Certified Network Defender Training Course

CYBER SECURITY

Learn CYBER SECURITY in a step-by-step process with the help of professionals who Guide you through the entire process.

Scroll Down

Download

SCROL DOWN

CND Training

Managed by the developer.

Module 01: Computer Network and Defense Fundamentals

Network Fundamentals

Computer Network
Types of Network
Major Network Topologies

Network Components

Network Interface Card (NIC)
Repeater
Hub
Switches
Router
Bridges
Gateways

TCP/IP Networking Basics

Standard Network Models: OSI Model
Standard Network Models: TCP/IP Model
Comparing OSI and TCP/IP

TCP/IP Protocol Stack

Domain Name System (DNS)
DNS Packet Format
Transmission Control Protocol (TCP)

TCP Header Format
TCP Services
TCP Operation
Three-way handshake

User Datagram Protocol (UDP)

UDP Operation

IP Header

IP Header: Protocol Field
What is Internet Protocol v6 (IPv6)?
IPv6 Header

Internet Control Message Protocol (ICMP)

Format of an ICMP Message

Address Resolution Protocol (ARP)

ARP Packet Format

Ethernet
Fiber Distributed Data Interface (FDDI)
Token Ring

Ethernet
Fiber Distributed Data Interface (FDDI)
Token Ring

IP Addressing

Format of an ICMP Message

IP Addressing

Classful IP Addressing
Address Classes
Reserved IP Address
Subnet Masking

Subnetting
Supernetting

IPv6 Addressing

Difference between IPv4 and IPv6
IPv4 compatible IPv6 Address

Computer Network Defense (CND)

Computer Fundamental Attributes
What CND is NOT
CND Layers

CND Layer 1: Technologies
CND Layer 2: Operations
CND Layer 3: People

Blue Teaming
Network Defense-In-Depth
Typical Secure Network Design
CND Triad
CND Process
CND Actions
CND Approaches

Module 02: Network Security Threats, Vulnerabilities, and Attacks

Essential Terminologies

Threats
Vulnerabilities
Attacks

Network Security Concerns

Why does Network Security Concern arise?
Fundamental Network Security Threats
Types of Network Security Threats
Where do they arise from?
How does a network security breach affect business continuity?

Network Security Vulnerabilities

Types of Network Security Vulnerabilities
Technological Vulnerabilities
Configuration Vulnerabilities
Security policy Vulnerabilities
Types of Network Security Attacks

Network Reconnaissance Attacks

Reconnaissance Attacks

Reconnaissance Attacks: ICMP Scanning
Reconnaissance Attacks: Ping Sweep
Reconnaissance Attacks: DNS Footprinting
Reconnaissance Attacks: Network Range Discovery
Reconnaissance Attacks: Network Topology Identification
Reconnaissance Attacks: Network Information Extraction using Nmap Scan
Reconnaissance Attacks: Port Scanning
Reconnaissance Attacks: Network Sniffing
How an Attacker Hacks the Network Using Sniffers
Reconnaissance Attacks: Social Engineering Attacks

Network Access Attacks

Password Attacks
Password Attack Techniques

Dictionary Attack
Brute Forcing Attacks
Hybrid Attack
Birthday Attack
Rainbow Table Attack

Man-in-the-Middle Attack
Replay Attack
Smurf Attack
Spam and Spim
Xmas Attack
Pharming
Privilege Escalation
DNS Poisoning
DNS Cache Poisoning
ARP Poisoning
DHCP Attacks: DHCP Starvation Attacks

DHCP Attacks: DHCP Spoofing Attack

Switch Port Stealing
Spoofing Attacks

MAC Spoofing/Duplicating

Denial of Service (DOS) Attacks
Distributed Denial-of-Service Attack (DDoS)
Malware Attacks

Malware

Types of Malware: Trojan
Types of Malware: Virus and Armored Virus

Malware Attacks

Adware
Spyware
Rootkits
Backdoor's
Logic Bomb
Botnets
Ransomware
Polymorphic malware

Module 03: Network Security Controls, Protocols, and Devices

Fundamental Elements of Network Security

Network Security Controls
Network Security Protocols
Network Security Perimeter Appliances

