CYB-220 teaches students about common network-based attacks and how to defeat them, exploring the use of intrusion detection and prevention technologies and information flow controls to protect networked systems. Course competencies include describing the basic concepts and uses of virtual systems and networks, and describing the fundamental principles and practices of intrusion detection and prevention. The course requires CYB-200 and CYB-210 as prerequisites.
Building directly on networking foundations
CYB-220's prerequisite chain (CYB-200, CYB-210) reflects that network security genuinely requires the foundational cybersecurity concepts and networking architecture knowledge built in those earlier courses before students can meaningfully secure a network.
Detection and prevention as complementary defenses
The course covers both intrusion detection (recognizing an attack is happening) and intrusion prevention (actively stopping it), treating these as complementary layers of defense rather than either alone being sufficient.
Key topics in CYB220
- Common network-based attacks
- Intrusion detection technologies
- Intrusion prevention technologies
- Information flow controls
- Virtual systems and networks
- Defending networked systems from attack
Working on your CYB-220 assignments?
Our writers help with CYB-220 network security assignments and intrusion detection/prevention projects.
Worked example: detection and prevention working together
- Detection alone: Recognizing an attack occurred, but only after the fact
- Prevention alone: Blocking known attack patterns, but potentially missing novel ones that detection would flag
- Lesson: CYB-220 teaches that combining both detection and prevention provides layered defense that neither alone can achieve
Related courses
Frequently asked questions
Securing a network against attacks genuinely requires first understanding foundational cybersecurity threat concepts (from CYB-200) and how networks are actually architected and configured (from CYB-210), since intrusion detection and prevention techniques only make sense in the context of understanding what normal network behavior looks like and what threats specifically target. CYB-220 requires both prerequisites because network security is applied knowledge that builds directly on these two foundational areas together.
Detection and prevention serve complementary defensive purposes — prevention technologies block known attack patterns before they succeed, while detection technologies can flag novel or sophisticated attacks that evade prevention measures, catching what prevention alone might miss — and relying on only one leaves genuine security gaps. CYB-220 covers both because comprehensive network security requires this layered approach, not a single defensive technique alone.