This is the second and final part of my CompTIA Security+ blog series.
In this post, I shared cybersecurity incidents, understand security tools, and manage risk and compliance in an organization.

1. Incident Response Steps

When a security incident happens (like a data breach), we follow these steps to handle it:

• Preparation:
  Make a response plan before anything bad happens. Train your team and set up tools.

• Identification:
  Detect and confirm that an incident has occurred (using alerts, logs, etc.).

• Containment:
  Stop the threat from spreading — like isolating infected systems.

• Eradication:
  Remove the root cause of the attack (delete malware, patch vulnerabilities).

• Recovery:
  Restore systems and services back to normal and monitor them.

2. Digital Forensics Basics

Digital forensics helps us investigate cybercrimes by collecting and analyzing digital evidence.

• Main Steps: Collect → Examine → Analyze → Report
• Always follow the chain of custody to protect evidence.

3. SIEM (Security Information and Event Management)

SIEM tools collect and analyze logs from across your network to detect threats in real time.

• Examples: Splunk, ELK Stack, QRadar
• Helps in quick alerting and responding to incidents.

4. MITRE ATT&CK Framework

MITRE ATT&CK is a public knowledge base of how attackers behave.

• Helps defenders understand, detect, and stop threats.
• Includes tactics like initial access, privilege escalation, and exfiltration.

5. Risk Management

Risk management means identifying, assessing, and reducing risks in an organization.

• Risk Types: Cyber, physical, legal, etc.
• Responses: Accept, reduce, avoid, or transfer (like using insurance).

Governance, Risk, and Compliance (GRC)

🧾 6. Policies, Procedures, and Frameworks

Formal rules and structures for managing IT security.

• ISO 27001: Global security standard.
• NIST: U.S. cybersecurity guidelines.
• COBIT: Enterprise IT governance model.

7. Regulations and Laws

These are legal requirements for organizations:

• GDPR (EU): Protects European users’ data.
• HIPAA (US): Secures health-related information.
• PCI-DSS: Applies to credit card handling companies.

8. Risk Types and Responses

• Risks can be internal (like human error) or external (like hackers).
• Use security policies, tools, or insurance to handle them.

9. Security Awareness Training

• Employees are the first line of defense.
• Training teaches them to spot phishing, use strong passwords, and follow company policy.

Summary

In this part, we learned how companies detect and respond to cyber threats, manage risk, and follow compliance rules. This is a key skillset for any cybersecurity role.

If you missed Part 1, check it out here 🔗.

Thanks for reading! ~ Bilal Qazi

Threats, Attacks, and Vulnerabilities | Architecture and Design | Implementation

Welcome to Part 1 of the CompTIA Security+. This blog post explains important topics for cybersecurity!

Threats, Attacks, and Vulnerabilities

Malware types
Viruses, worms, ransomware, and spyware that damage or steal from systems.

Phishing
Tricking users with fake emails or messages to get personal information.

Social engineering
Using human tricks (not tech) to get access to systems or data.

DoS/DDoS attacks
Flooding a network or website to make it crash or slow down.

Threat actors
People or groups who attack, like hackers or insider threats.

Threat vectors
Ways attackers use to reach and attack systems, like emails or USBs.

Penetration testing
Ethical hacking to find weak points in a system before real hackers do.

Vulnerability scanning
Using tools to detect known security issues in systems.

Architecture and Design

Secure network architecture
Planning networks in a safe way to reduce attack risk.

Cloud and virtualization security
Protecting data and systems running in the cloud or virtual environments.

Secure system design
Building systems with security features from the start.

Zero trust
Never trust anything by default — always verify first.

Defense in depth
Using many layers of security to protect a system.

Segmentation
Breaking a network into parts to stop threats from spreading.

Implementation

Secure protocols
Using safe communication methods like:

• HTTPS: Secure version of HTTP, protects data between your browser and the website.
• SSH: Secure protocol for remotely accessing and managing devices safely over a network.
• SFTP: Secure method of transferring files between computers over a network.

Wireless security
Protecting Wi-Fi using strong methods like WPA3 and enterprise mode.

Authentication and authorization
Checking who you are (auth) and what you can access (authz) with tools like MFA, RADIUS, LDAP.