Network Security Controls

Access Control

Access Control Terminology
Access Control Principles
Access Control System: Administrative Access Control
Access Control System: Physical Access Controls
Access Control System: Technical Access Controls

Types of Access Control

Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role-based Access

Network Access Control (NAC)
NAC Solutions

User Identification, Authentication, Authorization and Accounting

Types of Authentication: Password Authentication
Types of Authentication: Two-factor Authentication
Types of Authentication: Biometrics
Types of Authentication: Smart Card Authentication
Types of Authentication: Single Sign-on (SSO)

Types of Authorization Systems

Centralized Authorization
Implicit Authorization
Decentralized Authorization
Explicit Authorization

Authorization Principles

Least privilege
Separation of duties

Cryptography

Encryption

Symmetric Encryption
Asymmetric Encryption

Hashing: Data Integrity
Digital Signatures
Digital Certificates
Public Key Infrastructure (PKI)

Security Policy

Network Security Policy
Key Consideration for Network Security Policy
Types of Network Security Policies

Network Security Devices

Firewalls
DMZ
Virtual Private Network (VPN)
Proxy Server

Symmetric Encryption
Asymmetric Encryption

Honeypot

Advantages of using Honeypots
Honeypot Tools

Intrusion Detection System (IDS)
Intrusion Prevention System (IPS)
IDS/IPS Solutions
Network Protocol Analyzer

How it Works
Advantages of using Network Protocol Analyzer
Network Protocol Analyzer Tools

Internet Content Filter

Advantages of using Internet Content Filters
Internet Content Filters
Integrated Network Security Hardware

Network Security Protocols

Transport Layer
Network Layer
Application Layer
Data Link Layer
RADIUS
TACACS+
Kerbros
Pretty Good Service (PGP) Protocol
S/MIME Protocol

How it Works?
Difference between PGP and S/MIME

Secure HTTP
Hyper Text Transfer Protocol Secure (HTTPS)
Transport Layer Security (TLS)
Internet Protocol Security (IPsec)

Module 04: Network Security Policy Design and Implementation

Module 04: Network Security Policy Design and Implementation

Hierarchy of Security Policy
Characteristics of a Good Security Policy
Contents of Security Policy
Typical Policy Content
Policy Statements
Steps to Create and Implement Security Policies
Considerations Before Designing a Security Policy
Design of Security Policy
Policy Implementation Checklist
Types of Information Security Policy

Enterprise information security policy (EISP
Issue-specific security policy (ISSP)
System-specific security policy (SSSP)

Internet Access Policies

Promiscuous Policy
Permissive Policy
Paranoid Policy
Prudent Policy

Acceptable-Use Policy
User-Account Policy
Remote-Access Policy
Information-Protection Policy
Firewall-Management Policy
Special-Access Policy
Network-Connection Policy
Business-Partner Policy
Email Security Policy
Passwords Policy
Physical Security Policy
Information System Security Policy
Bring Your Own Devices (BYOD) Policy
Software/Application Security Policy
Data Backup Policy
Confidential Data Policy
Data Classification Policy
Internet Usage Policies
Server Policy
Wireless Network Policy
Incidence Response Plan (IRP)
User Access Control Policy
Switch Security Policy
Intrusion Detection and Prevention (IDS/IPS) Policy
Personal Device Usage Policy
Encryption Policy
Router Policy
Security Policy Training and Awareness
ISO Information Security Standards

ISO/IEC 27001:2013: Information technology — Security Techniques— Information security Management Systems — Requirements
ISO/IEC 27033: Information technology -- Security techniques -- Network security

Payment Card Industry Data Security Standard (PCI-DSS)
Health Insurance Portability and Accountability Act (HIPAA)
Information Security Acts: Sarbanes Oxley Act (SOX)
Information Security Acts: Gramm-Leach-Bliley Act (GLBA)
Information Security Acts: The Digital Millennium Copyright Act (DMCA) and Federal
Information Security Management Act (FISMA)
Other Information Security Acts and Laws
Cyber Law in Different Countries

