After this lesson, you will be able to: Understand why networking knowledge is the foundation of cybersecurity, what this subtrack covers, and the absolute rule that every technique here is only legal against systems you own or are authorized to test.
You cannot defend or attack what you do not understand. This subtrack teaches how computers communicate and how attackers exploit that communication: the OSI model, TCP and UDP, reading traffic with Wireshark, ARP spoofing, man-in-the-middle, SYN floods and DDoS, DNS attacks, and wireless attacks. It is prerequisite knowledge for Penetration Testing and Incident Response.
This is a free introductory lesson. No purchase required.
Almost every attack crosses a network: credentials sniffed off the wire, traffic redirected through an attacker, services flooded offline, DNS poisoned to send victims to fake sites. Defenders read packet captures to reconstruct breaches. Penetration testers map networks before they touch a single host. If you understand how the protocols actually work, the attacks and defenses stop being magic and start being obvious.
Explain every layer of the OSI model with concrete examples. Read a packet capture in Wireshark and follow a conversation. Understand and demonstrate ARP poisoning, MITM, SYN floods, and DNS attacks in a lab, and explain the defense for each. Reason about Wi-Fi security from WEP to WPA3. By the end you will have the network foundation the rest of the Cybersecurity track assumes.
Use one of three setups depending on the lab: a local VirtualBox or VMware lab with Kali as the attacker and a deliberately vulnerable VM (Metasploitable 2, DVWA) as the target; a Docker Compose network where containers play attacker and victim; or a TryHackMe room built for the specific attack. The Kali Linux and Security Lab Setup subtrack walks you through building the first one. Take a snapshot before each lab so you can reset to a clean state.