Networking Essential 6th Edtion

NETWORKING ESSENTIALS:
SIXTH EDITION
A COMPTIA NETWORK+ N10-008
TEXTBOOK
INSTRUCTOR EDITION
JEFFREY S. BEASLEY AND PIYASAT NILKAEW
A01_Beasley_FM_pi-xxxi_new.indd 1 24/09/21 7:32 PM

Networking Essentials: Sixth Edition EDITOR-IN-CHIEF
Mark Taber
Instructor Edition DIRECTOR, ITP PRODUCT

MANAGEMENT
Copyright © 2022 by Pearson Education, Inc. Brett Bartow
All rights reserved. This publication is protected by copyright, and permission must be DEVELOPMENT EDITOR
obtained from the publisher prior to any prohibited reproduction, storage in a retrieval Marianne Bartow
system, or transmission in any form or by any means, electronic, mechanical, photo-
copying, recording, or likewise. For information regarding permissions, request forms, MANAGING EDITOR
and the appropriate contacts within the Pearson Education Global Rights & Permissions Sandra Schroeder
Department, please visit www.pearson.com/permissions.
PROJECT EDITOR
No patent liability is assumed with respect to the use of the information contained herein. Mandie Frank
Although every precaution has been taken in the preparation of this book, the publisher
COPY EDITOR
and author assume no responsibility for errors or omissions. Nor is any liability assumed
Kitty Wilson
for damages resulting from the use of the information contained herein.
ISBN-13: 978-0-13-745582-9 INDEXER
Ken Johnson
ISBN-10: 0-13-745582-8
Library of Congress Control Number: 2021913557 PROOFREADER
Abigail Manheim
ScoutAutomatedPrintCode
TECHNICAL EDITOR
Chris Crayton
Trademarks
All terms mentioned in this book that are known to be trademarks or service marks have PEER REVIEWERS
been appropriately capitalized. Pearson IT Certification cannot attest to the accuracy of DeAnnia Clements
this information. Use of a term in this book should not be regarded as affecting the validity Osman Guzide
of any trademark or service mark. Gene Carwile
Dr. Theodor Richardson
Warning and Disclaimer PUBLISHING COORDINATOR
Every effort has been made to make this book as complete and as accurate as possible, Cindy Teeters
but no warranty or fitness is implied. The information provided is on an “as is” basis. The
authors and the publisher shall have neither liability nor responsibility to any person or DESIGNER
entity with respect to any loss or damages arising from the information contained in this Chuti Prasertsith
book.
COMPOSITOR
codeMantra
Special Sales
For information about buying this title in bulk quantities, or for special sales opportunities
(which may include electronic versions; custom cover designs; and content particular to
your business, training goals, marketing focus, or branding interests), please contact our
corporate sales department at corpsales@pearsoned.com or (800) 382-3419.
For government sales inquiries, please contact governmentsales@pearsoned.com.
For questions about sales outside the U.S., please contact intlcs@pearson.com.
ii

CREDITS
Figure 1-8 Screenshot of The command prompt in Windows 10 © Microsoft 2020
Figure 1-9 Screenshot of A typical text screen result when entering the ipconfig /all command in the command window.
© Microsoft 2020
Figure 1-15 courtesy for Linksys
Figure 1-18 courtesy Zoom Telephonics, Inc.
Figure 1-19 courtesy for Linksys
Figure 1-27 Screenshot of (a) An example of displaying the IP address for computer 1 using the ipconfig command in Windows
and (b) an example of the displayed IP address in macOS for the built-in Ethernet connection © Microsoft 2020
Figure 2-34 Screenshot of DTX-1800 certification report: Failure due to a termination problem. ©Fluke Corporation
Figure 2-35 Screenshot of DTX-1800 certification report: Failure due to excessive insertion loss. ©Fluke Corporation
Figure 2-36 Screenshot of The certification report for Test 1, showing that a short jumper cable passes the CAT5e link test.
©Fluke Corporation
Figure 2-37 Screenshot of The results for Test 2, showing that the cable failed the CAT5e link test. ©Fluke Corporation
Figure 2-38 Screenshot of The Test 3 CAT5e link test, showing failures with attenuation. ©Fluke Corporation
Figure 2-39 Screenshot of A CAT5e link test, showing failures with delay skew (Test 4). ©Fluke Corporation
Unnumbered
Figure 2-1 Screenshot of Answer the following questions related to the certification report shown here. ©Fluke Corporation
Unnumbered
Figure 2-2 Screenshot of Answer the following questions related to the certification report shown here. ©Fluke Corporation
Unnumbered
Figure 2-3 Screenshot of Answer the following questions related to the certification report shown here - OMNI Scanner. ©Fluke
Corporation
Figure 4-7 Screenshot of An example of the information displayed when an association is formed between a client and an access
point. © Microsoft 2020
Figure 4-8 Screenshot of An example of a lost association. © Microsoft 2020
Figure 4-18 Screenshot of The window for configuring Bluetooth settings on a Mac. © 2020 Apple Inc
Figure 4-19 Screenshot of The Mac window showing the settings for a file transfer. © 2020 Apple Inc
Figure 4-20 Screenshot of The Mac window showing that a text file is coming in from another Bluetooth device.
© 2020 Apple Inc
Figure 4-28 Screenshot of The excellent signal quality measured for the multipoint distribution. © Microsoft 2020
Figure 4-29 Screenshot of The poor signal quality measured at the remote site near the lake. © Microsoft 2020
Figure 5-7 Screenshot of The data traffic captured by computer 2 for the LAN using a hub. © Microsoft 2020
Figure 5-8 Screenshot of The data traffic captured by computer 2 for the LAN using a switch. © Microsoft 2020
Figure 5-9 Screenshot of The startup menu of a Cisco Catalyst switch in the CNA software. © Microsoft 2020
Figure 5-10 Screenshot of The highlighted ports showing the current connections and the location of the stacked switches icon.
© Microsoft 2020
Figure 5-11 Screenshot of The window listing the MAC addresses currently connected to a switch. © Microsoft 2020
Figure 5-13 Screenshot of Configuring an IP address on an interface. © Microsoft 2020
Figure 5-19 Screenshot of Putty configuration © 1997-2020 Simon Tatham
Figure 5-20 Screenshot of The HyperTerminal Connect To dialog © 1997-2020 Simon Tatham
Figure 5-21 Screenshot of The Properties dialogs for configuring the serial port connection PuTTY © 1997-2020 Simon Tatham
Figure 5-23 Screenshot of The macOS dialog for configuring the settings for the serial interface. © 2020 Apple Inc
Figure 5-24 Screenshot of The macOS dialog for setting the serial port to PL2303-000. © 2020 Apple Inc
Figure 5-25 Screenshot of The macOS window listing the serial communication link settings. © 2020 Apple Inc
Figure 6-6 Screenshot of An example of the three packets exchanged in the initial TCP handshake. © Microsoft 2020
Figure 6-8 Screenshot of An example of the four-packet TCP connection termination. © Microsoft 2020
Figure 6-10 Screenshot of An example of a UDP packet transfer. © Microsoft 2020
Figure 6-12 Screenshot of Captured packets showing the (a) ARP request and the (b) ARP reply. © Microsoft 2020
Figure 6-13 Screenshot of The details of the ARP broadcast packet. © Microsoft 2020
Figure 6-14 Screenshot of An example of the use of hex numbers in data packets. © Microsoft 2020
Figure 7-3 Screenshot of The TCP/IP dialog for setting the default gateway address for computer A1. © Microsoft 2020
Figure 7-6 Screenshot of The Net-Challenge screen. © Microsoft 2020
Figure 7-7 Screenshot of The check box window for the Net-Challenge software User EXEC Mode challenge.
© Microsoft 2020
iii

Figure 7-8 Screenshot of The display for step 6, using the show command. © Microsoft 2020
Figure 7-11 Screenshot of The network topology for Net-Challenge. The arrows indicate where to click to display the router IP address
configurations. © Microsoft 2020
Figure 7-14 Screenshot of An example of the port management options available with a Cisco switch: (a) Speed auto-negotiation option;
(b) Duplex auto option. © Microsoft 2020
Figure 9-1a Screenshot of Setting the default gateway address or default static route on a host computer (PC). © Microsoft 2020
Figure 9-1b Screenshot of Setting the default gateway address or default static route on a host computer (macOS). © Microsoft 2020
FIG10-4 Screenshot of Captured DHCP packets. © Microsoft 2020
FIG10-9 Screenshot of An example of using an SNMP software management tool to obtain descriptions of a router’s
interfaces using the MIB ifDescr. © Microsoft 2020
FIG10-11 Screenshot of Using an SNMP software management tool to obtain interface speed settings. © Microsoft 2020
FIG10-12 Screenshot of An example of using SNMP to collect data traffic statistics. © Microsoft 2020
FIG10-23 Screenshot of Initializing Wireshark to capture data packets from a network. © Microsoft 2020
FIG10-24 Screenshot of Starting a capture. © Microsoft 2020
FIG10-25 Screenshot of The captured packets showing the ping from computer 1 to computer 2. © Microsoft 2020
FIG10-26 Screenshot of Computer 2 replying to computer 1 with its MAC address. © Microsoft 2020
FIG10-27 Screenshot of Computer 1 is sending an echo request to computer 2. © Microsoft 2020
FIG10-28 Screenshot of The echo reply received by computer 1. © Microsoft 2020
FIG10-30 Screenshot of (a) The beginning of the FTP data packet transfer and the request for an ASCII data transfer by the client.
(b) The FTP data packet transfer and the closing of the FTP transfer. © Microsoft 2020
FIG10-31 Screenshot of Figure for problems 64–68. © Microsoft 2020
FIG11-9 Screenshot of Windows Firewall in Windows 10. © Microsoft 2020
FIG11-10 Screenshot of Windows 10 Firewall status. © Microsoft 2020
FIG11-11 Screenshot of Windows 10 allowed apps. © Microsoft 2020
FIG11-12 Screenshot of Windows 10 advanced firewall settings. © Microsoft 2020
FIG11-13 Screenshot of Windows 10 echo request properties. © Microsoft 2020
FIG11-14 Screenshot of Windows 10 echo request protocols and ports. © Microsoft 2020
FIG11-15 Screenshot of macOS firewall. © 2020 Apple Inc
FIG11-16 Screenshot of macOS advanced settings. © 2020 Apple Inc
FIG11-17 Screenshot of Linux iptables © The Netfilter’s webmasters
FIG11-19 Screenshot of An example of setting WEP encryption on a wireless client. © Microsoft 2020
FIG11-26 Screenshot of The traceroute from the VPN server to the VPN remote client. © Microsoft 2020
FIG11-27 Screenshot of The first window, the VPN Client status window, is displayed after starting the VPN client software.
© Cisco systems
FIG11-28 Screenshot of The connection screen for establishing a VPN link. © Cisco systems
FIG11-29 Screenshot of The initial handshake screen for the VPN client. © Cisco systems
FIG11-30 Screenshot of The menu showing that the VPN client has successfully connected to the virtual private network.
© Cisco systems
FIG11-31 Screenshot of The Preferences window for the VPN client. © Cisco systems
FIG11-32 Screenshot of The Statistics window (a) and Route Details window (b) for the VPN client. © Cisco systems
FIG12-1 Screenshot of Enabling Hyper-V © Microsoft 2020
FIG12-2 Screenshot of Using Hyper-V Manager © Microsoft 2020
FIG12-3 Screenshot of Creating a virtual switch in Hyper-V © Microsoft 2020
FIG12-4 Screenshot of Specifying the name of a virtual switch © Microsoft 2020
FIG12-5 Screenshot of Creating a virtual machine © Microsoft 2020
FIG12-6 Screenshot of Specifying the name and location of a virtual machine. © Microsoft 2020
FIG12-7 Screenshot of Specifying the generation of the virtual machine © Microsoft 2020
FIG12-8 Screenshot of Specifying the desired memory size for a VM. © Microsoft 2020
FIG12-9 Screenshot of Selecting the connection name of the virtual switch. © Microsoft 2020
FIG12-10 Screenshot of Specifying a virtual hard disk name, location, and size. © Microsoft 2020
FIG12-11 Screenshot of The options for installing the VM’s operating system. © Microsoft 2020
FIG12-12 Screenshot of Starting the new VM. © Microsoft 2020
FIG12-13 Screenshot of The final VM screen, showing that the machine is up. © Microsoft 2020
Peter Mell (NIST), Tim Grance (NIST), The NIST Definition of Cloud Computing, SP 800-145
Cover Artistdesign29/Shutterstock
iv

CONTENTS AT A GLANCE
Introduction xxiii
1 Introduction to Computer Networks 2
2 Physical Layer Cabling: Twisted-Pair 62
3 Physical Layer Cabling: Fiber Optics 124
4 Wireless Networking 172
5 Interconnecting the LANs 228
6 TCP/IP 290
7 Introduction to Router Configuration 354
8 Introduction to Switch Configuration 404
9 Routing Protocols 444
10 Managing the Network Infrastructure 524
11 Network Security 590
12 Cloud Computing and Virtualization 676
13 Codes and Standards 706
Glossary 742
Index 764
Online Only Elements:

Net-Challenge Software
Wireshark Captures
Network+ quizzes

CONTENTS
Introduction xxiii
CHAPTER 1 Introduction to Computer Networks 2

Chapter Outline 3
Objectives 3
Key Terms 3
1-1 Introduction 4
1-2 Network Topologies 6
Section 1-2 Review 11
Test Your Knowledge 11
1-3 The OSI Model 12
1-4 The Ethernet LAN 16
IP Addressing 20
1-5 Home Networking 24
Securing a Home Network 33
IP Addressing in a Home Network 34
1-6 Assembling an Office LAN 38
Diagram the Network 39
Connect the Network Devices 40
Configure the Computers to Operate on the LAN 44
1-7 Testing and Troubleshooting a LAN 45
Summary 50
Questions and Problems 50
Certification Questions 59
vi

CHAPTER 2 Physical Layer Cabling: Twisted-Pair 62
Chapter Outline 63
Objectives 63
Key Terms 63
2-1 Introduction 65
2-2 Structured Cabling 66
Horizontal Cabling 69
2-3 Twisted-Pair Cable 74
Unshielded Twisted-Pair Cable 74
Shielded Twisted-Pair Cable 76
2-4 Terminating Twisted-Pair Cables 78
Computer Communication 79
Straight-Through and Crossover Patch Cables 82
2-5 Cable Testing and Certification 92
2-6 10 Gigabit Ethernet over Copper 97
Overview 98
Alien Crosstalk 98
Signal Transmission 100
2-7 Troubleshooting Cabling Systems 102
Cable Stretching 102
Cable Failing to Meet Manufacturer Specifications 102
CAT5e Cable Test Examples 104
Summary 112
CONTENTS vii

CHAPTER 3 Physical Layer Cabling: Fiber Optics 124
Chapter Outline 125
Objectives 125
Key Terms 125
3-1 Introduction 126
3-2 The Nature of Light 129
Graded-Index Fiber 133
Single-Mode Fibers 134
3-3 Fiber Attenuation and Dispersion 136
Attenuation 136
Dispersion 137
Dispersion Compensation 139
3-4 Optical Components 141
Intermediate Components 142
Detectors 143
Fiber Connectorization 145
3-5 Optical Networking 147
Defining Optical Networking 148
Building Distribution 151
Campus Distribution 154
Optical Link Budget 157
3-6 Safety 160
3-7 Troubleshooting Fiber Optics: The OTDR 162
Summary 165
viii CONTENTS

CHAPTER 4 Wireless Networking 172
Chapter Outline 173
Objectives 173
Key Terms 173
4-2 The IEEE 802.11 Wireless LAN Standard 175
4-3 802.11 Wireless Networking 185
4-4 Bluetooth, WiMAX, RFID, and Mobile Communications 197
Bluetooth 197
WiMAX 199
Radio Frequency Identification 200
Mobile (Cellular) Communications 204
4-5 Configuring a Point-to-Multipoint Wireless LAN: A Case Study 206
Step 1: Conducting an Antenna Site Survey 207
Step 2: Establishing a Point-to-Point Wireless Link to the Home Network 208
Steps 3 and 4: Configuring the Multipoint Distribution and Conducting an RF Site Survey 209
Step 5: Configuring the Remote Installations 211
4-6 Troubleshooting Wireless Networks 213
Access Point Hardware Issues 213
Wireless Router Issues 213
Wireless Compatibility 213
Signal Strength Problems 214
Wireless Coverage 214
Extending the Wireless Range 214
Frequency Interference Problems 214
Wireless Channel Utilization 214
Load Issues 215
SSID Issues 215
Securing Wi-Fi Issues 215
Cable Issues 215
Deauthentication/Disassociation Attacks 215
CONTENTS ix

DHCP Issues 216
Wireless Printer Issues 216
Summary 217
Critical Thinking 224
CHAPTER 5 Interconnecting the LANs 228

Chapter Outline 229
Objectives 229
Key Terms 229
5-2 The Network Bridge 232
5-3 The Network Switch 237
Hub and Switch Comparison 239
Managed Switches 242
Multilayer Switches 247
5-4 The Router 249
The Router Interface 250
Quality of Service 251
5-5 The Console Port Connection 254
Configuring the PuTTY Software (Windows) 256
Configuring the ZTerm Serial Communications Software (Mac) 259
5-6 Interconnecting LANs with the Router 262
Gateway Address 265
Network Segments 265
x CONTENTS

5-7 Interconnecting LANs and WANs 267
Three-Tiered LAN Architecture 267
Core 268
Distribution/Aggregation Layer 269
Access/Edge Layer 269
Traffic Flow 269
Data Center Architecture 269
WAN High-Speed Serial Connections 270
Data Channels 270
Point of Presence 271
Metro Optical Ethernet/Carrier Ethernet 273
Ethernet Service Types 274
Service Attributes 276
Summary 279
CHAPTER 6 TCP/IP 290

Chapter Outline 291
Objectives 291
Key Terms 291
6-2 The TCP/IP Layers 294
The Application Layer 295
The Transport Layer 296
The Internet Layer 301
The Network Interface Layer 304
6-3 Number Conversion 306
Binary-to-Decimal Conversion 306
Decimal-to-Binary Conversion 307
Hexadecimal Numbers 309
Converting Hexadecimal 309
CONTENTS xi

6-4 IPv4 Addressing 312
6-5 Subnet Masks: Subnetting and Supernetting 317
Subnetting 318
Alternative Technique to Derive the Subnets: Magic Number 323
Subnet Masking Examples 324
Gateway IP Address 326
6-6 Supernetting, CIDR Blocks, and VLSM 328
6-7 IPv6 Addressing 333
Transitioning to IPv6 335
CIDR for IPv6 337
Summary 340
CHAPTER 7 Introduction to Router Configuration 354

Chapter Outline 355
Objectives 355
Key Terms 355
7-2 Router Fundamentals 358
Layer 3 Networks 359
7-3 The Router’s User EXEC Mode (Router>) 366
The User EXEC Mode 366
Router Configuration Challenge: User EXEC Mode 369
7-4 The Router’s Privileged EXEC Mode (Router#) 373
The hostname Command 374
xii CONTENTS

The enable secret Command 375
Setting the Line Console Passwords 375
FastEthernet Interface Configuration 376
Serial Interface Configuration 377
Router Configuration Challenge: Privileged EXEC Mode 380
7-5 Configuring the Network Interface: Auto-negotiation 383
Auto-negotiation Steps 384
Full-Duplex/Half-Duplex 384
7-6 Troubleshooting the Router Interface 387
Summary 393
CHAPTER 8 Introduction to Switch Configuration 404

Chapter Outline 405
Objectives 405
Key Terms 405
8-2 Introduction to VLANs 407
Virtual LANs 407
8-3 Introduction to Switch Configuration 410
Hostname 411
Enable Secret 412
Setting the Line Console Passwords 412
Static VLAN Configuration 414
VLAN Subinterfaces 418
Networking Challenge: Switch Configuration 419
CONTENTS xiii

8-4 Spanning Tree Protocol 422
8-5 Power over Ethernet 425
8-6 Troubleshooting the Switch Interface 429
Summary 436
CHAPTER 9 Routing Protocols 444

Chapter Outline 445
Objectives 445
Key Terms 445
9-2 Static Routing 447
Gateway of Last Resort 454
Configuring Static Routes 454
Networking Challenge: Static Routes 458
9-3 Dynamic Routing Protocols 460
9-4 Distance Vector Protocols 463
9-5 Configuring RIP and RIPv2 466
Configuring Routes with RIP 468
Configuring Routes with RIPv2 473
Networking Challenge: RIPv2 474
9-6 Link State Protocols 476
xiv CONTENTS

9-7 Configuring the Open Shortest Path First (OSPF) Routing Protocol 481
Networking Challenge: OSPF 485
9-8 Advanced Distance Vector Protocol: Configuring Enhanced Interior
Gateway Routing Protocol (EIGRP) 487
Configuring Routes with EIGRP 488
Networking Challenge: EIGRP 494
9-9 Internet Routing with Border Gateway Protocol (BGP) 496
Configuring BGP 496
9-10 IPv6 Routing 499
IPv6 Static Routing 499
RIP for IPv6 499
OSPF for IPv6 500
EIGRP for IPv6 501
BGP for IPv6 501
Summary 504
CHAPTER 10 Managing the Network Infrastructure 524

Chapter Outline 525
Objectives 525
Key Terms 525
10-2 Domain Name and IP Address Assignment 528
10-3 IP Address Management with DHCP 531
The DHCP Data Packets 534
DHCP Deployment 535
CONTENTS xv

10-4 Scaling a Network with NAT and PAT 537
10-5 Domain Name System (DNS) 539
DNS Resource Records 541
10-6 Network Management Protocols 546
Configuring SNMP 547
10-7 Analyzing Network Traffic 552
10-8 Network Analyzer: Wireshark 560
Downloading and Installing Wireshark 560
Using Wireshark to Capture Packets 561
Using Wireshark to Inspect Data Packets 562
10-9 Analyzing Computer Networks: FTP Data Packets 566
10-10 Troubleshooting IP Networks 568
Verifying Network Settings 570
Investigating IP Address Issues 570
Finding Subnet Mask Issues 570
Looking for Gateway Issues 571
Identifying Name Resolution Issues 571
Investigating DHCP Issues 571
Checking for Blocked TCP/UDP Ports 573
Summary 574
xvi CONTENTS

CHAPTER 11 Network Security 590
Chapter Outline 591
Objectives 591
Key Terms 591
11-2 Intrusion: How Attackers Gain Control of a Network 594
Social Engineering 595
Password Cracking 596
Packet Sniffing 597
Packet Sniffing Attacks 598
Vulnerable Software 599
Preventing Vulnerable Software Attacks 600
Malware 602
11-3 Denial-of-Service 606
Distributed Denial-of-Service Attacks 608
11-4 Security Software and Hardware 610
Personal Firewalls 610
Antivirus/Anti-malware Software 610
Configuring Firewall Settings for Windows 10 611
Configuring Firewall Settings for macOS 615
Configuring Firewall Settings for Linux 616
Firewalls 617
Other Security Appliances 619
Computer Forensics 621
11-5 Managing Network Access 623
11-6 Router Security 626
Router Access 626
Router Services 628
Logging 630
CONTENTS xvii

11-7 Switch Security 631
Switch Port Security 633
Dynamic ARP Inspection 635
STP Special Features 635
11-8 Wireless Security 637
11-9 Remote Access and VPN Technologies 642
Analog Modem Technologies 643
Cable Modems 644
xDSL Modems 644
Remote Access Server 647
Virtual Private Network 647
VPN Tunneling Protocols 648
Configuring a Remote Client’s VPN Connection 652
Configuring a Windows 10 VPN Client 652
Configuring a macOS VPN Client 652
Configuring a Cisco VPN Client 653
11-10 Physical Security 659
Access Control Hardware 660
Detection Methods 661
Asset Disposal 662
Internet of Things (IoT) Security Devices 662
Summary 664
CHAPTER 12 Cloud Computing and Virtualization 676

Chapter Outline 677
Objectives 677
Key Terms 677
xviii CONTENTS

12-2 Virtualization 679
Setting Up Virtualization on Windows 10 682
12-3 Cloud Computing 692
Cloud Computing Service Models 694
Cloud Infrastructures 696
12-4 Enterprise Storage 698
Summary 701
CHAPTER 13 Codes and Standards 706

Chapter Outline 707
Objectives 707
Key Terms 707
13-2 Safety Standards and Codes 708
Design and Construction Requirements for Exit Routes (29 CFR 1910.36) 709
Maintenance, Safeguards, and Operational Features for Exit Routes (29 CFR 1910.37) 710
Emergency Action Plans (29 CFR 1910.38) 710
Fire Prevention Plans (29 CFR 1910.39) 711
Portable Fire Extinguishers (29 CFR 1910.157) 712
Fixed Extinguishing Systems (29 CFR 1910.160) 713
Fire Detection Systems (29 CFR 1910.164) 714
Employee Alarm Systems (29 CFR 1910.165) 715
Hazard Communication (29 CFR 1910.1200) 716
HVAC Systems 717
Door Access 717
13-3 Industry Regulatory Compliance 718
FERPA 719
FISMA 719
GDPR 719
CONTENTS xix

GLBA 719
HIPAA 720
PCI DSS 720
International Export Controls 720
13-4 Business Policies, Procedures, and Other Best Practices 723
Memorandum of Understanding 723
Service-Level Agreement 724
Master Service Agreement 724
Master License Agreement 724
Non-Disclosure Agreement 725
Statement of Work 725
Acceptable Use Policy 725
Incident Response Policy 725
Password Policy 726
Privileged User Agreement 726
Standard Operating Procedure 726
Onboarding and Offboarding Policies 727
Other Best Practices 727
13-5 Business Continuity and Disaster Recovery 729
Summary 733
Glossary 742
Index 764
Online Only Elements:

Net-Challenge Software
Wireshark Captures
Network+ quizzes
xx CONTENTS

ABOUT THE AUTHORS
Jeffrey S. Beasley is a professor emeritus in the Information and Communications Technology program at
New Mexico State University, where he taught computer networking and many related topics. He is coauthor of
Modern Electronic Communication, ninth edition, the author of Networking, second edition, and co-author of
Networking Essentials, fifth edition, and A Practical Guide to Advanced Networking.
Piyasat Nilkaew is the director of Computing and Networking Infrastructure at New Mexico State University
and has more than 20 years of experience in network management and consulting. He has extensive expertise
in deploying and integrating multiprotocol and multivendor data, voice, and video network solutions. He is
co-author of Networking Essentials, fifth edition, and A Practical Guide to Advanced Networking.
ABOUT THE TECHNICAL REVIEWER

Chris Crayton is a technical consultant, trainer, author, and industry-leading technical editor. He has worked as
a computer technology and networking instructor, information security director, network administrator, network
engineer, and PC specialist. Chris has authored several print and online books on PC repair, CompTIA A+,
CompTIA Security+, and Microsoft Windows. He has also served as technical editor and content contributor on
numerous technical titles for several of the leading publishing companies. He holds numerous industry certifica-
tions, has been recognized with many professional and teaching awards, and has served as a state-level SkillsUSA
final competition judge. Chris tech edited and contributed to this book to make it better for students and those
wishing to better their lives.
DEDICATIONS
This book is dedicated to my family: Kim, Damon/Heather, and Dana/Sam. —Jeff Beasley
This book is dedicated to my family: Boonsong, Pariya, June, Ariya, and Atisat. —Piyasat Nilkaew
ACKNOWLEDGMENTS
I am grateful to the many people who have helped with this text. My sincere thanks go to the following technical
consultants:
● Danny Bosch and Matthew Peralta for sharing their expertise with optical networks and unshielded
twisted-pair cabling
● Don Yates for his help with the initial Net-Challenge software
I would also like to thank my many past and present students for their help with this book:
● Abel Sanchez, Kathryn Sager, and Joshua Cook for their work on the Net-Challenge software; Adam
Segura for his help taking pictures of the steps for CAT6 termination; Marc Montez, Carine George-Morris,
Brian Morales, Michael Thomas, Jacob Ulibarri, Scott Leppelman, and Aarin Buskirk for their help with
laboratory development; Josiah Jones and Raul Marquez Jr. for their help with the Wireshark material; and
Ariya Nilkaew for her help with revising and editing many of the captured pictures
xxi

● Aaron Shapiro and Aaron Jackson for their help testing the many network connections presented in the text
● Paul Bueno and Anthony Bueno for reading through an early draft of the text
Your efforts are greatly appreciated.

We appreciate the excellent feedback of the following reviewers: Phillip Davis, DelMar College, Texas; Thomas
D. Edwards, Carteret Community College, North Carolina; William Hessmiller, Editors & Training Associates;
Bill Liu, DeVry University, California; and Timothy Staley, DeVry University, Texas.
Our thanks to the people at Pearson for making this project possible. Thanks to Brett Bartow for providing
us with the opportunity to work on the sixth edition and for helping make this process enjoyable. Thanks to
Marianne Bartow, to all the people at Pearson IT Certification, and also to the many technical editors for their
help editing the manuscript.
Special thanks to our families for their continued support and patience.
—Jeffrey S. Beasley and Piyasat Nilkaew
WE WANT TO HEAR FROM YOU!

