EC-Council - CND - Certified Network Defender
Request a Class


COURSE COST: $2899.00

COURSE TIMES: 9:00am - 5:00pm

Printable version of this course


Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE).

The course has also been mapped to global job roles and responsibilities and the Department of Defense (DoD) job roles for system/network administrators.

The program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the project, detect and respond approach to network security.

The course contains hands-on labs, based on major network security tools and techniques which will provide network administrators real world expertise on current network security technologies and operations.


Network Administrators
Network security Administrators
Network Security Engineer
Network Defense Technicians
CND Analyst
Security Analyst
Security Operator
Anyone who involves in network operations
You should be well-versed in cyber security fundamentals as well as basic networking knowledge like CompTIA Network+ or CCNA level.


Course Cost doesn't include the cost of Courseware approx.$ 577, iLabs $ 150, or Exam $ 350. This course to run is subject to a minimum enrollment. This course will run as a Live On Line unless a minimum number of enrollment is met. The study-kit provides you with over 10 GB of network security best practices, assessments and protection tools. The kit also contains templates for various network policies and a large number of white papers for additional learning.


Computer Network and Defense Fundamentals.
Network Security Threats, Vulnerabilities, and Attacks.
Network Security Controls, Protocols, and Devices.
Network Security Policy Design and Implementation.
Physical Security, Host Security.
Secure Firewall Configuration and Management.
Secure IDS Configuration and Management.
Secure VPN Configuration and Management.
Wireless Network Defense, Network Traffic Monitoring and Analysis.
Network Risk and Vulnerability Management.
Data Backup and Recovery.
Network Incident Response and Management.

Module 01: Computer Network and Defense Fundamentals
Network Fundamentals
Network Components
TCP/IP Networking Basics
TCP/IP Protocol Stack
IP Addressing
Computer Network Defense (CND)
CND Triad
CND Process
CND Actions
CND Approaches

Module 02: Network Security Threats,Vulnerabilities, and Attacks
Essential Terminologies
Network Security Concerns
Network Security Vulnerabilities
Network Reconnaissance Attacks
Network Access Attacks
Denial of Service (DoS) Attacks
Distributed Denial-of-Service Attack (DDoS)
Malware Attacks

Module 03: Network Security Controls,Protocols, and Devices
Fundamental Elements of Network Security
Network Security Controls
User Identification, Authentication, Authorization and Accounting
Types of Authorization Systems
Authorization Principles
Security Policy
Network Security Devices
Network Security Protocols

Module 04: Network Security Policy Design and Implementation
What is Security Policy? Internet Access Policies, Acceptable-Use Policy
User-Account, Remote-Access, Information-Protection, Firewall-Management Policy
Special-Access, Network-Connection, Business-Partner, Email Security Policy
Passwords, Physical Security, Information System Security Policy
Bring Your Own Devices (BYOD) Policy
Software/Application Security Policy
Data Backup, Confidential Data, Data Classification Policy
Internet Usage, Server, Wireless Network Policy
Incidence Response Plan (IRP), User Access Control, Switch Security Policy
Intrusion Detection and Prevention (IDS/IPS) Policy
Personal Device Usage, Encryption, Router Policy
Security Policy Training and Awareness

ISO Information Security Standards
Payment Card Industry Data Security Standard (PCI-DSS)
Health Insurance Portability and Accountability Act (HIPAA)
Information Security Acts: Sarbanes Oxley Act (SOX)
Information Security Acts: Gramm-Leach-Bliley Act (GLBA)
Information Security Acts: The Digital Millennium Copyright Act (DMCA) and Federal
Information Security Management Act (FISMA)
Other Information Security Acts and Laws

Module 05: Physical Security
Physical Security
Access Control Authentication Techniques
Physical Security Controls
Other Physical Security Measures
Workplace Security
Personnel Security: Managing Staff Hiring and Leaving Process
Laptop Security Tool: EXO5
Environmental Controls
Physical Security: Awareness /Training
Physical Security Checklists

Module 06: Host Security
Host Security, OS Security
Windows Security, Patch Management
Disabling Unused System Services
Set Appropriate Local Security Policy Settings
Configuring Windows Firewall, Protecting from Viruses
Protecting from Spywares, Email Security: AntiSpammers
Enabling Pop-up Blockers, Windows Logs Review and Audit
Configuring Host-based IDS/IPS,
File System Security: Setting Access Controls and Permission to Files and Folders
File and File System Encryption, Linux Security
Securing Network Servers, Hardening Routers and Switches, Application/software Security
Data Security, Virtualization Security