Module 05: Physical Security

Physical Security
1. Need for Physical Security
2. Factors Affecting Physical Security
3. Physical Security Controls
  - Administrative Controls
  - Physical Controls
  - Technical Controls
4. Physical Security Controls: Location and Architecture Considerations
5. Physical Security Controls: Fire Fighting Systems
6. Physical Security Controls: Physical Barriers
7. Physical Security Controls: Security Personnel
Access Control, Authentication Techniques
1. Authentication Techniques: Knowledge Factors
2. Authentication Techniques: Ownership Factors
3. Authentication Techniques: Biometric Factors
Physical Security Controls
1. Physical Locks
2. Mechanical locks
3. Digital locks
4. Combination locks
5. Electronic /Electric /Electromagnetic locks
6. Concealed Weapon/Contraband Detection Devices
7. Mantrap
8. Security Labels and Warning Signs
9. Alarm System
10. Video Surveillance
11. Physical Security Policies and Procedures
Other Physical Security Measures
1. Lighting System
2. Power Supply
Workplace Security
1. Reception Area
2. Server/ Backup Device Security
3. Critical Assets and Removable Devices
4. Securing Network Cables
5. Securing Portable Mobile Devices
Personnel Security: Managing Staff Hiring and Leaving Process
Laptop Security Tool: EXO5
1. Laptop Tracking Tools
Environmental Controls
1. Heating, Ventilation and Air Conditioning
2. Electromagnetic Interference (EMI) Shielding
3. Hot and Cold Aisles
Physical Security: Awareness /Training
Physical Security Checklists

Module 06: Host Security

Host Security
1. Common Threats Specific to Host Security
2. Where do they come from?
3. Why Host Security?
4. Before Configuring Host Security: Identify the purpose of each Host
5. Host Security Baselining
OS Security
1. Operating System Security Baselining
2. Common OS Security Configurations
3. Windows Security
  - Windows Security Baselining: Example
  - Microsoft Baseline Security Analyzer (MBSA)
  - Setting up BIOS Password
  - Auditing Windows Registry
  - User and Password Management
  - Disabling Unnecessary User Accounts
  - Configuring user authentication
4. Patch Management
  - Configuring an update method for Installing Patches
  - Patch Management Tools
5. Disabling Unused System Services
6. Set Appropriate Local Security Policy Settings
7. Configuring Windows Firewall
8. Protecting from Viruses
  - Antivirus Software
9. Protecting from spyware
  - Antispyware
10. Email Security: Anti Spammer
  - Spam Filtering Software
11. Enabling Pop-up Blockers
12. Windows Logs Review and Audit
  - Log Review Recommendations
  - Event IDs in Windows Event log
13. Configuring Host-based IDS/IPS
  - Host-based IDS: OSSEC
  - AlienVault Unified Security Management (USM)
  - Tripwire
  - Additional Host-Based Ideas
14. File System Security: Setting Access Controls and Permission to Files and Folders
  - Creating and Securing a Windows file share
15. File and File System Encryption
  - EFS Limitations
  - Data encryption Recommendations
  - DATA Encryption Tools
Linux Security
1. Linux Baseline Security Checker: buck-security
2. Password Management
3. Disabling Unnecessary Services
4. Killing unnecessary processes
5. Linux Patch Management
6. Understanding and checking Linux File Permissions
  - Changing File Permissions
  - Common File Permission Settings
  - Check and Verify Permissions for Sensitive Files and Directories
7. Host-based Firewall Protection with iptables
8. Linux Log review and Audit
  - Common Linux log files
  - System Log Viewer
  - Log Events to Look for
Securing Network Servers
1. Before Hardening Servers
2. Hardening Web Server
3. Hardening Email Server: Recommendations
4. Hardening FTP Servers: Recommendations
Hardening Routers and Switches
1. Hardening Routers: Recommendations
2. Hardening Switches
  - Hardening Switches-Recommendations
3. Logs Review and Audit: SYSLOG
4. GFI EventsManager: SYSLOG Server
Application/Software Security
1. Application Security
  - Application Security Phases
  - Application Security: Recommendations
Data Security
1. What is Data Loss Prevention (DLP)?
  - Best Practices to Prevent Data Loss
  - List of DLP Solution Vendors
  - Data Leak/Loss Prevention Tools
Virtualization Security
1. Virtualization Terminologies
2. Introduction to Virtualization
3. Characteristics of Virtualization
4. Benefits of Virtualization
5. Virtualization Vendors
6. Virtualization Security
  - Virtualization Security Concern
7. Securing Hypervisor
8. Securing Virtual machines
  - Implementing Software Firewall
  - Deploying Anti-virus Software
  - Encrypting the Virtual Machines
9. Secure Virtual Network Management
  - Methods to Secure Virtual Environment
  - Virtualization Security Best Practices for Network Defenders
  - Best Practices for Virtual Environment Security