As the reader of this book, you are our most important critic and commentator. We value your opinion and want
to know what we’re doing right, what we could do better, what areas you’d like to see us publish in, and any other
words of wisdom you’re willing to pass our way.
We welcome your comments. You can email or write to let us know what you did or didn’t like about this book—
as well as what we can do to make our books better.
Please note that we cannot help you with technical problems related to the topic of this book.
When you write, please be sure to include this book’s title and author as well as your name and email address. We
will carefully review your comments and share them with the authors and editors who worked on the book.
Email: community@informit.com
xxii

INTRODUCTION
This book provides a look at computer networking from the point of view of a network administrator. It guides
readers from an entry-level knowledge of computer networks to advanced concepts related to Ethernet networks;
router configuration; TCP/IP networks; routing protocols; local, campus, and wide area network configuration;
network security; wireless networking; optical networks; voice over IP; network servers; and Linux networking.
After reading the entire text, you will have gained a solid knowledge base in computer networks.
In our years of teaching, we have observed that technology students prefer to learn “how to swim” after they have
gotten wet and taken in a little water. Then they are ready for more challenges. In this book, we therefore show
you the technology, how it is used, and why, and you can take the applications of the technology to the next level.
Allowing you to experiment with the technology helps you develop a greater understanding.
ORGANIZATION OF THE TEXT

This book has been thoroughly updated to reflect the latest version of the CompTIA Network+ exam. Networking
Essentials, sixth edition, is a practical, up-to-date, and hands-on guide to the basics of networking. Written from
the viewpoint of the network administrator, it requires absolutely no previous experience with either network
concepts or day-to-day network management. Throughout the text, you will gain an appreciation of how basic
computer networks and related hardware are interconnected to form a network. You will come to understand the
concepts of twisted-pair cable, fiber optics, LANs interconnection, TCP/IP configuration, subnet masking, basic
router configuration, switch configuration and management, wireless networking, and network security.
The textbook’s companion website contains laboratory exercises, the Net-Challenge software, Wireshark
captures, and the Network+ terminology quizzes.
xxiii

Key Pedagogical Features
● The Chapter Outline, Network+ Objectives, Key Terms, and Introduction at the beginning of each chapter
clearly outline specific goals for you, the reader. Figure I-1 shows an example of these features.
Introduction: Chapter openers

Chapter Outline Chapter Objectives clearly outline specific goals
174
Key Terms for this Chapter
FIGURE I-1
xxiv

● The Net-Challenge software provides simulated hands-on experience configuring routers and switches.
Exercises provided in the text (see Figure I-2) and companion website challenge you to undertake certain
router/network configuration tasks. These challenges help you check your ability to enter basic networking
commands and to set up router functions, such as configuring the interface (Ethernet and serial) and rout-
ing protocols (for example, RIP, static). The software has the look and feel of actually being connected to a
router’s console port.
Net-Challenge exercises are found Exercises challenge readers to

throughout the text where applicable undertake certain tasks
380 381
FIGURE I-2
xxv

● The textbook features and introduces how to use the Wireshark network protocol analyzer. Examples of
using the software to analyze data traffic are included throughout the text. Numerous worked-out examples
are included in every chapter to reinforce key concepts and aid in subject mastery, as shown in Figure I-3.
Examples using the Wireshark

protocol analyzer are included
throughout the text where applicable
Downloading and Installing Wireshark

To download and install the latest version of the Wireshark software, follow these
steps:
1. Visit www.Wireshark.org, click Download Wireshark, and select your

corresponding operating system.
2. Click Run when the dialog box appears to initiate the download process.
3. At the setup wizard prompt, select Next and agree to the license agreement.
4. Choose the components you would like to install and click Next to continue.
5. Select program shortcuts and click Next to continue.
6. Use the default directory paths specified in the setup menu and click Install
to start the installation process.
When the Wireshark software is installed, you are ready to begin using it.
Using Wireshark to Capture Packets

In most cases, you will want to capture data packets from your own network. The
following steps describe how to use Wireshark to capture packets:
1. In Windows, click Start > Programs > Wireshark and selectWireshark to

start the program. In macOS, go to the Applications folder and then select
Wireshark to start the program.
2. To capture packets on an operating network, select the interfaces in which you
would like to obtain the capture (see Figure 10-23) by going to Capture >
Interfaces. After selecting your interfaces, click Start to start capturing,
as shown in Figure 10-24. You can also get to the interface list by clicking
Interface List on the Wireshark home screen.
3. To examine the packets, stop the simulation by clicking Capture > Stop.
Remember that there must be some activity on your network for packets to
be transferred. You might see little traffic activity if your network is in the lab
and there is limited network activity. You can always use the ping command
to generate some network data activity, if needed.
To open a saved capture file, click File > Open or click Open on the Wireshark
home screen.
To change capture options, click Capture > Options and change the options to
your preferred settings.
10-8: NETWORK ANALYZER: WIRESHARK 561
FIGURE I-3
xxvi

● Key Terms and their definitions are highlighted in the margins to foster inquisitiveness and ensure retention.
Illustrations and photos are used throughout to aid in understanding the concepts discussed (see Figure I-4).
Key terms are

highlighted in the
text and defined
in the margin
The users (clients) in the wireless LAN can communicate with other members of
Extended Service the network as long as a link is established with the access point. For example, data
Set (ESS) traffic from PC-A to PC-E first passes through the access point and then to PC-E in
A network with multiple the wired LAN.
access points to extend
user mobility The problem with a basic service set is that mobile users can travel outside the
radio range of a station’s wireless link if there is only one access point. One
Hand-off solution is to add multiple access points to the network. Multiple access points
The process in which extend the range of mobility of a wireless client in the LAN. This arrangement is
a user’s computer called an extended service set (ESS). In the example of an ESS in Figure 4-3, the
establishes an mobile computer establishes an authorized connection with the access point that
association with another
has the strongest signal level (for example, AP-1). As the user moves, the strength
access point
of the signal from AP-1 decreases. At some point, the signal strength from AP-2
Roaming exceeds that from AP-1, and the wireless bridge establishes a new connection
The term used to with AP-2. This is called a hand-off. The hand-off is an automatic process for the
describe a user’s ability wireless client adapter in 802.11, and the term used to describe this is roaming.
to maintain network
Network access in 802.11 uses a technique called carrier sense multiple access with
connectivity while
moving through the collision avoidance (CSMA/CA). In CSMA/CA, the client station listens for other
workplace users of the wireless network. If the channel is quiet (that is, no data transmission
is occurring), the client station can transmit. If the channel is busy, the station(s)
must wait until transmission stops. Each client station uses a unique random
CSMA/CA back-off time. This technique prevents client stations from trying to gain access
Carrier sense multiple to the wireless channel as soon as it becomes quiet. Currently four physical layer
access with collision technologies are being used in 802.11 wireless networking: direct-sequence spread
avoidance spectrum (DSSS), frequency-hopping spread spectrum (FHSS), infrared, and
orthogonal frequency-division multiplexing (OFDM). DSSS is used in 802.11b/g/n
wireless networks, and OFDM is used in 802.11a, 802.11g, 802.11n, 802.11ac, and
802.11ax.
Laptop
Computer
AP-1 AP-3
AP-2
FIGURE 4-3 An example of an extended service set used for increased user mobility.
178 CHAPTER 4: WIRELESS NETWORKING
FIGURE I-4
xxvii

●● A Summary, Questions and Problems, Critical Thinking, and Certification Questions are provided at the
end of each chapter, as shown in Figure I-5
Summary of Questions and problems Critical Thinking questions and problems

key concepts are organized by section further develop analytical skills
664 674
FIGURE I-5
xxviii

● An extensive Glossary at the end of the book offers quick, accessible definitions to key terms and acro-
nyms, and this book also includes an exhaustive Index (see Figure I-6).
Complete Glossary of terms and Exhaustive Index provides

acronyms provide quick reference quick reference
? The help command, which can be used at any Active/active An architecture in which both the Symbols 40GBASE-T cabling, 41
64-bit CPU architectures, 679
prompt in the command-line interface for the Cisco primary site and the disaster recovery site are up and ? (help) command, 367
IOS software running at the same time 100BASE-FX cabling, 41
100BASE-SX cabling, 41
10GBASE-T Twisted-pair copper capable of 10Gbps Active/passive An architecture in which the disaster
recovery site is idle, in standby mode
Numbers 100BASE-TX cabling, 41
3G/4G Third Generation and Fourth Generation, 802.1x (dot1x) wireless standard, 633
digital mobile phone technologies developed to provide Adaptive cut-through A mode that is a combination 3DES (Triple Data Encryption Standard), 651
802.11 wireless standard, 175–176
broadband network wireless services of the store-and-forward and cut-through modes 3G wireless standard, 204
ad hoc networks, 176, 177
6to4 prefix A globally routable address that enables Ad hoc network An independent network 4G wireless standard, 204
AP, 177–178
IPv6 hosts to communicate over the IPv4 Internet 4G/LTE, 204
Address Resolution Protocol (ARP) A protocol used to BSS, 176, 177, 178
5G wireless standard, 204
802.1X An IEEE standard protocol for access control map IP addresses to MAC addresses channel bonding, 179
and authentication; also called dot1x 6to4 prefix, 335
Administrative distance A feature used by routers to CSMA/CD, 178
8P8C connectors, 70–71
8P8C The proper term for an RJ-45 modular plug select the best path when more than one path is available DSSS, 179
10BASE2 cabling, 41
ESS, 178
A record (Address record)The most common record Administratively down An indication that the router 10BASE5 cabling, 41
in DNS, which maps a hostname to an IP address interface has been shut off by an administrator FHSS, 180
10BASE-FL cabling, 41
frequency channels, 179
AAAA record (Quad-A record) A DNS record for IPv6 ADSL (Asymmetric DSL) A service that provides up to 10BASE-T cabling, 41
hand-offs, 178
1.544Mbps from the user to the service provider and 10GBASE-LR cabling, 41
Absorption Light interaction with the atomic structure hopping sequences, 180
up to 8Mbps back to the user from the service provider 10GBASE-SR cabling, 41
of the fiber material; also involves the conversion of ISM band, 179
optical power to heat Advertise To share route information 10GBASE-T cabling, 41, 76, 97–98
MAC layer, 176
Access control Physical security measures such as AES Advanced Encryption Standard, the encryption AXT, 98
OFDM, 180
access control cards, possibly biometric access control algorithm used by WPA2 full-duplex transmissions, 100
Open Authentication, 638
systems, and lockable fencing F/UTP, 99
Aging time The length of time a MAC address PHY layer, 176
Access control hardware Hardware used to identify remains assigned to a port hybrid echo cancellation circuits, 100
pseudorandom numbering sequences, 180
and authenticate someone entering a facility IEEE 802.3an-2006, 98
AH Authentication Header, a security protocol that roaming, 178
performance, 100–101
Access control list (ACL) A basic form of firewall guarantees the authenticity of IP packets shared-key authentication, 638
protection PSAACRF, 98, 99
Alien crosstalk (AXT) Unwanted signal coupling from transceivers, 177
PSANEXT, 98, 99
Access control vestibule/mantrap A control device one permanent link to another transmit power, 180
signal transmission, 100–101
that consists of two interlocking doors in which the WMN, 176
Angled physical contact (APC) A green fiber connector 29 CFR 1910.1200 (Hazard Communication), 716
first set of doors must be closed before the second set 802.11a (Wi-Fi 2) wireless standard, 24, 180–181,
whose endface is polished and has an 8-degree angle 29 CFR 1910.157 (Portable Fire Extinguishers),
of doors can open 183
Ant+ An ultra-low-power wireless protocol for 712–713
access-list permit Ip any any The instruction added 802.11ac (Wi-Fi 5) wireless standard, 24, 182, 183
wireless sensor networks operating at 2.4GHz 29 CFR 1910.160 (Fixed Extinguishing Systems),
to the last line of an access list to allow all other data 802.11ax (Wi-Fi 6) wireless standard, 25, 182, 183
713–714
packets to enter and exit the router Anycast address An address obtained from a list of 802.11b (Wi-Fi 1) wireless standard, 24, 181, 183
addresses 29 CFR 1910.164 (Fire Detection Systems), 714–715
Access point A transceiver used to interconnect a 802.11g (Wi-Fi 3) wireless standard, 24, 181, 182,
29 CFR 1910.165 (Employee Alarm Systems),
wireless and a wired LAN APIPA Automatic Private IP Addressing, a Windows 183
715–716
process that automatically configures reserved private 802.11i wireless standard, 183
ACK Acknowledgment packet, a packet in the TCP 29 CFR 1910.36 (Design and Construction
IP addresses and subnet masks 802.11n (Wi-Fi 4) wireless standard, 24, 181, 182,
three-way connection handshake Requirements for Exit Routes), 709–710
Application layer Layer 7 of the OSI model, which 183
ACR A measurement that compares the signal level 29 CFR 1910.37 (Maintenance, Safeguards, and
interacts with application programs that incorporate a Operational Features for Exit Routes), 710 802.11r wireless standard, 183
from a transmitter at the far end to the crosstalk
communication component such as an Internet browser 29 CFR 1910.38 (Emergency Action Plans), 710–711 802.16a (WiMAX) wireless standard, 200
measured at the near end
and email 1000BASE-LX cabling, 41
29 CFR 1910.39 (Fire Prevention Plans), 711–712
32-bit CPU architectures, 679 1000BASE-SX cabling, 41
GLOSSARY 743 INDEX 3
FIGURE I-6
Companion Website
The companion website includes the captured data packets used throughout the book. It also includes the Net-
Challenge software, which was developed specifically for this text. The companion website also includes chapter-
based quiz modules for you to test your knowledge and all of the key terms in an online flash card application.
Finally, you can access your 10% off Network+ exam voucher from the companion website.
xxix

4
CHAPTER
Wireless
Networking
97801374558290_print.indb 172 10/09/21 11:19 AM

Chapter Outline
4-1 Introduction 4-5 Configuring a Point-to-Multipoint
4-2 The IEEE 802.11 Wireless LAN Wireless LAN: A Case Study
Standard 4-6 Troubleshooting Wireless Networks
4-3 802.11 Wireless Networking Summary
4-4 Bluetooth, WiMAX, RFID, and Mobile Questions and Problems
Communications
Objectives
●● Define the features of the 802.11 wireless ●● Examine how site surveys are done for
LAN standard wireless LANs
●● Understand the components of a wireless ●● Investigate the issues of securing a
LAN wireless LAN
●● Explore how wireless LANs are ●● Explore how to configure a point-to-
configured multipoint wireless LAN
Key Terms
WLAN pseudorandom paging procedure
basic service set (BSS) hopping sequence piconet
ad hoc network OFDM pairing
access point OFDMA passkey
transceiver U-NII WiMAX
extended service set (ESS) MIMO BWA
hand-off MU-MIMO NLOS
roaming beamforming last mile
CSMA/CA Wi-Fi radio frequency
DSSS SSID identification (RFID)
ISM band site survey backscatter
FHSS inquiry procedure Slotted Aloha
97801374558290_print.indb 173 10/09/21 11:19 AM

This chapter examines the features and technologies used in a wireless local area
WLAN network (WLAN). Wireless networking is an extension of computer networks
Wireless local area into the radio frequency (RF) world. A WLAN provides increased flexibility and
network mobility for connecting to a network. A properly designed WLAN for a building
provides mobile access for a user from virtually any location in the building. The
user doesn’t have to look for a connection to plug into; also, the expense of pulling
cables and installing wall plates required for wired networks can be avoided.
However, a network administrator must carefully plan a wireless LAN installation
and have a good understanding of the issues of using WLAN technologies to ensure
the installation of a reliable and secure network.
4-1 INTRODUCTION
The objective of this section is to introduce students to wireless networking.
Wireless networks are being used everywhere, and it is a network administrator’s
job to ensure that the addition of a wireless network meets the connectivity, data
throughput, and security requirements for the network.
This chapter addresses the basic issues of incorporating WLAN technologies
into a network. Section 4-2, “The IEEE 802.11 Wireless LAN Standard,”
includes an overview of WLAN concepts and terminology, frequency
allocations, and spread spectrum communication. The applications of WLANs
are presented in Section 4-3, “802.11 Wireless Networking,” which looks at
various types of WLAN configurations, such as point-to-point and point-to-
multipoint. Section 4-4, “Bluetooth, WiMAX, RFID, and Mobile Communica-
tions,” looks at wireless networking technologies such as Bluetooth, WiMAX,
and RFID. Any time a signal is transmitted over the air or even through a cable,
there is some chance that the signal can be intercepted. Transmitting data over
a wireless network introduces unique security issues. Section 4-5, “Configuring
a Point-to-Multipoint Wireless LAN: A Case Study,” presents an example of
configuring a WLAN to provide access for users in a metropolitan area.
Section 4-6 “Troubleshooting Wireless Networks” provides an overview of
common techniques for troubleshooting wireless networks.
Table 4-1 outlines the CompTIA Network+ objectives related to this chapter
and identifies the chapter section that covers each objective. At the end of each
chapter section you will find a review with comments on the Network+ objectives
presented in that section. These comments are provided to help reinforce your
understanding of each Network+ objective. The chapter review also includes
“Test Your Knowledge” questions to help you understand key concepts before
you advance to the next section of the chapter. At the end of the chapter you
will find a complete set of questions as well as sample certification exam-type
questions.
97801374558290_print.indb 174 10/09/21 11:19 AM

TABLE 4-1 Chapter 4 CompTIA Network+ Objectives
Domain/Objective Domain/Objective Description Section Where
Number Objective Is Covered
1.0 Networking Fundamentals
1.2 Explain the characteristics of network topologies and network 4-2
types.
1.3 Summarize the types of cables and connectors and explain 4-4
which is the appropriate type for a solution.
1.6 Explain the use and purpose of network services. 4-2, 4-3
1.7 Explain basic corporate and datacenter network architecture. 4-4
2.0 Network Implementations
2.1 Compare and contrast various devices, their features, and their 4-2, 4-3, 4-4, 4-5
appropriate placement on the network.
2.3 Given a scenario, configure and deploy common Ethernet 4-2, 4-4
switching features.
2.4 Given a scenario, install and configure the appropriate wireless 4-2, 4-3, 4-4, 4-5
standards and technologies.
3.0 Network Operations
3.1 Given a scenario, use the appropriate statistics and sensors to 4-2, 4-3, 4-4
ensure network availability.
3.2 Explain the purpose of organizational documents and policies. 4-3, 4-5
3.3 Explain high availability and disaster recovery concepts and 4-2, 4-5
summarize which is the best solution.
4.0 Network Security
4.3 Given a scenario, apply network hardening techniques. 4-2, 4-4, 4-5
4.4 Compare and contrast remote access methods and security 4-2
implications.
5.0 Network Troubleshooting
5.2 Given a scenario, troubleshoot common cable connectivity issues 4-2, 4-3, 4-4
and select the appropriate tools.
5.4 Given a scenario, troubleshoot common wireless connectivity issues. 4-2, 4-3, 4-5, 4-6
5.5 Given a scenario, troubleshoot general networking issues. 4-4
4-2 THE IEEE 802.11 WIRELESS LAN STANDARD

The anatomy of 802.11 wireless networking is presented in this section. This
section introduces the basic service set wireless network, the extended service
set, the independent basic service set (ad hoc), the frequencies used for wireless
networks, the power output, and spread spectrum communications. Many topics
are presented, including the 802.11 wireless (Wi-Fi) standards. Students need to be
aware of these topics to fully comprehend how a wireless network functions.
A typical computer network uses twisted-pair and fiber-optic cable to interconnect
LANs. Another media option competing for use in higher-data-rate LANs is
4-2: The IEEE 802.11 Wireless LAN Standard 175
97801374558290_print.indb 175 10/09/21 11:19 AM

wireless, based on the IEEE 802.11 wireless standard. The advantages of wireless
include the following:
●● It is cost-effective for use in areas that are difficult or too costly to wire.
●● It enables user mobility in the workplace.
Wireless networks have become the network of choice in environments such as

homes, small offices, and public places. Being able to connect to a network without
a wire is convenient for users, and the cost is relatively low. In the age of laptops
and mobile devices, wireless opens the door to user mobility in the workplace, and
user mobility provides flexibility. Workers can potentially access the network or
wireless data services from virtually any location within the workplace. Accessing
information from the network is as easy as if the information were on a USB drive.
The benefits of wireless networks in the workplace are numerous. To provide
wireless connectivity, a network administrator must be sure the network services
are reliable and secure. In order to provide reliable network services, an adminis-
trator must have a good understanding of WLAN configurations and technologies.
This and the following sections examine the fundamentals of wireless networking,
the 802.11 standard and its family (802.11a, 802.11b, 802.11g, 802.11n, 802.11ac,
and 802.11ax), and how WLANs are configured.
The IEEE 802.11 WLAN standard defines the physical (PHY) layer, the media
access control (MAC) layer, and the MAC management protocols and services.
The PHY layer defines the following:
●● The method of transmitting the data, which can be either RF or infrared

(although infrared is rarely used)
●● How it interfaces with the MAC layer
●● The reliability of the data service
●● Access control to the shared wireless medium
●● Privacy protection for transmitted data
The wireless management protocols and services are authentication, association,

data delivery, and privacy.
The fundamental topology of a WLAN is the basic service set (BSS). This is also
Basic Service Set called the independent basic service set, or ad hoc network. Figure 4-1 provides
(BSS) an example of an ad hoc network. In this network, the wireless clients (stations)
An independent network communicate directly with each other. This means the clients have recognized the
other stations in the WLAN and have established a wireless data link.
Ad hoc network
An independent network A related concept is a wireless mesh network (WMN), which is a communications
network made up of Wi-Fi radios connected in a mesh topology (that is, a heavily
interconnected network). A WMN is basically a wireless ad hoc network.
97801374558290_print.indb 176 10/09/21 11:19 AM

C
A B
FIGURE 4-1 An example of an independent basic service set, or ad hoc, network.
The performance of the basic service set can be improved by including an access
point, which is a transmit/receive unit (transceiver) that interconnects data from Access Point
the wireless LAN to the wired network. In addition, the access point provides A transceiver used to
802.11 MAC layer functions and supports bridge protocols. The access point interconnect a wireless
typically uses an RJ-45 jack for connecting to the wired network. If an access point LAN and a wired LAN
is being used, users establish a wireless communications link through it to commu- Transceiver
nicate with other users in the WLAN or the wired network, as shown in Figure 4-2. A transmit/receive unit
PC-E
Wired LAN
PC-D
Access point
PC-A
PC-C
PC-B
FIGURE 4-2 Adding an access point to a basic service set.
If data is being sent from PC-A to PC-D in the network shown in Figure 4-2, the
data is first sent to the access point and then relayed to PC-D. Data sent from a
wireless client to a client in the wired LAN also passes through the access point.
97801374558290_print.indb 177 10/09/21 11:19 AM

The users (clients) in the wireless LAN can communicate with other members of
Extended Service the network as long as a link is established with the access point. For example, data
Set (ESS) traffic from PC-A to PC-E first passes through the access point and then to PC-E in
A network with multiple the wired LAN.
access points to extend
user mobility The problem with a basic service set is that mobile users can travel outside the
radio range of a station’s wireless link if there is only one access point. One
Hand-off solution is to add multiple access points to the network. Multiple access points
The process in which extend the range of mobility of a wireless client in the LAN. This arrangement is
a user’s computer called an extended service set (ESS). In the example of an ESS in Figure 4-3, the
establishes an mobile computer establishes an authorized connection with the access point that
association with another
has the strongest signal level (for example, AP-1). As the user moves, the strength
access point
of the signal from AP-1 decreases. At some point, the signal strength from AP-2
Roaming exceeds that from AP-1, and the wireless bridge establishes a new connection
The term used to with AP-2. This is called a hand-off. The hand-off is an automatic process for the
describe a user’s ability wireless client adapter in 802.11, and the term used to describe this is roaming.
to maintain network
Network access in 802.11 uses a technique called carrier sense multiple access with
connectivity while
moving through the collision avoidance (CSMA/CA). In CSMA/CA, the client station listens for other
workplace users of the wireless network. If the channel is quiet (that is, no data transmission
is occurring), the client station can transmit. If the channel is busy, the station(s)
must wait until transmission stops. Each client station uses a unique random
CSMA/CA back-off time. This technique prevents client stations from trying to gain access
Carrier sense multiple to the wireless channel as soon as it becomes quiet. Currently four physical layer
access with collision technologies are being used in 802.11 wireless networking: direct-sequence spread
avoidance spectrum (DSSS), frequency-hopping spread spectrum (FHSS), infrared, and
orthogonal frequency-division multiplexing (OFDM). DSSS is used in 802.11b/g/n
wireless networks, and OFDM is used in 802.11a, 802.11g, 802.11n, 802.11ac, and
802.11ax.
Laptop
Computer
AP-1 AP-3
AP-2
FIGURE 4-3 An example of an extended service set used for increased user mobility.
97801374558290_print.indb 178 10/09/21 11:19 AM

802.11 DSSS implements 14 channels (each consuming 22MHz) over approxi-
mately 90MHz of RF spectrum in the 2.4GHz ISM (industrial, scientific, and DSSS
medical) band. DSSS is a technique used to spread the transmitted data over a wide Direct-sequence spread
bandwidth; in this case, it is a 22MHz bandwidth channel. A channel is a medium spectrum
through which information is transmitted between transmitter and receiver. The ISM band
bandwidth is a measure of the upper to lower frequencies of the channel required to Industrial, scientific,
transmit the information. and medical band
A related concept is channel bonding, in which two adjacent channels are combined
to facilitate an increase in throughput between wireless devices. This is also called
Ethernet bonding and is used in Wi-Fi applications.
Table 4-2 lists the frequency channels used in North America. Note that only 11
out of 14 channels are made available in North America due to regulatory
requirements of the Federal Communication Commission (FCC). Figure 4-4
shows an example of the frequency spectrum for three-channel DSSS. Note
that the three channels listed in Figure 4-4 (1, 6, and 11) do not overlap, while
Table 4-2 shows that the other channels do have channel overlap. Remember
that each channel is 22MHz in bandwidth. For example, channel 2 extends from
2.406GHz to 2.429GHz, with a center frequency of 2.417GHz, which clearly
overlaps a portion of channel 1 and channel 3. Channels 1, 6, and 11 are the only
channels that do not have overlap.
TABLE 4-2 North American DSSS Channels

Channel Number Frequency (GHz)
1 2.412
2 2.417
3 2.422
4 2.427
5 2.432
6 2.437
7 2.442
8 2.447
9 2.452
10 2.457
11 2.462
2.412 2.437 2.462 GHZ

CH 1 CH 6 CH 11
FIGURE 4-4 An example of the three channels in the DSSS spectrum.
97801374558290_print.indb 179 10/09/21 11:19 AM

In frequency-hopping spread spectrum (FHSS), the transmit signal frequency
FHSS changes based on a pseudorandom sequence. Pseudorandom means the sequence
Frequency-hopping appears to be random but in fact does repeat, typically after some lengthy period of
spread spectrum, time. FHSS uses 79 channels (each 1MHz wide) in the ISM 2.4GHz band. FHSS
a technique in
requires that the transmitting and receiving units know the hopping sequence
which the transmit
signal frequency
(the order of frequency changes) so that a communication link can be established
changes based on a and synchronized. FHSS data rates are typically 1Mbps and 2Mbps. FHSS is not
pseudorandom sequence commonly used anymore for wireless LANs. It’s still part of the standard, but very
few (if any) FHSS wireless LAN products are sold.
Pseudorandom
The maximum transmit power of 802.11b wireless devices is 1000 mW; however,
A number sequence that
appears random but the nominal transmit power level is 100 mW. The 2.4GHz frequency range used
actually repeats by 802.11b/g is shared by many technologies, including Bluetooth, cordless
telephones, and microwave ovens.
Hopping Sequence
LANs emit significant RF noise in the 2.4GHz range that can affect wireless
The order of frequency
changes data. A significant improvement in wireless performance is available with the
IEEE 802.11a standards. The 802.11a equipment operates in the 5GHz range and
provides significant improvement over 802.11b with respect to RF interference.
An important concept related to noise is signal-to-noise ratio, which is a measure
of the signal level relative to the noise level. The value is usually expressed in
decibels (dB), and a high dB value is desirable.
Another technique used in the 802.11 standard is orthogonal frequency-division
OFDM multiplexing (OFDM). The basic idea with this technique is to divide the signal
Orthogonal frequency- bandwidth into smaller subchannels and to transmit the data over these subchannels
division multiplexing, in parallel. These subchannels can be overlapping, but they do not interfere with
a technique that each other. The subchannels are mathematically orthogonal, and this setup yields
involves dividing the uncorrelated or independent signals.
signal bandwidth into
smaller subchannels and The 802.11a standard transports data over 12 possible channels in the Unlicensed
transmitting the data National Information Infrastructure (U-NII). The FCC set aside U-NII to support
over these subchannels short-range, high-speed wireless data communications. The 802.11 channels and
in parallel frequencies are governed by FCC regulations, which are periodically revised.
A wireless manufacturer must keep its products up to date due to the regulatory
impacts. Table 4-3 lists the operating frequencies for 802.11a, and Table 4-4 lists
U-NII the transmit power levels for 802.11a.
Unlicensed National
Information TABLE 4-3 IEEE 802.11a Channels and Operating Frequencies
Infrastructure
Channel Center Frequency (GHz)
36 5.180
40 5.20 Lower band
44 5.22
48 5.24
52 5.26
56 5.28 Middle band
60 5.30
64 5.32
97801374558290_print.indb 180 10/09/21 11:19 AM

Channel Center Frequency (GHz)
149 5.745
153 5.765 Upper band
157 5.785
161 5.805
TABLE 4-4 Maximum Transmit Power Levels for 802.11a with a 6 dBi
Antenna Gain
Band Power Level
Lower 40 mW
Middle 200 mW
Upper 800 mW
IEEE 802.11a equipment is not compatible with 802.11b or 802.11g. The

upside of this is that 802.11a equipment does not interfere with 802.11b or g;
therefore, 802.11a and 802.11b/g links can run next to each other without causing
interference. 802.11n can operate either in the 2.4GHz range or the 5GHz range.
Cheaper 802.11n wireless cards tend to be manufactured with only 2.4GHz
antennas, so users have to check the frequency specifications as not all 802.11n
equipment has both 2.4GHz and 5GHz frequencies. Figure 4-5 shows an example
of the two links operating together. Along the same lines, frequency mismatch is an
issue if the two ends of the communications link are operating on different channels
or if you are trying to make 802.11a communicate with 802.11b, as the frequencies
are not compatible.
802.11b/g
802.11a
FIGURE 4-5 An example of an 802.11a installation and an 802.11b link running alongside
each other.
The downsides of 802.11a are the increased cost of the equipment and increased
power consumption because of the OFDM technology. This is of particular concern
with mobile users because of the effect it can have on battery life. However, the
maximum usable distance (RF range) for 802.11a is about the same as or even
greater than that of 802.11b/g/n/ac/ax. It is important to note that any RF signal has
distance limitations either due to limited output transmitted power, antenna pattern,
or terrain issues.
97801374558290_print.indb 181 10/09/21 11:19 AM

Another IEEE 802.11 wireless standard is IEEE 802.11g. The 802.11g standard
supports the higher data transmission rates of 54Mbps but operates in the same
2.4GHz range as 802.11b. The 802.11g equipment is also backward compatible
with 802.11b equipment. This means that 802.11b wireless clients can commu-
nicate with the 802.11g access points, and the 802.11g wireless client equipment
can communicate with the 802.11b access points. The obvious advantage of this is
that a company with an existing 802.11b wireless network can migrate to the higher
data rates provided by 802.11g without having to sacrifice network compatibility.
In fact, new wireless equipment supports both the 2.4GHz and 5GHz standards, and
it therefore has the flexibility of high speed, compatibility, and noninterference.
Another entry into wireless networks is 802.11n. This wireless technology operates
in the same ISM frequency as 802.11b/g (2.4GHz) and can also operate in the
5GHz band. A significant improvement with 802.11n is multiple-input multiple-
output (MIMO). MIMO uses a technique called space-division multiplexing,
MIMO in which the data stream is split into multiple parts called spatial streams. The
Multiple-input different spatial streams are transmitted using separate antennas. With MIMO,
multiple-output
doubling the spatial streams doubles the effective data rate. The downside of this is
the possibility of increased power consumption. The 802.11n specification includes
a MIMO power-save mode. With this mode, 802.11n uses multiple data paths only
when faster data transmission is required—thus saving power.
The 802.11ac technology operates in the 5GHz band. It uses a newer version of
MIMO technology with eight spatial streams and has channels up to 80MHz wide.
It also introduces multiuser MIMO (MU-MIMO), which can send MIMO spatial
MU-MIMO streams to multiple clients at the same time. 802.11ac incorporates standardized
Multiuser Multiple-input beamforming, a technique that is used to direct transmission of the radio signal
Multiple-output to a specific device. Beamforming increases data throughput and reduces power
Beamforming consumption. 802.11n used beamforming, but it was not standardized. The transmit
A technique used to
range for 802.11ac is similar to or better than that of 802.11n.
direct transmission of a The latest addition to the 802.11 family is 802.11ax, also known as Wi-Fi 6.
radio signal to a specific Whereas 802.11ac operates in the 5GHz band only, 802.11ax operates in both
device 2.4GHz and 5GHz bands. 802.11ax uses OFDMA (orthogonal frequency-division
multiple access) rather than OFDM. OFDMA allows multiple users or clients to
share the same channel simultaneously. Wireless devices can optionally support
WPA3 (Wi-Fi Protected Access 3), but 802.11ax increases security requirements by
mandating the use of WPA3 as its encryption and authentication standard. WPA3 is
discussed in more detail in Chapter 11, “Network Security.”
Table 4-5 provides a comparison of 802.11n, 802.11ac, and 802.11ax in terms of
their compatibility with other Wi-Fi technologies and the frequencies supported.
TABLE 4-5 A Comparison of 802.11ac, 802.11n, and 802.11ax

802.11n 802.11ac 802.11ax
Backward-compatible 802.11g, 802.11b, 802.11n 802.11a, 802.11b, 802.11g,
with and 802.11a 802.11n, and 802.11ac
Frequencies supported 2.4GHz and 5GHz 5GHz 2.4GHz and 5GHz
97801374558290_print.indb 182 10/09/21 11:19 AM

Wireless networks also go by the name Wi-Fi, which is not an acronym, but a term
created and is a trademark of Wi-Fi Alliance to represent the standards for wireless
communication. Wi-Fi is sometimes referred to as wireless fidelity. The Wi-Fi Wi-Fi
Alliance is an organization whose function is to test and certify wireless equipment A term created and is a
for compliance with the 802.11x standards, the group of wireless standards trademark of the Wi-Fi
Alliance to represent the
developed under the IEEE 802.11 standard. The following list provides a summary
standards for wireless
of the most common wireless standards: communication.
●● 802.11b (Wi-Fi 1): This standard can provide data transfer rates up to
11Mbps with ranges of 100–150 feet. It operates at 2.4GHz and uses DSSS.
●● 802.11a (Wi-Fi 2): This standard can provide data transfer rates up to
54Mbps and an operating range up to 75 feet. It operates at 5GHz and uses
OFDM.
●● 802.11g (Wi-Fi 3): This standard can provide data transfer rates up to
54Mbps and an operating range up to 150 feet. It operates at 2.4GHz and uses
DSSS or OFDM.
●● 802.11n (Wi-Fi 4): This high-speed wireless connectivity promises data
transfer rates over 200Mbps. It operates at 2.4GHz and 5GHz and uses DSSS
or OFDM.
●● 802.11i: This standard for WLANs provides improved data encryption for
networks that use the 802.11a, 802.11b, and 802.11g standards.
●● 802.11r: This standard is designed to speed hand-offs between access points
or cells in a WLAN. This standard is a critical addition to 802.11 WLANs if
voice traffic is to become widely deployed.
●● 802.11ac (Wi-Fi 5): This is currently the most deployed wireless standard.
It provides single-station data transfer rates of 500Mbps up to 1.3Gbps and
operates in the 5GHz frequency band.
●● 802.11ax (Wi-Fi 6): This is the latest wireless standard, and manufacturers
are starting to ship more equipment with this wireless technology. Theoreti-
cally, it could deliver close to 10Gbps data rates.
Another wireless technology is Z-Wave. This wireless communications protocol

was developed for home automation. Typical applications include sensors for
home lighting, security systems, and HVAC systems. The operating frequencies for
Z-Wave in the United States are 908.4MHz and 916MHz.
Another entry into the ultra-low-power wireless protocol space is ANT+,
which is used for wireless sensor networks (WSNs). This technology operates
at 2.4GHz.
M04_Beasley_C04_p172-227_new.indd 183 11/09/21 3:02 PM

Section 4-2 Review
This section covers the following Network+ exam objectives.

