Certified Network Defender

The Ultimate Certification for Network Administrators

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

THE WORLD IS BECOMING INCREASING INSECURE
SECURING NETWORKS IS A CRITICAL ISSUE
ABOUT CND CERTIFICATION
CND DESIGN APPROACH
CND COMPARISONS

MARKETING PROGRAM

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

THE WORLD IS BECOMING INCREASING INSECURE

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

The Global State of Information
Security Survey 2016

2016, http://www.pwc.com

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 Network Security Concerns:
World's Biggest Data Breaches
2016, http://www.informationisbeautiful.net

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

How Target Breach Happened?

2014, http://www.computerworld.com

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

The Security Flaws at the Heart
of the Panama Papers

2016, http://www.computerworld.com

2016, http://www.wired.co.uk

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

2016 Network Protection Survey

- Ponemon Institute 2016 report Cost of Data Center Outages

2016, https://www.infoblox.com

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 Cyber Crime Costs
Cyber Crime Costs Projected to Reach $2 Trillion by 2019

2016, http://www.forbes.com
2014, http://www.telegraph.co.uk
2015, http://ww2.cfo.com

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

NETWORK SECURITY IS A CRITICAL ISSUE

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 ABOUT CYBER NETWORK DEFENCE

• While there will be over 1.5 million cyber security jobs that
remain unfilled by 2019, millions of IT and Network
administrators remain untrained on network defense techniques.
Michael Brown – CEO Symantec
• Network defence is a broader market globally as compared to
ethical hacking and penetration testing.

• It forms the basis on which skilled professionals can pursue CEH

and ECSA (the reverse works as well).

• Networking professionals with certifications from the likes of

CCNA, Network+, Security+ are immediate targets segments.

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

“Network defense is important to businesses of
all sizes”…. Ron McKenzie

http://www.marketwired.com/

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

Blind Spots in Network Defense

JUNE 30, 2016

Organizations are facing the blind spots in their

network defenses.

Organizations are finding it difficult to address

blind spots because of lack of Network Security
Knowledge.

Organizations are facing challenges in the

acquisition of human resources with network
security skills.

https://securityintelligence.com

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

“Network Administrators can be become a first line of
defense for the organization, if they have enough
security skills or are trained properly”

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 Why Network Administrators are So
Important for an Organization?

Network administrators spend a lot of time with

network environments, and are familiar with
network traffic, performance and utilization,
network topology, location of each system,
security policy, etc.

If they provide protection, detection and

response to incidents in early stages,
organizations can contain or minimize potential
impact of an incident.

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 Rising Demand for Network
Security Skills

“Constant breaches of organizational networks are leading to increased

demands for trained and certified network administrators to install,
configure, secure and optimize their network.”

http://www.itcareerfinder.com
Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.
Rising Demand for Network
Security Skills

“There is huge gap between potential

demand of individuals with network
security skills and their availability”

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 IT careers: Network Security Talent
is Red-Hot

IT SALARY SURVEY 2015 SAYS:

There is an especially strong

demand for data security analysts,
systems security administrators,
network security administrators,
network security engineers and
security managers, according to
the RHT report.

http://www.computerworld.com

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

ABOUT CND CERTIFICATION

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

What is CND Certification ?

Certified Network Defender (CND ) is a vendor-neutral,

hands-on, instructor-led comprehensive network
security certification program

Prepares individuals on network security technologies

and operations to achieve defense-in-depth objectives

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

Where Does CND Fits in EC-Council
Career Path?

