EC-Council Certified Network Defender (CND)

EC-Council Certified Network Defender (CND) Course Description

Duration: 5.00 days (40 hours)

EC-Council ATC

Certified Network Defender (CND) is a comprehensive network security certification training program. It is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and responsibilities and the Department of Defense (DoD) job roles for system/network administrators. The course is designed and developed after extensive market research and surveys.

The program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the protect, detect and respond approach to network security. The course contains hands-on labs, based on major network security tools and techniques which will provide network administrators real world expertise on current network security technologies and operations.

Next Class Dates

Jan 29, 2018 – Feb 2, 2018
8:30 AM – 4:30 PM ET
519 8th Avenue, 2nd Floor, New York, NY 10018
New York, NY 10018

View More Schedules »

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this EC-Council Certified Network Defender (CND) Course

  • » Network Administrators
  • » Network security Administrators
  • » Network Security Engineer
  • » Network Defense Technicians
  • » CND Analyst
  • » Security Analyst
  • » Security Operator
  • » Anyone who involves in network operations

Back to Top

EC-Council Certified Network Defender (CND) Course Objectives

  • » Computer Network and Defense Fundamentals
  • » Network Security Threats, Vulnerabilities, and Attacks
  • » Network Security Controls, Protocols, and Devices
  • » Network Security Policy Design and Implementation
  • » Physical Security
  • » Host Security
  • » Secure Firewall Configuration and Management
  • » Secure IDS Configuration and Management
  • » Secure VPN Configuration and Management
  • » Wireless Network Defense
  • » Network Traffic Monitoring and Analysis
  • » Network Risk and Vulnerability Management
  • » Data Backup and Recovery
  • » Network Incident Response and Management

