CT7157 - Hardening Network Infrastructure (2025/26)
Module specification | Module approved to run in 2025/26 | ||||||||||||||||||||
Module title | Hardening Network Infrastructure | ||||||||||||||||||||
Module level | Masters (07) | ||||||||||||||||||||
Credit rating for module | 20 | ||||||||||||||||||||
School | School of Computing and Digital Media | ||||||||||||||||||||
Total study hours | 200 | ||||||||||||||||||||
|
|||||||||||||||||||||
Assessment components |
|
||||||||||||||||||||
Running in 2025/26(Please note that module timeslots are subject to change) |
|
Module summary
This module is delivered in two main parts:
1. CCNA Security:
The first part is based on the CCNA Security course, part of the Cisco Networking Academy Programme. It introduces core security concepts and skills essential for installing, troubleshooting, and monitoring network devices to ensure data integrity, confidentiality, and availability. This curriculum is designed for individuals looking to enhance their CCNA-level skills and meet the growing demand for network security professionals. It prepares students for entry-level security roles and the globally recognized Cisco CCNA Security certification. CCNA Security is a hands-on, career-focused course that blends online and classroom learning, emphasizing practical experience, critical thinking, and problem-solving. Students should have a foundation in CCNA-level networking concepts and basic PC and Internet navigation skills.
2. Security Controls:
The second part focuses on Security Controls, including tools and techniques to safeguard the confidentiality, integrity, and availability of critical assets and data. This section covers regulations, compliance, and best practices for protecting critical resources, with a focus on NewGen Firewall technology. Students are introduced to auditing and evaluation tools to assess and validate a network's security posture. They will also explore network threats, vulnerabilities, and the baseline security and configuration features required to secure network devices.
Together, these two parts provide a comprehensive understanding of network security, equipping students with the skills and knowledge needed to excel in the field.
Prior learning requirements
Available for Study Abroad? No
Syllabus
Overview of Network Security, Basic Router and Switch Security, Router ACLs and CBAC, Router AAA Security, Router Intrusion Detection, Monitoring and Management, Router Site-to-site VPN, Router, Router Remote Access VPN and Cisco Adaptive Security Appliance (ASA) [LO1, LO2]
Introduction to Network Security Controls [LO1]
Information Security Governance and Frameworks [LO3]
Auditing Tools and Techniques [LO4]
Auditing Cisco Security Solutions [LO4]
Security Policy [LO2]
Security Compliance and Management [LO3]
Nextgen firewalls [LO4]
Understanding of the professional, legal, social and ethical framework regarding Information Security [LO3]
Balance of independent study and scheduled teaching activity
The module is delivered weekly through a four-hour session comprising two main components:
- Lecture (2 hours): The lecture provides a detailed exploration of the course material. Students have access to the online curriculum (via Netacad or WebLearn) and are encouraged to review the material before attending the lecture to enhance their understanding. Following lectures on specific topics, students take regular in-class tests, receiving feedback either automatically or in person.
- Laboratory Work (2 hours): The lab sessions focus on hands-on activities, reinforcing the theoretical concepts covered in the lecture. Key exercises include tasks such as Device Audit and Hardening, AAA configurations, and Site-to-Site VPN setups.
To promote reflective learning, students are encouraged to maintain a logbook to record summaries of their practical work. They are also expected to regularly complete advanced lab exercises, which are designed to assess their understanding and application of the material.
Learning outcomes
On successful completion of this module, students should be able to:
LO1. Explain, appraise and critically evaluate network security terminology, vulnerabilities and policies and configure security technology for testing and monitoring.
LO2. Implement AAA and IDS using Cisco routers and designing and managing a secure network; and appraise and analyse security policies and network security posture.
LO3. Identify, understand and appreciate the knowledge of governance/frameworks and standards of information and network security including the related professional, legal, social and ethical issues.
LO4. Investigate and create a systematic and independent examination of network infrastructure for vulnerabilities and threats.