A plus 220-1001 Exam Objective 2.3
A+ 220-1001 Exam Objective 2.3
2.3 Given a scenario, install and configure a basic wired/wireless SOHO network.
Click here to go back to the A+ Main Domain 2.0 Table of Content
SOHO networks will usually contain a number of switches and
at least one router. Looking at the switch first, a switch operates at layer 2
of the OSI model. It is responsible for providing collision free, full duplex
communications between network hosts using MAC addressing. A switch can
accommodate different speeds such as 10/100 Mbps and Gigabit connections without
data loss. Consider the switch as a LAN device.
The router operates at layer 3 and uses IP addresses to
identify other routers, enabling Internet connectivity. Switches connect to
routers to access all external content. Since the router receives MAC addresses
with the switch communications, the router can control access with MAC
Access point settings
A wireless access point (WAP) can be configured, through its
web-based setup page, to extend the range of your existing wireless network. This
is accomplished by configuring the WAP using the existing SSID. WAPs can also
be configured as wireless repeaters.
Your network interface card (NIC) lets your device access the
network. Your connection can be wired or wireless but will require an IP
address, subnet mask, DNS server and default gateway.
You can see the MAC address, status, and link speed while
viewing the properties for the Ethernet connection along with the DHCP status
and address. The IPv4 and IPv6 properties are also shown including the device
addresses, default gateway, and DNS Servers. Manual configuration is performed in
the Network and Sharing Center where you can configure the information discussed
above, the subnet mask, and configure an alternate configuration.
Settings in Windows 10
Your wireless NIC configuration settings will be essentially
similar to the wired settings. You will see that the wireless connection has
obtained both IPv4 and IPv6 addresses that are operational with the IPv6 having
both link-local and global addresses. Also note the two gateways. Further configuration
details are not displayed, such as the SSID, but are required, particularly the
encryption settings which are set manually in the Network and Sharing Center.
NIC Settings in Windows 10
IoT device configuration
The concept of the Internet of things (IoT) describes the
many diverse things that can communicate and be controlled wirelessly using the
Internet via a smartphone app. This technology is useful in business but your
interaction with the IoT will probably begin at home. The technologies used in
this operation will be discussed in the next article. For now, we’ll identify
them as Wi-Fi, Bluetooth, Zigbee and Z-Wave.
Devices can be controlled directly by your smartphone or a
voice activated digital assistant. With the right equipment, you can adjust
your thermostat on the way home, to set your preferred temperature, and turn on
the lights. An important benefit of IoT is the ability to lock your doors. At
some point, all of us have been away and have wondered if we locked the door. Now,
simply tap an icon in your app and the door is locked.
Home security has benefited greatly from IoT devices.
Besides locking the doors, motion activated cameras with speakers can be
installed to watch for intruders or parcel thieves as well as allow you to
communicate with them. That’s a great deterrent. Your voice activated internet
connected digital assistant will help you keep track of your devices.
Cable/DSL Modem Configuration/
The 802.11 family of wireless standards uses one channel to
communicate. This channel is set by the network administrator, in a business
environment, or the home user, in a SOHO environment. As you will see, the
available channels are not plentiful as there are between 1 and 3 channels that
you can use in the 2.4 GHz band. We will focus mainly on the SOHO deployment
here per the objectives. In the 5GHZ band there can be as many as 8 channels.
In the US, the 5GHZ band is subject to Federal Communications Commission (FCC)
restrictions limiting to four channels in the lower end of the band
(5.250–5.350 GHz) and five in the upper end of the band
5 GHz Modem/ Router Configuration
You can see the absence of the reserved channels by reviewing
the available channels and noting the gap between Channels 48 and 149. 149 is
the default setting so we’ll leave it alone. If there are connection problems, check
the channel and ensure the Mode supports all of your devices. Also in our case,
switch to another channel, possibly in the lower end of the band. You can also
choose your encryption type which could prevent connections in the case of a
mismatch. Most residential SOHO routers default to WPA/WPA2 (TKIP/AES),
allowing most devices to communicate their credentials and start a session. The
WPA2 (AES) method is faster if your devices support it.
