CSC 474 Syllabus #

This is the course syllabus for the Fall 2026 offering of “CSC 474 - Network Security” at North Carolina State University.

The numbered sections below (e.g., 2.5.1 Evaluation Components) correspond to the section numbers outlined in NC State’s REG 02.20.07 - Course Syllabus. Sections without numbers are additional information provided by the instructor.

Basic Information #

“CSC 474 - Network Security” introduces students to network security. Students will learn about network attacks and vulnerabilities as well as current defenses. Topics covered include cryptography, authentication protocols, firewalls, intrusion detection systems, routing and DNS security, communication privacy and anonymity, and wireless security.

This introductory course will impart a broad understanding of the underpinnings of security techniques, security best practices, and security failures. The course should help students to understand the mindsets of attackers (the bad guys and gals who do malicious things on the network) and system designers and defenders (the good guys and gals who try to stop the attackers). The course should prepare students to understand and assess security threats, become familiar with security engineering best practices, and write better software, protocols, and systems.

2.1 Basic Course Information #

Course NameNetwork Security
Course NumberCSC 474
SemesterFall 2026
Credits3
FormatIn-person, recorded
Meeting TimesTuesday, Thursday 11:45am – 1:00pm
Meeting Location2331 Fitts-Woolard Hall
InstructorProf. William Enck
- Email: whenck@ncsu.edu
- Office hours
ResourcesCourse Website, Schedule, CSC 474 Syllabus (this page), Moodle, Gradescope, Panopto, Ed Discussion

2.2 Catalog Description #

Basic concepts and techniques in information security and management such as risks and vulnerabilities, applied cryptography, authentication, access control, multilevel security, multilateral security, network attacks and defense, intrusion detection, physical security, copyright protection, privacy mechanisms, security management, system assurance and evaluation, and information warfare. Coverage of high-level concepts such as confidentiality, integrity, and availability applied to hardware, software, and data. Credit not allowed for both CSC 474 and CSC 574.

Prerequisites #

Formal:

  • CSC 230 or ECE 209, Computer Science Majors
  • Credit not allowed for both CSC 474 and CSC 574

Hardware: NC State’s Online and Distance Education provides technology requirements and recommendations for computer hardware.

2.3 Student Learning Outcome #

The goal of “CSC 474 - Network Security” is to help students understand the mindsets of attackers (the bad guys and gals who do malicious things on the network) and system designers and defenders (the good guys and gals who try to stop the attackers).

By the end of this course, students will be able to:

  • Explain concepts related to applied cryptography, including plaintext, ciphertext, symmetric cryptography, asymmetric cryptography, digital signatures.
  • Outline the requirements and mechanisms for identification and authentication of users and computer systems, including authentication protocols and key management. Identify the possible threats to each mechanism and ways to protect against these threats.
  • Explain common network and Web vulnerabilities and attacks, defense mechanisms against these attacks, and cryptographic protection mechanisms.
  • Describe the methods and motivation of Internet malware, and explain existing defense mechanisms and their limitations.

After graduation, students can use the material of this course to understand and assess security threats, become familiar with security engineering best practices, and write better software, protocols, and systems.

2.4 Course Structure #

This course meets in-person twice a week. Recordings will be provided via Panopto. Content is primarily delivered via lectures with integrated learning activities. Homework assignments provide written questions that apply knowledge taught in the classroom. Weekly hands-on exercises extend knowledge taught in the classroom. A detailed list of lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course schedule and the individual assignment pages.

Additional Materials #

Note: You should never need to pay to download an article from the reading (e.g., from the ACM Digital Library). If you are on campus, you won’t be prompted to purchase articles. If you are off campus, you can go through the University Library. Alternatively, you can use the library’s EZproxy.

Practicalities #

2.5 Grade Determination #

2.5.1 Evaluation Components #

The course evaluation will consist of 2 midterms and a final, 8 (mostly) weekly hands-on exercises, 2 homeworks, and a reading/participation component.

Optional Final Exam: Students who are happy with the average of their Exam 1 and Exam 2 grades may request to use that average in place of taking the final exam. Students must explicitly inform the instructor of this choice and receive an acknowledgment. Simply missing the final exam will result in a zero for the final exam. More details are on the exam page.

Homework Assignments: The two homework assignments will consist of written questions and are designed to help students prepare for the exams. The instructor will post the homework assignments before all of the content is covered in lectures. Students are encouraged to begin the homework early and ask questions during class or office hours. More details are on the assignment page.

