Back to Academy

VCA-NET-201: Intermediate Networking

Virtus Academy · Part-II Networking-Track Anchor

NET-101 closed at the wire: a student who can read what is on it, identify conversations from pcaps, and emit protocol-conformant bytes from Python. Every layer the entry course mentioned in passing was named. NET-201 pays the bills. Routing protocols (BGP, OSPF, IS-IS, RIP) at the depth a CCNA-track engineer reads them. Switching (VLAN, STP, trunking) on multi-router GNS3 lab topologies. TLS taken seriously (Rescorla-anchored), with the handshake and the certificate-chain dissected at byte level. DNS taken to its modern conclusion (DNSSEC, DNS-over-HTTPS, DNS-over-TLS). NAT and the IPv6 transition mechanisms (6to4, dual-stack, NAT64). SDN fundamentals (OpenFlow, P4) as the control-plane road not taken in the classical Internet. Network monitoring (Wireshark deep-dive, Suricata, Zeek) as the security practitioner's diagnostic instrument. Performance tuning (bufferbloat, the TCP-variant zoo, QUIC). Cloud networking (overlays, VXLAN-EVPN). And explicit cross-cuts to RE-track network-protocol RE, PT-track lateral-movement, and the embedded-networking lineage that culminates in the SB6141 cable-modem lab target. Every NET-101 forward-promise comes due here.

Total time: ~145 hours
Lecture: ~22 hr
Practical / lab: ~45 hr
Independent practice: ~78 hr
Position: After NET-101 + CSA-101 (or equivalent networking + computing-systems foundation)
Prereq: VCA-NET-101 + VCA-CSA-101
Equipment: Laptop-only; primary tooling delivered in-browser via the academy workbench (Wireshark/tshark Wasm + pcap filter-learning visualizer = TIR-1, in engineering; academy network simulator on GNS3/Containerlab/Mininet/netlab open-source substrate = TIR-2, in engineering); GNS3 / EVE-NG community-edition for advanced multi-router labs; Cisco Packet Tracer external-install for students with NetAcad accounts; Stevens + Kurose-Ross textbooks library-acquired or paperback (see hardware platform · we update this as the kit firms up)
Credential: VCA-NET-201 Certificate of Completion
Register interest. We're not taking enrollments yet. Email interested@virtuscyberacademy.org.

Course Overview

NET-201 is the academy's Part-II networking-track anchor. It assumes NET-101's graduates: students who have personally captured live traffic with Wireshark, identified conversations from mystery pcaps, walked DNS resolution end-to-end with dig +trace, and built an HTTP/1.1 client from sockets. The pedagogical contract is that NET-201 is the protocol-zoo opened for inspection, for every protocol NET-101 introduced at first-encounter depth, NET-201 introduces the production-grade variant and the operational consequences that drive working network engineers.

Closes the NET-101 forward-promises. The Week-9 DNS introduction expands into a three-week DNSSEC / DoH / DoT module with zone-file authoring labs. The Week-12 TLS sketch expands into a Rescorla-anchored handshake-by-handshake module covering TLS 1.2, TLS 1.3, and QUIC's embedded TLS. The Week-7 TCP-flow-control sketch closes against a bufferbloat / fast-retransmit / QUIC comparison module measured on real captured traces. The Week-3 IPv4 / NAT / light-IPv6 sketch expands into a transition-mechanism module covering the dual-stack, 6to4, and NAT64 modes a working dual-stack network actually runs.

Position relative to peer offerings. NET-201 is the only formal curriculum at this course that assumes the student has already shipped a packet-capture capstone in the prior course and intends to feed an embedded-networking reverse-engineering capstone in the subsequent track. University-level intermediate networking courses (Stanford CS244 Advanced Topics in Networking, MIT 6.829 Computer Networks, Berkeley CS268 Graduate Computer Networks) cover overlapping territory but assume the student is reading the architecture from the textbook, not having personally built the NET-101 substrate. NET-201's pace and depth are calibrated against NET-101's graduates' existing apparatus, the Wireshark fluency, the Python-socket comfort, the read-what-is-on-the-wire intuition.

