Network Security Advanced

Course Description

CET2883C — Network Security Advanced — is a 3-credit-hour, laboratory-integrated course within the Computer Engineering Technology taxonomy (Engineering Technologies). Building on foundational network security concepts, this course provides in-depth, hands-on training in advanced techniques for securing enterprise networks, detecting and responding to intrusions, implementing cryptographic solutions, and performing penetration testing. Students configure and manage security appliances, analyze network traffic for threats, and apply industry-standard frameworks to protect organizational infrastructure. The course is designed to prepare students for advanced roles in network security and for industry certification examinations including CompTIA Security+, CompTIA CySA+, and related credentials.

Learning Outcomes

Required Learning Outcomes

Upon successful completion of this course, students will be able to:

• Analyze and mitigate advanced network threats, vulnerabilities, and attack vectors in enterprise environments.
• Configure and manage firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS) to protect network infrastructure.
• Implement and evaluate Virtual Private Network (VPN) solutions for secure remote access and site-to-site connectivity.
• Apply cryptographic principles — including symmetric, asymmetric, and hashing algorithms — to protect data in transit and at rest.
• Perform network traffic analysis and use packet-capture tools to identify and respond to security incidents.
• Execute structured penetration testing and vulnerability assessment methodologies on network systems.
• Implement access control models, authentication protocols, and identity management solutions.
• Develop and evaluate security policies, procedures, and compliance frameworks aligned with industry standards (e.g., NIST, ISO 27001).
• Respond to and document security incidents using established incident-response procedures.

Optional Learning Outcomes

The following outcomes may be addressed depending on institutional emphasis and instructor discretion:

• Analyze wireless network security threats and configure secure wireless protocols (WPA3, EAP).
• Apply basic digital forensics techniques to preserve and analyze network-based evidence.
• Configure cloud security controls and evaluate shared-responsibility models for IaaS/SaaS environments.
• Demonstrate use of Security Information and Event Management (SIEM) tools for log aggregation and threat correlation.
• Evaluate zero-trust architecture principles and micro-segmentation strategies.
• Examine legal, ethical, and regulatory considerations relevant to cybersecurity practice in Florida and nationally.

Major Topics

Required Topics

The following content areas are commonly covered across Florida college offerings of this course:

• Advanced Threats and Attack Methodologies — malware categories, APTs, social engineering, DoS/DDoS, man-in-the-middle, SQL injection, and zero-day exploits
• Firewall Technologies — stateful vs. stateless inspection, next-generation firewalls, ACL configuration, DMZ design
• Intrusion Detection and Prevention — signature-based and anomaly-based IDS/IPS, placement strategies, rule tuning, alert analysis
• Cryptography and PKI — symmetric/asymmetric encryption, hashing, digital signatures, certificate authorities, SSL/TLS implementation
• Virtual Private Networks (VPNs) — IPSec, SSL VPN, tunneling protocols, remote-access and site-to-site configurations
• Network Traffic Analysis — Wireshark and similar tools, protocol analysis, anomaly detection, packet inspection
• Penetration Testing and Ethical Hacking — reconnaissance, scanning, exploitation, post-exploitation, reporting; tools such as Nmap, Metasploit, Nessus
• Access Control and Authentication — AAA frameworks, RADIUS, TACACS+, multi-factor authentication, LDAP, Active Directory integration
• Security Policies and Risk Management — risk assessment, security frameworks (NIST CSF, CIS Controls), business continuity planning
• Incident Response — response lifecycle (preparation, identification, containment, eradication, recovery, lessons learned), chain of custody basics

Optional Topics

The following topics may be included based on course section, available lab resources, and program emphasis:

• Wireless Security — 802.11 vulnerabilities, rogue access points, WPA3, wireless penetration testing
• Cloud and Virtualization Security — shared-responsibility models, virtual network security, container security fundamentals
• SIEM and Log Management — log collection, correlation rules, dashboards, threat hunting workflows
• Digital Forensics Fundamentals — evidence acquisition, file system analysis, network forensics using open-source tools
• Zero Trust Architecture — micro-segmentation, identity-centric security, software-defined perimeter
• Regulatory and Legal Frameworks — HIPAA, FERPA, PCI-DSS, Florida cybersecurity statutes, ethical hacking law
• Scripting for Security — basic Python or Bash scripting for automation of security tasks and log analysis

Resources & Tools

• Virtualization Platforms: VMware Workstation or Oracle VirtualBox for lab environments and network simulation
• Network Simulation: Cisco Packet Tracer or GNS3 for topology design and device configuration
• Penetration Testing Tools: Kali Linux distribution; Nmap, Metasploit Framework, Nessus/OpenVAS, Wireshark, Burp Suite
• Firewall/IDS Platforms: pfSense, Snort, Suricata — open-source tools commonly used in lab instruction
• SIEM Tools: Splunk Free/Trial or Security Onion for log analysis exercises
• Textbooks (commonly adopted): CompTIA Security+ Study Guide (Sybex/Mike Chapple); Network Security Essentials by William Stallings; CompTIA CySA+ Study Guide
• Online Labs: TryHackMe, Hack The Box, or instructor-hosted cyber range environments
• Standards References: NIST Cybersecurity Framework (CSF), CIS Controls, OWASP Top 10

Career Pathways

Completion of CET2883C supports advancement into the following career roles, consistent with Florida workforce demand in information technology and cybersecurity:

• Information Security Analyst — monitors networks, investigates alerts, and implements protective measures
• Network Security Engineer / Administrator — designs and maintains secure network infrastructure including firewalls, VPNs, and IDS/IPS
• Penetration Tester / Ethical Hacker — conducts authorized security assessments of systems and networks
• Security Operations Center (SOC) Analyst — performs real-time monitoring, triage, and incident response
• Cybersecurity Specialist / Consultant — advises organizations on risk management and compliance strategies
• Systems / Network Administrator (Security Focus) — manages enterprise systems with responsibility for access control and hardening

Credits earned in this course typically apply toward the Associate in Science (A.S.) in Network Systems Technology or related cybersecurity A.S. degrees at Florida colleges.

Special Information

Certification Preparation

This course is structured to support preparation for the following industry certifications:

• CompTIA Security+ (SY0-701) — primary certification target; validates baseline cybersecurity skills required for many IT security roles
• CompTIA CySA+ (CS0-003) — cybersecurity analyst certification emphasizing threat detection, analysis, and incident response
• CompTIA PenTest+ — for sections with a penetration testing emphasis
• EC-Council Certified Network Defender (C|ND) — aligns with network defense and countermeasure content

Several Florida colleges offering this course are recognized as CompTIA Authorized Academy Partners and Cisco Networking Academy sites, providing students access to discounted exam vouchers and official study materials. Some programs have also received endorsements from the FBI InfraGard, the National Initiative for Cybersecurity Careers and Studies (NICCS), and the U.S. Department of Homeland Security.

Lab Requirement

The "C" suffix in CET2883C designates a combined lecture and laboratory course. Students should expect scheduled lab sessions in addition to lecture time, using live network equipment, virtualized environments, or a college cyber range facility. Contact hours therefore include both lecture (approximately 2 hours/week) and lab (approximately 2 hours/week) components within the 3-credit structure.