Module 07: Secure Firewall Configuration and Management

Firewalls and Concerns
What Firewalls Does?
What should you not Ignore? Firewall Limitations
How Does a Firewall Work?
Firewall Rules
Types of Firewalls
1. Hardware Firewall
2. Software Firewall
Firewall Technologies
1. Packet Filtering Firewall
2. Circuit Level Gateway
3. Application Level Firewall
4. Stateful Multilayer Inspection Firewall
  - Multilayer Inspection Firewall
5. Application Proxy
6. Network Address Translation
7. Virtual Private Network
Firewall Topologies
1. Bastion host
2. Screened subnet
3. Multi-homed firewall
4. Choosing Right Firewall Topology
Firewall Rule Set & Policies
1. Build an Appropriate Firewall Ruleset
2. Blacklist vs. Whitelist
3. Example: Packet Filter Firewall Ruleset
4. Implement Firewall Policy
5. Periodic Review of Firewall Policies
Firewall Implementation
1. Before Firewall Implementation and Deployment
2. Firewall Implementation and Deployment
3. Planning Firewall Implementation
4. Factors to Consider before Purchasing any Firewall Solution
5. Configuring Firewall Implementation
6. Testing Firewall Implementation
7. Deploying Firewall Implementation
8. Managing and Maintaining Firewall Implementation
Firewall Administration
1. Firewall Administration: Deny Unauthorized Public Network Access
2. Firewall Administration: Deny Unauthorized Access Inside the Network
3. Firewall Administration: Restricting Client’s Access to External Host
Firewall Logging and Auditing
1. Firewall Logging
2. Firewall Logs
Firewall, Anti-evasion Techniques
Why Firewalls are Bypassed?
Full Data Traffic Normalization
Data Stream-based Inspection
Vulnerability-based Detection and Blocking
Firewall Security Recommendations and Best Practices
1. Secure Firewall Implementation: Best Practices
2. Secure Firewall Implementation: Recommendations
3. Secure Firewall Implementation: Do’s and Don’ts
Firewall Security Auditing Tools
1. Firewall Analyzer
2. Firewall Tester: Firewalk
3. Fenster
4. Wingate
5. Symantec Enterprise Firewall
6. Hardware Based Firewalls
7. Software Based Firewalls

Module 08: Secure IDS Configuration and Management

Intrusions and IDPs

Intrusions

General Indications of Intrusions

Intrusion Detection and Prevention Systems (IDPS)

Why do We Need IDPS?

Role of IDS in Network Defense
IDS Functions
What Events do IDS Examine?
What IDS is NOT?
IDS Activities
How IDS Works?
IDS Components

Network Sensors
Alert Systems
Command Console
Response System
Attack Signature Database

Intrusion Detection Steps

Intrusion Detection Steps

Approach-based IDS

Anomaly and Misuse Detection Systems

Behavior-based IDS
Protection-based IDS
Structure-based IDS
Analysis Timing-based IDS
Source Data Analysis based IDS

IDS Deployment Strategies

Staged IDS Deployment
Deploying Network-based IDS

Types of IDS Alerts

True Positive (Attack - Alert)
False Positive (No Attack - Alert)
False Negative (Attack - No Alert)
True Negative (No Attack - No Alert)
Dealing with False Positive/Alarm

What should be the Acceptable Levels of False Alarms?

