Overview

Certified Network Defender (CND) v3 is the world's first network security program with a continual / adaptive security strategy. It is a network security course designed to help organizations create and deploy the most comprehensive network security system. CND is mapped to the below job roles based on common job role frameworks recognised by organisations worldwide. C|ND is a network security course designed to help organizations create and deploy the most comprehensive network defense system. Your labs, courseware, and exam voucher is included in this course.

Target audience:

  • Network Administrators
  • Network Security Administrators
  • Network Engineer
  • Network Security
  • Analyst Network
  • Security Engineer
  • Security Analyst
  • Cybersecurity Engineer

CND is accredited by the ANSI National Accreditation Board under ANSI ISO/IEC 17024. Approved by the US DoD under Directive 8570/8140. 100+ hands-on labs. CND covers modern and advanced network security requirements. Mapped with NICE Framework under the following category, specialty areas, and work roles. Learn tactical defense of cloud services (AWS, Azure, and GCP). Learning beyond technical aspects, building perimeter defense skills with job-ready practical skills in live ranges. Learn the latest technologies and concepts to match modern network security requirements with hands-on skills with 100+ labs simulating real-time environment with in-depth attack surface analysis.

Read more

Prerequisites

There are no prerequisites for this course, but having a basic understanding of networking principles will help.

Read more

Learning Outcomes

You will learn how to undertake the following tasks;

  • Planning and administering network security for organisations
  • Recognizing security risks, threats, and vulnerabilities
  • Ensuring compliance with regulatory standards
  • Designing and implementing network security policies
  • Applying security principles in distributed and mobile computing environments
  • Implementing Identity and Access Management, encryption, and network segmentation
  • Managing Windows and Linux Security Administration
  • Addressing security risks in mobile devices and IoT
  • Implementing strong data security techniques
  • Managing security in virtualization technologies and cloud platforms
  • Implementing wireless network security
  • Conducting risk and vulnerability assessments
  • Providing first response to security incidents
  • Identifying Indicators of Compromise and Attack
  • Integrating threat intelligence for proactive defense
  • Conducting Attack Surface Analysis
  • Assisting in Business Continuity and Disaster Recovery planning
  • Monitoring network traffic and performing log management
  • Managing proxy, content filtering, and troubleshooting network issues
  • Hardening the security of endpoints and selecting firewall solutions
  • Configuring IDS/IPS for enhanced security
  • Maintaining an inventory of network devices
  • Providing security awareness guidance and training
  • Managing AAA for network devices
  • Reviewing audit logs and analysing security anomalies
  • Maintaining and configuring security platforms
  • Evaluating security products and operations procedures
  • Identifying and classifying organizational assets
  • Implementing system integrity monitoring tools
  • Understanding EDR/XDR and UEBA solutions
  • Conducting PIA processes for privacy assessment
  • Collaborating on threat hunting and incident response
  • Understanding SOAR platforms in cybersecurity operations
  • Integrating Zero Trust principles into security architectures
  • Staying updated on emerging cyber threats
  • Understanding the role of AI/ML in cyber defense.
Read more

Course Outline

Module 1 - Network Defense Management

Network Attacks and Defense Strategies

  • Explain essential terminologies related to network security attacks
  • Describe the various examples of network-level attack techniques
  • Describe the various examples of host-level attack techniques
  • Describe the various examples of application-level attack techniques
  • Describe the various examples of social engineering attack techniques
  • Describe the various examples of email attack techniques
  • Describe the various examples of mobile device-specific attack techniques
  • Describe the various examples of cloud-specific attack techniques
  • Describe the various examples of wireless network-specific attack techniques
  • Describe Attacker’s Hacking Methodologies and Frameworks
  • Understand fundamental goal, benefits, and challenges in network defense
  • Explain Continual/Adaptive security strategy
  • Explain defense-in-depth security strategy

Administrative Network Security

  • Obtain compliance with regulatory frameworks
  • Discuss various Regulatory Frameworks, Laws, and Acts
  • Learn to design and develop security policies
  • Conduct security awareness training
  • Discuss other administrative security measures

Administrative Network Security

  • Obtain compliance with regulatory frameworks
  • Discuss various Regulatory Frameworks, Laws, and Acts
  • Learn to design and develop security policies
  • Conduct security awareness training
  • Discuss other administrative security measures

