Network Operations Study Guide for the CompTIA Network+

Organizational Documents and Policies

Organizational documents and policies are designed to provide established guidelines for organizational policies and procedures. These organizational policies vary between organizations depending on their specific needs and applicable regulations. You must be able to explain the purpose of common document and policy types.

Procedures and Plans

A policy is a set of expectations for organizational operations and behavior. A procedure is a set of steps or actions that should be followed based on a specific scenario that supports the organization’s policies. Plans are documentation that contains the policies and procedures for different aspects that may affect an organization.

Change Management

Change management is the process of controlling how changes are made within an organization. A change management plan contains specific procedures to follow when a change occurs. Change management plans often contain procedures that specify when, where, why, and how a change will occur, as well as who will be affected. Change management plans also include procedures in case of change failure.

Incident Response (IR) Plan

An IR plan outlines what processes will be followed in the case of an incident such as a data breach. The main purpose of an IR plan is to minimize the damage of an incident as well as preserve any evidence of the incident for later analysis.

Disaster Recovery Plan (DRP)

A DRP is designed to address how an organization will respond if a major event or emergency occurs. The DRPs of an organization often vary based on what type of disaster has occurred. A manmade disaster is an act of human intervention, such as a terrorist attack; a natural disaster is an act of nature, such as a tornado; and a technological disaster is a major technology malfunction, such as device failures.

Business Continuity Plan (BCP)

A BCP is designed to provide procedures that will keep a business operational during disaster recovery. BCPs may include procedures outlining process prioritization and how to provide support for mission-critical processes. BCPs are commonly included in a DRP.

System Life Cycle

A system life cycle refers to the lifespan of a system from acquisition through implementation, maintenance, and decommissioning. System life cycle plans outline this process and often include best practices for the safe removal of data from a system as well as disposal procedures for physical components.

Standard Operating Procedure (SOP)

SOPs provide the guidelines for the typical daily operations of an organization and should support the policies of the organization. SOPs include set-by-step instructions on how to perform specific tasks and provide continuity to an organization.

Hardening and Security Policies

Hardening is a term that describes the process of adding layers of protection to a network, system, or device. Security policies are designed to provide specific guidelines on how to harden a network while maintaining functionality.

Password Policy

A password policy specifies requirements for password creation. Password policies may include requirements for password complexity, password life, password reuse, and inactivity logout durations.

Acceptable Use Policy (AUP)

An AUP specifies how resources should be used. It may include specifications for what type of actions are allowed, who can use the resource, and what type of data connections can be made to a resource, such as external hardware connections or allowable internet website connections.

Bring Your Own Device (BYOD) Policy

A BYOD policy is used to define how a personal device can be used for work functions. BYOD policies often outline requirements addressing device security, such as requiring a personal identification number (PIN) for device unlock, disabling Global Positioning System (GPS) tracking, or enabling remote wipe capabilities. A mobile device management (MDM) system can be used to provide organizational oversight and management controls for BYOD devices.

Remote Access Policy

A remote access policy defines requirements for how a network can be accessed via a remote connection. Remote access policies may include requirements for virtual private network (VPN) connections, dial-up connections, or wireless connections.

Onboarding and Offboarding Policy

Onboarding is the process of adding a new employee to an organization, while offboarding is the process of removing an employee from an organization. Onboarding policies may include training requirements, user creation guidelines, and the assigning of resource access, as well as standard documentation such as AUPs and BYOD policies. An offboarding policy may include user access termination procedures, equipment recovery, and the removal or disabling of user accounts.

Security Policy

A security policy is a broad term for policies and procedures for securing an organization. Security policies may address physical security, such as locking mechanisms, logical security, such as firewalls, and employee conduct security, such as employee social media content policies.

Data Loss Prevention (DLP)

A DLP policy defines requirements for the minimization of data exfiltration from a network. DLP policies are often supported by DLP software, which can be used to monitor and protect data by assigning specific usage configurations to that data. For example, a document can be assigned read-only access without printing or forwarding functions. DLP software can be deployed within the network or at network endpoints.

Common Documentation

The documentation of a network is vast and includes all aspects of a network from its physical design to specific logical networking processes. Documentation is designed to provide insight into a network and can be used for optimization, replication, and troubleshooting. While each organization may differ in documentation requirements and inclusion, there are documentations that are common in most networking environments.

Physical Network Diagram

A physical network diagram is a document that depicts physical aspects of a network and generally includes physical locations of devices and how those devices are connected to one another. Network diagrams often use standardized iconography for networking devices, which allows other network engineers to understand the diagrams easily.

Floor Plan

A floor plan is a diagram that depicts the layout of a building. Floor plans include information such as the location of doors and windows, room dimensions, connection points, and materials used in the building, all of which can affect network communications. For example, when designing a wireless local-area network (WLAN), a floor plan can be used to identify the optimal placement of access points (APs), which can be affected by walls and the material used in them.

Retrieved from: https://www.vari.com/resource-center-case-studies/rc-duraserv-case-study.html under this license: http://creativecommons.org/licenses/by-sa/3.0/.

