Standards and Concepts
16-17%of exam
Addressing and Subnets
16-17%of exam
Endpoints and Media
16-17%of exam
Infrastructure
16-17%of exam
Diagnosing Problems
16-17%of exam
Security
16-17%of exam
Quick Facts
- Exam
- 100-150
- Credential
- CCST Networking
- Time
- 50 min
- Price
- US$125
- Level
- Entry-level
- Prereqs
- None
- Result
- Pass/fail
- Weights
- Not public
OSI Order
Please Do Not Throw Sausage Pizza Away
PhysicalData LinkNetworkTransportSessionPresentationApplication
Bandwidth vs Throughput
Bandwidth
- Maximum capacity
- Theoretical ceiling
- Link capability
Throughput
- Actual rate
- Measured performance
- Real conditions
Capacity vs actual
Models
- OSI L1
- Bits and media
- OSI L2
- Frames and MACs
- OSI L3
- Packets and IP
- OSI L4
- TCP/UDP ports
- Frame
- Layer 2 unit
- Packet
- Layer 3 unit
- Segment
- TCP data unit
- Encapsulation
- Headers added
TCP vs UDP
TCP
- Connection-oriented
- Reliable
- Sequenced
UDP
- Connectionless
- Low overhead
- Best effort
Reliability vs speed
Network Types
- PAN
- Personal range
- LAN
- Local site
- WLAN
- Wireless LAN
- CAN
- Campus network
- MAN
- Metro area
- WAN
- Wide area
- Cloud
- Provider-hosted services
- On-prem
- Locally hosted services
Protocols
- FTP 20/21
- Plain file transfer
- SFTP 22
- SSH file transfer
- TFTP 69
- Simple UDP transfer
- HTTP 80
- Plain web
- HTTPS 443
- Encrypted web
- DHCP 67/68
- Address leasing
- DNS 53
- Name resolution
- ICMP
- Reachability messages
- NTP 123
- Time sync
- TCP
- Reliable transport
- UDP
- Low-overhead transport
Private Ranges
Ten, seventeen, one-ninety-two stay private
10/8172.16/12192.168/16NAT outward
Public vs Private
Public
- Internet routable
- Globally unique
- ISP assigned
Private
- Internal use
- Needs NAT
- RFC1918 ranges
Global vs local
Subnet Picker
- Need local delivery→Same subnet
- Need remote delivery→Default gateway
- Need public reach→NAT
- DHCP fails→Check APIPA
- Name fails→Check DNS
- IPv6 local only→FE80 address
IPv4
- IPv4
- 32-bit address
- /24
- 255.255.255.0
- /25
- 128 addresses
- /26
- 64 addresses
- /27
- 32 addresses
- /30
- Two usable hosts
- Gateway
- Off-subnet exit
- Broadcast
- Subnet-wide delivery
MAC vs IP
MAC
- Layer 2
- Hardware address
- Local delivery
IP
- Layer 3
- Logical address
- Routed delivery
Local vs routed
Private IPv4
- 10.0.0.0/8
- Private range
- 172.16.0.0/12
- Private range
- 192.168.0.0/16
- Private range
- 169.254.0.0/16
- APIPA range
- 127.0.0.1
- Loopback
- Public IP
- Internet-routable
- Private IP
- Needs NAT
- NAT
- Address translation
IPv6
- IPv6
- 128-bit address
- ::1
- Loopback
- FE80::/10
- Link-local
- FF00::/8
- Multicast
- 2000::/3
- Global unicast
- /64
- Common LAN prefix
- ::
- Zero compression
- SLAAC
- Auto addressing
Wi-Fi vs Cellular
Wi-Fi
- Local AP
- SSID based
- Private admin
Cellular
- Carrier network
- SIM/eSIM
- Wide coverage
AP vs carrier
Media
- Copper
- Electrical signaling
- Fiber
- Light signaling
- Coax
- Broadband cable
- UTP
- Twisted pair
- Cat 5e
- Gigabit copper
- Cat 6
- Higher-speed copper
- SMF
- Long-distance fiber
- MMF
- Shorter fiber
Connectors
- RJ45
- Ethernet copper
- RJ11
- Phone cable
- LC
- Fiber connector
- SC
- Fiber connector
- SFP
- Modular transceiver
- USB-C
- Endpoint adapter
- Console
- Device management
- PoE
- Power over Ethernet
Endpoint Checks
- Windows
- ipconfig
- Linux
- ip addr
- macOS
- Network settings
- Android
- Wi-Fi details
- iOS
- Wi-Fi info
- NIC
- Network adapter
- SSID
- Wi-Fi name
- Airplane mode
- Radios disabled
Switch vs Router
Switch
- Layer 2
- MAC table
- Same LAN
Router
- Layer 3
- Routing table
- Between networks
Frames vs packets
Infrastructure Picker
- Same LAN devices→Switch
- Different networks→Router
- Wireless clients→Access point
- Traffic filtering→Firewall
- Many VLANs→Trunk
- One endpoint VLAN→Access port
Device Roles
- Switch
- Connects LAN devices
- Router
- Connects networks
- AP
- Wireless access
- Firewall
- Filters traffic