Public Key Infrastructure (PKI)
A system that uses digital certificates to secure data and identity.

Network and host security
Using firewalls, IDS/IPS, and antivirus to protect devices and networks.

Stay connected for Part 2 of CompTIA Security+.

Network Security & Troubleshooting

Welcome to Part 2 of the CompTIA Network+ course This blog post covers two major topics of the Network+ course: Network Security and Network Troubleshooting. –

Network Security

Common Threats and Vulnerabilities

• DoS/DDoS: Attacks that flood a network or system to make it unavailable.
• Phishing: Tricking users into revealing sensitive information via fake communication.
• Malware: Malicious software like viruses, worms, or ransomware that can harm systems.
• Man-in-the-middle (MITM): Intercepting communication between two parties to steal or manipulate data.

Security Devices and Technologies

• Firewalls: Monitor and filter incoming/outgoing traffic based on security rules.
• NAC (Network Access Control): A cybersecurity approach that restricts access to a network by ensuring only authorized and compliant devices and users are allowed to connect.
• IDS/IPS: Detects (IDS) or blocks (IPS) malicious traffic in real time.
• SIEM: Aggregates and analyzes security data from across the network for monitoring and alerting.

Authentication and Access Control

• AAA: A framework for managing user access: Authentication, Authorization, and Accounting.
• RADIUS: A protocol for centralized user authentication and accounting.
• TACACS+: Similar to RADIUS, but separates authentication, authorization, and accounting.
• Multifactor Authentication (MFA): Adds extra layers of security using more than one form of identity verification.

Wireless Security

• WPA2/WPA3: Security protocols for wireless networks, WPA3 being the more secure and modern.
• TKIP: An older encryption protocol, now mostly replaced due to vulnerabilities.
• AES: A strong encryption standard used in WPA2/WPA3 for securing data.

Network Segmentation and Isolation

• VLANs: Logically separate networks to reduce broadcast traffic and increase security.
• Air Gaps: Physically isolated networks with no external connections for maximum security.
• DMZ (Demilitarized Zone): A subnetwork that hosts external-facing services, isolated from the internal network.

Network Troubleshooting

Troubleshooting Methodology

1. Identify the problem
2. Establish a theory
3. Test the theory
4. Establish a plan
5. Verify functionality
6. Document findings

Common Tools

• ping: Tests connectivity between devices.
• traceroute: Shows the path packets take to reach a destination.
• ipconfig/ifconfig: Displays IP configuration on Windows/Linux systems.
• nslookup: Queries DNS to resolve domain names.
• netstat: Displays active connections and listening ports.

Common Issues

• IP conflicts: When two devices on the same network have the same IP address.
• DNS issues: Problems resolving domain names due to misconfigured or unavailable DNS servers.
• Cabling problems: Faulty or disconnected cables can cause intermittent or total network failure.

Author: Bilal Qazi

• Updated: April 16, 2025*
  For more, visit my GitHub

Easy Guide to Networking Basics *This is the first blog of the CompTIA Network+ Course, which is a beginner-level certification for entering the field of Cybersecurity.

Networking Fundamentals

Networking basics:
Understanding how computers connect and talk to each other in a network.

IP & MAC addresses:
IP addresses (IPv4/IPv6) are digital addresses for devices. MAC addresses are physical hardware IDs for each device.

Subnetting:
Breaking large networks into smaller sections for better performance and management.

OSI & TCP/IP models:
These are layered models that describe how data travels from one device to another.

OSI Model – Detailed Explanation

The OSI (Open Systems Interconnection) model explains how data moves in 7 layers. Each layer has a specific job.

1. Physical Layer:
   Deals with physical connections like cables and signals. Sends raw bits (0s and 1s).
   Example: Ethernet cables, fiber optics, hubs

2. Data Link Layer:
   Sends data between devices on the same network using MAC addresses.
   Example: Switches, MAC address, Ethernet

3. Network Layer:
   Finds the best route for data using IP addresses.
   Example: Routers, IPv4, IPv6

4. Transport Layer:
   Breaks data into smaller pieces and ensures it arrives correctly.
   Example: TCP, UDP

5. Session Layer:
   Starts and manages communication between devices.
   Example: Login sessions, video/audio calls

6. Presentation Layer:
   Formats, compresses, and encrypts data.
   Example: JPEG, MP4, SSL/TLS

7. Application Layer:
   The layer you interact with through apps like browsers or email.
   Example: HTTP, FTP, DNS, Gmail, Chrom

TCP/IP Model

A simpler, 4-layer model used in real-world internet communication.