Back to Top

EC-Council Certified Network Defender (CND) Course Outline

      1. Computer Network and Defense Fundamentals
        1. Network Fundamentals
          1. Computer Network
          2. Types of Network
          3. Major Network Topologies
        2. Network Components
          1. Network Interface Card (NIC)
          2. Repeater
          3. Hub
          4. Switches
          5. Router
          6. Bridges
          7. Gateways
        3. TCP/IP Networking Basics
          1. Standard Network Models: OSI Model
          2. Standard Network Models: TCP/IP Model
          3. Comparing OSI and TCP/IP
        4. TCP/IP Protocol Stack
          1. Domain Name System (DNS)
          2. DNS Packet Format
          3. Transmission Control Protocol (TCP)
          4. User Datagram Protocol (UDP)
          5. IP Header
          6. Internet Control Message Protocol (ICMP)
          7. Address Resolution Protocol (ARP)
          8. Ethernet
          9. Fiber Distributed Data Interface (FDDI)
          10. Token Ring
        5. IP Addressing
          1. Classful IP Addressing
          2. Address Classes
          3. Reserved IP Address
          4. Subnet Masking
          5. IPv6 Addressing
        6. Computer Network Defense (CND)
          1. Computer Fundamental Attributes
          2. What CND is NOT
          3. CND Layers
          4. Blue Teaming
          5. Network Defense-In-Depth
          6. Typical Secure Network Design
        7. CND Triad
        8. CND Process
        9. CND Actions
        10. CND Approaches
      2. Network Security Threats, Vulnerabilities, and Attacks
        1. Essential Terminologies
          1. Threats
          2. Vulnerabilities
          3. Attacks
        2. Network Security Concerns
          1. Why Network Security Concern Arises?
          2. Fundamental Network Security Threats
          3. Types of Network Security Threats
          4. Where they arises from?
          5. How does network security breach affects business continuity?
        3. Network Security Vulnerabilities
          1. Types of Network Security Vulnerabilities
          2. Technological Vulnerabilities
          3. Configuration Vulnerabilities
          4. Security policy Vulnerabilities
          5. Types of Network Security Attacks
        4. Network Reconnaissance Attacks
          1. Reconnaissance Attacks
        5. Network Access Attacks
          1. Password Attacks
          2. Password Attack Techniques
          3. Man-in-the-Middle Attack
          4. Replay Attack
          5. Smurf Attack
          6. Spam and Spim
          7. Xmas Attack
          8. Pharming
          9. Privilege Escalation
          10. DNS Poisoning
          11. DNS Cache Poisoning
          12. ARP Poisoning
          13. DHCP Attacks: DHCP Starvation Attacks
          14. Switch Port Stealing
          15. Spoofing Attacks
        6. Denial of Service (DoS) Attacks
        7. Distributed Denial-of-Service Attack (DDoS)
        8. Malware Attacks
          1. Malware
          2. Malware Attacks
      3. Network Security Controls, Protocols, and Devices
        1. Fundamental Elements of Network Security
          1. Network Security Controls
          2. Network Security Protocols
          3. Network Security Perimeter Appliances
        2. Network Security Controls
          1. Access Control
          2. Types of Access Control
          3. Mandatory Access Control (MAC)
          4. Network Access Control (NAC)
          5. NAC Solutions
        3. User Identification, Authentication, Authorization and Accounting
          1. Types of Authentication :Password Authentication
          2. Types of Authentication: Two-factor Authentication
          3. Types of Authentication : Biometrics
          4. Types of Authentication : Smart Card Authentication
          5. Types of Authentication: Single Sign-on (SSO)
        4. Types of Authorization Systems
          1. Centralized Authorization
          2. Implicit Authorization
          3. Decentralized Authorization
          4. Explicit Authorization
        5. Authorization Principles
          1. Least privilege
          2. Separation of duties
        6. Cryptography
          1. Encryption
          2. Hashing: Data Integrity
          3. Digital Signatures
          4. Digital Certificates
          5. Public Key Infrastructure (PKI)
        7. Security Policy
          1. Network Security Policy
          2. Key Consideration for Network Security Policy
          3. Types of Network Security Policies
        8. Network Security Devices
          1. Firewalls
          2. DMZ
          3. Virtual Private Network (VPN)
          4. Proxy Server
          5. Honeypot
          6. Intrusion Detection System (IDS)