Calculating False Positive/False Negative Rate
Dealing with False Negative
Excluding False Positive Alerts with Cisco Secure IPS
Characteristics of a Good IDS
IDS mistakes that should be avoided

IPS Technologies
IPS Placement
IPS Functions
Need of IPS
IDS vs IPS
Types of IPS

Network-Based IPS
Host-Based IPS
Wireless IPS
Network Behavior Analysis (NBA) System

Network-Based IPS

Network-Based IPS: Security Capabilities
Placement of IPS Sensors

Host-Based IPS

Host-Based IPS Architecture

Wireless IPS

WLAN Components and Architecture
Wireless IPS: Network Architecture
Security Capabilities
Management

Network Behavior Analysis (NBA) System

NBA Components and Sensor Locations
NBA Security Capabilities

IDPS Product Selection Considerations

General Requirements
Security Capability Requirements
Performance Requirements
Management Requirements
Life Cycle Costs

IDS Counterparts

Complementing IDS
Vulnerability Analysis or Assessment Systems

Advantages & Disadvantages of Vulnerability Analysis

File Integrity Checkers

File Integrity Checkers Tools

Honey Pot & Padded Cell Systems

Honey Pot and Padded Cell System Tools

IDS Evaluation: Snort
IDS/IPS Solutions
IDS Products and Vendors

Module 09: Secure VPN Configuration and Management

Understanding Virtual Private Network (VPN)
How VPN works?
Why Establish VPN?
VPN Components
1. VPN Client
2. Tunnel Terminating Device
3. Network Access Server (NAS)
4. VPN Protocol
VPN Concentrators
1. Functions of VPN Concentrator
Types of VPN
1. Client-to-site (Remote-access) VPNs
2. Site-to-Site VPNs
3. Establishing Connections with VPN
VPN Categories
1. Hardware VPNs
  - Hardware VPN Products
2. Software VPNs
  - Software VPN Products
Selecting Appropriate VPN
VPN Core Functions
1. Encapsulation
2. Encryption
3. Authentication
4. VPN Technologies
VPN Topologies
1. Hub-and-Spoke VPN Topology
2. Point-to-Point VPN Topology
3. Full Mesh VPN Topology
4. Star Topology
Common VPN Flaws
1. VPN Fingerprinting
2. Insecure Storage of Authentication Credentials by VPN Clients
3. Username Enumeration Vulnerabilities
4. Offline Password Cracking
5. Man- in- the Middle Attacks
6. Lack of Account Lockout
7. Poor Default Configurations
8. Poor Guidance and Documentation
VPN Security
1. Firewalls
2. VPN Encryption and Security Protocols
  - Symmetric Encryption
  1. Asymmetric Encryption
3. Authentication for VPN Access
  - VPN Security: IPsec Server
  - AAA Server
4. Connect to VPN: SSH and PPP
5. Connect to VPN: Concentrator
6. VPN Security – Radius
Quality of Service and Performance in VPNs
1. Improving VPN Speed
2. Quality of Service (QOS) in VPNs
3. SSL VPN Deployment Considerations
  - Client security
  - Client integrity scanning
  - Sandbox
  - Secure logoff and credential wiping
  - Timeouts and re-authentication
  - Virus, malicious code and worm activity
  - Audit and Activity Awareness
  - Internal Network Security Failings
4. SLAs for VPN
5. IP VPN Service Level Management
6. VPN Service Providers
7. Auditing and Testing the VPN
  - Testing VPN File Transfer
8. Best Security Practices for VPN Configuration
  - Recommendations for VPN Connection