1. Application Layer – Similar to OSI’s top 3 layers
2. Transport Layer – Same as OSI
3. Internet Layer – Like OSI’s Network Layer
4. Network Access Layer – Combines OSI’s Data Link and Physical layers

Protocols:
Standard rules like DNS (website lookup), DHCP (auto IPs), HTTP/S (web browsing), FTP (file transfer), SNMP (monitoring).

Ports:
Special “gates” for communication. Examples:

• Port 80 = HTTP (web)
• Port 443 = HTTPS (secure web)
• Port 21 = FTP (file transfer)
• Port 22 = SSH (secure terminal)

Wireless tech:
Wi-Fi standards (802.11a/b/g/n/ac/ax), Bluetooth (short range), NFC (tap to pay), RFID (tags/scanning).

Cables:

• Cat5e, Cat6: Common Ethernet cables.
• Fiber Optic: Very fast and long-distance.
• Plenum vs. PVC: Fire-safe vs. normal plastic cable jackets.

Network Topologies – (Network Layout Designs)

Topologies describe how computers are arranged in a network. Different types suit different needs.

• Star Topology:
  All devices connect to a central switch. Easy to manage, but if the switch fails, everything stops.

• Bus Topology:
  All devices share one main cable. Cheap, but if cable fails, the whole network breaks.

• Ring Topology:
  Devices are connected in a loop. Data passes from one to the next. One failure can affect the whole ring.

• Mesh Topology:
  Every device connects to every other. Very reliable but expensive.

• Hybrid Topology:
  Mix of two or more topologies, used in large networks.

Tech (Virtualization, Cloud, Storage)

Virtualization:
Running multiple virtual computers (VMs) on one physical machine. Saves space and resources.

Cloud Storage:
Store files online (like Google Drive or Dropbox), accessible from anywhere.

SAN (Storage Area Network):
A high-speed storage network used by servers for fast access to data.

NAS (Network Attached Storage):
Like a mini file server — allows file sharing over a local network.

Network Implementations

Network devices:

• Router: Sends data between networks
• Switch: Connects devices within a network
• Firewall: Blocks unwanted traffic
• Access Point: Gives Wi-Fi access
• Modem: Connects to internet service provider (ISP)

Routing:

• Static Routing: Manually set paths
• Dynamic Routing: Auto path selection using protocols

Switching:

• VLANs: Virtual LANs divide traffic
• Trunking: Allows VLANs to travel across switches
• Port Mirroring: For traffic monitoring and analysis

Wireless setup:
SSID = Wi-Fi name
WPA2/WPA3 = Security
Channels = Control signal interference

WAN tech:

• MPLS: Fast private networks
• Metro Ethernet: High-speed city-wide network
• DSL/Cable/Satellite: Home internet types

Network services:

• Load Balancer: Spreads traffic across servers
• Proxy Server: Filters and caches web traffic
• VPN Concentrator: Manages secure remote connections

**Stay tuned for Part 2 of CompTIA Network+ **

My CompTIA A+ Journey – Final Blog Post! Today, I’ve shared various concepts from my CompTIA A+ course. It’s been an incredible learning journey, and this will be my final post where I’ll summarize what I’ve learned.

Here are the key topics I covered in my course: excerpt_separator:

Networking Concepts

Network Types: LAN (Local Area Network), WAN (Wide Area Network), MAN (Metropolitan Area Network), and PAN (Personal Area Network).

Protocols and Types: Key networking protocols like HTTP, HTTPS, FTP, SMTP, DNS, and DHCP.

Network Ports: Common ports like Port 80 (HTTP), Port 443 (HTTPS), Port 21 (FTP), etc.

SOHO Network: Small Office/Home Office networks that connect devices via routers and modems.

