- What types of attacks are possible on physical layer?
- What is the MAC flooding table attack? What is it used for? What can the attacker achieve with it?
 How can we protect the switches? 
- How can be the VLANs attacked? How to perform this attack? What is possible with this attack? How can we create protection?
- What is the double encapsulated 802.1Q frame? How to perform this attack? What is possible with this attack? How can we create protection?
- What is IP spoofing? How to perform this attack? What is possible with this attack? How can we create protection?
- What is ARP poisioning? How to perform this attack? What is possible with this attack? How can we create protection?
- What is DHCP starvation and rogue DHCP server attack? How to perform this attack? What is possible with this attack? How can we create protection?
- What security requirements have the IGP protocols? What are the threats?
- What security requirements have the BGP protocols? What are the threats?

- What is a firewall? What is it good for? What is outside of the firewall protection?
- What is the target layer of the packet filters? What information is available for the firewall?
- What is the access control list? What actions can take a packet filter firewall? How can be the firewall instructed?
- What is dynamic packet filtering? On what is this better than static packet filters?
- What are the benefits of packet filters? What are the problems of packet filters?
- What is the target layer of the application proxies? What information is available for the firewall?
- What is the transparent proxy? Why is this better than nontransparent proxies?	
- What are the benefits of application proxies? What are the problems of application proxies?
- How does the screening router architecture look like? What are the advantages and disadvantages?
- How does the dual homed host architecture look like? What are the advantages and disadvantages?
- How does the screened subnet architecture look like? What are the advantages and disadvantages?

- What is Network Address Translation? How does it work? What is the relation between NAT and firewalls?
- What is a honeypot? How does it work? What is it good for?

- What is Intrusion Detection System and what is Intrusion Prevention System?
- What types of IDSes exists?
- How does the Network IDS work? What kind of attacks can be identified with it?
- How does the Host IDS work? What kind of attacks can be identified with it?
- How does the File System IDS work? What kind of attacks can be identified with it?
- What is the rule based detection? What categories are within rule based detection? What are the advantages and disadvantages of rule based detection?
- What is anomaly detection? What are the advantages and disadvantages of anomaly detection?

- What are the threats in the case of wireless networks?
- What is a fake accesspoint attack? How does it work? What is it good for?
- How does AP's access filtering work? Why it is not satisfactory?
- How does AP's SSID hiding work? Why it is not satisfactory?
- How does WEP authentication work? How does WEP ciphering work? What are the problems of WEP?
- What is the architecture of WPA-TKIP? How can TKIP overcome WEP's problems?
- How does per packet keying works in TKIP? What are the strengths of the ciphering and authenticatin algorithms in TKIP?
- How does 802.11i CCMP works? What are the differences among WEP, TKIP and CCMP?