Course Description

Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on the security education framework and work role task analysis presented by the National Infocomm Competency Framework (NICF) as well as a job-task analysis and cybersecurity education framework by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and to the Department of Defense (DoD) job roles for system/network administrators.

The program prepares network administrators on how to identify what parts of an organization need to be reviewed and tested for security vulnerabilities and how to reduce, prevent, and mitigate risks in the network. CND covers the protect, detect, respond, and predict an approach to network security.

More than 50% of the CND course contains hands-on labs dedicated to helping students learn practical skills in live ranges designed to cover domains such as Network Defense Management, Network Perimeter Protection, Endpoint Protection, Application, and Data Protection, Enterprise Virtual, Cloud, and Wireless Network Protection, Incident Detection and Response and Threat Prediction which will provide network administrators real-world expertise that can be applied to current network security technologies and operations.

Sept. 12, 2020

Program Requirements

Length2-4 weeks
VA ApprovedGI Bill & VET-TEC


CND certification exams cover all critical aspects of the information and network security and help the participants gain an in-depth understanding of:

  • Core essentials of networking and modernistic defense techniques
  • Security threats and identifying vulnerabilities
  • Implementation of various network security protocols and controls
  • Defining and implementing security policies in a network infrastructure
  • Establishing physical security controls and deploying foolproof authentication techniques
  • Configuring the host security and process of encrypting the file systems
  • Implementation and management of the Firewall
  • Configuring and managing Intrusion Detection and Prevention Systems
  • VPN security management
  • Wireless networks security
  • Monitoring and analyzing the network traffic
  • Network security risks and vulnerability identification
  • Network Incident Response and Management


Knowledge of Networking is needed to successfully complete this course.

Course Content

Computer Network and Defense Fundamentals

1.    OSI and TCP/IP network Models
2.    Types of networks
3.    Network topologies
4.    Network components
5.    Protocols in TCP/IP protocol stack
6.    IP addressing concept
7.    Computer Network Defense
8.    Fundamental CND attributes
9.    CND elements
10.  CND process and Approaches

Network Security Threats, Vulnerabilities, and Attacks

1.   Threat, attack, and vulnerability
2.   Network security concerns
3.   Effect of a network security breach on business continuity
4.   Types of network threats
5.   Types of network security vulnerabilities
6.   Types of network attacks

Network Security Controls, Protocols, and Devices

1.    Fundamental elements of network security
2.    Network access control mechanism
3.    Types of access controls
4.    Network Authentication, Authorization and Auditing (AAA) mechanism
5.    Network data encryption mechanism
6.    Public Key Infrastructure (PKI)
7.    Network security protocols8.    Network security devices

Network Security Policy Design and Implementation

1.    Security policy
2.    Hierarchy of security policy
3.    Characteristics of a good security policy
4.    Typical content of security policy
5.    Understanding the policy statement
6.    Steps for creating and implementing security policy
7.    Designing of security policy
8.    Implementation of security policy
9.    Types of security policy
10.  Various information security-related standards, laws, and acts

Physical Security

1.    Understanding physical security
2.    Importance of physical security
3.    Factors affecting physical security
4.    Various physical security controls
5.    Understanding the selection of Fire Fighting Systems
6.    Various access control authentication techniques
7.    Workplace security
8.    Personnel security
9.    Environmental Controls
10.  Importance of physical security awareness and training

Host Security

1.    Understanding host security
2.    Importance of securing individual hosts
3.    Threats specific to hosts
4.    Paths to host threats
5.    Purpose of the host before an assessment
6.    Host security baselining
7.    OS security baselining
8.    Security requirements for different types of servers
9.    Security requirements for hardening of routers
10.  Security requirements for hardening of switches
11.  Data security concerns when data is at rest, in use, and in motion
12.  Understanding virtualization security

Secure Firewall Configuration and Management

1.    Understanding firewalls
2.    Firewall security concerns
3.    Firewall technologies
4.    Firewall topologies
5.    Selection of firewall topologies
6.    Designing and configuring firewall ruleset
7.    Implementation of firewall policies
8.    Deployment and implementation of firewall
9.    Factors to considers before purchasing any firewall solution
10.  Configuring, testing, and deploying of firewalls
11.  Management, maintenance, and administration of firewall implementation
12.  Firewall logging
13.  Measures for avoiding firewall evasion14.  Firewall security best practices

