A2 Networks

For the new IB Diploma Computer Science syllabus to start teaching in August 2025, and for first examinations in May 2027.

Unit and lesson overviews will be gradually published as developed.

Lesson 1: Network types
Lesson 2: Network devices & transmission media
Lesson 3: Topologies, models, segmentation
Lesson 4: Protocols
Lesson 5: TCP/IP model
Lesson 6: Servers
Lesson 7: Practical: Create a socket server
Lesson 8: IP addressing
Lesson 9: Packet switching & routing
Lesson 10: Firewalls in detail
Lesson 11,12: Vulnerabilities & countermeasures (HL)
Lesson 13: Encryption & certificates
Lesson 14: Practical: TBD
Lesson 15: Exam style questions
Lesson 16: Assessment

Lesson 1: Network types

A2.1.1 Describe the purpose and characteristics of networks.

Networks: local area network (LAN), wide area network (WAN), personal area network (PAN), virtual private network (VPN)

A2.1.2 Describe the purpose, benefits and limitations of modern digital infrastructures.

Modern digital infrastructure: the internet, cloud computing, distributed systems, edge computing, mobile networks
Examples where specific networks are used may include the worldwide web (WWW), cryptocurrency blockchains, smart traffic lights, a school.

Lesson 2: Network devices & transmission media

A2.1.3 Describe the function of network devices.

Gateways, hardware firewalls, modems, network interface cards, routers, switches, wireless access points
How devices map to the layers of the TCP/IP model

A2.3.2 Compare types of media for data transmission.

Wired transmission via fibre optic cables and twisted pair cables; wireless transmission
The advantages and disadvantages of these three types of data transmission
Factors to consider must include bandwidth, complexity of installation, cost, range, susceptibility to interference, attenuation, reliability, security.

Lesson 3: Topologies, models, segmentation

A2.2.1 Describe the functions and practical applications of network topologies.

Network topologies: star, mesh, hybrid
Factors to consider must include reliability, transmission speed, scalability, data collisions, cost.
Examples may include home and small office settings, where reliability is paramount, and the use of networks in larger settings (e.g. corporations, government departments, college campuses).

A2.2.3 Compare and contrast networking models.

Client-server and peer-to-peer models
The respective benefits and drawbacks of client-server and peer-to-peer models
Real-world applications may include web browsing, email services, online banking, file sharing, VoIP services, blockchain.

A2.2.4 Explain the concepts and applications of network segmentation.

Segmentation for network performance and security, to reduce congestion, to manage network resources efficiently
Network segmentation must include the uses and roles of segmenting, subnetting and virtual local area networks (VLANs).

Lesson 4: Protocols

A2.1.4 Describe the network protocols used for transport and application.

Protocols: transmission control protocol (TCP), user datagram protocol (UDP), hypertext transfer protocol (HTTP), hypertext transfer protocol secure (HTTPS), dynamic host configuration protocol (DHCP)

Lesson 5: TCP/IP model

A2.1.5 Describe the function of the TCP/IP model. (HL only)

Application, transport, internet, network interface
The role of each layer and the interaction between these layers to ensure reliable data transmission over a network

Lesson 6: Servers

A2.2.2 Describe the function of servers. (HL only)

Types of servers: domain name server (DNS), dynamic host configuration protocol (DHCP), file server, mail server, proxy server, web server
Factors to consider must include function, scalability, reliability and security.

Lesson 7: Practical: Create a socket server

Lesson 8: IP addressing

A2.3.1 Describe different types of IP addressing.

The distinction between IPv4 and IPv6 addressing
The differences between public IP addresses and private IP addresses, and between static IP addresses and dynamic IP addresses
The role of network address translation (NAT) to minimize the use of IP addresses and to facilitate communication between private internal networks and the public internet

Lesson 9: Packet switching & routing

A2.3.3 Explain how packet switching is used to send data across a network.

The process of segmenting data into packets with a routing header attached, and independently transmitting control information, allowing the data to be reassembled at the destination
The role that switches and routers play in packet switching

A2.3.4 Explain how static routing and dynamic routing move data across local area networks. (HL only)

The process of static routing, and its advantages and disadvantages
The process of dynamic routing, and its advantages and disadvantages (explanation of a specific routing protocol is not required)
Factors to consider must include configuration, maintenance, complexity, resource usage, convergence, scalability, network size.

Lesson 10: Firewalls in detail

A2.4.1 Discuss the effectiveness of firewalls at protecting a network.

The function of firewalls in inspecting and filtering incoming and outgoing traffic based on whitelists, blacklists and rules
The strengths and limitations of firewalls
The role of NAT to enhance network security

Lesson 11,12: Vulnerabilities & countermeasures (HL)

A2.4.2 Describe common network vulnerabilities. (HL only)

Distributed denial of service (DDoS), insecure network protocols, malware, man-in-the-middle (MitM) attacks, phishing attacks, SQL injection, cross-site scripting (XSS), unpatched software, weak authentication, zero-day exploits

A2.4.3 Describe common network countermeasures. (HL only)

Content security policies, complex password policies, DDoS mitigation tools, email filtering solutions, encrypted protocols, input validation (filtering, whitelisting), intrusion detection systems (IDS), intrusion prevention systems (IPS), multifactor authentication (MFA), secure socket layer (SSL) certificate, transport layer security (TLS) certificate, update software, VPNs
The importance of regular security testing and employee training
Wireless security measures may include media access controllers (MAC), whitelists and blacklists.