Certified Network Defense (CND) v3 Course Outline
Special Note to New Hampshire ResidentsThis course has not yet been approved by the New Hampshire Department of Education. Please contact us for an update on when the class will be available in New Hampshire.
Course Overview
EC-Council's Certified Network Defender (C|ND) is an essential vendor-neutral network security certification for every IT and systems administrator who needs to operate with a secure mindset. Students will learn the critical skills required to defend their networks and operating environments across local networks, endpoints, cloud infrastructure, applications, OT, and Mobile. They will also acquire knowledge of effective proper log analysis, network traffic monitoring, basic investigation and response, as well as business continuity and disaster recovery. Additionally, they will dive into threats, analyzing the attack surface, and studying threat prediction and threat intelligence as it relates to their administration and defense responsibilities. Often referred to as blue-teaming, C|NDs will be able to apply defense and countermeasure strategies in their organizations, playing a critical role not only in attack prevention but also in detection, response, and remediation as they configure networks and systems to operate securely.
The C|ND program will cover the concepts and fortify skills through hands-on practice across over 110 labs delivered on live target machines. The C|ND program designed by industry experts prepares network defenders with strategic, technological, and operational network security capabilities, enabling them to design, develop, and maintain secure networks.
Course Objectives
Planning and administering network security for organizations
Recognizing security risks, threats, and vulnerabilities
Ensuring compliance with regulatory standards
Designing and implementing network security policies
Applying security principles in distributed and mobile computing environment
Implementing Identity and Access Management, encryption, and network segmentation
Managing Windows and Linux Security Administration
Addressing security risks in mobile devices and IoT
Implementing strong data security techniques
Managing security in virtualization technologies and cloud platforms
Implementing wireless network security
Conducting risk and vulnerability assessments
Providing first response to security incidents
Identifying Indicators of Compromise and Attack
Integrating threat intelligence for proactive defense
Conducting Attack Surface Analysis
Assisting in Business Continuity and Disaster Recovery planning
Monitoring network traffic and performing log management
Managing proxy, content filtering, and troubleshooting network issues
Hardening security of endpoints and selecting firewall solutions
Configuring IDS/IPS for enhanced security
Maintaining an inventory of network devices
Providing security awareness guidance and training
Managing AAA for network devices
Reviewing audit logs and analyzing security anomalies
Maintaining and configuring security platforms
Evaluating security products and operations procedures
Identifying and classifying organizational assets
Implementing system integrity monitoring tools
Understanding EDR/XDR and UEBA solutions
Conducting PIA processes for privacy assessment
Collaborating on threat hunting and incident response
Understanding SOAR platforms in cybersecurity operations
Integrating Zero Trust principles into security architectures
Staying updated on emerging cyber threats
Understanding the role of AI/ML in cyber defense.
Who Should Attend?
Students/IT Professionals/Any other industry professionals planning a career in cybersecurity. Anyone who wants to start a career in the blue team and network security
Course Prerequisites
There are no prerequisites for the EC-Council Certified Network Defender (CND) v3 course, but a basic understanding of networking principles can be helpful.
COURSE OUTLINE
Network Attacks and Defense Strategies
Explain essential terminologies related to network security attacks
Describe the various examples of network-level attack techniques
Describe the various examples of application-level attack techniques
Describe the various examples of social engineering attack techniques
Describe the various examples of email attack techniques
Describe the various examples of mobile device-specific attack techniques
Describe the various examples of cloud-specific attack techniques
Describe the various examples of wireless network-specific attack techniques
Describe the various examples of Supply Chain Attack techniques
Describe Attacker’s Hacking Methodologies and Frameworks
Understand fundamental goal, benefits, and challenges in network defense
Explain Continual/Adaptive security strategy
Explain defense-in-depth security strategy
Administrative Network Security
Learn to obtain compliance with regulatory framework and standardsv
Discuss various Regulatory Frameworks, Laws, and Acts
Learn to design and develop security policies
Learn to conduct different type security and awareness training
Learn to implement other administrative security measures
Discuss Asset Management
Learn How to Stay Up to Date on Security Trends and Threats
Technical Network Security
Discuss access control principles, terminologies, and models
Redefine the Access Control in Today’s Distributed and Mobile Computing World
Discuss Identity and Access Management (IAM)
Discuss cryptographic security techniques
Discuss various cryptographic algorithms
Discuss security benefits of network segmentation techniques
Discuss various essential network security solutions
Discuss various essential network security protocols
Network Perimeter Security
Understand firewall security concerns, capabilities, and limitations
Understand different types of firewall technologies and their usage
Understand firewall topologies and their usage
Distinguish between hardware, software, host, network, internal, and external firewalls
Select firewalls based on its deep traffic inspection capability
Discuss recommendations and best practices for secure firewall Implementation and deployment
Discuss firewall administration concepts
Understand role, capabilities, limitations, and concerns in IDS deployment
Discuss IDS classification
Discuss various components of IDS
Discuss effective deployment of network and host-based IDS
Learn to how to deal with false positive and false negative IDS/IPS alerts
Discuss the considerations for selection of an appropriate IDS/IPS solutions
