Skip to main content
Revy's Tech Journey, powered by Revtek
Study Guide · A+ Core 1 · CompTIA 220-1201 V15

What each objective is asking you to know

Plain-English reference for every CompTIA A+ Core 1 V15 objective. Each entry covers what the exam tests, key facts, and how the concept connects to neighboring objectives. Pair with Quiz and Flashcards to lock it in.

Objective 2.4

Objective 2.4: Explain common network configuration concepts

Cert: CompTIA A+ Core 1 (220-1201) V15 Domain: 2.0 Networking Weight: ~23% of Core 1 Depth: Explain. Understand DNS record types, DHCP scope concepts, VLAN, and VPN.

What this objective tests

You should know the common DNS record types (A, AAAA, CNAME, MX, TXT) and the email-related TXT records used to fight spoofing (SPF, DKIM, DMARC). You should understand DHCP scope concepts (leases, reservations, scope, exclusions). You should know what a VLAN does and what a VPN does.

Key facts

DNS record types:

  • A record. Maps a hostname to an IPv4 address. The most common record.
  • AAAA (quad-A) record. Maps a hostname to an IPv6 address. Increasingly important.
  • CNAME (Canonical Name) record. Alias from one hostname to another (which itself has an A or AAAA record). Used to point multiple names at the same destination.
  • MX (Mail Exchanger) record. Tells sending mail servers where to deliver mail for a domain. MX records have a priority value; lower number is preferred.
  • TXT record. Free-form text record. Used for many purposes, including domain ownership verification and email spoofing protection.

Email-related TXT records (spam management):

  • SPF (Sender Policy Framework). Lists the IP addresses authorized to send email for the domain. Receiving servers check the sender's IP against the SPF record.
  • DKIM (DomainKeys Identified Mail). Cryptographically signs outgoing email with a private key the domain owns. Receiving servers verify the signature using a public key published in DNS.
  • DMARC (Domain-based Message Authentication, Reporting, and Conformance). Policy on top of SPF and DKIM. Tells receiving servers what to do with email that fails SPF or DKIM (allow, quarantine, reject) and where to send aggregate reports.

All three (SPF, DKIM, DMARC) work together. Setting up all three correctly is the modern standard for outbound email deliverability.

DHCP concepts:

  • Scope. The range of IP addresses the DHCP server can hand out. Example: 192.168.1.100 to 192.168.1.200.
  • Lease. The duration an assigned IP is valid before the client must renew. Common lease times: 8 hours, 1 day, 7 days. Shorter for guest networks, longer for stable corporate.
  • Reservation. Bind a specific IP to a specific MAC address inside the scope so the device always gets the same address.
  • Exclusion. A range within the scope that the DHCP server will NOT hand out, leaving those addresses available for static assignment (printers, servers, infrastructure).

VLAN (Virtual LAN):

  • A logical separation of a physical network into multiple isolated broadcast domains.
  • Devices on different VLANs cannot communicate directly without a router or layer-3 switch passing traffic between them.
  • Used to segregate traffic by purpose (corporate vs guest vs voice vs IoT), to limit broadcast scope, and as a security control.

VPN (Virtual Private Network):

  • A secure tunnel across an untrusted network (usually the internet) that makes the remote device appear to be on the corporate LAN.
  • Common protocols: IPsec, OpenVPN, WireGuard, SSL VPN.
  • Site-to-site VPNs connect two networks. Client VPNs connect individual remote users to the corporate network.

Common gotchas

  • A vs AAAA confusion. A is IPv4, AAAA is IPv6. Different families of address.
  • CNAME at the apex. Many DNS standards forbid CNAME at the apex of a domain (the bare example.com). Use A or AAAA at the apex; use CNAME for subdomains like www.example.com.
  • MX priority numbers. Lower numbers are preferred. MX 10 is tried before MX 20. Common surprise.
  • SPF strict alignment. SPF and DMARC interact. SPF needs to align with the From: domain for DMARC to pass. Misalignment causes legitimate mail to be rejected.
  • DKIM key length. Older 1024-bit DKIM keys are still common but 2048-bit is preferred for new deployments.
  • DHCP scope vs static addressing. Devices that need stable addresses (printers, servers) should either have DHCP reservations or be statically assigned within an excluded range, never just statically assigned inside the active scope (causes IP conflicts when DHCP hands the same address out).
  • VLAN tagging. A switch port can be untagged (access mode, belongs to one VLAN) or tagged (trunk mode, carries multiple VLANs). Confusing the two breaks VLAN propagation.
  • Split tunnel vs full tunnel VPN. Split tunnel only routes corporate traffic through the VPN. Full tunnel routes everything. Full tunnel is more secure; split tunnel is faster for general internet use. Pick deliberately.

Real-world context

For SMB networks Revtek manages:

  • DHCP scope is typically the router's default (192.168.1.x or similar). Reservations are added for printers, servers, and infrastructure.
  • DNS records are managed at the domain registrar or through Microsoft 365's domain settings.
  • Email security: SPF, DKIM, and DMARC should all be configured. DMARC starts at p=none for reporting, then moves to p=quarantine or p=reject once legitimate senders are accounted for.
  • VLANs are usually one corporate, one guest, one voice (if VoIP), one IoT. More if compliance or regulatory needs justify.
  • VPN: small business cloud VPN (NordLayer, Twingate, Tailscale, or built into the firewall) is the modern norm.

Common helpdesk calls:

  • "My email keeps going to spam." Check SPF, DKIM, DMARC first. Then check sender reputation.
  • "My printer's IP changed and now no one can print." DHCP gave the printer a new address. Set a reservation.
  • "I can't reach the internal network from home." VPN issue. Connectivity, credentials, profile, or split-tunnel routes.

Sources

  • [CompTIA A+ 220-1201 Exam Objectives Version 4.0, Section 2.4](../../../../../../30-RevyTechJourney/CompTIA%20A%2B%20220-1201%20Exam%20Objectives%20%284.0%29.pdf)
  • [Wikipedia: List of DNS record types](https://en.wikipedia.org/wiki/List_of_DNS_record_types)
  • [Wikipedia: Sender Policy Framework](https://en.wikipedia.org/wiki/Sender_Policy_Framework)
  • [Wikipedia: DomainKeys Identified Mail](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail)
  • [Wikipedia: DMARC](https://en.wikipedia.org/wiki/DMARC)
  • [Wikipedia: Dynamic Host Configuration Protocol](https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol)
  • [Wikipedia: Virtual LAN](https://en.wikipedia.org/wiki/Virtual_LAN)
  • [Wikipedia: Virtual private network](https://en.wikipedia.org/wiki/Virtual_private_network)
Previous · 2.3
Summarize services provided by networked hosts
Next · 2.5
Compare and contrast common networking hardware devices
Quiz this objectiveFlashcards