Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

Certified Network Defender (CND)

  1. Home
  3. Certified Network Defender (CND)
Certified Network Defender Online Tutorial

The Certified Network Defender exam has been built to enhance the knowledge of Network administrators who are working in protecting, detecting, and responding to the threats on the network. With this certification, the candidate will get a deep fundamental understanding of the true construct of data transfer, network technologies, software technologies so that they understand how networks operate, understand what software is automating and how to analyze the subject material. Along with that, network defence fundamentals, the application of network security controls, protocols, perimeter appliances, secure IDS, VPN and firewall configuration, intricacies of network traffic signature, analysis, and vulnerability scanning are also covered which will help the Network Administrator design greater network security policies and successful incident response plans.

Who should take the exam?

This certification will be useful for candidates working as –

  • Network Administrators
  • Network Security Administrators and Engineer
  • Security Analyst
  • Network Defense Technicians
  • CND Analyst
  • Security Operator
  • Anyone who involves in network operations

Exam Prerequisites

The candidate is required to pass exam 312-38 to achieve Certified Network Defender (CND) certification. Along with that, basic knowledge of Network administration would be an added advantage. CND is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE).

Exam Details

The Certified Network Defender (CND) certification examination consists of 100 questions and the total time duration is 4 hours. The examination is multiple-choice. The CND credential is valid for a 3-year period. The cost of the examination $450 USD. The passing percentage of the examination is 70%.

Certified Network Defender Exam Details

Exam Registration

For registering for Certified Network Defender Examination the self-study students should check their eligibility requirements at the official website. After that, the students are required to purchase the exam voucher. After purchasing the voucher the candidate is required to fill the necessary registration details and make the payment and accept the confirmation of the examination.

Certified Network Defender (CND) Free Practice Test

Exam Policies

Every examination has certain term and conditions which are necessary to read before the examination. It is advised that the student should read the complete terms and conditions before registering for the examination.

Exam Retake Policy

If a candidate is not able to pass the exam on the first attempt, they can immediately apply for the second attempt. However, after failing the second attempt there is a waiting period of 14 days. there is a waiting period of 14 days after every failed attempt. Any candidate can only retake the examination five times in a year.

Candidates who pass the exam are not allowed to attempt the same version of the exam
for the second time.

Exam Voucher Extension Policy

The exam vouchers are valid for a period of one year from the date of purchase. A candidate may opt to extend his/her EC-Council exam vouchers for an additional 3 months for $35 if the voucher is valid (not used and not expired). Vouchers can only be extended once. For more such policies refer the official policies page of the Certified Network Defender (CND) certification examination.

For more information about the Certified Network Defender examination, click on CND FAQ.

Certified Network Defender FAQ

Certified Network Defender (CND) Course Outline

Certified Network Defender (CND) updated Course Outline
exam topics
Network Defense Management

Network Attacks and Defense Strategies

  • Explain essential terminologies related to network security attacks
  • Describe the various examples of network-level attack techniques
  • Describe the various examples of host-level attack techniques
  • Describe the various examples of application-level attack techniques
  • Describe the various examples of social engineering attack techniques
  • Describe the various examples of email attack techniques
  • Describe the various examples of mobile device-specific attack techniques
  • Describe the various examples of cloud-specific attack techniques
  • Describe the various examples of wireless network-specific attack techniques
  • Describe Attacker’s Hacking Methodologies and Frameworks
  • Understand fundamental goal, benefits, and challenges in network defense
  • Explain Continual/Adaptive security strategy
  • Explain defense-in-depth security strategy

Administrative Network Security

  • Obtain compliance with regulatory frameworks
  • Discuss various Regulatory Frameworks, Laws, and Acts
  • Learn to design and develop security policies
  • Conduct security awareness training
  • Discuss other administrative security measures
Network Perimeter Protection

Technical Network Security

  • Discuss access control principles, terminologies, and models
  • Redefine Access Control Security in Today’s Distributed and Mobile Computing World
  • Discuss Identity and Access Management (IAM) concepts
  • Discuss cryptographic security techniques
  • Discuss various cryptographic algorithms
  • Discuss security benefits of network segmentation techniques
  • Discuss various essential network security solutions
  • Discuss various essential network security protocols