Pedagogy. The three NET-101 teaching habits continue with track-track-specific source texts. Foundational readings (~16-20 weaves across NET-201's twelve chapters; Stevens for byte-level wire-protocol depth, Kurose-Ross for top-down narrative, with Doyle-and-Carroll's Routing TCP/IP entering for the routing-protocol modules and Rescorla's SSL and TLS for the TLS module). Tool Journal (~12 new entries: Suricata, Zeek, GNS3 advanced, EVE-NG, mitmproxy, OpenSSL s_client/s_server, BIND for DNS authoring, FRRouting, BGP looking-glass tools, performance-measurement tools). Architecture comparison sidebars (BGP vs OSPF vs EIGRP vs IS-IS routing-protocol families; TLS 1.2 vs TLS 1.3 vs QUIC-TLS; SDN vs traditional vs intent-based networking). The SB6141 embedded-networking thread runs through the routing, NAT, and DOCSIS-bridge weeks as a forward pointer into vca-arm-201 and vca-emb-201. The DOCSIS link-layer treatment in particular is the link-layer-protocol lens onto a four-track shared reference published as handouts/cross-chapter-docsis-quad-cross-cut.md. One canonical DOCSIS handout cross-cited by NET-201 (link-layer protocol), NET-301 (carrier / RF-front-end), RF-301 Ch 5 (advanced waveform RE), and RE-201 (SB6141 hardware lab); anchored on Kurose-Ross 9e §6.3.4 with chip-by-chip mapping for the SB6141 lab target.

How the Course Teaches: Foundational Readings

The same paired-textbook system NET-101 introduced is carried forward at intermediate depth. Stevens's TCP/IP Illustrated Vol 1 (2nd ed., 2011) supplies the byte-level wire-protocol passages; Kurose-Ross's Computer Networking: A Top-Down Approach (9th ed., Pearson, 2021) supplies the top-down narrative; Doyle and Carroll's Routing TCP/IP (Cisco Press) joins for the BGP / OSPF / IS-IS routing modules; Eric Rescorla's SSL and TLS joins for the TLS module. The full per-chapter weave catalog publishes as handouts/cross-chapter-net-201-anchor-reading-guide.md; two representative samples follow.

Sample weave (Stevens, Volume 1, Ch 4, ARP: Address Resolution Protocol; intermediate-depth re-read). Stevens's argument in Volume 1 Chapter 4 (revisited at NET-201 depth) is that ARP is the protocol the rest of the link layer politely pretends does not exist. The IP layer asks the link layer to deliver a frame to a target IP; the link layer can only address frames to MAC addresses; ARP is the side-channel that closes the gap. Stevens prints tcpdump traces showing the request-reply pair for an ARP cache miss, then the silent presence of cache hits for subsequent traffic to the same target. The core insight at this level is to show how the quiet protocol becomes loud the moment it fails: ARP storms, gratuitous ARPs from a misconfigured host, ARP spoofing as a man-in-the-middle vector. The arping and arpwatch tools inspect the cache; ettercap and bettercap exploit it. NET-101 introduced the request-reply; NET-201 introduces the operational consequences. Lab 2 has you mount and detect an ARP-spoofing attempt on a GNS3 lab topology, observing the cache-poison and its remediation in arpwatch.
Sample weave (Kurose-Ross, 9th ed., Ch 5, The Network Layer: Control Plane). Kurose and Ross's 9th-edition Chapter 5 frames the modern network as a control plane and a data plane that are increasingly separable, and that is the structural shift the chapter argues for: for forty years, the control plane was distributed (each router runs its own routing protocol; the topology is discovered cooperatively); for the last decade, the SDN movement has carved out environments (datacenters, large enterprise WANs) where the control plane is logically centralised and the data plane runs a thin agent. Their pedagogical point is not that one wins; it is that the choice between them is now a real architectural decision a working engineer faces. OpenFlow is the protocol the centralised model first cohered around; P4 is the language that lets the centralised controller program the data plane's per-packet behaviour. Kurose-Ross gives worked examples of both running against the same topology, so the student can see what each model buys and what it costs. Lab 9 has you stand up a small OpenFlow-controlled topology in Containerlab and compare its convergence behaviour against an OSPF-controlled equivalent on the same physical substrate.

Curriculum Outline

Twelve chapters across ~14 weeks. Each chapter takes a NET-101 first-encounter and opens it for inspection.