          7. Intrusion Prevention System (IPS)
          8. IDS/IPS Solutions
          9. Network Protocol Analyzer
          10. Internet Content Filter
          11. Integrated Network Security Hardware
        9. Network Security Protocols
          1. RADIUS
          2. TACACS+
          3. Kerbros
          4. Pretty Good Service (PGP) Protocol
          5. S/MIME Protocol
          6. Secure HTTP
          7. Hyper Text Transfer Protocol Secure (HTTPS)
          8. Transport Layer Security (TLS)
          9. Internet Protocol Security (IPsec)
      4. Network Security Policy Design and Implementation
        1. What is Security Policy?
          1. Hierarchy of Security Policy
          2. Characteristics of a Good Security Policy
          3. Contents of Security Policy
          4. Typical Policy Content
          5. Policy Statements
          6. Steps to Create and Implement Security Policies
          7. Considerations Before Designing a Security Policy
          8. Design of Security Policy
          9. Policy Implementation Checklist
          10. Types of Information Security Policy
        2. Internet Access Policies
          1. Promiscuous Policy
          2. Permissive Policy
          3. Paranoid Policy
          4. Prudent Policy
        3. Acceptable-Use Policy
        4. User-Account Policy
        5. Remote-Access Policy
        6. Information-Protection Policy
        7. Firewall-Management Policy
        8. Special-Access Policy
        9. Network-Connection Policy
        10. Business-Partner Policy
        11. Email Security Policy
        12. Passwords Policy
        13. Physical Security Policy
        14. Information System Security Policy
        15. Bring Your Own Devices (BYOD) Policy
        16. Software/Application Security Policy
        17. Data Backup Policy
        18. Confidential Data Policy
        19. Data Classification Policy
        20. Internet Usage Policies
        21. Server Policy
        22. Wireless Network Policy
        23. Incidence Response Plan (IRP)
        24. User Access Control Policy
        25. Switch Security Policy
        26. Intrusion Detection and Prevention (IDS/IPS) Policy
        27. Personal Device Usage Policy
        28. Encryption Policy
        29. Router Policy
        30. Security Policy Training and Awareness
        31. ISO Information Security Standards
          1. ISO/IEC 27001:2013: Information technology — Security Techniques —
          2. ISO/IEC 27033:Information technology -- Security techniques -- Network security
        32. Payment Card Industry Data Security Standard (PCI-DSS)
        33. Health Insurance Portability and Accountability Act (HIPAA)
        34. Information Security Acts: Sarbanes Oxley Act (SOX)
        35. Information Security Acts: Gramm-Leach-Bliley Act (GLBA)
        36. Information Security Acts: The Digital Millennium Copyright Act (DMCA) and Federal formation Security Management Act (FISMA)
        37. Other Information Security Acts and Laws
          1. Cyber Law in Different Countries
      5. Physical Security
        1. Physical Security
          1. Need for Physical Security
          2. Factors Affecting Physical Security
          3. Physical Security Controls
          4. Physical Security Controls: Location and Architecture Considerations
          5. Physical Security Controls: Fire Fighting Systems
          6. Physical Security Controls: Physical Barriers
          7. Physical Security Controls: Security Personnel
        2. Access Control Authentication Techniques
          1. Authentication Techniques: Knowledge Factors
          2. Authentication Techniques: Ownership Factors
          3. Authentication Techniques: Biometric Factors
        3. Physical Security Controls
          1. Physical Locks
          2. Mechanical locks:
          3. Digital locks:
          4. Combination locks:
          5. Electronic /Electric /Electromagnetic locks:
          6. Concealed Weapon/Contraband Detection Devices
          7. Mantrap
          8. Security Labels and Warning Signs
          9. Alarm System
          10. Video Surveillance
          11. Physical Security Policies and Procedures
        4. Other Physical Security Measures
          1. Lighting System
          2. Power Supply
        5. Workplace Security
          1. Reception Area
          2. Server/ Backup Device Security
          3. Critical Assets and Removable Devices
          4. Securing Network Cables
          5. Securing Portable Mobile Devices
        6. Personnel Security: Managing Staff Hiring and Leaving Process
        7. Laptop Security Tool: EXO5
          1. Laptop Tracking Tools
        8. Environmental Controls
          1. Heating, Ventilation and Air Conditioning
