Defensive Security, Offensive Security

CA402: Network Security

  • Flexible Schedule

Course authored by:

Perparim Mjeku, Rinor Shehu, Altin Gashi

Pay now

35 Hours of Instruction

Includes lectures, guest speakers, and Q&A sessions

Hands-on
labs

23 Labs

Live Online or On-Demand Access

Join weekly synchronous sessions or access all material and recorded lectures anytime

Intermediate level

Developing practical skills and deepening understanding of core concepts

Course Materials

Available after purchase

Course Overview

Network security is not about configuring devices it is about understanding how networks operate and defending them against real adversaries. With six sections of structured work, the course builds practical capability in securing modern network environments from the ground up. It begins with core networking concepts, including architectures, protocols, and models such as OSI and TCP/IP, along with IP addressing, subnetting, and key protocols like HTTP, DNS, and TCP/UDP. The course then shifts into applied defense, covering secure design, segmentation, firewalls, IDS/IPS, and access control. You will analyze real-world attacks such as ARP poisoning, DNS spoofing, and DHCP abuse, and implement effective countermeasures. Practical work includes VPNs, logging, monitoring, and packet analysis. Expect hands-on scenarios and high standards by the end, you will be able to secure and defend networks in real-world environments.

What You’ll Learn

Build practical skills to design, secure, and monitor network infrastructures

  • Understand network fundamentals (LAN, WAN, OSI model, TCP/IP stack)
  • Identify and configure network devices (routers, switches, gateways)
  • Analyze common protocols (HTTP/S, DNS, FTP, TCP/UDP)
  • Perform IP addressing, subnetting, and network segmentation
  • Design secure network architectures (DMZ, defense-in-depth)
  • Configure and manage firewalls and access control policies
  • Detect and mitigate attacks (ARP poisoning, DNS spoofing, DHCP attacks)
  • Implement VPNs and secure remote access strategies
  • Use IDS/IPS for threat detection and monitoring
  • Analyze network traffic using tools like Wireshark
  • Implement logging, telemetry, and SIEM integration
  • Perform network troubleshooting and incident response

Business Takeaways

Translate network security knowledge into organizational protection and resilience

  • Strengthen network infrastructure against cyber threats
  • Reduce risk of data breaches through segmentation and access control
  • Improve visibility with logging, monitoring, and telemetry
  • Enable secure remote work through VPN and access policies
  • Detect and respond to threats faster using IDS/IPS and SIEM
  • Ensure compliance with security standards and best practices
  • Minimize downtime through proactive monitoring and troubleshooting
  • Support scalable and secure enterprise network design

Syllabus: 6 Sections to Transformation

The CA402 program takes you deep into how networks actually function and how they are secured, attacked, and defended in real environments. You move from core connectivity concepts to designing architectures, enforcing controls, and monitoring live network activity.

syllabus overview

download full syllabus

Justify Training to Your Manager

download the letter

section 1

FOUNDATIONS: NETWORK BASICS & MODELS

Build a deep understanding of how networks operate, from devices to communication models.
Grasp how data flows across layers and why architecture decisions impact security.

TOPICS COVERED

  • Network devices (router, switch, hub, bridge, NIC).
  • LAN, WAN, MAN, PAN network types.
  • OSI vs TCP/IP models and layer functions.
  • Encapsulation and decapsulation process.
  • IP addressing basics and communication flow.

LABS

  • Cisco Packet Tracer
  • Router Basics
  • Calculating IPs and Subnets
    ARP Tables

section 2

INFRASTRUCTURE: ETHERNET & NETWORK PROTOCOLS

Shift into how networks actually transmit data and communicate using protocols.
Explore addressing, routing, and the mechanics behind modern connectivity.

TOPICS COVERED

  • Ethernet standards, frames, and switching.
  • Cable types and network media.
  • Common protocols (HTTP, DNS, FTP, SMTP).
  • TCP vs UDP behavior and use cases.
  • NAT, PAT, and subnetting fundamentals.

LABS

  • Cisco Packet Tracer – Subnetting
  • Cisco Packet Tracer – DHCP & HTTP
  • Cisco Packet Tracer – DNS, Web, VLANs
  • Wireshark

section 3

ARCHITECTURE: SEGMENTATION & NETWORK DEFENSE DESIGN

Move into structured defense by designing secure network layouts and boundaries.
Understand how segmentation limits attacker movement and reduces risk.

TOPICS COVERED

  • Defense-in-depth architecture.
  • DMZ design and traffic flow.
  • Trust boundaries and segmentation strategies.
  • East-West vs North-South traffic.
  • Placement of security controls.