ChTopicWhat NET-101 first-encounter it opens
1Routing I, OSPF and IS-IS link-state protocolsNET-101 Week 3 light-touch routing
2Routing II, BGP path-vector + RIP distance-vector contextNET-101 Week 3; the Internet-scale routing layer
3Switching, VLAN trunking, STP, link aggregationNET-101 Week 2 link-layer; the plant-side complement
4TLS, 1.2, 1.3, QUIC-TLS, certificate chainsNET-101 Week 12 TLS sketch; Rescorla-anchored
5DNS deep-dive, DNSSEC, DoH, DoT, zone authoringNET-101 Week 9 DNS introduction
6NAT and the IPv6 transition. Dual-stack, 6to4, NAT64NET-101 Week 3 IPv4/NAT; light IPv6
7SDN fundamentals, OpenFlow, P4, intent-based networkingNET-101's "routing is distributed" assumption
8Network monitoring (NSM-lite), Wireshark deep-dive, Suricata signatures, Zeek scriptsNET-101 Lab 7 mystery-pcap; production NSM workflow
9Performance and tuning. Bufferbloat, TCP variants (CUBIC, BBR), QUICNET-101 Week 7 TCP flow-control
10Cloud networking. Overlays, VXLAN-EVPN, ContainerlabNET-101's on-premises assumption; modern multi-tenancy
11Cross-cut to RE-track network-protocol REForward pointer to vca-re-201
12Cross-cut to PT-track lateral-movement + SB6141 lab-target prepForward pointer to vca-adv-101 + vca-arm-201 + vca-emb-201

Architecture Comparison Sidebars

Per the academy-wide pattern, NET-201 carries four structured comparison sidebars, each pairing a ~150-250 word narrative with a 4-6 row protocol-family table. The full set publishes as handouts/cross-chapter-net-201-architecture-sidebars.md.

  • BGP vs OSPF vs EIGRP vs IS-IS. Four routing-protocol families, why each exists, where each is deployed in production, what the convergence-time and configuration-complexity costs look like. Anchored on Doyle and Carroll's Routing TCP/IP.
  • TLS 1.2 vs TLS 1.3 vs QUIC-TLS. Three secure-transport generations, the round-trip-count differences, the deprecated-cipher story, why QUIC moves TLS into the transport rather than running it above. Anchored on Rescorla's SSL and TLS.
  • SDN vs traditional networking vs intent-based networking. Three control-plane models, the OpenFlow / P4 / Cisco DNA Center stack, the operational shift each enables. Anchored on Kurose-Ross 9th ed.
  • WPA2-SAE vs WPA3-SAE vs 5G-AKA (wireless AKA progression) three contemporary wireless Authentication-and-Key-Agreement protocols compared on three axes (trust-anchor model, long-term-identity privacy, forward-secrecy + replay-protection mechanism); the design-evolution arc from 802.11i (2004) through WPA3 / Dragonfly (2018) to 5G-AKA (3GPP Rel-15, 2018), with KRACK / Dragonblood / IMSI-catcher as the attack classes driving each redesign. Cross-chapter shared sidebar with vca-wir-101 Week 4 + vca-rf-301 Ch 4 + vca-net-301 Ch 8 + cross-reference from vca-sec-101; published as handouts/cross-chapter-wireless-aka-progression.md. Anchored on Kurose-Ross 9e §8.8.1 + §8.8.2; reads as the intermediate-NET protocol-side AKA-design-rationale lens (cryptographic-primitive choices: HMAC-SHA1 in WPA2, ECC + Dragonfly PAKE in WPA3-SAE, ECIES in 5G-AKA SUCI computation), the natural companion to the TLS 1.2/1.3/QUIC-TLS sidebar above for students building secure-transport reading skill.

Learning Outcomes

step-by-step.

