Advanced Network Security

Course Description

CET2892C — Advanced Network Security is a 3-credit-hour, lab-integrated course in the Engineering Technologies / Computer Engineering Technology taxonomy of the Florida Statewide Course Numbering System (SCNS). Building on foundational networking and security concepts, this course provides students with advanced knowledge and hands-on skills in defending, monitoring, and responding to threats within enterprise network environments. Topics progress from advanced threat analysis and firewall architecture to intrusion detection, cryptographic solutions, VPN technologies, vulnerability management, and incident response. The course is designed to align with industry certification objectives and prepare students for real-world cybersecurity roles.

Learning Outcomes

Required Outcomes

Upon successful completion of this course, students will be able to:

• Analyze and identify advanced threat actors, attack vectors, and attack methodologies targeting enterprise networks.
• Design, configure, and evaluate firewall architectures including packet-filtering, stateful inspection, and next-generation firewalls (NGFW).
• Implement and manage Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) to monitor and respond to network anomalies.
• Apply cryptographic solutions including symmetric/asymmetric encryption, hashing, digital signatures, and Public Key Infrastructure (PKI) to secure network communications.
• Configure and troubleshoot Virtual Private Networks (VPNs) using protocols such as IPSec, SSL/TLS, and remote access technologies.
• Conduct vulnerability assessments and interpret scan results to identify and prioritize security risks.
• Apply security policies, standards, and procedures in accordance with organizational and regulatory compliance requirements.
• Perform basic incident response procedures including detection, containment, eradication, and recovery.

Optional Outcomes

The following outcomes may be covered depending on institutional emphasis and available lab resources:

• Conduct ethical hacking and penetration testing exercises using industry-standard tools (e.g., Metasploit, Nmap).
• Perform packet capture and network traffic analysis using tools such as Wireshark and tcpdump.
• Analyze and investigate Security Information and Event Management (SIEM) logs and alerts.
• Apply introductory digital forensics concepts to preserve and analyze digital evidence.
• Implement security controls for cloud and virtualized environments.
• Evaluate wireless network security protocols and identify wireless attack vectors (WEP/WPA/WPA2 vulnerabilities).

Major Topics

Required Topics

• Advanced Threat Landscape — threat actors (nation-states, insider threats, organized crime), attack surfaces, social engineering, malware categories, and zero-day vulnerabilities.
• Firewall Technologies — stateful vs. stateless inspection, NGFW features, DMZ architecture, ACLs, and rule-based policy configuration.
• Intrusion Detection and Prevention — signature-based vs. anomaly-based detection, IDS/IPS placement, alert tuning, and log review.
• Cryptography and PKI — symmetric algorithms (AES, 3DES), asymmetric algorithms (RSA, ECC), hashing (SHA, MD5), digital certificates, certificate authorities, and key lifecycle management.
• VPN and Secure Remote Access — IPSec (tunnel/transport mode), SSL/TLS VPNs, split tunneling, RADIUS, and TACACS+.
• Access Control Models — MAC, DAC, RBAC, multi-factor authentication, and identity management.
• Vulnerability Management — scanning tools, CVE/CVSS frameworks, patch management, and remediation prioritization.
• Incident Response — NIST incident response lifecycle, containment strategies, eradication, recovery, and post-incident analysis.
• Security Policies and Compliance — security policy frameworks, risk management, regulatory considerations (HIPAA, FERPA, PCI-DSS context), and security baselines.
• Network Security Architecture — defense-in-depth strategy, network segmentation, VLAN security, and hardening of routers, switches, and servers.

Optional Topics

• Penetration Testing Fundamentals — reconnaissance, scanning, exploitation phases, and reporting using tools such as Nmap and Metasploit.
• Wireless Network Security — WPA2/WPA3, EAP methods, rogue access point detection, and wireless attack mitigation.
• SIEM and Log Analysis — event correlation, alert triage, and use of platforms such as Splunk or similar tools.
• Cloud Security Fundamentals — shared responsibility model, cloud-based threat vectors, and identity and access management in cloud environments.
• Digital Forensics Introduction — chain of custody, evidence acquisition, and analysis of Windows and Linux systems.
• Security Operations Center (SOC) Concepts — SOC tiers, analyst workflows, threat hunting, and Capture-the-Flag (CTF) exercises.

Resources & Tools

• Packet Analysis: Wireshark, tcpdump
• Vulnerability Scanning: Nmap, OpenVAS, Nessus (Essentials)
• Virtualization/Lab Environments: VirtualBox, VMware Workstation, GNS3, Packet Tracer
• SIEM Platforms: Splunk Free/Trial, Elastic SIEM
• Penetration Testing (Optional): Kali Linux, Metasploit Framework
• Textbooks (commonly adopted): CompTIA Security+ Guide to Network Security Fundamentals (Ciampa, Cengage); Network Defense and Countermeasures (Easttom, Pearson)
• Online Platforms: CompTIA CertMaster Labs, Cisco Networking Academy, TryHackMe (optional)

Career Pathways

Completion of CET2892C supports entry into or advancement within the following roles:

• Network Security Analyst — monitoring and defending organizational networks against intrusion and attack.
• Security Operations Center (SOC) Analyst — triaging alerts, investigating incidents, and escalating threats in real time.
• Cybersecurity Technician / Specialist — implementing and maintaining security hardware, software, and policies.
• Network Administrator (Security Focus) — managing firewall rules, VPN configurations, and access control lists.
• Vulnerability Analyst — performing scans, interpreting results, and coordinating remediation efforts.
• Information Security Analyst — broad organizational role protecting data and infrastructure assets.

Credits earned in this course typically apply toward the Associate in Science (A.S.) in Network Systems Technology or related cybersecurity degree programs at Florida state colleges.

Special Information

Certification Preparation

This course is designed to support preparation for the following industry-recognized certifications:

• CompTIA Security+ (SY0-701) — The primary aligned certification. CET2892C covers the core domains of Security+ including threats, cryptography, network security architecture, identity management, and incident response.
• CompTIA CySA+ (CS0-003) — For students continuing to an advanced analyst role; this course provides foundational coverage in threat detection, vulnerability management, and incident response aligned with CySA+ objectives.
• Cisco CCNA Security / CyberOps Associate — Partial alignment with Cisco security domains including firewall configuration, VPN, and IDS/IPS (offered at select Florida CompTIA and Cisco Academy partner colleges).

Several Florida state colleges offering this course hold designations as CompTIA Authorized Academy Partners and Cisco Networking Academy sites, and may provide discounted exam vouchers or exam prep resources to enrolled students.