
This course includes our updated coding exercises so you can practice your skills as you learn.
See a demo
This is the third course in a five-part series on network communication, which includes the following modules: Networks Fundamentals, The power of Wireshark, TCP/IP and beyond!, Network Communication Programming with Python and Cyber Attack Analysis. Together, these courses provide a comprehensive foundation in networking, combining theoretical knowledge with hands-on skills for analyzing, building, and defending networked systems. This "Understanding cybersecurity" series is designed for students who wish to develop a deep and practical understanding of how modern networks operate, how data flows across systems, and how vulnerabilities in these networks can be detected and mitigated.
This third course: Understanding Cybersecurity part 3 - TCP/IP and beyond! provides a solid foundation and know-how across the most important protocols of the network - the Internet Protocol (IP), the Transmission Control Protocol (TCP) and various application-level protocols. It covers IP addressing and subnetting, message fragmentation and routing concepts, as well as ICMP (Internet Control Message Protocol) messages which support diagnostics and error reporting. It describes in detail both connection-oriented (TCP-based) and connectionless (UDP-based) application protocols, emphasizing their differences in reliability, flow control, congestion handling, and supporting use cases, including HTTP/HTTPS, DNS and DHCP, examining how they use symmetric and asymmetric encryption and operate over UDP and TCP to enable modern Internet communication.
Building on the foundation from the first and second courses, students will use Wireshark extensively to capture and dissect IP, TCP and application level packets, interpret sequence and acknowledgment numbers, analyze TCP’s three-way handshake, and understand connection teardown. Special attention will be given to TCP reliability mechanisms such as retransmissions, flow control, and congestion control, along with common TCP and IP-based attack vectors, including spoofing, scanning, and denial-of-service (DOS) techniques. Students will gain practical experience in capturing, filtering, and dissecting application-layer traffic, distinguishing normal application level usage patterns from anomalies, and understanding the role of each protocol in end-to-end communication. Through hands-on labs, students will understanding their underlying encryption framework, and learn how to reconstruct application-level exchanges, trace protocol handshakes, and evaluate performance or failure conditions.
The course builds a strong foundation for understanding encrypted transmission, recognizing attack signatures, as well as testing protocol resilience, and prepares for advanced topics in secure network design and intrusion prevention covered in the subsequent courses of the series.