Network Perimeter Security

  • Understand firewall security concerns, capabilities, and limitations
  • Understand different types of firewall technologies and their usage
  • Understand firewall topologies and their usage
  • Distinguish between hardware, software, host, network, internal, and external firewalls
  • Select firewalls based on its deep traffic inspection capability
  • Discuss firewall implementation and deployment process
  • Discuss recommendations and best practices for secure firewall Implementation and deployment
  • Discuss firewall administration activities • Understand role, capabilities, limitations, and concerns in IDS deployment
  • Discuss IDS/IPS classification • Discuss various components of IDS • Discuss effective deployment of network and host-based IDS
  • Learn to how to deal with false positive and false negative IDS alerts
  • Discuss the selection of appropriate IDS solutions
  • Discuss various NIDS and HIDS Solutions with their intrusion detection capabilities
  • Discuss router and switch security measures, recommendations, and best practices
  • Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)
Endpoint Protection

Endpoint SecurityWindows Systems

  • Understand Window OS and Security Concerns • Discuss Windows Security Components • Discuss Various Windows Security Features • Discuss Windows security baseline configurations
  • Discuss Windows User Account and Password Management
  • Discuss Windows Patch Management
  • Discuss User Access Management
  • Discuss Windows OS Security Hardening Techniques
  • Discuss Windows Active Directory Security Best Practices
  • Discuss Windows Network Services and Protocol Security

Endpoint SecurityLinux Systems

  • Understand Linux OS and Security Concerns • Discuss Linux Installation and Patching • Discuss Linux OS Hardening Techniques • Discuss Linux User Access and Password Management
  • Discuss Linux Network and Remote Access Security
  • Discuss Various Linux Security Tools and Frameworks

Endpoint SecurityMobile Devices

  • Discuss Common Mobile Usage Policies in Enterprises
  • Discuss the Security Risk and challenges associated with Enterprises mobile usage policies
  • Discuss security guidelines to mitigate risk associated with enterprise mobile usage policies
  • Discuss and implement various enterprise-level mobile security management Solutions
  • Discuss and implement general security guidelines and best practices on Mobile platforms
  • Discuss Security guidelines and tools for Android devices
  • Discuss Security guidelines and tools for iOS devices


Endpoint Security-IoT Devices

  • Understand IoT Devices, their need, and Application Areas
  • Understand IoT Ecosystem and Communication models
  • Understand Security Challenges and risks associated with IoT-enabled environments
  • Discuss the security in IoT-enabled Environments
  • Discuss Security Measures for IoT-enabled Environments
  • Discuss IoT Security Tools and Best Practices
  • Discuss and refer to various standards, Initiatives, and Efforts for IoT Security
Application and Data Protection

Administrative Application Security

  • Discuss and implement Application Whitelisting and Blacklisting
  • Discuss and implement application Sandboxing
  • Discuss and implement Application Patch Management
  • Discuss and implement Web Application Firewall (WAF)

Data Security

  • Understand Data Security and its Importance
  • Discuss the implementation of data access controls
  • Discuss the implementation of encryption of “Data at rest”
  • Discuss the implementation of Encryption of “Data at transit”
  • Discuss the implementation of Encryption of “Data at transit” between browser and web server
  • Discuss the implementation of Encryption of “Data at transit” between database server and web server
  • Discuss the implementation of Encryption of “Data at transit” in Email Delivery
  • Discuss Data Masking ConceptsDiscuss data backup and retention
  • Discuss Data Destruction Concepts
  • Data Loss Prevention(DLP) Concepts
Enterprise Virtual, Cloud, and Wireless Network Protection

Enterprise Virtual Network Security

  • Understand Virtualization Essential Concepts
  • Discus Network Virtualization (NV) Security
  • Discuss Software-Defined Network (SDN) Security
  • Discuss Network Function Virtualization (NFV) Security
  • Discus OS Virtualization Security
  • Discuss Security Guidelines, recommendations and best practices for Containers
  • Discuss Security Guidelines, recommendations and best practices for Dockers
  • Discuss Security Guidelines, recommendations and best practices for Kubernetes

