Network Security | CompTIA Network+ Study Guide

🔐 CIA Triad

Confidentiality: Ensures only authorized users can access sensitive information using techniques like encryption and access controls.
Integrity: Guarantees data has not been altered or tampered with, validated through hashing and digital signatures.
Availability: Ensures systems and data are accessible when needed, maintained with failovers, backups, and DDoS protections.

DoS: Disrupts services by overwhelming network or system resources.
MITM: Intercepts and manipulates communications between two parties. Learn more about MITM attacks between two parties.
Spoofing: Pretends to be another device or identity. Learn more about Spoofing to gain unauthorized access.
Social Engineering: Exploits human psychology to learn more about Social Engineering trick users into giving up information.
Malware: Software designed to harm, exploit, or otherwise compromise devices or data.

VPN: Encrypts traffic over the internet to secure remote communications.
RDP: Provides graphical access to remote computers; must be restricted and encrypted.
Authentication: Secure login methods such as MFA reduce the risk of credential-based attacks.

Badge Readers: Grant access based on identity cards or tokens.
Locks and Cabinets: Prevent physical tampering or theft of hardware.
Surveillance: Monitor and record activities for accountability and deterrence.
Visitor Policies: Log and restrict access for guests to sensitive areas.