Training plan
Module 1: Network Attacks and Defense Strategies
- Explain essential terminologies related to network security attacks
- Describe the various examples of network level attack techniques
- Describe the various examples of application level attack techniques
- Describe the various examples of social engineering attack techniques
- Describe the various examples of email attack techniques
- Describe the various examples of mobile device specific attack techniques
- Describe the various examples of cloud specific attack techniques
- Describe the various examples of wireless network specific attack techniques
- Describe the various examples of Supply Chain Attack techniques
- Describe Attacker’s Hacking Methodologies and Frameworks
- Understand fundamental goal, benefits, and challenges in network defense
- Explain Continual/Adaptive security strategy
- Explain defense depth security strategy
Module 2: Administrative Network Security
- Learn to obtain compliance with regulatory framework and standards
- Discuss various Regulatory Frameworks, Laws, and Acts
- Learn to design and develop security policies
- Learn to conduct different type security and awareness training
- Learn to implement other administrative security measures
- Discuss Asset Management
- Learn How to Stay Up to Date on Security Trends and Threats
Module 3: Technical Network Security
- Discuss access control principles, terminologies, and models
- Redefine the Access Control in Today’s Distributed and Mobile Computing World
- Discuss Identity and Access Management (IAM)
- Discuss cryptographic security techniques
- Discuss various cryptographic algorithms
- Discuss security benefits of network segmentation techniques
- Discuss various essential network security solutions
- Discuss various essential network security protocols
Module 4: Network Perimeter Security
- Understand firewall security concerns, capabilities, and limitations
- Understand different types of firewall technologies and their usage
- Understand firewall topologies and their usage
- Distinguish between hardware, software, host, network, internal, and external firewalls
- Select firewalls based on its deep traffic inspection capability
- Discuss firewall implementation and deployment process
- Discuss recommendations and best practices for secure firewall
- Implementation and deployment
- Discuss firewall administration concepts
- Understand role, capabilities, limitations, and concerns in IDS deployment
- Discuss IDS classification
- Discuss various components of ID
- Discuss effective deployment of network and host based IDS
- Learn to how to deal with false positive and false negative IDS/IPS alerts
- Discuss the considerations for selection of an appropriate IDS/IPS solutions
- Discuss various NIDS and HIDS Solutions with their intrusion detection capabilities Snort
- Discuss router and switch security measures, recommendations, and best practices
- Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)
Module 5: Endpoint Security-Windows Systems
- Understand Window OS and Security Concerns
- Discuss Windows Security Components
- Discuss Various Windows Security Features
- Discuss Windows Security Baseline Configurations
- Discuss Windows User Account and Password Management
- Discuss Windows Patch Management
- Discuss User Access Management
Windows OS Security Hardening Techniques - Discuss Windows Active Directory Security Best Practices
- Discuss Windows Network Services and Protocol Security
Module 6: Endpoint Security Linux Systems
- Understand Linux OS and security concerns
- Discuss Linux Installation and Patching
- Discuss Linux OS Hardening Techniques
- Discuss Linux User Access and Password Management
- Discuss Linux Network Security and Remote Access
- Discuss Various Linux Security Tools and Frameworks
Module 7: Endpoint Security-Mobile Devices
- Common Mobile Usage Policies in Enterprises
- Discuss Security Risk and Guidelines associated with Enterprises mobile usage policies
- Discuss and implement various enterprise-level mobile security management Solutions
- Discuss and implement general security guidelines and best practices on Mobile platforms
- Discuss Security guidelines and tools for Android devices
- Discuss Security guidelines and tools for iOS devices
Module 8: Endpoint Security-IoT Devices
- Understanding IoT Devices, their need and Application Areas
- Understanding IoT Ecosystem and Communication models
- Understand Security Challenges and risks associated with IoT-enabled environments
- Discuss the security in IoT-enabled environments
- Discuss Security Measures for IoT enabled IT Environments
- Discuss IoT Security Tools and Best Practices
- Discuss and refer various standards, Initiatives and Efforts for IoT Security
Module 9: Administrative Application Security
- Discuss and implement Application Whitelisting and Blacklisting
- Discuss and implement application Sandboxing
- Discuss and implement Application Patch Management
- Discuss and implement Web Application Firewall (WAF)