1.2 Explain the characteristics of network topologies and network types.
This section introduces the new wireless technologies Z-Wave and ANT+.
1.6 Explain the use and purpose of network services.
This section provides an example of a network in which the wireless clients
(stations) communicate directly with each other.
2.1 Compare and contrast various devices, their features, and their
An access point is a transmit/receive unit (transceiver) that interconnects
data from the wireless LAN to the wired network. In addition, an access point
provides 802.11 MAC layer functions and supports bridge protocols.
2.4 Given a scenario, install and configure the appropriate wireless
This section introduces the terms basic service set, extended service set, and ad
hoc set and the concept of roaming.
3.1 Given a scenario, use the appropriate statistics and sensors to ensure
network availability.
This section examines the 802.11a/b/g/n/i/r/ac/ax standards as well as issues
such as transmit distance, data speed, and frequencies. This section also
introduces the concept of MIMO, which is used to increase the effective transmit
data rate.
3.3 Explain high availability and disaster recovery concepts and
To provide reliable network services, an administrator must have a good
understanding of WLAN configurations and technologies.
4.3 Given a scenario, apply network hardening techniques.
Table 4-3 lists the operating frequencies for 802.11a, and Table 4-4 lists the
transmit power levels for 802.11a.
4.4 Compare and contrast remote access methods and security
implications.
This section introduces wireless management protocols and indicates that the
services are authentication, association, data delivery, and privacy.
5.2 Given a scenario, troubleshoot common cable connectivity issues and
select the appropriate tools.
Technical issues related to throughput, speed, and distance are examined in this
section.
97801374558290_print.indb 184 10/09/21 11:19 AM

Test Your Knowledge
1. True or false: 802.11ac networking equipment is compatible with
802.11b.
True
2. True or false: 802.11g networking equipment is compatible with 802.11b.
True
3. True or false: 802.11a and 802.11b wireless networks can run
side-by-side.
True
4. True or false: 802.11ac networking equipment is compatible with
802.11n.
True
4-3 802.11 WIRELESS NETWORKING

This section introduces techniques for assembling a wireless network and helps
students understand the purpose of the access point and the SSID (service set iden-
tifier). The techniques for implementing point-to-point and point-to-multipoint
wireless networks are presented, and so is the very important concept of a site
survey. Make sure students understand the importance of performing a good site
survey to ensure user mobility and connectivity.
A wireless LAN can be configured in many ways to meet the needs of an orga-
nization. Figure 4-6 provides an example of a basic 802.11b/g/n/ac/ax WLAN
configuration. In this configuration, each PC is outfitted with a wireless LAN
adapter card. Today, most computer desktops and especially computer laptops
are equipped with wireless adapters. For devices that lack these cards, an external
USB wireless adapter can be used. A wireless adapter (or wireless LAN adapter)
is a device that connects a client to the wireless medium, which is typically a radio
wave channel in the 2.4GHz or 5GHz ISM band. The wireless medium can also be
infrared, although that is not used very often. The following services are provided
by a wireless LAN adapter:
●● Delivery of the data

●● Authentication
●● Privacy
4-3: 802.11 Wireless Networking 185
97801374558290_print.indb 185 10/09/21 11:19 AM

PC-D PC-E
Wired
LAN
RJ-45 CAT6/5e
Switch Ethernet Connection
or Hub
Access Point
Wireless LAN-X
PC-A PC-B PC-C
FIGURE 4-6 The setup for a basic WLAN.
One of the biggest misconceptions about wireless is that it does not require a wired
connection. This is not quite correct. The connection to a wired LAN is provided by
a wireless access point (WAP), which provides a bridge between the wireless LAN
and the wired network. A physical cable connection (typically CAT6 or higher) ties
the access point to the wired network’s switch or hub (typically Ethernet).
For example, computer PC-A in Figure 4-6 sends a data packet to PC-D, a desti-
nation in the wired LAN. PC-A first sends a data packet over the wireless link. The
access point recognizes the sender of the data packet as a host in wireless LAN-X
and allows the wireless data to enter the access point. At this time, the data is sent
out the physical Ethernet connection to the wired LAN. The data packet is then
delivered to PC-D in the wired LAN.
How does the access point know that the wireless data packet is being sent from
a client in the wireless LAN? The 802.11 wireless LAN devices use an SSID to
SSID
identify what wireless data traffic is allowed to connect to the network. The SSID
Service set identifier, a is the wireless service set identifier, which enables the client to join the wireless
password that enables
network.
the client to join the
wireless network The access point uses the SSID to determine whether the client is to become
a member of the wireless network. The term association is used to describe a
wireless connection that is made. The wrong SSID prevents an association, keeping
the client from being able to become a member of the wireless network.
People are commonly surprised by the fact that an access point has two antennas.
The two antennas implement spatial diversity, improving received signal gain and
performance.
97801374558290_print.indb 186 10/09/21 11:19 AM

Figure 4-7 provides an example of the information displayed on the wireless
adapter’s console port when an association is made. The text indicates that a
connection has been made to a parent (access point) whose MAC address is 00-40-
96-25-9d-14. The text indicates that this MAC address has been added to the list
of associations. This type of information is typically available via the wireless
management software that comes with the wireless PC or PCMCIA adapter.
FIGURE 4-7 An example of the information displayed when an association is formed between
a client and an access point.
An access point uses an association to build a table of users (clients) on the wireless
network; this association table lists the MAC addresses for each networking device
connected to the wireless network. Figure 4-8 provides an example of an asso-
ciation table. The access point uses the association table to forward data packets
between the access point and the wireless network. As shown in Figure 4-8, the
wireless client adapter also notifies the user if the client has lost an association with
the access point.
A wireless bridge is a popular choice for connecting LANs that are running
similar network protocols, even if the LANs are miles apart. Figure 4-9 provides
examples. Figure 4-9(a) shows a point-to-point wireless bridge. Each building
shown in Figure 4-9(a) has a connection from the wireless bridge to the building’s
LAN, as shown in Figure 4-10. The wireless bridge then connects to an antenna
placed on the roof. A clear (line-of-sight) transmission path must exist between the
two buildings; otherwise, signal attenuation (loss) or signal disruption can result.
Antenna selection is also critical when configuring the connection. (This issue is
addressed in Section 4-5.) The antenna must be selected so that the signal strength
at the receiving site is sufficient to meet the required received signal level.
FIGURE 4-8 An example of a lost association.
97801374558290_print.indb 187 10/09/21 11:19 AM

Bld #1 Bld #2
(a)
Bld-B
Bld-A
Bld-C
(b)
FIGURE 4-9 Examples of (a) point-to-point and (b) point-to-multipoint wireless bridge
configurations.
LAN Network–Bld #1
PC PC PC
Bridge
Rooftop
Antenna
Bridge
PC PC PC
LAN Network–Bld #2
FIGURE 4-10 The wireless bridge connection to the wired network inside the building.
97801374558290_print.indb 188 10/09/21 11:19 AM

Figure 4-9(b) shows how a wireless bridge can be used to connect multiple remote
sites to the main transmitting facility. Each building uses a bridge setup similar to
that shown in Figure 4-10. The bridge connects to its respective LAN. In this case,
Bld-A uses an antenna that has a wide coverage area (radiation pattern). The key
objective with antenna selection is that the antenna must provide coverage for all
receiving sites (in this case, Bld-B and Bld-C).
Wireless controllers are commonly used in enterprise wireless environments when
managing hundreds of APs or more. In a traditional stand-alone wireless envi-
ronment, each AP is managed individually. In an enterprise wireless controller
environment, an AP communicates with its controller when booting up to download
its necessary firmware and software, to register and authenticate itself, to receive
its network information settings, and to receive its wireless LAN (WLAN) configu-
ration. The wireless controller becomes the brain and manager of the whole oper-
ation. When wireless changes need to be made, they can be made at the controller,
which pushes the changes out to all of the APs. CAPWAP (Configuration and
Provisioning of Wireless Access Points) is the underlying wireless control protocol
that APs use to communicate with wireless controllers. It supersedes LWAPP
(Lightweight Access Point Protocol), which is a Cisco-proprietary protocol.
Wireless capacity is an issue today with the ever-increasing number of wireless
users. Device density is the number of connecting wireless clients, and it has to
be considered. Every wireless access point has a maximum device density that it
can handle at one time. From a system design perspective, you have to plan for
potential overcapacity with high-density Wi-Fi hotspots that can accommodate
video streaming, image downloads, and multiple clients. Make sure you select
access points than can handle the bandwidth demand; you don’t want your clients
to have to sacrifice bandwidth, especially when a cell phone can be set up as a
hotspot that a wireless device can use to connect to the Internet via the data plan.
With wireless LANs, there is a maximum distance the signal can be transmitted.
The distance limitation is a critical issue inside buildings when user mobility is
required. Many obstacles can reflect and attenuate signals, causing reception to
suffer. Also, the signal level for mobile users is hampered by increased distance
from the access point. Distance is also a critical issue in outdoor point-to-multipoint
wireless networks.
A solution is to place multiple wireless access points within the facility, as shown in
Figure 4-11. Mobile clients can maintain a connection as they travel through the work-
place because the wireless client automatically selects the access point that provides the
strongest signal level. The access points can be arranged so that overlapping coverage
of the workplace is provided, thus enabling seamless roaming for the client. The signal
coverage is shown as circles in Figure 4-11. In actual practice, the radiation patterns are
highly irregular due to reflections of the transmitted signal.
To have good wireless coverage in a large environment, it is not unusual to see
the number of wireless access points in the range of hundreds or thousands. When
dealing with so many wireless access points, it is very difficult and inefficient to
program and manage each WAP individually and manually. Typically, a wireless
LAN controller (WLC) is used as a central point or controller to deploy and manage
all WAPs on a wireless network. When connecting to the network, each WAP
connects to its WLC to get its configuration, radio channel, transmission power, and
other settings. The WAPs communicate with the WLC and send their operational
97801374558290_print.indb 189 10/09/21 11:19 AM

wireless information to the WLC. The WLC can then use the collective information
from all its WAPs to automatically adjust settings such as user load, radio channels,
and radio power to improve the performance of the wireless network.
It is important to verify that sufficient RF signal level is available for the users in a
WLAN. This is best accomplished by performing a site survey. Inside a building,
Site Survey
a site survey is performed to determine the best location(s) for placing the access
A process used to
point(s) for providing maximum RF coverage for wireless clients. Site surveys are
determine the best
location(s) for placing also conducted for outside installations to determine the coverage area.
the access point(s) to
provide maximum RF User
coverage for wireless Travel
clients
Access point
Access point
Building LAN Network
Access point Access point
Access point
FIGURE 4-11 An example of configuring multiple access points to extend the range for
wireless connectivity.
A site survey for indoor and outdoor installations should obtain the following key
information:
●● Indoor:
●● Electrical power
●● Wired network connection point(s)
97801374558290_print.indb 190 10/09/21 11:19 AM

●● Access point placement
●● RF coverage—user mobility
●● Bandwidth supported
●● Identify any significant RF interference
●● Outdoor:
●● Electrical power (base access point)
●● Connection back to the home network
●● Antenna selection
●● RF coverage
●● Any significant RF interference
Say that a site survey is conducted to determine access point placement to provide
wireless network connectivity for the building whose floor plan is shown in
Figure 4-12. The objective is to provide mobile client access throughout the
building. The building already has two wired connections available for placing an
access point.
= Ethernet CAT5e
FIGURE 4-12 The floor plan for a building being surveyed for a wireless LAN.
97801374558290_print.indb 191 10/09/21 11:19 AM

The available wired network connections are indicated in the drawing in
Figure 4-12. The site survey begins with placing an access point at position 1.
A wireless mobile client is used to check the signal throughout the building. This
checking used to be performed by a laptop with a purpose-built WLAN adapter as
a Wi-Fi analyzer, but today, many more options are available. Handheld devices,
such as tablets and smartphones, can be conveniently used for wireless site surveys.
Their form factor and mobility are perfect for this purpose. Most of these devices
are already equipped with built-in wireless chips. All they need is one of the many
available wireless apps. This example shows test results gathered from an Android
tablet with a free Wi-Fi analyzer app installed.
Figure 4-13 shows a snapshot of the wireless environment in the area. The graph
shows the signal strength for each wireless SSID found. The signal strength is
the wireless signal power level, and it is represented in –dBm format, from 0 to
–100. This is the power ratio, in dB, of the measured power referenced to 1 mW.
The closer the value is to 0, the stronger the signal, and the stronger the signal, the
more reliable the wireless connection. Wireless is everywhere today, so when you
conduct a site survey, you should not be too surprised to see more SSIDs than just
yours. For this example, the site survey is intended for the wireless SSID ET377.
As the graph shows, ET377 has the strongest signal of all the SSIDs. However, the
signal strength may not represent the goodput. Goodput refers to the actual wireless
data throughput, as measured by an application on the end device. It represents the
actual transmission rate of a wireless connection, which is not the maximum theo-
retical transmission rate.
FIGURE 4-13 A snapshot of the RF signal environment.
97801374558290_print.indb 192 10/09/21 11:19 AM

The first measurement, shown in Figure 4-14, is taken at point A. Notice that the
signal strength is at –43 dBm, which is an excellent connection. This will change if
the signal level decreases significantly.
The next observation is made at point B, and the signal strength is measured at
–52 dBm (see Figure 4-15). The signal has decreased somewhat, but it is still
acceptable, which indicates that a connection is still good. The signal level drops to
–67 dBm at point C, as shown in Figure 4-16. This connection is fair.
A floor plan showing the locations of wireless access points and wireless signal
strength and coverage is a wireless or Wi-Fi heat map. Typically, a wireless/Wi-Fi
heat map shows a real map of a room, floor, or even a city overlaid by a graphical
representation of a wireless signal.
FIGURE 4-14 The RF signal strength observed at point A.
The mobile client is moved to point D in the building, and signal quality “Out of
range” is observed (see Figure 4-17). This is also called a loss of association with
the access point.
The site survey indicates that one access point placed at point 1 in the building is
not sufficient to cover the building’s floor plan. The survey shows that the addi-
tional cost of another access point is easily justified for providing full building
wireless LAN coverage. The building has two wired network connections available
for placing an access point (points 1 and 2). It is decided to place another access
point at point 2. The site survey is repeated, and it shows excellent signal strength
obtained throughout the building.
97801374558290_print.indb 193 10/09/21 11:19 AM

FIGURE 4-15 The RF signal strength at point B.
FIGURE 4-16 The drop in the signal quality to fair at point C.
97801374558290_print.indb 194 10/09/21 11:19 AM

In some cases, a range extender can be used to provide additional wireless
coverage. This device basically extends the reach of the wireless network.
FIGURE 4-17 The “Out of range” measurement for point D.
Section 4-3 Review

1.6 Explain the use and purpose of network services.
This section introduces the services provided by a wireless LAN adapter:
delivery of the data, authentication, and privacy.
A physical cable connection (typically CAT6 or greater) ties an access point to
a wired network’s switch or hub (typically Ethernet).
This section introduces the SSID. An 802.11 wireless LAN device uses an SSID
to identify what wireless data traffic is allowed to connect to the network. The
SSID is the wireless service set identifier, basically a password that enables the
client to join the wireless network.
97801374558290_print.indb 195 10/09/21 11:20 AM

This section talks about preparing a site to support access point placement and
the changes in signal strength that result from environmental factors.
3.2 Explain the purpose of organizational documents and policies.
The available wired network connections are indicated in a floor plan for a
building being surveyed for a wireless LAN.
A site survey for indoor and outdoor installations should obtain the following
key information:
●● Electrical power
●● Wired network connection point(s)
●● Access point placement
●● RF coverage—user mobility
●● Identify any significant RF interference
5.4 Given a scenario, troubleshoot common wireless connectivity issues.

The wrong SSID prevents an association, keeping a client from being able to
become a member of the wireless network.
Test Your Knowledge

1. What happens when an association is made?
a. A wireless connection is obtained.
b. The MAC address of the client is obtained.
c. Unauthorized network access is prevented.
d. Excessive routing is prevented.
2. True or false: Site surveys help determine the following:
●● The best location for placing access points
●● Power connection
●● RF coverage
●● Antenna selection
●● IP address selection
True
97801374558290_print.indb 196 10/09/21 11:20 AM

4-4 BLUETOOTH, WIMAX, RFID, AND MOBILE
COMMUNICATIONS
This section looks at four wireless technologies: Bluetooth, WiMAX, RFID, and
mobile communications. These technologies all play important roles in wireless
networks, and this section looks at each of them. This section also looks at configu-
rations and examples of the hardware being used. A fun exercise is to have students
connect their laptops to each other using Bluetooth, as described in the example
presented in this section.
This section looks at four wireless technologies: Bluetooth, WiMAX, RFID, and
mobile communications. Each of these technologies plays an important role in
wireless networks. The sections that follow examine each of these wireless technol-
ogies, including a look at configuration and examples of the hardware being used.
Bluetooth
The wireless technology Bluetooth is based on the 802.15 standard. Bluetooth was
developed to replace the cable connecting computers, mobile phones, handheld
devices, portable computers, and fixed electronic devices. The information
normally carried by a cable is transmitted over the 2.4GHz ISM frequency band,
which is the same frequency band used by 802.11b/g/n/ax. There are four output
power classes for Bluetooth. Table 4-6 lists the maximum output power and the
operating distance for each class.
Bluetooth Low Energy (BLE) technology has been developed to provide operation
on a small battery for up to five years. This technology is ideal for applications that
require the exchange of small amounts of data periodically. BLE operates in the
2.4GHz ISM band and remains in sleep mode except when a connection is initiated.
BLE devices have significantly lower power requirements than do traditional
Wi-Fi devices. For example, whereas a Wi-Fi device consumes about 500 μW for
10 messages, a BLE device consumes only 50 μW.
TABLE 4-6 Bluetooth Output Power Classes

Power Class Average Output Power Operating Distance
1 100 mW ~100 meters
2 2.5 mW ~10 meters Inquiry Procedure
3 1 mW ~1 meter A process used to
4 0.5 mW ~0.5 meter determine whether
other Bluetooth devices
are available
When a Bluetooth device is enabled, it uses an inquiry procedure to determine
whether any other Bluetooth devices are available. The device also uses this
Paging Procedure
procedure to allow itself to be discovered.
A process used
If a Bluetooth device is discovered, it sends an inquiry reply back to the Blue- to establish and
tooth device initiating the inquiry. Next, the Bluetooth devices enter the paging synchronize a
procedure, which is used to establish and synchronize a connection between connection between two
Bluetooth devices
4-4: Bluetooth, WiMAX, RFID, and Mobile Communications 197
97801374558290_print.indb 197 10/09/21 11:20 AM

two Bluetooth devices. When the procedure for establishing the connection has
been completed, the Bluetooth devices will have established a piconet, an ad hoc
Piconet network of up to eight Bluetooth devices, such as a computer, mouse, headset,
An ad hoc network of earpiece, and so on. In a piconet, one Bluetooth device (the primary) is responsible
up to eight Bluetooth for providing the synchronization clock reference. All other Bluetooth devices are
devices
called secondaries.
Let’s look at an example of setting up a Bluetooth network linking a macOS
computer to another Bluetooth-enabled device. To enable Bluetooth on macOS,
click Apple icon > System Preferences > Bluetooth and then click Turn
Bluetooth On (see Figure 4-18). The Mac automatically discovers other Bluetooth
devices nearby.
Next, you need to select the device with which you will be establishing a Bluetooth
Pairing
connection. When Bluetooth is turned on, the Mac searches for another Bluetooth
Setting up a Bluetooth
device. When a Bluetooth device is found, it appears in the Devices window. To
device to connect to
connect the desired Bluetooth device, select the Pair button next to the device. (The
another Bluetooth
device process of setting up a Bluetooth device to connect to another Bluetooth device is
called pairing.) You are asked for a passkey or passphrase. The passkey is used
Passkey in Bluetooth security to limit outsider access to the pairing. Only people with the
A passphrase used in passkey can pair with the Bluetooth device. Anyone who tries to pair units with the
Bluetooth security to wrong passphrase will not be able to pair.
limit outsider access to
pairing At this point, you can transfer files between the paired devices if the Bluetooth
Sharing settings for the device have been set to allow files to come in. Find these
settings by clicking Apple icon > System Preferences > Sharing and selecting
Bluetooth Sharing. Figure 4-19 shows an example of the setup for the file transfer.
FIGURE 4-18 The window for configuring Bluetooth settings on a Mac.
97801374558290_print.indb 198 10/09/21 11:20 AM

FIGURE 4-19 The Mac window showing the settings for a file transfer.
Figure 4-20 shows an incoming text file. The File Transfer menu enables you to
select where received files are saved. In this case, the incoming files are being saved
to the desktop.
FIGURE 4-20 The Mac window showing that a text file is coming in from another Bluetooth
device.
The details for setting up Bluetooth on Windows 10 differ slightly from those for
macOS, but the basic steps are the same:
WiMAX
1. Enable the Bluetooth radio. Worldwide
Interoperability for
2. Enable discoverability (to allow other Bluetooth devices to find the device). Microwave Access, a
3. Select the device for pairing. broadband wireless
system based on the
IEEE 802.16e standard
BWA
WiMAX
Broadband wireless
WiMAX (Worldwide Interoperability for Microwave Access) is a broadband wireless access
system that has been developed for broadband wireless access (BWA) for fixed
97801374558290_print.indb 199 10/09/21 11:20 AM

and mobile stations and can provide a wireless alternative for last-mile broadband
access in the 2GHz–66GHz frequency range. BWA access for fixed stations can
be up to 30 miles, whereas mobile BWA access is 3–10 miles. Internationally, the
WiMAX frequency standard is 3.5GHz, while the United States uses both the unli-
censed 5.8GHz and the licensed 2.5GHz spectra. In addition, WiMAX has been
investigationally adapted for use in the 700MHz frequency range. Information
transmitted at this frequency is less susceptible to signal blockage due to trees. The
disadvantage of the lower frequency range is the reduction in bandwidth.
WiMAX uses OFDM as its signaling format. This signaling format was selected
for the WiMAX IEEE 802.16a standard because of its improved NLOS (non-line-
NLOS of-sight) characteristics in the 2GHz–11GHz frequency range. An OFDM system
Non-line-of-sight uses multiple frequencies for transporting the data, which helps minimize multipath
interference problems. Some frequencies may experience interference problems,
but the system can select the best frequencies for transporting the data.
WiMAX also provides flexible channel sizes (for example, 3.5MHz, 5MHz, and
10MHz), which provides adaptability to standards for WiMAX worldwide. This
also helps ensure that the maximum data transfer rate is supported. For example,
the allocated channel bandwidth could be 6MHz, and the adaptability of the
WiMAX channel size enables it to adjust to use the entire allocated bandwidth.
In addition, the WiMAX (IEEE 802.16e) media access control (MAC) layer differs
from the IEEE 802.11 Wi-Fi MAC layer in that the WiMAX system has to compete
only once to gain entry into the network. When a WiMAX unit has gained access,
the base station allocates a time slot to it, thereby providing the WiMAX system
scheduled access to the network. The WiMAX system uses time-division multi-
plexing (TDM) data streams on the downlink and time-division multiple access
(TDMA) on the uplink and centralized channel management to ensure that time-
sensitive data is delivered on time. In addition, WiMAX operates in a collision-free
environment, which improves channel throughput.
Last Mile WiMAX has a range of up to 30 miles, and it operates in both point-to-point and
The last part of the point-to-multipoint configurations. This can be useful in situations where DSL or
connection from a cable network connectivity is not available. WiMAX is also useful for providing the
telecommunications last-mile connection. The last mile is basically the last part of the connection from
provider to a customer a telecommunications provider to a customer. The cost of the last mile connection
can be high, which makes a wireless alternative attractive to customers.
The 802.16e WiMAX standard holds a lot of promise for use as a mobile air
Radio Frequency interface.
Identification (RFID)
A technique that uses
radio waves to track and Radio Frequency Identification
identify people, animals,
Radio frequency identification (RFID) uses radio waves to track and identify
objects, and shipments
people, animals, objects, and shipments. It is based on the principle of modulated
Backscatter backscatter—the reflection of the radio waves striking an RFID tag back to the
The reflection of radio transmitter source, with its stored unique identification information.
waves striking an RFID
Figure 4-21 illustrates a basic RFID system, which consists of two elements:
tag and reflecting back
to the transmitter
source ●● RFID tag: An RFID tag (also called an RF transponder) includes an inte-
grated antenna and radio electronics.
97801374558290_print.indb 200 10/09/21 11:20 AM

●● Reader: A reader (also called a transceiver) consists of a transceiver and an
antenna. A transceiver is a combination of a transmitter and receiver.
Reader
Tag
(Transceiver)
(Transponder)
FIGURE 4-21 Basic block diagram of an RFID system.
The reader transmits radio waves, which activates (turns on) an RFID tag. The tag
then transmits modulated data, containing its unique identification information
stored in the tag, back to the reader. The reader then extracts the data stored on the
RFID tag.
The RFID idea dates back to 1948, when the concept of using reflected power as a
means of communication was first proposed. The 1970s saw further development
in RFID technology—in particular, a UHF scheme that incorporates rectification
of the RF signal for providing power to the tag. Development of RFID technology
significantly increased in the 1990s. Applications included toll collection that
allowed vehicles to pass through tollbooths at highway speeds while still being able
to record data from the tag.
Today, RFID technology is being used to track inventory shipments for major
commercial retailers, by the transportation industry, and by the Department of
Defense. In addition, RFID applications are being used in Homeland Security for
tracking container shipments at border crossings. In addition, RFID is being incor-
porated into WLAN computer networks to keep better track of inventory. RFID
technology is being used as a wireless means of asset tracking and is therefore
becoming more important in networks. The tracking technology is even being
extended to tracking Wi-Fi devices within the WLAN infrastructure.
Three parameters define an RFID system:
●● Means of powering the tag

●● Frequency of operation
●● Communications protocol (also called the air interface protocol)
Powering the Tag RFID tags are classified in three ways, based on how they
obtain their operating power:
●● Passive: Power is provided to a passive tag by rectifying the RF energy,

transmitted from the reader, that strikes the RF tag antenna. The rectified
power level is sufficient to power the ICs on the tags and also provides
97801374558290_print.indb 201 10/09/21 11:20 AM

sufficient power for the tag to transmit a signal back to the reader. Figure 4-22
shows an example of a passive RFID tag (also called an inlay). A tag inlay
includes both an RFID chip and an antenna mounted on a substrate.
●● Semi-active: With semi-active tags, a battery powers the electronics on a tag,
but the tag uses backscatter to transmit information back to the reader.
●● Active: With active tags, a battery powers the tag and transmits a signal
back to the reader. Basically, this is a radio transmitter. New active RFID
tags are incorporating wireless Ethernet (that is, 802.11 Wi-Fi connectivity).
An example is the G2C501 active RFID tag from G2 Microsystems, shown
in Figure 4-23. The power consumption of the G2C501 is 10 μA in sleep
mode, and the device uses two AA batteries with an expected lifetime of five
years. The G2C501 also works in the standard 915MHz range. In addition,
the G2C501 has location capability. This is accomplished by making receive
signal strength indicator (RSSI) measurements from three separate access
points. The three measurements provide sufficient information to make a
triangulation measurement for use in locating the object.
Antenna
Integrated Circuit
Substrate
FIGURE 4-22 An example of an RFID inlay.
FIGURE 4-23 The G2C501 active RFID tag from G2 Microsystems (Albert Lozano/
Shutterstock).
M04_Beasley_C04_p172-227.indd 202 23/09/21 9:08 PM

Frequency of Operation RFID tags must be tuned to the reader’s transmit
frequency in order to turn on. RFID systems typically use three frequency bands for
operation (see Figure 4-24):
●● Low frequency (LF): LF tags typically use frequency-shift keying (FSK)
between the 125KHz and 134KHz frequencies. These tags can handle only
low data rates (~12Kbps), and they are not appropriate for any applications
requiring fast data transfers. However, LF tags are suitable for animal
identification, such as with dairy cattle and other livestock. The RFID tag
information is typically obtained when the livestock are being fed. The read
range for low-frequency tags is approximately 0.33 meter.
●● High frequency (HF): HF tags operate in the 13.56MHz industrial band.
High-frequency tags have been available commercially since 1995. The
longer wavelengths of the HF radio signal are less susceptible to absorp-
tion by water or other liquids. Therefore, these tags are suitable for tagging
liquids. The read range for HF tags is approximately 1 meter. The short read
range provides for better-defined read ranges. The applications for tags in this
frequency range include access control, smart cards, and shelf inventory. The
data rate for HF tags is 26Kbps.
●● Ultra-high frequency (UHF): UHF tags work at 860–960MHz and at
2.4GHz. The data rates for these tags can be 50–150Kbps and greater. These
tags are popular for tracking inventory. The read range for passive UHF
tags is 3–6 meters, which makes them a good choice for reading pallet tags.
However, if an active tag is used, a read range up to 100 meters is possible.
LF HF UHF
125/134 kHz 13.56 MHz 860—960 MHz
2.4 GHz
FIGURE 4-24 The frequency bands used by RFID tags.
Communications (Air Interface) Protocol The air interface protocol adopted

for RFID tags is Slotted Aloha, a network communications protocol similar to
the Ethernet protocol. With Slotted Aloha, the tags are only allowed to transmit at Slotted Aloha
predetermined times after being energized. This technique reduces the likelihood of A wireless network
data collisions between RFID tag transmissions and allows for the reading of up to communications
1000 tags per second (for high-frequency tags). The operating range for RFID tags protocol similar to the
Ethernet protocol
can be up to 30 meters. This means that multiple tags can be energized at the same
time, and RF data collisions can possibly occur. If a collision occurs, the tag will
transmit again after a random back-off time. The readers transmit continuously until
there is no tag collision.
97801374558290_print.indb 203 10/09/21 11:20 AM

Mobile (Cellular) Communications
Today, many types of mobile devices, also called cellular devices, can be used to
access computer networks. Examples include smartphones, laptops, tablets, and
gaming devices. All of these devices are extremely powerful and use wireless
technology to connect to the network. This chapter has provided an overview of
many of the wireless technologies being used today, including the 802.11 family of
Wi-Fi technologies, Bluetooth, WiMAX, and RFID. This section provides a brief
summary of some of the other wireless technologies currently available.
CDMA CDMA (code-division multiple access) is a communications technology
in which spread-spectrum techniques are used to multiplex more than one signal
within a single channel. In this case, each device uses a different binary sequence
to modulate the carrier, spreading the spectrum of the waveform (spread spectrum).
The signals are separated at the receiver by a correlator that accepts only the signal
from the selected binary sequence.
LTE/4G LTE (Long Term Evolution) is a 4G wireless communications standard.
It is designed to provide speeds up to 10 times those of 3G networks.
HSPA+ HSPA+ (Evolved High-Speed Packet Access) provides network speeds
comparable to those of LTE networks. Theoretical speeds are 168Mbps for
download and 22Mbps uplink.
3G/4G/5G 3G (Third Generation) was developed to provide broadband network
wireless services. The standard defining 3G wireless is International Mobile
Communications, or IMT 2000. 4G (Fourth Generation), which is the successor
to 3G technology, provides download speeds of 100Mbps. 5G (Fifth Generation)
is the latest wireless network technology provided by the cellular network, with
speeds ranging from 40Mbps to 1.5Gbps.
EDGE EDGE (Enhanced Data GSM Evolution) provides download speeds of
384Kbps.
NFC A concept related to mobile communications and smartphones is NFC,
which stands for Near Field Communication. NFC is a set of communication
protocols that are used to enable two electronic devices to communicate. A typical
NFC device is a smartphone. By using NFC, smartphones can establish communi-
cation if they are within 4 cm of each other. Applications of NFC include reading
electronic tags and making payments.
Geofencing With many type of wireless devices using different type of wireless
technologies, it has become more and more difficult for network administrators to
keep track of the devices entering and leaving the premises. Geofencing is used to
create a virtual electronic boundary for mobile and wireless devices to detect their
whereabouts as well as control certain functionalities, such as camera or micro-
phone, of the devices through the use of mobile device management (MDM). For
example, geofencing may be used in a highly classified area or a restricted area in a
corporate building.
97801374558290_print.indb 204 10/09/21 11:20 AM

Section 4-4 Review

1.3 Summarize the types of cables and connectors and explain which is
the appropriate type for a solution.
This section introduces the RFID reader, which consists of a transceiver and an
antenna. A transceiver is a combination of a transmitter and receiver.
1.7 Explain basic corporate and datacenter network architecture.
This section introduces Bluetooth, RFID, WiMAX, and mobile can support
links up to 30 miles and is a possible alternative for providing last-mile
connections.
This section introduces geofencing, which is used to create a virtual electronic
boundary for mobile and wireless devices to detect their whereabouts as well
as control certain functionalities, such as camera or microphone, of the devices
through the use of mobile device management (MDM).
2.3 Given a scenario, configure and deploy common Ethernet switching
features.
This section introduces 5G (Fifth Generation), which is the latest wireless
network technology provided by the cellular network, with speeds ranging from
40Mbps to 1.5Gbps.
This section introduces Bluetooth, RFID, WiMAX, and mobile technologies.
This section examines the download speeds for many different technologies.
This section introduces the concept of geofencing.
This section mentions that WiMAX operates in a collision-free environment,
which improves channel throughput.
5.5 Given a scenario, troubleshoot general networking issues.
The air interface protocol adopted for RFID tags is Slotted Aloha, a network
communications protocol similar to the Ethernet protocol. With Slotted Aloha,
tags are only allowed to transmit at predetermined times after being energized.
This technique reduces the likelihood of data collisions between RFID tag
transmissions and allows for the reading of up to 1000 tags per second (for
high-frequency tags).
97801374558290_print.indb 205 10/09/21 11:20 AM

