Certifed Network Defender – CND (312-38)


Duration: 5 days

About this course

The Certified Network Defender (CND v2) helps Blue Teams defend and win the war against network breaches. CND v2 is an adaptive security strategy built on a 4-pronged approach — Protect, Detect, Respond, and Predict. This approach not only proves effective in responding to a network attack but stops them before they happen. The 4-pronged approach is as follows:


  • Defense-In-Depth Security
  • Properly Designed, Implemented and Enforced Security Policies
  • Security Architectures
  • Appropriate Configuration
  • Right Selection of Security Controls


  • Traffic Monitoring
  • Log Management
  • Log Monitoring
  • Anomalies Detection


  • Incident Response
  • Forensics Investigation
  • Business Continuity (BC)
  • Disaster Recovery (DR)


  • Risk and Vulnerability Assessment
  • Attack Surface Analysis
  • Threat Intelligence

Audience profile

CND v2 is for all cybersecurity operations, roles, and anyone looking to build a career in cybersecurity. CND v2 is for those who work in these network administration/cybersecurity domains:

  • Network Administrator/Engineer
  • Network Security Administrator/Engineer/Analyst
  • Cybersecurity Engineer
  • Security Analyst
  • Network Defense Technician
  • Security Operator

Learning objectives

  • Understanding network security management
  • Establishing network security policies and procedures
  • Windows and Linux security administration
  • Setting up mobile and IoT device security
  • Implementing data security techniques on networks
  • Embedding virtualization technology security
  • Determining cloud and wireless security
  • Deploying and using risk assessment tools
  • Learn basics of first response and forensics
  • Understanding indicators of Compromise, Attack, and Exposures (IoC, IoA, IoE)
  • Building threat intelligence capabilities
  • Establishing and monitoring log management
  • Implementing endpoint security
  • Configuring optimum firewall solutions
  • Understanding and using IDS/IPS technologies
  • Establishing Network Authentication, Authorization, Accounting (AAA)

What’s included?

  • Authorized Courseware
  • Intensive Hands on Skills Development with an Experienced Subject Matter Expert
  • Hands-on practice on real Servers and extended lab support 1.800.482.3172
  • Examination Vouchers & Onsite Certification Testing- (excluding Adobe and PMP Boot Camps)
  • Academy Code of Honor: Test Pass Guarantee
  • Optional: Package for Hotel Accommodations, Lunch and Transportation

With several convenient training delivery methods offered, The Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Academy for an engaging and effective learning experience.


  • Instructor Led (the best training format we offer)
  • Live Online Classroom – Online Instructor Led
  • Self-Paced Video

Speak to an Admissions Representative for complete details

StartFinishPublic PricePublic Enroll Private PricePrivate Enroll


Domain 1: Network Defense Management

1.1 Network Attacks and Defense Strategies

• Explain essential terminologies related to network security attacks

• Describe the various examples of network-level attack techniques

• Describe the various examples of host-level attack techniques

• Describe the various examples of application-level attack techniques

• Describe the various examples of social engineering attack techniques

• Describe the various examples of email attack techniques

• Describe the various examples of mobile device-specific attack techniques

• Describe the various examples of cloud-specific attack techniques

• Describe the various examples of wireless network-specific attack techniques

• Describe Attacker’s Hacking Methodologies and Frameworks

• Understand fundamental goal, benefits, and challenges in network defense

• Explain Continual/Adaptive security strategy

• Explain defense-in-depth security strategy

1.2 Administrative Network Security

• Obtain compliance with regulatory frameworks

• Discuss various Regulatory Frameworks, Laws, and Acts

• Learn to design and develop security policies

• Conduct security awareness training

• Discuss other administrative security measures

Domain 2: Network Perimeter Protection

2.1 Technical Network Security

• Discuss access control principles, terminologies, and models

• Redefine Access Control security in Today’s Distributed and Mobile Computing World

• Discuss Identity and Access Management (IAM) concepts

• Discuss cryptographic security techniques

• Discuss various cryptographic algorithms

• Discuss security benefits of network segmentation techniques

• Discuss various essential network security solutions

• Discuss various essential network security protocols

2.2 Network Perimeter Security

• Understand firewall security concerns, capabilities, and limitations

• Understand different types of firewall technologies and their usage

• Understand firewall topologies and their usage

• Distinguish between hardware, software, host, network, internal, and external firewalls

• Select firewalls based on its deep traffic inspection capability

• Discuss firewall implementation and deployment process

• Discuss recommendations and best practices for secure firewall Implementation and deployment

• Discuss firewall administration activities

• Understand role, capabilities, limitations, and concerns in IDS deployment

• Discuss IDS/IPS classification

• Discuss various components of IDS

• Discuss effective deployment of network and host-based IDS

• Learn to how to deal with false positive and false negative IDS alerts

• Discuss the selection of appropriate IDS solutions

• Discuss various NIDS and HIDS Solutions with their intrusion detection capabilities

• Discuss router and switch security measures, recommendations, and best practices

• Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)