Module 10: Data Security LO#01: Understand data security and its importance
- Understand data security and its importance
- Understand Data Integrity and Its Importance
- Discuss the implementation of Encryption of Data at rest
- Discuss the implementation of Encryption of “Data at transit”
- Discuss Data Masking Concepts
- Discuss data backup and retention
- Discuss Data Destruction Concepts
- Data Loss Prevention Concepts
Module 11: Enterprise Virtual Network Security
- Discuss the evolution of network and security management concept in modern Virtualized IT Environments
- Understand Virtualization Essential Concepts
- Discus Network Virtualization (NV) Security
- Discuss SDN Security
- Discuss Network Function Virtualization (NFV) Security
- Discuss OS Virtualization Security
- Discuss Security Guidelines,
- Recommendations and Best Practices for Containers
- Discuss Security Guidelines, Recommendations and Best practices for Dockers
- Discuss Security Guidelines, Recommendations and Best Practices for Kubernetes
Module 12: Enterprise Cloud Security
- Understand Cloud Computing Fundamentals
- Understanding the Insights of Cloud Security
- Evaluate CSP for Security before Consuming Cloud Service
- Discuss security in Amazon Cloud (AWS)
- Discuss security in Microsoft Azure Cloud
- Discuss security in Google Cloud Platform (GCP)
- Discuss general security best practices and tools for cloud security
Module 13: Wireless Network Security
- Understand wireless network fundamentals
- Understand wireless network encryption mechanisms
- Understand wireless network authentication methods
- Discuss and implement wireless network security measures
Module 14: Network Traffic Monitoring and Analysis
- Understand the need and advantages of network traffic monitoring
- Setting up the environment for network monitoring
- Determine baseline traffic signatures for normal and suspicious network traffic
- Perform network monitoring and analysis for suspicious traffic using Wireshark
- Discuss network performance and bandwidth monitoring tools and techniques
- Understand Network Anomaly Detection with Behavior analysis
Module 15: Network Logs Monitoring and Analysis
- Understand logging concepts
- Discuss log monitoring and analysis on Windows systems
- Discuss log monitoring and analysis on Linux
- Discuss log monitoring and analysis on Mac
- Discuss log monitoring and analysis in Firewal
- Discuss log monitoring and analysis on Routers
- Discuss log monitoring and analysis on Web Servers
- Discuss centralized log monitoring and analysis
Module 16: Incident Response and Forensic Investigation
- Understand incident response concept
- Understand the role of first responder in incident response
- Discuss Do’s and Don’t in first response
- Describe incident handling and response process
- Enhance Incident-Response using AI/ML
- Learn how to Automate Incident Response-SOAR
- Understand Incident Response using Endpoint Detection and Response (EDR)
- Understanding Incident Response using Extended Detection and Response (XDR)
- Describe forensics investigation process
Module 17: Business Continuity and Disaster Recovery
- Introduction to Business Continuity (BC) and Disaster Recovery (DR) concepts
- Discuss BC/DR Activities
- Explain Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
- Discuss BC/DR Standards
Module 18: Risk Anticipation with Risk Management
- Understand risk management concepts
- Learn to manage risk though risk management program
- Learn different Risk Management Frameworks (RMF)
- Learn to manage vulnerabilities through vulnerability management program
- Learn vulnerability Assessment and Scanning
- Discuss Privacy Impact Assessment (PIA)
Module 19: Threat Assessment with Attack Surface Analysis
- Understand the attack surface concepts
- Learn to understand and visualize your attack surface
- Learn to identify Indicators of Exposures (IoE)
- Learn to perform attack simulation
- Learn to reduce the attack surface
- Understand Attack surface monitoring tools
- Discuss attack surface analysis specific to Cloud and IoT
Module 20: Threat Prediction with Cyber Threat Intelligence
- Understand role of cyber threat intelligence in network defense
- Understand the types of threat Intelligence
- Understand the Indicators of Threat Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
- Understand the layers of Threat Intelligence
- Learn to leverage/consume threat intelligence for proactive defense
- Understand threat Threat Hunting
- Discuss Leveraging AI/ML capabilities for threat intelligence
Recommended Prerequisite Knowledge
- Knowledge of the operation of client and server operating systems (file systems, permissions, Windows security, Linux, etc.)
- Basic knowledge of network protocols, for example TCP / IP
- General notions of server roles and services present in a network
Credentials and certification
Exam features
- Code: 312-38
- Title: Certified Network Defender
- Duration: 4 hours
- Number of Questions: 100
- Question Format: Multiple Choice
- Online with EC-Council Exam Center
- Cost: $0 (included in your training)