Discuss various NIDS and HIDS Solutions with their intrusion detection capabilities Snort
Discuss router and switch security measures, recommendations, and best practices
Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)
Endpoint Security-Windows Systems
Understand Window OS and Security Concerns
Discuss Windows Security Components
Discuss Various Windows Security Features
Discuss Windows Security Baseline Configurations
Discuss Windows User Account and Password Management
Discuss Windows Patch Management
Discuss User Access Management
Windows OS Security Hardening Techniques
Discuss Windows Active Directory Security Best Practices
Discuss Windows Network Services and Protocol Security
Endpoint Security-Linux Systems
Understand Linux OS and security concerns
Discuss Linux Installation and Patching
Discuss Linux OS Hardening Techniques
Discuss Linux User Access and Password Management
Discuss Linux Network Security and Remote Access
Discuss Various Linux Security Tools and Frameworks
Endpoint Security- Mobile Devices
Common Mobile Usage Policies in Enterprises
Discuss Security Risk and Guidelines associated with Enterprises mobile usage policies
Discuss and implement various enterprise-level mobile security management Solutions
Discuss and implement general security guidelines and best practices on Mobile platforms
Discuss Security guidelines and tools for Android devices
Discuss Security guidelines and tools for iOS devices
Endpoint Security-IoT Devices
Understanding IoT Devices, their need and Application Areas
Understanding IoT Ecosystem and Communication models
Understand Security Challenges and risks associated with IoT-enabled environments
Discuss the security in IoT-enabled environments
Discuss Security Measures for IoT enabled IT Environments
Discuss IoT Security Tools and Best Practices
Discuss and refer various standards, Initiatives and Efforts for IoT Security
Administrative Application Security
Discuss and implement Application Whitelisting and Blacklisting
Discuss and implement application Sandboxing
Discuss and implement Application Patch Management
Discuss and implement Web Application Firewall (WAF)
Data Security
Understand data security and its importance
Understand Data Integrity and Its Importance
Discuss the implementation of data access controls
Discuss the implementation of Encryption of Data at rest
Discuss the implementation of Encryption of “Data at transit”
Discuss Data Masking Concepts
Discuss data backup and retention
Discuss Data Destruction Concepts
Data Loss Prevention Concepts
Enterprise Virtual Network Security
Discuss the evolution of network and security management concept in modern Virtualized IT Environments
Understand Virtualization Essential Concepts
Discus Network Virtualization (NV) Security
Discuss SDN Security
Discuss Network Function Virtualization (NFV) Security
Discus OS Virtualization Security
Discuss Security Guidelines, Recommendations and Best Practices for Containers
Discuss Security Guidelines, Recommendations and Best practices for Dockers
Discuss Security Guidelines, Recommendations and Best Practices for Kubernetes
Enterprise Cloud Security
Understand Cloud Computing Fundamentals
Understanding the Insights of Cloud Security
Evaluate CSP for Security before Consuming Cloud Service
Discuss security in Amazon Cloud (AWS)
Discuss security in Microsoft Azure Cloud
Discuss security in Google Cloud Platform (GCP)
Discuss general security best practices and tools for cloud security
Wireless Network Security
Understand wireless network fundamentals
Understand wireless network encryption mechanisms
Understand wireless network authentication methods
Discuss and implement wireless network security measures
Network Traffic Monitoring and Analysis
Understand the need and advantages of network traffic monitoring
Setting up the environment for network monitoring
Determine baseline traffic signatures for normal and suspicious network traffic
Perform network monitoring and analysis for suspicious traffic using Wireshark
Discuss network performance and bandwidth monitoring tools and techniques
Understand Network Anomaly Detection with Behavior analysis
Network Logs Monitoring and Analysis
Understand logging concepts
Discuss log monitoring and analysis on Windows systems
Discuss log monitoring and analysis on Linux
Discuss log monitoring and analysis on Mac
Discuss log monitoring and analysis in Firewall
Discuss log monitoring and analysis on Routers
Discuss log monitoring and analysis on Web Servers
Discuss centralized log monitoring and analysis
Incident Response and Forensic Investigation
Understand incident response concept
Understand the role of first responder in incident response
Discuss Do’s and Don’t in first response
Describe incident handling and response process
Enhance Incident-Response using AI/ML
Learn how to Automate Incident Response – SOAR
Understand Incident Response using Endpoint Detection and Response (EDR)
Understanding Incident Response using Extended Detection and Response (XDR)
Describe forensics investigation process
Business Continuity and Disaster Recovery
Introduction to Business Continuity (BC) and Disaster Recovery (DR) concepts
Discuss BC/DR Activities
Explain Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
Discuss BC/DR Standards
Risk Anticipation with Risk Management
Understand risk management concepts
Learn to manage risk though risk management program
Learn different Risk Management Frameworks (RMF)
Learn to manage vulnerabilities through vulnerability management program
Learn vulnerability Assessment and Scanning
Discuss Privacy Impact Assessment (PIA)
Threat Assessment with Attack Surface Analysis
Understand the attack surface concepts
Learn to understand and visualize your attack surface
Learn to identify Indicators of Exposures (IoE)
Learn to perform attack simulation
Learn to reduce the attack surface
Understand Attack surface monitoring tools
Discuss attack surface analysis specific to Cloud and IoT
Threat Prediction with Cyber Threat Intelligence
Understand role of cyber threat intelligence in network defense
Understand the types of threat Intelligence
Understand the Indicators of Threat
Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
Understand the layers of Threat Intelligence
Learn to leverage/consume threat intelligence for proactive defense
Understand threat Threat Hunting
Discuss Leveraging AI/ML capabilities for threat intelligence
View outline in Word
SCNDV3