4.1 Explain the importance of basic network security concepts
Common Security Terminology
📘CompTIA Network+ (N10-009)
1. What is a Threat?
In network security, a threat is anything that has the potential to harm a network, system, or data.
- A threat is not necessarily harmful yet—it’s something that could exploit a weakness (vulnerability) in the system.
- If a threat actually exploits a vulnerability and causes damage, it becomes an incident.
Think of it as a possible danger to IT systems.
Example in IT:
- Malware like ransomware sitting on the internet is a threat until it infects a system.
- An unpatched server has a vulnerability; if a hacker targets it, that hacker is a threat.
2. Types of Threats
Threats can come from different sources. In IT and network security, the common types include:
- Malware – Software designed to damage or gain unauthorized access to a system.
- Examples: viruses, worms, ransomware, trojans, spyware.
- Threat example: A trojan downloaded by a user could steal passwords.
- Phishing Attacks – Threats via deceptive emails or messages to trick users into revealing sensitive information.
- Example: Email claiming to be from IT asking for login credentials.
- Insider Threats – Threats from employees or authorized users.
- Example: A disgruntled employee stealing confidential data.
- External Threats – Threats from outside the organization.
- Examples: Hackers exploiting unpatched systems, DDoS attacks, network intrusions.
- Social Engineering – Manipulating people into giving confidential information.
- Example: Pretending to be a network admin and asking for a password.
- Physical Threats – Threats to the physical devices that store or transmit data.
- Examples: Theft of laptops, fire in a server room, flooding that damages hardware.
3. Characteristics of Threats
- Intentional or Accidental:
- Threats can be deliberate (hacker attacks) or accidental (user mistakes, misconfigurations).
- Internal or External:
- Internal threats come from people inside the organization.
- External threats come from hackers, malware, or natural events.
- Targeted or Opportunistic:
- Targeted threats aim at a specific system or data.
- Opportunistic threats exploit any system that is weak or vulnerable.
4. Threat vs Vulnerability vs Risk
Many students get confused between these terms. Here’s a simple explanation:
| Term | Meaning | Example |
|---|---|---|
| Threat | A potential danger that could exploit a system | Hacker attempting to access a server |
| Vulnerability | A weakness in a system that could be exploited | Outdated software with a known bug |
| Risk | The likelihood that a threat will exploit a vulnerability | High risk if a hacker targets a server with outdated software |
Key point for the exam:
- A threat is the “who or what” that can cause harm.
- A vulnerability is the “weak spot” they can exploit.
- Risk is the probability that damage will happen.
5. Why Understanding Threats is Important
- Helps prioritize security measures.
- Helps in risk assessment and mitigation.
- Improves incident response planning.
- Helps protect sensitive data, maintain system availability, and prevent downtime.
Exam Tip: CompTIA often asks you to identify types of threats or choose mitigation strategies for threats.
6. Threat Examples in an IT Environment
- Malware infecting a server → threat could lead to data loss.
- Employee using weak passwords → threat of unauthorized access.
- Hacker exploiting open ports → threat to network security.
- Phishing email → threat to credentials or personal data.
7. Key Points to Remember for the Exam
DDoS attacks
Threat = potential danger to a network or system.
Threats can be internal/external, intentional/accidental, targeted/opportunistic.
Always consider threat + vulnerability = risk.
Types of threats you should know:
Malware (virus, ransomware, spyware, trojan, worm)
Phishing
Insider threats
Social engineering
Physical threats