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

CND DESIGN APPROACH

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 How CND Will Help You – A Checklist for
Network Managers

After attending the CND training, students will be able to:

Design and implement the network security policies and procedures

Troubleshoot the network for various network problems

Identify various threats on organization’s network

Determine and implement various physical security controls for their organizations

Harden security of various hosts individually in the organization’s network

Select appropriate firewall solution, topology, and configurations to harden security through firewall

Determine appropriate location for IDS/IPS sensors, tuning IDS for false positives and false negatives, and
configurations to harden security through IDPS technologies

Implement secure VPN implementation for their organization

Identify various threats to wireless network and mitigate them

Maintain the inventory of computers, servers, terminals, modems and other access devices

Provide security awareness guidance and trainings

Manage, assign, and maintain the list of network addresses

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 How CND Will Help You – A Checklist for
Network Managers

After attending the CND training, students will be able to:

Perform risk assessment, vulnerability assessment/scanning through various scanning tools and generate
detailed reports on it

Identify the critical data, choose appropriate back up method, media and technique to perform successful
backup of organization data on regular basis

Provide first response to the network security incident and assist IRT team and forensics investigation team
in dealing with an incident.

Add, remove, or update user account information

Apply operating system updates, patches and make configuration changes

Update system configurations to maintain an updated security posture using current patches, device and
operating system hardening techniques, and Access Control Lists.

Manage network Authentication, Authorization, Accounting (AAA) for network devices

Monitor network traffic and ensure the security of network traffic

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 How CND Will Help You – A Checklist for
Network Managers

After attending the CND training, students will be able to:

Manage Proxy and Content filtering

Review audit logs from Firewall, IDS/IPS, servers and hosts on the internal, protected network

Analyze, troubleshoot, and investigate security-related, information systems’ anomalies based on

security platform

Maintain, configure, and analyze network and host-based security platforms

Use File integrity verification and monitoring solutions

Implement Network Access Control (NAC)

Implement Data Loss Prevention (DLP) solutions

Evaluate security products as well as security operations procedures and processes.

Manage and maintain Windows Security Administration

Manage and maintain Linux Security Administration

Harden Routers and Switches

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 Network Security is a Major Component
of Information Security Defense-in-Depth
Network security components play major role in all layers of DID

Internet Access, Acceptable-Use, User-Account, Firewall-

Management, Email Security, Passwords, Physical Security,
BYOD, ISO/IEC 27001, PCI-DSS, HIPAA, etc.

Physical locks, Access controls, security personnel, Fire

Fighting Systems, Power Supply, Video surveillance, Lighting,
alarm system, etc.

Server, DNS, Email, Routers, Firewalls, Switches

Routers, Servers, Switches, Firewalls

OS , Antiviruses, Patches, Password Management, Logging,

etc.
Blacklisting, whitelisting, patch management, password
management, Application Configuration, firewall, etc.

Encryption, Hashing, permission, DLP

Defense in Depth Layers

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.
COMPONENTS OF CND FOCUS

Protect Detect

Respond

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 PROTECT

“Refers to implementation of controls to

achieve Defense-in-Depth protection”

Policies ● Physical Security ● Host Security ●

Firewalls ● IDS/IPS

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 DETECT
“Refers to development and use of processes,
techniques and tools to detect security bypass
attempts; it guides you through detection of
incidents”

Network Monitors ● Log Management ●

Vulnerability Scanning ● Risk Management

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 RESPOND

If an incident does occur, CND guides you through

the incident response process and post incident
actions to contain damage

Incident Handling● Incident Response ● Data

Back and Recovery

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 CND Phases And Core Domains

CND Phases CND Modules

Module 01: Computer Network and Defense Fundamentals
Introduction
Module 02: Network Security Threats, Vulnerabilities, and Attacks
Module 03: Network Security Controls, Protocols, and Devices
Module 04: Network Security Policy Design and Implementation
Module 05: Physical Security
Module 06: Host Security
Protection Module 07: Secure Firewall Configuration and Management
Module 08: Secure IDS Configuration and Management
Module 09: Secure VPN Configuration and Management
Module 10: Wireless Network Defense
Module 11: Network Traffic Monitoring and Analysis
Analysis and Detection
Module 12: Network Risk and Vulnerability Management
Module 13: Data Backup and Recovery
Response
Module 14: Network Incident Response and Management

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

What Does the Program Cover?

