Network and Security – Foundations – D315 introduces the core concepts behind modern computer networks and cybersecurity. Instead of focusing on configuring enterprise networks or performing advanced security analysis, the course builds the knowledge required to understand how devices communicate, how data moves across networks, and how organizations protect digital systems from common threats.
The course is part of several IT degree programs at Western Governors University (WGU) and serves as a foundation for more advanced networking, cloud computing, system administration, and cybersecurity courses. Whether your goal is to become a network administrator, security analyst, cloud engineer, or IT support specialist, the concepts covered in D315 appear throughout nearly every area of information technology.
This guide explains the major topics covered in the course, highlights the concepts that deserve extra attention, and provides practical study advice to help you prepare for the Objective Assessment.
What Is Network and Security – Foundations – D315?
Network and Security – Foundations – D315 is an introductory course designed to help students understand how computer networks operate and why security is essential in modern IT environments. Rather than teaching students how to configure enterprise-grade equipment, the course focuses on understanding networking principles, security concepts, and industry best practices.
Students learn how computers exchange information across local and global networks, how common network devices perform different functions, and how organizations secure sensitive information from cyber threats.
The course also introduces several industry standards developed by regulatory bodies to ensure global interoperability. Understanding these standards helps students recognize that networking and cybersecurity follow globally accepted frameworks rather than company-specific practices.
- Institute of Electrical and Electronics Engineers (IEEE): Defines local area networking technologies, establishing standards such as IEEE 802.3 for wired Ethernet and IEEE 802.11 for Wi-Fi configurations.
- Internet Engineering Task Force (IETF): Documented via Request for Comments (RFC) publications, this body defines internet protocols including TCP/IP, DNS, and HTTP to preserve open communication structures.
- National Institute of Standards and Technology (NIST): Provides federal cybersecurity guidance, risk management frameworks, and cryptographic standards widely adopted by the private sector to secure critical infrastructure.
- International Organization for Standardization (ISO): Develops internationally recognized security management standards, including the ISO/IEC 27001 framework for information security management systems.
By completing D315, students should be able to:
- Explain how computer networks transmit data.
- Identify the purpose of common networking devices.
- Understand how internet protocols enable communication.
- Recognize common cybersecurity threats.
- Apply basic security principles to protect systems and networks.
- Build a foundation for more advanced networking and cybersecurity courses.
What You’ll Learn in Network and Security – Foundations – D315
Although D315 introduces many networking and security concepts, the course emphasizes understanding how different technologies work together instead of memorizing isolated definitions.
Networking Fundamentals
Every computer network exists to allow devices to exchange information. Whether you are accessing a website, sending an email, or joining a video meeting, your device communicates through a network.
One of the first topics covered is the different types of computer networks, classified primarily by their geographic scale.
- LAN (Local Area Network): Connects devices within a limited geographic area, such as a single home, school, or office building, utilizing high-speed wired or wireless connections.
- WAN (Wide Area Network): Spans large geographic regions, connecting multiple LANs across cities, states, or countries. The internet is the largest public WAN in existence.
- MAN (Metropolitan Area Network): Covers a geographic area larger than a LAN but smaller than a WAN, typically serving a town, city, or municipal region.
- PAN (Personal Area Network): Centered around a person within a short range, typically under 10 meters, such as a smartphone connected to wireless earbuds via Bluetooth.
Students also learn common network topologies, which describe how devices are physically or logically connected.
The most common enterprise architecture is the star topology, where every individual node connects directly to a central switch. Businesses prefer this design because a single cable failure usually affects only one device instead of disabling the entire network segment.
- Bus Topology: Uses a single central cable, known as the backbone, to connect all devices, making the entire network vulnerable to a single break in that cable.
- Ring Topology: Connects devices in a circular loop, passing data sequentially from one node to the next, meaning a failure in one station can disrupt the whole ring.
- Mesh Topology: Features redundant interconnections between nodes, ensuring that alternative paths exist if a specific link fails, which maximizes fault tolerance.
- Hybrid Topology: Combines two or more distinct topological structures to balance performance, cost, and redundancy requirements.
Another important topic is network hardware, where each device performs a specific function within the infrastructure.