          2. Electromagnetic Interference (EMI) Shielding
          3. Hot and Cold Aisles
        9. Physical Security: Awareness /Training
        10. Physical Security Checklists
      6. Host Security
        1. Host Security
          1. Common Threats Specific to Host Security
          2. Where do they come from?
          3. Why Host Security?
          4. Before Configuring Host Security: Identify purpose of each Host
          5. Host Security Baselining
        2. OS Security
          1. Operating System Security Baselining
          2. Common OS Security Configurations
          3. Windows Security
          4. Patch Management
          5. Disabling Unused System Services
          6. Set Appropriate Local Security Policy Settings
          7. Configuring Windows Firewall
          8. Protecting from Viruses
          9. Protecting from Spywares
          10. Email Security: AntiSpammers
          11. Enabling Pop-up Blockers
          12. Windows Logs Review and Audit
          13. Configuring Host-based IDS/IPS
          14. File System Security: Setting Access Controls and Permission to Files and Folders
          15. File and File System Encryption
        3. Linux Security
          1. Linux Baseline Security Checker: buck-security
          2. Password Management
          3. Disabling Unnecessary Services
          4. Killing unnecessary processes
          5. Linux Patch Management
          6. Understanding and checking Linux File Permissions
          7. Host-based Firewall Protection with iptables
          8. Linux Log review and Audit
        4. Securing Network Servers
          1. Before Hardening Servers
          2. Hardening Web Server
          3. Hardening Email Server: Recommendations
          4. Hardening FTP Servers: Recommendations
        5. Hardening Routers and Switches
          1. Hardening Routers: Recommendations
          2. Hardening Switches
          3. Logs Review and Audit: Syslog
          4. GFI EventsManager: Syslog Server
        6. Application/software Security
          1. Application Security
        7. Data Security
          1. What is Data Loss Prevention (DLP)
        8. Virtualization Security
          1. Virtualization Terminologies
          2. Introduction to Virtualization
          3. Characteristics of Virtualization
          4. Benefits of Virtualization
          5. Virtualization Vendors
          6. Virtualization Security
          7. Securing Hypervisor
          8. Securing Virtual machines
          9. Secure Virtual Network Management
      7. Secure Firewall Configuration and Management
        1. Firewalls and Concerns
        2. What Firewalls Does?
        3. What should you not Ignore?: Firewall Limitations
        4. How Does a Firewall Work?
        5. Firewall Rules
        6. Types of Firewalls
          1. Hardware Firewall
          2. Software Firewall
        7. Firewall Technologies
          1. Packet Filtering Firewall
          2. Circuit Level Gateway
          3. Application Level Firewall
          4. Stateful Multilayer Inspection Firewall
          5. Application Proxy
          6. Network Address Translation
          7. Virtual Private Network
        8. Firewall Topologies
          1. Bastion host
          2. Screened subnet
          3. Multi-homed firewall
          4. Choosing Right Firewall Topology
        9. Firewall Rule Set & Policies
          1. Build an Appropriate Firewall Ruleset
          2. Blacklist vs Whitelist
          3. Example: Packet Filter Firewall Ruleset
          4. Implement Firewall Policy
          5. Periodic Review of Firewall Policies
        10. Firewall Implementation
          1. Before Firewall Implementation and Deployment
          2. Firewall Implementation and Deployment
          3. Planning Firewall Implementation
          4. Factors to Consider before Purchasing any Firewall Solution
          5. Configuring Firewall Implementation
          6. Testing Firewall Implementation
          7. Deploying Firewall Implementation
          8. Managing and Maintaining Firewall Implementation
        11. Firewall Administration
          1. Firewall Administration: Deny Unauthorized Public Network Access
          2. Firewall Administration: Deny Unauthorized Access Inside the Network
          3. Firewall Administration: Restricting Client’s Access to External Host
        12. Firewall Logging and Auditing
          1. Firewall Logging
          2. Firewall Logs
        13. Firewall Anti-evasion Techniques
        14. Why Firewalls are Bypassed?
        15. Full Data Traffic Normalization
        16. Data Stream-based Inspection
        17. Vulnerability-based Detection and Blocking