Enterprise Cloud Network Security

  • Understand Cloud Computing Fundamentals
  • Understand the Insights of Cloud Security
  • Evaluate CSP for Security before Consuming Cloud Service
  • Discuss security in Amazon Cloud (AWS)
  • Discuss security in Microsoft Azure Cloud
  • Discuss Security in Google Cloud Platform (GCP)
  • Discuss general security best practices and tools for cloud security

Enterprise Wireless Network Security

  • Understand wireless network fundamentals
  • Understand wireless network encryption mechanisms
  • Understand wireless network authentication methods
  • Discuss and implement wireless network security measures
Incident Detection

Network Traffic Monitoring and Analysis

  • Understand the need and advantages of network traffic monitoring
  • Setting up the environment for network monitoring
  • Determine baseline traffic signatures for normal and suspicious network traffic
  • Perform network monitoring and analysis for suspicious traffic using Wireshark
  • Discuss network performance and bandwidth monitoring concepts

Network Logs Monitoring and Analysis

  • Understand logging concepts
  • Discuss log monitoring and analysis on Windows systems
  • Discuss log monitoring and analysis on Linux
  • Discuss log monitoring and analysis on Mac
  • Discuss log monitoring and analysis on Firewall
  • Discuss log monitoring and analysis on Routers
  • Discuss log monitoring and analysis on Web Servers
  • Discuss centralized log monitoring and analysis
Incident Response

Incident Response and Forensic Investigation

  • Understand incident response concept
  • Understand the role of first responder in incident response
  • Discuss Do’s and Don’t in first response
  • Describe incident handling and response process
  • Describe forensics investigation process

Business Continuity and Disaster Recovery

  • Introduction to Business Continuity (BC) and Disaster Recovery (DR)
  • Discuss BC/DR Activities
  • Explain Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
  • Discuss various BC/DR Standards
Incident Prediction

Risk Anticipation with Risk Management

  • Understand risk management concepts
  • Learn to manage risk though risk management program
  • Learn different Risk Management Frameworks (RMF)
  • Learn to manage vulnerabilities through vulnerability management program
  • Learn vulnerability assessment and scanning

Threat Assessment with Attack Surface Analysis

  • Understand the attack surface analysis
  • Understand and visualize your attack surface
  • Learn to identify Indicators of Exposures (IoE)
  • Learn to conduct attack simulation
  • Learn to reduce the attack surface

Threat Prediction With Cyber Threat Intelligence

  • Understand the role of cyber threat intelligence in network defense
  • Understand different types of threat Intelligence
  • Understand the Indicators of Threat Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
  • Understand the layers of Threat Intelligence
  • Learn to leverage/consume threat intelligence for proactive defense

Preparatory Guide for EC-Council Certified Network Defender (CND)

Following this preparation guide will help you learn and understand every exam’s objectives. Here we are providing you with the best learning resources to qualify the exam. These are expert learning resources and a preparatory guide to help you prepare and pass the exam.

Preparatory Guide of Certified Network Defender examination

Refer the Exam Guide

Before preparing for any examination, you need to refer to the Certified Network Defender (CND) certification exam guide, so that you are clear with the topics and start preparing for the examination. after you’ve gone through the basic exam details. It’s time to hit the exam guide.


Learning Resources

The second step to successfully clear any examination is to practice from the resources. EC-Council provides you with self-paced ilearn can practice and prepare for the certification. Along with this masterclass is also conducted as it offers you the opportunity to learn the CND, network security program from world-class instructors, and the opportunity to collaborate with top Infosecurity digital forensics professionals.

Join Study Groups

It is very important to interact with people who have the common aim in life. Joining study groups is a good way to get yourself fully involved with the certification exam you applied for. These groups will help you get up to date with the latest changes or any update happening exam. Also, these groups contain both beginners as well as professionals.

Practice with testpreptraining

It is very important to practice what you have learned so that you are in a position to analyze your practice, by practising you will be able to improve your answering skills that will result in saving a lot of time. Moreover, the best way to start doing practice tests is after completing one full topic as this will work as a revision part for you.


Menu