Test Your Knowledge
1. WiMAX operates at which frequencies in the United States?
a. Both the unlicensed 5.2GHz and the licensed 2.4GHz spectra
b. Both the unlicensed 5.3GHz and the licensed 2.6GHz spectra
c. Both the unlicensed 13.2GHz and the licensed 5.6GHz spectra
d. Both the unlicensed 5.8GHz and the licensed 2.5GHz spectra
2. What is the maximum range of WiMAX?
a. 30 kilometers
b. 30 miles
c. 30 meters
d. None of these answers are correct.
3. At what frequency does Bluetooth operate?
a. 5GHz
b. 100MHz
c. 2.4GHz
4-5 CONFIGURING A POINT-TO-MULTIPOINT

WIRELESS LAN: A CASE STUDY
This section presents an example of preparing a proposal for providing a point-
to-multipoint wireless network for a company. It walks through the multiple
steps involved in implementing a point-to-multipoint wireless network, including
performing an antenna site survey, establishing a link to the home network,
configuring the multipoint distribution, and configuring the remote site.
This section presents an example of preparing a proposal for providing a point-to-
multipoint wireless network for a company. The administrators for the company
have decided that it would be beneficial to provide a wireless network connection
for their employees back to the company’s network (the home network). This
example walks through the following steps:
1. Conducting an initial antenna site survey

2. Establishing a link from the home network to the distribution point
3. Configuring the multipoint distribution
4. Conducting an RF site survey for establishing a baseline signal level for the
remote wireless user
5. Configuring the remote user’s installation
97801374558290_print.indb 206 10/09/21 11:20 AM

The objective of this example is to establish a point-to-multipoint wireless network
that provides remote users with a wireless network connection. The remote users
are to be at fixed locations within the proposed coverage area. Figure 4-25 shows a
simple terrain profile of the proposed area. The data rate for the wireless connection
to remote users needs to be at least 2Mbps.
Note
Antenna placement is critical when setting up a point-to-multipoint wireless LAN.
Incorrect antenna placement can severely affect reception quality.
6 km 6 km
m
1k
Proposed
Antenna
Site Mountain
Range
River Home
Valley Network
FIGURE 4-25 The terrain profile of the area to be supported by the proposed point-to-
multipoint wireless network.
Step 1: Conducting an Antenna Site Survey

The proposed antenna site (refer to Figure 4-25) is on top of a hill approximately
1 kilometer from the home network. A site survey provides the following
information:
●● The site has a tower that can be used to mount the wireless antenna.
●● The site has a small building and available rack space for setting up the
wireless networking equipment.
●● There is a clear view of the surrounding area for 6 kilometers in every
direction.
●● There is not an available wired network connection back to the home
network. The decision is made to use the proposed antenna site and set up an
11Mbps wireless link back to the home network.
4-5: Configuring a Point-to-Multipoint Wireless LAN: A Case Study 207
97801374558290_print.indb 207 10/09/21 11:20 AM

Step 2: Establishing a Point-to-Point Wireless Link to the Home
Network
The cost of installing a wired connection back to the home network would be too
high, so it is decided to use a point-to-point 802.11 wireless link for the intercon-
nection. This requires that antennas be placed at both the home network and the
antenna site. A wireless bridge is used at each end of the point-to-point wireless
link to interconnect the networks. The bridge will connect to the wired home
network and to the multipoint distribution on the antenna site. Also, each antenna
will be outfitted with lightning arrestors to protect the electronics from any possible
lightning strikes. Figure 4-26 shows the proposed wireless connection.
Yagi
Antenna
Wireless
Bridge
Yagi
Antenna
Home Network Wireless

Bridge
FIGURE 4-26 The proposed point-to-point wireless link between the home network and the
antenna site.
Many manufacturers of antennas support wireless networking, and many types of

antenna can be used. Antenna types from many manufacturers were investigated for
possible use in the interconnection. Three possible antennas were selected for the
wireless network, as outlined in Table 4-7.
Note
The selection of the incorrect antenna type can lead to a poorly designed radio link
and poor reliability.
TABLE 4-7 Sample of 802.11 Wireless Antennas

Antenna Type Radiation Pattern Costs
A Omni Omnidirectional Moderate
B Yagi Directional Moderate
C Dish Highly directional High
97801374558290_print.indb 208 10/09/21 11:20 AM

Antenna A has an omnidirectional radiation pattern. This means the antenna can
receive and transmit signals in a 360-degree pattern. Figure 4-27(a) shows the radi-
ation pattern for an omnidirectional antenna. Antenna A supports all 802.11 types.
Table 4-7 also indicates that this antenna has a moderate cost.
Antenna B is a Yagi antenna with a directional or unidirectional radiation pattern, as
shown in Figure 4-27(b). The Yagi antenna supports all 802.11 antenna types.
Antenna C is a dish antenna, or parabolic reflector. These antennas provide
extremely high directional gain, as illustrated in Figure 4-27(c). The dish antenna
supports 802.11 systems. The cost of a dish antenna can be quite high relative to the
cost of a Yagi or an omnidirectional antenna.
(a) (b) (c)
FIGURE 4-27 Antenna radiation patterns for (a) omnidirectional, (b) Yagi, and (c) dish
[parabolic reflector] antennas. The cost of the Yagi antenna is comparable to that of the
omnidirectional antenna.
Antenna B, the directional Yagi, is selected for the point-to-point link. The antenna
meets the distance requirement and also meets the 11Mbps data rate requirement.
Antennas A and C were not selected for the following reasons:
●● Antenna A: The omnidirectional radiation pattern is not appropriate.

●● Antenna C: The cost of a high-gain dish antenna is not justified for the short
distance.
Steps 3 and 4: Configuring the Multipoint Distribution and

Conducting an RF Site Survey
At this point, a wireless data link has been established with the home network. The
next task is to configure the antenna site for multipoint distribution. It was previ-
ously decided that a 300Mbps link would be adequate for the remote users, based
on the data rate to be supported for the planned coverage area.
The site survey in step 1 showed that there is a clear view of the surrounding area
for 6 kilometers in each direction. Antenna A (see Table 4-7) provides an omni-
directional radiation pattern for 7 kilometers. This satisfies the coverage area.
Antenna A is mounted on the antenna site tower, connected to a lightning arrestor,
97801374558290_print.indb 209 10/09/21 11:20 AM

and then connected to the output of a wireless bridge. Next, an RF site survey
of the planned coverage area is conducted to verify the signal quality provided
by the antenna selected. Measurements are made from multiple locations in the
planned coverage area. All remote sites within 4 kilometers of the distribution show
excellent signal strength (see Figure 4-28).
The signal quality drops to good at 6 kilometers at all surveyed remote locations
except for one area, which shows a poor quality (see Figure 4-29). The signal is
apparently being affected by multipath distortion from a small lake area. A fix
to this might be to move the antenna to a different height to minimize reflection
problems. An antenna at a different height will receive different reflections and
possibly less interference. In some cases, antenna alignment can be changed to
decrease the interference. A more costly solution would be to add antenna diversity,
which basically means placing multiple antennas on the receiving tower and using
the best signal for the connection.
Note
When dealing with antennas, it is important to consider effective isotropic radiated
power (EIRP), which is the power that comes off an antenna and is the value the
FCC uses to determine and measure power limits in wireless equipment.
FIGURE 4-28 The excellent signal quality measured for the multipoint distribution.
97801374558290_print.indb 210 10/09/21 11:20 AM

FIGURE 4-29 The poor signal quality measured at the remote site near the lake.
Step 5: Configuring the Remote Installations

The last task is to develop a configuration for the remote users. The antenna for
each remote user needs to be able to see only the multipoint distribution antenna
site. The requirements for the remote client are as follows:
●● 300Mbps data rate connection

●● Directional antenna (Yagi) plus mount, lightning arrestor, and wireless bridge
Antenna B (refer to Table 4-7) is selected for the directional antenna. This antenna
will provide a sufficient RF signal level for the remote users. Each remote user will
need a wireless bridge and a switch to connect multiple users. (Note that the bridge
is set for a 2.4Mbps data rate.) Figure 4-30 shows the setup for the remote users.
Yagi Antenna PC
Lightning Hub or
Arrestor PC
Switch
Wireless
Bridge
PC
PC
FIGURE 4-30 The setup for the remote users in the proposed point-to-multipoint wireless
network.
97801374558290_print.indb 211 10/09/21 11:20 AM

Section 4-5 Review

This section examines various networking devices for establishing wireless
networks.
This section presents various types of antennas that can be used to develop a
wireless network.
3.2 Explain the purpose of organizational documents and policies.
This section introduces the steps for completing a wireless antenna site survey.
3.3 Explain high availability and disaster recovery concepts and
This section discusses a situation in which the signal is being affected by
multipath distortion from a small lake area. A fix to this might be to move the
antenna to a different height to minimize reflection problems.
This section discusses the issues related to and planning for antenna placement.
This section presents antenna types and placement.
Test Your Knowledge

1. Which types of antennas are typically used at receive sites from a
multipoint distribution system? (Select all that apply.)
a. Yagi
b. Omnidirectional
c. Parabolic
d. Hydroxyl
2. True or false: When configuring remote installations for wire-
less networks, the receive site needs to be able to see the multipoint
distribution antenna site.
True
97801374558290_print.indb 212 10/09/21 11:20 AM

4-6 TROUBLESHOOTING WIRELESS NETWORKS
This section provides an overview of common techniques for troubleshooting
wireless networks. Students should become familiar with each scenario presented.
This section examines some common techniques for troubleshooting wireless
networks. Wireless networks have greatly simplified the steps for connecting to
a network, but they do occasionally fail. The following sections describe some
scenarios that users might encounter and steps for troubleshooting and resolving the
wireless issues.
Access Point Hardware Issues

The primary hardware device in wireless networks is the access point. Some
networks have multiple access points. A simple first step is to ping the IP address
for an access point in order to verify network connectivity. You should expect a
reply to the ping, but if you don’t get a reply, you can verify the IP address and
repeat the ping. If it still doesn’t work, there is a good chance there is a problem
with the access point. Try unplugging the access point and plugging it back in to
reset the access point. Try the ping again, and if it still doesn’t work, the access
point might have a problem.
Wireless Router Issues

Make sure the client and wireless router support the same Wi-Fi version. For
example, if a client computer’s Wi-Fi card supports only 802.11b, the wireless
router must also support 802.11b or must be configured to run in a mixed mode,
with multiple protocols supported.
Also, in the case where multiple clients are connecting to the wireless router, it
is important to understand that when an association is made between the client
and the wireless router, the client with the lowest 802.11 system will set the clock
speed. For example, say that a client running 802.11b and another running 802.11g
connect to the same wireless router. The data transfer rate for 802.11b is 11Mbps,
and the rate for 802.11g is 54Mbps. The wireless router will select 802.11b’s lower
clock rate for all associations. This can be of some concern to clients that have the
capability to connect at a higher data transfer rate.
Wireless Compatibility
Not all wireless clients are created equal, and wireless clients depend on their
hardware and software, which they must keep up to date. Also, in order to have
reliable and good wireless connectivity, the wireless access point and the wireless
clients must be compatible and use the same standard.
802.11n is a standard that can offer connectivity in either 2.4GHz or 5GHz or both.
This means a wireless client can be 802.11n compatible just by operating in one
frequency, not both. Therefore, an 802.11n wireless client with only a 2.4GHz
radio will never achieve the high speed of 300Mbps offered by 5GHz. When
troubleshooting the RF spectrum associated with a signal such as a Wi-Fi signal,
a spectrum analyzer is typically used.
4-6: Troubleshooting Wireless Networks 213
97801374558290_print.indb 213 10/09/21 11:20 AM

Signal Strength Problems
The purpose of measuring signal strength is to verify that you have good signal
level at the receive location. Typically, the signal strength of a wireless connection
can be adjusted at the access point to expand or reduce the area of coverage. Things
change, and a loss in signal strength might not be a problem with the access point.
It is possible that something could have been moved and is physically blocking the
signal, thus causing RF attenuation. The RSSI (received signal strength indicator)
value of a user should be monitored to identify signal strength issues.
Wireless Coverage
A wireless coverage area, or a cell, is very dependent on the RF transmission
radiated from a wireless router or an access point. So, there is a limitation to the
size of a cell for each access point. In a large geographic area, multiple wireless
access points are deployed to create multiple cells in an attempt to give enough
total coverage area. Good coverage depends on cells overlapping. Failure of cells to
overlap introduces weak or dead wireless spots, thus creating insufficient wireless
coverage. Also, bad coverage negatively affects client roaming. When a wireless
client moves from one cell to another, it must establish an association with the new
access point. With bad coverage, the AP association time increases, in turn causing
delay or interruption.
Extending the Wireless Range

Another way to improve wireless coverage is to extend the wireless range. The
following are general tips for extending the wireless range:
●● Make sure the antenna is placed high and is not obstructed by any metal.
It is important to remember that radio waves reflect off metal surfaces. Also,
surfaces such as concrete and brick attenuate the signal.
●● In some cases, you might have to use a high-gain antenna to help boost the
receive signal strength.
Frequency Interference Problems

An electrical device such as a microwave oven may cause interference. Microwave
ovens operate at the 2.4GHz frequency, which is the same band in which
802.11b/g/n devices operate. It is good to have a baseline measurement of the
signal strength expected at each location in order to better identify interference. A
good indicator of interference is the signal-to-noise RATIO (SNR).
Wireless Channel Utilization

For the 2.4GHz wireless frequency, the default channel for 802.11b, 802.11g, and
802.11n wireless routers is channel 6. If you have interference problems, there may
be a wireless router nearby with an SSID using the same channel. In such a case,
you can change the channel to 1 or 11 so that the RF spectra on these channels do
97801374558290_print.indb 214 10/09/21 11:20 AM

not overlap (refer to Figure 4-4). 802.11b, 802.11g, and 802.11n wireless routers
have 11 possible channels, and you can select an alternate channel via the wireless
router’s settings. Changing to a different channel will reduce the SNR, which is
likely to solve your problem. Even though 5GHz wireless has more channels, the
same concept applies for 802.11a, 802.11n (5GHz), 802.11ac, and 802.11ax.
Load Issues
Wireless users share the same frequency channel to communicate to the same
access point. If too many users connect to the same access point at the same
time, they start experiencing slowness and packet drops due to overcapacity. For
optimum load capacity, consult the documentation of the access point manufacturer.
SSID Issues
Once the SSID has been configured for a computer, it normally does not require
reconfiguration. However, while traveling, you might reconfigure the SSID to
connect to a different network. Also, when manually configuring an incorrect SSID
or settings, human-error mistakes can be made. The simple fix is to reset the SSID
when you return to your home network.
Securing Wi-Fi Issues

Any time you are connecting a wireless device to a public hotspot, there is a chance
that someone using a packet sniffer will be able to see your data traffic. You can
avoid possible problems by enabling WPA to secure your data traffic. Most wireless
systems support multiple network security protocols (for example, different
versions of WPA3, WPA2, WPA, or WEP). Make sure the client and access point
are running the same security mode. Otherwise, an encryption protocol mismatch
will occur, resulting in no wireless connection.
Cable Issues
Even when you are focusing on troubleshooting wireless issues, a problem could
be due to a simple physical cable connection. A cable could be loose, may have
become disconnected, or may be bad. It is always good to have a spare cable
just in case. Remember that you can always verify that you have a connection by
checking for the presence of a link light. Also, bad cables create attenuation and
introduce loss of signal. Attenuation in any type of cable connecting to the access
point—such as antenna cable attenuation, fiber cable attenuation, or Ethernet cable
attenuation—could introduce signal issues into the wireless connection.
Deauthentication/Disassociation Attacks
Deauthentication and disassociation are legitimate handshakes used by a wireless
client when leaving a wireless network. However, a denial of service (DOS) attack
that exploits deauthentication and disassociation creates client disassociation issues.
By spoofing a disassociate or deauthenticate message while pretending to be a
targeted wireless client, the access point disassociates the targeted wireless client
from the wireless network.
4-6: Troubleshooting Wireless Networks 215
97801374558290_print.indb 215 10/09/21 11:20 AM

DHCP Issues
Wireless devices require valid IP addresses. Access points typically assign a
192.168.0.x address to the client. You can verify the IP address assigned by entering
the command ipconfig at the command prompt (refer to Section 1-4, “The Ethernet
LAN,” in Chapter 1, “Introduction to Computer Networks”).
Wireless Printer Issues

If you are experiencing problems with a wireless printer that was recently working,
the first step is to restart the printer, your computer, and your wireless router. If this
doesn’t fix the problem, you can print the network configuration from the printer.
Check the IP address for the printer and verify that it is assigned an IP address
in your network. You can check the IP address of your computer by issuing the
command ipconfig from the command prompt (refer to Section 1-4 in Chapter 1).
Section 4-6 Review
This section covers the following Network+ exam objective.

This section presents the concept of an RSSI, which provides a signal strength
measurement.
Test Your Knowledge

1. You are experiencing problems with a wireless printer that was recently
working. How can you verify the IP address?
a. Set the ping command to auto and look for a reply.
b. Verify the IP address assigned by entering the command ipconfig at
the command prompt.
c. Remove the cover to the printer to find the MAC address.
d. Ping the server
2. What issue is likely to happen if one wireless client is running 802.11b
and another is running 802.11g, and both connect to the wireless router at
the same time?
a. There will be no issues.
b. The wireless router will select 802.11g for setting the data transfer
rate.
c. The wireless router will select 802.11b for setting the data transfer
rate.
d. The access point will temporarily shut down until one client goes
offline.
97801374558290_print.indb 216 10/09/21 11:20 AM

SUMMARY
This chapter presents an overview of wireless networking, including fundamental
concepts and sample networks. The vendors of wireless networking equipment have
made their devices easy to integrate into existing networks, but you must under-
stand that the key objective of a network administrator is to provide a fast, reliable,
and secure computer network. Carelessly integrating wireless components into a
network can easily compromise this objective.
You should understand the following from reading this chapter:
●● The operating characteristics of the 802.11 wireless networks

●● The purposes of access points, wireless LAN adapters, and wireless bridges
●● How to perform a basic site survey on a building
●● How to configure a network for user mobility
●● How to plan multipoint wireless distribution
Wireless networking technologies have greatly simplified planning and instal-

lation. However, they have also brought some complications. For example, any
time you are working with RF, there is a chance of unexpected interference and
noise. A well-planned RF installation requires a study of all known interference
and a search for any possible interference. An RF study should also include signal
path studies that enable the user to prepare a well-thought-out plan and allow an
excellent prediction of received signal level. The bottom line is to obtain support for
conducting an RF study.
QUESTIONS AND PROBLEMS

Section 4-2
1. List two advantages of wireless networking.
User mobility and cost-effectiveness for areas where wiring would be too
expensive
2. What are the three areas defined for the IEEE 802.11 standard?
The physical layer, the MAC layer, and wireless management protocols and
services
3. What is an ad hoc network?
An ad hoc network is an independent network.
4. What is the purpose of an extended service set?
An ESS uses multiple access points to extend user mobility.
QUESTIONS AND PROBLEMS 217
97801374558290_print.indb 217 10/09/21 11:20 AM

5. What are the four physical layer technologies used in 802.11 wireless
networking?
DHSS: direct-sequence spread spectrum
FHSS: frequency-hopping spread spectrum
Infrared
OFDM: orthogonal frequency-division multiplexing
6. Describe the frequency spectrum for the DSSS channels in 802.11b wireless
networking.
802.11 DSSS implements 14 channels (each consuming 22MHz) over
approximately 90MHz of RF spectrum in the 2.4GHz ISM (industrial,
scientific, and medical) band.
7. Define pseudorandom sequence as it applies to FHSS.
Pseudorandom sequence means that the frequency-hopping sequence appears
to be random, but it does repeat.
8. What must the FHSS transmitting and receiving units know in order to
communicate?
They must know the hopping sequence.
9. What are the frequency range and modulation technique used by 802.11a?
5GHz, OFDM
10. What is the maximum data rate for each of the following?
a. 802.11b
11Mbps
b. 802.11a
54Mbps
c. 802.11g
54Mbps
d. 802.11n
200Mbps+
e. 802.11ac
1Gbps+
f. 802.11ax
10Gbps
97801374558290_print.indb 218 10/09/21 11:20 AM

11. Define MIMO as it applies to 802.11n.
MIMO (multiple-input multiple-output) uses a technique called space-
division multiplexing, in which the data stream is split into multiple parts
called spatial streams. The different spatial streams are transmitted using
separate antennas.
12. What is the purpose of the power save mode in 802.11n?
With the power save mode, 802.11n uses multiple data paths only when faster
data transmission is required, thus saving power.
Section 4-3
13. What is the purpose of an access point?
An access point provides a bridge between a wireless LAN and a wired
network.
14. How does an access point know if a wireless data packet is intended for its
network?
802.11 wireless LAN devices use an SSID to identify what wireless data
traffic is allowed to connect to the network.
15. What is an association, and what is its purpose?
An association is an established wireless connection. An access point uses an
association to build a table of users (clients) on the wireless network.
16. Draw a picture of a point-to-point wireless connection.
Refer to Figure 4-9(a)
17. Draw a picture of a point-to-multipoint wireless network.
Refer to Figure 4-9(b)
18. What are the key issues to explore when conducting a site survey for each of
the following?
a. Indoor environment
Electrical power connection points(s)
Wired network connection point(s)
Access point placement
RF coverage area
Bandwidth supported
b. Outdoor environment
Electrical power for the base access point
Connection back to the home network
Antenna selection
Bandwidth supported
RF coverage
97801374558290_print.indb 219 10/09/21 11:20 AM

Section 4-4
19. In what frequency band does Bluetooth operate?
The 2.4GHz ISM band
20. How many output power classes does Bluetooth have? List the power level
and the operating range for each class.
Bluetooth has four operating classes.
Power Class Average Output Power Operating Distance

1 100 mW ~100 meters
2 2.5 mW ~10 meters
3 1 mW ~1 meter
4 0.5 mW ~0.5 meter
21. What is a piconet?

A piconet is an ad hoc network consisting of up to eight Bluetooth devices.
22. What is the purpose of the inquiry procedure in Bluetooth?
A Bluetooth device uses the inquiry procedure to discover other Bluetooth
devices or to allow itself to be discovered.
23. What is the purpose of the paging procedure in Bluetooth?
A Bluetooth device uses the paging procedure to establish and synchronize a
connection between two networking devices.
24. Define the term backscatter.
Backscatter refers to the reflection of the radio waves striking an RFID tag
back to the transmitter source.
25. What are the three parameters that define an RFID system?
Means of powering the tag, frequency of operation, communication protocol
26. Explain how power is provided to a passive RFID tag.
Power is provided by rectifying the RF energy transmitted by the reader that
strikes the RF tag antenna.
27. What are three advantages of using an active RFID tag?
Can incorporate wireless Ethernet connectivity, can incorporate location
capability, the unit is always turned on
28. What three frequency bands are typically used for RFID tags?
LF: 125/134KHz
HF: 13.56MHz
UHF: 860–960MHZ and 2.4GHz
97801374558290_print.indb 220 10/09/21 11:20 AM

29. What is the WiMAX frequency standard for the United States?
5.8GHz and 2.5GHz
30. Why was OFDM selected for WiMAX?
OFDM was selected for WiMAX because of its improved NLOS
characteristics.
31. How does WiMAX differ from Wi-Fi?
Frequency assignments differ and data rates differ, but the main difference is
that the WiMAX unit only has to compete once to gain entry to a network.
Section 4-5
32. What type of wireless connection is used to connect a home network to a
multipoint distribution site?
Point-to-point
33. Use the Internet to find a source of omnidirectional and directional antennas
for each of the following standards:
a. 802.11b
b. 802.11a
c. 802.11g
d. 802.11n
e. 802.11ac
f. 802.11ax
34. Prepare a list of three manufacturers for each antenna type. Include cost
figures.
There are many sources for wireless network antennas. Expect the students to
come up with many possible solutions.
Section 4-6
35. What command can you issue to verify network connectivity in a wireless
LAN?
ping
36. True or false: When an association is made between a client and a wireless
router, the client with the lowest 802.11 system sets the clock speed.
True
37. True or false: In order to have reliable and good throughput wireless connec-
tivity, the wireless access point and the wireless clients must be compatible
and use the same standard.
True
97801374558290_print.indb 221 10/09/21 11:20 AM

38. What is the purpose of measuring signal strength at the receive location?
The purpose of measuring signal strength at the receive location is to verify
that you have good signal level.
39. What happens when wireless cell coverage isn’t overlapping?
Weak or dead wireless spots appear, thus creating insufficient wireless
coverage.
40. Which of the following are general tips for extending your wireless range?
(Select all that apply.)
a. Make sure the antenna is placed high.
b. Use a high-gain antenna to help boost the receive signal strength.
c. Enclose the antenna with brick or concrete.
d. Place the antenna on the ground.
41. True or false: Microwave ovens can cause interference with Wi-Fi signals.
True
42. The default channel for 802.11b and 802.11g wireless routers is channel 6. If
you have interference problems, there may be a wireless router nearby with
an SSID using the same channel. You can change the channel to which of the
following? (Select all that apply.)
a. 1
b. 3
c. 7
d. 8
e. 11
43. What is meant by the term load issues regarding wireless access points?
Too many users are connecting to the same access point at the same time.
44. True or false: Once the SSID (service set identifier) has been configured for
a computer, it normally does not require reconfiguration. However, when you
travel, you should use a PSSID (portable service set identifier) to connect to
remote access points.
False
45. What happens when an encryption protocol mismatch occurs?
a. The SSID has to be reconfigured.
b. The wireless authentication fails and requires reconfiguration of the
client’s SSID.
c. The wireless authentication is not successful, resulting in not being able
to connect to the SSID.
d. The lowest level of encryption is applied.
97801374558290_print.indb 222 10/09/21 11:20 AM

46. You can avoid security problems when connecting a wireless device to a pub-
lic hotspot by doing which of the following?
a. Enabling WPA to secure your data traffic
b. Enabling WAP to secure your data traffic
c. Disabling WPA
d. Disabling WAP
47. Which of the following can introduce signal loss into a wireless connection?
(Select all that apply.)
a. Antenna cable attenuation
b. Wrong IP address
c. An object blocking the wireless signal
d. Radio station broadcast
48. A denial of service (DOS) attack creates client disassociation issues by doing
two of the following?
a. Setting up a continuous ping, thereby taking control of the network
b. Replacing the SSID with a PSSID and connecting to non-authenticated
access points
c. Spoofing a disassociate or deauthenticate message and pretending to be
a targeted wireless client
d. Downgrading WPA3 to WPA2 encryption
49. An access point typically assigns a 192.168.0.x address to a client. How can
you verify the IP address assigned?
a. By entering the command config-ip at the command prompt
b. By entering the command ipconfig at the command prompt
c. By entering the command configip at the command prompt
d. By pushing the reset button on the WAP
50. When you experience problems with a wireless printer that was recently
working, what is the first step you should take?
a. Restart the printer, your computer, and your wireless router.
b. Replace the access point and router and reconfigure both of them.
c. Remove the cable connecting the printer and replace it.
d. Update the firmware on the wireless router.
97801374558290_print.indb 223 10/09/21 11:20 AM

Critical Thinking
51. A wireless network receiving site is experiencing occasional loss of signal
due to interference. Discuss the steps you would take to correct this problem.
The options for solving this problem vary depending on the location of the
network receiving site. If this is an indoor site, an additional access point
may be required. For an outdoor site, the antenna might need to be aligned
or replaced with a more directional antenna. You also might be able to
reduce impacts of RF interference by changing the access point channel.
For example, most microwave ovens emit RF signals in the upper third of
the 2.4GHz band. You can generally avoid microwave oven interference by
tuning nearby access points to channels 1 or 6.
52. Prepare a memo to your supervisor, explaining why it is important to run
encryption on your wireless network.
The student should report that it is easy for data to be viewed over an unen-
crypted wireless network. The student could say something about the fact that
sensitive information about personnel or the company is being broadcast to
the public if encryption is not used.
53. Your company has a suite in a business complex. Another company in the
suite next to you has a wireless 802.11b network with the SSID Company A.
You can pick up that company’s signal from your suite. Your company would
like to put up its own wireless network with two access points. Discuss how
you would set up these two access points so that your company can obtain
optimal performance.
It is important to determine which of the 802.11b channels the SSID
Company A is using. Then you can deploy the wireless access points using
different, non-overlapping channels. This will help eliminate interference.
Also, it is important to do a site survey within your own suite. You want to
place the two wireless access points in such a way that their radio signals
provide overlapping coverage for the entire suite and their signal will be
minimally reflected by the obstacles within the suite.
Certification Questions
54. True or false: If the signal quality drops from excellent to good, the antenna
or access point should be replaced.
False
55. The network administrator is setting up a wireless network. There is a chance
of radio interference. How can the network administrator avoid or minimize
potential interference problems?
a. Perform an RF study prior to installation of the wireless network.
b. Contact all owners of equipment that may cause interference and ask
them to use different systems.
97801374558290_print.indb 224 10/09/21 11:20 AM

c. Contact the FCC to have the interfering sources shut down.
d. All of these answers are correct.
56. Define MIMO relative to 802.11n.
a. MIMO is a multiplexing technique in which the power is split into
multiple parts called spatial currents.
b. MIMO is a frequency-division multiplexing technique in which the data
stream is split into multiple parts called spectral streams.
c. MIMO is an OFDM multiplexing technique in which the digital data is
portioned into multiple parts called filtered streams.
d. MIMO is a space-division multiplexing technique in which the data
stream is split into multiple parts called spatial streams.
57. Which of the following best characterizes CSMA/CA?
a. It replaces CSMA/CD.
b. It provides carrier sense with collision avoidance.
c. It provides carrier sense with congestion avoidance.
d. It provides congestion sensing with collision avoidance.
58. Which of the following are advantages of 802.11g? (Select all that apply.)
a. Compatible with 802.11b
b. Compatible with 802.11a
c. Uses infrared instead of radio
d. High speed
59. Which of the following is used in wireless LANs to identify whether a client
is to become a member of the wireless network?
a. SSID
b. MAC address
c. IP address
d. Echo
60. What does the term last mile mean in relation to telecommunications?
a. The distance from an RF transmitter to a receiver in WiMAX
b. A measurement of signal coverage for WiMAX and for Wi-Fi
c. A term for the last connection prior to linking to the RF transmitter
d. The last part of the connection from the telecommunications provider
to the customer
97801374558290_print.indb 225 10/09/21 11:20 AM

61. Which of the following is the best way to extend the radio range of a station’s
wireless link with one access point?
a. Add multiple access points
b. Add additional wiring
c. Add 87BZS encoding
d. Add B8ZS encoding
62. Which of the following statements is true?
a. The Wi-Fi Alliance is an organization that assembles and tests wireless
equipment before it is shipped to vendors.
b. The Wi-Fi Alliance is an organization that tests and certifies wireless
equipment for compliance with the 803.1 standards.
c. The Wi-Fi Alliance is an organization that tests and certifies wireless
equipment for compliance with the 802.11x standards.
63. Which of the following are current wireless networking standards? (Select all
that apply.)
a. 802.12n
b. 802.11g
c. 803.11g
d. 802.11a
e. 802.11b
f. 802.55a
g. 802.11n
h. 802.1a
i. 802.11ac
j. 802.11ax
97801374558290_print.indb 226 10/09/21 11:20 AM