Module 10: Wireless Network Defense

Wireless Terminologies
Wireless Networks
1. Advantages of Wireless Networks
2. Disadvantages of Wireless Networks
Wireless Standard
Wireless Topologies
1. Ad-hoc Standalone Network Architecture (IBSS - Independent Basic Service Set)
2. Infrastructure Network Topology (Centrally Coordinated Architecture/ BSS – Basic Service Set)
Typical Use of Wireless Networks
1. Extension to a Wired Network
2. Multiple Access Points
3. LAN-to-LAN Wireless Network
4. 3G Hotspot
Components of Wireless Network
1. Access Point
2. Wireless Cards (NIC)
3. Wireless Modem
4. Wireless Bridge
5. Wireless Repeater
6. Wireless Router
7. Wireless Gateways
8. Wireless USB Adapter
9. Antenna
  - Directional Antenna
  - Parabolic Grid Antenna
  - Dipole Antenna
  - Omnidirectional Antenna
  - Yagi Antenna
  - Reflector Antennas
WEP (Wired Equivalent Privacy) Encryption
WPA (Wi-Fi Protected Access) Encryption
WPA2 Encryption
WEP vs. WPA vs. WPA2
Wi-Fi Authentication Method
1. Open System Authentication
2. Shared Key Authentication
Wi-Fi Authentication Process Using a Centralized Authentication Server
Wireless Network Threats
1. War Driving
2. Client Mis-association
3. Unauthorized Association
4. Honeypot Access Point (Evil Twin) Attack
5. Rogue Access Point Attack
6. Misconfigured Access Point Attack
7. Ad Hoc Connection Attack
8. AP MAC Spoofing
9. Denial-of-Service Attack
10. WPA-PSK Cracking
11. RADIUS Replay
12. ARP Poisoning Attack
13. WEP Cracking
14. Man-in-the-Middle Attack
15. Fragmentation Attack
16. Jamming Signal Attack
Bluetooth Threats
1. Leaking Calendars and Address Books
2. Bugging Devices
3. Sending SMS Messages
4. Causing Financial Losses
5. Remote Control
6. Social Engineering
7. Malicious Code
8. Protocol Vulnerabilities
Wireless Network Security
1. Creating an Inventory of Wireless Devices
2. Placement of Wireless AP
  - Placement of Wireless Antenna
3. Disable SSID Broadcasting
4. Selecting Stronger Wireless Encryption Mode
5. Implementing MAC Address Filtering
6. Monitoring Wireless Network Traffic
7. Defending Against WPA Cracking
  - Passphrases
  - Client Settings
  - Passphrase Complexity
  - Additional Controls
8. Detecting Rogue Access Points
  - Wireless Scanning:
  - Wired-side Network Scanning
  - SNMP Polling
Wi-Fi Discovery Tools
1. Insider and NetSurveyor
2. Vistumbler and NetStumbler
Locating Rogue Access points
Protecting from Denial-of-Service Attacks: Interference
Assessing Wireless Network Security
Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
WPA Security Assessment Tool
1. Elcomsoft Wireless Security Auditor
2. Cain & Abel
Wi-Fi Vulnerability Scanning Tools
Deploying Wireless IDS (WIDS) and Wireless IPS (WIPS)
1. Typical Wireless IDS/IPS Deployment
WIPS Tool
1. Adaptive Wireless IPS
2. AirDefense
Configuring Security on Wireless Routers
Additional Wireless Network Security Guidelines

Module 11: Network Traffic Monitoring and Analysis

Network Traffic Monitoring and Analysis (Introduction)
1. Advantages of Network Traffic Monitoring and Analysis
2. Network Monitoring and Analysis: Techniques
  - Router Based
  - Non-Router based
3. Router-Based Monitoring Techniques
  - SNMP Monitoring
  - Netflow Monitoring
4. Non-Router-Based Monitoring Techniques
  - Packet Sniffers
  - Network Monitors
Network Monitoring: Positioning your Machine at an Appropriate Location
1. Connecting Your Machine to Managed Switch
Network Traffic Signatures
1. Normal Traffic Signature
2. Attack Signatures
3. Baselining Normal Traffic Signatures
4. Categories of Suspicious Traffic Signatures
  - Informational
  - Reconnaissance
  - Unauthorized access
  - Denial of service
5. Attack Signature Analysis Techniques
  - Content-based Signatures Analysis
  - Context-based Signatures Analysis
  - Atomic Signatures-based Analysis
  - Composite Signatures-based Analysis
Packet Sniffer: Wireshark
1. Understanding Wireshark Components
2. Wireshark Capture and Display Filters
3. Monitoring and Analyzing FTP Traffic
4. Monitoring and Analyzing TELNET Traffic
5. Monitoring and Analyzing HTTP Traffic
Detecting OS Fingerprinting Attempts
1. Detecting Passive OS Fingerprinting Attempts
2. Detecting Active OS Fingerprinting Attempts
  - Detecting ICMP-Based OS Fingerprinting
  - Detecting TCP-Based OS Fingerprinting
3. Examine Nmap Process for OS Fingerprinting
Detecting PING Sweep Attempt
Detecting ARP Sweep/ ARP Scan Attempt
Detecting TCP Scan Attempt
1. TCP Half Open/ Stealth Scan Attempt
2. TCP Full Connect Scan
3. TCP Null Scan Attempt
4. TCP Xmas Scan Attempt
Detecting SYN/FIN DDOS Attempt
Detecting UDP Scan Attempt
Detecting Password Cracking Attempts
Detecting FTP Password Cracking Attempts
Detecting Sniffing (MITM) Attempts
Detecting the Mac Flooding Attempt
Detecting the ARP Poisoning Attempt
1. Additional Packet Sniffing Tools
2. Network Monitoring and Analysis
3. PRTG Network Monitor
Bandwidth Monitoring
1. Bandwidth Monitoring - Best Practices
2. Bandwidth Monitoring Tools