- Router: Connects completely different networks and directs packets across internetworks based on logical routing paths.
- Switch: Connects devices within the same local network, using physical hardware addresses to inspect and forward data efficiently.
- Hub: A legacy device that broadcasts incoming data to every connected port without filtering or path determination, creating high collision rates.
- Access Point: Extends a wired infrastructure by providing wireless radio connectivity to network client devices.
- Modem: Converts digital data from a computer into analog signals for transmission over public utility lines, and vice versa.
- Firewall: Filters inbound and outbound network traffic based on predefined security rules to block unauthorized entry.
Understanding the operational difference between routers and switches is particularly important for the assessment.
A switch forwards data between devices on the same local network using MAC addresses, while a router connects separate networks using IP addresses.
For example, when two computers in the same office exchange files, the switch handles that communication locally. When one of those computers accesses an external cloud server, the router forwards that traffic out to the public internet.
Network Communication
Once students understand network hardware, D315 explains how information travels between devices.
The OSI (Open Systems Interconnection) model divides network communication into seven layers. Instead of treating networking as one large process, the OSI model separates communication into smaller functions, making troubleshooting easier.
- Layer 7 – Application: Provides network services directly to end-user applications, such as web browsers or email clients.
- Layer 6 – Presentation: Formats, encrypts, and compresses data to ensure it can be read by the receiving system.
- Layer 5 – Session: Manages, maintains, and terminates communication sessions between applications on different devices.
- Layer 4 – Transport: Provides reliable or fast data delivery using mechanisms like flow control and error checking.
- Layer 3 – Network: Determines the best logical path for data and handles routing using logical addressing.
- Layer 2 – Data Link: Transfers data between devices on the same local network segment and handles physical framing.
- Layer 1 – Physical: Transmits raw, unstructured electrical, optical, or wireless signals over physical media.
The course also introduces the TCP/IP model, which forms the actual architectural foundation of today’s internet. Unlike the OSI reference framework, TCP/IP represents the practical protocol suite implemented in modern operating systems.
The four TCP/IP layers are:
- Application
- Transport
- Internet
- Network Access
Students should understand how these layers correspond directly to the OSI model rather than attempting to memorize them independently. The TCP/IP Application layer combines the functions of OSI Layers 5, 6, and 7, while the Network Access layer encompasses OSI Layers 1 and 2.
Another major topic is IP addressing, as every device connected to a network requires an identifier so data can reach the correct destination.
D315 introduces both IPv4 and IPv6.
IPv4 uses 32-bit addresses expressed in dotted-decimal format and supports approximately 4.3 billion unique addresses. As internet-connected devices increased exponentially, available public IPv4 addresses became entirely depleted.
To address this structural limitation, the Internet Engineering Task Force standardized IPv6, introducing 128-bit addresses expressed in hexadecimal format, which are capable of supporting an almost unlimited number of unique devices.
Students should also understand:
- Public vs. Private IP Addresses: Public addresses route across the global internet, whereas private addresses are reserved for internal local networks and cannot be routed publicly without translation.
- Static vs. Dynamic Addressing: Static addresses are manually assigned to permanent infrastructure like servers, while dynamic addresses are leased temporarily to client devices.
- Basic Subnet Concepts: Subnet masks split an IP address into network and host portions, allowing organizations to segment networks for performance and security.
- Default Gateways: The local router interface that an endpoint uses to send traffic outside its immediate local area network.
Another essential topic is network protocols, which define the explicit rules allowing heterogeneous computers to exchange information consistently.
- HTTP (Port 80): Transfers unencrypted web pages across the internet.
- HTTPS (Port 443): Secures web communication using cryptographic transport encryption.
- DNS (Port 53): Converts human-readable domain names into numerical IP addresses.
- DHCP (Ports 67/68): Automatically assigns IP addresses and network configurations to joining client hosts.
- FTP (Port 21): Transfers files between systems but lacks native encryption controls.
- SSH (Port 22): Provides an encrypted, secure command-line channel for remote device administration.
- SMTP (Port 25): Handles the transmission and routing of outgoing email messages between mail servers.
- IMAP (Port 143): Retrieves email from a central server while keeping the source messages synchronized on the server.
