Build the defensive skills to protect organizational networks — implement access controls, configure firewalls, apply cryptography, monitor network security data, and evaluate security alerts.
Network Defense is the second course in the Junior Cybersecurity Analyst Career Path, covering the Network Defense domain of the CCST Cybersecurity certification. The course introduces foundational concepts in network security defense including system and network hardening, access control, firewall technologies, cloud security, cryptography, and security alert evaluation. Learners progress from core defense strategies and security policies through hands-on configuration of ACLs, Zone-Based Policy Firewalls, and analysis of network security data. Hands-on labs use Packet Tracer and research-based activities to build practical skills. The recommended prior course is Endpoint Security.
Curriculum Chapters
- 1. Understanding Defense
- 2. System and Network Defense
- 3. Access Control
- 4. Access Control Lists
- 5. Firewall Technologies
- 6. Zone-Based Policy Firewalls
- 7. Cloud Security
- 8. Cryptography
- 9. Technologies and Protocols
- 10. Network Security Data
- 11. Evaluating Alerts
Skills You Will Learn
Explain defense-in-depth strategy and how organizations monitor cybersecurity threats. Implement physical security, application security, and network hardening measures. Configure access control including AAA with TACACS+ and RADIUS. Implement IPv4 and IPv6 ACLs to filter traffic and mitigate network attacks. Explain firewall types and design considerations for network security implementations. Configure a Zone-Based Policy Firewall (ZPF) using the Cisco IOS CLI. Recommend cloud security requirements across cloud models and shared responsibility frameworks. Apply cryptographic techniques for confidentiality, integrity, and authenticity including hashing, digital signatures, and PKI. Explain how security technologies affect network monitoring. Use syslog, NetFlow, and other tools to capture and analyze network security data. Classify and evaluate security alerts using industry-standard methods.
Technologies Used
Cisco IOS CLI
Cisco Packet Tracer
Virtual Machine labs (VirtualBox / UTM)
Wireshark / network analysis tools
TACACS+ / RADIUS / AAA frameworks
Course Details
Course Type: Free self-paced
Time: 27 Hours
Modules: 11
Labs: Packet Tracer activities, VM labs & research-based lab experiences
Prerequisites
Basic TCP/IP networking knowledge. Completion of Endpoint Security recommended.
Certification & Career
Career and Certification alignment: This course is the second of three courses in the Junior Cybersecurity Analyst Career Path and aligns with the Cisco Certified Support Technician (CCST) Cybersecurity certification. It prepares learners for entry-level roles including Junior Cybersecurity Analyst, Network Security Specialist, and Tier 1 Help Desk Support. The recommended next course is Cyber Threat Management.
Achievements & Badges
Upon completion, earn a Cisco Networking Academy digital badge. Share your verified achievement on LinkedIn, your CV, or professional profile.
What Cisco verifies: Cisco verifies the earner of this badge successfully completed the Network Defense course. The holder of this student-level credential has foundational knowledge of network defense concepts including access control, firewall configuration, cloud security, cryptography, network security data analysis, and security alert evaluation, aligned with the CCST Cybersecurity certification objectives.
Ready to Start This Course?
This course is delivered through Cisco Networking Academy — the official global learning platform. To enroll, click the button and you will be taken to the official course page on netacad.com. If you already have a Cisco Networking Academy account, simply log in and click Get Started. If you are new to the platform, creating a free account takes less than a minute. Enrollment is completely free.
You will be redirected to netacad.com.
A free account is required to enroll.