Networking and Systems

CompTIA Network+ (current version N10-009) is a vendor-neutral certification validating the knowledge needed to design, configure, manage, and troubleshoot wired and wireless network infrastructure. Its domains cover networking concepts, addressing and subnetting, routing and switching, network services (DNS, DHCP, NTP), network security, and troubleshooting methodology. Network+ is the most widely held intermediate networking certification globally, with over 400,000 certified professionals. It is recommended for IT support professionals moving into networking roles and for cyber security learners who need to formalise networking knowledge before pursuing CompTIA Security+. Most hiring managers treat Network+ as reliable evidence of solid networking fundamentals in entry-level and mid-level technical roles.

A hub is a Layer 1 device that broadcasts all incoming traffic to every connected port simultaneously, creating collision domains and making it highly inefficient. Hubs are obsolete in modern network design. A switch operates at Layer 2, maintaining a MAC address table and forwarding Ethernet frames only to the port associated with the destination address, dramatically improving efficiency and reducing unnecessary traffic. A router operates at Layer 3, connecting separate networks and forwarding packets based on IP addresses and routing tables. In consumer and small business equipment these functions are often combined in a single device. In enterprise environments they are implemented as separate, managed hardware. This distinction is foundational knowledge tested in both CompTIA Network+ and cyber security role interviews.

Networking knowledge is foundational to cyber security for multiple concrete reasons. Security incidents propagate over networks, and understanding traffic flows helps analysts trace intrusion paths and contain threats. Firewalls, IDS/IPS, and SIEM tools all operate on network data, so configuring and interpreting them requires solid protocol and addressing knowledge. Penetration testers rely on network scanning (Nmap) and packet analysis (Wireshark) throughout every engagement. Many of the attack techniques covered in CEH and OSCP curricula exploit networking protocols: ARP spoofing, DNS poisoning, and man-in-the-middle attacks are network-layer attacks by definition. CompTIA recommends Network+ as prerequisite knowledge before Security+, and most cyber security hiring managers expect candidates to be comfortable with subnetting, TCP/IP, and common network services.

Active Directory (AD) is Microsoft's directory service for managing users, computers, groups, and policies in Windows-based enterprise environments. It is the identity backbone of the majority of UK organisations with more than a few dozen employees. AD uses a hierarchical domain structure to organise resources and enforce Group Policy settings across all domain-joined devices. From a security perspective, AD is one of the most frequently targeted components in enterprise attacks because compromising a domain administrator account or a domain controller grants effective control over all domain-joined systems. Well-documented attack techniques including Pass-the-Hash, Kerberoasting, and DCSync are specifically designed to exploit AD authentication. Both Windows administrators and cyber security professionals need a thorough understanding of AD architecture and its associated attack surface.

Traditional network security operated on a perimeter model: everything inside the corporate network was trusted, everything outside was not. The proliferation of remote working, cloud services, mobile devices, and third-party access has made this boundary concept unworkable. Zero Trust is a security model that assumes no user, device, or system should be implicitly trusted regardless of its location, whether inside or outside a conventional network perimeter. Every access request must be authenticated, authorised based on verified identity and device posture, and continuously monitored. NIST published the formal Zero Trust Architecture standard (NIST SP 800-207) in 2020, and the NCSC recommends Zero Trust principles for organisations modernising their network security approach. Knowledge of Zero Trust architecture is increasingly expected in senior security engineering and architecture roles.

The Cisco CCNA is Cisco's entry-level networking certification and is more technically demanding than CompTIA Network+. CCNA includes hands-on configuration of Cisco IOS devices and validates knowledge of OSPF and EIGRP routing, VLAN and spanning tree configuration, WAN technologies, and network security fundamentals. It is the standard entry credential for dedicated network engineer roles in organisations using Cisco infrastructure, which covers a majority of UK enterprise and service-provider networks. Network+ provides a vendor-neutral foundation and is a reasonable preparatory step before CCNA, though many candidates go directly to CCNA. Both certifications are valued by UK employers, with CCNA carrying more weight for specialist networking roles and Network+ more broadly applicable across mixed-technology environments.

CompTIA Security+ covers networking topics including wireless security (WPA3, 802.1X, RADIUS), VPN types (IPsec, SSL/TLS), network segmentation and DMZ architecture, DNS security including DNSSEC, common network protocol attacks (spoofing, session hijacking, man-in-the-middle), and firewall and IDS/IPS concepts and placement. The CEH covers more offensive networking content: network scanning with Nmap, packet capture and analysis with Wireshark, session hijacking techniques, denial-of-service attack types and mitigations, and methods for evading IDS/IPS detection. Both examinations expect solid understanding of the TCP/IP protocol suite, OSI model, and common network service protocols. Completing Network+ before either certification is strongly recommended for learners without existing networking experience.

Both the Computing Online Degree Pathway (ODP 7713, ATHE Level 4 Extended Diploma) and the Cyber Security Online Degree Pathway (ODP 7733, Qualifi Level 5 Extended Diploma) include networking content as part of their core curricula. The computing pathway covers networking fundamentals within its systems and infrastructure modules, providing the foundation needed for software engineering and systems development contexts. The cyber security pathway addresses network security architecture, secure network design, and defensive network controls in depth, aligning with the content expected in university-level cyber security degree programmes. Learners who have studied networking fundamentals before or alongside these pathways will be better prepared for programme content and for subsequent technical interviews when progressing to employment or university study.