Network+ Interactive Workbook

Chapters 7-20 -- Comprehensive Study with Interactive Labs
Network+ Hub Web House

Chapter 7 -- IP Addressing

IPv4 / IPv6 / Private vs Public

IP addressing defines how devices locate and communicate across networks. IPv4 uses 32-bit dotted-decimal addresses, while IPv6 uses 128-bit hexadecimal notation to solve address exhaustion.

IPv4 Fundamentals

  • 32 bits, divided into 4 octets (0-255 each)
  • Address classes (A-E) define ranges and purpose
  • Private ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
  • APIPA: 169.254.0.0/16 -- self-assigns when no DHCP is found
  • Loopback: 127.0.0.1 -- tests the local TCP/IP stack
IPv4 Address Classes Class A: 1-126 Class B: 128-191 Class C: 192-223 Class D: 224+ Class E: 240+

Chapter 8 -- Subnetting & Troubleshooting

CIDR / NAT / Troubleshooting

Subnetting divides large networks into manageable segments for efficiency and security. CIDR notation replaces classful addressing, and structured troubleshooting isolates failures step by step.

Interactive Subnet Calculator
Structured Troubleshooting Lab

Follow the bottom-up troubleshooting methodology. Work through each layer to isolate the fault.

Knowledge Check (3 Questions)

Q1: What is the subnet mask for /26?

Q2: How many usable hosts does a /26 subnet have?

Q3: If pinging 127.0.0.1 fails, what is the likely problem?

Chapter 9 -- IP Routing

Static / Dynamic / Routing Tables

Routing determines how packets travel between networks. Static routes are manually defined, while dynamic protocols like RIP, OSPF, and BGP discover paths automatically.

Interactive Routing Visualizer
Live Routing Table

The routing table updates based on the selected mode above.

DestinationNext HopMetricProtocol
Router# show ip route
Knowledge Check (3 Questions)

Q1: Which routing type requires manual administrator configuration?

Q2: Which protocol uses hop count as its metric?

Q3: Which protocol uses link-state advertisements?

Chapter 10 -- Routing Protocols

RIP / OSPF / BGP / EIGRP

Routing protocols automate route discovery between routers. Interior Gateway Protocols (IGPs) like RIP and OSPF operate within an autonomous system, while Exterior Gateway Protocols (EGPs) like BGP connect different systems.

Protocol Comparison & Visualizer
Protocol Quick Reference
ProtocolTypeMetricAlgorithmUpdatesMax Hop
RIP v2IGP (Distance Vector)Hop CountBellman-FordEvery 30s (broadcast)15
OSPFIGP (Link-State)Cost (bandwidth)Dijkstra SPFTriggered (LSAs)None
EIGRPIGP (Advanced DV)Composite (BW+Delay)DUALTriggered255
BGPEGP (Path Vector)AS Path + PoliciesBest PathIncrementalNone
Knowledge Check (4 Questions)

Q1: Which protocol has a maximum hop count of 15?

Q2: Which protocol connects different autonomous systems?

Q3: Which algorithm does OSPF use?

Q4: What type of protocol is EIGRP considered?

Chapter 11 -- Switching & VLANs

MAC Learning / VLAN Tagging / STP / Port Security

Switches operate at Layer 2, forwarding frames based on MAC addresses. VLANs segment broadcast domains, STP prevents loops, and port security controls device access.

Interactive VLAN Port Simulator

Click any port to toggle its VLAN assignment between VLAN 10 (blue) and VLAN 20 (purple). Toggle the trunk link to see how tagged frames traverse inter-switch connections.

Fa0/1
VLAN 10
Fa0/2
VLAN 20
Fa0/3
VLAN 10
Fa0/4
VLAN 20
Fa0/5
VLAN 10
Fa0/6
VLAN 20
Trunk: OFF
Spanning Tree Protocol (STP) Simulation

STP (802.1D) prevents switching loops by electing a root bridge and blocking redundant links.

Port Security Demo

Port security limits which MAC addresses can connect. Violations trigger shutdown, restrict, or protect modes.

