Comptia Network+ (Part 2)

April 16, 2025

Network Security & Troubleshooting

Welcome to Part 2 of the CompTIA Network+ course This blog post covers two major topics of the Network+ course: Network Security and Network Troubleshooting. –

Network Security

Common Threats and Vulnerabilities

• DoS/DDoS: Attacks that flood a network or system to make it unavailable.
• Phishing: Tricking users into revealing sensitive information via fake communication.
• Malware: Malicious software like viruses, worms, or ransomware that can harm systems.
• Man-in-the-middle (MITM): Intercepting communication between two parties to steal or manipulate data.

Security Devices and Technologies

• Firewalls: Monitor and filter incoming/outgoing traffic based on security rules.
• NAC (Network Access Control): A cybersecurity approach that restricts access to a network by ensuring only authorized and compliant devices and users are allowed to connect.
• IDS/IPS: Detects (IDS) or blocks (IPS) malicious traffic in real time.
• SIEM: Aggregates and analyzes security data from across the network for monitoring and alerting.

Authentication and Access Control

• AAA: A framework for managing user access: Authentication, Authorization, and Accounting.
• RADIUS: A protocol for centralized user authentication and accounting.
• TACACS+: Similar to RADIUS, but separates authentication, authorization, and accounting.
• Multifactor Authentication (MFA): Adds extra layers of security using more than one form of identity verification.

Wireless Security

• WPA2/WPA3: Security protocols for wireless networks, WPA3 being the more secure and modern.
• TKIP: An older encryption protocol, now mostly replaced due to vulnerabilities.
• AES: A strong encryption standard used in WPA2/WPA3 for securing data.

Network Segmentation and Isolation

• VLANs: Logically separate networks to reduce broadcast traffic and increase security.
• Air Gaps: Physically isolated networks with no external connections for maximum security.
• DMZ (Demilitarized Zone): A subnetwork that hosts external-facing services, isolated from the internal network.

---

Network Troubleshooting

Troubleshooting Methodology

1. Identify the problem
2. Establish a theory
3. Test the theory
4. Establish a plan
5. Verify functionality
6. Document findings

Common Tools

• ping: Tests connectivity between devices.
• traceroute: Shows the path packets take to reach a destination.
• ipconfig/ifconfig: Displays IP configuration on Windows/Linux systems.
• nslookup: Queries DNS to resolve domain names.
• netstat: Displays active connections and listening ports.

Common Issues

• IP conflicts: When two devices on the same network have the same IP address.
• DNS issues: Problems resolving domain names due to misconfigured or unavailable DNS servers.
• Cabling problems: Faulty or disconnected cables can cause intermittent or total network failure.

---

Author: Bilal Qazi

• Updated: April 16, 2025*
  For more, visit my GitHub