CompTIA Network+ Summary Part 1

This is a summary of my notes on Chapter 1 of the CompTIA Network+ Certification Exam ALL-IN-ONE Book by Mike Meyers, Seventh Edition.

Things to keep in mind:


  • Synthesizing paragraphs while using a huge list of facts sometimes results in dreadful sentences. It also results in some streams of thought that end abruptly. In any case, this is just a summary of notes and not an essay.

  • Packet, data, frame – these are sometimes used interchangeably.

  • When referring to a NIC sending off data through a cable it’s important to understand that wireless capability is also implied. The distinction far exceeds the goal of this chapter.

  • Some things are repeated but this is simply for reinforcement.

1. OSI Model

All People Seem To Need Data Processing. Please Do Not Throw Sausage Pizza Away. Acronyms save lives. The Application Layer makes it possible for you to see what’s happening. The Presentation Layer makes the Application Layer run properly. The Session Layer makes sure you are talking to the right entity. The Transport Layer makes sure that data is split and reformed properly. The Network Layer makes it possible for your data to use the public infrastructure, the digital highway. The Data Link Layer gives your data a home address. The Physical layer is the actual cables and hardware that make it all possible. This is the OSI Model. Seven layers.

Moving data between computers isn’t magic; it’s physical and you can touch it. Layer one is simply the cabling that creates the “web” in world-wide-web. Wireless networks exist, but for every wireless network there is a cable at its root. Layer two is where devices deal with Media Access Control (MAC) addresses, so switches operate at layer two. The weird guy is the Network Interface Card (NIC), who operates on both of the first two layers, Physical and Data Link. The Data Link Layer is split into two parts: the Logical Link Control (LLC) and MAC which is explained later. Internet Protocol is the network protocol and therefore makes up layer three, the Network Layer. Data, undoubtedly, is usually much larger than 1500 bytes and so the fourth layer, the Transport Layer works its magic. Data is split into small chunks, placed in the logical order, and sent to the NIC. This is why the port information and the data itself is held within a segment, which in turn is held within a packet; segmentation – the work of the Transport layer. The Transport Layer is also responsible for reassembling those segments in the correct order to form the entire intended product. They do that by using sequence numbers which are placed inside the segments. If the protocol being used is UDP instead of TCP, the segment is referred to as a datagram and has no sequence number. In this way, error handling is sacrificed for up-time. The best example is downloading a file versus streaming a live event:

TCP is connection-oriented while UDP is connectionless. Downloading a file requires data integrity because all parts are required for the whole to work. TCP is used and the sequence numbers help reassemble the data into the entire file whereas streaming a live event requires a constant stream of packets and interrupting the stream to handle sequencing and any errors would ruin the whole point. Therefore, UDP, or User Datagram Protocol, is used for the stream. Any errors with the data are stepped over and the stream continues. Your stream may freeze for a second and skip forward a bit, but because it’s UDP, you won’t be able to fix that. The stream just continues. Another use case for non-sequencing datagrams would be online multiplayer games. Fast paced games have no time for error handling and sequence reassembly. So if there is some kind of packet loss on your end, you’ll see players suddenly teleport on your screen. But, the game still continues and that’s the point.

The fifth layer, the Session Layer, creates sessions between applications. Sessions are initiated, accepted, opened, and closed here. The sixth layer, the Presentation Layer, translates all the prior layer data into usable data for the seventh and last layer, the Application Layer.

Protocols make it possible for a standardized way of accessing and managing software and hardware at each layer. Without a standard the internet would be chaos. Protocols provides agreed upon procedures for handing data as it traverses a system. They function on more than one layer as well. TLS, for example, initiates on layer five, the Session Layer, but performs its magic in layer six, the Presentation Layer.

2. Network Interface Cards

Network Interface Cards (NIC), prior to being integrated onto the motherboard, used to be connected into an expansion point on the motherboard. NIC’s provide an access point between cables and your glorious computer. Every NIC has a 48-bit identifier called a Media Access Control (MAC) Address. This address is how you tell computer’s apart. It is also how companies used to “hardware ban” old gaming consoles if a player was caught cheating. IP addresses could easily be changed, but changing the MAC address on a gaming console is a bit more hands-on. But atlas, people found a way and altered their console MAC addresses to get around bans. It is important to note that from a manufacturer standpoint the same MAC address was never used for two different NIC’s; the address is always unique across the entire system, but since MAC’s can be easily changed, this “philosophy” is moot. A MAC address is written in hexadecimal and since a MAC address is 48 bits, the actual address is 12 hexadecimal characters; 4 bits per character. Here is an example:


  • 00:00:00:00:00:00


Hexadecimal is easy enough to understand: 0-9 and A = 10, B = 11, C = 12, D = 13, E = 14, F = 15. That gives 16 values because we start from 0. Keep moving the 1 over to the left, change 0’s to 1’s in succession and success:

  • 0001 = 1

  • 0010 = 2

  • 0011 = 3

  • 0100 = 4

  • 0101 = 5

  • 0110 = 6

  • 0111 = 7

  • 1000 = 8

  • 1001 = 9

  • 1010 = 10 or A

  • 1011 = 11 or B

  • 1100 = 12 or C

  • 1101 = 13 or D

  • 1110 = 14 or E

  • 1111 = 15 or F


AF:00:1F:22:1D:11 in hexadecimal = 10101111:00000000:00011111:00100010:00011101:00010001 in binary.

