Acronyms and Command-Line Tool Quick Table
Key Takeaways
- Acronym items are usually scenario questions in disguise—map each acronym to where it appears in a troubleshooting workflow.
- Command-line tools map to layers: local config, name resolution, path testing, port/socket testing, and packet inspection.
- Use ipconfig/ifconfig/ip to verify local addressing before chasing remote services, then move outward.
- Use ping and traceroute carefully—ICMP can be filtered even when the application works fine.
- Use nslookup/dig for DNS, arp for local neighbor mapping, and netstat/ss for listening ports and active sessions.
Acronyms and Command-Line Tools
N10-009 acronym items (Objective 1.8 lists the official acronym set) are usually scenario questions in disguise. A prompt rarely asks "What does DHCP mean?" Instead it says a client has an APIPA address and asks which service or tool to check. Likewise, tool questions (Objective 5.x) hand you a symptom and ask which command isolates it. Learn each item by its job in the workflow.
Acronym Quick Table
| Acronym | Meaning | Fast association |
|---|---|---|
| ACL | Access Control List | Permit or deny traffic |
| ARP | Address Resolution Protocol | IPv4-to-MAC on the local segment |
| BGP | Border Gateway Protocol | Internet/external routing (path-vector) |
| CIDR | Classless Inter-Domain Routing | Prefix notation such as /24 |
| DHCP | Dynamic Host Configuration Protocol | Automatic IP assignment |
| DNS | Domain Name System | Names to IP addresses |
| FHRP | First Hop Redundancy Protocol | Gateway redundancy concept |
| HSRP/VRRP | Hot Standby / Virtual Router Redundancy | Redundant default gateway |
| IDS/IPS | Intrusion Detection/Prevention System | Alerts vs blocks |
| LDAP | Lightweight Directory Access Protocol | Directory queries |
| MTU | Maximum Transmission Unit | Largest payload before fragmentation (1500 default) |
| NAC | Network Access Control | Posture/identity-based access |
| NAT | Network Address Translation | Private-to-public translation |
| NTP | Network Time Protocol | Time synchronization |
| OSPF | Open Shortest Path First | Link-state interior routing |
| PoE | Power over Ethernet | Power + data on twisted pair |
| RADIUS | Remote Authentication Dial-In User Service | AAA for VPN/Wi-Fi/802.1X |
| SNMP | Simple Network Management Protocol | Monitoring/management |
| STP | Spanning Tree Protocol | Layer 2 loop prevention |
| VLAN | Virtual LAN | Layer 2 segmentation |
| VPN | Virtual Private Network | Encrypted tunnel over untrusted network |
| VRF | Virtual Routing and Forwarding | Separate routing tables |
Command-Line Tool Table
| Tool | Platform | Use |
|---|---|---|
| ipconfig | Windows | View/renew IP config (/all, /release, /renew) |
| ifconfig | Linux/macOS (legacy) | View interface config |
| ip | Linux | Addresses, routes, links (ip addr, ip route) |
| ping | All | Reachability/latency via ICMP |
| traceroute / tracert | Linux·macOS / Windows | Hop-by-hop path discovery |
| pathping / mtr | Windows / Linux | Combined path + per-hop loss |
| nslookup / dig | All / Linux·macOS | DNS query testing |
| arp -a | All | Local IPv4-to-MAC cache |
| netstat / ss | All / Linux | Connections and listening ports |
| route / netsh | All / Windows | View or change routing and config |
| nmap | Installed | Port scan/service discovery (with authorization) |
| tcpdump / Wireshark | Linux·macOS / GUI | Packet capture and analysis |
| curl | All | Test HTTP/HTTPS endpoints |
Tool Selection Workflow
| Question | Tool examples |
|---|---|
| Valid IP, mask, gateway, DNS? | ipconfig /all, ip addr, ip route |
| Does the name resolve? | nslookup, dig |
| Reachable at Layer 3 (ICMP allowed)? | ping |
| Where does the path stop? | traceroute, tracert, mtr |
| Is the service port open/listening? | netstat, ss, nmap, curl |
| What is actually on the wire? | tcpdump, Wireshark |
Mini Scenarios
| Symptom | First useful tool |
|---|---|
| Windows client has no network access | ipconfig /all |
| Linux server may have wrong default route | ip route |
| Site fails only by name | nslookup or dig |
| Suspected blocked HTTPS service | curl, port test, firewall logs |
| Suspected duplicate IP on the LAN | arp -a, switch MAC table |
Worked Scenario: "The Server Is Down" (But It Isn't)
A help-desk ticket says an internal web app is "down." Resist jumping to a tool—work outward by layer. First confirm local addressing with ipconfig /all or ip addr: a 169.254 address or a missing gateway redirects you to DHCP, not the server. Next test name resolution with nslookup app.corp.local; a wrong or empty record points at DNS, not the app. If the name resolves, try ping to the server IP, but remember ICMP may be filtered, so a failed ping is not proof of an outage. The decisive test is the actual service port: curl -v https://app.corp.local or a port check on 443.
If the TCP handshake completes but the page errors, the network is fine and the application or web service is the fault domain. This sequence—local config, DNS, reachability, port, application—prevents the most common Network+ trap of blaming the wrong layer.
ICMP, TTL, and MTU Gotchas
Three behaviors trip candidates. ICMP can be rate-limited or blocked by firewalls, so traceroute may show timeouts mid-path while traffic still flows end to end—do not read a starred hop as a dead router. The TTL (time to live) field decrements at each hop and prevents loops; a destination unreachable due to TTL expiry signals a routing loop, not a dead host.
MTU mismatches (default Ethernet 1500 bytes) cause large packets to fail while small ones like ping succeed; the clue is "small transfers work, large file copies or TLS handshakes hang." Knowing these means you interpret tool output correctly instead of misreading a filtered or fragmented path as a true failure.
Common Traps
- Running traceroute before confirming the host even has a valid IP configuration.
- Assuming a ping failure proves the application is down—ICMP may simply be filtered.
- Using nmap or packet capture without authorization in a production environment.
- Forgetting that DNS can return the wrong address even when the server responds.
- Confusing ARP (local IPv4-to-MAC) with DNS (name-to-IP) resolution.
- Treating a command name as universal when flags differ across operating systems.
A website fails only when accessed by name but works by IP address. Which tool most directly isolates the cause?
A Linux server may have the wrong default gateway. Which command family is most appropriate?
Which tool-to-purpose matches are correct? Select three.
Select all that apply