Skip to Scheduled Dates
Course Overview
EC-Council's Certified Network Defender (C|ND) is an essential vendor-neutral network security certification for every IT and systems administrator who needs to operate with a secure mindset. Students will learn the critical skills required to defend their networks and operating environments across local networks, endpoints, cloud infrastructure, applications, OT, and Mobile. They will also acquire knowledge of effective proper log analysis, network traffic monitoring, basic investigation and response, as well as business continuity and disaster recovery. Additionally, they will dive into threats, analyzing the attack surface, and studying threat prediction and threat intelligence as it relates to their administration and defense responsibilities. Often referred to as blue-teaming, C|NDs will be able to apply defense and countermeasure strategies in their organizations, playing a critical role not only in attack prevention but also in detection, response, and remediation as they configure networks and systems to operate securely.
he C|ND program will cover the concepts and fortify skills through hands-on practice across over 110 labs delivered on live target machines. The C|ND program designed by industry experts prepares network defenders with strategic, technological, and operational network security capabilities, enabling them to design, develop, and maintain secure networks.
Who Should Attend
Students/IT Professionals/Any other industry professionals planning a career in cybersecurity.
Anyone who wants to start a career in the blue team and network security
Course Objectives
- Planning and administering network security for organizations
- Recognizing security risks, threats, and vulnerabilities
- Ensuring compliance with regulatory standards
- Designing and implementing network security policies
- Applying security principles in distributed and mobile computing environment
- Implementing Identity and Access Management, encryption, and network segmentation
- Managing Windows and Linux Security Administration
- Addressing security risks in mobile devices and IoT
- Implementing strong data security techniques
- Managing security in virtualization technologies and cloud platforms
- Implementing wireless network security
- Conducting risk and vulnerability assessments
- Providing first response to security incidents
- Identifying Indicators of Compromise and Attack
- Integrating threat intelligence for proactive defense
- Conducting Attack Surface Analysis
- Assisting in Business Continuity and Disaster Recovery planning
- Monitoring network traffic and performing log management
- Managing proxy, content filtering, and troubleshooting network issues
- Hardening security of endpoints and selecting firewall solutions
- Configuring IDS/IPS for enhanced security
- Maintaining an inventory of network devices
- Providing security awareness guidance and training
- Managing AAA for network devices
- Reviewing audit logs and analyzing security anomalies
- Maintaining and configuring security platforms
- Evaluating security products and operations procedures
- Identifying and classifying organizational assets
- Implementing system integrity monitoring tools
- Understanding EDR/XDR and UEBA solutions
- Conducting PIA processes for privacy assessment
- Collaborating on threat hunting and incident response
- Understanding SOAR platforms in cybersecurity operations
- Integrating Zero Trust principles into security architectures
- Staying updated on emerging cyber threats
- Understanding the role of AI/ML in cyber defense.
Course Outline
Network Attacks and Defense Strategies
- Explain essential terminologies related to network security attacks
- Describe the various examples of network-level attack techniques
- Describe the various examples of application-level attack techniques
- Describe the various examples of social engineering attack techniques
- Describe the various examples of email attack techniques
- Describe the various examples of mobile device-specific attack techniques
- Describe the various examples of cloud-specific attack techniques
- Describe the various examples of wireless network-specific attack techniques
- Describe the various examples of Supply Chain Attack techniques
- Describe Attacker’s Hacking Methodologies and Frameworks
- Understand fundamental goal, benefits, and challenges in network defense
- Explain Continual/Adaptive security strategy
- Explain defense-in-depth security strategy
Administrative Network Security
- Learn to obtain compliance with regulatory framework and standardsv
- Discuss various Regulatory Frameworks, Laws, and Acts
- Learn to design and develop security policies
- Learn to conduct different type security and awareness training
- Learn to implement other administrative security measures
- Discuss Asset Management
- Learn How to Stay Up to Date on Security Trends and Threats
Technical Network Security
- Discuss access control principles, terminologies, and models
- Redefine the Access Control in Today’s Distributed and Mobile Computing World
- Discuss Identity and Access Management (IAM)
- Discuss cryptographic security techniques
- Discuss various cryptographic algorithms
- Discuss security benefits of network segmentation techniques
- Discuss various essential network security solutions
- Discuss various essential network security protocols
Network Perimeter Security
- Understand firewall security concerns, capabilities, and limitations
- Understand different types of firewall technologies and their usage
- Understand firewall topologies and their usage
- Distinguish between hardware, software, host, network, internal, and external firewalls
- Select firewalls based on its deep traffic inspection capability
- Discuss recommendations and best practices for secure firewall Implementation and deployment
- Discuss firewall administration concepts
- Understand role, capabilities, limitations, and concerns in IDS deployment
- Discuss IDS classification
- Discuss various components of IDS
- Discuss effective deployment of network and host-based IDS
- Learn to how to deal with false positive and false negative IDS/IPS alerts
- Discuss the considerations for selection of an appropriate IDS/IPS solutions
- Discuss various NIDS and HIDS Solutions with their intrusion detection capabilities Snort
- Discuss router and switch security measures, recommendations, and best practices
- Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)
Endpoint Security-Windows Systems
- Understand Window OS and Security Concerns
- Discuss Windows Security Components
- Discuss Various Windows Security Features
- Discuss Windows Security Baseline Configurations
- Discuss Windows User Account and Password Management
- Discuss Windows Patch Management
- Discuss User Access Management
- Windows OS Security Hardening Techniques
- Discuss Windows Active Directory Security Best Practices
- Discuss Windows Network Services and Protocol Security
Endpoint Security-Linux Systems
- Understand Linux OS and security concerns
- Discuss Linux Installation and Patching
- Discuss Linux OS Hardening Techniques
- Discuss Linux User Access and Password Management
- Discuss Linux Network Security and Remote Access
- Discuss Various Linux Security Tools and Frameworks
Endpoint Security- Mobile Devices
- Common Mobile Usage Policies in Enterprises
- Discuss Security Risk and Guidelines associated with Enterprises mobile usage policies
- Discuss and implement various enterprise-level mobile security management Solutions
- Discuss and implement general security guidelines and best practices on Mobile platforms
- Discuss Security guidelines and tools for Android devices
- Discuss Security guidelines and tools for iOS devices
Endpoint Security-IoT Devices
- Understanding IoT Devices, their need and Application Areas
- Understanding IoT Ecosystem and Communication models
- Understand Security Challenges and risks associated with IoT-enabled environments
- Discuss the security in IoT-enabled environments
- Discuss Security Measures for IoT enabled IT Environments
- Discuss IoT Security Tools and Best Practices
- Discuss and refer various standards, Initiatives and Efforts for IoT Security
Administrative Application Security
- Discuss and implement Application Whitelisting and Blacklisting
- Discuss and implement application Sandboxing
- Discuss and implement Application Patch Management
- Discuss and implement Web Application Firewall (WAF)
Data Security
- Understand data security and its importance
- Understand Data Integrity and Its Importance
- Discuss the implementation of data access controls
- Discuss the implementation of Encryption of Data at rest
- Discuss the implementation of Encryption of “Data at transit”
- Discuss Data Masking Concepts
- Discuss data backup and retention
- Discuss Data Destruction Concepts
- Data Loss Prevention Concepts
Enterprise Virtual Network Security
- Discuss the evolution of network and security management concept in modern Virtualized IT Environments
- Understand Virtualization Essential Concepts
- Discus Network Virtualization (NV) Security
- Discuss SDN Security
- Discuss Network Function Virtualization (NFV) Security
- Discus OS Virtualization Security
- Discuss Security Guidelines, Recommendations and Best Practices for Containers
- Discuss Security Guidelines, Recommendations and Best practices for Dockers
- Discuss Security Guidelines, Recommendations and Best Practices for Kubernetes
Enterprise Cloud Security
- Understand Cloud Computing Fundamentals
- Understanding the Insights of Cloud Security
- Evaluate CSP for Security before Consuming Cloud Service
- Discuss security in Amazon Cloud (AWS)
- Discuss security in Microsoft Azure Cloud
- Discuss security in Google Cloud Platform (GCP)
- Discuss general security best practices and tools for cloud security
Wireless Network Security
- Understand wireless network fundamentals
- Understand wireless network encryption mechanisms
- Understand wireless network authentication methods
- Discuss and implement wireless network security measures
Network Traffic Monitoring and Analysis
- Understand the need and advantages of network traffic monitoring
- Setting up the environment for network monitoring
- Determine baseline traffic signatures for normal and suspicious network traffic
- Perform network monitoring and analysis for suspicious traffic using Wireshark
- Discuss network performance and bandwidth monitoring tools and techniques
- Understand Network Anomaly Detection with Behavior analysis
Network Logs Monitoring and Analysis
- Understand logging concepts
- Discuss log monitoring and analysis on Windows systems
- Discuss log monitoring and analysis on Linux
- Discuss log monitoring and analysis on Mac
- Discuss log monitoring and analysis in Firewall
- Discuss log monitoring and analysis on Routers
- Discuss log monitoring and analysis on Web Servers
- Discuss centralized log monitoring and analysis
Incident Response and Forensic Investigation
- Understand incident response concept
- Understand the role of first responder in incident response
- Discuss Do’s and Don’t in first response
- Describe incident handling and response process
- Enhance Incident-Response using AI/ML
- Learn how to Automate Incident Response – SOAR
- Understand Incident Response using Endpoint Detection and Response (EDR)
- Understanding Incident Response using Extended Detection and Response (XDR)
- Describe forensics investigation process
Business Continuity and Disaster Recovery
- Introduction to Business Continuity (BC) and Disaster Recovery (DR) concepts
- Discuss BC/DR Activities
- Explain Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
- Discuss BC/DR Standards
Risk Anticipation with Risk Management
- Understand risk management concepts
- Learn to manage risk though risk management program
- Learn different Risk Management Frameworks (RMF)
- Learn to manage vulnerabilities through vulnerability management program
- Learn vulnerability Assessment and Scanning
- Discuss Privacy Impact Assessment (PIA)
Threat Assessment with Attack Surface Analysis
- Understand the attack surface concepts
- Learn to understand and visualize your attack surface
- Learn to identify Indicators of Exposures (IoE)
- Learn to perform attack simulation
- Learn to reduce the attack surface
- Understand Attack surface monitoring tools
- Discuss attack surface analysis specific to Cloud and IoT
Threat Prediction with Cyber Threat Intelligence
- Understand role of cyber threat intelligence in network defense
- Understand the types of threat Intelligence
- Understand the Indicators of Threat
- Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
- Understand the layers of Threat Intelligence
- Learn to leverage/consume threat intelligence for proactive defense
- Understand threat Threat Hunting
- Discuss Leveraging AI/ML capabilities for threat intelligence