Module 2 Network Perimeter Security

Technical Network Security

  • Discuss access control principles, terminologies, and models
  • Redefine Access Control security in Today’s Distributed and Mobile Computing World
  • Discuss Identity and Access Management (IAM) concepts
  • Discuss cryptographic security techniques
  • Discuss various cryptographic algorithms
  • Discuss security benefits of network segmentation techniques
  • Discuss various essential network security solutions
  • Discuss various essential network security protocols

Network Perimeter Security

  • Understand firewall security concerns, capabilities, and limitations
  • Understand different types of firewall technologies and their usage
  • Understand firewall topologies and their usage • Distinguish between hardware, software, host, network, internal, and external firewalls
  • Select firewalls based on its deep traffic inspection capability
  • Discuss firewall implementation and deployment process
  • Discuss recommendations and best practices for secure firewall Implementation and deployment
  • Discuss firewall administration activities • Understand role, capabilities, limitations, and concerns in IDS deployment
  • Discuss IDS/IPS classification • Discuss various components of IDS • Discuss effective deployment of network and host-based IDS
  • Learn to how to deal with false positive and false negative IDS alerts
  • Discuss the selection of appropriate IDS solutions
  • Discuss various NIDS and HIDS Solutions with their intrusion detection capabilities
  • Discuss router and switch security measures, recommendations, and best practices
  • Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)

Module 3 Endpoint Protection

Endpoint Security - Windows Systems

  • Understand Window OS and Security Concerns
  • Discuss Windows Security Components
  • Discuss Various Windows Security Features
  • Discuss Windows security baseline configurations
  • Discuss Windows User Account and Password Management
  • Discuss Windows Patch Management
  • Discuss User Access Management
  • Discuss Windows OS Security Hardening Techniques
  • Discuss Windows Active Directory Security Best Practices
  • Discuss Windows Network Services and Protocol Security

Endpoint Security - Linux Systems

  • Understand Linux OS and Security Concerns
  • Discuss Linux Installation and Patching
  • Discuss Linux OS Hardening Techniques
  • Discuss Linux User Access and Password Management
  • Discuss Linux Network and Remote Access Security
  • Discuss Various Linux Security Tools and Frameworks

Endpoint Security - Mobile Devices

  • Discuss Common Mobile Usage Policies in Enterprises
  • Discuss the Security Risk and challenges associated with Enterprises mobile usage policies
  • Discuss security guidelines to mitigate risk associated with enterprise mobile usage policies
  • Discuss and implement various enterprise-level mobile security management Solutions
  • Discuss and implement general security guidelines and best practices on Mobile platforms
  • Discuss Security guidelines and tools for Android devices
  • Discuss Security guidelines and tools for iOS devices

Endpoint Security-IoT Devices

  • Understand IoT Devices, their need, and Application Areas
  • Understand IoT Ecosystem and Communication models
  • Understand Security Challenges and risks associated with IoT-enabled environments
  • Discuss the security in IoT-enabled Environments
  • Discuss Security Measures for IoT-enabled Environments
  • Discuss IoT Security Tools and Best Practices
  • Discuss and refer various standards, Initiatives and Efforts for IoT Security

Module 4 - Application and Data Protection

Administrative Application Security

  • Discuss and implement Application Whitelisting and Blacklisting
  • Discuss and implement application Sandboxing
  • Discuss and implement Application Patch Management
  • Discuss and implement Web Application Firewall (WAF)

Data Security

  • Understand Data Security and its Importance
  • Discuss the implementation of data access controls
  • Discuss the implementation of encryption of “Data at rest”
  • Discuss the implementation of Encryption of “Data at transit”
  • Discuss the implementation of Encryption of “Data at transit” between browser and web server
  • Discuss the implementation of Encryption of “Data at transit” between database server and web server
  • Discuss the implementation of Encryption of “Data at transit” in Email Delivery
  • Discuss Data Masking Concepts
  • Discuss data backup and retention
  • Discuss Data Destruction Concepts
  • Data Loss Prevention (DLP) Concepts