Rack Diagram

A rack is a physical container for networking components, such as switches and hubs. A rack diagram depicts what devices are contained within the rack and the specific location of each individual device. Here is an example:

Retrieved from: https://en.m.wikipedia.org/wiki/File:Simplified_scale_model_of_the_quantum_computing_demonstrator_housed_in_two_19-inch_racks_with_major_components_labeled.png under this license: http://creativecommons.org/licenses/by-sa/3.0/.

Main Distribution Frame (MDF)/Intermediate Distribution Frame (IDF) Documentation

An MDF is the connection point between the exterior of a location and the interior of a location and the IDFs. An IDF provides connections between the MDF and individual end devices in the network. MDF and IDF documentation is used to identify the specifics of these connections, such as what types of cabling connection is used and how the connection is dispersed throughout the network.

Logical Network Diagram

A logical network diagram depicts how data flows through a network and generally includes information such as addressing schemes, protocols, configurations, access control lists (ACLs), and firewalls. Here is an example:

Retrieved from: https://commons.wikimedia.org/wiki/File:DHS_Network_Topology.jpg under this license: http://creativecommons.org/licenses/by-sa/3.0/.

Wiring Diagram

A wiring diagram shows how wiring connects between devices and may include cabling types, input and output locations, and port connection points. This is an example:

Retrieved from: https://en.m.wikipedia.org/wiki/File:PC-PowerSupply-Principle-Circuit.svg under this license: http://creativecommons.org/licenses/by-sa/3.0/.

Site Survey Report

A site survey is the process of evaluating a physical site to ascertain the scope of an existing wireless network. A site survey report details the results of a site survey and can be used to identify weak points in the WLAN as well as redundancies in coverage. A site survey report may include current coverage areas, signal strength, and AP locations.

Audit and Assessment Report

An audit is an extensive evaluation of a network’s security posture, including its components and logical processes. Once an audit is completed, the data is analyzed and a security assessment is created and streamlined into an easily understandable report. An audit and assessment report can be used to identify potential security vulnerabilities in a network, which can then be used to make security decisions.

Baseline Configurations

A baseline configuration document contains the standard levels of performance for networking devices and their components. These baseline configurations can then be used as a comparison point to identify potential issues in the network.

Common Agreements

Just as physical and logical diagrams and documents are needed to define how a network functions, clearly defined documentation of business agreements is also needed. In a networking environment, there are common types of agreements you should be familiar with.

Non-Disclosure Agreement (NDA)

An NDA is a document designed to protect organizational data such as intellectual property. An NDA specifies what data is protected and what is required to be confidential between the involved parties. For example, an employee may be required to sign an NDA specifying that the employee is not allowed to discuss the nature of their work with any individuals outside of the company.

Service-Level Agreement (SLA)

An SLA is an agreement between two parties, a service provider and a client, that defines the amount of time allowed for the service provider to respond to service issue complaints from the client. SLAs may also include specifics on minimum security requirements, warranties, and the responsibilities of the client and the provider.

Memorandum of Understanding (MOU)

An MOU is a generalized, non-legally binding agreement between two entities that details a common understanding between the two parties. MOUs provide general guidelines for how business will be conducted, but they do not constitute requirements.

High Availability and Disaster Recovery

High availability in networking is a design method that aims to provide the maximum attainable amount of uptime while minimizing potential downtime. Disaster recovery is the process of protecting a network from the potential impact of a disaster with the goal of returning a network to normal working conditions as quickly as possible. High availability and disaster recovery use different networking concepts and protocols to facilitate these goals. You should be able to identify, summarize, and apply these common concepts.

Load Balancing

Load balancing provides high availability to a network by spreading network traffic throughout a network’s devices to maximize data transmission. Load balancing also provides high availability by adding redundancy and fault tolerance to the network.

Multipathing

Multipathing is the process of creating multiple connections between networking and storage devices. In multipathing, if the primary connection becomes unavailable, the transmission switches to the backup path, providing redundancy and fault tolerance for high availability.

Network Interface Card (NIC) Teaming

NIC teaming is the process of connecting two or more NICs in a group or team to maximize bandwidth and provide fault tolerance for high availability. Teamed NIC cards can be set to either active/active, where both cards are working at the same time, or active/passive, where one card is working while the other is waiting for activation in the case of primary card failure. NIC teaming can use a single switch, called static teaming, or two or more switches, called a switch-independent setup.

Redundant Hardware/Clusters

Redundant hardware is a technique that implements the use of multiple devices or systems in a network to provide fault tolerance and redundancy for high availability. Redundant hardware can be physically connected to one another or logically connected into a cluster through a centralizing interface using the Cluster Management Protocol (CMP).

Switches

Redundant switches can be physically connected to one another through a method called switch stacking, which allows for the stack to be managed as a single entity that then functions as a single unit. Redundant switches can also be logically connected through switch clustering. Switch clustering creates a virtual connection between cluster-capable switches, which are then managed through the command switch via a single IP address.

