Skip to main content Skip to navigation

Security Architectures and Network Defence

This is a course module on both MSc Cyber Security and Management and MSc Cyber Security Engineering.

This module is one of the eight modules required for the GCHQ Master's certification.


This module is designed to be the first module that is studied by students on MSc Cyber Security and Management. It defines the cyber security context and introduces a broad range of cyber security terminology in order for students to comprehend future study concerning the cyber domain.

It is assumed that students will already have some background in conventional, potentially insecure, data networks that is patchy and worthy of review. In particular, IPv4, and TCP / UDP are thoroughly covered, supported by extensive analysis of traffic flows using visualisation tools such as Wireshark.

Core concepts of cyber security (CIA – confidentiality, integrity, availability; AAA – authentication, authorisation, accounting; etc) are introduced in the contexts of several, generic asset configurations and potential threats (malware, phishing, social engineering).

Security architectures to segregate differing trust domains via security devices, especially stateful packet filtering firewalls, are introduced and analysed, together with the mindset that any particular defence will fail at some point, necessitating layered defence in depth.

The complexities of managing the relationship between the desired network security posture and the true network security posture is examined from the perspectives of testing, monitoring and audit.

The overall aim of the module is for students to comprehend the common security controls available to prevent, detect and recover from network security incidents and to mitigate risk.

Principal Learning Outcomes

  • use terminology appropriately to describe current research in the cyber security domain.
  • critically analyse a network configuration (using tools as appropriate) in order to identify its security posture.
  • formulate recommendations for stakeholders at various levels within an organisation, to harden network infrastructure to achieve a desired security posture.

Other useful information

This module is delivered in an intensive one-week block of directed tuition (nominally 40 hours). Students will be based in the WMG Cyber Security Centre, with most taught sessions taking place in our specialist cyber security and forensics laboratory / classrooms.

Formal assessment for this module typically comprises:

  • a lab-based assessment, taking place during taught sessions (20%)
  • a report, to be submitted after the taught module period (80%)

There are no pre-requisites for this module. Students who are choosing this module as part of a course other than MSc Cyber Security and Management are welcome to seek preparatory advice.

The MSc Cyber Security and Management course team regularly reviews the content provided here for currency and accuracy. Please do get in touch with any queries.Contact:

Please note: the details of this module are correct for the current year of study and may be subject to change for future years.