INDEX
Z02_Beasley_Index_p764-822_NEW.indd 764 10/09/21 4:27 PM

Symbols 802.11 wireless standard, 175–176
? (help) command, 367 AP, 177–178
BSS, 176, 177, 178
Numbers channel bonding, 179
CSMA/CD, 178
3DES (Triple Data Encryption Standard), 651 DSSS, 179
3G wireless standard, 204 ESS, 178
4G wireless standard, 204 FHSS, 180
4G/LTE, 204 frequency channels, 179
5G wireless standard, 204 hand-offs, 178
6to4 prefix, 335 hopping sequences, 180
8P8C connectors, 70–71 ISM band, 179
10BASE2 cabling, 41 MAC layer, 176
10BASE5 cabling, 41 OFDM, 180
10BASE-FL cabling, 41 Open Authentication, 638
10BASE-T cabling, 41 PHY layer, 176
10GBASE-LR cabling, 41 pseudorandom numbering sequences, 180
10GBASE-SR cabling, 41 roaming, 178
10GBASE-T cabling, 41, 76, 97–98 shared-key authentication, 638
AXT, 98 transceivers, 177
full-duplex transmissions, 100 transmit power, 180
F/UTP, 99 WMN, 176
hybrid echo cancellation circuits, 100 802.11a (Wi-Fi 2) wireless standard, 24, 180–181, 183
IEEE 802.3an-2006, 98 802.11ac (Wi-Fi 5) wireless standard, 24, 182, 183
performance, 100–101 802.11ax (Wi-Fi 6) wireless standard, 25, 182, 183
PSAACRF, 98, 99 802.11b (Wi-Fi 1) wireless standard, 24, 181, 183
PSANEXT, 98, 99 802.11g (Wi-Fi 3) wireless standard, 24, 181, 182, 183
signal transmission, 100–101 802.11i wireless standard, 183
29 CFR 1910.1200 (Hazard Communication), 716 802.11n (Wi-Fi 4) wireless standard, 24, 181, 182, 183
29 CFR 1910.157 (Portable Fire Extinguishers), 712–713 802.11r wireless standard, 183
29 CFR 1910.160 (Fixed Extinguishing Systems), 713–714 802.16a (WiMAX) wireless standard, 200
29 CFR 1910.164 (Fire Detection Systems), 714–715 1000BASE-LX cabling, 41
29 CFR 1910.165 (Employee Alarm Systems), 715–716 1000BASE-SX cabling, 41
29 CFR 1910.36 (Design and Construction Requirements 1000BASE-T cabling, 41
for Exit Routes), 709–710
29 CFR 1910.37 (Maintenance, Safeguards, and
Operational Features for Exit Routes), 710 A
29 CFR 1910.38 (Emergency Action Plans), 710–711
A records (Address records), 541–542
29 CFR 1910.39 (Fire Prevention Plans), 711–712
AAA (Authentication, Authorization, Accounting)
32-bit CPU architectures, 679 frameworks, 623–624
40GBASE-T cabling, 41 AAAA records (Quad-A records), 545
64-bit CPU architectures, 679 A.B.C.D. values, 20–21
100BASE-FX cabling, 41 absorption, fiber-optic cabling, 136
100BASE-SX cabling, 41 access
100BASE-TX cabling, 41 BWA, 199–200
802.1x (dot1x) wireless standard, 633 CDMA, 204
INDEX 765

controlling, detection methods, 661–662 addresses
motion detection, 662 adapter addresses. See MAC addresses
surveillance cameras, 662 anycast addresses, 335
controlling, physical security, 659, 660–661 broadcast addresses, subnetting, 322
access control vestibules (mantraps), 661 class network addresses, 467
badge readers, 661 classful addresses, 317, 467
biometric scanners, 661 DAD, 337
locking cabinets, 661 Ethernet addresses. See MAC addresses
locking racks, 661 gateway addresses, 265, 326–327, 359–361
door access, 717 HA, 302
home access, home networks, 31 hardware addresses. See MAC addresses
HSPA+204 IPv4 addressing, 20, 312–313
NAC, 624 6to4 prefix, 335
network access management, 623–624 A.B.C.D. values, 20–21
public access, home networks, 31 APIPA, 532, 533
RAS, 647 ARIN, 315
RBAC, 623 assigning, 315, 529–530
remote access security, 642 class network addresses, 467
analog modems, 643–644 classes, 313
cable modems, 644 classful addresses, 317
RAS, 647 decimal/binary octets, 314
xDSL modems, 644–646 default gateway addresses, 359–361
routers, 626–628 dual stacks, 336
TACACS+624 host IP addresses, 315
WPA, 215, 639 host numbers, 21
WPA2, 639–640 lease time, 532
WPA3, 640 managing with DHCP, 531–537
access control vestibules (mantraps), 661 network/host bits, 314–315
access points (AP), 177–178, 186–187, 189–190 network numbers, 21, 482
evil twin attacks, 598 next hop addresses, 362
home networks, 28 non-Internet-routable IP addresses, 316
troubleshooting, 213 Office LAN, 40
access/edge layer, LAN, 269 overloading, 35
access-list permit ip any any command, 617 private IP addresses, 21–22, 316
accounting, AAA framework, 623–624 public IP addresses, 22
ACK (Acknowledgement) packets, 297 RIR, 315
ACL (Access Control Lists), 617–618 structure of, 313
ACR (Attenuation to Crosstalk Ratios), 93, 95 switches, 245
PSAACRF, 98, 99 TCP/IP, 21–22
PSACR, 93, 95, 96 transitioning to IPv6, 335–337
active/active disaster recovery architectures, 731 wildcard bits, 482–483
active/passive disaster recovery architectures, 731 IPv6 addressing, 333–335
active RFID tags, 202 6to4 prefix, 335
ad hoc networks, 176, 177 anycast addresses, 335
adapter addresses. See MAC addresses CIDR, 337–338
adaptive cut-through mode, switches, 247 DAD, 337
766 INDEX

defined, 333 aging time, 244
dual stacks, 336 AH (Authentication Headers), 651
interface (host) identifiers, 335 air interface (communications) portal, RFID tags, 203
IPng, 333 alarms, CSU/DSU, 272
link-local addresses, 335, 336–337 analog modems
multicast addresses, 335 asymmetric operations, 643
routing, 499 security, 643–644
routing, BGP, 501–502 V.44/V.34 modem standard, 643
routing, EIGRP, 501 V.92/V.90 modem standard, 643
routing, OSPF, 500–501 analyzing network traffic, 552–565
routing, RIP, 499–500 ANDing, subnet masks, 361–362
routing, static, 499 ANT+ wireless technology, 183
SLAAC, 336–337 antennas
transitioning to, 335–337 dish (parabolic reflector) antennas, 209
unicast addresses, 335 EIRP, 210
link-local addresses, 335, 336–337 multipoint distributions, 209–211
logical addresses, 249 omnidirectional antennas, 208–209
MAC addresses placement of, point-to-multipoint WLAN case study, 207
CAM, 246 ranges (wireless), extending, 214
defined, 18 remote installations, 211
destination MAC addresses and sources, 17 RF site surveys, 209–211
filtering, 33 selecting, 208–209
length of, 18 site surveys, 207
NIC, 18 spatial diversity, 186
Office LAN, 40 Yagi antennas, 209
OUI, 18 antivirus/anti-malware software, 610–611
sampling of, 18 anycast addresses, 335
spoofing attacks, 635 AP (Access Points), 177–178, 186–187, 189–190
sticky command option, 634 evil twin attacks, 598
multicast addresses, 303, 335 home networks, 28
NAT, 34 troubleshooting, 213
defined, 34 APC connectors, 64, 146
private IP addresses, 34–35 APIPA (Automatic Private IP Addressing), 532, 533
public IP addresses, 35 appearance, home networks, 31
NET addresses, 479 Application layer
network addresses, 249, 322 OSI model, 13, 14
next hop addresses, 362 TCP/IP, 294, 295–296
PA, 301 applications (common) and port numbers, 295–296
physical addresses. See MAC addresses Area 0, OSPF, 482
secure addresses, switches, 243 areas, OSPF, 477
unicast addresses, 335, 533 ARIN (American Registry for Internet Numbers), 315, 529
administrative distance, 461 ARP (Address Resolution Protocol), 301–303, 563
administratively down, 390 bridges, 233–235
ADSL (Asymmetric DSL), 645–646 caches, 233–235
advertising, routes, 466 caches, poisoning, 598
AES (Advanced Encryption Standard), 640 DAI, 635
INDEX 767

expired entries, 235 viruses, 602–603, 610–611
replies, 563–564 VLAN hopping, 599
spoofing attacks, 635 worms, 603
ARPANET (Advanced Research Projects Agency zero-day attacks, 604
Network), 292 attenuation (insertion loss), 92, 93–94
assembling Office LAN, 38–39 ACR, 93, 95
cabling, 40–43 fiber-optic cabling, 127, 136–137, 142
client/server networks, 42–45 PSAACRF, 98, 99
diagramming networks, 39–40 PSACR, 93, 95, 96
IP addressing, 40 audits, IT, 728
MAC addresses, 40 AUP (Acceptable Use Policies), 725
network device connections, 40–43 authentication
peer-to-peer networks, 42, 43 AAA framework, 623–624
asset disposal, 662 AH, 651
asset/inventory management, 728 CCMP, 639–640
assigning CHAP, 649, 650
IP addressing, 529–530 deauthentication/disassociation attacks, 215
IPv4 addresses, 315 EAP, 640, 650
protocols, 529 Kerberos, 623
associations, LAN interconnections, 233 LEAP, 640
associations, wireless connections, 186–187, 193 MD5 hashing algorithm, 649, 650
asymmetric operations, modems, 643 Open Authentication, 638
attacks, network security PAP, 649–650
ARP cache poisoning, 598 RADIUS, 624, 640
botnets, 608 SHA, 649, 650
brute-force attacks, 596 shared-key authentication, 638
buffer overflow attacks, 599–600 authorization, AAA framework, 623–624
coordinated DDoS attacks, 608 auto-negotiation, 383–386
DDoS attacks, 608–609 AS (Autonomous Systems), 529
deauthentication/disassociation attacks, 608 auxiliary input, routers, 250
dictionary attacks, 596 AXT (Alien Crosstalk), 98
directed broadcasts, 607
DoS attacks, 606–609
evil twin attacks, 598
B
intrusion attacks, 594–604 backbone
logic bombs, 604 backbones
malware, 602–604, 610–611 cabling, 67, 155
on-path attacks (man-in-the-middle attacks), 598 defined, 477
packet sniffing attacks, 597–599 backscatter, 200
password cracking attacks, 596–597 backups, 729–730
PDoS attacks, 607 badge readers, 661
ransomware attacks, 604 balanced mode, 74–75
reflective/amplified DoS attacks, 608 bandwidth
session hijacking, 599 fiber-optic cabling, 126
social engineering attacks, 595–596 metrics, 461
software vulnerabilities, 599–604 multilevel encoding, 100
spoofing attacks, 607, 635
768 INDEX

BD (Building Distribution) fiber, optical networking, broadcasts, 233
151–154 defined, 232
beacons, 638 MAC addresses, 232–234
beamforming, 182 multiport bridges. See layer 2 switches
best practices ports, 232–233
asset/inventory management, 728 translation bridges, 235
backups, 729–730 transparent bridges, 235
configuration standards, 727–728 wireless bridges, 187–189, 236
documentation, 727 broadband modems/gateways, 28
HA, 730–731 broadcast addresses, subnetting, 322
IT audits, 728 broadcast domains, 246, 358
role separation, 728 broadcasts
BGP (Border Gateway Protocol), 496–498, 501–502 bridges, 233
BiDi (Bidirectional) transceivers, 154 broadcast storms, 233
binary numbers defined, 9
binary-to-decimal conversions, 306–307 directed broadcasts, 607
decimal-to-binary conversions, 307–309 SSID broadcasts, turning off, 33
IPv4 addressing, 314 brute-force attacks, 596
biometric scanners, 661, 717 BSS (Basic Service Sets), 176, 177, 178
BLE (Bluetooth Low Energy) technology, 197 buffer overflow attacks, 599–600
blocked TCP/UDP ports, troubleshooting, 573 buffering/queuing, 252
blocking state, STP, 423 building distributions, optical networking, 151–154
Bluejacking, 641 building entrances, structured cabling, 66–67
Bluesnarfing, 641 bus topologies, 8–9
Bluetooth business policies/procedures, 723
BLE technology, 197 asset/inventory management, 728
enabling connections, 198–199 AUP, 725
inquiry procedures, 197 backups, 730
output power classes, 197 best practices, documentation, 727
paging procedures, 197 configuration standards, 727–728
piconets, 197–198 continuity/recovery policies/procedures, 729
security, 641 MTBF, 729
BNC connectors, 64 MTTF, 729
bonding, channel (Ethernet), 179 MTTR, 729
BOOTP (Bootstrap Protocol), 531 HA, 730–731
botnets, 608 incident response policies, 725
bottlenecking (network congestion), 76, 252 IT audits, 728
bottom-to-top (bottom-up) troubleshooting approach, 569 MLA, 724
BPDU (Bridge Protocol Data Units), 422–423 MOU, 723–724
BPDU Filter, 636 MSA, 724
BPDU Guard, 635–636 NDA, 725
branching devices, 142 onboarding/offboarding policies, 727
bridges password policies, 726
advantages/disadvantages of, 236 privileged user agreements, 726
ARP caches, 233–235 role separation, 728
associations, 233 SLA, 724
INDEX 769

SOP, 726–727 console cabling, 250, 255
SOW, 725 crossover cabling, 41–42, 83
business policies/procedures. See also rules/regulations crosstalk, 94
BWA (Broadband Wireless Access), 199–200 ELFEXT, 93, 95
BYOD (Bring Your Own Device), 568 Ethernet LAN cabling, numerics, 41
Fast Ethernet, 76
C fiber-optic cabling
absorption, 136
cabinets, locking, 661 advantages of, 126–127
cable modems APC connectors, 146
home networks, 28, 29 attenuation (insertion loss), 127, 136–137
security, 644 attenuators, 142
cabling backbones, 155
8P8C connectors, 70–71 bandwidth, 126
10BASE2 cabling, 41 BD fiber, 151–154
10BASE5 cabling, 41 branching devices, 142
10BASE-FL cabling, 41 building distributions, 151–154
10BASE-T cabling, 41 campus networks, 154–157
10GBASE-LR cabling, 41 chromatic dispersion, 137–138
10GBASE-SR cabling, 41 cladding, 130
10GBASE-T cabling, 41, 76, 97–98 color-coding fiber, 156
AXT, 98 components of, 126, 141–142
full-duplex transmissions, 100 connectorization, 145–146
F/UTP, 99 cores, 130
hybrid echo cancellation circuits, 100 corrosion, 127
IEEE 802.3an-2006, 98 costs, 127
performance, 100–101 crosstalk, 127
PSAACRF, 98, 99 CWDM, 142
PSANEXT, 98, 99 detectors, 143–145
signal transmission, 100–101 DFB lasers, 141
40GBASE-T cabling, 41 diplexers, 154
100BASE-FX cabling, 41 dispersion, 137–139
100BASE-SX cabling, 41 dispersion compensation, 139
100BASE-TX cabling, 41 dispersion shifted fibers, 138–139
1000BASE-LX cabling, 41 DL, 141
1000BASE-SX cabling, 41 DWDM, 130, 141
1000BASE-T cabling, 41 electrostatic interference, 126
attenuation (insertion loss), 92, 93–94 Ethernet, 157
backbone cabling, 67 events, troubleshooting, 162
balanced mode, 74–75 FC connectors, 145–146
CAT5, patch cabling, CAT5, assembling, 87–90 fiber, 142
CAT5e, test examples, 104–109 fiber Bragg grating, 139
CAT6 cabling, 40 fiber cross-connects, 151
certification, 93–96 fiber selection, 132–133
channel specifications, 93–96 fiber-to-the-home/business, 130
coaxial cabling, 64 FTTB, 149
770 INDEX

FTTC, 149 sm fibers, 155
FTTD, 149 splitters, 142
FTTH, 149 ST connectors, 145–146
fusion splicing, 144 step-index fiber, 133
GBIC, 152–153 strands, 131–132
glass, 142 transceivers, 154
graded-index fiber, 132, 133–134 transmission strands, 126
IC fibers, 152 troubleshooting, 162–163
IDC, 152–153 tunable lasers, 141–142
index-matching gel, 144 “two-deep” rule, 152–153
IR (Infrared) radiation, 126 unconnected fibers, 146
isolators, 142 UPC connectors, 146
LC connectors, 145–146 VCSEL, 141
LED, 141 VFL, 162
light pipes, 142 WDM, 130, 143
link budgets, 157–158 X2, 153–154
logical fiber maps, 154, 155 XENPAK, 153–154
mechanical splicing, 144–145 XFP, 153–154
microbending, 136–137 XPAK, 153–154
mm fibers, 155 zero dispersion wavelengths, 138–139
modal dispersion, 137–138 full channels, 92
mode field diameters, 134–135 full-duplex cabling, 76
MT-RJ connectors, 145–146 F/UTP, 99
multimode fiber, 130, 132 Gigabit Ethernet, 76
numerical apertures, 131 HC, 68, 69
optical connectors, 126 horizontal cabling, 67, 69–73, 83–87
optical Ethernet, 149–150 hybrid echo cancellation circuits, 100
optical networking, defined, 148–151 IC, 68, 69
optical spectrum, 130–131 links, 92
optical-line amplifiers, 143 managing, 67
OTDR, 162–163 manufacturer’s specifications, 102–104
photosensitive detectors, 126 MC, 68, 69
physical fiber maps, 154, 156 multilevel encoding, 100
polarization mode dispersion, 137, 139 NEXT, 92, 93, 94–95
pulse dispersions, 132–133 patch cabling, 71–72, 82
refraction of light, 129 performance, 110
refractive indexes, 129 physical layer cabling, 64
RSL, 142 10 Gigabit Ethernet over Copper, 97–101
safety, 127, 160–161 APC connectors, 64
SC connectors, 145–146 BNC connectors, 64
scattering, 136 cable testing/certification, 92–96
security, 127 connectors, 64
SFP, 152–153 fiber couplers, 64
SFP+153–154 structured cabling, 66–73
“shooting the fiber”, 162 troubleshooting, 102–110
single-mode fibers, 130, 134–135 twisted-pair cabling, 74–77
INDEX 771

twisted-pair cabling, terminating, 78–90 PSELFEXT, 93, 95, 96
UPC connectors, 64 PSNEXT, 93, 94
UTP couplers, 64 Thin/Net cabling, bus topologies, 8
PSELFEXT, 93, 95, 96 troubleshooting, 102
PSNEXT, 93, 94 connectivity, 110
RJ-45 connectors, 40, 70–71, 75 DTX-1800 certification reports, 103, 104
rollover cabling, 255–256 failures to meet manufacturer specifications, 102–104
STP cabling, 76–77 multimeters, 110
straight-through cabling, 82, 87–90 performance, 110
structured cabling stretching, 102
backbone cabling, 67 twisted-pair cabling
building entrances, 66–67 ELTCTL, 99
ER, 67 F/UTP, 99
HC, 68, 69 LCL, 99
horizontal cabling, 67, 69–73 return loss, 93, 95–96
IC, 68, 69 STP cabling, 76–77
MC, 68, 69 TCL, 99
STP cabling, 76–77 TCTL, 99
TCO, 67 terminating, 78–80
telecommunications closets, 67, 69–70 UTP cabling, 74–76
TIA/EIA 568-A cabling standard, 66 UTP cabling, 76
TIA/EIA 568-B cabling standard, 66 CAT3, 75, 76
TIA/EIA 569B cabling standard, 66–67 CAT5, 74, 75, 76
UTP cabling, 74–76 CAT5, patch cabling, 87–90
WO, 68 CAT5, straight-through cabling,
work areas, 67 87–90
T568A wiring standard CAT5e, 74, 75, 76, 79–82
color maps, 78–80 CAT5e, patch cabling, 87–90
defined, 78 CAT5e, straight-through cabling, 87–90
pinouts, 79 CAT5e, test examples, 104–109
T568B wiring standard CAT6, 74, 75, 76, 79–82, 83–87
color maps, 78–80 CAT6a, 75, 76
defined, 78 CAT7, 74, 75, 79–82
pinouts, 79 CAT7a, 75
TCO, 67 CAT8, 74, 75, 79–82
termination, 70 UTP, F/UTP, 99
testing, 92–93 wiremaps, 82
ACR, 93, 95 WLAN, troubleshooting, 215
attenuation (insertion loss), 92, 93–94 WO, 68
channel specifications, 93–96 work areas, 67
delay skew, 93, 96 cache poisoning, ARP, 598
ELFEXT, 93, 95 caches, virtualization, 679
near-end testing, 94 CAM (Content-Addressable Memory), 246
NEXT, 92, 93, 94–95 cameras
propagation delay, 93, 96 IP security cameras, 662
PSACR, 93, 95, 96 surveillance, 662
772 INDEX

campus networks HSPA+204
backbones, 477 LTE/4G, 204
defined, 230 NFC, 204
hierarchical topologies, 69 certification
optical networking, 154–157 cabling, 93–96
CAN (Campus Area Networks), 5 DTX-1800 certification reports, 103, 104
captive portals, home networks, 32 CFR (Code of Federal Regulations), 709
Carrier Ethernet, 273–274 change management policies, 624
CAT3 changing
twisted-pair cabling, 75 factory passwords, 33
UTP cabling, 76 SSID, 33
CAT5 channel bonding, 179
patch cabling, 87–90 channel specifications, cabling, 93–96
straight-through cabling, 87–90 channel utilization (WLAN), troubleshooting, 214–215
UTP cabling, 74, 75, 76 CHAP (Challenge Handshake Authentication Protocol),
CAT5e 649, 650
patch cabling, 87–90 check sequences, frames, 17
straight-through cabling, 87–90 chromatic dispersion, 137–138
test examples, 104–109 CIDR (Classless Interdomain Routing), 329
UTP cabling, 74, 75, 76, 79–82 blocks, 330–331
CAT6 IPv6 addressing, 337–338
cabling, 40 notation, 329
horizontal cabling, terminating, subnet mask conversions, 329–330
83–87 CIR (Committed Information Rates), 276
UTP cabling, 74, 75, 76, 79–82 Cisco, remote client VPN configurations, 653–657
CAT6a, UTP cabling, 75, 76 cladding, fiber-optic cabling, 130
CAT7 class network addresses, 467
STP cabling, 76–77 classes, IPv4 addressing, 313
UTP cabling, 74, 75, 79–82 classful addresses, 317, 467
CAT7a, UTP cabling, 75 client/server networks, 42–45
CAT8 client-to-site VPN, 648
STP cabling, 76–77 cloud computing, 693–694
twisted-pair cabling, 75, 79–82 advantages/disadvantages of, 695–696
UTP cabling, 74 cloud services, 692–693
CBS (Committed Burst Size), 276 community clouds, 696
CCMP (Cipher Mode with Cipher Block Chaining CSP, 696
Message Authentication Code Protocol), 639–640 DaaS, 695
ccTLD, 528 defined, 692
CDMA (Code-Division Multiple Access), 204 elasticity, 696
cellular (mobile) communications, 204 email, 693
3G wireless standard, 204 hybrid clouds, 696
4G wireless standard, 204 IaaS, 694
5G wireless standard, 204 infrastructures, 696–697
CDMA, 204 multitenancy, 695, 696
EDGE, 204 outsourcing, 692
geofencing, 204 PaaS, 695
INDEX 773

private clouds, 696 switches, 410, 419–420
public clouds, 696 configure terminal (conf t) command, 411
SaaS, 695 enable secret command, 412
scalability, 695–696 hostname command, 411–412
SDN, 696–697 line console passwords, 412–414
security, 697 privileged mode, 411, 412
SLA, 693 static VLAN configurations, 414–418
cloud sites, disaster recovery, 731 switch# prompt, 412
CM-54 Beasley-Networking Essentials, 6e, switch(config)# prompt, 411, 412
9780137455928, 5 switch(config-line)# prompt, 413
CNA (Cisco Network Assistant), switches, 242–243 VLAN subinterfaces, 418–419
CNAME records (Canonical Name Records), virtualization, 682–690
542–543, 693 WLAN, 185–195, 206–211
coaxial cabling, 64 congestion (bottlenecking), networks, 76, 252
cold sites, disaster recovery, 731 connection-oriented protocols, 297
cold/hot” aisles, 73 connectivity
collision domains, isolating, 246 networks
collisions, switches, 433 home networks, 32
color maps, T568A/T568B wiring standards, 78–80 verifying with ping command, 240–241
color-coding, fiber-optic cabling, 156 ZTerm serial communications software, 259–261
command prompt, Windows 10, 18 troubleshooting, 110
common applications and port numbers, 295–296 connectorization, fiber-optic cabling, 145–146
communications (air interface) portal, RFID tags, 203 connectors
community clouds, 696 8P8C connectors, 70–71
compatibility (wireless), troubleshooting, 213 APC connectors, 64
computer forensics, 621 BNC connectors, 64
configuration standards, 727–728 DB-9 connectors, 254–255
configure terminal (conf t) command, 374, 411 DB-25 connectors, 254, 255
configuring (setting up) fiber couplers, 64
BGP, 496–498 RJ-45 connectors, 70–71, 75, 255
computers for LAN operation, 44 UPC connectors, 64
EIGRP, 488–494 UTP couplers, 64
FastEthernet interfaces, 376–377 console cabling, 255
firewalls, 611–617 console input/cabling, 250
interfaces, auto-negotiation, 383–386 console ports, routers
IP addressing, switches, 245 console cabling, 255
OSPF, 481–485 DB-9 connectors, 254–255
PuTTY software, 256–259 DB-25 connectors, 254, 255
routers PuTTY software, 256–259
Privileged EXEC mode (Router#), 380–381 RJ-45 connectors, 255
User EXEC mode (Router>), 369–371 rollover cabling, 255–256
SLAAC, 336–337 RS-232 serial communications ports, 254, 255
SNMP, 547–551 serial interfaces, 256
static routing, 454–458 ZTerm serial communications software, 259–261
static VLAN, 414–418 content filters, 620
774 INDEX

contiguous networks, 467 couplers
continuity/recovery policies/procedures, 729 fiber couplers, 64
MTBF, 729 UTP couplers, 64
MTTF, 729 CRC (Cyclic Redundancy Checksum) errors, 432
MTTR, 729 cross-connects
controllers, wireless, 189 defined, 68, 69
controlling access, physical security, 659, 660–661 fiber cross-connects, 151
access control vestibules (mantraps), 661 HC, 68, 69
badge readers, 661 IC, 68, 69
biometric scanners, 661 MC, 68, 69
locking cabinets, 661 WO, 68
locking racks, 661 crossover cabling, 41–42, 83
convergence, dynamic routing protocols, 460 crosstalk, 94
conversion loss, cabling ACR, 93, 95
ELTCTL, 99 AXT, 98
LCL, 99 fiber-optic cabling, 127
TCL, 99 PSAACRF, 98, 99
TCTL, 99 PSACR, 93, 95, 96
converting numbers crypto key generate rsa command, 628
binary-to-decimal conversions, 306–307 CSMA/CD (Carrier-Sense Multiple Access/Collision
decimal-to-binary conversions, 307–309 Domains), 16, 178
hexadecimal numbers, 309–311 CSP (Cloud Service Providers), 696
coordinated DDoS attacks, 608 CSU/DSU (Channel Service Units/Data Service Units),
copper, 10GBASE-T cabling, 97–98 272
AXT, 98 cut-through mode, switches, 247
full-duplex transmissions, 100 CWDM (Coarse Wavelength Division Multiplexing), 142
F/UTP, 99
hybrid echo cancellation circuits, 100 D
IEEE 802.3an-2006, 98
performance, 100–101 DaaS (Infrastructure as a Service), 695
PSAACRF, 98, 99 DAD (Duplicate Address Detection), 337
PSANEXT, 98, 99 DAI (Dynamic ARP Inspection), 635
signal transmission, 100–101 DARPA (Defense Advanced Research Projects Agency),
292
copy running-configuration startup-configuration (copy
run start) command, 457 data, frames, 17
core layer, LAN, 268 data centers
cores architectures, 269
fiber-optic cabling, 130 “hot/cold” aisles, 73
virtualization, 679 racks
corrosion, fiber-optic cabling, 127 diagrams, 72
costs locks, 73
fiber-optic cabling, 127 data channels, interconnecting LAN, 270–271
home networks, 30 Data link layer, OSI model, 13
metrics, 461 data packets
country domains, 539 ACK packets, 297
ARP packets, 302–303
INDEX 775

DHCP packets, 534 detection methods, 661–662
error thresholds, 247 motion detection, 662
filtering, 618 surveillance cameras, 662
FTP data packets, 566–567 detectors, fiber-optic cabling, 143–145
hello packets, 477 deterministic networks, 7
ICMP source-quench packets, 302 device density, 189
IGMP packets, 303–304 DFB (Distributed Feedback) lasers, 141
keepalive packets, 388 DHCP (Dynamic Host Configuration Protocol)
shaping, 253, 620 data packets, 534
sniffing attacks, 597–599 deploying, 535–537
SYN ACK packets, 297 DHCP ACK, 532
SYN packets, 297 DHCP Discover, 532
TCP packets DHCP Offer, 532
terminating connections, 299–300 DHCP Request, 532
transmitting, 298 IP address management, 531–537
UDP packet transfers, 300–301 snooping, 572
WEP, 638–639 troubleshooting, 216, 571–572
wire speed routing, 247 diagramming networks, 39–40
data rates dialup modems, 644
DS-0 to DS-3, 270 dictionary attacks, 596
E1 to E3, 271 differential backups, 730
T1 to T3, 270 Diffie-Hellman key exchange, 651
data speeds, home networks, 30 dig command, 541
data transmissions, long hauls, 134 diplexers, 154
DB-9 connectors, 254–255 directed broadcasts, 607
DB-25 connectors, 254, 255 disabled state, STP, 423
DDoS (Distributed DoS) attacks, 608–609 disassociation/deauthentication attacks, 215, 608
deauthentication/disassociation attacks, disaster recovery
215, 608 active/active architectures, 731
decimal numbers active/passive architectures, 731
binary-to-decimal conversions, 306–307 cloud sites, 731
decimal-to-binary conversions, 307–309 cold sites, 731
IPv4 addressing, 314 hot sites, 731
default gateways policies/procedures, 729
addresses, 359–361 MTBF, 729
static routing, 448 MTTF, 729
delay metrics, 461 MTTR, 729
delay, propagation, 93, 96 RPO, 732
delay skew, 93, 96 RTO, 732
demarcation, lines of, 271 sites, 731
DES (Data Encryption Standard), 651 virtualization, 681
Design and Construction Requirements for Exit Routes warm sites, 731
(29 CFR 1910.36), 709–710 dish (parabolic reflector) antennas, 209
desktops, virtual vs remote, 695 dispersion, fiber-optic cabling, 137–138
destination MAC addresses and sources, dispersion compensation, 139
defined, 17
dispersion shifted fibers, 138–139
776 INDEX

disposal of assets, 662 SDS, 716
distance vector protocols, 463 security, 624
hop count metrics, 463–464 SLA, 724
RIP, 465 SOP, 726–727
configuring, 466–468 SOW, 725
IPv6, 499–500 domain names, managing, 528
link state protocols and, 477 domain registrars, 530
[rip_tag] tags, 500 dongles, 682
route configuration, 468–473 door access, 717
sh run command, 471–472 doorbells, smart, 663
show ip protocol (sh ip protocol) command, 469–471 DoS (Denial-of-Service) attacks, 606–609
RIPv2, 474–475 dot1x (802.1x) wireless standard, 633
configuring, 466–468 down, administratively, 390
route configuration, 473–474 DS (Digital Signals), 270
routing loops, 465 DS-0 to DS-3 data rates, 270
distance, WLAN, 189–190 DSL (Digital Subscriber Lines)
distribution/aggregation layer, LAN, 269 ADSL, 645–646
divide-and-conquer troubleshooting modems, home networks, 29–30
approach, 569 services, 645
DKIM (Domain Keys Identified Mail), 544 xDSL
DL (Diode Lasers), 141 modems, 644–646
DMT (Discreet Multitone) modulation, services, 645
645–646 DSSS (Direct-Sequence Spread Spectrum), 179
DMZ (Demilitarized Zones), 618 DTLS (Datagram Transport Layer Security) protocol,
DNS (Domain Name Systems), 539 598
dig command, 541 DTX-1800 certification reports, 103, 104
forward DNS lookups, 539 dual stacks, 336
nslookup command, 541 duplex operations. See building distributions
reverse DNS lookups, 539 DWDM (Dense Wavelength Division Multiplexing), 130,
root DNS servers, 539–540 141
RR, 541–546 dynamic (private) ports, 295
tree hierarchies, 539–540 dynamic assignments, 243
DOCSIS (Data Over Cable Service Interface dynamic routing protocols, 460, 461
Specification), 644 convergence, 460
documentation load balancing, 460
AUP, 725 metrics, 460, 461
best practices, 727 path determination, 460
change management policies, 624 dynamic VLAN, 408
incident response policies, 725
MLA, 724
MOU, 723–724
E
MSA, 724 E1 to E3 data rates, 271
MSDS, 716 EAP (Emergency Action Plans), 710–711
NDA, 725 EAP (Encryption Authentication Protocol), 640, 650
onboarding/offboarding policies, 727 ease of implementation, home networks, 31
password policies, 726 EBS (Excess Burst Size), 276
privileged user agreements, 726 echo requests, 564–565
INDEX 777

