EC-Council Certified Network Defender v2

Grundlegende Kenntnisse von Netzwerkkonzepten. 

Die Ausbildung zum „Certified Network Defender“ (CND) ist ein herstellerneutrales, praktisches und umfassendes Netzwerksicherheit-Zertifizierungsprogramm.

In diesem Labintensiven Training, das auf einer Analyse der Aufgabenanforderungen und Maßnahmen zur Internetsicherheit beruht, erlangen Sie alle Fertigkeiten, die Sie in puncto Cybersicherheit benötigen.

Das Training basiert auf den Anforderungen von System- und Netzwerkadministrator*innen des amerikanischen Verteidigungsministerium, wurde aber auch an globale Stellenanforderungen und Verantworlichkeiten ausgerichtet. Konzeption und Ausarbeitung des Kurses erfolgte anhand umfassender Marktforschungen und Umfragen.

Im Rahmen dieses Programms lernen Netzwerkadministrator*innen Technologien und Vorgänge zur Netzwerksicherheit kennen, die sie auf den Aufbau einer tiefgreifenden Schutzarchitektur für ihre Netzwerke vorbereiten. Dabei wird der Netzwerksicherheitsansatz „Schutz, Erkennung und Reaktion“ behandelt. Der Kurs umfasst praktische Übungen zu den wichtigsten Tools und Techniken zur Netzwerksicherheit. Anhand dieser Übungen erhalten Netzwerkadministrator*innen praktische Erfahrungen mit aktuellen Netzwerksicherheitstechnologien und -vorgängen.

Das umfassende Lernmaterial enthält bewährte Methoden, Bewertungen und Sicherheitstools zum Schutz von Netzwerken. Außerdem beinhaltet das Material Vorlagen für verschiedene Netzwerkrichtlinien sowie zahlreiche Whitepaper.

Nach Abschluss des Kurses haben die Teilnehmer Kenntnisse zu folgenden Themen:

rk Attacks and Defense Strategies
istrative Network Security
ical Network Security
rk Perimeter Security
int Security-Windows Systems
int Security-Linux Systems
int Security- Mobile Devices
int Security-IoT Devices
istrative Application Security
Security
prise Virtual Network Security
prise Cloud Network Security
prise Wireless Network Security
rk Traffic Monitoring and Analysis
rk Logs Monitoring and Analysis
ent Response and Forensic Investigation
ess Continuity and Disaster Recovery
Anticipation with Risk Management
t Assessment with Attack Surface Analysis
t Prediction with Cyber Threat Intelligence

• Network Administrator*innen
• Network security Administrator*innen
• Network Security Engineer*innen
• Network Defense Technicians
• CND Analyst
• Security Analyst*innen
• Security Operator*innen
• Jeder, der mit Netzbetrieb zu tun hat

Module 01: Network Attacks and Defense Strategies

• Network security attacks
• Network-level attack techniques
• Application-level attack techniques
• Social engineering attack techniques
• Email attack techniques
• Mobile device-specific attack techniques
• Cloud-specific attack techniques
• Wireless network-specific attack techniques
• Attacker’s Hacking Methodologies and Frameworks
• Fundamental goal, benefits, and challenges in network defense
• Continual/Adaptive security strategy
• Defense-in-depth security strategy

Module 02: Administrative Network Security

• Obtain compliance with regulatory framework and standards
• Regulatory Frameworks, Laws, and Acts
• Design and develop security policies
• Conduct different type security and awareness training
• Implement other administrative security measures

Module 03: Technical Network Security

• Access control principles, terminologies, and models
• Redefine the Access Control in Today’s Distributed and Mobile Computing World
• Identity and Access Management (IAM):
• Cryptographic security techniques
• Various cryptographic algorithms
• Security benefits of network segmentation techniques
• Essential network security solutions
• Essential network security protocols

Module 04: Network Perimeter Security

• Firewall security concerns, capabilities, and limitations
• Different types of firewall technologies and their usage
• Firewall topologies and their usage
• Distinguish between hardware, software, host, network, internal, and external firewalls
• Select firewalls based on its deep traffic inspection capability
• Firewall implementation and deployment process
• Recommendations and best practices for secure firewall Implementation and deployment
• Firewall administration concepts
• Role, capabilities, limitations, and concerns in IDS deployment
• IDS classification
• Various components of ID
• Effective deployment of network and host-based IDS
• How to deal with false positive and false negative IDS/IPS alerts
• Considerations for selection of an appropriate IDS/IPS solutions
• NIDS and HIDS Solutions with their intrusion detection capabilities Snort
• Router and switch security measures, recommendations, and best practices
• Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)