Module 12: Network Risk and Vulnerability Management

What is Risk?
Risk Levels
1. Extreme/High
2. Medium
3. Low
Risk Matrix
1. Risk Management Benefits
2. Key Roles and Responsibilities in Risk management
Key Risk Indicators (KRI)
Risk Management Phase
1. Risk Identification
  - Establishing Context
  - Quantifying Risks
2. Risk Assessment
  - Risk Analysis
  - Risk Prioritization
3. Risk Treatment
4. Risk Treatment Steps
5. Risk Tracking & Review
Enterprise Network Risk Management
1. Enterprise Risk Management Framework (ERM)
2. Goals of ERM Framework
3. NIST Risk Management Framework
4. COSO ERM Framework
5. COBIT Framework
6. Risk Management Information Systems (RMIS)
7. Tools for RMIS
8. Enterprise Network Risk Management Policy
9. Best Practices for Effective Implementation of Risk Management
Vulnerability Management
1. Discovery
2. Asset Prioritization
3. Assessment
  - Advantages of Vulnerability Assessment
  - Requirements for Effective Network Vulnerability Assessment
  - Types of Vulnerability Assessment
  - Steps for Effective External Vulnerability Assessment
  - Vulnerability Assessment Phases
  - Network Vulnerability Assessment Tools
  - Choosing a Vulnerability Assessment Tool
  - Choosing a Vulnerability Assessment Tool: Deployment Practices and Precautions
4. Reporting
  - Sample Vulnerability Management Reports
5. Remediation
  - Remediation Steps
  - Remediation Plan
6. Verification

Module 13: Data Backup and Recovery

Introduction to Data Backup
1. Backup Strategy/Plan
2. Identifying Critical Business Data
3. Selecting Backup Media
RAID (Redundant Array of Independent Disks) Technology
1. Advantages/Disadvantages of RAID systems
2. RAID Storage Architecture
3. RAID Level 0: Disk Striping
4. RAID Level 1: Disk Mirroring
5. RAID Level 3: Disk Striping with Parity
6. RAID Level 5: Block Interleaved Distributed Parity
7. RAID Level 10: Blocks Striped and Mirrored
8. RAID Level 50: Mirroring and Striping across Multiple RAID Levels
9. Selecting Appropriate RAID Levels
10. Hardware and Software RAIDs
11. RAID Usage Best Practices
Storage Area Network (SAN)
1. Advantages of SAN
2. SAN Backup Best Practices
3. SAN Data Storage and Backup Management Tools
Network Attached Storage (NAS)
1. Types of NAS Implementation
  - Integrated NAS System
  - Gateway NAS System
Selecting Appropriate Backup Method
1. Hot Backup (Online)
2. Cold Backup (Offline)
3. Warm Backup (Nearline)
Choosing the Right Location for Backup
1. On-site Data Backup
2. Off-site Data Backup
3. Cloud Data Backup
Backup Types
1. Full/Normal Data Backup
2. Differential Data Backup
3. Incremental Data Backup
4. Backup Types Advantages and Disadvantages
5. Choosing Right Backup Solution
6. Data Backup Software: AOMEI Backupper
  - Data Backup Tools for Windows
  - Data Backup Tools for MAC OS X
Conducting Recovery Drill Test
Data Recovery
Windows Data Recovery Tool
1. Recover My Files
2. EASEUS Data Recovery Wizard
3. PC INSPECTOR File Recovery
4. Data Recovery Tools for MAC OS X
RAID Data Recovery Services
SAN Data Recovery Software
NAS Data Recovery Services