        18. Firewall Security Recommendations and Best Practices
          1. Secure Firewall Implementation: Best Practices
          2. Secure Firewall Implementation: Recommendations
          3. Secure Firewall Implementation: Do’s and Don’ts
        19. Firewall Security Auditing Tools
          1. Firewall Analyzer
          2. Firewall Tester: Firewalk
          3. FTester
          4. Wingate
          5. Symantec Enterprise Firewall
          6. Hardware Based Firewalls
          7. Software Based Firewalls
      8. Secure IDS Configuration and Management
        1. Intrusions and IDPS
          1. Intrusions
          2. Intrusion Detection and Prevention Systems (IDPS)
        2. IDS
          1. Role of IDS in Network Defense
          2. IDS Functions
          3. What Events do IDS Examine?
          4. What IDS is NOT?
          5. IDS Activities
          6. How IDS Works?
          7. IDS Components
          8. Intrusion Detection Steps
        3. Types of IDS Implementation
          1. Approach-based IDS
          2. Behavior-based IDS
          3. Protection-based IDS
          4. Structure-based IDS
          5. Analysis Timing based IDS
          6. Source Data Analysis based IDS
        4. IDS Deployment Strategies
          1. Staged IDS Deployment
          2. Deploying Network-based IDS
        5. Types of IDS Alerts
          1. True Positive (Attack - Alert)
          2. False Positive (No Attack - Alert)
          3. False Negative(Attack - No Alert)
          4. True Negative (No Attack - No Alert)
          5. Dealing with False Positive/Alarm
          6. Calculating False Positive/False Negative Rate
          7. Dealing with False Negative
          8. Excluding False Positive Alerts with Cisco Secure IPS
          9. Characteristics of a Good IDS
          10. IDS mistakes that should be avoided
        6. IPS
          1. IPS Technologies
          2. IPS Placement
          3. IPS Functions
          4. Need of IPS
          5. IDS vs IPS
          6. Types of IPS
          7. Network-Based IPS
          8. Host-Based IPS
          9. Wireless IPS
          10. Network Behavior Analysis (NBA) System
        7. IDPS Product Selection Considerations
          1. General Requirements
          2. Security Capability Requirements
          3. Performance Requirements
          4. Management Requirements
          5. Life Cycle Costs
        8. IDS Counterparts
          1. Complementing IDS
          2. Vulnerability Analysis or Assessment Systems
          3. File Integrity Checkers
          4. Honey Pot & Padded Cell Systems
          5. IDS Evaluation: Snort
          6. IDS/IPS Solutions
          7. IDS Products and Vendors
      9. Secure VPN Configuration and Management
        1. Understanding Virtual Private Network (VPN)
        2. How VPN works?
        3. Why to Establish VPN ?
        4. VPN Components
          1. VPN Client
          2. Tunnel Terminating Device
          3. Network Access Server (NAS)
          4. VPN Protocol
        5. VPN Concentrators
          1. Functions of VPN Concentrator
        6. Types of VPN
          1. Client-to-site (Remote-access) VPNs
          2. Site-to-Site VPNs
          3. Establishing Connections with VPN
        7. VPN Categories
          1. Hardware VPNs
          2. Software VPNs
        8. Selecting Appropriate VPN
        9. VPN Core Functions
          1. Encapsulation
          2. Encryption
          3. Authentication
        10. VPN Technologies
        11. VPN Topologies
          1. Hub-and-Spoke VPN Topology
          2. Point-to-Point VPN Topology
          3. Full Mesh VPN Topology
          4. Star Topology
        12. Common VPN Flaws
          1. VPN Fingerprinting
          2. Insecure Storage of Authentication Credentials by VPN Clients
          3. Username Enumeration Vulnerabilities
          4. Offline Password Cracking
          5. Man- in- the Middle Attacks
          6. Lack of Account Lockout
          7. Poor Default Configurations
          8. Poor Guidance and Documentation
        13. VPN Security
          1. Firewalls
          2. VPN Encryption and Security Protocols
          3. Authentication for VPN Access
          4. Connection to VPN: SSH and PPP
          5. Connection to VPN: Concentrator
          6. VPN Security – Radius
        14. Quality Of Service and Performance in VPNs
          1. Improving VPN Speed
          2. Quality of Service (QOS) in VPNs
          3. SSL VPN Deployment Considerations
          4. SLAs for VPN
          5. IP VPN Service Level Management
          6. VPN Service Providers
          7. Auditing and Testing the VPN
          8. Best Security Practices for VPN Configuration
      10. Wireless Network Defense
