CompTIA Network+

CompTIA Network+ domain #4: network security [2022 update]

February 10, 2022 by Greg Belding

One of the most recognizable IT and information security networking certifications is Network+. As time goes on, new versions of certification exams are released, and Network+ releases the latest exam version, N10-008, in September of 2021. Some of the material covered in this latest exam version has changed and changes to Domain names. If you are looking for a great starter to your Network+ exam outline for Domain 4.0, look no further.

What is Network+?

Network+ is an IT and information security networking certification offered by CompTIA. This certification validates the skills and knowledge required to securely establish, maintain, and troubleshoot essential organization networks. This is one of the most popular networking certs on the market, with 500,000 cert holders worldwide. 

What has changed since the last Network+ exam version?

There have been some changes since exam version N10-007 that you need to be aware of. Aside from Domain name changes and slight changes to exam material weights, there have been sub-objective changes, especially on the foundational networking tools and technologies used to create secure networks. Below is a comparison of N10-007 and N10-008 (and their respective weights of exam material covered):

Network+ N10-007 Domains Network+ N10-008 Domains
1. Networking Concepts (23%) 1. Networking Fundamentals (24%)
2. Infrastructure (18%) 2. Network Implementations (19%)
3. Network Operations (17%) 3. Network Operations (16%)
4. Network Security (20%) 4. Network Security (19%)
5. Network Troubleshooting and Tools (22%) 5. Network Troubleshooting (22%)

While the name of Domain 4.0 (Network Security) has not changed, the Domain has been streamlined to focus on the critical aspects of hardening networks against malicious attacks and the secure execution of network deployments to protect against unintended data breaches. The percentage of exam material that the new Domain 4.0 covers have dropped by 1%. While you probably wouldn’t notice this drop in exam content if you took the last Network+ exam, it may end up being one less question covered in the N10-008 version of this Domain’s exam material. Without further ado, let’s dive into the material covered by Domain 4.0.

Exam material covered by Domain 4.0: Network Security

4.1 Explain common security concepts

1. Confidentiality, integrity, availability (CIA)

2. Threats

  •       Internal
  •       External

3. Vulnerabilities

  •       Common vulnerabilities and exposures (CVE)
  •       Zero-day

4. Exploits

5. Least privilege

6. Role-based access

7. Zero Trust

8. Defense in depth

  • Network segmentation enforcement
  • Screened subnet [previously known as demilitarized zone (DMZ)]
  • Separation of duties
  • Network access control
  • Honeypot

9. Authentication methods

  • Multifactor
  • Terminal Access Controller Access Control System Plus (TACACS+)
  • Single sign-on (SSO)
  • Remote Authentication Dial-in User Service (RADIUS)
  • LDAP
  • Kerberos
  • Local authentication
  • 802.1X
  • Extensible Authentication Protocol (EAP)

10. Risk Management

  • Security risk assessments
    • Threat assessment
    • Vulnerability assessment
    • Penetration testing
    • Posture assessment
  • Business risk assessments
    • Process assessment
    • Vendor Assessment

11. Security information and event management (SIEM)

4.2 Compare and contrast common types of attacks

1. Technology-based attacks

  • Denial-of-service (DoS)/ distributed denial-of-service (DDoS)
    • Botnet/command and control
  • On-path attack (previously known as man-in-the-middle attack)
  • DNS poisoning
  • VLAN Hopping
  • ARP spoofing
  • Rogue DHCP
  • Rogue access point (AP)
  • Evil twin
  • Ransomware
  • Password attacks
    • Brute-force
    • Dictionary
  • MAC spoofing
  • IP spoofing
  • Deauthentication
  • Malware

2. Human and environmental

  • Social engineering
    • Phishing
    • Tailgating
    • Piggybacking
    • Shoulder surfing

4.3 Given a scenario, apply network hardening techniques

1. Best practices

  • Secure SNMP
  • Router advertisement (RA) Guard
  • Port security
  • Dynamic ARP inspection
  • Control plane policing
  • Private VLANs
  • Disable unneeded switchports
  • Disable unneeded network services
  • Change default passwords
  • Password complexity/length
  • Enable DHCP snooping
  • Change default VLAN
  • Patch and firmware management
  • Access control list
  • Role-based access
  • Firewall rules
    • Explicit deny
    • Implicit deny

2. Wireless security

  • Mac filtering
  • Antenna placement
  • Power levels
  • Wireless client isolation
  • Guest network isolation
  • Preshared keys (PSKs)
  • EAP
  • Geofencing
  • Captive portal

3. IoT access considerations

4.4 Compare and contrast remote access methods and security implications

1. Site-to-site VPN

2. Client-to-site VPN

  • Clientless VPN
  • Split tunnel vs. full tunnel

3. Remote desktop connection

4. Remote desktop gateway

5. SSH

6. Virtual network computing (VNC)

7. Virtual desktop

8. Authentication and authorization considerations

9. In-band vs. out-of-band management

4.5 Explain the importance of physical security

1. Detection methods

  • Camera
  • Motion detection
  • Asset tags
  • Tamper detection

2. Prevention methods

  • Employee training
  • Access control hardware
    • Badge readers
    • Biometrics
  • Locking racks
  • Locking cabinets
  • Access control vestibule (previously known as a mantrap)
  • Smart lockers

3. Asset disposal

  • Factory reset/wipe configuration
  • Sanitize devices for disposal

 

Network+ Doman 4

Network+ is one of the most recognizable Networking certifications on the market today. To earn this certification, you first have to pass the cert exam. The exam contains 5 Domains of knowledge, with Domain 4.0 covering Network Security. This article will prove to be a good start in building your exam preparation outline for Domain 4.0.

 

Sources:

Posted: February 10, 2022
Author
Greg Belding
View Profile

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.

Leave a Reply

Your email address will not be published.