  1. Remember. State the four major IGP routing-protocol families (OSPF, IS-IS, EIGRP, RIP) and BGP's role as the inter-AS protocol; the three TLS generations (1.2, 1.3, QUIC-TLS) and their handshake-RTT counts; the IPv6 transition mechanisms (dual-stack, 6to4, NAT64) and when each is used.
  2. Understand. Explain why a centralised SDN control plane buys per-flow visibility and per-flow policy at the cost of controller-availability dependency, and why distributed routing protocols persist in environments where that trade-off is unfavorable.
  3. Understand. Distinguish DNSSEC (cryptographic origin authentication of DNS records) from DoH/DoT (transport encryption of DNS queries) and explain why a network can have one without the other.
  4. Apply. Stand up a multi-router OSPF or BGP topology in GNS3 or Containerlab; observe convergence behaviour with packet captures; intentionally break a peering and recover it.
  5. Apply. Capture and dissect a TLS 1.3 handshake byte-by-byte; identify the ClientHello, ServerHello, EncryptedExtensions, Certificate, Finished records; correlate with Rescorla's description.
  6. Apply. Author a DNSSEC-signed zone for a lab domain; observe the chain-of-trust validation in dig +dnssec; deliberately break the trust chain and observe the validation failure.
  7. Analyze. Given a captured trace of a misbehaving network (slow web pages, intermittent connectivity, partial DNS resolution), identify the layer at which the fault is occurring and propose a targeted instrumentation that would confirm the diagnosis.
  8. Synthesize. Author a 30-page operational playbook for a small enterprise network: routing-protocol choice and rationale; switching topology; DNS architecture; TLS-everywhere policy; NSM signature and Zeek-script roster; IPv6-transition timeline.

Hands-On Labs

Twelve labs, one capstone. Each lab opens a NET-101 first-encounter for production-grade inspection.

  • Lab 1. OSPF multi-area topology in GNS3; observe LSDB convergence; document the three-step handshake of a new neighbor.
  • Lab 2. BGP iBGP / eBGP peering; observe path-vector advertisement and route preference; demonstrate one valid prefix-hijack scenario in a sandboxed AS.
  • Lab 3. VLAN trunk + STP root-bridge election; force a topology change; observe the convergence in capture.
  • Lab 4. TLS 1.3 handshake dissection; capture against a known server; reproduce Rescorla's annotation against your own pcap.
  • Lab 5. DNSSEC zone authoring + chain-of-trust validation; deliberately introduce a key-rotation error; observe the resolver behavior.
  • Lab 6. Dual-stack + NAT64 lab; demonstrate IPv4 and IPv6 paths to the same service from a NAT64-only client.
  • Lab 7. OpenFlow Mininet topology; install a flow rule programmatically; observe the per-packet path.
  • Lab 8. Suricata signature authoring + Zeek script-as-pipeline against the academy NSM corpus; detect a known TTP.
  • Lab 9. SDN-vs-OSPF convergence comparison on Containerlab; measure and report.
  • Lab 10. Bufferbloat measurement with Flent; tune a queueing discipline (CoDel, FQ-CoDel); measure the latency improvement.
  • Lab 11. Cloud overlay walk, VXLAN-EVPN multi-tenant fabric in Containerlab; observe encap/decap on captures.
  • Lab 12 (capstone). Operational playbook for a small enterprise network, the synthesis deliverable. See the Capstone section below.

Capstone: Small-Enterprise Network Operational Playbook

The student authors a complete operational playbook for a small enterprise network of their own design (the canonical exemplar: a 30-employee company with a single primary site, a remote-work population, and a public-facing web presence). The playbook is the document a successor network administrator would read to take over the network.

Required artifacts

  • A network architecture diagram with every routing domain, every switching domain, every firewall boundary, and every NAT boundary identified.
  • A protocol-choice rationale: which IGP, why; iBGP topology, why; STP variant, why; TLS configuration, why; DNS architecture (authoritative + recursive + DNSSEC), why; IPv6 enablement timeline.
  • A live GNS3 or Containerlab topology that boots the chosen architecture and converges; the student demonstrates a routing-protocol failure scenario and its recovery.
  • An NSM rule and script roster (Suricata signatures + Zeek scripts) detecting at least three named threat scenarios on the topology's captured traffic.
  • A 25-35 page lab-notebook playbook covering: design decisions and rationale, day-1 standup procedures, day-2 operational runbooks (failure modes and their remediation), the monitoring strategy, the IPv6-transition timeline, and an explicit security posture (TLS-everywhere, key-rotation cadence, NSM-coverage scope).

Two-tier grading rubric

First, your project must work. The capstone topology converges; the failure scenario recovers; the NSM rules detect their named scenarios on the captured corpus. Reports below this threshold do not pass. No rubric scoring is performed on a non-functional design.

Then we score the report on three dimensions.

  • Architecture-decision rationale (40%). Are the protocol choices defended in terms of the alternatives? Does the playbook explain not only what was chosen but what was rejected and why?
  • Operational realism (30%). Do the day-2 runbooks match what a working network engineer would actually do? Is the failure-mode catalogue honest about what could go wrong?
  • Security and observability discipline (30%). Is the NSM coverage proportionate to the network's threat surface? Is the TLS posture defensible under modern threat models? Is the key-management story complete?