Knowledge Check (3 Questions)

Q1: Which IEEE standard defines VLAN tagging?

Q2: Which protocol prevents Layer 2 loops?

Q3: What happens when port security detects a violation in shutdown mode?

Chapter 12 -- Wireless Technology

Wi-Fi Standards / Channels / IoT / Security

Wireless networking uses radio waves instead of cables. IEEE 802.11 standards define communication over 2.4 GHz and 5 GHz bands, while security protocols like WPA3 protect data confidentiality.

Wi-Fi Standards Explorer

Click each standard to see its specifications.

2.4 GHz Channel Overlap Visualizer

Only channels 1, 6, and 11 are non-overlapping in the 2.4 GHz band. Other channels cause co-channel interference.

2.4 GHz Band -- Channel Overlap Ch 1 Ch 6 Ch 11 Ch 3-4 Ch 8-9
Wireless Security Protocols
ProtocolEncryptionKey ExchangeStatus
WEPRC4 (40/104-bit)Static shared keyBroken -- never use
WPATKIP (RC4-based)PSK or 802.1XLegacy -- avoid
WPA2AES-CCMP (128-bit)PSK or 802.1XSecure
WPA3AES-GCMP / SAESAE (Dragonfly)Recommended
Knowledge Check (3 Questions)

Q1: Which 2.4 GHz channels are non-overlapping?

Q2: Which standard first introduced 5 GHz support?

Q3: What encryption does WPA2 use?

Chapter 13 -- Using Statistics & Sensors for Network Availability

SNMP / Monitoring / Sensors / Alerts

Network availability depends on performance monitoring, SNMP management, and environmental sensors that detect issues before outages occur.

Performance Metrics Dashboard

Click Refresh to simulate real-time metric updates. Watch for threshold alerts.

CPU

32%

Bandwidth

57%

Memory

45%

Uptime

99.9%
SNMP Communication Flow

SNMP uses agents on managed devices and a central manager. Agents send traps (alerts) and respond to GET/SET requests.

Environmental Sensor Simulation

Simulate server room conditions. Watch for threshold breaches.

Knowledge Check (3 Questions)

Q1: What SNMP message does an agent send unsolicited to alert the manager?

Q2: Which metric measures system reliability over time?

Q3: What does MIB stand for in SNMP?

Chapter 14 -- Organizational Documents & Policies

Governance / Compliance / Incident Response

Policies and plans guide how organizations prepare for, respond to, and recover from incidents. They ensure consistency, accountability, and compliance.

Policy Hierarchy
Strategic (Governance) Tactical (BCP / DRP / IRP) Operational (AUP / SOP / NDAP / SLA)
Policy Browser
Business Continuity Plan (BCP)
Disaster Recovery Plan (DRP)
Incident Response Plan (IRP)
Acceptable Use Policy (AUP)
Service Level Agreement (SLA)
Network Diagrams & Asset Policy
Incident Response Playbook

Follow the NIST incident response lifecycle. Click each phase in order.

Knowledge Check (3 Questions)

Q1: Which plan focuses on restoring IT systems after a disaster?

Q2: Which document defines acceptable employee technology use?

Q3: What is the difference between BCP and DRP?

Chapter 15 -- High Availability & Disaster Recovery

Load Balancing / Clusters / RTO-RPO

HA and DR ensure business continuity through redundancy, load balancing, fault tolerance, and rapid recovery planning. The goal: eliminate single points of failure.

Core HA Techniques
Load Balancing (Round-Robin, Weighted, Affinity) Multipathing -- Multiple storage paths NIC Teaming -- Bandwidth + Failover Switch Stacking / Clustering FHRP (HSRP / VRRP / GLBP) Active/Active vs Active/Passive
Recovery Site Tiers
Hot Site
Fully operational mirror -- immediate failover. Most expensive. RTO: minutes.
Warm Site
Pre-configured hardware + recent backups. Moderate cost. RTO: hours to days.
Cold Site
Empty facility awaiting hardware delivery. Cheapest. RTO: days to weeks.
Cloud Site
Elastic IaaS recovery via AWS/Azure/GCP. Pay-as-you-go. RTO varies.
Reliability Metrics

MTTR -- Mean Time to Repair (should be LOW)

MTBF -- Mean Time Between Failures (should be HIGH)

RTO -- Recovery Time Objective (target restoration window)

RPO -- Recovery Point Objective (acceptable data loss)

Knowledge Check (4 Questions)

Select only the TRUE statements.