Module 5 - Enterprise Virtual, Cloud, and Wireless Network Protection

Enterprise Virtual Network Security

  • Understand Virtualization Essential Concepts
  • Discus Network Virtualization (NV) Security
  • Discuss Software-Defined Network (SDN) Security
  • Discuss Network Function Virtualization (NFV) Security
  • Discus OS Virtualization Security
  • Discuss Security Guidelines, recommendations and best practices for Containers
  • Discuss Security Guidelines, recommendations and best practices for Dockers
  • Discuss Security Guidelines, recommendations and best practices for Kubernetes

Enterprise Cloud Network Security

  • Understand Cloud Computing Fundamentals
  • Understand the Insights of Cloud Security
  • Evaluate CSP for Security before Consuming Cloud Service
  • Discuss security in Amazon Cloud (AWS)
  • Discuss security in Microsoft Azure Cloud
  • Discuss Security in Google Cloud Platform (GCP)
  • Discuss general security best practices and tools for cloud security

Enterprise Wireless Network Security

  • Understand wireless network fundamentals
  • Understand wireless network encryption mechanisms
  • Understand wireless network authentication methods
  • Discuss and implement wireless network security measures

Module 6 - Incident Detection

Network Traffic Monitoring and Analysis

  • Understand the need and advantages of network traffic monitoring
  • Setting up the environment for network monitoring
  • Determine baseline traffic signatures for normal and suspicious network traffic
  • Perform network monitoring and analysis for suspicious traffic using Wireshark
  • Discuss network performance and bandwidth monitoring concepts

Network Logs Monitoring and Analysis

  • Understand logging concepts
  • Discuss log monitoring and analysis on Windows systems
  • Discuss log monitoring and analysis on Linux
  • Discuss log monitoring and analysis on Mac
  • Discuss log monitoring and analysis on Firewall
  • Discuss log monitoring and analysis on Routers
  • Discuss log monitoring and analysis on Web Servers
  • Discuss centralized log monitoring and analysis

Module 7 - Incident Response

Incident Response and Forensic Investigation

  • Understand incident response concept
  • Understand the role of first responder in incident response
  • Discuss Do’s and Don’t in first response
  • Describe incident handling and response process
  • Describe forensics investigation process

Business Continuity and Disaster Recovery

  • Introduction to Business Continuity (BC) and Disaster Recovery (DR)
  • Discuss BC/DR Activities
  • Explain Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
  • Discuss various BC/DR Standards

Module 8 - Incident Prediction

Risk Anticipation with Risk Management

  • Understand risk management concepts
  • Learn to manage risk though risk management program
  • Learn different Risk Management Frameworks (RMF)
  • Learn to manage vulnerabilities through vulnerability management program
  • Learn vulnerability assessment and scanning

Threat Assessment with Attack Surface Analysis

  • Understand the attack surface analysis
  • Understand and visualize your attack surface
  • Learn to identify Indicators of Exposures (IoE)
  • Learn to conduct attack simulation
  • Learn to reduce the attack surface

Threat Prediction With Cyber Threat Intelligence

  • Understand the role of cyber threat intelligence in network defense
  • Understand different types of threat Intelligence
  • Understand the Indicators of Threat Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
  • Understand the layers of Threat Intelligence
  • Learn to leverage/consume threat intelligence for proactive defense

Read more

QA awarded EC-Council ATC of the Year 2023

 

Click here to see all our EC Council courses

Special Notices

This course is DoD 8570 & DoD 8140 compliant.

You will receive your Pearson Vue exam voucher in your course fee, and will need to arrange this at Pearson Vue testing facility.

Once you have completed the course, please submit the course evaluation via the ASPEN portal for your exam voucher to be released.

The EC Council exam is taken post-course, and EC Council recommend additional post-course study in order to fully prepare for it.

Your 6 month access to the iLabs platform will commence once you complete the course.

Please note - Commencing January 1st, 2019, EC-Council will no longer ship out physical certificates. EC-Council certified members can continue to download their e-Certificates from the ASPEN portal. Certified members who still wish to receive a physical certificate may request one via 'certsupport@eccouncil.org'. Printed certificate requests in the UK will cost $75 ($50 for the US).

Frequently asked questions

See all of our FAQs

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

Learn more about our Virtual Classrooms.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

Learn more about QA’s online courses.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Contact Us

Please contact us for more information