Module 07: Secure Firewall Configuration and Management
Firewalls and Concerns, What Firewalls Does?
What should you not Ignore?: Firewall Limitations
How Does a Firewall Work?, Firewall Rules, Types of Firewalls
Firewall Technologies, Firewall Topologies, Firewall Rule Set & Policies
? Firewall Implementation, Firewall Administration , Firewall Logging and Auditing
Firewall Anti-evasion Techniques, Why Firewalls are Bypassed?
Full Data Traffic Normalization, Data Stream-based Inspection
Vulnerability-based Detection and Blocking
Firewall Security Recommendations and Best Practices
Firewall Security Auditing Tools

Module 08: Secure IDS Configuration and Management
Intrusions and IDPS, IDS, Types of IDS Implementation
IDS Deployment Strategies
Types of IDS Alerts, IPS
IDPS Product Selection Considerations
IDS Counterparts

Module 09: Secure VPN Configuration and Management
Understanding Virtual Private Network (VPN)
How VPN works?
Why to Establish VPN ?
VPN Concentrators, Types of VPN
VPN Categories
Selecting Appropriate VPN
VPN Core Functions, VPN Technologies
VPN Topologies, Common VPN Flaws
VPN Security,
Quality Of Service and Performance in VPNs

Module 10: Wireless Network Defense
Wireless Terminologies
Wireless Networks, Wireless Standard
Wireless Topologies, Typical Use of Wireless Networks
Components of Wireless Network
WEP (Wired Equivalent Privacy) Encryption
WPA (Wi-Fi Protected Access) Encryption
WPA2 Encryption, WEP vs. WPA vs. WPA2
Wi-Fi Authentication Method,
Wi-Fi Authentication Process Using a Centralized Authentication Server
Wireless Network Threats, Bluetooth Threats
Wireless Network Security , Wi-Fi Discovery Tools , Locating Rogue Access points
? Protecting from Denial-of-Service Attacks: Interference

Assessing Wireless Network Security
Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
WPA Security Assessment Tool
Wi-Fi Vulnerability Scanning Tools
Deploying Wireless IDS (WIDS) and Wireless IPS (WIPS)
? Configuring Security on Wireless Routers
Additional Wireless Network Security Guidelines

Module 11: Network Traffic Monitoring and Analysis
Network Traffic Monitoring and Analysis(Introduction)
Network Monitoring: Positioning your Machine at Appropriate Location
Network Traffic Signatures
Packet Sniffer: Wireshark
Detecting OS Fingerprinting Attempts
Detecting PING Sweep Attempt
Detecting ARP Sweep/ ARP Scan Attempt
Detecting TCP Scan Attempt, Detecting SYN/FIN DDOS Attempt
Detecting UDP Scan Attempt, Detecting Password Cracking Attempts
Detecting FTP Password Cracking Attempts
Detecting Sniffing (MITM) Attempts, Detecting the Mac Flooding Attempt
Detecting the ARP Poisoning Attempt

Additional Packet Sniffing Tools
Network Monitoring and Analysis
? Bandwidth Monitoring

Module 12: Network Risk and Vulnerability Management
What is Risk?, Risk Levels , Risk Matrix
Key Risk Indicators(KRI), Risk Management Phase
Enterprise Network Risk Management
Vulnerability Management

Module 13: Data Backup and Recovery
Introduction to Data Backup
RAID (Redundant Array Of Independent Disks) Technology
Storage Area Network (SAN) , Network Attached Storage (NAS)
Selecting Appropriate Backup Method
Choosing the Right Location for Backup
Backup Types
Conducting Recovery Drill Test
Data Recovery
Windows Data Recovery Too
RAID Data Recovery Services
SAN Data Recovery Software
NAS Data Recovery Services

Module 14: Network Incident Response and Management
Incident Handling and Response
Incident Response Team Members: Roles and Responsibilities
First Responder
Incident Handling and Response Process
Overview of IH&R Process Flow
Forensic Investigation
Eradication and Recovery
Post-incident Activities
Training and Awareness