- Modem
- Provider handoff
- Server
- Provides services
- Client
- Consumes services
- Printer
- Network endpoint
Switching
- MAC table
- Switch lookup
- Flooding
- Unknown destination
- VLAN
- Broadcast segment
- Access port
- One VLAN
- Trunk
- Many VLANs
- STP
- Loop prevention
- Link light
- Physical status
- Duplex
- Send/receive mode
Routing
- Route
- Network path
- Default route
- Unknown destinations
- Static route
- Manual path
- Dynamic route
- Learned path
- Metric
- Path cost
- Hop
- Next router
- ARP
- IP-to-MAC mapping
- TTL
- Loop limiter
Ticket Flow
Scope, test, fix, verify, document, escalate
ScopeTestFixVerifyDocumentEscalate
DNS vs DHCP
DNS
- Names to addresses
- Resolver setting
- Website names
DHCP
- Leases addresses
- Scope setting
- Client IP config
Names vs leases
Diagnostic Picker
- No link light→Check cable
- No IP address→Check DHCP
- IP works only→Check DNS
- Path stops→traceroute
- Need packet proof→Wireshark
- Cisco status needed→show commands
Commands
- ping
- Tests reachability
- traceroute
- Shows path hops
- tracert
- Windows path hops
- nslookup
- Queries DNS
- ipconfig
- Windows IP settings
- ifconfig
- Legacy interface info
- arp -a
- Shows ARP cache
- netstat
- Shows connections
Troubleshooting
- Identify
- Gather symptoms
- Scope
- Who is affected
- Theory
- Likely cause
- Test
- Prove theory
- Fix
- Apply change
- Verify
- Confirm service
- Document
- Record outcome
- Escalate
- Transfer cleanly
Security AAA
Authenticate, authorize, account for access
IdentityPermissionLogging
AuthN vs AuthZ
AuthN
- Who are you
- Login proof
- Identity
AuthZ
- What allowed
- Permission check
- Access
Identity vs permission
Security Picker
- Need identity proof→Authentication
- Need allowed actions→Authorization
- Need traffic control→Firewall
- Home Wi-Fi setup→WPA2/WPA3
- Guest devices→Guest network
- Unknown threat→Escalate
Security Basics
- CIA
- Security triad
- Authentication
- Proves identity
- Authorization
- Grants access
- Accounting
- Tracks actions
- MFA
- Multiple factors
- Encryption
- Protects data
- Patch
- Fixes flaws
- Least privilege
- Minimum access
Wireless Security
- WPA2
- Common Wi-Fi security
- WPA3
- Modern Wi-Fi security
- PSK
- Shared passphrase
- SSID
- Network name
- Guest Wi-Fi
- Isolated access
- WPS
- Disable if risky
- Evil twin
- Rogue AP
- Firewall rule
- Permit or deny
Common Traps
Official Weights
Cisco lists topics ≠ Weights not public
Ping Passing
ICMP works ≠ App may fail
DNS Failure
IP may work ≠ Names may fail
APIPA Meaning
DHCP likely failed ≠ Cable not proven
Switch Role
MAC forwarding ≠ Not IP routing
Router Role
IP routing ≠ Not MAC switching
SSID Hiding
Name still discoverable ≠ Not real security
Fix Process
Verify before closing ≠ Document after fix
Last Minute
- 1.Cisco publishes no weights
- 2.Exam: 100-150, 50 minutes
- 3.Switches forward by MAC
- 4.Routers forward by IP
- 5.DNS resolves names
- 6.DHCP leases IP settings
- 7.APIPA suggests DHCP failure
- 8.Gateway exits local subnet
- 9.WPA2/WPA3 for Wi-Fi
- 10.Document before closing ticket
- 11.Wireshark proves packet facts
- 12.Escalate with clean evidence
Buy on Amazon
Take courses on UdemySame family resources
Explore More Cisco Certifications
Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.
More From This Family
Videos and articles for deeper review.
VideoBest Cable Testers for Network Technicians in 2026: Klein VDV526-200 vs Fluke vs TRENDnetVideoCCNA 200-301 Study Plan: Pass in 3-5 Months (2026)VideoFREE Cisco CCST Cybersecurity (100-160) Exam Guide 2026: Pass First TryArticleFREE Cisco CCST Networking (100-150) Exam Guide 2026: Pass First Try, Domains, Cost, CCNA Path26 min readArticleBest Cable Testers for Network Technicians in 2026: Klein VDV526-200 vs Fluke vs TRENDnet14 min readArticleCCNA 200-301 Study Plan: Pass in 3-5 Months (2026)15 min readArticleFREE Cisco CCST Cybersecurity (100-160) Exam Guide 2026: Pass First Try20 min read