🚀 Early Adopter Price: $39/mo for lifeClaim Your Price →
Networks and Infrastructure Fundamentals
Coming Soon
Expected availability announced soon

This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.

Notify me
ISACA CertificatesAssociateComing Soon

Networks and Infrastructure Fundamentals

The Networks and Infrastructure Fundamentals Certificate covers the foundational concepts of computer networks, infrastructure components, IP addressing and routing, DNS, network services, and core security considerations — at the conceptual depth needed to participate in IT and audit conversations.

Who Should Take This

IT generalists, junior auditors, security newcomers, and career-changers who need a working vocabulary for networking and infrastructure. Assumes basic computing literacy. Learners finish able to read network diagrams, recognize common protocols, and identify infrastructure components in an enterprise environment.

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
13 Activity Formats

Course Outline

1Models and Encapsulation
3 topics

OSI Model

  • Identify the seven OSI layers (Physical, Data Link, Network, Transport, Session, Presentation, Application) and identify a representative protocol or device at each.
  • Apply OSI-layer mapping to common troubleshooting scenarios (cable unplugged → L1; misconfigured IP → L3; expired cert → L7).

TCP/IP Model

  • Identify the four TCP/IP layers (Link, Internet, Transport, Application) and identify how they map to OSI.
  • Identify encapsulation as the process of wrapping data with headers/trailers at each layer and identify the resulting PDU names (frame, packet, segment).

Why Layered Models Matter

  • Identify the practical benefits of layered models: vendor interop, troubleshooting locality, evolution at one layer without breaking others.
  • Analyze a scenario where a 'helpful' middlebox modifies headers and breaks higher-layer assumptions, and identify the resulting failure mode.
2Addressing and Routing
3 topics

IPv4 and IPv6

  • Distinguish IPv4 (32-bit) and IPv6 (128-bit) and identify the typical reasons IPv6 adoption has been slow.
  • Identify private IPv4 ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) and link-local IPv6 (fe80::/10) and identify their use cases.
  • Apply NAT understanding: identify the difference between SNAT, DNAT, and PAT and identify a scenario where each is used.

Subnetting and CIDR

  • Identify CIDR notation (/24, /16, /32) and identify how it maps to subnet mask and host count at conceptual depth.
  • Apply subnetting selection for a small office (50 hosts), a medium office (500 hosts), and a service network (4 hosts) and identify appropriate CIDR sizes.

Routing

  • Identify static vs dynamic routing and identify common dynamic protocols (OSPF, BGP, EIGRP) by use case (interior vs exterior, vendor).
  • Identify the role of default routes, route summarization, and route redistribution in real networks.
  • Analyze a routing-loop scenario and identify the protocol mechanisms (split horizon, holddown, max-hop) that prevent it.
3Core Protocols
3 topics

Transport Layer

  • Distinguish TCP (connection-oriented, reliable) from UDP (connectionless, best-effort) and identify a representative use case for each.
  • Identify the TCP 3-way handshake (SYN, SYN-ACK, ACK) and identify the typical packet flow.

DNS

  • Identify DNS hierarchy (root, TLD, authoritative, recursive) and identify common record types (A, AAAA, CNAME, MX, TXT, NS).
  • Apply DNS troubleshooting: dig/nslookup against a recursive resolver vs an authoritative server to identify caching vs delegation issues.

HTTP/HTTPS

  • Identify HTTP methods (GET, POST, PUT, DELETE, PATCH) and common status codes (2xx success, 3xx redirect, 4xx client error, 5xx server error).
  • Identify HTTPS as HTTP over TLS and identify its primary guarantees: confidentiality, integrity, server authentication.
  • Apply HTTP-header inspection to identify caching directives, security headers (HSTS, CSP, X-Content-Type-Options), and authentication tokens.
4Network Devices and Architecture
3 topics

L2 and L3 Devices

  • Identify switches (L2, MAC-table-driven) and routers (L3, IP-routing-table-driven) and identify the difference between each.
  • Identify VLANs as L2 segmentation and identify their typical use cases (security separation, broadcast-domain control, multi-tenant networks).

Security Devices

  • Identify firewalls, IDS/IPS, WAFs, and load balancers and identify what each contributes at a conceptual level.
  • Apply device placement: firewall at the perimeter, WAF in front of web apps, IDS at SPAN ports, load balancer in front of horizontally-scaled services.
  • Analyze a network diagram and identify which device is responsible for each control point (TLS termination, payload inspection, rate limiting).

LAN, WAN, and SDN

  • Distinguish LAN, WAN, and SD-WAN and identify the typical scaling and management trade-offs.
  • Identify software-defined networking (SDN) as the separation of control plane from data plane and identify SDN's enterprise applications (microsegmentation, VXLAN-based overlays).
5Wireless and Network Services
3 topics

Wi-Fi Fundamentals

  • Identify Wi-Fi standards (802.11a/b/g/n/ac/ax = Wi-Fi 6) and identify their typical speed and frequency-band trade-offs.
  • Identify WPA2 vs WPA3 and identify the security improvements in WPA3 (SAE handshake, forward secrecy).

