A free video tutorial from Total Seminars • 750,000+ Enrollments
Home of Mike Meyers and his Team of IT Certification Pros
4.7 instructor rating • 35 courses • 363,634 students
In this episode, Mike reviews elements of local area networks.
Learn more from the full courseTOTAL: CompTIA Security+ Certification (SY0-501)
Everything you need to pass the CompTIA Security+ SY0-501 Exam, from Mike Meyers. CompTIA expert and bestselling author.
18:57:19 of on-demand video • Updated March 2021
- This is a complete and comprehensive CompTIA Security+ Certification (SY0-501) course. It is designed to prepare you to be able to take and pass the exam to become CompTIA Security+ Certified.
- Once you complete the course, you will have the knowledge and confidence to pass the CompTIA exam AND the skills to be a great IT security tech. This course is ideal as both a study tool and an on-the-job reference.
- Your new skills and the CompTIA Security+ Certification will help you land a great IT security tech job. Or, if you are already a security tech, get that raise or advancement you are after.
English In this episode I want to do a quick review of a lot of important denizens of our Local Area Network ergo LAN review. So what I'd like to do right now is run through a lot of stuff on switches and routers and such that hopefully you would already know but for completeness let's just go ahead and do a quick review starting with switches. So what I have here in front of me is a pretty standard net gear switch. Now remember switches filter and forward data based on MAC addresses. So switches tend to pretty much work automatically out of the box. However there are some features that we're going to see on the exam I want to just make sure you know. So let's go through those. The first one is the concept of a VLAN. Now normally when I'm talking on this one switch it is one broadcast domain. So if somebody sends out a broadcast it goes out to every other port. However if we want to we can actually split up that single broadcast domain into multiple broadcast domains known as VLAN's. So in essence what I could do is I can set up a VLAN and VLAN's have numbers, you do like VLAN one, VLAN two, you really can't say like VLAN Timmy, it doesn't work that way. But then once I create these VLAN's I can then assign ports and in this case I could say I could take the first this is a 26 port switch I could take the first 12 ports and make it to be VLAN one and the rest of the ports be VLAN two and it would be as though I simply had two completely separate switches. So to see this what I've got is the configuration screen up so let's take a look over here. Now this machine is right out of the box. I have done really no configuration to it whatsoever. I also need to warn you as there are tons of settings in here that I am not going to be covering in a quick review we're just going to hit the ones that I want to make sure you're aware of for the exam. So first of all let's go over to switching. Now, if you take a look on this system I'm going to click on VLAN here you'll see that it has three built in VLAN's. Number one which is the default VLAN and then these two others which I doubt I would ever use. Voice VLAN and audio VLAN. The reason they're doing that is because it's very common if you're using voice over IP to put all your VoIP devices on their own separate VLAN and in this case video as well. Now once you have these VLAN's made and I can make my own VLAN's if I want but let's just stick with these three for the moment. What I can now do is begin to assign different ports to different VLAN's. So I'm going to come over here on this particular machine and see right here when I click on ports you can see right now they're basically not on any body at the moment or what we would call untagged. So if I want to put port 13 on a particular VLAN, in this case two, I'm going to go ahead ope, there it is. Hit apply. And I now have put port 13 onto the second VLAN. The important thing you need to understand with VLAN's is that the moment I put that port 13 onto a separate VLAN it will be as though it disappeared from the switch. The only way I could get other people to talk to it is if I put more ports onto that same VLAN. So VLAN's are absolutely critical tool. It is the way we do what we call layer 2 separation of networks and it's an important security feature. Now the other security feature I want to talk about is flood guarding. Now one of the dangers with switches is that you can accidentally plug them together in such a way that you can create loops or what we call bridge loops. Now a bridge loop will basically knock a network down instantaneously. So what we've developed with any good switch is something called Spanning Tree Protocol or STP. So the nice part about STP's, you pretty much just have to turn it on and let's go back in here and let's make sure STP's even lit up on these guys. So in this particular one there's a little tab for STP. And as I look here, right now STP is disabled, so I'm going to go ahead and turn that on. Now there's STP and then Rapid STP and we pretty much just use Rapid STP and then BPDU flooding is just if we moved boxes around it knows how to track that type of stuff. So really all I need to do in this particular case is make sure that this guy is turned on. So those are the two big things about switches I want to make sure that you're aware of. Number one this is where we set up VLAN's and then number two make sure that you're comfortable with the concept of STP and that it prevents loop floods. So that's a very very good thing. So let's go and do this one more time except this time let me replace this with a router. If switches filter and forward based on MAC address or Layer 2 routers filtered forward based on IP address or Layer 3. So the term layer 3 switch is a very common term that can be used interchangeably with the word router. So if routers filter and forward based on IP addresses routers are going to act as the doorway or the interface between different network IDs. So let's take a look at this. So here's a router that I have right now. And in this particular case this simple router is separating two different network IDs. On one side is 192 168 4. And we'll just put dot 0 since there can be lots of computers in there. So it'll be 190 168 4 dot one for the router itself dot 2, dot 3, dot 4, whatever. And then on the other side it's going to be 10 11 12 0. So the router itself spans and filters and forwards IP addresses between these two different network IDs. Now don't think routers can only do two. For example let's do this again except this time let's span three different network IDs. So here's a router that's separating three different network IDs routers can have lots and lots of different interfaces in them. Anyway let's go back to our original drawing. Now if a router is acting is what we call a gateway it is acting as the interface between your local area network and the big Internet itself, so we call that a gateway router. A gateway router will always be running the Network Address Translation or NAT. In that case our Internet service provider gives one IP address to the router and then the router converts that into a private IP address range which it then passes out to the individual computers on the local area network. Now since this router is already connected to the internet it is very common for us to do something called a firewall. A firewall is a piece of software that is commonly run on a gateway router which protects us from the evils of the Internet, so it can forward and filter based on port numbers, based on IP addresses, URL's, all kinds of different stuff. So we would call this a network firewall because the gateway is running the firewall software and protecting us from the evil of the Internet. So this was a quick and dirty review of some of the terms that you're going to be seeing on the exam. I hope you're familiar with all these terms and can appreciate that I'm doing a very light touch to it. However if there are any terms that I just brought up that you're unaware of I wouldn't think it would be too bad of idea to consider for example my Network+ video series to help you dial in and make sure you really understand what do switches and routers really do.