Network Hardware

Understanding the hardware that powers networks is essential. Here’s a breakdown:

Router: Connects local networks to the internet and assigns IP addresses.

Switch: Connects multiple devices in a LAN and helps manage traffic.

Hub: Basic network device that sends data to all devices.

Bridge: Used to connect different network segments.

Access Point: Allows wireless devices to connect to a network.

Data Synchronization

Data Synchronization ensures data is consistent across multiple devices. It’s essential for cloud computing and file-sharing systems.

Virtualization & Cloud Computing

SaaS, PaaS, IaaS: The different types of cloud services:

SaaS (Software as a Service) like Google Docs

PaaS (Platform as a Service) for developers like Heroku

IaaS (Infrastructure as a Service) like AWS, which offers virtual machines and storage

Operating System Basics

Command Line Tools: Essential for troubleshooting and administrative tasks.

Operating System Types & Features: Differences between Windows, macOS, and Linux, and their key features.

Control Panel & Settings: How to navigate and customize system settings.

System Utilities: Tools to optimize, clean, and manage your computer (e.g., Disk Cleanup, Task Manager).

Networking in OS: How operating systems manage networking, IP configuration, and DNS.

Security Settings: Adjusting firewall settings and other security measures.

Security Essentials

Types of Threats:

Malware: Viruses, Trojans, Ransomware, and Spyware.

Phishing: Tricks used by cybercriminals to steal sensitive information.

User Authentication:

Two-Factor Authentication (2FA) for additional security.

Biometrics: Using fingerprints, facial recognition, or other biometric methods for secure login.

Securing Devices & Networks:

Firewall: Crucial for protecting a network from unauthorized access.

Software Troubleshooting

OS Errors: Fixing common operating system errors such as Blue Screen of Death (BSOD), slow performance, and startup issues.

Application Issues: Solving app crashes, missing DLL files, or compatibility problems.

Conclusion – CompTIA A+ Journey Complete!

Today marks the end of my CompTIA A+ course, and it’s been an incredible journey. From networking basics to security threats, hardware, and troubleshooting, I’ve learned so much! This blog post summarizes the core concepts I covered in my studies.

Thank you for following along as I shared my learning. The knowledge I’ve gained will be valuable in my career as I step into the IT world. The journey doesn’t end here — it’s only the beginning. Stay tuned for more tech insights!

Thanks for reading my CompTIA A+ journey. Looking forward to learning even more! 🚀

Basics of Hardware & Troubleshooting

Summary for Blog Introduction:

Welcome to my first blog post! I’m currently learning the CompTIA A+ course, and I’m excited to share what I’ve learned so far. This post includes key concepts about hardware components and troubleshooting techniques, which are the foundation for anyone starting their career in IT or computer support.

Key Topics & Points Covered:

1. Troubleshooting and Problem Identification

The first step in IT support is to understand and fix problems using a proper method.

• Identify the issue, ask the user questions, test possible causes, apply a solution, and then confirm the issue is fixed.

• Always document the problem and solution for future reference.

2. Storage Devices

Storage devices are used to save data permanently or temporarily.

• Types include HDD, SSD, NVMe, USB, CD/DVD.

• SSDs are faster than HDDs and more reliable for performance.

3. Processors and CPU

The CPU (Central Processing Unit) is the brain of the computer.

• It performs all calculations and instructions.

• Speed is measured in GHz, and multi-core CPUs improve performance.

4. Input and Output Devices

Devices that help users interact with the system.

• Input devices: Keyboard, Mouse, Scanner, Microphone

• Output devices: Monitor, Printer, Speakers

5. Adapter Cards

These are small circuit boards used to add extra functionality to a computer.

• Examples: Graphics Card (GPU), Network Card (NIC), Sound Card

• Installed on motherboard’s PCIe or other slots.

6. Understanding BIOS and CMOS

BIOS (Basic Input Output System) starts your computer and checks hardware.

• CMOS stores BIOS settings like date/time and boot order.

• BIOS setup can be accessed by pressing keys like F2, Del during boot.

7. Understanding the Motherboard

The motherboard connects all components of a computer together.

• It has slots and sockets for CPU, RAM, storage, adapter cards, and more.