EDGE (Enhanced Data GSM Evolution), 204 Ethernet
education records, FERPA, 719 10GBASE-T cabling, 97–98
EF (Entrance Facilities), structured cabling, 67 AXT, 98
EIA (Electronic Industries Alliance) full-duplex transmissions, 100
defined, 66 F/UTP, 99
TIA/EIA 568-A cabling standard, 66 hybrid echo cancellation circuits, 100
TIA/EIA 568-B cabling standard, 66 IEEE 802.3an-2006, 98
TIA/EIA 569B cabling standard, 66–67 performance, 100–101
EIGRP (Enhanced Interior Gateway Routing Protocol), PSAACRF, 98, 99
487–494, 501 PSANEXT, 98, 99
EIR (Excess Information Rates), 276 signal transmission, 100–101
EIRP (Effective Isotope Radiated Power), 210 bonding, 179
E-LAN (Ethernet LAN) service, 275 Carrier Ethernet, 273–274
elasticity, cloud computing, 696 Ethernet Service Definition, 274
electromagnetic wavelength spectrum, 131 EVC, 274
electrostatic interference, fiber-optic cabling, 126 Fast Ethernet, 76
ELFEXT (Equal-Level FEXT), 93, 95 FastEthernet ports, 250
E-Line (Ethernet Service Line), 274, 275 FCoE, 699
ELTCTL (Equal Loss Transverse Conversion Transfer giants, 433
Loss), 99 Gigabit Ethernet, 76
email MEF, 274
cloud computing, 693 MOE, 273–274
CNAME records, 693 optical Ethernet, 149–150
MX records, 693 optical networking, 157
Emergency Action Plans (29 CFR 1910.38), 710–711 PoE, 425–428
Employee Alarm Systems (29 CFR 1910.165), 715–716 PoE+427
enable command, routers, privileged mode, 373 PoE++428
enable secret command, 375, 412 runts, 433
encoding, multilevel, 100 service attributes, 276–277
encryption Ethernet addresses. See MAC addresses
3DES, 651 Ethernet jumbo frames, preambles, 17
AES, 640 Ethernet LAN, 16
DES, 651 cabling, numerics, 41
home networks, 33 CSMA/CD, 16
Type 5 encryption algorithm, 627 frames, 17
Type 7 encryption algorithm, 627 check sequences, 17
wireless networks (Wi-Fi), 33 components of (overview), 17
enterprise networks, 5, 262 data, 17
enterprise storage data structure of, 17
NAS, 700 destination MAC addresses and sources, 17
SAN, 698–699 jumbo frames, 17
ER (Equipment Rooms), structured cabling, 67 length/type, 17
error thresholds, 247 MAC addresses, 17, 18–20
ESP (Encapsulating Security Protocols), 651 NIC, 18
ESS (Extended Service Sets), 178 pads, 17
778 INDEX

preambles, 17 fast-forward mode, switches, 247
start frame delimiters, 17 FC (Fibre Channel), 699
Ethernet packet frames, 17 FC connectors, fiber-optic cabling, 145–146
check sequences, 17 FCoE (Fibre Channel over Ethernet), 699
components of (overview), 17 FERPA (Family Eductional Rights and Privacy Act), 719
data, 17 FHRP (First Hop Redundancy Protocol), 730
data structure of, 17 FHSS (Frequency-Hopping Spread Spectrum), 180
destination MAC addresses and sources, 17 fiber Bragg grating, 139
length/type, 17 fiber couplers, 64
MAC addresses, 17, 20 fiber cross-connects, 151
defined, 18 fiber transceivers, 154
ipconfig/all command, 18–19 fiber-optic cabling. See also physical layer cabling
length of, 18 absorption, 136
Linux, 20 advantages of, 126–127
macOS, 20 APC connectors, 146
obtaining, 19–20 attenuation (insertion loss), 127, 136–137
OUI, 18 attenuators, 142
sampling of, 18 backbones, 155
Windows 10, 20 bandwidth, 126
NIC BD fiber, 151–154
MAC addresses, 18 branching devices, 142
NIC, 18 building distributions, 151–154
teaming, 18 campus networks, 154–157
pads, 17 chromatic dispersion, 137–138
preambles, 17 cladding, 130
start frame delimiters, 17 color-coding fiber, 156
E-Tree (Ethernet Treet) service, 275–276 components of, 126, 141–142
EVC (Ethernet Virtual Connections), 274 connectorization, 145–146
events, troubleshooting fiber-optic cabling, 162 cores, 130
evil twin attacks, 598 corrosion, 127
EXEC (privileged EXEC) passwords, 627 costs, 127
exit routes crosstalk, 127
Design and Construction Requirements for Exit Routes CWDM, 142
(29 CFR 1910.36), 709–710 detectors, 143–145
Maintenance, Safeguards, and Operational Features for DFB lasers, 141
Exit Routes (29 CFR 1910.37), 710 diplexers, 154
export controls, international, 720–722 dispersion, 137–139
extending wireless ranges, 214 dispersion compensation, 139
dispersion shifted fibers, 138–139
F DL, 141
DWDM, 130, 141
factory passwords, changing, 33 electrostatic interference, 126
factory resets, 662 Ethernet, 157
Fast Ethernet, 76 events, troubleshooting, 162
interface configurations, routers, 376–377 FC connectors, 145–146
ports, 250, 263 fiber, defined, 142
INDEX 779

fiber Bragg grating, 139 SFP, 152–153
fiber cross-connects, 151 SFP+153–154
fiber selection, 132–133 “shooting the fiber”, 162
fiber-to-the-home/business, 130 single-mode fibers, 130, 134–135
FTTB, 149 sm fibers, 155
FTTC, 149 splitters, 142
FTTD, 149 ST connectors, 145–146
FTTH, 149 step-index fiber, 133
fusion splicing, 144 strands, 131–132
GBIC, 152–153 transceivers, 154
glass, 142 transmission strands, 126
graded-index fiber, 132, 133–134 troubleshooting, 162–163
IC fibers, 152 tunable lasers, 141–142
IDC, 152–153 “two-deep” rule, 152–153
index-matching gel, 144 unconnected fibers, 146
IR (Infrared) radiation, 126 UPC connectors, 146
isolators, 142 VCSEL, 141
LC connectors, 145–146 VFL, 162
LED, 141 WDM, 130, 143
light pipes, 142 X2, 153–154
link budgets, 157–158 XENPAK, 153–154
logical fiber maps, 154, 155 XFP, 153–154
mechanical splicing, 144–145 XPAK, 153–154
microbending, 136–137 zero dispersion wavelengths, 138–139
mm fibers, 155 fibers
modal dispersion, 137–138 BD fiber, 151–154
mode field diameters, 134–135 IC fibers, 152
MT-RJ connectors, 145–146 mm fibers, 155
multimode fiber, 130, 132 “shooting the fiber”, 162
numerical apertures, 131 sm fibers, 155
optical connectors, 126 unconnected fibers, 146
optical Ethernet, 149–150 fiber-to-the-home/business, 130
optical networking, defined, 148–151 Fibre Channel (FC), 699
optical spectrum, 130–131 Fibre Channel over Ethernet (FCoE), 699
optical-line amplifiers, 143 filtering
OTDR, 162–163 BPDU Filter, 636
photosensitive detectors, 126 content filters, 620
physical fiber maps, 154, 156 MAC addresses, 33
polarization mode dispersion, 137, 139 packets, 618
pulse dispersions, 132–133 traffic, 268
refraction of light, 129 web filters, 620
refractive indexes, 129 Fire Detection Systems (29 CFR 1910.164), 714–715
RSL, 142 Fire Prevention Plans (29 CFR 1910.39), 711–712
safety, 127, 160–161 firewalls, 34
SC connectors, 145–146 ACL, 617–618
scattering, 136 configuring, 611–617
security, 127 deploying, 619
780 INDEX

DMZ, 618 frequencies, interference, troubleshooting, 214
NGFW, 620 frequency bands, RFID tags, 203
packet filtering, 618 frequency channels, WLAN, 179
personal firewalls, 610 FTP data packets, 566–567
proxy servers, 618 FTTB (Fiber-To-The-Business), 149
screened subnets, 618 FTTC (Fiber-To-The-Curb), 149
SPI, 34 FTTD (Fiber-To-The-Desktop), 149
stateful firewalls, 618 FTTH (Fiber-To-The-Home), 149
FISMA (Federal Information Security Management Act), full backups, 730
719 full channels, 92
Fixed Extinguishing Systems (29 CFR 1910.160), 713–714 full-duplex cabling, 76
flapping, route, 478 full-duplex mode, interfaces, 384–386
flash memory, 368 full-duplex transmissions, 100
flat networks, 359 fusion splicing, 144
flooding, switches, 246 F/UTP (Foil over Twisted-Pair Cabling), 99
FLP (Fast Link Pulses), 383
forensics, computer, 621
forward DNS lookups, 539
G
forwarding, port, 35 gateways
forwarding state, STP, 423 addresses, 265, 326–327, 359–361
FPP (Fire Prevention Plans), 711–712 default gateways, static routing, 448
fragment collisions, 247 FHRP, 730
fragment-free mode, switches, 247 of last resort, 454
frames, 17 voice gateways, 251
check sequences, 17 gateways/broadband modems, 28
components of (overview), 17 GBIC (Gigabit Interface Converters), 152–153
data, 17 GDPR (General Data Protection Regulation), 719
data structure of, 17 geofencing, 204
destination MAC addresses and sources, 17 giants, 433
jumbo frames, 17 Gigabit Ethernet, 76
length/type, 17 glass, fiber-optic cabling, 142
MAC addresses, 17, 20 GLBA (Gramm-Leach-Bliley Act), 719–720
defined, 18 graded-index fiber, 132, 133–134
ipconfig/all command, 18–19 GRE (Generic Routing Encapsulation), 648–649
length of, 18 gTLD, 528
Linux, 20 guest machines, virtualization, 680
macOS, 20
obtaining, 19–20
OUI, 18
H
sampling of, 18 HA (Hardware Addresses), 302
Windows 10, 20 HA (High Availability), 730–731
NIC, 18 half-duplex mode, interfaces, 384–386
MAC addresses, 18 hand-offs, 178
teaming, 18 handshakes, TCP, 298, 299
pads, 17 hardware addresses. See MAC addresses
preambles, 17 hardware keys, 682
start frame delimiters, 17
INDEX 781

hashing algorithms wireless routers, 28
MD5, 649, 650 wireless networks (Wi-Fi), 24
SHA, 649, 650 access points (AP), 28
Hazard Communication (29 CFR 1910.1200), 716 advantages/disadvantages of, 24
HC (Horizontal Cross-Connects), 68, 69 broadband modems/gateways, 28
HDLC (High-Level Data Link Control), 272, 273 cable modems, 28, 29
headends, VPN, 647 components of, 25–30
headers defined, 24
IP headers, 301 DSL modems, 29–30
TCP, 296–297 example of, 25
UDP headers, 300–301 hubs, 25
hello packets, 477 IEEE wireless standards, 24–25
help (?) command, 367 network adapters, 26
hexadecimal numbers, 309–311 routers, 26–27
HF (High Frequency) RFID tags, 203 switches, 26
hierarchy data rates, SONET/SDH, 149 Wi-Fi Alliance, 24–25
hijacking sessions, 599 wireless routers, 25, 28
HIPAA (Health Insurance Portability and Accountability hop count metrics, 461, 463–464
Act), 720 hopping sequences, 180
home access, home networks, 31 hopping, VLAN, 599
home networks, 24 horizontal cabling, 67, 69–73, 83–87
appearance, 31 host (interface) identifiers, 335
captive portals, 32 host IP addresses, 315
connecting, 32 host machines, virtualization, 680
cost, 30 host numbers, IP addressing, 21
data speeds, 30 hostname command, 374–375, 411–412
ease of implementation, 31 hostnames, 366
encryption, 33 hot sites, disaster recovery, 731
home access, 31 “hot/cold” aisles, 73
hotspots, 32 hotspots, 32, 641
public access, 31 HSPA+ (Evolved High-Speed Packet Access), 204
range extenders, 32 HSSI (High-Speed Serial Interfaces), 270
security, 33–34 hub-and-spoke topologies. See star topologies
troubleshooting, 31–32 hubs
wired networks broadcasts, 9
access points (AP), 28 defined, 9
advantages/disadvantages of, 24 home networks, 25
broadband modems/gateways, 28 link light indicators, 42
cable modems, 28, 29 switches and, 10, 239–242
components of, 25–30 Token Ring hubs, 7
defined, 24 wireless routers, home networks, 28
DSL modems, 29–30 HVAC systems, 717
example of, 25 hybrid clouds, 696
hubs, 25 hybrid echo cancellation circuits, 100
network adapters, 26 Hyper-V, 682–690
routers, 26–27 hypervisors, 680
switches, 26
782 INDEX

I 802.3an-2006, 98
Wi-Fi Alliance, 24–25
IaaS (Infrastructure as a Service), 694 wireless standards, 24–25
IANA (Internet Assigned Numbers Authority), 20, 528 IETF (Internet Engineering Task Force), 477
IB (InfiniBand), 699 IGMP (Internet Group Management Protocol), 303–304
IC (Interconnect) fibers, 152 IKE (Internet Key Exchange), 651
IC (Intermediate Cross-Connects), 68, 69 implementing, home networks, 31
ICANN (Internet Corporation for Assigned Names and in-addr.arpa, 528
Numbers), 295, 529 incident response policies, 725
ICMP (Internet Control Message Protocol), 46, 302–303 incremental backups, 730
IDC (Intermediate Distribution Closets), 152–153 index-matching gel, 144
IDS (Intrusion Detection Systems), 619 industry regulatory compliance, 718
IEEE (Institute of Electrical and Electronics FERPA, 718
Engineers), 7
FISMA, 719
802.1x (dot1x) wireless standard, 633
GDPR, 719
802.11 wireless standard, 175–176
GLBA, 719–720
HIPAA, 720
AP, 177–178
international export controls, 720–722
BSS, 176, 177, 178
PCI DSS, 720
channel bonding, 179
InfiniBand (IB), 699
CSMA/CD, 178
infrastructure management
DSSS, 179
DHCP deployments, 535–537
ESS, 178
DNS, 539
FHSS, 180
dig command, 541
frequency channels, 179
forward DNS lookups, 539
hand-offs, 178
nslookup command, 541
hopping sequences, 180
reverse DNS lookups, 539
ISM band, 179
root DNS servers, 539–540
MAC layer, 176
RR, 541–546
OFDM, 180
tree hierarchies, 539–540
Open Authentication, 638
domain names, 528
PHY layer, 176
FTP data packets, 566–567
pseudorandom numbering sequences, 180
IP address assignments, 529–530
roaming, 178
IP addresses
shared-key authentication, 638
assigning, 529–530
transceivers, 177
managing with DHCP, 531–537
transmit power, 180
IP networks, troubleshooting, 568–573
WMN, 176
network management protocols, 546–551
802.11a (Wi-Fi 2) wireless standard, 24, 180–181, 183
network traffic analysis, 552–565
802.11ac (Wi-Fi 5) wireless standard, 24, 182, 183
number resources, 529
802.11ax (Wi-Fi 6) wireless standard, 25, 182, 183
protocol assignments, 529
802.11b (Wi-Fi 1) wireless standard, 24, 181, 183
scaling networks, 537–538
802.11g (Wi-Fi 3) wireless standard, 24, 181, 182, 183
SFTP, 566
802.11i wireless standard, 183
SNMP, 546–547
802.11n (Wi-Fi 4) wireless standard, 24, 181, 182, 183
configuring, 547–551
802.11r wireless standard, 183
MIB, 547
802.16a (WiMAX) wireless standard, 200
INDEX 783

SNMPv2, 550 console ports, 254–261
SNMPv3, 550 FastEthernet ports, 250, 263
Wireshark, 560–565 gateway addresses, 265
inlays, RFID, 202 higher-end routers, VoIP, 252–253
input errors, 432 interfaces, 250–251
input ports, 41 logical addresses, 249
inquiry procedures, Bluetooth devices, 197 MPLS, 252
insertion loss (attenuation), 92, 93–94 network addresses, 249
ACR, 93, 95 packet shapers, 253
fiber-optic cabling, 127, 136–137, 142 ports, 249–250
PSAACRF, 98, 99 QoS, 251–253
PSACR, 93, 95, 96 routing tables, 265
.int, 528 segments, 265–266
interconnecting LAN serial interfaces, 251
access/edge layer, 269 serial ports, 264
bridges USB interfaces, 250
advantages/disadvantages of, 236 VIC-4FXS/DID, 251
ARP caches, 233–235 voice interface cards, 251
associations, 233 VoIP, 251
broadcasts, 233 WIC2AM, 251
defined, 232 switches, 237–238, 239
MAC addresses, 232–234 adaptive cut-through mode, 247
aging time, 244
multiport bridges. See layer 2 switches
benefits of, 246
ports, 232–233
broadcast domains, 246
translation bridges, 235
CNA, 242–243
transparent bridges, 235
cut-through mode, 247
wireless bridges, 236
dynamic assignments, 243
Carrier Ethernet, 273–274
error thresholds, 247
CSU/DSU, 272
fast-forward mode, 247
data center architectures, 269
flooding, 246
data channels, 270–271
fragment-free mode, 247
distribution/aggregation layer, 269
hubs and, 239–242
E-LAN service, 275
IP addressing, 245
E-Line, 274, 275
isolating collision domains, 246
Ethernet service attributes, 276–277
latency, 246
Ethernet Service Definition, 274
layer 2 switches, 238
E-Tree service, 275–276
managed switches, 242–247
EVC, 274
MLS, 247
HDLC, 272, 273
multicast messages, 239
lines of demarcation, 271
ports, 243
MEF, 274
secure addresses, 243
MOE, 273–274
stacked switches, 243–244
POP, 271
static assignments, 243
PPP, 272–273
store-and-forward mode, 246
routers, 262–266
wire speed routing, 247
auxiliary input, 250
traffic flows, 269
console input/cabling, 250
784 INDEX

UNI, 274 IPSec, 598, 651
WAN, 267–277 IPv4, 312–313
interfaces 6to4 prefix, 335
auto-negotiation, 383–386 ARIN, 315
host interfaces, identifiers, 335 assigning, 315
routers, 250–251 A.B.C.D. values, 20–21
administratively down, 390 class network addresses, 467
full-duplex mode, 384–386 classes, 313
half-duplex mode, 384–386 classful addresses, 317
troubleshooting, 387–392 decimal/binary octets, 314
subinterfaces, VLAN, 418–419 default gateway addresses, 359–361
UNI, 274 dual stacks, 336
USB interfaces, 250 host IP addresses, 315
interference host numbers, 21
fiber-optic cabling, 126 network numbers, 21
WLAN, troubleshooting, 214 network/host bits, 314–315
international export controls, 720–722 next hop addresses, 362
Internet layer, TCP/IP, 294, 301 non-Internet-routable IP addresses, 316
ARP, 301–303 private IP addresses, 21–22, 316
ICMP, 302–303 public IP addresses, 22
IGMP, 303–304 RIR, 315
IP, 301 structure of, 313
intranets, 21, 316 transitioning to IPv6, 335–337
intrusion attacks, 594–595 IPv6, 333–335, 337
brute-force attacks, 596 6to4 prefix, 335
dictionary attacks, 596 anycast addresses, 335
packet sniffing attacks, 597–599 CIDR, 337–338
password cracking attacks, 596–597 defined, 333
social engineering attacks, 595–596 dual stacks, 336
inventory/asset management, 728 interface (host) identifiers, 335
IoT (Internet of Things), 568, 662–663 IPng, 333
IP (Internet Protocol) link-local addresses, 335, 336–337
addressing. See separate entry multicast addresses, 335
ip helper command, 533 routing, 499
IP internetworks, 21–22 routing, BGP, 501–502
ip route command, 451 routing, EIGRP, 501
security cameras, 662 routing, OSPF, 500–501
telephony, 251 routing, RIP, 499–500
troubleshooting, 568–573 routing, static, 499
tunnels, 648 SLAAC, 336–337
IP (Internet Protocol), addressing transitioning to, 335–337
APIPA, 532, 533 unicast addresses, 335
assigning, 529–530 lease time, 532
gateway addresses, 326–327 managing with DHCP, 531–537
headers, 301 network numbers, 482
IANA, 20 Office LAN, 40
IPAM, 546
INDEX 785

overloading, 35
L
private IP addresses
APIPA, 532, 533 L2F (Layer 2 Forwarding) protocol, 650
NAT, 34–35 L2TP (Layer 2 Tunneling Protocol), 650, 651
public IP addresses, NAT, 35 labeling, 71–72
switches, configuring, 245 port labeling, 72
TCP/IP, 21–22 system labeling, 72
troubleshooting, 570 LACP (Link Aggregation Control Protocol), 424
VM, 682 LAN (Local Area Networks), 5, 6. See also VLAN;
wildcard bits, 482–483 WLAN
IPAM (IP Address Management), 546 access/edge layer, 269
ipconfig command, LAN testing/troubleshooting, 47–48 bridges
ipconfig /release command, 532 advantages/disadvantages of, 236
ipconfig /renew command, 532 ARP caches, 233–235
ipconfig/all command, 18–19, 39 associations, 233
IPng (IP Next Generation), 333 broadcasts, 233
IPS (Intrusion Prevention Systems), 619 defined, 232
IPSec, 598, 651 MAC addresses, 232–234
IR (Infrared) radiation, 126, 130 multiport bridges. See layer 2 switches
ISAKMP (Internet Security Association and Key ports, 232–233
Management Protocol), 651 translation bridges, 235
iSCSI (Internet Small Computer Systems Interface), 699 transparent bridges, 235
IS-IS (Intermediate System-to-Intermediate System), wireless bridges, 236
478–479 Carrier Ethernet, 273–274
ISM (Industrial, Scientific, Medical) band, 179 core layer, 268
isolating CSU/DSU, 272
collision domains, 246 data center architectures, 269
network problems, 14 data channels, 270–271
isolators, fiber-optic cabling, 142 default gateway addresses, 359–361
ISP (Internet Service Providers), defined, 21 distribution/aggregation layer, 269
IT audits, 728 E-LAN service, 275
E-Line, 274, 275
J Ethernet LAN, 16
cabling, numerics, 41
jamming wireless networks, 638 CSMA/CD, 16
jitter, 252 frames, 17
jumbo frames, 17 Ethernet service attributes, 276–277
Ethernet Service Definition, 274
K E-Tree service, 275–276

EVC, 274
keepalive packets, 388 flat networks, 359
Kerberos authentication, 623 HDLC, 272, 273
key exchanges interconnecting WAN, 267–277
Diffie-Hellman key exchange, 651 layer 3 networks, 359–364
IKE, 651 lines of demarcation, 271
ISAKMP, 651 MEF, 274
keys, hardware, 682 MOE, 273–274
786 INDEX

Office LAN, assembling, 38–39 fragment-free mode, 247
cabling, 40–43 hubs and, 239–242
client/server networks, 42–45 IP addressing, 245
configuring computers for LAN operation, 44 isolating collision domains, 246
diagramming networks, 39–40 latency, 246
IP addressing, 40 layer 2 switches, 238
MAC addresses, 40 managed switches, 242–247
network device connections, 40–43 MLS, 247
peer-to-peer networks, 42, 43 multicast messages, 239
POP, 271 ports, 243
PPP, 272–273 secure addresses, 243
routers stacked switches, 243–244
auxiliary input, 250 static assignments, 243
console input/cabling, 250 store-and-forward mode, 246
console ports, 254–261 wire speed routing, 247
FastEthernet ports, 250, 263 testing, 45–48
gateway addresses, 265 traffic flows, 269
higher-end routers, VoIP, 252–253 troubleshooting, 45–48
interconnecting LAN, 262–266 UNI, 274
interfaces, 250–251 language table registries, 528
logical addresses, 249 last resort, gateways of, 454
MPLS, 252 last-mile connections, 200
network addresses, 249 latency
packet shapers, 253 metrics, 461
ports, 249–250 network latency, 252
QoS, 251–253 switches, 246
routing tables, 265 layer 2 switches, 238
segments, 265–266 layer 3 networks, 359–364
serial interfaces, 251 LC connectors, fiber-optic cabling, 145–146
serial ports, 264 LCL (Longitudinal Conversion Loss), 99
USB interfaces, 250 LEAP (Lightweight Extensible Authentication Protocol),
VIC-4FXS/DID, 251 640
voice interface cards, 251 learning state, STP, 423
VoIP, 251 lease time, 532
WIC2AM, 251 LED (Light-Emitting Diodes), 141
switches, 237–238, 239 length/type, frames, 17
adaptive cut-through mode, 247 LF (Low Frequency) RFID tags, 203
aging time, 244 licenses, MLA, 724
benefits of, 246 light
broadcast domains, 246 electromagnetic wavelength spectrum, 131
CNA, 242–243 IR (Infrared) radiation, 126, 130
cut-through mode, 247 optical spectrum, 130–131
dynamic assignments, 243 refraction of, 129
error thresholds, 247 refractive indexes, 129
fast-forward mode, 247 light detectors, fiber-optic cabling, 143–145
flooding, 246 light pipes, defined, 142
INDEX 787

line console passwords, 375–376, 412–414 loss of association, WLAN, 193
line passwords, 626–627 LSA (Link State Advertisements), 477
lines of demarcation, 271 LTE/4G, 204
link budgets, 157–158
link integrity tests, 42
link light indicators, 42
M
link-local addresses, 335, 336–337 MAC (Media Access Control) layer, 802.11 wireless
link (port) aggregation, 424 standard, 176
link pulses, 42 MAC addresses, 20
link state protocols, 476–477 aging time, 244
EIGRP, 487–494, 501 bridges, 232–234
IS-IS, 478–479 CAM, 246
LSA, 477 defined, 17, 18
NET addresses, 479 destination MAC addresses and sources, 17
OSPF, 477, 483–486 dynamic assignments, 243
advantages/disadvantages of, 478 filtering, 33
Area 0, 482 ipconfig/all command, 18–19
areas, 477 length of, 18
configuring, 481–485 Linux, 20
hello packets, 477 macOS, 20
IPv6, 500–501 NIC, 18
router ospf [process id] command, 481 obtaining, 19–20
VLSM, 478 Office LAN, 40
RIP and, 477 OUI, 18
route flapping, 478 sampling of, 18
links, cabling, 92 spoofing attacks, 635
Linux static assignments, 243
firewalls, 616–617 sticky command option, 634
MAC addresses, obtaining, 20 Windows 10, 20
listening state, STP, 423 macOS
Live Migration, 681 firewalls, 615–616
load balancing, dynamic routing protocols, 460 home networks, connecting, 32
load issues (WLAN), troubleshooting, 215 MAC addresses, obtaining, 20
load metrics, 461 remote client VPN configurations, 652–653
lockers, smart, 663 ZTerm serial communications software, 259–261
locking cabinets, 661 magic numbers, subnetting, 323
locking racks, 661 Maintenance, Safeguards, and Operational Features for
locks, racks, 73 Exit Routes (29 CFR 1910.37), 710
logging, routers, 630–631 malware
logic bombs, 604 antivirus/anti-malware software, 610–611
logical addresses, 249 logic bombs, 604
logical fiber maps, 154, 155 ransomware attacks, 604
long hauls, data transmissions, 134 viruses, 602–603
lookups, DNS, 539 worms, 603
loopbacks, 448–449 zero-day attacks, 604
loops, routing, 465 MAN (Metropolitan Area Networks), 5
788 INDEX

managed switches, 242–247 MIB (Management Information Bases), 547
managing microbending, fiber-optic cabling, 136–137
asset/inventory management, 728 MIMO (Multiple-Input Multiple-Output), 182
cabling, 67 MLA (Master License Agreements), 724
change management policies, 624 MLS (Multilayer Switches), 247
domain names, 528 mm (multimode) fibers, 155
inventory/asset management, 728 mobile (cellular) communications, 204
IP addressing, IPAM, 546 3G wireless standard, 204
network access, 623–624 4G wireless standard, 204
network infrastructures 5G wireless standard, 204
DHCP deployments, 535–537 CDMA, 204
DNS, 539–546 EDGE, 204
domain names, 528 geofencing, 204
FTP data packets, 566–567 HSPA+204
IP address assignments, 529–530 LTE/4G, 204
IP address management with DHCP, 531–537 NFC, 204
network management protocols, 546–551 modal dispersion, 137–138
number resources, 529 mode field diameters, 134–135
protocol assignments, 529 modems
scaling networks, 537–538 ADSL modems, 645–646
SFTP, 566 analog modems
SNMP, 546–551 asymmetric operations, 643
traffic analysis, 552–565 security, 643–644
troubleshooting IP networks, 568–573 V.44/V.34 modem standard, 643
Wireshark, 560–565 V.92/V.90 modem standard, 643
number resources, 529 broadband modems/gateways, 28
man-in-the-middle attacks (on-path attacks), 598 cable modems
mantraps (access control vestibules), 661 DSL modems, 29–30
manufacturer’s specifications, cabling, 102–104 home networks, 28, 29
mapping, ports, 35 security, 644
maps dialup modems, 644
color maps, T568A/T568B wiring standards, 78–80 xDSL modems, security, 644–646
logical fiber maps, 154, 155 MOE (Metro Optical Ethernet), 273–274
physical fiber maps, 154, 156 motion detection, 662
wiremaps, 82 MOU (Memorandums of Understanding), 723–724
MC (Main Cross-Connects), 68, 69 Mpbs (Megabits per second), 40
MD5 (Message Digest 5) hashing algorithm, 649, 650 MPLS (Multiprotocol Label Switching), 252
mechanical splicing, 144–145 MSA (Master Service Agreements), 724
media converters, 262–263 MSDS (Material Safety Data Sheets), 716
MEF (Metro Ethernet Forum), 274 MSTI (Multiple Spanning Tree Instances),
memory 423–424
CAM, 246 MSTP (Multiple Spanning Tree Protocol), 423–424
flash memory, 368 MT ACK, 534
mesh topologies, 10–11 MT Discover, 534
metrics, dynamic routing protocols, 460, 461 MT Offer, 534
mGRE (Multipoint GRE), 649 MT Request, 534
INDEX 789

MTBF (Mean Time Between Failures), 729 network switches. See switches
MT-RJ connectors, fiber-optic cabling, 145–146 network/host bits, IPv4 addressing, 314–315
MTTF (Mean Time To Failure), 729 networks
MTTR (Mean Time To Recover/Repair), 729 access management, 623–624
multicast addresses, 335 ad hoc networks, 176, 177
multicast messages, 239 campus network hierarchical topologies, 69
multicasting, 303 campus networks
multilevel encoding, 100 backbones, 477
multimeters, 110 defined, 230
multimode fiber, 130, 132 optical networking, 154–157
multiplexing, 271 CAN, 5
CWDM, 142 client/server networks, 42–45
DWDM, 130, 141 congestion (bottlenecking), 76, 252
OFDM, 180, 200 connections, verifying with ping command, 240–241
WDM, 130 contiguous networks, 467
multipoint antenna distributions, 209–211 deterministic networks, 7
multiport bridges. See layer 2 switches diagramming, 39–40
multiport repeaters. See hubs enterprise networks, 5, 262
multitenancy, cloud computing, 695, 696 flat networks, 359
MU-MIMO (Multiuser-MIMO), 182 home networks, 24
MX records (Mail Exchange records), 543–544, 693 appearance, 31
captive portals, 32
N connecting, 32
cost, 30
NAC (Network Access Control), 624 data speeds, 30
name resolution, troubleshooting, 571 ease of implementation, 31
NAS (Network Attached Storage), 700 encryption, 33
NAT (Network Address Translation), 34 home access, 31
defined, 34 hotspots, 32
private IP addresses, 34–35 NAT, 34–36
public IP addresses, 35 public access, 31
scaling networks, 537–538 range extenders, 32
NCP (Network Control Protocol), 292 security, 33–34
NDA (Non-Disclosure Agreements), 725 troubleshooting, 31–32
near-end testing, 94 infrastructure management
NET (Network Entity Title) addresses, 479 DHCP deployments, 535–537
NET, subnet, 363 DNS, 539–546
netstat -a command, 600 domain names, 528
netstat -b command, 601 FTP data packets, 566–567
netstat -r command, 448 IP address assignments, 529–530
network adapters, home networks, 26 IP address management with DHCP, 531–537
network addresses, 249, 322 network management protocols, 546–551
network bridges. See bridges number resources, 529
Network interface layer, TCP/IP, 294, 304 protocol assignments, 529
Network layer, OSI model, 13 scaling networks, 537–538
network numbers, IP addressing, 21, 482 SFTP, 566
790 INDEX

traffic analysis, 552–565 physical fiber maps, 154, 156
troubleshooting IP networks, 568–573 SFP, 152–153
Wireshark, 560–565 SFP+153–154
interfaces, auto-negotiation, 383–386 sm fibers, 155
intranet, 21 SONET/SDH, 148–149
IP internetworks, 21–22 transceivers, 154
IP networks, troubleshooting, 568–573 “two-deep” rule, 152–153
isolating problems, 14 X2, 153–154
LAN, 5, 6 XENPAK, 153–154
assembling, 38–43 XFP, 153–154
bridges, 232–236 XPAK, 153–154
configuring computers for LAN operation, 44 OSI model, 12
console port connections, 254–261 Application layer, 13, 14
default gateway addresses, 359–361 Data link layer, 13
Ethernet LAN, 16–23 layer numbers, 13
flat networks, 359 layers, summary of, 12–13
routers, 249–253, 262–266 Network layer, 13
switches, 237–238 Physical layer, 13
testing, 45–48 Presentation layer, 13–14
troubleshooting, 45–48 Session layer, 13
WAN interconnections, 267–277 Transport layer, 13
latency, 252 PAN, 4
layer 3 networks, 359–364 peer-to-peer networks, 42, 43
MAN, 5 PSTN, 251
management protocols, 546–551 SAN, 698–699
NAS, 700 scaling, 537–538
optical networking, 147–148 SDN, 696–697
backbones, 155 SD-WAN, 697
BD fiber, 151–154 security
building distributions, 151–154 ARP cache poisoning, 598
campus networks, 154–157 brute-force attacks, 596
color-coding fiber, 156 buffer overflow attacks, 599–600
defined, 148–151 dictionary attacks, 596
diplexers, 154 DoS attacks, 606–609
Ethernet, 157 DTLS protocol, 598
fiber cross-connects, 151 evil twin attacks, 598
FTTB, 149 intrusion attacks, 594–604
FTTC, 149 IPSec, 598
FTTD, 149 malware, 602–604
FTTH, 149 on-path attacks (man-in-the-middle attacks), 598
GBIC, 152–153 packet sniffing attacks, 597–599
IC fibers, 152 password cracking attacks, 596–597
IDC, 152–153 session hijacking, 599
link budgets, 157–158 social engineering attacks, 595–596
logical fiber maps, 154, 155 software vulnerabilities, 599–604
mm fibers, 155 SSL protocol, 597–598
optical Ethernet, 149–150 TLS protocol, 598
INDEX 791

