Introduction

The COMPTIA Network+ certification can help launch your career to the next level and is a strong professional asset to have on your side. To earn this certification, you have to pass the Network+ certification exam. This exam covers five different Domains of knowledge that certification candidates will need to master.

This article will detail Domain 4.0 — Network Security, complete with its different objectives and what you will need to cover. Please note that this article should not serve as your sole means of preparing for the Network+ certification exam, but rather as a general review or an outline foundation.

Network Security Outline

The following subtopics can be expected to be tested in the Network Security section of the Network+ exam:

  • 4.1 Physical security devices and their purposes
  • 4.2 Authentication and access controls
  • 4.3 Securing basic wireless networks — scenario-based
  • 4.4 Common networking attacks
  • 4.5 Implement network device hardening — scenario-based
  • 4.6 Common mitigation techniques

Physical Security Devices and Their Purposes

Physical security is a taken-for-granted network security measure. It would not make sense to invest time and money into network security if important network devices are left unlocked for anyone to steal or modify. This subtopic will examine the essential physical security of security devices and their purposes.

Detection

The first layer of physical security this Domain will examine is detection. There are several different technologies that can detect physical intrusion and comprise:

  • Motion detection
  • Video surveillance
  • Asset tracking tags
  • Tamper detection

Prevention

Physical detection is not the only safeguard you should take for your network. “An ounce of prevention is worth a pound of cure” applies to this situation, because sometimes all it takes is proper prevention to stop an intruder — which is more than millions invested into security after the fact would provide. Prevention methods include:

  • Badges
  • Biometrics
  • Smart cards
  • Locks
  • Key fobs

Authentication and Access Controls

This section is dedicated to commonly-used authentication and access controls in networks today. You will be responsible for the different factors used to authenticate users and to provide multifactor authentication. Exam candidates will also be responsible for the different network ACSs that restrict user access.

Authorization, Authentication and Accounting

Authorization, Authentication and Accounting, or AAA, are the basics of the administration of user access to network resources. This system of access can be represented by the analogy of a bank transaction where a customer withdraws their money.

  • RADIUS
  • Kerberos
  • TACACS+
  • Single sign-on
  • Local authentication
  • LDAP
  • Auditing and logging
  • Certificates

Multifactor Authentication

  • Something you know
  • Something you are
  • Something you have
  • Somewhere you are
  • Something you do

Access Control

  • 802.1x
  • Port security
  • NAC
  • MAC filtering
  • Access control lists
  • Captive portal

Securing Basic Wireless Networks — Scenario-Based

Radio frequency is the engine by which 802.11 extends an organization’s LAN to the outside world. Internal and external networks are normally secured with a firewall, but wireless needs to also be protected. The two most important aspects of wireless security are encryption and authentication/authorization. You will be responsible for the scenarios detailed below:

WPA

  • MICs
  • TKIPs
  • Exploitable

WPA2

  • Replaced WPA in 2006
  • May be exploitable if WPS is enabled

Authentication and Authorization

  • EAP
    • PEAP
    • EAP-FAST
    • EAP-TLS
  • Shared or open
  • MAC filtering
  • Preshared key

Other Basic Wireless Network Technologies

  • TKIP-RC4
  • CCMP-AES
  • Geofencing

Common Networking Attacks

Network intrusions are most commonly carried out by attacks. Attackers can be anywhere in the world and focus on service disruption, theft of service, data theft and possibly monetary theft. These different attacks all hurt the organization’s network, reputation and finances.

DoS

  • Reflective
  • Distributed
  • Amplified

Other Common Networking Attacks Covered Include:

  • Insider threat
  • Logic bomb
  • Social engineering
  • Rogue access point
  • Evil twin
  • Phishing
  • Wardriving
  • Ransomware
  • DNS poisoning
  • ARP poisoning
  • Deauthentication
  • Spoofing
  • Brute force
  • VLAN hopping
  • Man-in-the-middle
  • Vulnerabilities versus exploits

Implement Network Device Hardening — Scenario-Based

The problem with installing devices or operating systems in your network is that the default security configurations are lacking at best. This section is dedicated to common changes to configuration you can implement to harden network device and operating system security. These changes include:

  • Changing default credentials
  • Upgrading firmware
  • Avoiding common passwords
  • Patching and updates
  • File hashing
  • Disabling unnecessary services
  • Generating new keys
  • Using secure protocols
  • Disabling unused ports
    • IP ports
    • Device ports — both physical and virtual

Common Mitigation Techniques

There are many different threats that networks can succumb to. The good thing is that many threats can be mitigated using certain techniques. This section will detail common mitigation techniques and their purposes.

Switch Port Protection

  • Spanning tree
  • Flood guard
  • BPDU guard
  • DHCP snooping
  • Root guard

Network Segmentation

  • DMZ
  • VLAN

Other Common Mitigation Techniques Covered Include:

  • Signature management
  • Device hardening
  • Privileged user account
  • Change native VLAN
  • Role separation
  • File integrity monitoring
  • Restricting access via Access Control Lists (ACL)
  • Honeypots and honeynets
  • Penetration testing

Conclusion

The CompTIA Network+ exam covers five domains of knowledge, and among these domains is network security. This domain is of interest because it is a sort of nexus between the Network+ and Security+ exams (although it will only count towards Network+).

Network+ can be a difficult exam for some. Use this article as a guide and you will have a better chance at passing this exam and bolstering your career marketability.

 

Sources

  1. CompTIA Network+ Certification Exam Objectives, CompTIA
  2. Buhagiar, Jon. “CompTIA Network+ Review Guide: Exam N10-007,” Sybex, 2018
  3. Weissman, Jonathan S., Meyers, Mike. “Mike Meyers’ CompTIA Network+ Certification Passport, Sixth Edition (Exam N10-007) (Mike Meyers’ Certification Passport),” McGraw-Hill Education, 2018

Be Safe

Section Guide

Greg
Belding

View more articles from Greg

Earn your Network+ the first time with Infosec and pass your exam, GUARANTEED!

Section Guide

Greg
Belding

View more articles from Greg
[Free]
[Free]