Routers

Creating redundancy on routers can be accomplished through the First Hop Redundancy Protocol (FHRP). FHRP allows for the connection of multiple physical routers to appear as a single router through a virtual router.

Firewalls

Redundant firewalls, like switches, can be connected either physically, in an active/active or active/passive configuration, or logically through clustering. In each case, the redundant firewalls appear to the network as a single entity.

Facilities and Infrastructure Support

Facilities and infrastructure support is the process of managing the physical environment in which networking devices are located. This support of the physical environment of the network is used to ensure high network availability to a network as well as the facility in disaster recovery.

Uninterruptible Power Supply (UPS)

A UPS is a battery backup that is connected to networking devices to provide temporary power in the case of a power failure. A UPS is designed to minimize downtown and data loss in a power outage but is only designed for temporary use.

Power Distribution Unit (PDU)

A PDU is a device designed to disperse electricity between connected devices. A PDU can be a simple power strip or a complex, intelligent PDU that can be managed remotely through a centralized interface. These PDUs can also provide environmental monitoring capabilities through humidity, temperature, and airflow sensors and can be used to protect network devices from power anomalies.

Generator

A generator provides a backup power supply to connected devices for an extended period of time using an external fuel supply, such as gasoline or diesel.

Heating, Ventilation, and Air Conditioning (HVAC)

HVAC systems are used to provide climate control to a networking facility. Networking devices, such as routers and switches, can be negatively affected by excessively high or low temperatures or humidity.

Fire Suppression

Fire suppression systems are designed to respond to a fire to minimize the effects and spread of the fire using either wet pipe, dry pipe, preaction, or deluge systems. The EPA has approved water, argon, NAF-S-III, and FM-200 for use in these systems.

Redundancy and High Availability (HA) Concepts

Risk management is the process of addressing potential risks to an organization through various techniques, such as mitigation using redundancy and HA concepts. You should be familiar with these techniques as they pertain to facility support and disaster recovery.

Cold Site

A cold site is a facility that is designated as a recovery site for an enterprise. Cold sites are only outfitted with the minimal requirements for functionality, such as an electrical supply and communication connections. There are no existing networking devices pre-installed in the facility, meaning all components required for network functionality will have to be established.

Warm Site

A warm site is a recovery facility site that contains components of a cold site as well as a fully equipped networking environment with servers, end-user stations, and networking equipment. A warm site requires minimal intervention to become fully functional, such as installing backed-up data from the primary site to the warm site.

Hot Site

A hot site is a fully functional copy of the primary site. A hot site is ready to take over functionality very quickly and is fully synced with the primary site. A hot site, while providing the quickest recovery time, is also the most expensive to maintain.

Cloud Site

A cloud site is a backup of a network, including virtual copies of networking devices and data, which is contained in a cloud environment.

Active/Active vs. Active/Passive

The redundancy of a system can be configured to be either active/active, where the primary and redundant systems are always on, or active/passive, where the redundant system is on hold until needed.

Multiple Internet Service Providers (ISPs)/Diverse Paths

Redundancy may also be configured with an ISP using either more than one ISP or by creating different or diverse paths to a single ISP.

First Hop Redundancy Protocol (FHRP)/Virtual Router Redundancy Protocol (VRRP)

FHRP, commonly used to connect multiple routers into a single logical router, uses one of three protocols: Hot Standby Router Protocol (HSRP), Gateway Load Balancing Protocol (GLBP), and Virtual Router Redundancy Protocol (VRRP), with both HSRP and GLBP being Cisco proprietary. VRRP creates redundancy through the use of a virtual router to create a single logical group from multiple routing devices and is the open standard version of HSRP.

Mean Time to Repair (MTTR)

The MTTR is a metric that provides an average of the time it takes a vendor to repair a device or networking component. It is evaluated starting at the time of first discovery of the problem to the equipment’s return to operations. An MTTR is used in SLAs as a baseline for vendor compliance.

Mean Time Between Failure (MTBF)

The MTBF metric averages the amount of time that elapses between a device or component failure. MTBF is used to identify and prepare for potential risks to network functionality.

Recovery Time Objective (RTO)

An RTO is a metric used to identify the minimum time period after a disrupting event for restoration of function to avoid significant consequences. An RTO is used to establish a time period for acceptable downtime in a system.

Recovery Point Objective (RPO)

An RPO is a measurement of the amount of data lost after a disrupting event, measured in the time before recovery. An RPO is used to identify the amount of data loss that is acceptable to an organization.

Network Device Backup/Restore

A network device backup is a copy of a network device or system that is stored separately from the primary network and can be used to restore a network device or system to a previously known good state.

State

State is a term used to describe the health of a network device or system. A known good state is a period of time in which the network was confirmed to be properly functioning. The state of a network system or device is captured when a backup is made. When restoring from a backup, a known good state is chosen for the restoration.

Configuration

Due to the highly complex nature of networks and their systems and devices, it is recommended to also create configuration backups that can be used for restoration. Configurations are used to set parameters and settings for device functionality, such as the protocols used, access control lists (ACLs), and security parameters.