Module 14: Network Incident Response and Management

Incident Handling and Response
Incident Response Team Members: Roles and Responsibilities
First Responder
1. Network Administrators as First Responders
2. What Should You Know?
3. First Response Steps by Network Administrators
  - Avoid Fear, Uncertainty and Doubt (FUD)
  - Make an Initial Incident Assessment
  - Determining Severity Levels
  - Communicate the Incident
  - Contain the Damage: Avoid Further Harm
  - Control Access to Suspected Devices
  - Collect and Prepare Information about Suspected Device
  - Record Your Actions
  - Restrict Yourself from Doing Investigation
  - Do Not Change the State of the Suspected Device
  - Disable Virus Protection
Incident Handling and Response Process
Overview of IH&R Process Flow
1. Preparation for Incident Handling and Response
2. Detection and Analysis
3. Classification and Prioritization
4. Incident Prioritization
5. Notification and Planning
6. Containment
  - Guidelines for Incident Containment
7. Forensic Investigation
  - Network Forensics Investigation
  - People Involved in Forensics Investigation
  - Typical Forensics Investigation Methodology
8. Eradication and Recovery
  - Countermeasures
  - Systems Recovery
9. Post-incident Activities
  - Incident Documentation
  - Incident Damage and Cost Assessment
  - Review and Update the Response Policies
Training and Awareness

CND ONLINE TRAINING INSTITUTE IN HYDERABAD

A Certified Network Defender (CND) is a set of security parameters for computer networks to detect, monitor, protect, and analyze network issues. CND protects computer systems and networks of military/government organizations from network attacks. Network security methodologies, bug identification, and resolving techniques are explained by our experienced faculty. In addition, our CND training also includes network defence concepts, security protocols, and firewall configuration to achieve operational flexibility during attacks.

Cyber Eagle Educational Services Pvt. Ltd. Training Majorly Focusses on Providing:

Concepts of Computer Network and Defense Fundamentals
Knowledge of Network Security Controls, Protocols and Devices
Explaining the design and implementation procedures of the Network Security Policy
Explaining the need for Physical Security and Host security
Knowledge of Secure Firewall, IDS and VPN Configuration and Management
What is Wireless Network Defense?
Management & Analysis of Network Traffic Monitoring, Network Risk and Vulnerability
Concepts of Data Backup and Recovery
Session on How Network Incident Response and Management operations?

CND Training Format:

Live interactive sessions by our highly qualified instructors
LMS Accessibility and Lab Accessibility
CND certification at the end of the CND Training Tutorial

Benefits of Our CND Training:

CND training allows a candidate to go for training as per his/her flexibility
Web-based training gives the flexibility to log-in from either home, office or from anywhere
The session will be started at per time preferred by the candidate
Our trainers are professionals with real-life experience that will cement your career path
Our LMS and lab accessibility will give the opportunity to go back and review sessions and the candidates can track their training journey
Online Course Fee is less in comparison to classroom/offline sessions

How does Our CND Training Certification Benefits You? Cyber Eagle Educational Services Pvt. Ltd. Training provides a verified EC council CND Certification at the end of the tutorial. Certification is like a professional documentary proof that depicts the candidate’s eligibility for a specified job. Guidance is provided to accomplish project works at your own pace. Multiple Career Opportunities exist in the Market for a Certified CND Professional: A certified CND individual has high demand in the market with an attractive pay scale. Multiple companies are hiring certified CND professionals and offering high CTC with various designations like a Security Operation Engineer, Cyber Security Engineer, Cyber Security Analyst, Incident Response Analyst etc. What are the Pre-requisites Needed to Learn CND Course:

Knowledge of network security protocols and basic operations
Knowledge of Windows/Unix/Linux operating system commands

Targeted Audience to Learn CND (v9) Course:

Security Analyst
Security Operator
Network Admin Professionals
Network Security Engineer
Network Defense Professionals
Already Working CND Professional
Anyone who has an interest in networking activities

Our Learners Come From?

Online learners will come from across the world. We have an Offline presence in over 30 countries across the world. Predominantly, we are the leading CND training institute in Hyderabad, Bhubaneswar, Kolkata, and Vizag.