Linux Networking and Security

Course Description

CET2660C Linux Networking and Security is a hands-on, combined lecture/lab course that introduces students to the configuration, administration, and security hardening of Linux-based systems in a networked environment. Students learn to install and manage Linux operating systems, configure essential network services, implement firewalls and access controls, and apply security best practices to defend Linux servers and workstations against threats. At Valencia College, this course is part of the Cybersecurity & Network Engineering Technology A.S. degree foundation, and similar offerings at other Florida colleges (e.g., Hillsborough's Linux Networking course and Seminole State's network security curriculum) emphasize hands-on lab skills aligned to industry security frameworks.

Learning Outcomes

Required Outcomes

Upon successful completion of this course, students will be able to:

• Install, configure, and update a Linux distribution (such as Red Hat/CentOS, Rocky Linux, or Ubuntu) for use as a networked server or workstation.
• Use the Linux command-line shell to perform file management, process management, and system administration tasks.
• Manage users, groups, and file system permissions, including standard, special, and ACL-based permissions.
• Configure TCP/IP networking on Linux, including IP addressing, routing, name resolution (DNS), and network troubleshooting tools.
• Install, configure, and secure common Linux network services such as SSH, DNS, DHCP, web (Apache/Nginx), and file sharing (NFS/Samba).
• Carry out procedures for installing, upgrading, securing, and optimizing operating systems and computer network equipment; identify the causes of networking problems using diagnostic testing software and equipment; and defend an enterprise-level network against cyber threats and attacks.
• Implement host-based firewalls (iptables/nftables/firewalld) and configure SELinux or AppArmor for mandatory access control.
• Apply Linux system hardening techniques, including patch management, service minimization, secure logging, and auditing.
• Use shell scripting (Bash) to automate routine system and security administration tasks.

Optional Outcomes

• Configure and secure a Linux-based VPN (e.g., OpenVPN or WireGuard).
• Deploy intrusion detection/prevention tools (e.g., Snort, Suricata, Fail2ban, AIDE, Tripwire).
• Implement centralized authentication using LDAP or Kerberos.
• Use configuration management/automation tools (e.g., Ansible) to enforce security baselines.
• Perform basic Linux forensics and incident response, including log analysis and integrity checking.
• Containerize and secure services using Docker or Podman.
• Prepare for industry certifications such as CompTIA Linux+, CompTIA Security+, Red Hat Certified System Administrator (RHCSA), or LPIC-1.

Major Topics

Required Topics

• Linux Fundamentals: History, distributions, installation, boot process, and the Linux file system hierarchy.
• Command-Line Operations: Shell basics, file/directory commands, redirection, pipes, text-processing utilities, and man pages.
• User and Group Administration: Account creation, password policies, sudo configuration, and PAM.
• File System Security: Permissions (rwx), SUID/SGID/sticky bit, umask, ACLs, and disk/partition management.
• Linux Networking: TCP/IP configuration, network interfaces, routing, DNS, and network diagnostic tools (ip, ss, ping, traceroute, netstat, tcpdump).
• Network Services: Configuring and securing SSH, DNS (BIND), DHCP, web servers, and file/print services (NFS, Samba).
• Firewalls and Access Control: iptables/nftables/firewalld rule sets, TCP wrappers, and host-based filtering.
• Mandatory Access Control: SELinux contexts, modes, and policy management (or AppArmor profiles).
• System Hardening: Service minimization, secure boot, kernel parameters, patch management, and CIS benchmarks.
• Logging and Auditing: syslog/rsyslog/journald, logrotate, and the Linux audit framework (auditd).
• Cryptography on Linux: SSH keys, GPG, OpenSSL, TLS certificates, and disk/file encryption.
• Shell Scripting for Administration: Bash scripting fundamentals, cron jobs, and automation of security tasks.

Optional Topics

• VPN configuration (OpenVPN, IPsec, WireGuard).
• Intrusion detection and integrity monitoring (Snort, Suricata, AIDE, Fail2ban).
• Centralized authentication (LDAP, Kerberos, FreeIPA).
• Configuration management and automation (Ansible, Puppet).
• Container security (Docker, Podman, Kubernetes basics).
• Linux forensics and incident response.
• Cloud Linux deployments (AWS/Azure/GCP) and security considerations.

Resources & Tools

• Operating Systems: Red Hat Enterprise Linux / Rocky Linux / CentOS Stream, Ubuntu Server, or Kali Linux.
• Virtualization Lab Environments: VMware Workstation/Player, VirtualBox, or cloud-based virtual labs.
• Core Tools: OpenSSH, BIND, Apache/Nginx, iptables/nftables/firewalld, SELinux, OpenSSL, GnuPG.
• Security Tools: Nmap, Wireshark, tcpdump, Fail2ban, Snort/Suricata, AIDE, Lynis.
• Reference Standards: CIS Benchmarks for Linux, NIST SP 800-53/800-123, and DISA Linux STIGs.
• Recommended Texts: Industry-standard Linux administration and security titles aligned with CompTIA Linux+ and Security+ objectives.

Career Pathways

This course supports career preparation in network and systems administration with a security focus. At Valencia College, CET2660C is a foundation course in the Cybersecurity & Network Engineering Technology A.S. degree, and related certificate programs prepare students for employment as Linux Server Administrators, Red Hat Linux System Administrators, Red Hat Linux Engineers, and Ansible Automation Architects. Typical job roles include:

• Linux System Administrator
• Network Security Technician
• Junior Security/SOC Analyst
• DevOps/Site Reliability Engineering Technician
• Cloud Operations Technician

Special Information

Certification Preparation: Coursework aligns with industry certifications commonly pursued by graduates of Florida cybersecurity and networking programs. Florida college network security programs commonly prepare students for CompTIA IT Fundamentals, CompTIA A+, CompTIA Network+, and CompTIA Security+ industry certifications. Topics covered also support preparation for CompTIA Linux+, LPIC-1, and Red Hat Certified System Administrator (RHCSA).

Lab Component: The "C" suffix in CET2660C indicates a combined lecture/laboratory course. In the SCNS taxonomy, a C after the course number is a lab indicator representing a combined lecture and laboratory course that meets in the same place at the same time. A lab fee is typically required.

Articulation: As an SCNS-numbered course, CET2660C is designed to transfer among participating Florida public postsecondary institutions in accordance with state articulation policy.