Directory and Identity Services

  • Identify directory services (Active Directory, LDAP, Entra ID, Okta) and identify their role in centralized authentication and authorization.
  • Apply directory-integration patterns: domain-joined Windows endpoints, SSSD-joined Linux endpoints, federation to cloud SaaS.

Time, Logging, and Mail

  • Identify NTP and identify why accurate time is required for cryptographic operations, log correlation, and Kerberos authentication.
  • Identify SMTP, IMAP, and POP3 and identify their typical deployment context (relay vs mailbox-access protocols).
6Network Security and Operations
3 topics

Network Defense Layers

  • Identify defense in depth at the network layer: perimeter firewalls, segmentation, host firewalls, traffic monitoring, encryption in transit.
  • Apply defense-in-depth design to a 3-tier web application (web, app, db) and identify controls at each tier.

Network Monitoring and Telemetry

  • Identify network telemetry sources: NetFlow/IPFIX, sFlow, full-packet capture, firewall logs, DNS query logs.
  • Apply baseline detection use cases: data exfiltration via DNS tunneling, beaconing, port-scan detection.
  • Analyze a security incident scenario where the network telemetry was insufficient to reconstruct the attack and propose collection improvements.

Cloud and Hybrid Networking

  • Identify cloud network primitives: VPCs/VNets, subnets, security groups, route tables, NAT gateways, peering, transit gateways.
  • Apply hybrid-connectivity options: site-to-site VPN, dedicated connection (Direct Connect, ExpressRoute, Cloud Interconnect), transit-network design.
7Practical Networking Skills
7 topics

Network Diagnostics

  • Identify common diagnostic tools: ping, traceroute, mtr, dig/nslookup, curl, telnet, netstat/ss.
  • Apply troubleshooting flow for 'website not loading': DNS resolution, TCP connect, TLS handshake, HTTP response — verify each layer in sequence.
  • Analyze a 'slow internal API' scenario where mtr reveals high latency at a specific hop, and identify the appropriate next steps.

Network Capacity and Performance

  • Identify network performance concepts: bandwidth, latency, jitter, packet loss, throughput.
  • Identify the difference between bandwidth and throughput at conceptual depth and identify common reasons measured throughput is below available bandwidth.

Container and Service-Mesh Networking

  • Identify container networking models: bridge, host, overlay, CNI plugins (Calico, Cilium, Flannel).
  • Identify service-mesh basics (Istio, Linkerd, Consul Connect) and identify what they provide (mTLS, retries, traffic shaping, observability).

IPv6 in Practice

  • Identify IPv6 transition mechanisms: dual stack, NAT64/DNS64, 6to4 tunneling.
  • Apply IPv6 readiness assessment for an enterprise: DNS, applications, monitoring, firewall rules.

Industry and Emerging Topics

  • Identify emerging networking topics: 5G/private 5G, SASE (Secure Access Service Edge), eBPF-based networking, programmable data planes.
  • Identify common standards bodies and references: IETF RFCs, IEEE 802.x, ICANN, RIRs (ARIN, RIPE, APNIC).
  • Apply continuous-learning sources: Cloudflare blog, Cisco DevNet, IETF working groups, NANOG mailing lists.

Networking Career

  • Identify common networking career paths: network engineer, network architect, network security engineer, cloud network engineer.
  • Identify the certification ladder: Network+ → CCNA → CCNP/CCIE; CCSP/SC-300 for cloud security overlap; AWS ANS-C01 / Azure AZ-700 / GCP PCNE for cloud focus.
  • Apply continuous-learning pacing for networking: read RFCs of relevant protocols, follow the Cloudflare and Cloud Native blogs, attend a NANOG / ONUG / RIPE meeting yearly.

Network Documentation

  • Identify the elements of good network documentation: physical diagrams, logical diagrams, IP plan, change log, DR runbook.
  • Apply documentation maintenance: link diagrams to source-of-truth (CMDB or IPAM), version-control infrastructure-as-code, attach diagrams to change requests.
  • Analyze a 'no one knows how this works' legacy network and identify the systematic recovery: discovery scans, traffic captures, interviews, and structured re-documentation.
  • Identify automation patterns for keeping network documentation fresh: scripted topology export, IPAM as source of truth, generated diagrams from infrastructure-as-code.

Scope

Included Topics

  • OSI and TCP/IP models, encapsulation, and layered protocol design.
  • IPv4 and IPv6 addressing, subnetting at conceptual depth, NAT.
  • Core protocols: TCP, UDP, ICMP, DNS, DHCP, HTTP/HTTPS, SSH, SMTP/IMAP, FTP/SFTP.
  • Network devices: switches, routers, firewalls, load balancers, IDS/IPS, WAFs.
  • Network architectures: LAN/WAN, VLANs, segmentation, DMZ, SD-WAN, software-defined networking.
  • Wireless fundamentals: Wi-Fi protocols (WPA2/WPA3), wireless threats.
  • Network services: directory services, DNS hierarchy, NTP, SMTP relay.
  • Network security at conceptual depth: firewalls, encryption in transit, network monitoring.

Not Covered

  • Hands-on device configuration (covered in vendor certifications like CCNA).
  • Subnet-mask arithmetic beyond conceptual depth.

Networks and Infrastructure Fundamentals is coming soon

Adaptive learning that maps your knowledge and closes your gaps.

Create Free Account to Be Notified