TTLS protocol, 598 interconnecting LAN, 267–277
VLAN hopping, 599 LAN interactions, 267–277
segments, 265–266 OC, 270
defined, 246 SD-WAN, 697
subnet, NET, 363 wired networks
slowdowns, 233 access points (AP), 28
topologies, 7 advantages/disadvantages of, 24
bus topologies, 8–9 appearance, 31
defined, 6 broadband modems/gateways, 28
hub-and-spoke topologies. See star topologies cable modems, 28, 29
mesh topologies, 10–11 components of, 25–30
point-to-point topologies, 6 cost, 30
star topologies, 9, 10, 39 data speeds, 30
Token Ring topologies, 6, 7–8 defined, 24
traffic analysis, 552–565 DSL modems, 29–30
troubleshooting ease of implementation, 31
bottom-to-top (bottom-up) approach, 569 example of, 25
divide-and-conquer approach, 569 home access, 31
isolating problems, 14 hubs, 25
spot-the-difference approach, 569 network adapters, 26
top-to-bottom (top-down) approach, 569 public access, 31
verifying settings, 570 routers, 26–27
VPN, 34 switches, 26
CHAP, 649, 650 troubleshooting, 31–32
client-to-site VPN, 648 wireless routers, 28
EAP, 650 wireless networks (Wi-Fi), 24
GRE, 648–649 access points (AP), 28
headends, 647 advantages/disadvantages of, 24
IP tunnels, 648 appearance, 31
IPSec, 651 broadband modems/gateways, 28
L2F, 650 cable modems, 28, 29
L2TP, 650 captive portals, 32
MD5 hashing algorithm, 649, 650 components of, 25–30
mGRE, 649 connecting, 32
PAP, 649–650 cost, 30
PPP, 649 data speeds, 30
PPTP, 650 defined, 24
remote access VPN, 648 DSL modems, 29–30
remote client configurations, 652–657 ease of implementation, 31
SHA, 649, 650 encryption, 33
site-to-site VPN, 648 example of, 25
tunneling protocols, 648–651 firewalls, 34
WAN, 5 home access, 31
defined, 526 hotspots, 32
example of, 526 hubs, 25
HSSI, 270 IEEE wireless standards, 24–25
792 INDEX

IP addressing, 34–36 Office LAN, assembling, 38–39
NAT, 34–36 cabling, 40–43
network adapters, 26 client/server networks, 42–45
public access, 31 configuring computers for LAN operation, 44
range extenders, 32 diagramming networks, 39–40
routers, 26–27 IP addressing, 40
security, 33–34 MAC addresses, 40
switches, 26 network device connections, 40–43
troubleshooting, 31–32 peer-to-peer networks, 42, 43
VPN, 34 omnidirectional antennas, 209
Wi-Fi Alliance, 24–25 onboarding/offboarding policies, 727
wireless routers, 25, 28 on-path attacks (man-in-the-middle attacks), 598
wireless standards, 32 Open Authentication, 638
WMN, 176 optical beam splitters. See WDM
WSN, ANT+ wireless technology, 183 optical communications, fiber-optic cabling
NEXT (Near-End Crosstalk), 92, 93, 94–95; 98, 99 absorption, 136
next hop addresses, 362 advantages of, 126–127
NFC (Near Field Communication), 204 APC connectors, 146
NFPA (National Fire Protection Association), 709 attenuation (insertion loss), 127, 136–137
NGFW (Next-Generation Firewalls), 620 attenuators, 142
NIC (Network Interface Cards) backbones, 155
defined, 18 bandwidth, 126
MAC addresses, 18 BD fiber, 151–154
teaming, 18 branching devices, 142
NLOS (Non-Line-Of-Sight), 200 building distributions, 151–154
nmap command, 601–602 campus networks, 154–157
no shutdown (no shut) command, 377 chromatic dispersion, 137–138
non-Internet-routable IP addresses, 316 cladding, 130
NS records (Name Server records), 543 color-coding fiber, 156
nslookup command, 541 components of, 126, 141–142
NTP (Network Time Protocol), 630 connectorization, 145–146
number conversions cores, 130
binary-to-decimal conversions, 306–307 corrosion, 127
decimal-to-binary conversions, 307–309 costs, 127
hexadecimal numbers, 309–311 crosstalk, 127
number resources, managing, 529 CWDM, 142
numerical apertures, 131 detectors, 143–145
numerics, Ethernet LAN cabling, 41 DFB lasers, 141
diplexers, 154
O dispersion, 137–139
dispersion compensation, 139
OC (Optical Carriers), 270 dispersion shifted fibers, 138–139
OFDM (Orthogonal Frequency-Division Multiplexing), DL, 141
180, 200 DWDM, 130, 141
offboarding/onboarding policies, 727 electrostatic interference, 126
INDEX 793

Ethernet, 157 RSL, 142
events, troubleshooting, 162 safety, 127, 160–161
FC connectors, 145–146 SC connectors, 145–146
fiber, defined, 142 scattering, 136
fiber Bragg grating, 139 security, 127
fiber cross-connects, 151 SFP, 152–153
fiber selection, 132–133 SFP+153–154
fiber-to-the-home/business, 130 “shooting the fiber”, 162
FTTB, 149 single-mode fibers, 130, 134–135
FTTC, 149 sm fibers, 155
FTTD, 149 splitters, 142
FTTH, 149 ST connectors, 145–146
fusion splicing, 144 step-index fiber, 133
GBIC, 152–153 strands, 131–132
glass, 142 transceivers, 154
graded-index fiber, 132, 133–134 transmission strands, 126
IC fibers, 152 troubleshooting, 162–163
IDC, 152–153 tunable lasers, 141–142
index-matching gel, 144 “two-deep” rule, 152–153
IR (Infrared) radiation, 126 unconnected fibers, 146
isolators, 142 UPC connectors, 146
LC connectors, 145–146 VCSEL, 141
LED, 141 VFL, 162
light pipes, 142 WDM, 130, 143
link budgets, 157–158 X2, 153–154
logical fiber maps, 154, 155 XENPAK, 153–154
mechanical splicing, 144–145 XFP, 153–154
microbending, 136–137 XPAK, 153–154
mm fibers, 155 zero dispersion wavelengths, 138–139
modal dispersion, 137–138 optical connectors, 126
mode field diameters, 134–135 optical Ethernet, 149–150
MT-RJ connectors, 145–146 optical link budgets, 157–158
multimode fiber, 130, 132 optical networking, 147–148
numerical apertures, 131 backbones, 155
optical connectors, 126 BD fiber, 151–154
optical Ethernet, 149–150 building distributions, 151–154
optical networking, defined, 148–151 campus networks, 154–157
optical spectrum, 130–131 color-coding fiber, 156
optical-line amplifiers, 143 defined, 148–151
OTDR, 162–163 diplexers, 154
photosensitive detectors, 126 Ethernet, 157
physical fiber maps, 154, 156 fiber cross-connects, 151
polarization mode dispersion, 137, 139 FTTB, 149
pulse dispersions, 132–133 FTTC, 149
refraction of light, 129 FTTD, 149
refractive indexes, 129 FTTH, 149
794 INDEX

GBIC, 152–153 OTDR (Optical Time-Domain Reflectometers), 162–163
IC fibers, 152 OUI (Organizationally Unique Identifiers), 18, 304
IDC, 152–153 outsourcing, cloud computing, 692
link budgets, 157–158 overloading, 35
logical fiber maps, 154, 155
mm fibers, 155
optical Ethernet, 149–150
P
physical fiber maps, 154, 156 PA (Protocol Addresses), 301
SFP, 152–153 PaaS (Platform as a Service), 695
SFP+153–154 packet frames, 17
sm fibers, 155 check sequences, 17
SONET/SDH, 148 components of (overview), 17
hierarchy data rates, 149 data, 17
STS, 149 data structure of, 17
transceivers, 154 destination MAC addresses and sources, 17
“two-deep” rule, 152–153 jumbo frames, 17
X2, 153–154 length/type, 17
XENPAK, 153–154 MAC addresses, 17, 20
XFP, 153–154 defined, 18
XPAK, 153–154 ipconfig/all command, 18–19
optical spectrum, light, 130–131 length of, 18
optical transceivers, 154 Linux, 20
optical-line amplifiers, fiber-optic cabling, 143 macOS, 20
OSH (Occupational Safety and Health) Act, 708–709 obtaining, 19–20
OSHA (Occupational Safety and Health Administration), OUI, 18
708–709 sampling of, 18
OSI (Open Systems Interconnection) model, 12 Windows 10, 20
Application layer, 13, 14 NIC
Data link layer, 13 MAC addresses, 18
layers NIC, 18
numbers, 13 teaming, 18
summary of, 12–13 pads, 17
Network layer, 13 preambles, 17
Physical layer, 13 start frame delimiters, 17
Presentation layer, 13–14 packet shapers, 253, 620
Session layer, 13 packets
Transport layer, 13 ACK packets, 297
OSPF (Open Shortest Path First), 477, 483–486 ARP packets, 302–303
advantages/disadvantages of, 478 DHCP packets, 534
Area 0, 482 error thresholds, 247
areas, 477 filtering, 618
configuring, 481–485 FTP data packets, 566–567
hello packets, 477 hello packets, 477
IPv6, 500–501 ICMP source-quench packets, 302
router ospf [process id] command, 481 IGMP packets, 303–304
VLSM, 478 keepalive packets, 388
INDEX 795

shaping, 620 photodetectors. See detectors
sniffing attacks, 597–599 photosensitive detectors, fiber-optic cabling, 126
SYN ACK packets, 297 PHY (Physical) layer, 802.11 wireless standard, 176
SYN packets, 297 physical addresses. See MAC addresses
TCP packets physical fiber maps, 154, 156
terminating connections, 299–300 physical layer cabling, 64. See also fiber-optic cabling;
transmitting, 298 twisted-pair cabling
UDP packet transfers, 300–301 APC connectors, 64
WEP, 638–639 BNC connectors, 64
wire speed routing, 247 connectors, 64
pads, defined, 17 fiber couplers, 64
paging procedures, Bluetooth devices, 197 structured cabling
PAN (Personal Area Networks), 4 backbone cabling, 67
PAP (Password Authentication Protocol), 649–650 building entrances, 66–67
parabolic reflector (dish) antennas, 209 ER, 67
passing tokens, 7 HC, 68, 69
passive RFID tags, 201–202 horizontal cabling, 67, 69–73
passwords IC, 68, 69
brute-force attacks, 596 MC, 68, 69
cracking attacks, 596–597 TCO, 67
dictionary attacks, 596 telecommunications closets, 67, 69–70
EXEC (privileged EXEC) passwords, 627 TIA/EIA 568-A cabling standard, 66
factory passwords, changing, 33 TIA/EIA 568-B cabling standard, 66
line console passwords, 375–376, 412–414 TIA/EIA 569B cabling standard, 66–67
line passwords, 626–627 WO, 68
packet sniffing attacks, 597–599 work areas, 67
PAP, 649–650 UPC connectors, 64
policies, 726 UTP couplers, 64
PAT (Port Address Translation), 35, 538 Physical layer, OSI model, 13
patch cabling, 71–72, 82, 87–90 physical security, 659, 660
path determination, dynamic routing access control, 659, 660–661
protocols, 460 access control vestibules (mantraps), 661
PBX (Private Branch Exchanges), 251 badge readers, 661
PCI DSS (Payment Card Industry Data Security biometric scanners, 661
Standard), 720 locking cabinets, 661
PD (Powered Devices), 426, 427 locking racks, 661
PDoS (Permanent DoS) attacks, 607 asset disposal, 662
PDU (Protocol Data Units), 730–731 biometric scanners, 661, 717
peer-to-peer networks, 42, 43 control devices, 660
penetration testing, 602 detection methods, 661–662
performance motion detection, 662
10GBASE-T cabling, 100–101 surveillance cameras, 662
cabling, 110 door access, 717
slowdowns, network, 233 surveillance, 659
personal firewalls, 610 testing, 659
piconets, 197–198
796 INDEX

ping command, 14, 45–47, 240–241, 302–303 PPP (Point-to-Point Protocol), 272–273, 649
pinouts, T568A/T568B wiring standards, 79 PPTP (Point-to-Point Tunneling Protocol), 650
PoE (Power over Ethernet), 425–428 preambles, defined, 17
PoE+427 Presentation layer, OSI model, 13–14
PoE++428 printers, wireless printers, troubleshooting, 216
point-to-point topologies, 6 private clouds, 696
poisoning ARP caches, 598 private (dynamic) ports, 295
polarization mode dispersion, 137, 139 private IP addresses, 21–22, 316
POP (Points of Presence), 271 APIPA, 532, 533
port (link) aggregation, 424 NAT, 34–35
Portable Fire Extinguishers (29 CFR 1910.157), 712–713 Privileged EXEC mode (Router#), 373–381
port-based VLAN, 407 privileged mode
ports routers, 373
bridges, 232–233 switches, 411, 412
common applications and port numbers, 295–296 privileged user agreements, 726
console ports, routers propagation delay, 93, 96
console cabling, 255 protocol-based VLAN, 408
DB-9 connectors, 254–255 protocols
DB-25 connectors, 254, 255 assigning, 529
PuTTY software, 256–259 defined, 6
RJ-45 connectors, 255 ICMP, 46
rollover cabling, 255–256 proxy servers, 618
RS-232 serial communications ports, 254, 255 PSAACRF (Power-Sum Alien ACRF), 98, 99
serial interfaces, 256 PSACR (Power-Sum Attenuation to Crosstalk Ratios), 93,
ZTerm serial communications software, 259–261 95, 96
defined, 9 PSANEXT (Power-Sum Alien NEXT), 98, 99
FastEthernet ports, 250, 263 PSE (Power Sourcing Equipment), 426–427
forwarding, 35 PSELFEXT (Power-Sum ELFEXT), 93, 95, 96
input ports, 41 pseudorandom numbering sequences, 180
labeling, 72 PSNEXT (Power-Sum NEXT), 93, 94
mapping, 35 PSTN (Public-Switched Telephone Networks), 251
PAT, 35 PTR records (Pointer records), 542
private (dynamic) ports, 295 public access, home networks, 31
registered ports, 295 public clouds, 696
routers, 249–250 public IP addresses, 22, 35
RS-232 serial communications ports, 254, 255 pulse dispersions, 132–133
serial ports, 264 PuTTY software, configuring, 256–259
straight-through ports, 42 PVST (Per-VLAN Spanning Tree), 423–424
switches, 243, 431–432, 633–635
TCP ports, 573 Q-R
TCP/IP, 295
trunk ports, 408–409 QoS (Quality of Service), VoIP, 251–253
UDP ports, 573 queuing/buffering, 252
uplink ports, 42 racks
VLAN port assignments, 431 diagrams, 72
well-known (reserved) ports, 295 locks, 73, 661
INDEX 797

RADIUS (Remote Authentication Dial-In User Service), HF tags, 203
624, 640 LF tags, 203
range command, 633 passive tags, 201–202
ranges (wireless), extending, 32, 195, 214 semi-active tags, 202
ranging, cable modems, 644 Slotted Aloha, 203
ransomware attacks, 604 UHF tags, 203
RAS (Remote Access Servers), 647 RIP (Routing Information Protocol), 465
RBAC (Role-Based Access Control), 623 configuring, 466–468
readers, RFID, 201 IPv6, 499–500
recovery/continuity policies/procedures, 729 link state protocols and, 477
MTBF, 729 [rip_tag] tags, 500
MTTF, 729 route configuration, 468–473
MTTR, 729 sh run command, 471–472
redundancy show ip protocol (sh ip protocol) command, 469–471
circuits, 730 RIPng (RIP Next Generation), 499–500
FHRP, 730 [rip_tag] tags, 500
reflective/amplified DoS attacks, 608 RIPv2 (Routing Information Protocol version 2), 474–475
refraction of light, 129 configuring, 466–468
refractive indexes, 129 route configuration, 473–474
registered ports, 295 RIR (Regional Internet Registries), 315, 529
reliability metrics, 461 RJ-45 connectors, 40, 70–71, 75, 255
remote access security, 642 roaming, WLAN connectivity, 178
analog modems, 643–644 role separation, 728
cable modems, 644 rollover cabling, 255–256
RAS, 647 root DNS servers, 539–540
xDSL modems, 644–646 Root Guard, 636
remote access VPN, 648 route flapping, 478
remote antenna installations, 211 route print command, 448
remote client VPN configurations, 652–657 router ospf [process id] command, 481
remote desktops, 695 routers
replies, ARP, 301–303 access, 626–628
requests, ARP, 301–302 administrative distance, 461
reserved (well-known) ports, 295 auto-negotiation, 383–386
resets, factory, 662 auxiliary input, 250
return loss, testing, 93, 95–96 configure terminal (conf t) command, 374
reverse DNS lookups, 539 configuring
RF signal strength, WLAN, 191–195, 209–211 Privileged EXEC mode (Router#), 380–381
RFID (Radio Frequency Identification), 200, 201 User EXEC mode (Router>), 369–371
backscatter, 200 console input/cabling, 250
block diagram, 200–201 console ports
inlays, 202 console cabling, 255
readers, 201 DB-9 connectors, 254–255
tags, 200 DB-25 connectors, 254, 255
active tags, 202 PuTTY software, 256–259
communications (air interface) portal, 203 RJ-45 connectors, 255
frequency bands, 203 rollover cabling, 255–256
798 INDEX

RS-232 serial communications ports, 254, 255 USB interfaces, 250
serial interfaces, 256 User EXEC mode (Router>), 366–371
ZTerm serial communications software, 259–261 VIC-4FXS/DID, 251
enable command, 373 voice interface cards, 251
enable secret command, 375 VoIP, 251
EXEC (privileged EXEC) passwords, 627 WIC2AM, 251
FastEthernet interface configurations, 376–377 wireless routers, 25, 28, 213
FastEthernet ports, 250, 263 routing
fundamentals of, 358–364 advertising, 466
gateway addresses, 265 BGP, 496–498, 501–502
higher-end routers, VoIP, 252–253 CIDR, 329
home networks, 26–27 blocks, 330–331
hostname command, 374–375 IPv6 addressing, 337–338
interconnecting LAN, 262–266 notation, 329
interfaces, 250–251 subnet mask conversions, 329–330
administratively down, 390 distance vector protocols, 463
auto-negotiation, 383–386 hop count metrics, 463–464
full-duplex mode, 384–386 RIP, 465
troubleshooting, 387–392 RIP, [rip_tag] tags, 500
ip helper command, 533 RIP, configuring, 466–468
line console passwords, 375–376 RIP, IPv6, 499–500
line passwords, 626–627 RIP, route configuration, 468–473
logging, 630–631 RIP, sh run command, 471–472
logical addresses, 249 RIP, show ip protocol (sh ip protocol) command,
MPLS, 252 469–471
network addresses, 249 RIP and link state protocols, 477
no shutdown (no shut) command, 377 RIPv2, 474–475
packet shapers, 253 RIPv2, configuring, 466–468
ports, 249–250 RIPv2, route configuration, 473–474
Privileged EXEC mode (Router#), 373–381 routing loops, 465
privileged mode, 373 dynamic routing protocols, 460, 461
QoS, 251–253 convergence, 460
Router (config-if)# prompt, 377 load balancing, 460
routing tables, 265 metrics, 460, 461
RSA keys, 627–628 path determination, 460
security, 626 EIGRP, 487–494, 501
access, 626–628 GRE, 648–649
logging, 630–631 IPv6 routing, 499
services, 628–630 BGP, 501–502
segments, 265–266 EIGRP, 501
serial interfaces, 251, 377–380 OSPF, 500–501
serial ports, 264 RIP, 499–500
services, 628–630 static routing, 499
show ip interface brief (sh ip int brief) command, 377, link state protocols, 476–477
387–392, 430 configuring, 481–485
uptime, 369 EIGRP, 487–494
INDEX 799

EIGRP, IPv6, 501 routing tables
IS-IS, 478–479 code C, 453
LSA, 477 code S, 453
NET addresses, 479 defined, 265
OSPF, 477, 483–486 RPO (Recovery Point Objectives), 732
OSPF, advantages/disadvantages of, 478 RR (Resource Records), DNS, 541–546
OSPF, Area 0, 482 RS-232 serial communications ports, 254, 255
OSPF, areas, 477 RSA keys, 627–628
OSPF, hello packets, 477 RSL (Received Signal Levels), fiber-optic cabling, 142
OSPF, IPv6, 500–501 RSSI (Received Signal Strength Indicators), 214
OSPF, router ospf [process id] command, 481 RSTP (Rapid Spanning Tree Protocol), 423–424
OSPF, VLSM, 478 RTO (Recovery Time Objectives), 732
RIP and, 477 rules/regulations
route flapping, 478 industry regulatory compliance, 718
loops, 465 FERPA, 718
OSPF, 477 FISMA, 719
advantages/disadvantages of, 478 GDPR, 719
areas, 477 GLBA, 719–720
hello packets, 477 HIPAA, 720
VLSM, 478 international export controls, 720–722
RIP, 465 PCI DSS, 720
RIPng, 499–500 safety codes/standards
static routing, 447–448, 458 biometric scanners, 717
commands (overview), 457 CFR, 709–716
configuring, 454–458 Design and Construction Requirements for Exit Routes
copy running-configuration startup-configuration (copy (29 CFR 1910.36), 709–710
run start) command, 457 door access, 717
default gateways, 448 Emergency Action Plans (29 CFR 1910.38), 710–711
gateways of last resort, 454 Employee Alarm Systems (29 CFR 1910.165), 715–716
ip route command, 451 Fire Detection Systems (29 CFR 1910.164), 714–715
IPv6, 499 Fire Prevention Plans (29 CFR 1910.39), 711–712
loopbacks, 448–449 Fixed Extinguishing Systems (29 CFR 1910.160),
netstat -r command, 448 713–714
route print command, 448 Hazard Communication (29 CFR 1910.1200), 716
routing tables, code C, 453 HVAC systems, 717
routing tables, code S, 453 Maintenance, Safeguards, and Operational Features for
setting, 449–451 Exit Routes (29 CFR 1910.37), 710
show ip route (sh ip route) command, 451–454 MSDS, 716
show ip route static (sh ip route static) command, 456 NFPA, 709
show running-config (sh run) command, 456–457 OSH Act, 708–709
show startup-config (sh start) command, 457 OSHA, 708–709
subnet masks, 451 Portable Fire Extinguishers (29 CFR 1910.157),
712–713
VLSM, 451
SDS, 716
write memory (wr m) command, 457
runts, 433
wire speed routing, 247
800 INDEX

S security
3DES, 651
SaaS (Software as a Service), 695 access control, 659, 660–661
safety access control vestibules (mantraps), 661
codes/standards badge readers, 661
biometric scanners, 717 biometric scanners, 661
CFR, 709–716 locking cabinets, 661
Design and Construction Requirements for Exit Routes locking racks, 661
(29 CFR 1910.36), 709–710 AH, 651
door access, 717 analog modems, 643–644
Emergency Action Plans (29 CFR 1910.38), 710–711 antivirus/anti-malware software, 610–611
Employee Alarm Systems (29 CFR 1910.165), 715–716 ARP cache poisoning, 598
Fire Detection Systems (29 CFR 1910.164), 714–715 Bluetooth, 641
Fire Prevention Plans (29 CFR 1910.39), 711–712 botnets, 608
Fixed Extinguishing Systems (29 CFR 1910.160), brute-force attacks, 596
713–714
buffer overflow attacks, 599–600
Hazard Communication (29 CFR 1910.1200), 716
cable modems, 644
HVAC systems, 717
change management policies, 624
Maintenance, Safeguards, and Operational Features for
cloud computing, 697
Exit Routes (29 CFR 1910.37), 710
computer forensics, 621
MSDS, 716
content filters, 620
NFPA, 709
coordinated DDoS attacks, 608
OSH Act, 708–709
DAI, 635
OSHA, 708–709
DDoS attacks, 608–609
Portable Fire Extinguishers (29 CFR 1910.157),
712–713 deauthentication/disassociation attacks, 608
SDS, 716 DES, 651
fiber-optic cabling, 127, 160–161 dictionary attacks, 596
SAN (Storage Area Networks), 698–699 Diffie-Hellman key exchange, 651
FC, 699 directed broadcasts, 607
FCoE, 699 documentation, 624
IB, 699 DoS attacks, 606–609
iSCSI, 699 DTLS protocol, 598
sanitizing devices for disposal, 662 encryption, 33
SC connectors, fiber-optic cabling, 145–146 ESP, 651
scalability, cloud computing, 695–696 evil twin attacks, 598
scaling networks, 537–538 EXEC (privileged EXEC) passwords, 627
scanners, biometric, 661, 717 fiber-optic cabling, 127
scattering, fiber-optic cabling, 136 firewalls, 34
screened subnets, 618 ACL, 617–618
SDN (Software-Defined Networking), 696–697 configuring, 611–617
SDS (Safety Data Sheets), 716 deploying, 619
SD-WAN (Software-Defined Wide Area Networks), 697 DMZ, 618
secure addresses, switches, 243 NGFW, 620
INDEX 801

packet filtering, 618 locking racks, 661
personal firewalls, 610 motion detection, 662
proxy servers, 618 surveillance, 659
screened subnets, 618 surveillance cameras, 662
SPI, 34 testing, 659
stateful firewalls, 618 RADIUS, 624
home networks, 33–34 ransomware attacks, 604
IDS, 619 RAS, 647
IKE, 651 RBAC, 623
intrusion attacks, 594–604 reflective/amplified DoS attacks, 608
IoT, 662–663 remote access security, 642
IP security cameras, 662 analog modems, 643–644
IPS, 619 cable modems, 644
IPSec, 598, 651 RAS, 647
ISAKMP, 651 xDSL modems, 644–646
Kerberos authentication, 623 routers, 626
locks, racks, 73 access, 626–628
logic bombs, 604 logging, 630–631
MAC addresses, filtering, 33 services, 628–630
malware, 602–604, 610–611 RSA keys, 627–628
modems session hijacking, 599
analog modems, 643–644 smart doorbells, 663
cable modems, 644 smart lockers, 663
xDSL modems, 644–646 smart speakers, 663
NAC, 624 smart thermostats, 663
NAT, 34 social engineering attacks, 595–596
defined, 34 software
private IP addresses, 34–35 buffer overflow attacks, 599–600
public IP addresses, 35 netstat -a command, 600
network access management, 623–624 netstat -b command, 601
on-path attacks (man-in-the-middle attacks), 598 nmap command, 601–602
packet sniffing attacks, 597–599 penetration testing, 602
passwords vulnerabilities, 599–604
changing factory passwords, 33 SPI, 34
cracking attacks, 596–597 spoofing attacks, 607, 635
PDoS attacks, 607 SSID
physical security, 659, 660 changing default SSID, 33
access control, 659, 660–661 turning off SSID broadcasts, 33
access control vestibules (mantraps), 661 SSL protocol, 597–598
asset disposal, 662 switches, 631–633
badge readers, 661 BPDU Filter, 636
biometric scanners, 661, 717 BPDU Guard, 635–636
control devices, 660 DAI, 635
detection methods, 661–662 ports, 633–635
door access, 717 Root Guard, 636
locking cabinets, 661 STP, 635–636
802 INDEX

TACACS+624 WEP, 638–639
TLS protocol, 598 WPA, 639
TTLS protocol, 598 WPA2, 639–640
Type 5 encryption algorithm, 627 WPA3, 640
Type 7 encryption algorithm, 627 WLAN, 637
UTM, 624 AES, 640
viruses, 602–603, 610–611 Bluetooth, 641
VLAN hopping, 599 CCMP, 639–640
VPN, 34 EAP, 640, 650
CHAP, 649, 650 guidelines, 640–641
client-to-site VPN, 648 hotspots, 641
EAP, 650 jamming, 638
GRE, 648–649 LEAP, 640
headends, 647 Open Authentication, 638
IP tunnels, 648 RADIUS, 640
IPSec, 651 shared-key authentication, 638
L2F, 650 SSID, 638
L2TP, 650 TKIP, 639
MD5 hashing algorithm, 649, 650 war chalking, 641
mGRE, 649 war driving, 641
PAP, 649–650 war flying, 641
PPP, 649 WEP, 638–639
PPTP, 650 WPA, 639
remote access VPN, 648 WPA2, 639–640
remote client configurations, 652–657 WPA3, 640
SHA, 649, 650 worms, 603
site-to-site VPN, 648 xDSL modems, 644–646
tunneling protocols, 648–651 zero-day attacks, 604
web filters, 620 segments, 265–266
wireless networks (Wi-Fi), 637 defined, 246
AES, 640 subnet, NET, 363
Bluetooth, 641 semi-active RFID tags, 202
CCMP, 639–640 serial interfaces
EAP, 640, 650 console ports, routers, 256
guidelines, 640–641 HSSI, 270
hotspots, 641 routers, 251, 377–380
jamming, 638 serial ports, 264
LEAP, 640 servers
Open Authentication, 638 proxy servers, 618
RADIUS, 640 RAS, 647
shared-key authentication, 638 root DNS, 539–540
SSID, 638 service attributes, Ethernet, 276–277
TKIP, 639 services
war chalking, 641 cloud services, 692–693
war driving, 641 DaaS, 695
war flying, 641 DSL, 645
INDEX 803

