Networking & Cyber Security

The Year 11โ€“12 Ultimate Study Guide
BSSS Technologies Framework ยท ACT Senior Secondary ยท ATAR-ready ยท Real-world > definitions
This guide is split into 21 focused chapters across 5 parts. Each chapter is a separate page so you can study one topic at a time without scrolling through the whole thing. Use the navigation at the bottom of every page to move forward, back, or jump home.

Look for the badges: Foundation = Year 11 territory, assumed by Year 12. Core = heavily examined Year 12. Extension = top-band ATAR depth.
Part A โ€” How Networks Actually Work
CHAPTER 01
The Big Picture Foundation
What actually happens when you tap a link โ€” the whole stack in one story before we break it apart.
CHAPTER 02
Network Types & Topologies Foundation
LAN, WAN, PAN, MAN. Star, mesh, bus, ring. Client-server vs P2P. Your home Wi-Fi vs the school network vs the internet.
CHAPTER 03
Network Hardware Foundation
Routers, switches, access points, modems, NICs, firewalls. What each box physically does in the path.
CHAPTER 04
OSI & TCP/IP Models Core
The journey of a packet โ€” taught as a story, not a list of seven layers to memorise.
CHAPTER 05
IP Addressing & Subnetting Core
IPv4 vs IPv6, public vs private, NAT, CIDR notation, subnetting with worked examples.
CHAPTER 06
Protocols You Actually Meet Core
HTTP/HTTPS, DNS, DHCP, FTP, SMTP, SSH, TCP vs UDP โ€” grouped by what they actually do.
CHAPTER 07
Wireless & Mobile Foundation
Wi-Fi standards (802.11), Bluetooth, cellular. Why your Wi-Fi is terrible in some rooms.
Part B โ€” How It Breaks: Threats & Vulnerabilities
CHAPTER 08
CIA Triad + AAA Core
The lens through which every security question gets answered. Confidentiality, Integrity, Availability + Authentication, Authorisation, Accounting.
CHAPTER 09
Threat Actors & Motivations Core
Who attacks, why, and how to spot the difference between a script kiddie and a nation-state.
CHAPTER 10
Attack Categories Core
Malware (virus, worm, trojan, ransomware), social engineering (phishing, pretexting), network attacks (MITM, DoS, sniffing, spoofing).
CHAPTER 11
Vulnerability vs Threat vs Risk Core
The distinction examiners love testing. Plus the OWASP Top 10 (light touch).
Part C โ€” How We Defend
CHAPTER 12
Cryptography Basics Core
Symmetric vs asymmetric, hashing, digital signatures, HTTPS/TLS as a step-by-step story.
CHAPTER 13
Authentication & Access Control Core
Passwords, MFA, biometrics, RBAC, principle of least privilege. Why your school account locks after 3 tries.
CHAPTER 14
Network Defence Core
Firewalls (packet-filter vs stateful), IDS/IPS, VPNs, network segmentation, DMZ. The defender's toolkit.
CHAPTER 15
Monitoring & Incident Response Core
Logs, SIEM (light touch), the incident response cycle. What happens after the alarm goes off.
CHAPTER 16
Secure Network Design Extension
Putting it all together for the BSSS design-solution task. Worked scenarios from start to finish.
Part D โ€” The Human & Practical Layer
CHAPTER 17
Ethics, Law & Privacy Core
Australian context: Privacy Act, Notifiable Data Breaches scheme, Cybercrime Act. Optus & Medibank as case studies.
CHAPTER 18
Investigating Networks Foundation
ping, tracert, ipconfig, nslookup, basic packet capture. Tools to actually see what's happening.
Part E โ€” Exam Kit
CHAPTER 19
Exam Technique Core
Command words, mark templates, how to write a 4-mark "explain" answer that actually scores 4.
CHAPTER 20
Practice Questions Core
Short answer, scenario-based, design tasks. Cover the answers and try them first.
CHAPTER 21
๐Ÿ“‹ Exam Night 1-Page Primer Core
Read this the morning of the exam. Everything condensed onto one screen.

๐Ÿšซ Top 15 Exam Traps โ€” Master Table

The mistakes students make every single year. Bookmark this page.

#What students write โŒWhat you should write โœ…
1"A router and a switch are the same thing"Router connects DIFFERENT networks (your home to the internet). Switch connects devices WITHIN one network.
2"HTTPS encrypts the website"HTTPS encrypts the data IN TRANSIT between your browser and the server. The website itself is unchanged.
3"A firewall stops viruses"A firewall filters NETWORK TRAFFIC based on rules. Antivirus stops malware. Different jobs.
4"VPN makes you anonymous"A VPN encrypts your traffic and hides it from your ISP/local network. The VPN provider can still see it. Not full anonymity.
5"DDoS = hacking the website"DDoS doesn't break in. It overwhelms the server with so much traffic that real users can't connect. Availability attack, not confidentiality.
6"Phishing is when someone hacks your email"Phishing is TRICKING you into giving up info via a fake message. No hacking required โ€” it's social engineering.
7"Symmetric encryption is less secure than asymmetric"Both are secure. Symmetric is FASTER but needs secure key sharing. Asymmetric solves key sharing but is SLOWER. HTTPS uses both.
8"Hashing is encryption"Hashing is ONE-WAY (you can't reverse it). Encryption is two-way (decryptable with the key). Different purposes.
9"IP address identifies the user"IP identifies a DEVICE on a network at a moment in time. NAT, DHCP and shared Wi-Fi mean it's not a reliable user identifier.
10"TCP is better than UDP"TCP is RELIABLE (good for files, web pages). UDP is FAST (good for video calls, gaming). Different tools for different jobs.
11"A vulnerability is the same as a threat"Vulnerability = weakness. Threat = something that could exploit it. Risk = likelihood ร— impact. Three different things.
12"MFA stops all account hacks"MFA stops MOST password-based attacks. SIM-swapping, MFA fatigue, and session hijacking can still bypass it.
13"The cloud is just someone else's computer"True but trivialising. Cloud = managed infrastructure with shared responsibility. The provider secures the platform; YOU secure your data and access.
14"WPA2 Wi-Fi is unhackable"WPA2 is broken in known ways (KRACK, weak passwords). WPA3 is current best practice. No protocol is permanently unbreakable.
15"You can't be hacked if you don't click anything"Drive-by downloads, zero-click exploits, network attacks, and supply-chain attacks don't need user interaction. Click hygiene helps but isn't enough.
WHERE MARKS ARE LOST: Almost never from "wrong knowledge." Almost always from "incomplete explanation." If a question says Explain, you need to say WHAT happens AND WHY, linked to a real mechanism. See Chapter 19 for the templates.
Start with Chapter 1 โ†’
Or jump to whatever topic you're stuck on. Each chapter stands on its own.