Rather than memorizing port numbers in isolation, students should understand how these protocols support everyday internet activities. For instance, when you enter a URL into a browser, DNS first translates that domain name into an IP address before HTTPS securely pulls the webpage assets from the destination server.
Security Fundamentals
Networking alone is not enough to protect organizational systems. Every connected device introduces potential security risks, making cybersecurity an essential part of modern network design.
One of the first security concepts introduced in D315 is the CIA Triad, a foundational framework that guides security programs worldwide.
- Confidentiality: Preventing unauthorized access to sensitive information through access controls and encryption.
- Integrity: Ensuring that data remains accurate, complete, and unaltered during processing or transmission.
- Availability: Keeping systems, networks, and operational information fully accessible when authorized users require them.
Organizations must carefully balance all three principles. Encrypting customer records supports confidentiality, implementing hashing or file integrity monitoring maintains integrity, and maintaining redundant backup power systems improves availability after hardware failures.
Students also learn the operational difference between authentication and authorization.
Authentication verifies a user’s identity through credentials like passwords or biometrics. Authorization determines what specific resources the authenticated user is permitted to access within the system. An employee may successfully sign into a corporate network via authentication but still lack the proper authorization to view payroll data.
Encryption is another foundational security topic covered in this course. It converts readable plaintext into ciphertext so unauthorized individuals cannot understand intercepted data.
D315 introduces two primary encryption methods:
- Symmetric Encryption: Uses a single shared secret key for both encryption and decryption, making it highly efficient for protecting large volumes of stored data.
- Asymmetric Encryption: Uses a mathematically linked key pair consisting of a public key and a private key. This approach allows secure communication across open networks without sharing secret keys beforehand.
The course also explains how firewalls protect networks by monitoring traffic and allowing or blocking connections according to predefined security rules. Modern organizations deploy firewalls at multiple layers, including network perimeters, cloud environments, and host endpoints, creating a defense-in-depth model that works alongside antivirus software and monitoring solutions.
Common Cybersecurity Threats
Every organization connected to the internet faces security risks. Understanding these threats helps IT professionals recognize suspicious activity and reduce potential damage.
Malware refers to software intentionally designed to harm systems, disrupt operations, or steal information.
- Virus: Attaches itself to legitimate executable files and spreads when a user runs those infected programs.
- Worm: Spreads independently across network connections without requiring any human interaction or host file execution.
- Trojan: Disguises itself as legitimate software while secretly executing malicious payloads in the background.
- Ransomware: Encrypts vital file systems and demands financial payment to restore administrative access.
- Spyware: Secretly tracks user behavior, keystrokes, and credential inputs without the user’s knowledge.
Not every attack depends on malicious code, as many successful cyberattacks target human psychology instead of technological vulnerabilities.
Phishing attempts to trick users into revealing credentials or financial details through fraudulent emails or websites. Social engineering extends beyond phishing by manipulating trust, urgency, or authority to convince individuals to bypass established physical or technical security procedures.
Organizations continue to invest heavily in security awareness training because human error remains a leading cause of data breaches. According to global industry reporting, phishing and compromised credentials consistently rank among the most common initial attack vectors observed in enterprise incidents.
Another critical concept is the insider threat. Unlike external attackers, insiders already possess authorized access to organizational systems. This risk may result from malicious intent, negligence, or simple accidental mistakes, making user access management and continuous monitoring critical components of organizational defense.
How the D315 Objective Assessment Is Structured
The D315 Objective Assessment measures your structural understanding of networking and security concepts rather than your hands-on command-line configuration ability. Questions evaluate whether you can recognize technologies, identify how network components interact, and apply security principles to common scenarios.
The assessment typically includes questions covering:
- Networking fundamentals and topologies
- OSI and TCP/IP model layer interactions
- IPv4/IPv6 addressing principles
- Core application protocols and default port associations
- Network hardware deployment
- The CIA Triad and access control mechanisms
- Malware categories and social engineering techniques
- Symmetric and asymmetric encryption use cases
- Wireless security standards
Scenario-based questions are common. For example, instead of asking for a textbook definition of DNS, a question might describe an environment where users can access internal servers by IP address but cannot access internet websites by their domain names, requiring you to identify a DNS resolution failure as the root cause.
