module specification

CT7157 - Hardening Network Infrastructure (2025/26)

Module specification Module approved to run in 2025/26
Module title Hardening Network Infrastructure
Module level Masters (07)
Credit rating for module 20
School School of Computing and Digital Media
Total study hours 200
 
100 hours Guided independent study
48 hours Scheduled learning & teaching activities
52 hours Assessment Preparation / Delivery
Assessment components
Type Weighting Qualifying mark Description
Unseen Examination 40%   2-hours unseen written exam
Practical Assessment 60%   2-hours practical exam
Running in 2025/26

(Please note that module timeslots are subject to change)
Period Campus Day Time Module Leader
Summer studies North Friday Morning
Spring semester North Friday Afternoon
Summer studies North Friday Afternoon

Module summary

This module is delivered in two main parts:

 

1. CCNA Security: 

The first part is based on the CCNA Security course, part of the Cisco Networking Academy Programme. It introduces core security concepts and skills essential for installing, troubleshooting, and monitoring network devices to ensure data integrity, confidentiality, and availability. This curriculum is designed for individuals looking to enhance their CCNA-level skills and meet the growing demand for network security professionals. It prepares students for entry-level security roles and the globally recognized Cisco CCNA Security certification. CCNA Security is a hands-on, career-focused course that blends online and classroom learning, emphasizing practical experience, critical thinking, and problem-solving. Students should have a foundation in CCNA-level networking concepts and basic PC and Internet navigation skills. 

 

2. Security Controls:

The second part focuses on Security Controls, including tools and techniques to safeguard the confidentiality, integrity, and availability of critical assets and data. This section covers regulations, compliance, and best practices for protecting critical resources, with a focus on NewGen Firewall technology. Students are introduced to auditing and evaluation tools to assess and validate a network's security posture. They will also explore network threats, vulnerabilities, and the baseline security and configuration features required to secure network devices.

 

Together, these two parts provide a comprehensive understanding of network security, equipping students with the skills and knowledge needed to excel in the field.

 

Prior learning requirements

Available for Study Abroad? No

Syllabus

Overview of Network Security, Basic Router and Switch Security, Router ACLs and CBAC, Router AAA Security, Router Intrusion Detection, Monitoring and Management, Router Site-to-site VPN, Router, Router Remote Access VPN and Cisco Adaptive Security Appliance (ASA) [LO1, LO2]
Introduction to Network Security Controls [LO1]
Information Security Governance and Frameworks [LO3]
Auditing Tools and Techniques [LO4]
Auditing Cisco Security Solutions [LO4]
Security Policy [LO2]
Security Compliance and Management [LO3]

Nextgen firewalls [LO4]
Understanding of the professional, legal, social and ethical framework regarding Information Security [LO3]

Balance of independent study and scheduled teaching activity

The module is delivered weekly through a four-hour session comprising two main components:

  1. Lecture (2 hours): The lecture provides a detailed exploration of the course material. Students have access to the online curriculum (via Netacad or WebLearn) and are encouraged to review the material before attending the lecture to enhance their understanding. Following lectures on specific topics, students take regular in-class tests, receiving feedback either automatically or in person.
  2. Laboratory Work (2 hours): The lab sessions focus on hands-on activities, reinforcing the theoretical concepts covered in the lecture. Key exercises include tasks such as Device Audit and Hardening, AAA configurations, and Site-to-Site VPN setups.

To promote reflective learning, students are encouraged to maintain a logbook to record summaries of their practical work. They are also expected to regularly complete advanced lab exercises, which are designed to assess their understanding and application of the material.

Learning outcomes

On successful completion of this module, students should be able to:

LO1. Explain, appraise and critically evaluate network security terminology, vulnerabilities and policies and configure security technology for testing and monitoring.

LO2. Implement AAA and IDS using Cisco routers and designing and managing a secure network; and appraise and analyse security policies and network security posture.

LO3. Identify, understand and appreciate the knowledge of governance/frameworks and standards of information and network security including the related professional, legal, social and ethical issues.

LO4. Investigate and create a  systematic and independent examination of network infrastructure for vulnerabilities and threats.

Bibliography