Weekly Hands-On Exercises: The course will include (nearly) weekly hands-on exercises to supplement the concepts discussed in lectures. These exercises frequently provide experience with real tools and technologies. More details are on the assignments page.

Readings: As reading / participation component, the course includes readings / viewings / listenings assignments related to security. More details are on the assignments page.

2.5.2 Grading Components #

The final letter grade will be based on the final percentage from the combined grade components as outlined in the table below (this is one of the common distributions used in the UNC system and the USA, no unusual steps). REG 02.50.03 describes the grade point interpretation of letter grades.

GradeLower Bound (including)
A+97%
A93%
A-90%
B+87%
B83%
B-80%
C+77%
C73%
C-70%
D+67%
D63%
D-60%
Fbelow 60%

Incomplete Grades: Extensions may be given for assignments due to exceptional circumstances. Assignments not completed by the end of the course will receive a grade of zero unless the student requests an Incomplete (IN) grade and a reasonable plan of completion is agreed upon with the instructor.

2.5.3 Credit Only Course #

Credit-only grading is not available for courses at the 500 and 700 level (see REG 02.20.15).

2.5.4 Auditing #

See REG 02.20.04.

2.6 Course Schedule #

See course schedule for a detailed listing of topics and dates. Note that the schedule is subject to change as the semester evolves.

2.6.1: Major topics and approximate time allocated to each are provided in the course schedule and topics list.

2.6.2: The following are initial dates for exam and due dates (subject to change):

  • Exams
  • Homework
    • HW0 Homework 0, due Fri, Aug 21 - 11:59pm
    • HW1 Homework 1, due Fri, Sep 18 - 11:59pm
    • HW2 Homework 2, due Fri, Oct 30 - 11:59pm
  • Exercices and Readings: generally due Friday 11:59pm (see schedule for details)
    • E01 Exercise 01 and R01 Reading 01, due Fri, Sep 4 - 11:59pm
    • E02 Exercise 02 and R02 Reading 02, due Fri, Sep 11 - 11:59pm
    • E03 Exercise 03 and R03 Reading 03, due Fri, Oct 2 - 11:59pm
    • E04 Exercise 04 and R04 Reading 04, due Fri, Oct 9 - 11:59pm
    • E05 Exercise 05 and R05 Reading 05, due Fri, Oct 16 - 11:59pm
    • E06 Exercise 06 and R06 Reading 06, due Fri, Oct 23 - 11:59pm
    • E07 Exercise 07 and R07 Reading 07, due Thu, Nov 19 - 11:59pm
    • E08 Exercise 08 and R08 Reading 08, due Fri, Nov 20 - 11:59pm

2.6.3: No required field trips or other out-of-class activities.

2.6.4: No laboratory, studio, problem session, or other component meetings.

2.7 Student Expenses #

There are no expected additional student expenses for this course.

2.7.1: All required texts are freely available (but might require access from the university network).

2.7.2: No other required expenses like museum admission fee, field trip costs, or liability insurance.

2.8 Late Assignments #

  • Out of class assignments may be submitted up to 48 hours after the deadline without penalty.
  • After 48 hours, each additional 24 hour period will result in a final score reduction of 25% (and assignments might need to be submitted directly to the instructor via email).
  • Note that a late submission might result in (not intentional) delayed grading or insufficient time to schedule an office appointment.
  • Students with legitimate reasons (university excused absence, illness, major research deadline) may request an additional extension from the instructor via email before the original deadline.

2.9 Attendance / Absence Policy #

2.9.1: The instructor will not take any formal attendance for class meetings. Attendance checks might be introduced after announcement if attendance falls below a sustainable level for in-class activities. Participation will be assessed via a class participation component. Students missing class should consult the recordings or classmates on missed material.

2.9.3: The university policy on excused absences will be observed (see REG 02.20.03). The students are responsible for discussing makeup exams if they miss exams due to excused absence. The instructor will choose a mutually agreed date and time for the makeup exam. Late submission of homework assignments due to excused absences is not subject to the policies on late assignments.

Rules, Regulations, and Resources #

Students are responsible for reviewing the NC State University PRR’s which pertains to their course rights and responsibilities:

2.10 Academic Integrity #

Students are required to comply with the university policy on academic integrity found in the Code of Student Conduct. Therefore, students are required to uphold the university pledge of honor and exercise honesty in completing any assignment.