B− minimum on Tier 2 for the certificate. The playbook is the structural precursor to the PEN-101 engagement report (where the student attacks a similar network) and to the future vca-net-301 capstone (where the student takes the same playbook into a carrier-scale context).

Tool Journal: NET-201 Originating Entries

~12 new tools enter the diary in NET-201; the ~13 NET-101 originators continue at advanced depth.

  • FRRouting (FRR). The open-source routing daemon suite; OSPF / BGP / IS-IS / RIP all in one process. The reference for routing-protocol labs.
  • BGP looking-glass tools. RIPEstat, Hurricane Electric BGP toolkit, Cloudflare Radar, the operational read on Internet-scale routing.
  • Containerlab. The lightweight networking-lab orchestrator; runs FRR, SR Linux, Arista cEOS topologies in Docker. The successor-pattern to GNS3 for cloud-scale labs.
  • EVE-NG. Multi-vendor network emulation platform; community-edition free; runs IOS, IOS-XR, Junos, NX-OS images.
  • OpenSSL s_client / s_server. Manual TLS handshake from the command line; the tool that lets the student inspect each handshake message in cleartext.
  • BIND. The reference DNS server; authoritative-zone authoring; DNSSEC key management.
  • Knot DNS / Unbound. Modern DNS alternatives; the DoH/DoT-supporting recursive resolver.
  • Suricata (NSM). Signature-based intrusion detection. Re-introduced from NET-101's mystery-pcap exposure; advanced rule authoring.
  • Zeek (formerly Bro). Protocol-aware logging and scripting framework. Re-introduced from NET-101; advanced script-as-pipeline.
  • Mininet. SDN-research lightweight network emulator; runs OpenFlow controllers against virtual topologies.
  • mitmproxy. Interactive man-in-the-middle proxy for HTTP and HTTPS; the tool every web-pentest engagement uses.
  • Flent / iperf3 / netperf. Network-performance measurement; bufferbloat detection; queue-discipline tuning.

Recommended Readings

Primary anchor pair (continued from NET-101 at intermediate depth)

  • W. Richard Stevens and Kevin Fall, TCP/IP Illustrated, Volume 1: The Protocols, 2nd ed. Addison-Wesley, 2011 (ISBN 978-0-321-33631-6). Chapters 4-15 (TCP byte-level depth, DNS, DHCP). Library-acquire or paperback ~$80-90.
  • James Kurose and Keith Ross, Computer Networking: A Top-Down Approach, 9th ed. Pearson, 2021 (ISBN 978-0-13-592861-5). Chapters 6-9 (link layer + wireless + multimedia + security; 9e expands Ch 7 with new §7.2 wireless PHY + §7.4 wireless core + expanded §7.5 mobility split, and Ch 8.8 splits 802.11 AKA / 5G AKA). Library-acquire or paperback ~$90-200.

Module-specific anchors (NET-201 introduces)

  • Jeff Doyle and Jennifer Carroll, Routing TCP/IP, Volumes 1 and 2. Cisco Press. The CCIE-tier routing-protocol reference; primary anchor for Chapters 1-2 (OSPF, IS-IS, BGP). Paperback ~$80/volume.
  • Eric Rescorla, SSL and TLS: Designing and Building Secure Systems. Addison-Wesley. The canonical TLS pedagogy; primary anchor for Chapter 4. Paperback ~$70.
  • Richard Bejtlich, The Practice of Network Security Monitoring. No Starch, 2013. Primary anchor for Chapter 8 (NSM-lite); full treatment in vca-net-301.
  • Chris Sanders, Practical Packet Analysis, 3rd ed. No Starch, 2017. Continues at advanced depth for Wireshark labs.

Practitioner training (parallel credential pathway)

  • Cisco NetAcad CCNA, Switching, Routing, and Wireless Essentials. The continuation track from NET-101's NetAcad alignment. Students who complete NET-201 are positioned to sit CCNA.
  • Wireshark University / Laura Chappell. Intermediate / advanced courses. The deeper Wireshark-mastery track.

