Thanks for the question Stephen, and thanks to those who have responded. Also thank you Rick – you have the best Sherlock Holmes quote for cybersecurity analysts!
I cover the networking concepts as they come up in Security+. But first, when introducing the class, I try to set the stage for student interaction.
I ask students: Who in this class is Network+ certified? I point out that most people in the class do not have Network+, and there is a lot of information in the Network+ course. (In most of my Security+ classes, less than half have had a Network+ class or certification.)
Next, I tell a quick story about my first week at college. A professor said to a student “Algebra, geometry, and trigonometry are prerequisites for this course. If you don’t understand them, you don’t belong here.” Then, I say something like: “I never wanted to ask a question in that class. This class will be different. During the time we have this week, my job is to talk in a language that everyone here can easily understand. Learning the vocabulary is essential to understanding these concepts and passing the Security+ exam. If I use a word, acronym, or term that does not make sense to you personally, please ask me to explain – even if it may be part of the prerequisites for this course. Don’t worry about whether I am making sense to anybody else. If I am not making sense to you personally, please ask a question. Also, only you can decide if you are satisfied with the answer. You have not only my permission, but also my explicit request to please let me know if you asked a question that I have not answered to your satisfaction.”
When presenting topics, I emphasize networking concepts like OSI layers, MAC vs IP addresses, which protocols are used, and so on. For Network+ topics that are relevant to Security+, I like to ask the students questions, and then build on their answers: When a workstation boots up, what servers might it need to talk to before the user can log on? Does anyone know what protocols are used for these communications? Can someone tell me if this traffic is encrypted? Is it authenticated? What TCP or UDP port does this use?