Secure IDS Configuration and Management

1.    Different types of intrusions and their indications
2.    Understanding IDPS
3.    Role of IDPS in network defense
4.    Functions, components, and working of IDPS
5.    Types of IDS implementation
6.    Staged deployment of NIDS and HIDS
7.    Fine-tuning of IDS by minimizing false positive and false negative rate
8.    Characteristics of good IDS implementation
9.    Common IDS implementation mistakes and their remedies
10.  Types of IPS implementation
11.  Requirements for selecting appropriate IDSP product
12.  Technologies complementing IDS functionality

Secure VPN Configuration and Management

1.    Virtual Private Network (VPN) and it’s working
2.    Importance of establishing VPN
3.    VPN components
4.    Implementation of VPN concentrators and its functions
5.    Types of VPN technologies
6.    Components for selecting appropriate VPN technology
7.    Core functions of VPN
8.    Topologies for implementation of VPN
9.    VPN security concerns
10.  Security implications to ensure VPN security and performance

Wireless Network Defense

1.    Understanding wireless network
2.    Wireless standards and network topologies
3.    Use of wireless networks
4.    Wireless network components
5.    Wireless encryption (WEP, WPA,WPA2) technologies
6.    Authentication methods for wireless networks
7.    Types of threats on wireless networks
8.    Inventory for wireless network components
9.    Appropriate placement of Wireless Access Point (AP)
10.  Monitoring of wireless network traffic
11.  Detection and locating of rogue access points
12.  Prevention of wireless network from RF interference
13.  Security implications for wireless network

Network Traffic Monitoring and Analysis

1.    Understanding network traffic monitoring
2.    Importance of network traffic monitoring
3.    Techniques used for network monitoring and analysis
4.    Appropriate position for network monitoring
5.    Connection of network monitoring system with a managed switch
6.    Network traffic signatures
7.    Baselining for normal traffic
8.    Categories of suspicious traffic signatures
9.    Techniques for attack signature analysis
10.  Wireshark components, working, and features
11.  Use of various Wireshark filters
12.  Monitoring LAN traffic against policy violation
13.  Security monitoring of network traffic
14.  Detection of various attacks using Wireshark15.  Network bandwidth monitoring and performance improvement

Network Risk and Vulnerability Management

1.   Understanding risk and risk management
2.   Key roles and responsibilities in risk management
3.   Key Risk Indicators (KRI) in risk management
4.   Phase involves in risk management
5.   Enterprise network risk management
6.   Risk management frameworks
7.   Best practices for effective implementation of risk management
8.   Vulnerability management
9.   Phases involve in vulnerability management
10. Vulnerability assessment and its importance
11. Requirements for effective network vulnerability assessment
12. Internal and external vulnerability assessment
13. Steps for effective external vulnerability assessment
14. Phases involve in vulnerability assessment
15. Selection of appropriate vulnerability assessment tool
16. Best practices and precautions for deploying vulnerability assessment tool
17. Vulnerability reporting, mitigation, remediation, and verification

Data Backup and Recovery

1.    Understanding data backup
2.    Identification of data to backup
3.    Appropriate backup medium for data backup
4.    RAID backup technology and its advantages
5.    RAID architecture
6.    RAID levels and their use
7.    Selection of appropriate RAID level
8.    Storage Area Network (SAN) backup technology and its advantages
9.    Best practices of using SAN
10.  Network Attached Storage (NAS) backup technology and its advantages
11.  Types of NAS implementation
12 . Understanding Incident Handling and Response (IH&R)
13.   Roles and responsibilities of Incident Response Team (IRT)
14.   Role of the first responder
15.   First response activities for network administrators
16.   Incident Handling and Response (IH&R) process
17.   Understanding forensic investigation
18.   People involved in forensics investigation
19.   Forensics investigation methodology