Career Outcomes & Cross-Course Bridges

  • → VCA-NET-301. The advanced networking elective. Carrier-scale routing, datacenter fabrics, eBPF/XDP, network forensics, modern protocols (HTTP/3, WebTransport), and the wireless / 802.11 deep-dive. NET-201 is the central prerequisite.
  • → VCA-ARM-201 + VCA-EMB-201 + VCA-RE-101 (the SB6141 embedded-networking pipeline). Per Findings §22.5 + §22.7, NET-201's routing / DNS / TLS / NAT / DOCSIS-bridge content is the application-layer half of the SB6141 lab-target preparation; ARM-201 + EMB-201 cover the multi-processor / firmware half. A student who reaches RE-101 having taken NET-101 + NET-201 + ARM-201 + EMB-201 reads the cable modem's wire behaviour as a witness to its architecture.
  • → VCA-RE-201 (network-protocol reverse engineering). Stevens-tier byte-level fluency is the prerequisite for re-201's unknown-protocol-RE work.
  • → VCA-ADV-101 (adversarial techniques). NET-201's NSM authoring + lateral-movement primitives feed adv-101's engagement work.
  • Industry. Network engineers; junior network architects; firewall + load-balancer specialists; NSM analysts; SRE / DevOps with network-engineering depth; field engineers at network-equipment vendors; junior security engineers at security-product vendors (Cloudflare, Cisco, Palo Alto, Fortinet, Juniper).
  • Credential paths. Cisco CCNA (entry) → CCNP (intermediate) → CCIE (expert); CompTIA CySA+ for the security-monitoring lane; (ISC)² SSCP for the broader security-track.

Certification Alignment

Cisco CCNA CompTIA CySA+ CCNP (forward-pointer)

Primary: Cisco CCNA (200-301). NET-201 covers the substantive switching, routing, and wireless modules at greater depth than the CCNA exam requires on operational realism, and at comparable depth on the protocol catalogue. Students who complete NET-101 + NET-201 are positioned to sit CCNA within three months of completion. Exam fee ~$300.

Alternative: CompTIA CySA+. Vendor-neutral cybersecurity-analyst credential with substantial NSM and packet-analysis content; suits students whose NET-201 trajectory aimed at security-monitoring roles rather than network-engineering roles. Exam fee ~$400.

Forward-pointer: NET-201 is also the prerequisite-skill base for CCNP (intermediate Cisco; ~250 hr study) and (eventually) CCIE (expert Cisco; ~600 hr study). Students who continue into the future vca-net-301 elective will be positioned for CCNP.

Before You Start

  1. Have you completed NET-101 and shipped its capstone home-network map? (If no → NET-101's capstone is central prereq; without it, NET-201's "production-grade" framing has no first-encounter baseline.)
  2. Have you completed CSA-101 (or equivalent computer-systems foundation)? (If no → the SDN and bufferbloat modules assume you can read assembly-level descriptions of packet-processing fast paths; the eBPF cross-cut in NET-301 will be much harder without CSA-101 first.)
  3. Are you comfortable installing Docker / running Containerlab? (If no → first-week prereq install discipline; the alternative is the academy network simulator (TIR-2) when it ships.)
  4. Can you read Wireshark TLS-handshake captures and identify the records? (If no → NET-101 Week 12 review; revisit the Lab 12 walk.)
  5. Do you have access to Stevens Vol 1 and Kurose-Ross 9th ed? (If no → library-acquire pathway; the academy library carries institutional copies.)

Format Prescriptions

Hour budget: ~22 lec hr + ~45 lab hr + ~78 indep hr (= ~145 hr total).

Live (standard cadence)

2 sessions/wk × 90 min over 14 weeks. Best for college-elective post-NET-101.

Night class

1-2 sessions/wk evenings; ~28 weeks. Routing-protocol convergence labs and the SDN module need extended-evening blocks.

Bootcamp

40 hr/wk × ~3.5 weeks intensive. Compressed but feasible for students with strong NET-101 retention.

Async self-paced

Recorded video; per-student academy network simulator (TIR-2) access; AI-assistant tier add-on; 1:1 tutoring premium for routing-protocol labs.

High school / homeschool co-op

Year-long cadence at HS scheduling. Recommended pairing with CSA-101 in the prior year.

Interested in VCA-NET-201?

Email interested@virtuscyberacademy.org.

Email interested@virtuscyberacademy.org

Virtus Academy is the educational arm of Virtus Cybersecurity, LLC. An SDVOSB. Virtus Academy is an independent program; no affiliation with any government academy or university is claimed or implied.