About this courseSkip About this course
This is the 4th course in the intermediate, undergraduate-level offering that makes up the larger Cybersecurity Fundamentals MicroBachelors Program. We recommend taking them in order, unless you have a background in these areas already and feel comfortable skipping ahead.
- Information Security - Introduction to Information Security
- Information Security - Authentication and Access Control
- Information Security - Advanced Topics
- Network Security - Introduction to Network Security
- Network Security - Protocols
- Network Security - Advanced Topics
- Penetration Testing - Discovering Vulnerabilities
- Penetration Testing - Exploitation
- Penetration Testing - Post Exploitation
These topics build upon the learnings that are taught in the introductory-level Computer Science Fundamentals MicroBachelors program, offered by the same instructor.
This is a self-paced course that provides an introduction to network security topics. The curriculum focusses on how malicious users attack networks. The material is essential in later classes that will develop ethical hacking skills. Students are introduced to some key concepts in network security. Next, we provide an overview of network reconnaissance strategies.
We move on to the next stage of the network attack methodology, which is exploitation.
Next, we cover standard attack techniques, attacks such as Denial of Service, DNS attacks, and client-side attacks, and the tools used to carry out these exploitations. We conclude by focusing on the steps attackers take after they initially compromise a system.
What you'll learnSkip What you'll learn
- Describe how "social engineering" can be used to compromise security
- Define the CIA triad
- Identify and plan to manage risks in common situations
- Define a threat tree and threat matrix and explain how they are used
- Define an attack tree, explain how boolean and continuous node values are used in attack trees, and demonstrate how an attack tree can be used to determine vulnerabilities
- Explain why it is important for network engineers to understand cyber attack strategies.
- List and summarize the stages of network attack methodology
- Identify the information an attacker might collect during network reconnaissance
- Describe at least two "low tech" ways of performing reconnaissance on a target
- Perform a WHOIS query and extract the IP address of a DNS server
- List at least three publicly available tools used for gathering information on targets
- Define port scanning and describe the process used to determine whether a port is open
- Define a proxy server
- Define IP spoofing, ingress filtering, and session hijacking
- Define a Denial of Service attack and explain the difference between a DoS and DDoS attack
- State the relationship between DoS attacks and geopolitical events
- List at least two vulnerability attacks used in DoS attacks
- Define SYN flooding and explain how it can be protected against
- Describe what happens during a standard DDoS attack
- Explain how DNS poisoning can be used in phishing attacks
- Describe how URLs can be obfuscated to make a phishing attack more likely to succeed
- List at least two tools used to assess vulnerabilities in networks
- Summarize the typical goals of post-exploitation activity
- Describe the strategies attackers use to maintain access to a compromised system
- Define trojans, viruses, worms, and blended threats
- List the typical objectives of trojan creators
- Define rootkits
- Give examples of common uses of Netcat
- Define wrappers
- Summarize common data exfiltration methods
- Summarize how attackers can remove evidence of system compromise in Windows and Unix systems
Week 1 - Introduction to Network Security
Week 2 - How Networks are Attacked - Part I
Week 3 - How Networks are Attacked - Part II
Week 4 - How Networks are Attacked - Part III
Week 5 - Final Exam
Meet your instructors
Pursue a Verified Certificate to highlight the knowledge and skills you gain$166 USD
Official and Verified
Receive an instructor-signed certificate with the institution's logo to verify your achievement and increase your job prospects
Add the certificate to your CV or resume, or post it directly on LinkedIn
Give yourself an additional incentive to complete the course
Support our Mission
edX, a non-profit, relies on verified certificates to help fund free education for everyone globally
Who can take this course?
Unfortunately, learners from one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. edX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.