Network Security

Intermediate

Network security encompasses the policies, practices, and technologies designed to protect the integrity, confidentiality, and availability of computer networks and the data transmitted across them. It involves both hardware and software mechanisms that guard against unauthorized access, misuse, modification, or denial of network-accessible resources. As organizations increasingly rely on interconnected systems and cloud infrastructure, network security has become a foundational discipline within information technology and cybersecurity.

The field draws on a wide range of technical domains including cryptography, operating systems, protocol design, and risk management. Core defensive strategies include firewalls, intrusion detection and prevention systems, virtual private networks (VPNs), network segmentation, and access control mechanisms. Offensive techniques such as penetration testing and vulnerability scanning are also essential, as defenders must understand attacker methodologies to build resilient systems. Frameworks like the OSI model and the CIA triad (Confidentiality, Integrity, Availability) provide conceptual foundations for analyzing and designing secure network architectures.

Modern network security faces rapidly evolving challenges driven by the proliferation of Internet of Things (IoT) devices, the shift to cloud and hybrid environments, the sophistication of advanced persistent threats (APTs), and the growing scale of distributed denial-of-service (DDoS) attacks. Zero Trust Architecture, which assumes no implicit trust for any user or device regardless of network location, has emerged as a leading paradigm. Professionals in this field must continuously update their knowledge to address new attack vectors, comply with regulatory requirements such as GDPR and HIPAA, and implement defense-in-depth strategies that layer multiple security controls.

Practice a little. See where you stand.

Part of:AP Cybersecurity

Ready to practice?5 minutes. No pressure.

Take the Quiz Learn First

Quiz

Reveal what you know — and what needs work

Adaptive Learn

Responds to how you reason, with real-time hints

Start here

Flashcards

Build recall through spaced, active review

Cheat Sheet

The essentials at a glance — exam-ready

Glossary

Master the vocabulary that unlocks understanding

Learning Roadmap

A structured path from foundations to mastery

Book

Deep-dive guide with worked examples

Role-play

Think like an expert — no grading

Key Concepts

A network security device or software that monitors and filters incoming and outgoing network traffic based on predefined security rules. Firewalls establish a barrier between trusted internal networks and untrusted external networks such as the internet.

Example

A company configures its next-generation firewall to block all inbound traffic on port 23 (Telnet) while allowing HTTPS traffic on port 443, and uses deep packet inspection to detect malicious payloads hidden within allowed traffic.

Security systems that monitor network traffic for suspicious activity. An IDS detects and alerts on potential threats, while an IPS can also take automated action to block or mitigate detected threats in real time.

Example

A network-based IPS detects a series of packets matching a known SQL injection signature targeting a web server and automatically drops the malicious packets before they reach the application.

A technology that creates an encrypted tunnel over a public network, allowing remote users to securely access a private network as if they were directly connected to it. VPNs protect data confidentiality and integrity during transmission.

Example

A remote employee connects to the corporate network via an IPsec VPN tunnel, encrypting all traffic between their laptop and the company's VPN gateway so that sensitive files cannot be intercepted on public Wi-Fi.

The three fundamental objectives of information security: Confidentiality ensures that data is accessible only to authorized parties, Integrity ensures that data is accurate and unaltered, and Availability ensures that systems and data are accessible when needed.

Example

A hospital's network security policy implements encryption for patient records (confidentiality), checksums to verify that records have not been tampered with (integrity), and redundant servers to ensure the system remains accessible during peak hours (availability).

A security model based on the principle of 'never trust, always verify.' It requires strict identity verification for every person and device attempting to access resources, regardless of whether they are inside or outside the network perimeter.

Example

An organization implements Zero Trust by requiring multi-factor authentication, device health checks, and micro-segmentation so that even an employee on the internal LAN must authenticate and be authorized before accessing each individual application.

The practice of dividing a computer network into smaller subnetworks (segments or zones), each acting as its own smaller network. This limits the lateral movement of attackers and contains breaches to a smaller portion of the infrastructure.

Example

A retailer separates its point-of-sale network from its corporate office network and guest Wi-Fi using VLANs and firewall rules, so that a compromise of the guest network cannot directly reach payment processing systems.

The process of converting plaintext data into an unreadable ciphertext format using cryptographic algorithms and keys. Only parties with the correct decryption key can restore the data to its original form, protecting it from unauthorized access.

Example

A bank uses TLS 1.3 to encrypt all communications between customers' web browsers and its online banking servers, preventing attackers from reading account credentials or transaction details even if they intercept the network traffic.

An attack that aims to make a network resource or service unavailable to its intended users by overwhelming it with a flood of illegitimate traffic or exploiting a vulnerability that causes the system to crash. A Distributed Denial-of-Service (DDoS) attack uses multiple compromised systems to amplify the assault.