Please refer to the Academic Integrity web page for a detailed explanation of the University’s policies on academic integrity and some of the common understandings related to those policies.

Course-Specific Academic Integrity Policy #

You may obtain copies of the NCSU Code of Student Conduct from the Office of Student Conduct. Students are also strongly encouraged to review the ACM Code of Ethics and Professional Conduct. For additional information, visit studentconduct.ncsu.edu.

  • Note that students are explicitly forbidden to copy anything off the Internet (e.g., source code, text) for the purposes of completing an assignment or project. Also, students are forbidden from collaborating on any assignment except were explicitly allowed in writing by the instructor.
  • Content generated by an Artificial Intelligence third-party service or site (AI-generated content) without proper attribution or authorization is considered a form of plagiarism. Use an AI text generator only if the assignment explicitly calls for it or allows it, and follow specific assignment guidelines to disclose which text or code comes from the AI.
  • Students are welcome and encouraged to discuss project activities (unless otherwise directed by the assignment). However, this discussion should be at a high-level and code or text should not be shared.
  • Exam content (questions OR answers) may not be discussed with other students.
  • Students are explicitly forbidden from copying the work of others (with or without superficial modification). This includes Internet or text sources for code or prose. One exception is snippets of code (up to 5 lines) from reference sources (like man pages or library documentation). Snippets copied from references should be cited with a code comment.

Use of AI Tools: This course recognizes the potential of artificial intelligence (AI) tools, such as chatbots, text generators, paraphrasers, summarizers, or solvers, to enhance your learning and creativity. You are welcome to use AI tools as supplementary resources to assist you with your assignments in accordance with the specificed policies for the assignment. We may also integrate AI Tools into some of our assignments. This means that you must:

  • Use AI tools only for tasks that are appropriate for your level of learning and understanding. Do not use AI tools to replace your own thinking or analysis, or to avoid engaging with the course content.
  • Cite any AI tools you use properly, following the citation style specified by the instructor. If no citation style is specified, provide the name of the AI tool, the date of access, the URL of the interface, and the specific prompt or query you used to generate the output. For example:
Bing. Prompt: “Recent high quality instructional materials for teaching algebra to college students.”
Accessed August 1, 2023. https://www.bing.com/chat.
  • Provide evidence of how you used the AI tool and how it contributed to your assignment. Explain what you learned from the AI tool, how you verified its accuracy and reliability, how you integrated its output with your own work, and how you acknowledged its limitations and biases.
  • Take full responsibility for any mistakes or errors made by the AI tool. Do not rely on the AI tool to produce flawless or correct results. Always check and edit the output before submitting your work. If you discover any inaccuracies or inconsistencies in the output after submission, notify the instructor immediately and correct them as soon as possible.
  • If you are working on a group assignment, discuss the use of AI tools with your group members and agree to how you plan to use them and how you will be transparent with the instructor regarding their use.
  • Using AI tools in an unethical or irresponsible manner, such as copying or paraphrasing the output without citation or evidence, using the output as your own work without verification or integration, or using the output to misrepresent your knowledge or skills, is considered a form of academic dishonesty and will result in a zero grade for the assignment and possible disciplinary action. If you have any questions about what constitutes ethical and responsible use of AI tools, please consult with the instructor before submitting your work.

Violations: The instructor expects honesty in the completion of test and assignments. For everyone’s sake, the instructor has a zero tolerance policy for violations of academic integrity, which include but are not limited to plagiarism and unapproved collaboration. The instructor may use automated techniques, including services like TurnItIn, on student submissions.

In case of an incident, university, college, and department policies against academic dishonesty will be strictly enforced. The penalties for academic misconduct will include assigning at least a negative grade and referring the student to the appropriate University bodies for possible further action.

If a student is in doubt about the conduct of themselves or others, the instructor welcomes questions about this policy. In this case, it is far better to ask permission, as there will not be forgiveness of academic misconduct. It is the understanding and expectation of instructor that the student’s signature on any test or assignment means that the student neither gave nor received unauthorized aid.

Non-Discrimination Policy #

NC State provides equal opportunity and affirmative action efforts, and prohibits all forms of unlawful discrimination, harassment, and retaliation (“Prohibited Conduct”) that are based upon a person’s race, color, religion, sex (including pregnancy), national origin, age (40 or older), disability, gender identity, genetic information, sexual orientation, or veteran status (individually and collectively, “Protected Status”).