How to Study for the D315 Course
A structured study plan is far more effective than trying to memorize every topic in one sitting. Since networking concepts build on one another, learning them in the correct sequential order makes the material easier to digest.
A practical study sequence is:
- Learn network types, topologies, and basic hardware devices.
- Study the architectural layers of the OSI and TCP/IP models.
- Understand IP addressing formats, public/private distinctions, and gateways.
- Learn common application protocols and associate them with their default ports.
- Study security principles including the CIA Triad, authentication, and encryption methods.
- Review common cyber threats, malware types, and network defense tools.
- Complete practice questions to identify specific weak areas.
When studying, focus on explaining each concept in your own words. If you can describe how a router forwards traffic across networks or why HTTPS is more secure than HTTP without looking at your notes, you have successfully understood the underlying topic.
Drawing diagrams can also improve retention. Sketching the OSI model, labeling network devices, or tracing how a web request travels from a local computer to a remote web server helps connect multiple independent concepts into a single visible process.
Core Networking and Security Topics Covered in D315
OSI Model and TCP/IP Model
Many students confuse these two models because they both describe network communication. The OSI model is a seven-layer conceptual framework used for teaching and troubleshooting, while the TCP/IP model is a four-layer architecture that matches the actual protocol implementations used on the modern internet. Focus on how they align rather than trying to memorize them as completely separate systems.
IP Addressing
You are unlikely to perform advanced subnet calculations in D315, but you must understand why subnetting improves network organization, performance, and security. Ensure you know the difference between public addresses that route across the internet and private addresses used to preserve address space inside a corporate network.
Network Protocols
Protocols are much easier to remember when connected to real-world activities. Do not just memorize port numbers out of context; instead, associate each protocol with the specific service it provides, such as using SSH for secure remote command-line access or DHCP for automated network IP provisioning.
Routing and Switching
Students often confuse routers and switches because both direct network traffic. Remember that a switch operates within a local area network to connect local nodes using MAC addresses, whereas a router operates between separate networks to forward packets across internetworks using IP addresses.
Encryption
Encryption questions focus on choosing the appropriate method based on operational needs. Remember the core distinction: symmetric encryption uses a single shared key and is optimized for speed and bulk data at rest, while asymmetric encryption uses a public/private key pair to securely exchange keys and authenticate identities over open networks.
How D315 Compares With Industry Certifications
While D315 covers foundational concepts, it is an academic course rather than a direct professional certification exam preparation path.
The closest industry comparison is CompTIA Network+, which focuses on networking technologies, infrastructure, troubleshooting, and network operations. D315 introduces many of the same foundational topics, including network devices, communication models, addressing, and basic routing principles.
The course also overlaps with CompTIA Security+ by introducing core cybersecurity principles such as the CIA Triad, access control models, encryption methods, malware categories, and social engineering. However, Security+ explores these topics in much greater technical depth, incorporating governance, incident response, and enterprise security architecture.
Think of D315 as the foundation upon which certifications like Network+ and Security+ are built. Students who master D315 concepts usually find future certification studies much more approachable because they already understand the underlying networking and security vocabulary.
Frequently Asked Questions
Is Network and Security – Foundations – D315 difficult?
For students without previous IT experience, D315 can feel challenging because it introduces a large volume of technical terminology. However, the course focuses on foundational comprehension rather than advanced enterprise network administration, making it manageable with consistent study.
Do I need networking experience before taking D315?
No, the course is designed for beginners and assumes no prior networking background. Understanding basic computer operation is helpful, but professional field experience is not required to pass.
How long does it take to complete D315?
Completion time varies based on your background and study schedule. Students with prior technology experience may accelerate through the course within a few weeks, while beginners typically benefit from studying over a four-to-six-week period to build a strong grasp of the material.
Which topics should I study first?
Start with networking fundamentals, including network types, hardware devices, and communication models. Once those concepts are clear, move into IP addressing, protocols, and security principles before reviewing malware threats and defensive controls.
Why is the OSI model important if real networks use TCP/IP?
The OSI model provides a standardized, granular framework for understanding and troubleshooting network communication. Even though modern networks rely on the TCP/IP protocol suite, IT professionals use the OSI model to isolate network issues systematically by layer.