EC-Council Certified Network Defender (CND)

Price
Net €
VAT €

Price
Price on Request

Duration
5 days

For companies and job seekers:
this course is 100% fundable!

Location

Course Language
English

Training Solutions
Online Live

Request a consultation Add to favorites Print as PDF

Networks form the backbone of modern IT landscapes and are also the focus of ever-growing threats. What is needed are sound security concepts, technical understanding, and the ability to detect attacks early on and assess them confidently. Current defense strategies combine operational practice with analytical thinking and create stability in complex environments.

Key topics

Network architectures and secure design principles.
Threat models, attack vectors, and defense mechanisms.
Monitoring, logging, and incident handling.
Firewalls, IDS/IPS, and network security technologies.
Hardening, access control, and policy enforcement.
Cooperation between operations, security, and compliance.

Prerequisites
Basic understanding of network technologies, TCP/IP, and common operating systems, as well as initial experience in IT operations or administration.

Target audience
IT professionals from network operations, system administration, security operations, and related technical roles who want to deepen their knowledge of network security in a structured and practical way.

Robust networks are created where technology, processes, and security awareness work together. The content covered strengthens confidence in action, promotes sustainable protection concepts, and supports a resilient IT orientation in the context of modern cyber threats.

Print as PDF

Course content

Network attacks and protection

Important terms relating to network security attacks
Examples of network attack techniques
Application-level attack techniques
Social engineering attacks
Email-based attacks
Attacks on mobile devices
Cloud attack techniques
Wireless network attacks
Hacking methods and frameworks
Network defense objectives and challenges
Adaptive security strategies
Defense-in-depth security strategy

Network security management

Understanding legal frameworks and standards
Analyzing laws and regulations
Create security guidelines
Conduct security and awareness training
Implement administrative security measures

Network security

Principles and models of access control
Access control in the age of distributed and mobile computing
Identity and access management (IAM)
Cryptographic Security Techniques
Various cryptographic algorithms
Security advantages of network segmentation
Important network security solutions
Essential network security protocols

Protection of network boundaries

Understanding security issues, firewalls: possibilities and limitations
Various firewall technologies and possible applications
Firewall topologies and their application
Different firewalls: hardware, software, host, network, internal, external
Selection of firewalls based on deep traffic inspection
Implementation and deployment of firewalls
Best practices for secure firewall implementation
Firewall management concepts
IDS deployment: role, capabilities, limitations
IDS classification
ID components and their functions
Use of network- and host-based IDS
Dealing with false positive/negative IDS/IPS alerts
Selecting suitable IDS/IPS solutions
Comparison of NIDS and HIDS solutions
Snort as a security solution
Security measures for routers and switches, best practices
Zero trust model with software-defined perimeter (SDP)

Windows endpoint security

Understanding Windows operating systems and security aspects
Windows security components
Windows security features
Windows security configurations
User account and password management in Windows
Windows patch management
User access management
Windows OS security hardening
Best practices for Windows Active Directory security
Security of Windows network services and protocols

Endpoint security on Linux

Linux operating system and security aspects
Installation and patching of Linux
Securing the Linux system
User access and password management
Network security and remote access
Security tools and frameworks in Linux

Mobile endpoint security

Mobile use in the company: Common guidelines
Security risks and guidelines for mobile use in business
Mobile security management solutions for businesses
Solutions
Security policies and best practices for mobile platforms
Security policies and tools for Android
Security policies and tools for iOS

IoT endpoint protection

IoT devices, demand, and applications
IoT ecosystem and communication models
Security challenges in the IoT
Security in IoT environments
Security measures for IoT IT environments
IoT security tools and best practices
IoT security standards and initiatives

Security in administrative software

Whitelisting and blacklisting of applications
Application sandboxing
Application patch management
Web application firewall (WAF)

Data protection

Understanding data security
Implementation of data access controls
Encryption of data at rest
Encryption of data in transit
Data masking
Data backup and retention
Data destruction concepts
Protection against data loss