IaaS, 694 show interface status (sh int status) command, 430–431
MSA, 724 show ip interface brief (sh ip int brief) command, 377,
PaaS, 695 387–392, 430
routers, 628–630 show ip protocol (sh ip protocol) command, 469–471
SaaS, 695 show ip route (sh ip route) command, 451–454
xDSL, 645 show ip route static (sh ip route static) command, 456
session hijacking, 599 show mac address-table command, 433–434
Session layer, OSI model, 13 show running-config command, 429–430
setting up (configuring) show running-config (sh run) command, 456–457
BGP, 496–498 show startup-config (sh start) command, 457
computers for LAN operation, 44 show version command, 368–369, 434
EIGRP, 488–494 signal strength, WLAN, 191–195
FastEthernet interfaces, 376–377 RF site surveys, 209–211
firewalls, 611–617 RSSI, 214
interfaces, auto-negotiation, 383–386 troubleshooting, 214
IP addressing, switches, 245 signal transmission, 10GBASE-T cabling, 100–101
OSPF, 481–485 single-mode fibers, 130, 134–135
PuTTY software, 256–259 site surveys, 190–195, 207, 209–211
routers site-to-site VPN, 648
Privileged EXEC mode (Router#), 380–381 SLA (Service-Level Agreements), 693, 724
User EXEC mode (Router>), 369–371 SLAAC (Stateless Address Autoconfiguration), 336–337
SLAAC, 336–337 Slotted Aloha, 203
SNMP, 547–551 slowdowns, network, 233
static routing, 454–458 sm (single-mode) fibers, 155
static VLAN, 414–418 smart devices, 568
switches, 410, 419–420 smart doorbells, 663
configure terminal (conf t) command, 411 smart lockers, 663
enable secret command, 412 smart speakers, 663
hostname command, 411–412 smart thermostats, 663
line console passwords, 412–414 snapshots
privileged mode, 411, 412 virtualization, 681
static VLAN configurations, 414–418 WLAN, 192–193
switch# prompt, 412 SNMP (Simple Network Management Protocol), 546–547
switch(config)# prompt, 411, 412 configuring, 547–551
switch(config-line)# prompt, 413 MIB, 547
VLAN subinterfaces, 418–419 SNMPv2, 550
virtualization, 682–690 SNMPv3, 550
WLAN, 185–195, 206–211 snooping, DHCP, 572
SFP (Small Form-Factor Pluggables), 152–153 SOA (Start of Authority) resource records, 541
SFP+153–154 social engineering attacks, 595–596
SFTP (Secure File Transfer Protocol), 566 software
sh run command, 471–472 antivirus/anti-malware software, 610–611
SHA (Secure Hash Algorithm), 649, 650 botnets, 608
shared-key authentication, 638 buffer overflow attacks, 599–600
“shooting the fiber”, 162 coordinated DDoS attacks, 608
show flash command, 368 DDoS attacks, 608–609
804 INDEX

deauthentication/disassociation attacks, 608 SSL (Secure Socket Layer) protocol, 597–598
directed broadcasts, 607 ST connectors, fiber-optic cabling, 145–146
DoS attacks, 606–609 stacked switches, 243–244
logic bombs, 604 star topologies, 9, 10, 39
malware, 602–604 start frame delimiters, defined, 17
PDoS attacks, 607 stateful firewalls, 618
ransomware attacks, 604 static assignments, 243
reflective/amplified DoS attacks, 608 static routing, 447–448, 458
SDN, 696–697 commands (overview), 457
security configuring, 454–458
netstat -a command, 600 copy running-configuration startup-configuration (copy
netstat -b command, 601 run start) command, 457
nmap command, 601–602 default gateways, 448
penetration testing, 602 gateways of last resort, 454
spoofing attacks, 607 ip route command, 451
viruses, 602–603 IPv6, 499
vulnerabilities, 599–604 loopbacks, 448–449
worms, 603 netstat -r command, 448
zero-day attacks, 604 route print command, 448
SONET/SDH (Synchronous Optical Networks/ routing tables
Synchronous Digital Hierarchy), 148 code C, 453
hierarchy data rates, 149 code S, 453
STS, 149 setting, 449–451
SOP (Standard Operating Procedures), 726–727 show ip route (sh ip route) command, 451–454
source-quench packets, 302 show ip route static (sh ip route static) command, 456
SOW (Statements of Work), 725 show running-config (sh run) command, 456–457
spatial diversity, 186 show startup-config (sh start) command, 457
speakers, smart, 663 subnet masks, 451
speeds, data, home networks, 30 VLSM, 451
SPF (Sender Policy Frameworks), 544 write memory (wr m) command, 457
SPI (Stateful Pack Inspection), 34 static VLAN, 408, 414–418
splicing step-index fiber, 133
connectorization, 146 sticky command option, 634
fusion splicing, 144 storage
index-matching gel, 144 NAS, 700
mechanical splicing, 144–145 SAN, 698–699
splitters, fiber-optic cabling, 142 store-and-forward mode, switches, 246
spoofing attacks, 607, 635 STP (Shielded Twisted-Pair) cabling, 76–77
spot-the-difference troubleshooting approach, 569 STP (Spanning Tree Protocol), 422–424
SRV records (Service records), 544 BPDU Filter, 636
SSID (Service Set Identifiers), 186, 638 BPDU Guard, 635–636
broadcasts, turning off, 33 Root Guard, 636
changing, 33 straight-through cabling, 82, 87–90
defined, 33 straight-through ports, 42
troubleshooting, 215 strands, fiber-optic cabling, 131–132
INDEX 805

stretching cable, 102 supernetting, 328–329
structured cabling CIDR, 329–330
backbone cabling, 67 CIDR blocks, 330–331
building entrances, 66–67 VLSM, 331–332
ER, 67 surveillance
HC, 68, 69 cameras, 662
horizontal cabling, 67, 69–73 physical security, 659
IC, 68, 69 switches, 9, 237–238, 239, 410
MC, 68, 69 adaptive cut-through mode, 247
STP cabling, 76–77 aging time, 244
TCO, 67 benefits of, 246
telecommunications closets, 67, 69–70 BPDU, 422–423
TIA/EIA 568-A cabling standard, 66 broadcast domains, 246
TIA/EIA 568-B cabling standard, 66 CNA, 242–243
TIA/EIA 569B cabling standard, 66–67 collisions, 433
twisted-pair cabling, 74, 78–80 configure terminal (conf t) command, 411
UTP cabling, 74–76 configuring, 411, 412, 419–420
WO, 68 connections, 10
work areas, 67 CRC errors, 432
STS (Synchronous Transport Signals), 149 cut-through mode, 247
subinterfaces, VLAN, 418–419 dynamic assignments, 243
subnet masks enable secret command, 412
ANDing, 361–362 error thresholds, 247
applying, 318 fast-forward mode, 247
CIDR-subnet mask conversions, flooding, 246
329–330 fragment-free mode, 247
classful addresses, 317 giants, 433
creating, 321 home networks, 26
defined, 317 hostname command, 411–412
examples of, 324–326 hubs and, 10, 239–242
magic numbers, 323 input errors, 432
original/default subnet masks, 319 IP addressing, 245
static routing, 451 isolating collision domains, 246
subnetting process, 319–323 latency, 246
troubleshooting, 570–571 layer 2 switches, 238
VLSM, 331–332, 451, 478 line console passwords, 412–414
subnetting link light indicators, 42
broadcast addresses, 322 managed switches, 242–247
classful addresses, 317 MLS, 247
defined, 318–319 multicast messages, 239
magic numbers, 323 PD, 426, 427
NET, 363 PoE, 425–428
network addresses, 322 PoE+427
network numbers, 482 PoE++428
process of, 319–323 ports, 243, 431–432, 633–635
VLSM, 331–332 privileged mode, 411, 412
806 INDEX

PSE, 426–427 tags
runts, 433 RFID, 200
secure addresses, 243 active tags, 202
security, 631–633 communications (air interface) portal, 203
BPDU Filter, 636 frequency bands, 203
BPDU Guard, 635–636 HF tags, 203
DAI, 635 LF tags, 203
ports, 633–635 passive tags, 201–202
Root Guard, 636 semi-active tags, 202
STP, 635–636 Slotted Aloha, 203
show interface status (sh int status) command, UHF tags, 203
430–431 [rip_tag] tags, 500
show mac address-table command, 433–434 VLAN tags, 277
show running-config command, 429–430 TCL (Transverse Conversion Loss), 99
show version command, 434 TCO (Telecommunications Outlets), 67
stacked switches, 243–244 TCP (Transmission Control Protocol), 292
static assignments, 243 defined, 297
static VLAN, configuring, 414–418 headers, 296–297
store-and-forward mode, 246 packets
STP, 422–424 terminating connections, 299–300
switch# prompt, 412 transmitting, 298
switch(config)# prompt, 411, 412 ports, 573
switch(config-line)# prompt, 413 three-packet TCP handshakes, 298, 299
troubleshooting, 429–434 TCP/IP (Transmission Control Protocol/Internet
VLAN Protocol), 21–22
security, 634 Application layer, 294, 295–296
subinterfaces, 418–419 defined, 292
wire speed routing, 247 gateway addresses, 326–327
SYN (Synchronizing) packets, 297 Internet layer, 294, 301
SYN ACK (Synchronizing Acknowledgement) packets, ARP, 301–303
297 ICMP, 302–303
system labeling, 72 IGMP, 303–304
IP, 301
T IPv4 addressing, 312–313
6to4 prefix, 335
T1 to T3 data rates, 270 ARIN, 315
T568A wiring standard assigning, 315
color maps, 78–80 classes, 313
defined, 78 classful addresses, 317
pinouts, 79 decimal/binary octets, 314
T568B wiring standard dual stacks, 336
color maps, 78–80 host IP addresses, 315
defined, 78 network/host bits, 314–315
pinouts, 79 non-Internet-routable IP addresses, 316
TACACS+ (Terminal Access Controller Access-Control private IP addresses, 316
System Plus), 624 RIR, 315
tag-based VLAN, 408
INDEX 807

structure of, 313 TCTL (Transverse Conversion Transfer Loss), 99
transitioning to IPv6, 335–337 TE (Telecommunications Enclosures), structured cabling,
IPv6 addressing, 333–335 67
6to4 prefix, 335 teaming, NIC, 18
anycast addresses, 335 telco, defined, 270
CIDR, 337–338 telco clouds, 270–271
DAD, 337 telecommunications closets
defined, 333 components of, 69–70
dual stacks, 336 structured cabling, 67
interface (host) identifiers, 335 terminating
IPng, 333 cabling, 70
link-local addresses, 335, 336–337 CAT6 horizontal cabling, 83–87
multicast addresses, 335 TCP connections, 299–300
SLAAC, 336–337 twisted-pair cabling, 78–80
transitioning to, 335–337 DTX-1800 certification reports, 103, 104
unicast addresses, 335 testing
layers of, summary, 294 cabling, 92–93
Network interface layer, 294, 304 ACR, 93, 95
number conversions attenuation (insertion loss), 92, 93–94
binary-to-decimal conversions, 306–307 channel specifications, 93–96
decimal-to-binary conversions, 307–309 delay skew, 93, 96
hexadecimal numbers, 309–311 ELFEXT, 93, 95
ports, 295 near-end testing, 94
subnet masks NEXT, 92, 93, 94–95
ANDing, 361–362 propagation delay, 93, 96
applying, 318 PSACR, 93, 95, 96
CIDR-subnet mask conversions, 329–330 PSELFEXT, 93, 95, 96
classful addresses, 317 PSNEXT, 93, 94
creating, 321 return loss, 93, 95–96
defined, 317 LAN, 45–48
examples of, 324–326 near-end testing, 94
magic numbers, 323 physical security, 659
original/default subnet masks, 319 thermostats, smart, 663
subnetting process, 319–323 Thin/Net cabling, bus topologies, 8
subnetting three-packet TCP handshakes, 298, 299
broadcast addresses, 322 TIA (Telecommunications Industry Alliance)
classful addresses, 317 defined, 66
defined, 318–319 TIA/EIA 568-A cabling standard, 66
magic numbers, 323 TIA/EIA 568-B cabling standard, 66
network addresses, 322 TIA/EIA 569B cabling standard, 66–67
process of, 319–323 ticks metrics, 461
VLSM, 331–332 time, aging, 244
supernetting, 328–329 TKIP (Temporal Key Integrity Protocol), 639
CIDR, 329–330 TLD (Top-Level Domains), 539
CIDR blocks, 330–331 TLS (Transport Layer Security) protocol, 598
VLSM, 331–332 Token Ring hubs, 7
Transport layer, 294, 296–301 Token Ring topologies, 6, 7–8
808 INDEX

tokens, passing, 7 channel utilization, WLAN, 214–215
topologies, 7 compatibility (wireless), 213
bus topologies, 8–9 connectivity, 110
campus network hierarchical topologies, 69 deauthentication/disassociation attacks, 215
defined, 6 DHCP, 216, 571–572
hub-and-spoke topologies. See star topologies divide-and-conquer approach, 569
mesh topologies, 10–11 fiber-optic cabling, 162–163
point-to-point topologies, 6 gateways, 571
star topologies, 9, 10, 39 home networks, 31–32
Token Ring topologies, 6, 7–8 IP addresses, 570
top-to-bottom (top-down) troubleshooting approach, 569 IP networks, 568–573
TR (Telecommunications Rooms), structured cabling, 67 LAN, 45–48
traffic analysis, 552–565 load issues (WLAN), 215
traffic filtering, 268 name resolution, 571
traffic flows networks
CBS, 276 bottom-to-top (bottom-up) approach, 569
CIR, 276 divide-and-conquer approach, 569
EBS, 276 isolating problems, 14
EIR, 276 spot-the-difference approach, 569
LAN, 269 top-to-bottom (top-down) approach, 569
transceivers ping command, 14
optical networking, 154 printers, 216
WLAN, 177 router interfaces, 387–392
translation bridges, 235 signal strength, WLAN, 214
transmission strands, fiber-optic cabling, 126 spot-the-difference approach, 569
transmit power SSID, 215
802.11a (Wi-Fi 2) wireless standard, 181 subnet masks, 570–571
WLAN, 180 switches, 429–434
transmitting data, long hauls, 134 TCP ports, 573
transparent bridges, 235 top-to-bottom (top-down) approach, 569
transport input none command, 627 UDP ports, 573
Transport layer wired networks, 31–32
OSI model, 13 wireless networks (Wi-Fi), 31–32, 213
protocol, 296 AP, 213
TCP/IP, 294, 296–301 cabling, 215
tree hierarchies, DNS, 539–540 channel utilization, 214–215
troubleshooting compatibility, 213
AP, 213 deauthentication/disassociation attacks, 215
bottom-to-top (bottom-up) approach, 569 DHCP, 216
cabling, 102 extending wireless ranges, 214
DTX-1800 certification reports, 103, 104 frequencies, 214
failures to meet manufacturer specifications, 102–104 interference, 214
multimeters, 110 load issues, 215
performance, 110 signal strength, 214
stretching, 102 SSID, 215
WLAN, 215 wireless printers, 216
INDEX 809

wireless routers, 213 UHF (Ultra-Hugh Frequency) RFID tags, 203
WPA, 215 unconnected fibers, fiber-optic cabling, 146
wireless printers, 216 UNI (User-Network Interfaces), 274
wireless routers, 213 unicast addresses, 335, 533
WLAN. See wireless networks (Wi-Fi) U-NII (Unlicensed-National Information Infrastructure),
trunk ports, 408–409 802.11a (Wi-Fi 2) wireless standard, 180–181
TTLS (Tunneled Transport Layer Security) protocol, 598 UPC connectors, 64, 146
tunable lasers, 141–142 uplink ports, 42
tunneling protocols uptime, routers, 369
L2F, 650 USB interfaces, 250
L2TP, 650, 651 User EXEC mode (Router>), 366–371
PPTP, 650 UTM (Unified Threat Management), 624
VPN, 648–651 UTP (Unshielded Twisted-Pair) cabling
turning off SSID broadcasts, 33 CAT3, 75, 76
twisted-pair cabling. See also physical layer cabling CAT5, 74, 75, 76
ELTCTL, 99 patch cabling, 87–90
F/UTP, 99 straight-through cabling, 87–90
LCL, 99 CAT5e, 74, 75, 76, 79–82
return loss, 93, 95–96 patch cabling, 87–90
STP cabling, 76–77 straight-through cabling, 87–90
TCL, 99 test examples, 104–109
TCTL, 99 CAT6, 74, 75, 76, 79–82, 83–87
terminating, 78–80 CAT6a, 75, 76
UTP cabling CAT7, 74, 75, 79–82
CAT3, 75, 76 CAT7a, 75
CAT5, 74, 75, 76 CAT8, 74, 75, 79–82
CAT5e, 74, 75, 76, 79–82 F/UTP, 99
CAT6, 74, 75, 76, 79–82 UTP couplers, 64
CAT6a, 75, 76
CAT7, 74, 75, 79–82 V
CAT7a, 75
CAT8, 74, 75, 79–82 V.44/V.34 modem standard, 643
“two-deep” rule, optical networking, 152–153 V.92/V.90 modem standard, 643
TXT records (Text records), 544 VCSEL (Vertical Cavity Surfacd Emitting Lasers), 141
Type 1 hypervisors, 680 verifying
Type 2 hypervisors, 680 network connections with ping command, 240–241
Type 5 encryption algorithm, 627 network settings, 570
Type 7 encryption algorithm, 627 VFL (Visual Fault Locators), 162
VIC-4FXS/DID, 251
virtual desktops, remote desktops and, 695
U virtualization, 679, 682
UDP (User Datagram Protocol) 32-bit CPU architectures, 679
defined, 300 64-bit CPU architectures, 679
headers, 300–301 advantages/disadvantages of, 680–681
packet transfers, 300–301 caches, 679
ports, 573 cores, 679
810 INDEX

defined, 679 queuing/buffering, 252
disaster recovery, 681 routers, 251, 252–253
dongles, 682 VPN (Virtual Private Networks), 34
guest machines, 680 CHAP, 649, 650
hardware keys, 682 client-to-site VPN, 648
host machines, 680 EAP, 650
Hyper-V, 682–690 GRE, 648–649
hypervisors, 680 headends, 647
Live Migration, 681 IP tunnels, 648
SD-WAN, 697 IPSec, 651
setting up, 682–690 L2F, 650
snapshots, 681 L2TP, 650
VM, 680, 681–682 MD5 hashing algorithm, 649, 650
vMotion, 681 mGRE, 649
XenMotion, 681 PAP, 649–650
viruses, 602–603, 610–611 PPP, 649
VLAN (Virtual Local Area Networks), 407. PPTP, 650
See also LAN remote access VPN, 648
assigning memberships, 408 remote client configurations, 652–657
dynamic VLAN, 408 SHA, 649, 650
hopping, 599 site-to-site VPN, 648
port assignments, 431 tunneling protocols, 648–651
port-based VLAN, 407 VSTP (VLAN Spanning Tree Protocol), 423–424
protocol-based VLAN, 408 VTP (VLAN Trunking Protocol), 409
PVST, 423–424
static VLAN, 408, 414–418
subinterfaces, 418–419
W
switch security, 634 WAN (Wide Area Networks), 5
tag-based VLAN, 408 defined, 526
tags, 277, 408–409 example of, 526
trunk ports, 408–409 HSSI, 270
VSTP, 423–424 interconnecting LAN, 267–277
VTP, 409 OC, 270
VLSM (Variable-Length Subnet Masking), 331–332 SD-WAN, 697
OSPF, 478 war chalking, 641
static routing, 451 war driving, 641
VM (Virtual Machines), 680, 681–682 war flying, 641
vMotion, 681 warm sites, disaster recovery, 731
voice gateways, 251 WDM (Wavelength Division Multiplexing), 130, 143
voice interface cards, 251 diplexers, 154
VoIP (Voice Over Internet Protocol) transceivers, 154
jitter, 252 web filters, 620
networks well-known (reserved) ports, 295
congestion (bottlenecking), 252 WEP (Wired Equivalent Privacy), 638–639
latency, 252 whois command, 530
QoS, 251–253 WIC2AM (WAN Interface Cards), 251
INDEX 811

Wi-Fi 1 (802.11b) wireless standard, 24, 181, 183 802.11 wireless standard, 175–176
Wi-Fi 2 (802.11a) wireless standard, 24, 180–181, 183 MAC layer, 176
Wi-Fi 3 (802.11g) wireless standard, 24, 181, 182, 183 PHY layer, 176
Wi-Fi 4 (802.11n) wireless standard, 24, 181, 182, 183 802.11a (Wi-Fi 2) wireless standard, 180–181, 183
Wi-Fi 5 (802.11ac) wireless standard, 24, 182, 183 802.11ac (Wi-Fi 5) wireless standard, 182, 183
Wi-Fi 6 (802.11ax) wireless standard, 25, 182, 183 802.11ax (Wi-Fi 6) wireless standard, 182, 183
Wi-Fi Alliance, 24–25, 183 802.11b (Wi-Fi 1) wireless standard, 181, 183
Wi-Fi networks. See wireless networks (Wi-Fi) 802.11g (Wi-Fi 3) wireless standard, 181, 182, 183
wildcard bits, 482–483 802.11i wireless standard, 183
WiMAX (Worldwide Interoperability for Microwave 802.11n (Wi-Fi 4) wireless standard, 181, 182, 183
Access), 199–200 802.11r wireless standard, 183
Windows 10 802.16a (WiMAX) wireless standard, 200
command prompt, 18 access points (AP), 28
firewalls, 611–615 ad hoc networks, 176, 177
home networks, connecting, 32 advantages/disadvantages of, 24
MAC addresses, obtaining, 20 AES, 640
PuTTY software, 256–259 ANT+ wireless technology, 183
remote client VPN configurations, 652 antennas, 186
wire speed routing, 247 dish (parabolic reflector) antennas, 209
wired networks EIRP, 210
access points (AP), 28 extending wireless ranges, 214
advantages/disadvantages of, 24 multipoint distributions, 209–211
appearance, 31 omnidirectional antennas, 208–209
broadband modems/gateways, 28 placement of, 207
cable modems, 28, 29 remote installations, 211
components of, 25–30 RF site surveys, 209–211
cost, 30 selecting, 208–209
data speeds, 30 site surveys, 207
defined, 24 Yagi antennas, 209
DSL modems, 29–30 AP, 177–178, 186–187, 189–190
ease of implementation, 31 appearance, 31
example of, 25 associations, 186–187, 193
home access, 31 basic setup, 185–186
hubs, 25 beacons, 638
network adapters, 26 beamforming, 182
public access, 31 Bluetooth
routers, 26–27 BLE technology, 197
switches, 26 enabling connections, 198–199
troubleshooting, 31–32 inquiry procedures, 197
wireless routers, 28 output power classes, 197
wireless bridges, 187–189, 236 paging procedures, 197
wireless controllers, 189 piconets, 197–198
wireless LAN adapters, 185 security, 641
wireless networks (Wi-Fi), 24, 174 broadband modems/gateways, 28
3G wireless standard, 204 BSS, 176, 177, 178
4G wireless standard, 204 BWA, 199–200
5G wireless standard, 204 cable modems, 28, 29
812 INDEX

cabling, troubleshooting, 215 mobile (cellular) communications, 204
captive portals, 32 MU-MIMO, 182
CCMP, 639–640 NAT, 34
CDMA, 204 defined, 34
channel bonding, 179 private IP addresses, 35
channel utilization, 214–215 public IP addresses, 35
components of, 25–30 network adapters, 26
configuring, 185–195, 206–211 NFC, 204
connecting, 32 OFDM, 180
cost, 30 point-to-multipoint WLAN configuration case study,
CSMA/CD, 178 206–211
data speeds, 30 printers, 216
deauthentication/disassociation attacks, 215 pseudorandom numbering sequences, 180
defined, 24, 174 public access, 31
device density, 189 RADIUS, 640
DHCP, 216 ranges (wireless), extending, 32, 195, 214
distance, 189–190 RFID, 200, 201
DSL modems, 29–30 backscatter, 200
DSSS, 179 block diagram, 200–201
EAP, 640, 650 inlays, 202
ease of implementation, 31 readers, 201
EDGE, 204 tags, 200, 201–203
encryption, 33 roaming, 178
ESS, 178 routers, 26–27
example of, 25 RSSI, 214
FHSS, 180 security, 33–34, 637
firewalls, 34 AES, 640
frequencies, troubleshooting, 214 Bluetooth, 641
frequency channels, 179 CCMP, 639–640
geofencing, 204 EAP, 640, 650
hand-offs, 178 guidelines, 640–641
home access, 31 hotspots, 641
hopping sequences, 180 jamming, 638
hotspots, 32, 641 LEAP, 640
HSPA+204 Open Authentication, 638
hubs, 25 RADIUS, 640
IEEE wireless standards, 24–25 shared-key authentication, 638
interference, troubleshooting, 214 SSID, 638
IP addressing, 34–36 TKIP, 639
ISM band, 179 war chalking, 641
last-mile connections, 200 war driving, 641
LEAP, 640 war flying, 641
load issues, troubleshooting, 215 WEP, 638–639
loss of association, 193 WPA, 639
LTE/4G, 204 WPA2, 639–640
MIMO, 182 WPA3, 640
INDEX 813

signal strength, 191–195, 214 wireless routers, 25, 28
site surveys, 190–195, 207, 209–211 home networks, 28
snapshots, 192–193 troubleshooting, 213
spatial diversity, 186 wireless standards
SSID, 186, 215 802.1x (dot1x) wireless standard, 633
switches, 26 802.11 wireless standard, 175–176
transceivers, 177 ad hoc networks, 176, 177
transmit power, 180 AP, 177–178
troubleshooting, 31–32, 213 BSS, 176, 177, 178
AP, 213 channel bonding, 179
cabling, 215 CSMA/CD, 178
channel utilization, 214–215 DSSS, 179
compatibility, 213 ESS, 178
deauthentication/disassociation FHSS, 180
attacks, 215 frequency channels, 179
DHCP, 216 hand-offs, 178
extending wireless ranges, 214 hopping sequences, 180
frequencies, 214 ISM band, 179
interference, 214 MAC layer, 176
load issues, 215 OFDM, 180
signal strength, 214 Open Authentication, 638
SSID, 215 PHY layer, 176
wireless printers, 216 pseudorandom numbering sequences, 180
wireless routers, 213 roaming, 178
WPA, 215 shared-key authentication, 638
VPN, 34 transceivers, 177
war chalking, 641 transmit power, 180
war driving, 641 WMN, 176
war flying, 641 802.11a (Wi-Fi 2) wireless standard, 24, 180–181, 183
Wi-Fi Alliance, 24–25, 183 802.11ac (Wi-Fi 5) wireless standard, 24, 182, 183
WiMAX, 199–200 802.11ax (Wi-Fi 6) wireless standard, 25, 182, 183
wireless bridges, 187–189 802.11b (Wi-Fi 1) wireless standard, 24, 181, 183
wireless controllers, 189 802.11g (Wi-Fi 3) wireless standard, 24, 181, 182, 183
wireless LAN adapters, 185 802.11i wireless standard, 183
wireless routers, 25, 28 802.11n (Wi-Fi 4) wireless standard, 24, 181, 182, 183
wireless standards, 32 802.11r wireless standard, 183
WLC, 189–190 802.16a (WiMAX) wireless standard, 200
WMN, 176 wireless networks (Wi-Fi), 32
WPA, 215, 639 wiremaps, 82
WPA2, 639–640 Wireshark, network traffic analysis, 560–565
WPA3, 640 wiring standards
Z-Wave wireless technology, 183 T568A wiring standard
wireless printers, troubleshooting, 216 color maps, 78–80
814 INDEX

defined, 78 beamforming, 182
pinouts, 79 Bluetooth
T568B wiring standard BLE technology, 197
color maps, 78–80 enabling connections, 198–199
defined, 78 inquiry procedures, 197
pinouts, 79 output power classes, 197
WLAN (Wireless Local Area Networks), 174. paging procedures, 197
See also LAN piconets, 197–198
3G wireless standard, 204 security, 641
4G wireless standard, 204 BSS, 176, 177, 178
5G wireless standard, 204 BWA, 199–200
802.11 wireless standard, 175–176 cabling, troubleshooting, 215
MAC layer, 176 CCMP, 639–640
PHY layer, 176 CDMA, 204
802.11a (Wi-Fi 2) wireless standard, 180–181, 183 channel bonding, 179
802.11ac (Wi-Fi 5) wireless standard, 182, 183 channel utilization, 214–215
802.11ax (Wi-Fi 6) wireless standard, 182, 183 configuring, 185–195, 206–211
802.11b (Wi-Fi 1) wireless standard, 181, 183 CSMA/CD, 178
802.11g (Wi-Fi 3) wireless standard, 181, 182, 183 deauthentication/disassociation attacks, 215
802.11i wireless standard, 183 defined, 174
802.11n (Wi-Fi 4) wireless standard, 181, device density, 189
182, 183 DHCP, 216
802.11r wireless standard, 183 distance, 189–190
802.16a (WiMAX) wireless standard, 200 DSSS, 179
ad hoc networks, 176, 177 EAP, 640, 650
AES, 640 EDGE, 204
ANT+ wireless technology, 183 ESS, 178
antennas, 186 FHSS, 180
dish (parabolic reflector) antennas, 209 frequencies, troubleshooting, 214
EIRP, 210 frequency channels, 179
extending wireless ranges, 214 geofencing, 204
multipoint distributions, 209–211 hand-offs, 178
omnidirectional antennas, 208–209 hopping sequences, 180
placement of, 207 hotspots, 641
remote installations, 211 HSPA+204
RF site surveys, 209–211 interference, troubleshooting, 214
selecting, 208–209 ISM band, 179
site surveys, 207 last-mile connections, 200
Yagi antennas, 209 LEAP, 640
AP, 177–178, 186–187, 189–190 load issues, troubleshooting, 215
associations, 186–187, 193 loss of association, 193
basic setup, 185–186 LTE/4G, 204
beacons, 638 MIMO, 182
INDEX 815

mobile (cellular) communications, 204 SSID, 186, 215
MU-MIMO, 182 transceivers, 177
NFC, 204 transmit power, 180
OFDM, 180 troubleshooting, 213
point-to-multipoint WLAN configuration case study, AP, 213
206–211 cabling, 215
printers, 216 channel utilization, 214–215
pseudorandom numbering sequences, 180 compatibility, 213
RADIUS, 640 deauthentication/disassociation attacks, 215
range extenders, 195 DHCP, 216
ranges (wireless), extending, 214 extending wireless ranges, 214
RFID, 200, 201 frequencies, 214
backscatter, 200 interference, 214
block diagram, 200–201 load issues, 215
inlays, 202 signal strength, 214
readers, 201 SSID, 215
tags, 200, 201–203 wireless printers, 216
roaming, 178 wireless routers, 213
RSSI, 214 WPA, 215
security, 637 war chalking, 641
AES, 640 war driving, 641
Bluetooth, 641 war flying, 641
CCMP, 639–640 Wi-Fi Alliance, 183
EAP, 640, 650 WiMAX, 199–200
guidelines, 640–641 wireless bridges, 187–189
hotspots, 641 wireless controllers, 189
jamming, 638 wireless LAN adapters, 185
LEAP, 640 WLC, 189–190
Open Authentication, 638 WMN, 176
RADIUS, 640 WPA, 215, 639
shared-key authentication, 638 WPA2, 639–640
SSID, 638 WPA3, 640
TKIP, 639 Z-Wave wireless technology, 183
war chalking, 641 WLC (Wireless LAN Controllers), 189–190
war driving, 641 WMN (Wireless Mesh Networks), 176
war flying, 641 WO (Work-Area Outlets), 68
WEP, 638–639 work areas, 67
WPA, 639 worms, 603
WPA2, 639–640 WPA (Wi-Fi Protected Access), 215, 639
WPA3, 640 WPA2 (Wi-Fi Protected Access version 2), 639–640
signal strength, 191–195, 214 WPA3 (Wi-Fi Protected Access version 3), 640
site surveys, 190–195, 207, 209–211 write memory (wr m) command, 457
snapshots, 192–193 WSN (Wireless Sensor Networks), ANT+ wireless
spatial diversity, 186 technology, 183
816 INDEX

X Y
X2, 153–154 Yagi antennas, 209
xDSL
modems, security, 644–646
services, 645
Z
XenMotion, 681 zero-day attacks, 604
XENPAK, 153–154 zero dispersion wavelengths, 138–139
XFP, 153–154 ZTerm serial communications software, configuring,
XPAK, 153–154 259–261
Z-Wave wireless technology, 183
INDEX 817

Networking Essential 6th Edtion

Uploaded by

Copyright:

Available Formats

Networking Essential 6th Edtion

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Networking Essential 6th Edtion

Uploaded by

Copyright:

Available Formats

NETWORKING ESSENTIALS:

JEFFREY S. BEASLEY AND PIYASAT NILKAEW

A01_Beasley_FM_pi-xxxi_new.indd 1 24/09/21 7:32 PM

Instructor Edition DIRECTOR, ITP PRODUCT

A01_Beasley_FM_pi-xxxi_new.indd 2 24/09/21 7:32 PM

A01_Beasley_FM_pi-xxxi_new.indd 3 24/09/21 7:39 PM

A01_Beasley_FM_pi-xxxi_new.indd 4 24/09/21 7:39 PM

1 Introduction to Computer Networks 2

2 Physical Layer Cabling: Twisted-Pair 62

3 Physical Layer Cabling: Fiber Optics 124

4 Wireless Networking 172

5 Interconnecting the LANs 228

7 Introduction to Router Configuration 354

8 Introduction to Switch Configuration 404

9 Routing Protocols 444

10 Managing the Network Infrastructure 524

11 Network Security 590

12 Cloud Computing and Virtualization 676

13 Codes and Standards 706

Online Only Elements:

A01_Beasley_FM_pi-xxxi_new.indd 5 24/09/21 7:32 PM

CHAPTER 1 Introduction to Computer Networks 2

A01_Beasley_FM_pi-xxxi_new.indd 6 24/09/21 7:32 PM

A01_Beasley_FM_pi-xxxi_new.indd 7 24/09/21 7:32 PM

A01_Beasley_FM_pi-xxxi_new.indd 8 24/09/21 7:32 PM

A01_Beasley_FM_pi-xxxi_new.indd 9 24/09/21 7:32 PM

CHAPTER 5 Interconnecting the LANs 228

A01_Beasley_FM_pi-xxxi_new.indd 10 24/09/21 7:32 PM

CHAPTER 6 TCP/IP 290

A01_Beasley_FM_pi-xxxi_new.indd 11 24/09/21 7:32 PM

CHAPTER 7 Introduction to Router Configuration 354

A01_Beasley_FM_pi-xxxi_new.indd 12 24/09/21 7:32 PM

CHAPTER 8 Introduction to Switch Configuration 404

A01_Beasley_FM_pi-xxxi_new.indd 13 24/09/21 7:32 PM

CHAPTER 9 Routing Protocols 444

A01_Beasley_FM_pi-xxxi_new.indd 14 24/09/21 7:32 PM

CHAPTER 10 Managing the Network Infrastructure 524

A01_Beasley_FM_pi-xxxi_new.indd 15 24/09/21 7:32 PM

A01_Beasley_FM_pi-xxxi_new.indd 16 24/09/21 7:32 PM

A01_Beasley_FM_pi-xxxi_new.indd 17 24/09/21 7:32 PM

CHAPTER 12 Cloud Computing and Virtualization 676

A01_Beasley_FM_pi-xxxi_new.indd 18 24/09/21 7:32 PM

CHAPTER 13 Codes and Standards 706

A01_Beasley_FM_pi-xxxi_new.indd 19 24/09/21 7:32 PM

Online Only Elements:

A01_Beasley_FM_pi-xxxi_new.indd 20 24/09/21 7:32 PM

ABOUT THE TECHNICAL REVIEWER

A01_Beasley_FM_pi-xxxi_new.indd 21 24/09/21 7:32 PM

Your efforts are greatly appreciated.

WE WANT TO HEAR FROM YOU!

A01_Beasley_FM_pi-xxxi_new.indd 22 24/09/21 7:32 PM

ORGANIZATION OF THE TEXT

A01_Beasley_FM_pi-xxxi_new.indd 23 24/09/21 7:32 PM

Introduction: Chapter openers

Key Terms for this Chapter

A01_Beasley_FM_pi-xxxi_new.indd 24 24/09/21 7:32 PM

Net-Challenge exercises are found Exercises challenge readers to

A01_Beasley_FM_pi-xxxi_new.indd 25 24/09/21 7:32 PM

Examples using the Wireshark