Technologies Operations People

Physical security Creating and enforcing Network Administrator

Firewalls /IDS security policies Network Security
implementation Creating and enforcing Administrator
OS hardening/patching standard network operating
Network Security Engineer
procedures
Antivirus protection Security Architects
Planning business continuity
Encryption mechanism
Configuration control Security Analysts
Authentication mechanism
management Network Technicians
Configuration management
Creating and implementing End Users
Access control mechanism incident response processes
Proxy servers Planning data recovery
Packet/content filtering Conducting forensics
Product evaluation based activities on incidents
on common criteria Providing security awareness
Passwords security and training
Network logs audit Enforcing security as culture

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 Target Audience

“Network Administrators are the primary target audience of CND course”

However, The course will also be beneficial for:

 CND Analyst
 Network Defense Technician
 Network Engineer
 Security Analyst
 Security Operator
 Anyone who involves in network operations

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 Student should have fundamental
knowledge of networking concept.

Course Pre-requisites

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

Course Duration

Course Duration
 Days: 5 Days
 Time: 9.00 AM to 5.00 PM

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

CND Exam Information

Number of Questions: 100

Passing Score: 70%
Test Duration: 4 Hours
Test Format: Interactive Multiple Choice
Test Delivery: ECC Exam

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 CND VALUE PROPOSITIONS

It is designed and developed by experienced SMEs and network security

professionals

It covers all the three approaches, i.e. PREVENTIVE, REACTIVE, RETROSPECTIVE of

network security

The program is developed after a thorough job role analysis and market research

Detailed labs for hands-on learning experience; approximately 50% of training

time is dedicated to labs

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 CND VALUE PROPOSITIONS

It covers the relevant knowledge-bases and skills to meets with regulatory

compliance standards such as ISO 27001, PCI DSS, SOX, HIPPA, etc.

More than 10 GB of network security, assessment and protection tools including

various network policy templates, Wireshark filters, etc.

The student kit contains large number of white papers for additional reading

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

CND VALUE PROPOSITIONS

CND Maps to NICE Framework

Compliance with National Initiative for

Cybersecurity Education (NICE) “Protect and
Defend” specialty area

Individual working under this specialty

area holds following job titles:
• CND Analyst (Cryptologic)
• Cyber Security Intelligence Analyst
• Focused Operations Analyst
• Incident Analyst
• Network Defense Technician
• Network Security Engineer
• Security Analyst
• Security Operator
• Sensor Analyst

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

CND VALUE PROPOSITIONS

CND maps Job Roles of

System Administrator specified by
Department of Defense (DoD)

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

CND COMPARISONS

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 CND - CEH Ecosystem
I want to be an active part of mitigation and remediation process.

CEH

I want to assess/audit my network security design and implementation.

 I want to Assess & Audit Network
Security.
 I want to be part of a Red Team.
CND  I want to be Network Security
Auditor/Ethical Hacker.

Strengthen Networking
Security+, CCNA, CCNA Concepts/~2 years of work
Security, Network+, CCNP Experience

 I want to Design & Implement Network

Security.
 I want to be part of a Blue Team.
 I want to be Network Security Engineer.

ECSS

CSCU

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 CND vs CEH
Techniques/Domains CND (Secure yourself)- (Blue Team) CEH (Test how secure you are!)- (Red Team)
Firewall Secure firewall design and implementations Firewall Exploitation/Evasion techniques
IDS/IPS Secure IDS design and implementations IDS Exploitation/Evasion techniques
Finding out the vulnerabilities and exploiting
Vulnerability Scanning Patching vulnerabilities
them
System System security techniques System hacking techniques
Server Server security techniques Server hacking techniques
Wireless Network Wireless network defense techniques Wireless network hacking techniques
Cryptanalysis techniques to crack
Cryptography Cryptographic techniques
cryptography
Web Applications Web Application hacking
Mobile Platform Mobile platform hacking
Techniques to exploit network and system
Attack Explained Introduction to attacks security using various attacks such as
Malware, Sniffing, DoS, Session hijacking, etc.