Domain 3: Endpoint Protection

3.1 Endpoint Protection

• Understand Window OS and Security Concerns

• Discuss Windows Security Components

• Discuss Various Windows Security Features

• Discuss Windows security baseline configurations

• Discuss Windows User Account and Password Management

• Discuss Windows Patch Management

• Discuss User Access Management

• Discuss Windows OS Security Hardening Techniques

• Discuss Windows Active Directory Security Best Practices

• Discuss Windows Network Services and Protocol Security

3.2 Endpoint Security-Linux System

• Understand Linux OS and Security Concerns

• Discuss Linux Installation and Patching

• Discuss Linux OS Hardening Techniques

• Discuss Linux User Access and Password Management

• Discuss Linux Network and Remote Access Security

• Discuss Various Linux Security Tools and Frameworks

3.3 Endpoint Security-Mobile Device

• Discuss Common Mobile Usage Policies in Enterprises

• Discuss the Security Risk and challenges associated with Enterprises mobile usage policies

• Discuss security guidelines to mitigate risk associated with enterprise mobile usage policies

• Discuss and implement various enterprise-level mobile security management Solutions

• Discuss and implement general security guidelines and best practices on Mobile platforms

• Discuss Security guidelines and tools for Android devices

• Discuss Security guidelines and tools for iOS devices

3.4 Endpoint Security-IoT Devices

• Understand IoT Devices, their need, and Application Areas

• Understand IoT Ecosystem and Communication models

• Understand Security Challenges and risks associated with IoT-enabled environments

• Discuss the security in IoT-enabled Environments

• Discuss Security Measures for IoT-enabled Environments

• Discuss IoT Security Tools and Best Practices

• Discuss and refer various standards, Initiatives and Efforts for IoT Security

Domain 4: Application and Data Protection

4.1 Administrative Application Security

• Discuss and implement Application Whitelisting and Blacklisting

• Discuss and implement application Sandboxing

• Discuss and implement Application Patch Management

• Discuss and implement Web Application Firewall (WAF)

4.2 Data Security

• Understand Data Security and its Importance

• Discuss the implementation of data access controls

• Discuss the implementation of encryption of “Data at rest”

• Discuss the implementation of Encryption of “Data at transit”

• Discuss the implementation of Encryption of “Data at transit” between browser and web server

• Discuss the implementation of Encryption of “Data at transit” between database server and web server

• Discuss the implementation of Encryption of “Data at transit” in Email Delivery

• Discuss Data Masking Concepts / Discuss data backup and retention

• Discuss Data Destruction Concepts

• Data Loss Prevention(DLP) Concepts

Domain 5: Enterprise Virtual, Cloud, and Wireless Network Protection

5.1 Enterprise Virtual Network Security

• Understand Virtualization Essential Concepts

• Discus Network Virtualization (NV) Security

• Discuss Software-Defined Network (SDN) Security

• Discuss Network Function Virtualization (NFV) Security

• Discus OS Virtualization Security

• Discuss Security Guidelines, recommendations and best practices for Containers

• Discuss Security Guidelines, recommendations and best practices for Dockers

• Discuss Security Guidelines, recommendations and best practices for Kubernetes

5.2 Enterprise Cloud Network Security

• Understand Cloud Computing Fundamentals

• Understand the Insights of Cloud Security

• Evaluate CSP for Security before Consuming Cloud Service

• Discuss security in Amazon Cloud (AWS)

• Discuss security in Microsoft Azure Cloud

• Discuss Security in Google Cloud Platform (GCP)

• Discuss general security best practices and tools for cloud security

5.3 Enterprise Wireless Network Security

• Understand wireless network fundamentals

• Understand wireless network encryption mechanisms

• Understand wireless network authentication methods

• Discuss and implement wireless network security measures

Domain 6: Incident Detection

6.1 Network Traffic Monitoring and Analysis

• Understand the need and advantages of network traffic monitoring

• Setting up the environment for network monitoring

• Determine baseline traffic signatures for normal and suspicious network traffic

• Perform network monitoring and analysis for suspicious traffic using Wireshark

• Discuss network performance and bandwidth monitoring concepts

6.2 Network Logs Monitoring and Analysis

• Understand logging concepts

• Discuss log monitoring and analysis on Windows systems

• Discuss log monitoring and analysis on Linux

• Discuss log monitoring and analysis on Mac

• Discuss log monitoring and analysis on Firewall

• Discuss log monitoring and analysis on Routers

• Discuss log monitoring and analysis on Web Servers

• Discuss centralized log monitoring and analysis

Domain 7: Incident Response

7.1 Incident Response and Forensic Investigation

• Understand incident response concept

• Understand the role of first responder in incident response

• Discuss Do’s and Don’t in first response

• Describe incident handling and response process

• Describe forensics investigation process

7.2 Business Continuity and Disaster Recovery

• Introduction to Business Continuity (BC) and Disaster Recovery (DR)

• Discuss BC/DR Activities

• Explain Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)

• Discuss various BC/DR Standards

Domain 8: Incident Prediction

8.1 Risk Anticipation with Risk Management

• Understand risk management concepts

• Learn to manage risk though risk management program

• Learn different Risk Management Frameworks (RMF)

• Learn to manage vulnerabilities through vulnerability management program

• Learn vulnerability assessment and scanning

8.2 Threat Assessment with Attack Surface Analysis

• Understand the attack surface analysis

• Understand and visualize your attack surface

• Learn to identify Indicators of Exposures (IoE)

• Learn to conduct attack simulation

• Learn to reduce the attack surface

8.3 Threat Prediction With Cyber Threat Intelligence

• Understand the role of cyber threat intelligence in network defense

• Understand different types of threat Intelligence

• Understand the Indicators of Threat Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)

• Understand the layers of Threat Intelligence

• Learn to leverage/consume threat intelligence for proactive defense