        1. Wireless Terminologies
        2. Wireless Networks
          1. Advantages of Wireless Networks
          2. Disadvantages of Wireless Networks
        3. Wireless Standard
        4. Wireless Topologies
          1. Ad-hoc Standalone Network Architecture (IBSS - Independent Basic Service Set)
          2. Infrastructure Network Topology (Centrally Coordinated Architecture/ BSS - Basic Service Set)
        5. Typical Use of Wireless Networks
          1. Extension to a Wired Network
          2. Multiple Access Points
          3. LAN-to-LAN Wireless Network
          4. 3G Hotspot
        6. Components of Wireless Network
          1. Access Point
          2. Wireless Cards (NIC)
          3. Wireless Modem
          4. Wireless Bridge
          5. Wireless Repeater
          6. Wireless Router
          7. Wireless Gateways
          8. Wireless USB Adapter
          9. Antenna
        7. WEP (Wired Equivalent Privacy) Encryption
        8. WPA (Wi-Fi Protected Access) Encryption
        9. WPA2 Encryption
        10. WEP vs. WPA vs. WPA2
        11. Wi-Fi Authentication Method
          1. Open System Authentication
          2. Shared Key Authentication
        12. Wi-Fi Authentication Process Using a Centralized Authentication Server
        13. Wireless Network Threats
          1. War Driving
          2. Client Mis-association
          3. Unauthorized Association
          4. HoneySpot Access Point (Evil Twin) Attack
          5. Rogue Access Point Attack
          6. Misconfigured Access Point Attack
          7. Ad Hoc Connection Attack
          8. AP MAC Spoofing
          9. Denial-of-Service Attack
          10. WPA-PSK Cracking
          11. RADIUS Replay
          12. ARP Poisoning Attack
          13. WEP Cracking
          14. Man-in-the-Middle Attack
          15. Fragmentation Attack
          16. Jamming Signal Attack
        14. Bluetooth Threats
          1. Leaking Calendars and Address Books
          2. Bugging Devices
          3. Sending SMS Messages
          4. Causing Financial Losses
          5. Remote Control
          6. Social Engineering
          7. Malicious Code
          8. Protocol Vulnerabilities
        15. Wireless Network Security
          1. Creating Inventory of Wireless Devices
          2. Placement of Wireless AP
          3. Disable SSID Broadcasting
          4. Selecting Stronger Wireless Encryption Mode
          5. Implementing MAC Address Filtering
          6. Monitoring Wireless Network Traffic
          7. Defending Against WPA Cracking
          8. Detecting Rogue Access Points
        16. Wi-Fi Discovery Tools
          1. inSSIDer and NetSurveyor
          2. Vistumbler and NetStumbler
        17. Locating Rogue Access points
        18. Protecting from Denial-of-Service Attacks: Interference
        19. Assessing Wireless Network Security
        20. Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
        21. WPA Security Assessment Tool
          1. Elcomsoft Wireless Security Auditor
          2. Cain & Abel
        22. Wi-Fi Vulnerability Scanning Tools
        23. Deploying Wireless IDS (WIDS) and Wireless IPS (WIPS)
          1. Typical Wireless IDS/IPS Deployment
        24. WIPS Tool
          1. Adaptive Wireless IPS
          2. AirDefense
        25. Configuring Security on Wireless Routers
        26. Additional Wireless Network Security Guidelines
      11. Network Traffic Monitoring and Analysis
        1. Network Traffic Monitoring and Analysis(Introduction)
          1. Advantages of Network Traffic Monitoring and Analysis
          2. Network Monitoring and Analysis: Techniques
          3. Router Based Monitoring Techniques
          4. Non-Router Based Monitoring Techniques
        2. Network Monitoring: Positioning your Machine at Appropriate Location
          1. Connecting Your Machine to Managed Switch
        3. Network Traffic Signatures
          1. Normal Traffic Signature
          2. Attack Signatures
          3. Baselining Normal Traffic Signatures
          4. Categories of Suspicious Traffic Signatures
          5. Attack Signature Analysis Techniques
        4. Packet Sniffer: Wireshark
          1. Understanding Wireshark Components
          2. Wireshark Capture and Display Filters
          3. Monitoring and Analyzing FTP Traffic
          4. Monitoring and Analyzing TELNET Traffic
          5. Monitoring and Analyzing HTTP Traffic
        5. Detecting OS Fingerprinting Attempts
          1. Detecting Passive OS Fingerprinting Attempts
          2. Detecting Active OS Fingerprinting Attempts
          3. Examine Nmap Process for OS Fingerprinting
        6. Detecting PING Sweep Attempt
        7. Detecting ARP Sweep/ ARP Scan Attempt
        8. Detecting TCP Scan Attempt