Protection of virtual networks

Development of network and security management in virtualized IT environments
Key virtualization concepts
Security of network virtualization (NV)
SDN security
Network function virtualization (NFV) security
OS virtualization security
Security policies and best practices for containers
Security policies and best practices for Docker
Security policies and best practices for Kubernetes

Cloud security in the enterprise

Fundamentals of cloud computing
Insights into cloud security
Verifying the security of cloud services (CSP)
Security in AWS
Security in Microsoft Azure
Security in Google Cloud Platform
Best security practices and tools for the cloud

Wireless network security

Fundamentals of wireless networks
Encryption in wireless networks
Authentication methods in wireless networks
Implementing security measures in wireless networks

Monitor network traffic

Recognizing the necessity and advantages of network monitoring
Setting up an environment for network monitoring
Define signatures for normal and suspicious traffic
Analyze suspicious traffic with Wireshark
Discuss tools and techniques for network performance and bandwidth monitoring

Analysis of network protocols

Understanding logging concepts
Log monitoring and analysis on Windows
Log monitoring and analysis on Linux
Log analysis on Mac systems
Log analysis in firewalls
Log monitoring in routers
Log analysis on web servers
Central log monitoring and analysis

Reaction and forensic examination

Understanding how to respond to incidents
Clarify the role of the first responder
Do's and don'ts of the initial response
Describe incident handling and response
Explain forensic investigation

Contingency planning and operational stability

Business Continuity (BC) and Disaster Recovery (DR) Concepts
BC/DR activities
Business continuity plan (BCP) and disaster recovery plan (DRP)
BC/DR standards

Review BC/DR standards

Understanding risk management concepts
Using risk management programs
Become familiar with RMF frameworks
Applying vulnerability management
Assess and scan vulnerabilities

Threat & vulnerability analysis

Understanding attack surface concepts
Identifying and visualizing attack surfaces
Recognizing indicators of compromise (IoE)
Performing attack simulations
Minimizing attack surfaces
Analysis for cloud and IoT

Recognizing cyber threats

Role of threat intelligence in defense
Types of threat intelligence
Indicators of Threats: IoCs and IoAs
Levels of threat intelligence
Using threat data for proactive defense

Your training will be 100% funded

Our funding schemes are available exclusively to participants who live or work in Germany. Funding is not available outside Germany.

For career starters, job seekers, career changers, startups, experienced professionals, those looking to advance their careers, specialists, etc.

The QCG program for everyone in the company

Further information

The education voucher for all job seekers

Further information

Frequently asked questions

What is the EC-Council Certified Network Defender (CND)?

The CND is an international IT certification for network security. It provides expertise in protecting IT infrastructures from attacks and detecting security incidents.

Who is CND training suitable for?

The training is aimed at IT professionals, network administrators, and security experts who want to protect, analyze, and secure networks—both in companies and in government agencies.

What topics does the Certified Network Defender training cover?

The focus is on network security, firewalls, VPNs, intrusion detection, vulnerability management, cyber defense strategies, forensic analysis, and network monitoring.

What are the recommended prerequisites for the CND course?

Basic knowledge of network technologies and IT security is helpful. Experience in dealing with network infrastructures or IT system administration makes it easier to get started.

What are the advantages of CND certification?

The certification strengthens your IT profile and improves your chances of securing positions in network security, incident response, and cyber defense. It is internationally recognized.

Is CND training also of interest to companies?

Yes—companies benefit from a better-protected IT environment. Trained personnel recognize threats early on, respond more quickly, and effectively secure company networks.

What career opportunities does the CND offer?

The CND certificate opens up opportunities in the fields of IT security, network administration, security operations centers (SOC), incident response, and cyber defense—recognized worldwide.

Do you have any further questions? Please contact us.

Select your nearest center: *

0800 258 258 055

website@newhorizons.de

First Name *

Surname *

Telephone Number *

Postcode *

E-Mail *

I would like to receive funding for further training – I am currently: *

Company Name

Your message

I hereby confirm that I have taken note of the privacy notice. *