Chapter 16 -- Common Security Concepts

CIA Triad / Authentication / Defense-in-Depth

Security concepts form the foundation of cybersecurity. The CIA Triad, authentication methods, and defense-in-depth work together to reduce risk and maintain resilience.

Interactive CIA Triad

Click each pillar to explore real-world examples and controls.

Authentication Factor Explorer

Authentication verifies identity using one or more factors.

Something You Know
Passwords, PINs
Something You Have
Smart card, token
Something You Are
Fingerprint, retina
Somewhere You Are
Geolocation, IP
Defense-in-Depth Layers
Physical Security Network Security Host Security Application Security Data Security User Training
Knowledge Check (3 Questions)

Q1: Which CIA pillar ensures data is not altered without authorization?

Q2: Which security approach uses multiple overlapping protective layers?

Q3: A fingerprint scanner is which authentication factor?

Chapter 17 -- Common Types of Attacks

Phishing / DoS / Spoofing / Injection

Cyber attacks exploit vulnerabilities in people, networks, and applications. Understanding attack types helps professionals anticipate, detect, and prevent breaches.

Phishing
Spear Phishing
Vishing
Pretexting
Tailgating
Baiting
Knowledge Check (4 Questions)

Q1: Which attack tricks users into revealing credentials via fake emails?

Q2: Which attack intercepts communication between two parties?

Q3: What type of attack inserts malicious SQL into input fields?

Q4: Following someone through a secure door without scanning is called?

Chapter 18 -- Network Hardening Techniques

Firewalls / Baselines / Patch Management

Network hardening reduces attack surface by disabling unnecessary services, applying patches, configuring firewalls, and enforcing security baselines.

Interactive Hardening Checklist

Apply each control and watch the security posture improve.

Security Posture: 0%

Firewall Rule Builder

Build ACL rules and see the resulting policy.

! Firewall ACL (empty) ! Add rules above to build your policy
Knowledge Check (3 Questions)

Q1: Which device filters traffic at the network edge?

Q2: What reduces attack surface by removing unnecessary entry points?

Q3: Why is SNMP v3 preferred over v1/v2c?

Chapter 19 -- Remote Access Security

VPN / Encryption / Zero Trust

Remote access security ensures users connect to corporate resources safely over public networks. VPNs, encryption protocols, and Zero Trust architecture protect against interception and misuse.

VPN Tunnel Visualizer

Compare insecure vs secure connections and VPN tunnel types.

Remote Authentication Models
RADIUS
TACACS+
SAML / SSO
Zero Trust
IPSec
SSL/TLS VPN
Knowledge Check (3 Questions)

Q1: Which technology creates encrypted tunnels for remote access?

Q2: What is the core principle of Zero Trust?

Q3: What is the difference between full tunnel and split tunnel VPN?

Chapter 20 -- Physical Security

Access Control / Surveillance / Environmental

Physical security protects IT assets, data centers, and personnel from environmental and human threats. It complements cybersecurity by controlling who can physically access critical infrastructure.

Facility Security Zones
Data Center Facility Perimeter (Fence, Gates, Cameras) Lobby Badge Reader Security Guard Visitor Log Server Room Biometric Lock CCTV Recording Fire Suppression Temp/Humidity Sensors MDF Locked Cabinet
Access Control Simulator

Simulate different entry scenarios and observe the security system response.

Physical Security Tier Evaluator

Select the controls your facility has. Aim for Tier 3+ for production data centers.

Security Tier: 0 (Unprotected)

Knowledge Check (3 Questions)

Q1: CCTV cameras are which type of security control?

Q2: Tailgating is what type of threat?

Q3: What prevents unauthorized people from following through a secure door?

You have completed all 14 chapters of the Network+ Interactive Workbook (Ch. 7-20).