          1. TCP Half Open/ Stealth Scan Attempt
          2. TCP Full Connect Scan
          3. TCP Null Scan Attempt
          4. TCP Xmas Scan Attempt
        9. Detecting SYN/FIN DDOS Attempt
        10. Detecting UDP Scan Attempt
        11. Detecting Password Cracking Attempts
        12. Detecting FTP Password Cracking Attempts
        13. Detecting Sniffing (MITM) Attempts
        14. Detecting the Mac Flooding Attempt
        15. Detecting the ARP Poisoning Attempt
        16. Additional Packet Sniffing Tools
        17. Network Monitoring and Analysis
          1. PRTG Network Monitor
        18. Bandwidth Monitoring
          1. Bandwidth Monitoring - Best Practices
          2. Bandwidth Monitoring Tools
      12. Network Risk and Vulnerability Management
        1. What is Risk?
        2. Risk Levels
          1. Extreme/High
          2. Medium
          3. Low
        3. Risk Matrix
          1. Risk Management Benefits
          2. Key Roles and Responsibilities in Risk management
        4. Key Risk Indicators(KRI)
        5. Risk Management Phase
          1. Risk Identification
          2. Risk Assessment
          3. Risk Treatment
          4. Risk Treatment Steps
          5. Risk Tracking & Review
        6. Enterprise Network Risk Management
          1. Enterprise Risk Management Framework (ERM)
          2. Goals of ERM Framework
          3. NIST Risk Management Framework
          4. COSO ERM Framework
          5. COBIT Framework
          6. Risk Management Information Systems (RMIS)
          7. Tools for RMIS
          8. Enterprise Network Risk Management Policy
          9. Best Practices for Effective Implementation of Risk Management
        7. Vulnerability Management
          1. Discovery
          2. Asset Prioritization
          3. Assessment
          4. Reporting
          5. Remediation
          6. Verification
      13. Data Backup and Recovery
        1. Introduction to Data Backup
          1. Backup Strategy/Plan
          2. Identifying Critical Business Data
          3. Selecting Backup Media
        2. RAID (Redundant Array Of Independent Disks) Technology
          1. Advantages/Disadvantages of RAID systems
          2. RAID Storage Architecture
          3. RAID Level 0: Disk Striping
          4. RAID Level 1: Disk Mirroring
          5. RAID Level 3: Disk Striping with Parity
          6. RAID Level 5: Block Interleaved Distributed Parity
          7. RAID Level 10: Blocks Striped and Mirrored
          8. RAID Level 50: Mirroring and Striping across Multiple RAID Levels
        3. Selecting Appropriate RAID Levels
          1. Hardware and Software RAIDs
          2. RAID Usage Best Practices
        4. Storage Area Network (SAN)
          1. Advantages of SAN
          2. SAN Backup Best Practices
          3. SAN Data Storage and Backup Management Tools
        5. Network Attached Storage (NAS)
        6. Types of NAS Implementation
        7. Selecting Appropriate Backup Method
          1. Hot Backup(Online)
          2. Cold Backup(Offline)
          3. Warm Backup (Nearline)
        8. Choosing the Right Location for Backup
          1. Onsite Data Backup
          2. Offsite Data Backup
          3. Cloud Data Backup
        9. Backup Types
          1. Full/Normal Data Backup
          2. Differential Data Backup
          3. Incremental Data Backup
          4. Backup Types Advantages and Disadvantages
          5. Choosing Right Backup Solution
          6. Data Backup Software : AOMEI Backupper
        10. Conducting Recovery Drill Test
        11. Data Recovery
        12. Windows Data Recovery Tool
          1. Recover My Files
          2. EASEUS Data Recovery Wizard
          3. PC INSPECTOR File Recovery
          4. Data Recovery Tools for MAC OS X
        13. RAID Data Recovery Services
        14. SAN Data Recovery Software
        15. NAS Data Recovery Services
      14. Network Incident Response and Management
        1. Incident Handling and Response
        2. Incident Response Team Members: Roles and Responsibilities
        3. First Responder
          1. Network Administrators as First Responder
          2. What Should You Know?
          3. First Response Steps by Network Administrators
        4. Incident Handling and Response Process
        5. Overview of IH&R Process Flow
          1. Preparation for Incident Handling and Response
          2. Detection and Analysis
          3. Classification and Prioritization
          4. Incident Prioritization
          5. Notification and Planning
          6. Containment
          7. Forensic Investigation
          8. Eradication and Recovery
          9. Post-incident Activities
          10. Training and Awareness