Security Policies Design and implementation of security policies

VPN VPN security design and implementation

Threat Detection Network monitoring and analysis
Data Security Data backup and recovery
Response Network Incident Response

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 How CND is Different from
Competition?
CND imparts and validates intermediate level network security knowledge and skills whereas
Security+ validates only foundational IT security knowledge
CND is a completely hands-on program with 50% time dedicates to labs whereas Security+ is a
theoretical knowledge based program

Techniques CND Security+

Protection
Security Threats, vulnerabilities, Attacks Yes Yes(Limited)
Network Security Controls Yes Yes
Network Policy Design Yes NO
Physical Security Yes Yes(Limited)
Host, Application, Data Security Yes Yes(Limited)
Firewall Yes Yes(Limited)
IDS Yes Yes(Limited)
VPN Yes Yes(Limited)
Wireless Security Yes Yes(Limited)
Detection
Network Monitoring and Analysis Yes NO
Risk and Vulnerability Management Yes Yes(Limited)
Response
Data Backup and Recovery Yes NO
Network Incident Response Yes Yes(Limited)

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 CND vs. CCNA/CCNA Security

 CND is a vendor neutral program

CCNA Security  CND covers Defense-in-Depth including

Technologies and Operations whereas CCNA/
CCNA Security focus primarily on CISCO
Technologies

 CND covers topics such as Network Monitoring

and Analysis, Risk Management, Network Incident
CND Response, Physical Security, etc. which are critical
for current network security scenario whereas
CCNA/CCNA Security do not include these topics

 CND covers Protection, Detection and Response

for network security whereas CCNA/CCNA
CCNA Security primarily focus on Protection part

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 Student Testimonials

"The knowledge transferred

"The CNDinprogram
the CNDwill "With
give the
peopleCNDwhoprogram
"TheI will be able to
knowledge gain from CND training
program will definitely help had
haven't in my job class
a CEH handle issues
or cert and instruct
a better programothers
willon proper help my employer by
hopefully
especially in systemunderstanding
implementation ofand response,
security posturesprevention, and procedures
and showing additionalmuch
skills on paper when
dealing with my vendor in project
procedures, better“and network/host
packet analysis presenting a bid for a consulting contract.“
management." security processes.“ John Welling Brady Cooper
Michael McGuire IT Specialist (Sys Admin)Cyber security analyst
Team Lead,Antony
Network TayApplication Support Department of Defense Booz Allen Hamilton
System Management Lead Team USA USA
Singapore
DefencePolice Force
Information Systemsgain
Agency
"The CND program will"The
help
knowledge I "The knowledge
me whentransferred in the CND from
"The CND program will allows employers to better
USA
encounter security orprogram
networkwill help mymake
related my day
network to day job
traffic understand
more interesting"
the importance of network
problem" monitoring and analysis job" information security , in order to devote more
Yen-Chang Liang resources.“
Omar Rodriguez Soto
Staff Officer Ming Chung Chien IT Security Manager Hsien Lin Chu
Ministry of Foreign AffairsIT Assistant Manager MAPFRE ENGINEER
Taiwan KPMG Spain KPMG
Taiwan Taiwn

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

 CEI Testimonials

“It is very good and very

“Theinformative.
experience The
of the course
The product “Inwas
offered general,
forgreat.the
Ii course
the class is is very well focused
good part is along with
have
slides,
to adjust
thebetter
explanation
times in teaching
than and the
structured
the original theory astowell
available theas the time necessary
of the content is given
and
in practical.”
detail. This makes
instructors. to cover topics”
the students understand
This the matter
class coverswell.” Jose Chuck
a wide range of areas Olivera
and can seem over Antonio da Silva
Danley
Geeta
welling at first, but ISingh ITmaterial
Era S.A.covers
LeaderQuest
think the de C.V.the
Holdings Itera
Inc Process
topics well Consulting SL
QUIK Over all I think
without going to in-depth. Mexico USAwent well, I
the class Spain
believe there is a goodINDIA
balance of slides and labs. I was able to
cover the slide material and then give the students time in class
to work on the labs.

I think this is a great class and will be beneficial for network and
system administrators. Thank you for the opportunity to give
this class, and I look forward to teaching it again.
Wayne Pruitt
Stealth Entry
USA

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.

Thank You

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.