For MAC, the first six digits represent the NIC manufacturer and the six last digits are the manufacture’s unique serial number. So for this example address:


  • AF:00:1F:22:1D:11


AF:00:1F = the NIC manufacture and 22:1D:11 = the unique serial that the manufacturer chose when producing this specific address. NIC’s are responsible for creating, sending, receiving, and reading frames which are basically capsules or vehicles that hold data during transmission. Frames are the protocol data unit (PDU) for layer 2, the Data Layer. Every NIC on the same network must use the same type of frame. Frames begin with the destination MAC address followed by the source MAC address, then comes the Type field, then the IP packet which holds the actual data being transmitted, and finally the frame check sequence (FCS) which is 4 bytes long. The Type field indicates what kind of data is encapsulated. The FCS holds a cyclic redundancy check (CRS) which is used by the receiving NIC to verify data integrity. The standard maximum for data size within a frame is 1500 bytes.

NIC’s verify MAC addresses of other systems on the server by broadcasting onto the network with the question. The reserved MAC address: FF:FF:FF:FF:FF:FF, or 11111111:11111111:11111111:11111111:11111111:11111111, is used by a NIC to send out a frame that every system on the network will process. If a frame is designated towards a specific MAC, then it is regarded as a unicast frame and the process called unicast addressing.

With Hubs, every frame would hit every NIC but only the addressed NIC would process the data. Hubs were soon replaced with switches which filter traffic by MAC address; frames only go where they need to go. Regarding the specificity of NIC operations, there are two parts to how they work. The Logical Link Control (LLC) communicates with the operating system while the MAC creates and addresses the frames which are then sent over the physical(or wireless) cabling. The MAC also handles the FCS.

When it comes to large networks, things have to be segmented into smaller controllable networks called subnets. Routers route traffic between subnets and to the wider internet by using IP addresses.

Transmission Control Protocol/Internet Protocol(TCP/IP) is a protocol suite. IP is part of Layer 3, the Network Layer and in this layer packets are created and addressed. IP is a logical address as opposed to MAC, a physical address. IP uses a dotted-octet numbering system: four 8-bit numbers that each range from 0 to 255. For example:


  • 192.168.12.244


Packets are made up of two containers: the IP addresses and the data(which is also referred to as a segment). Packets begin with the destination IP address followed by the source IP address. So It goes like this:

  • (Frame(Packet(data)))


A more complicated version:

  • {Frame[Dest MAC][Source MAC](Packet[Dest IP][Source IP](Segment[Port(data)]))[FCS]}


The NIC encapsulates the packet inside a frame and then sends it off through the cabling. Frames hit several routers along their path to a destination. Every time a frame hits a router, the router peels back the frame and peaks at the destination IP address and determines whether to keep it or to send it off in which case it will re-encapsulate the packet into a new frame and send it. So, frames are continuously ripped open and reformed, but the IP packet is never touched until they reach their destination. Frames can be different according to the medium of which they are traveling through, but IP packets are universal and stay unchanged. It’s important to remember that the NIC doesn’t handle the packet in any way aside from fetching the destination IP and encapsulating within a frame. When a packet reaches its destination, the NIC sends it off to services that can handle the data.

Each packet holds the total sequence and the specific sequence number, so that the Transport Layer can correctly reassemble data. If packets aren’t received in the correct order, the Transport Layer starts asking questions that will lead to a correction. The Session Layer creates sessions between applications. The Presentation Layer formats data so that the Application Layer can properly function. The Application Layer, not to be confused with the application itself, is basically the operating system code that makes networking a possibility for software applications – also referred to as an Application Programming Interface (API). Your browser application, for example, requires the API to function.

3. TCP/IP

TCP/IP has replaced the OSI Model. TCP/IP has four layers instead of the OSI seven and includes the Application Layer, Transport Layer, Internet Layer, and Link Layer. The Link Layer is comprised of the physical and data link layer and therefore, the cabling, MAC, NIC’s, and switches are all included. In this case, frames are entirely handled by the Link Layer. The Internet Layer handles IP packets, not caring about data types or data integrity. The Transport Layer combines the OSI Transport and Session Layers.

In the Transport Layer, TCP segments are processed. TCP segments hold the destination port, source port, checksum, flags, and acknowledgment. Web Servers for example, are constantly listening for TCP segments that contain a destination port of 443 which is the HTTPS protocol. It must be understood that web servers accessible on the internet can be bombarded with loads of different packets but when that specific destination port 443 or even 80, HTTP protocol, is found within the packet segment, the web servers only then grab the packet and process them. They ignore all packets with destination ports other than 443 or 80.

UDP datagrams, on the other hand, don’t contain all the extra fields that TCP segments do because UDP doesn’t care about data integrity, it just sends the data onward in a constant stream until the session is stopped. A UDP datagram is made up for a destination port, source port, length, checksum, and data.

Finally, the TCP/IP Application Layer combines the Session Layer, Presentation Layer, and Application Layer of the OSI Model. In short:


  • Application Layer creates data.

  • Transport Layer places data into segments or datagrams.

  • Internet Layer places segments and datagrams into IP packets.

  • Link Layer places IP packet into frame.


If you’re going by the OSI Model, you might disqualify the first two layers, Physical and Data Link, as the problem if you discover the NIC to be working properly in some sort of network situation, but if you went by the TCP/IP Model, you would simply disqualify the Link Layer.

The Presentation Layer is quite unnecessary, basically non-existent within the TCP/IP Model, in that it simply makes note of the fact that different applications will require different data formatting. A good example is that all e-mail servers and clients use the MIME application format for processing data to be used by the API.