The port forwarding technique allows incoming connections, on a
particular port or port range, to be delivered to a single specific address or
host on the LAN. This is quite useful if you are running a Web server as you’d
want all new inbound traffic on port 80 to go to that device only. This
requires no action on the server’s part since it will respond to specific valid
requests. Here’s how that configuration would look on a SOHO. Your inbound port
80 traffic, from your public IP address, would be directed to the Private IP of
Port Forwarding Configuration Panel
Port Triggering is a variation on this process and requires an
outbound communication to “trigger” that port to receive traffic. This inbound
connection will only be available during a session after which it timeout.
Next on our list is the Dynamic Host Configuration Protocol
(DHCP). I can’t say enough good stuff about this. Imagine having 50 or so users
who need to connect to not only the LAN but the internet as well. This is small
considering what you will face in the field. However without DHCP, you would
have to enter each device configuration individually on each device. This
includes a complete address (IPv4 and IPv6), the subnet mask, the default
gateway, and DNS servers.
DHCP automatically sets up the entire configuration, saving you
the headache of manual configuration. In some cases, for example machines that
should not “move” in terms of their addressing such as web, DNS, and email
servers, these machines would use static or manual addressing for reliable
discovery by all clients. Here is a typical residential/SOHO configuration.
Examine the configuration and picture manually adding this to each client along
with the DNS settings.
DHCP Configuration Panel
You know by now that a DMZ (Demilitarized Zone) is a network
area outside of your private network that is exposed to any and all traffic on
the internet. On the surface, this just looks like trouble. However, there are
good reasons to have this zone. Your web server for example is a prime example
of effective DMZ utilization as the web server can get hammered with traffic
and your LAN will be impervious to it. The services you offer can be delivered without
The main aim is to have a DMZ server receive
the traffic that would normally get dropped by the firewall. The most important
point in this configuration is that the hosts in the DMZ cannot connect to the
LAN. The LAN on the other hand can connect to anything in the DMZ and the
untrusted public network (internet). The DMZ server has access to everything
entirely except your LAN.
NAT stands for Network Address Translation and concerns the
translation of one network address to another address. This, in the vast
majority of cases, allows the translation of a group of private addresses to
communicate externally through a single address, such as the static public
address assigned to you by your ISP. This many-to-one concept is a common
practice, even for large organizations not wishing to expose their networks to
the uncontrollable internet.
Network Address Translation – NAT
More often than not and in spite of DHCP, a NAT client will
typically get the same address every time it connects, unless other
circumstances prevent it such as a small available pool of addresses. This is
where the combination of PAT (Port Address Translation) and NAT combine to form
DNAT (Destination Network Address Translation). Adding the port to the IP
address allows for up to 64,000 addresses to exist from a single IP address.
It’s easy to envision the need for prioritization of programs
and services as there is always contention for bandwidth. The most obvious
example of this would be an environment where basic
QoS (Quality of Service) is not available and you
are on a VoIP phone call. You receive an email and your conversation breaks up for
a short period of time. This is because the email program has the same priority
on the connection as your phone call. This is easily fixed with QoS.
To enable QoS, each device on the network must have QoS enabled.
Most NICs have it enabled by default. Routers and both ends of any
communication must also have QoS enabled. The router is one of the main choke
points in the service. If you find less than optimal network performance for a
particular application, such as video conferencing, you can increase its
priority on your router.
Most routers have built-in settings for popular programs. Some
can be blocked and others increased or decreased based on your needs. Think
carefully about your choices because setting too many programs to the highest priority
level does not help. The priority of the network’s use must be carefully
evaluated before you make any wholesale changes. Remember that real time A/V
communication is dependent on uninterrupted packet transmission and reception and
takes precedence over an upload or download.
provides automatic discovery of available hosts and services on the local
network. It should be used with caution as it is easily exploitable by hackers.
If you use UPnP, many of your security measures are overridden.
Network access can be permitted or restricted based upon whitelists
and/or blacklists. Routers and switches can be configured to enforce a
blacklist which allows network access to everyone except those listed on the
blacklist. Conversely, a white list blocks all traffic except those on the
In addition to white/black listing, network devices can
implement MAC filtering. This technique uses the filter list to permit access
to the devices on the list. This process becomes more tedious as a network
Well that’s it for 220-1001 2.3! You are getting there. Keep on rolling and good luck on the test!
Click here to go back to the A+ Main Domain 2.0 Table of Content
Pass Your IT Certification Exams With Free Real Exam Dumps and Questions
Full Version 220-1001 Dumps