Back to Top

This training prepares students for the following exam(s):

  • » 312-38 CND : EC-Council Certified Network Defender (CND)

Back to Top

Next Steps after taking this EC-Council Certified Network Defender (CND) Course:

Back to Top

Do you have the right background for EC-Council Certified Network Defender (CND)?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

Emilio G.
- Vastly experienced working within multinational environments and capable of connecting to different audiences - In-depth expertise in the implementation, troubleshooting and documentation of networks and security systems, with strong "hands on" technical knowledge of CISSP, CEH and CHFI. - Master of Science in Electronics Engineering, and holder of several technical certifications. - Highly-skilled in diverse fields ranging from Security, Computer Forensics, Networking, Routing Protocols, Programming, Databases and Applications to name a few. Bio: With over 25 years of technical experience, Emilio brings a dynamic set of skills supported by a Masters Degree in Electronics Engineering and on-the-field experience working in multinational environments. He also holds more than 12 Cisco, CompTIA, and Microsoft certifications. Although he is well versed and thorough in multiple technological fields, his technical forte lies in the security domain, specifically CISSP, CEH and CHFI. Emilio's skills have evolved over time, studying closely and constantly staying well informed of the growing cyber threats. These are just some of the few reasons why Emilio brings to his classes more than just what's in the books.
Larry G.
- More than 14 years of experience as a Security Subject Matter Expert as well as black belt in a variety of martial arts.
- Numerous Challenge Coins from the US Government including the US Army, and the Criminal Investigation Command.
- Much acclaimed instructor at NetCom Learning, with evaluation scores of 8.8 out of 9.


Larry is a unique instructor and IT security expert. If you sit in one of his classes you might get the feeling of being in a martial arts class - That's exactly how Larry wants it! "The principles behind IT security are the same as those in a variety of martial arts," Larry says. In addition to teaching IT security for over 14 years, he has practiced martial arts since he was 13 years old and holds black belts in multiple disciplines including Tai Chi, Kung Fu, and Kick Boxing. "All of these techniques are like tools for different types of attacks," Larry explains.

Larry's excellence in certification training and passion for IT security has earned him numerous Challenge Coins from the US Government including the US Army, and the Criminal Investigation Command. He is also a much acclaimed instructor at NetCom Learning, with evaluation scores of 8.8 out of 9.
Richard L.
- Over 20 years experience in the IT industry.
- CEH and Microsoft training for many government agencies, including the United States Department of Homeland Security, and the Federal Bureau of Investigation.
- CEH and Microsoft training for Fortune corporations such as Merrill Lynch and ADP.


Richard is a premier Microsoft Certified Trainer and Certified EC-Council Instructor. He has over 20 years of experience as a network administrator, security consultant, vulnerability assessor, and penetration tester for assorted Fortune companies.

Richard??s knowledge on the development and implementation of policies and procedures concerning the security of network data is unsurpassed. He has conducted successful CEH and Microsoft training classes for many government agencies including the United States Department of Homeland Security, the Department of Justice and the Federal Bureau of Investigation, as well as Fortune enterprises such as Merrill Lynch and ADP.

See more...   See more instructors...

Back to Top

Recent Client Testimonials & Reviews

Highly professional, engaging and informative!

- Chris A.
Course(s) Taken

» Technical Webinar: Raise your defenses against Malware & Ransomware attacks

  More testimonials »  

Back to Top