Module 05: Endpoint Security-Windows Systems

• Window OS and Security Concerns
• Windows Security Components
• Windows Security Features
• Windows Security Baseline Configurations
• Windows User Account and Password Management
• Windows Patch Management
• User Access Management
• Windows OS Security Hardening Techniques
• Windows Active Directory Security Best Practices
• Windows Network Services and Protocol Security

Module 06: Endpoint Security-Linux Systems LO#01: Linux OS and security concerns

• Linux Installation and Patching
• Linux OS Hardening Techniques
• Linux User Access and Password Management
• Linux Network Security and Remote Access
• Linux Security Tools and Frameworks

Module 07: Endpoint Security- Mobile Devices

• Common Mobile Usage Policies in Enterprises
• Security Risk and Guidelines associated with Enterprises mobile usage policies
• Implement various enterprise-level mobile security management Solutions
• Implement general security guidelines and best practices on Mobile platforms
• Security guidelines and tools for Android devices
• Security guidelines and tools for iOS devices

Module 08: Endpoint Security-IoT Devices

• IoT Devices, their need and Application Areas
• IoT Ecosystem and Communication models
• Security Challenges and risks associated with IoT-enabled environments
• Security in IoT-enabled environments
• Security Measures for IoT enabled IT Environments
• IoT Security Tools and Best Practices
• Refer various standards, Initiatives and Efforts for IoT Security

Module 09: Administrative Application Security

• Implement Application Whitelisting and Blacklisting
• Implement application Sandboxing
• Implement Application Patch Management
• Implement Web Application Firewall (WAF)

Module 10: Data Security

• Data security and its importance
• Implementation of data access controls
• Implementation of Encryption of Data at rest
• Implementation of Encryption of “Data at transit”
• Implementation of Encryption of “Data at transit” between browser and web server
• Implementation of Encryption of “Data at transit” between database server and web server
• Implementation of Encryption of “Data at transit” in Email Delivery
• Data Masking Concepts
• Data backup and retention
• Data Destruction Concepts
• Data Loss Prevention Concepts

Module 11: Enterprise Virtual Network Security

• Evolution of network and security management concept in modern Virtualized IT Environments
• Virtualization Essential Concepts
• Network Virtualization (NV) Security
• SDN Security
• Network Function Virtualization (NFV) Security
• OS Virtualization Security
• Security Guidelines, Recommendations and Best Practices for Containers
• Security Guidelines, Recommendations and Best practices for Dockers
• Security Guidelines, Recommendations and Best Practices for Kubernetes

Module 12: Enterprise Cloud Security

• Cloud Computing Fundamentals
• Insights of Cloud Security
• Evaluate CSP for Security before Consuming Cloud Service
• Security in Amazon Cloud (AWS)
• Security in Microsoft Azure Cloud
• Security in Google Cloud Platform (GCP)
• General security best practices and tools for cloud security

Module 13: Wireless Network Security

• Wireless network fundamentals

Module 14: Network Traffic Monitoring and Analysis

• Need and advantages of network traffic monitoring
• Setting up the environment for network monitoring
• Determine baseline traffic signatures for normal and suspicious network traffic
• Perform network monitoring and analysis for suspicious traffic using Wireshark
• Network performance and bandwidth monitoring tools and techniques

Module 15: Network Logs Monitoring and Analysis

• Logging concepts
• Log monitoring and analysis on Windows systems
• Log monitoring and analysis on Linux
• Log monitoring and analysis on Mac
• Log monitoring and analysis in Firewall
• Log monitoring and analysis on Routers
•  Log monitoring and analysis on Web Servers
• Centralized log monitoring and analysis

Module 16: Incident Response and Forensic Investigation

• Incident response concept
• Role of first responder in incident response
• Do’s and Don’t in first response
• Incident handling and response process
• Forensics investigation process

Module 17: Business Continuity and Disaster Recovery

• Business Continuity (BC) and Disaster Recovery (DR) concepts
• BC/DR Activities
• Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
• BC/DR Standards

Module 18: Risk Anticipation with Risk Management

• Risk management concepts
• Manage risk though risk management program
• Different Risk Management Frameworks (RMF)
• Manage vulnerabilities through vulnerability management program
• Vulnerability Assessment and Scanning

Module 19: Threat Assessment with Attack Surface Analysis

• Attack surface concepts
• Understand and visualize your attack surface
• Identify Indicators of Exposures (IoE)
• Perform attack simulation
• Reduce the attack surface
• Attack surface analysis specific to Cloud and IoT

Module 20: Threat Prediction with Cyber Threat Intelligence

• Role of cyber threat intelligence in network defense
• Types of threat Intelligence
• Indicators of Threat Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
• Layers of Threat Intelligence
• Leverage/consume threat intelligence for proactive defense

https://www.etc.at/seminare/CND