EC-Council CND: Certified Network Defender v2 Training

• Network Attacks & Defense Strategies

Explaining essential terminologies related to network security attacks.
Describing various examples of network-level attack techniques.
Examples of host-level attack techniques. 
Examples of application-level attack techniques.
Examples of social engineering attack techniques. 
Examples of email attack techniques.
Describing examples of mobile device-specific attack techniques.
Cloud-specific attack techniques.
Wireless network-specific attack techniques.
Describing an attacker’s hacking methodologies and frameworks.
Understanding fundamental goals, benefits, and challenges in network defense.
Explaining the continual/adaptive security strategy.
The defense-in-depth security strategy.

• Administrative Network Security

Obtaining compliance with regulatory frameworks.
Discussing regulatory frameworks, laws, and acts.
Designing and developing security policies.
Conducting security awareness training.
Discussing other administrative security measures.

• Technical Network Security

Discussing access control principles, terminologies, and models.
Redefining Access Control security in today’s distributed and mobile computing world.
Discussing Identity and Access Management (IAM) concepts.
Cryptographic security techniques and cryptographic algorithms.  
The security benefits of network segmentation techniques.
The essential network security solutions.
Discussing the critical network security protocols.

• Network Perimeter Security

Understanding firewall security concerns, capabilities, and limitations.
Different types of firewall technologies and their usage.
Firewall topologies and their use.
Distinguishing between hardware, software, host, network, internal, and external firewalls.
Selecting a firewall based on its deep traffic inspection capability.
Discussing the firewall implementation/deployment process.
Recommendations and best practices for a secure firewall implementation/deployment.
Firewall administration activities.
Understanding the role, capabilities, limitations, and concerns in IDS deployments.
Discussing the IDS/IPS classification.
Various components of IDS.
The effective deployment of network and host-based IDS.
Learning to deal with false positive/negative IDS alerts.
Discussing the selection of appropriate IDS solutions.
Various NIDS/HIDS solutions with their intrusion detection capabilities.
Router/Switch security measures, recommendations, and best practices.
Leveraging Zero Trust Model Security using Software-Defined Perimeter (SDP).

• Endpoint Security-Windows Systems

Understanding Windows OS and security concerns.
Discussing Windows security components.
Various Windows security features.
Windows security baseline configurations.
Windows user account and password management.
Windows patch management.
User access management.
Windows OS security-hardening techniques.
Windows active directory security best practices.
Windows network services and protocol security.

• Endpoint Security-Linux Systems

Understanding Linux OS and security concerns.
Discussing Linux installation and patching.
Linux OS Hardening techniques.
Linux user access and password management.
Linux network and remote access security.
Various Linux security tools/frameworks.

• Endpoint Security- Mobile Devices

Discussing common mobile usage policies in enterprises.
The security risks/challenges associated with enterprise mobile usage policies.
The security guidelines for mitigating risks associated with enterprise mobile usage policies.
Discussing/Implementing enterprise-level mobile security management solutions.
General security guidelines and best practices on mobile platforms. 
Discussing security guidelines and tools for android devices.
Security guidelines and tools for iOS devices.

• Endpoint Security-IoT Devices

Understanding IoT devices, their need, and application areas.
The IoT ecosystem and communication models.
The security challenges/risks associated with IoT-enabled environments.
Discussing the security in IoT-enabled environments.
Security measures for IoT-enabled environments.
IoT security tools and best practices.
Discussing/Referring to various standards, initiatives, and efforts for IoT security.

• Administrative Application Security

Discussing/Implementing application whitelisting and blacklisting.
Application sandboxing.
Application patch management.
The Web Application Firewall (WAF).

• Data Security

Understanding data security and its importance.
Discussing the implementation of data access controls.
The encryption of Data-at-rest.
Data-at-transit, and Data-at-transit between browser and web server. 
The encryption of Data-at-transit in email delivery.
Data masking concepts, backup, and retention.
Data destruction and Data Loss Prevention (DLP) concepts.

• Enterprise Virtual Network Security

Understanding the essential virtualization concepts.
Discussing Network Virtualization (NV) security.
Software-defined Network (SDN) security.
Network Function Virtualization (NFV) security.
OS Virtualization security.
The security guidelines, recommendations, and best practices for Containers/Dockers/Kubernetes.

• Enterprise Cloud Network Security

Understanding the cloud computing fundamentals.
The insights of cloud security.
Evaluating CSP for security before consuming cloud service.
Discussing security in Amazon (AWS)/Microsoft Azure clouds and the Google Cloud Platform (GCP). 
The general security best practices and tools for cloud security.

• Enterprise Wireless Network Security

Understanding wireless network fundamentals, encryption mechanisms, and authentication methods.
Discussing and implementing wireless network security measures.

• Network Traffic Monitoring & Analysis

Understanding the need/advantages of network traffic monitoring.
Setting up the environment for network monitoring.
Determining baseline traffic signatures for normal/suspicious network traffic.
Performing network monitoring/analysis for suspicious traffic using Wireshark.
Discussing network performance and bandwidth monitoring concepts.

• Network Logs Monitoring & Analysis

Understanding the logging concepts.
Discussing log monitoring and analysis on Windows, Linux, or Mac systems.  
Discussing log monitoring and analysis on Firewalls, Routers, or Web servers.
Discussing the centralized log monitoring/analysis.

• Incident Response & Forensic Investigation

Understanding the incident response concept and role of a first responder. 
Discussing the Do’s/Don’ts in the first response.
Describing incident-handling/response and forensics investigation processes.

• Business Continuity & Disaster Recovery

Business Continuity (BC) and Disaster Recovery (DR) introduction. 
Discussing BC/DR activities.
Explaining Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP).
Discussing BC/DR standards.

• Risk Anticipation with Risk Management

Understanding risk management concepts.
Learning to manage risks through a risk management program. 
Different Risk Management Frameworks (RMF).
Managing vulnerabilities through the vulnerability management program.
Learning vulnerability assessment and scanning.

• Threat Assessment with Attack Surface Analysis

Understanding the attack surface analysis and visualizing your attack surface.
Learning to identify Indicators of Exposures (IoE).
Conducting attack simulations.
Reducing the attack surface.

• Threat Prediction with Cyber Threat Intelligence

Understanding the role of cyber threat intelligence in network defense. 
The types of threat intelligence.
The indicators of threat intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA).
The layers of threat intelligence.
Learning to leverage and consume threat intelligence for proactive defense.