Network Security Study Plan
This page is updated based on jassics/security-study-plan/network-security-study-plan
This plan assumes you already have some basic computer science skills (Linux basics, common Windows/macOS use, searching the internet, editing a file). See the Common Security Skills study plan first if you need to shore those up.
What is network security? It includes all methods, both defensive and offensive, used to protect and keep a network functional.
This plan has three objectives, in short:
- Understand networks and how they work
- Understand common vulnerabilities and how to detect them
- Learn how to remedy those vulnerabilities and secure a network
ToC
- Network Fundamentals - 2 weeks
- Network Defense - 2 weeks
- Network Attacks and Analysis - 2 weeks
- Wireless and Advanced Topics - 2 weeks
- Resources
Network Fundamentals
Duration: 2 weeks
Focus on the basic concepts of networks: architectures, protocols, and the OSI model. See this site's own Network Security Overview alongside this section.
Week 1-2: Core Concepts
- OSI & TCP/IP Models: layers and encapsulation
- Protocols: IP, TCP, UDP, ICMP, DNS, DHCP, HTTP/HTTPS, SSH
- Addressing: IPv4, IPv6, subnetting, MAC addresses
- Routing & Switching: basics of how data moves
Resources:
- Networking for Ethical Hackers from The Cyber Mentor
- You Suck at Subnetting from NetworkChuck
- TryHackMe Pre-Security Path
Network Defense
Duration: 2 weeks
Learn how to protect and maintain a functional network.
Week 3-4: Defensive Technologies
- Firewalls: stateful vs stateless, WAFs
- IDS/IPS: Snort, Suricata basics
- VPNs: tunneling, IPsec, SSL VPNs
- Hardening: port security, disabling unused services, segmentation (VLANs)
Resources:
- Blue Teaming and Network Defense Series from LoiLiangYang
- TryHackMe Network Security Module
Network Attacks and Analysis
Duration: 2 weeks
Understand common vulnerabilities and how to detect them.
Week 5-6: Offensive Concepts & Analysis
- Scanning: Nmap, Masscan (host discovery, port scanning)
- Sniffing: Wireshark, tcpdump (packet analysis)
- Attacks: MITM, ARP spoofing, DoS/DDoS, DNS poisoning
- Tools: Netcat, Metasploit (basics)
Resources:
Wireless and Advanced Topics
Duration: 2 weeks
Expanding into wireless and more complex scenarios.
Week 7-8: Wireless & Beyond
- Wireless Security: WEP, WPA2/WPA3, handshakes, Aircrack-ng
- Network Architecture: DMZ, bastion hosts, Zero Trust basics
- Traffic Analysis: identifying anomalies and malware traffic
Resources:
Resources
To finish with this plan: create free accounts on platforms like TryHackMe or Root Me - useful for building both skills and knowledge. Create a GitHub account too, to post code and projects (if you don't code yet, see this TryHackMe scripting module). A Twitter/X account is also useful to keep up with cybersecurity news and build a reputation in the domain.
If you want to go deeper into monitoring, detection, and incident response after Network Security, read the Blue Team, Detection & Response Study Plan.
Practice next: Network Security interview questions for interview prep, and jassics/security-study-plan for the latest updates to this plan.