Example

An attacker uses a botnet of 50,000 compromised IoT devices to send a massive volume of UDP packets to a target website's server, exhausting its bandwidth and rendering it unreachable for legitimate customers.

A framework of roles, policies, hardware, software, and procedures used to create, manage, distribute, store, and revoke digital certificates. PKI enables secure electronic communication by binding public keys to the identities of entities through a Certificate Authority (CA).

Example

When a user visits an HTTPS website, their browser verifies the site's SSL/TLS certificate against a trusted Certificate Authority to confirm the site's identity before establishing an encrypted session.

An authorized, simulated cyberattack performed on a computer system or network to evaluate its security posture. Penetration testers use the same techniques as malicious hackers to identify vulnerabilities before real attackers can exploit them.

Example

A security firm conducts a penetration test on a client's network, discovering that an unpatched Apache server allows remote code execution, and provides a detailed report with remediation steps before the vulnerability is exploited in the wild.

One concept at a time.

Explore your way

Choose a different way to engage with this topic — no grading, just richer thinking.

Explore your way — choose one:

Explore with AI →

Curriculum alignment— Standards-aligned

Grade level

Grades 9-12College+

Learning objectives

•Evaluate firewall architectures, intrusion detection systems, and network segmentation strategies for defense-in-depth protection
•Analyze common network attack vectors including man-in-the-middle, DNS poisoning, and distributed denial-of-service exploits
•Apply encryption protocols and certificate management practices to secure data in transit across public networks
•Design a zero-trust network architecture that enforces least-privilege access and continuous authentication verification

Recommended Resources

This page contains affiliate links. We may earn a commission at no extra cost to you.

Books

Network Security Essentials: Applications and Standards

by William Stallings

Cryptography and Network Security: Principles and Practice

by William Stallings

The Practice of Network Security Monitoring

by Richard Bejtlich

Hacking: The Art of Exploitation

by Jon Erickson

Network Security Assessment: Know Your Network

by Chris McNab

Courses

Google Cybersecurity Professional Certificate

CourseraEnroll

CompTIA Security+ (SY0-701) Complete Course

UdemyEnroll

Introduction to Cyber Security Specialization

CourseraEnroll

My Progress Focus Mode

Tech & Computing

Cybersecurity

The practice of protecting systems, networks, and data from digital attacks, covering threat analysis, defense strategies, encryption, and incident response.

Intermediate

Interdisciplinary

Cryptography

The science of securing information through mathematical algorithms and protocols, ensuring confidentiality, integrity, and authentication in digital communications.

Intermediate

Interdisciplinary

Information Security

The practice of protecting information from unauthorized access, disclosure, alteration, and destruction through technical, administrative, and physical controls built around the principles of confidentiality, integrity, and availability.

Intermediate

Tech & Computing

Cloud Computing

The delivery of computing services over the internet, enabling on-demand access to servers, storage, databases, and applications without owning physical infrastructure.

Intermediate

Interdisciplinary

Network and Systems Administration

The discipline of designing, deploying, and maintaining computer networks and server infrastructure, encompassing configuration, monitoring, security, and automation of IT systems.

Intermediate

Interdisciplinary

Cybercrime

The study of criminal activities conducted through computers and digital networks, covering attack methods, legal frameworks, digital forensics, and cybersecurity defense strategies.

Intermediate

Tech & Computing

Software Engineering

The systematic application of engineering principles to software design, development, testing, and maintenance, encompassing methodologies like Agile, design patterns, DevOps, and quality assurance practices.

Intermediate

Network Security

Quiz

Adaptive Learn

Flashcards

Cheat Sheet

Glossary

Learning Roadmap

Book

Role-play

Key Concepts

Firewall

Intrusion Detection and Prevention Systems (IDS/IPS)

Virtual Private Network (VPN)

CIA Triad

Zero Trust Architecture

Network Segmentation

Encryption

Denial-of-Service (DoS) Attack

Public Key Infrastructure (PKI)

Penetration Testing

Explore your way

Grade level

Learning objectives

Recommended Resources

Books

Network Security Essentials: Applications and Standards

Cryptography and Network Security: Principles and Practice

The Practice of Network Security Monitoring

Hacking: The Art of Exploitation

Network Security Assessment: Know Your Network

Courses

Google Cybersecurity Professional Certificate

CompTIA Security+ (SY0-701) Complete Course

Introduction to Cyber Security Specialization

Related Topics

Cybersecurity

Cryptography

Information Security

Cloud Computing

Network and Systems Administration

Cybercrime

Software Engineering