EC-Council Certified Network Defender v2

Detailed content

• Network security attacks
• Network-level attack techniques
• Application-level attack techniques
• Social engineering attack techniques
• Email attack techniques
• Mobile device-specific attack techniques
• Cloud-specific attack techniques
• Wireless network-specific attack techniques
• Attacker’s Hacking Methodologies and Frameworks
• Fundamental goal, benefits, and challenges in network defense
• Continual/Adaptive security strategy
• Defense-in-depth security strategy

• Obtain compliance with regulatory framework and standards
• Regulatory Frameworks, Laws, and Acts
• Design and develop security policies
• Conduct different type security and awareness training
• Implement other administrative security measures

• Access control principles, terminologies, and models
• Redefine the Access Control in Today’s Distributed and Mobile Computing World
• Identity and Access Management (IAM):
• Cryptographic security techniques
• Various cryptographic algorithms
• Security benefits of network segmentation techniques
• Essential network security solutions
• Essential network security protocols

• Firewall security concerns, capabilities, and limitations
• Different types of firewall technologies and their usage
• Firewall topologies and their usage
• Distinguish between hardware, software, host, network, internal, and external firewalls
• Select firewalls based on its deep traffic inspection capability
• Firewall implementation and deployment process
• Recommendations and best practices for secure firewall Implementation and deployment
• Firewall administration concepts
• Role, capabilities, limitations, and concerns in IDS deployment
• IDS classification
• Various components of ID
• Effective deployment of network and host-based IDS
• How to deal with false positive and false negative IDS/IPS alerts
• Considerations for selection of an appropriate IDS/IPS solutions
• NIDS and HIDS Solutions with their intrusion detection capabilities Snort
• Router and switch security measures, recommendations, and best practices
• Leverage Zero Trust Model Security using Software-Defined Perimeter (SDP)

• Window OS and Security Concerns
• Windows Security Components
• Windows Security Features
• Windows Security Baseline Configurations
• Windows User Account and Password Management
• Windows Patch Management
• User Access Management
• Windows OS Security Hardening Techniques
• Windows Active Directory Security Best Practices
• Windows Network Services and Protocol Security

• Linux Installation and Patching
• Linux OS Hardening Techniques
• Linux User Access and Password Management
• Linux Network Security and Remote Access
• Linux Security Tools and Frameworks

• Common Mobile Usage Policies in Enterprises
• Security Risk and Guidelines associated with Enterprises mobile usage policies
• Implement various enterprise-level mobile security management Solutions
• Implement general security guidelines and best practices on Mobile platforms
• Security guidelines and tools for Android devices
• Security guidelines and tools for iOS devices

• IoT Devices, their need and Application Areas
• IoT Ecosystem and Communication models
• Security Challenges and risks associated with IoT-enabled environments
• Security in IoT-enabled environments
• Security Measures for IoT enabled IT Environments
• IoT Security Tools and Best Practices
• Refer various standards, Initiatives and Efforts for IoT Security

• Implement Application Whitelisting and Blacklisting
• Implement application Sandboxing
• Implement Application Patch Management
• Implement Web Application Firewall (WAF)

• Data security and its importance
• Implementation of data access controls
• Implementation of Encryption of Data at rest
• Implementation of Encryption of “Data at transit”
• Implementation of Encryption of “Data at transit” between browser and web server
• Implementation of Encryption of “Data at transit” between database server and web server
• Implementation of Encryption of “Data at transit” in Email Delivery
• Data Masking Concepts
• Data backup and retention
• Data Destruction Concepts
• Data Loss Prevention Concepts

• Evolution of network and security management concept in modern Virtualized IT Environments
• Virtualization Essential Concepts
• Network Virtualization (NV) Security
• SDN Security
• Network Function Virtualization (NFV) Security
• OS Virtualization Security
• Security Guidelines, Recommendations and Best Practices for Containers
• Security Guidelines, Recommendations and Best practices for Dockers
• Security Guidelines, Recommendations and Best Practices for Kubernetes

• Cloud Computing Fundamentals
• Insights of Cloud Security
• Evaluate CSP for Security before Consuming Cloud Service
• Security in Amazon Cloud (AWS)
• Security in Microsoft Azure Cloud
• Security in Google Cloud Platform (GCP)
• General security best practices and tools for cloud security

• Wireless network fundamentals

• Need and advantages of network traffic monitoring
• Setting up the environment for network monitoring
• Determine baseline traffic signatures for normal and suspicious network traffic
• Perform network monitoring and analysis for suspicious traffic using Wireshark
• Network performance and bandwidth monitoring tools and techniques

• Logging concepts
• Log monitoring and analysis on Windows systems
• Log monitoring and analysis on Linux
• Log monitoring and analysis on Mac
• Log monitoring and analysis in Firewall
• Log monitoring and analysis on Routers
•  Log monitoring and analysis on Web Servers
• Centralized log monitoring and analysis

• Incident response concept
• Role of first responder in incident response
• Do’s and Don’t in first response
• Incident handling and response process
• Forensics investigation process

• Business Continuity (BC) and Disaster Recovery (DR) concepts
• BC/DR Activities
• Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
• BC/DR Standards

• Risk management concepts
• Manage risk though risk management program
• Different Risk Management Frameworks (RMF)
• Manage vulnerabilities through vulnerability management program
• Vulnerability Assessment and Scanning

• Attack surface concepts
• Understand and visualize your attack surface
• Identify Indicators of Exposures (IoE)
• Perform attack simulation
• Reduce the attack surface
• Attack surface analysis specific to Cloud and IoT

• Role of cyber threat intelligence in network defense
• Types of threat Intelligence
• Indicators of Threat Intelligence: Indicators of Compromise (IoCs) and Indicators of Attack (IoA)
• Layers of Threat Intelligence
• Leverage/consume threat intelligence for proactive defense