LABS

  • Kismet Tool
  • Network Segmentation Design & Implementation
  • DMZ Configuration & Traffic Flow Analysis

section 4

PROTECTION: NETWORK SECURITY CONTROLS & ACCESS

Dive into defensive mechanisms that actively protect and monitor networks.
Learn how attackers exploit protocols and how defenders detect and stop them.

TOPICS COVERED

  • DHCP, ARP, and DNS attacks (spoofing, poisoning).
  • VPN security and remote access risks.
  • NAC and 802.1X authentication.
  • VLANs, trunking, and segmentation controls.
  • Detection, telemetry, and response basics.

LABS

  • ARP Poisoning
  • DHCP Spoofing
  • DNS Spoofing

section 5

ENFORCEMENT: FIREWALLS, LOGGING & DETECTION

Focus on visibility and control how defenders enforce policies and detect threats.
Combine logging, monitoring, and intrusion detection into a unified defense strategy.

TOPICS COVERED

  • Firewall types and rule design.
  • Firewall misconfigurations and auditing.
  • Logging and centralized telemetry (Syslog).
  • NetFlow, packet capture, and monitoring.
  • IDS vs IPS and alert handling.

LABS

  • Configuring IPTABLES
  • Configuring UFW
  • Firewall Rule Testing & Log Correlation
  • Fail2ban

section 6

OPERATIONS: MONITORING, TROUBLESHOOTING & WIRELESS SECURITY

Bring everything together through real-world operations and incident handling.
Develop the ability to detect, investigate, and respond to network threats effectively.

TOPICS COVERED

  • Network troubleshooting using OSI model.
  • Wireshark packet analysis.
  • Monitoring tools (Nagios, SNMP, Netstat).
  • Wireless security (WEP, WPA2, WPA3).
  • Wireless attacks (deauth, rogue AP, evil twin).
  • Incident response and playbooks.

LABS

  • Cracking WiFi Passwords
  • VPS PIN Attack with Bully
  • DDOS Tools
  • Network Troubleshooting Scenario
  • Wireless Attack & Defense Simulation

Course Schedule
& Pricing

Looking for Group Purchase Options? See below

Next Start Date

March 5, 2026

Duration

14 Weeks Intensive

Format

Live with Zoom Meeting

What's Included

  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training
  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training

499€

Seats Filling Fast for January 2026

Location

Start Date

Start Time

Prishtina, Kosovo

March 20, 2026

10:30 AM (CEST)

Enlist now

Prishtina, Kosovo

April 15, 2026

4:30 PM (CEST)

Enlist now

Prishtina, Kosovo

May 10, 2026

11:00 AM (CEST)

Enlist now

Next Start Date

March 5, 2026

Duration

14 Weeks Intensive

Format

Live with Zoom Meeting

What's Included

  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training
  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training

499€

Seats Filling Fast for January 2026

Location

Start Date

Start Time

Prishtina, Kosovo

March 20, 2026

10:30 AM (CEST)

Enlist now

Prishtina, Kosovo

April 15, 2026

4:30 PM (CEST)

Enlist now

Prishtina, Kosovo

May 10, 2026

11:00 AM (CEST)

Enlist now

Next Start Date

March 5, 2026

Duration

14 Weeks Intensive

Format

Live with Zoom Meeting

What's Included

  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training
  • Hands-on Cyber Range Access
  • Expert Instructor-Led Training

499€

Seats Filling Fast for January 2026

Location

Start Date

Start Time

Prishtina, Kosovo

March 20, 2026

10:30 AM (CEST)

Enlist now

Prishtina, Kosovo

April 15, 2026

4:30 PM (CEST)

Enlist now

Prishtina, Kosovo

May 10, 2026

11:00 AM (CEST)

Enlist now

Frequently Asked Questions

Mission-critical information for prospective operatives

How do attackers compromise networks in real-world scenarios?

Attackers exploit weaknesses across network layers. Common techniques include ARP poisoning to intercept internal traffic, DNS spoofing to redirect users to malicious servers, DHCP attacks to manipulate network configurations, and lateral movement after initial access.

You will develop hands-on skills in designing secure network architectures (DMZ, segmentation, VLANs), configuring and auditing firewalls, monitoring traffic using logs, NetFlow, and packet capture, using IDS/IPS for detection, and responding to network incidents with structured workflows.

Without segmentation, an attacker who compromises one system can move freely across the network. Segmentation techniques like DMZs and VLANs create controlled boundaries, limiting lateral movement and protecting critical assets.

Detection relies on analyzing network telemetry, including firewall and system logs, traffic flow data such as NetFlow and sFlow, packet captures through PCAP analysis, and IDS/IPS alerts.

Frequent weaknesses include overly permissive firewall rules, lack of outbound (egress) filtering, misconfigured VPN access with split tunneling risks, weak monitoring and logging, and poor network segmentation.

0
    Your Cart
    Your cart is empty