Additional information as to each Protected Status is included in NCSU REG 04.25.02 (Discrimination, Harassment and Retaliation Complaint Procedure). NC State’s policies and regulations covering discrimination, harassment, and retaliation may be accessed at POL 04.25.05 or https://oied.ncsu.edu/divweb/. Any person who feels that he or she has been the subject of prohibited discrimination, harassment, or retaliation should contact the Office for Equal Opportunity (OEO) at 919-515-3148.

Basic Needs Security #

Any student who faces challenges securing their food or housing or has other severe adverse experiences and believes this may affect their performance in the course is encouraged to notify the professor if you are comfortable in doing so. Alternatively, you can contact the Division of Academic and Student Affairs to learn more about the Pack Essentials program.

2.11 Disability Resources #

Reasonable accommodations will be made for students with verifiable disabilities. In order to take advantage of available accommodations, students must register with the Disability Resource Office at Holmes Hall, Suite 304,Campus Box 7509, 919-515-7653.

For more information on NC State’s policy on working with students with disabilities, please see the Academic Accommodations for Students with Disabilities Regulation (REG02.20.01)

2.12 Digital Course Components #

2.12.1: The following sites or online services are used in this course:

Note that in-class sessions are recorded and distributed via Panopto. In-class sessions are recorded in such a way that might also record students in this course. These recordings MAY be used beyond the current semester or in any other setting outside of the course. Contact your instructor if you have concerns.

2.12.2: Code submissions are checked for originality using the available tools from the submission system.

2.12.3: Note that instructors are not responsible for ensuring privacy or accessibility of electronic materials that are not required components of the course (e.g., links to supplemental information that is not part of the required reading list).

2.12.4: Students may be required to disclose personally identifiable information to other students in the course, via digital tools, such as email or web-postings, where relevant to the course. Examples include online discussions of class topics, and posting of student coursework. All students are expected to respect the privacy of each other by not sharing or using such information outside the course.

2.13 Change Communications #

Changes made to the method of instructional delivery, course structure, course schedule, number of assignments, grading, or other aspects of the course after the start of the term are communicated to students in written form and highlighted in the syllabus:

2.14 Transportation #

This course is entirely situated on-campus. There is no additional transportation required beyond getting to the class room.

2.15 Safety and Risk Assumption #

This course does not include laboratory work, physical activities, or field trips that may involve a level of safety training and/or assumption of risk.

2.16 Additional Rules and Regulations #

Ethics in Security Statement #

This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services.

Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class. This is a very serious issue – violations may not just be immoral, they may violate federal laws.

When in doubt, please contact the course professor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from the instructor.

Course Evaluations #

ClassEval is the end-of-semester survey for students to evaluate instruction of all university classes. The current survey is administered online and includes 12 closed-ended questions and 3 open-ended questions. Deans, department heads, and instructors may add a limited number of their own questions to these 15 common-core questions.

Each semester students’ responses are compiled into a ClassEval report for every instructor and class. Instructors use the evaluations to improve instruction and include them in their promotion and tenure dossiers, while department heads use them in annual reviews. The reports are included in instructors’ personnel files and are considered confidential.

Online class evaluations will be available for students to complete during the last two weeks of the semester for full semester courses and the last week of shorter sessions. Students will receive an email directing them to a website to complete class evaluations. These become unavailable at 8am on the first day of finals.

Syllabus Modification Statement #

This syllabus represents a flexible agreement. It outlines the topics we will cover and the order we will cover them in. Dates for assignments represent the earliest possible time they would be due. The pace of the class depends on student mastery and interests. Thus minor changes in the syllabus can occur if we need to slow down or speed up the pace of instruction.

Further Resources #

The ITECS help desk provides assistance with locating, licensing, and installing engineering-specific software. For technical support, you can reach ITECS via email at eoshelp@ncsu.edu, by phone at 919-515-2458, or by visiting one of the on-campus help desk locations.

Topics #

  1. Course Introduction
  2. Security Fundamentals
  3. Symmetric Cryptography
  4. Hashes and MACs
  5. Asymmetric Cryptography
  6. Key Management
  7. Authentication Protocols
  8. User Authentication
  9. Transport Layer Security
  10. Networking Background
  11. TCP/IP Attacks
  12. Malware
  13. Firewalls & Zero Trust
  14. VPNs & Modern Alternatives
  15. Intrusion Detection Systems
  16. Routing Security
  17. DNS Security
  18. Wireless Security
  19. Cloud Security
  20. Web Security
  21. Anonymous Communication