443 | HTTPS | TCP | Encrypted web traffic (TLS) |

    | 465 | SMTPS | TCP | SMTP over SSL |

    | 587 | SMTP Submission | TCP | Authenticated client email |

    | 3389 | RDP | TCP | Remote Desktop Protocol |


    TCP vs. UDP Comparison


    | Feature | TCP | UDP |

    |---|---|---|

    | Connection | Connection-oriented (3-way handshake) | Connectionless |

    | Reliability | Guaranteed delivery, ordering, error-checking | No guarantees |

    | Speed | Slower (overhead) | Faster (low overhead) |

    | Use Cases | HTTP, FTP, SSH, SMTP | DNS, DHCP, VoIP, streaming |


    TCP Three-Way Handshake

    > SYN → SYN-ACK → ACK

    > 1. Client sends SYN (synchronize)

    > 2. Server responds with SYN-ACK

    > 3. Client sends ACK — connection established


    DNS Behavior

  • • Uses UDP port 53 for standard queries (lightweight, fast)
  • • Switches to TCP port 53 for:

    • - Zone transfers between DNS servers

    - Responses exceeding 512 bytes


    Key Terms

  • TCP (Transmission Control Protocol): Reliable, ordered, connection-oriented transport protocol
  • UDP (User Datagram Protocol): Fast, connectionless transport protocol — no delivery guarantee
  • SMTP: Simple Mail Transfer Protocol — sends/relays email (port 25, 587, 465)
  • ICMP: Internet Control Message Protocol — used for diagnostics (ping uses ICMP Echo Request/Reply)
  • TLS (Transport Layer Security): Cryptographic protocol securing HTTPS (port 443), SMTPS, etc.
  • FTP: File Transfer Protocol — port 21 (control), port 20 (active data)

    • Watch Out For ⚠️

  • DNS uses both UDP and TCP — UDP for queries, TCP for zone transfers. Know both.
  • FTP has two ports: 21 (control/commands) and 20 (active data). In passive mode, a dynamic high port is used for data — not port 20.
  • SMTP port 25 = server-to-server relay; Port 587 = client-to-server authenticated submission.
  • Ping uses ICMP — not TCP or UDP. ICMP has no port number.
  • HTTPS = HTTP + TLS — TLS operates at the Presentation layer (Layer 6), not Transport.
  • • Do not confuse POP3 (110) and IMAP (143) — IMAP keeps email on the server (synchronized across devices); POP3 downloads and typically deletes from server.

    • ---


    Networking Devices & Media


    Device Comparison


    | Device | OSI Layer | Key Function |

    |---|---|---|

    | Hub | Layer 1 | Broadcasts all traffic to all ports; single collision domain |

    | Switch | Layer 2 | Forwards frames by MAC address; separate collision domain per port |

    | Router | Layer 3 | Routes packets between networks using IP addresses |

    | Layer 3 Switch | Layers 2 & 3 | Switches at Layer 2, routes between VLANs at Layer 3 |

    | Proxy Server | Layer 7 | Intermediary for client requests; caching, filtering, anonymity |

    | Load Balancer | Layer 4/7 | Distributes traffic across multiple servers for redundancy |

    | Firewall | Layers 3–7 | Filters traffic based on rules; enforces security policies |


    Collision Domains vs. Broadcast Domains


    | Device | Collision Domains | Broadcast Domains |

    |---|---|---|

    | Hub | 1 (all ports share) | 1 |

    | Switch | 1 per port | 1 (unless VLANs used) |

    | Router |

    📝

    Take a Practice Test

    Test yourself with multiple choice questions
    📇

    Study with Flashcards

    Flip through all 36 cards

    Want more study tools?

    Subscribe for $7.99/mo and turn your own notes into personalized flashcards and study guides.

    View Pricing