SecurityNetwork+

Network Security Concepts for CompTIA Network+ N10-009

Security concepts underpin the entire Network Security domain of CompTIA Network+ N10-009 (20% of the exam). You must understand the CIA triad, threat categories, attack surfaces, security controls, and defense-in-depth. These foundational concepts provide the framework for all specific security topics — VPNs, firewalls, IDS/IPS, wireless security, and authentication all derive from these core principles.

9 min

3 sections · 7 exam key points

1 practice questions

CIA Triad

The CIA triad defines the three core security objectives: Confidentiality — ensuring data is accessible only to authorized parties. Encryption, access controls, and authentication protect confidentiality. Integrity — ensuring data is accurate and unmodified. Hashing, digital signatures, and checksums verify integrity. Availability — ensuring systems and data are accessible when needed. Redundancy, backups, and DDoS protection support availability.

AAA (Authentication, Authorization, Accounting): Authentication — verifying identity ('who are you?'). Authorization — determining what the authenticated identity can access ('what can you do?'). Accounting — recording what was done ('what did you do?'). RADIUS and TACACS+ implement AAA for network access. Accounting provides the audit trail for compliance.

Threat Categories and Concepts

Vulnerabilities are weaknesses that can be exploited. Threats are potential dangers that could exploit vulnerabilities. Risk = likelihood × impact. Controls reduce risk by reducing likelihood (preventive) or impact (responsive).

Threat actors: Script kiddies (low skill, uses existing tools), hacktivists (politically motivated), cybercriminals (financial gain), nation-states (most sophisticated, often APT — Advanced Persistent Threat), insider threats (employees with legitimate access misusing it).

Attack surface: the total area of the system exposed to potential attackers — every open port, service, user account, physical access point, and connected device. Reducing attack surface (attack surface reduction) is a fundamental security principle: disable unused services, close unused ports, remove unnecessary user accounts, minimize software installed.

Defense in depth: multiple overlapping security controls so that failure of one control is compensated by others. If a firewall is bypassed, IDS can still detect. If IDS misses, endpoint AV can catch. No single security control is perfect — layered security provides resilience.

Security Control Types

By purpose: Preventive (stop attacks before they succeed — firewall, encryption, access controls). Detective (identify attacks occurring — IDS, logging, monitoring). Corrective (recover from attacks — incident response, backups). Deterrent (discourage attacks — warning banners, visible cameras). Compensating (alternative control when primary is unavailable). Directive (policies and procedures).

By category: Technical/logical (software and hardware — firewalls, encryption, ACLs). Administrative (policies, procedures, training). Physical (locks, cameras, badge access, guards). Defense in depth uses all three categories at multiple layers.

Key exam facts — Network+

CIA triad: Confidentiality, Integrity, Availability
AAA: Authentication (who), Authorization (what access), Accounting (audit trail)
Least privilege: users/systems should have only the minimum access needed
Defense in depth: multiple layered controls — no single point of security failure
Attack surface reduction: disable unused services, close unused ports
Preventive controls stop attacks; detective controls identify attacks; corrective controls recover
Threat actors: script kiddies, hacktivists, cybercriminals, nation-states, insiders

Common exam traps

A firewall alone provides sufficient network security

A firewall is one layer of defense. Defense in depth requires multiple controls: firewall, IDS/IPS, endpoint protection, encryption, authentication, monitoring, and policies. Attackers specifically target environments with single-layer security

Security and availability are always in conflict

While some security controls can reduce convenience, good security design maintains availability. Encryption, authentication, and monitoring do not inherently reduce availability. Over-restrictive controls cause availability problems, not security itself

Practice questions — Security Concepts

These questions are representative of what you will see on Network+ exams. The correct answer and explanation are shown immediately below each question.

Q1.A company implements firewalls, IDS, endpoint antivirus, encryption, and user security training as overlapping security controls. Which security principle does this represent?

A.Least privilege

B.Defense in depth

C.Zero trust

D.Separation of duties

Explanation: Defense in depth implements multiple overlapping security controls so that the failure of any single control doesn't compromise the entire security posture. If a firewall is bypassed, IDS detects the intrusion; if IDS misses, antivirus may catch malware. Each layer compensates for others' weaknesses.

Frequently asked questions — Security Concepts

What is the principle of least privilege?

Least privilege means granting users, systems, and processes only the minimum access rights necessary to perform their specific functions — nothing more. A web server account should not have admin rights; a receptionist should not have access to financial systems. Least privilege limits the damage from compromised accounts and reduces insider threat risk.

Practice this topic

Network+practice questions

Test yourself on Security Concepts

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice test Start 7-Day Free Trial

No credit card · Cancel anytime