AP Networking: Securing Your Network

HomeAP Networking › AP Networking: Securing Your Network
AP Networking · Pilot Framework V.1 Unit 2 · Topic 2.6

AP Networking: Securing Your Network

Applying layered defenses to a SOHO network and verifying they protect it without cutting off legitimate users, defense in depth made concrete.

Topic 2.6 is the action half of network security: applying layered defenses to a SOHO network, then verifying they protect it without cutting off legitimate use. This is where defense in depth becomes concrete.

Layered Network Defenses

No single control secures a network. Defense in depth combines several so that the failure of one is caught by another.

  • Strong, unique wireless credentials and changing default router passwords, the most basic and most often skipped step.
  • Up-to-date firmware on the router and access point to close known weaknesses.
  • A firewall filtering traffic between the network and the internet.
  • Encryption of wireless traffic so intercepted signals are unreadable.
  • Segmentation and guest networks to limit what any one device can reach.
  • Monitoring to detect unusual activity, the detective layer.

Matching Controls to the Risks You Identified

Every control should answer a risk identified in Topic 2.5. Securing a network is not about applying every possible control; it is about applying the right ones where the risk is greatest, and balancing confidentiality, integrity, and availability.

Identified risk Matching control
Unauthorized wireless access Strong unique credentials and encryption
Compromised device spreading Segmentation and guest isolation
Attacks on the router Changed default password, updated firmware
Undetected intrusions Monitoring and alerts

Verifying Without Cutting Off Legitimate Use

The Secure skill requires confirming that controls mitigate the risk while preserving access and availability. A network locked down so tightly that authorized users cannot work has failed.

  • Test that the control blocks the threat it targets.
  • Confirm legitimate users and devices still function.
  • Document what was applied so it can be maintained and reviewed.

Security and usability are not opposites to be traded off blindly; the goal is the strongest protection that still lets the right people do their work.

Practice Questions

A small office wants layered defense so a single failed control does not expose the whole network. Which choice BEST reflects defense in depth?
  • A. Relying entirely on one strong firewall
  • B. Combining a firewall, strong credentials, segmentation, and monitoring
  • C. Giving every employee administrator rights
  • D. Turning off logging so attackers cannot read it
Answer: B. Defense in depth layers independent controls so one failure is caught by another. A single firewall is one point of failure; universal admin rights and disabling logging weaken security.
After tightening network security, a technician confirms the new rules block the threat AND that staff can still do their work. Which Secure-skill requirement does the second check satisfy?
  • A. Identifying the vulnerability
  • B. Verifying the control preserves access and availability
  • C. Documenting the network diagram
  • D. Determining the attack surface
Answer: B. Confirming legitimate users can still work verifies that the control mitigates the risk without destroying access and availability, an explicit part of the Secure skill.

Frequently Asked Questions

How do I secure a SOHO network?

Layer defenses: strong unique credentials, updated firmware, a firewall, encryption, segmentation and guest isolation, and monitoring. No single control is enough.

What is defense in depth on a network?

Combining several independent controls so that the failure of one is caught by another, rather than relying on a single firewall or password.

How do I verify network security without breaking it?

Test that the control blocks its threat, confirm legitimate users can still work, and document what was applied for maintenance.

Keep Studying

Topic 2.5: Network Security NeedsIdentify risks before securing.Topic 1.4: Securing Your DeviceDevice-level defenses.Network Security FundamentalsThe core security ideas behind these controls.

Practice What You Learned

Test yourself with the full interactive AP Networking practice exam.

Take the Practice Exam Study Guide

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]