Certified Network Defender (CND) Training
Introduction to Certified Network Defender (CND)
Gain an understanding of the Certified Network Defender (CND) certification, including its goals, benefits, and the core network defense skills it encompasses. This module provides an overview and sets the stage for more detailed study.
Network Security Fundamentals
Learn the fundamental principles of network security. This includes understanding network security concepts, security policies, and strategies for securing network devices and data.
Network Attack Strategies and Defense
Explore various network attack strategies and learn how to defend against them. This section covers common attack techniques, their impact on network security, and defensive measures to mitigate risks.
Network Security Policies and Procedures
Understand the creation and implementation of network security policies and procedures. Learn about policy frameworks, security standards, and best practices for maintaining network security.
Network Access Control and Security
Study network access control mechanisms and security measures. This section covers user authentication, authorization, and accounting (AAA), as well as access control technologies and practices.
Network Security Monitoring and Management
Learn about monitoring and managing network security. This includes using network security monitoring tools, performing security assessments, and managing network security incidents.
Incident Response and Management
Explore incident response and management strategies. Understand how to detect, respond to, and manage security incidents, and develop skills to handle network security breaches effectively.
Network Security Technologies
Gain knowledge of various network security technologies. Learn about firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and other technologies used to protect network infrastructure.
Network Forensics
Study network forensics techniques for investigating security incidents. Learn how to collect, analyze, and interpret network data to identify and respond to security threats.
Compliance and Legal Issues
Understand the compliance and legal issues related to network security. This includes knowledge of relevant regulations, legal frameworks, and industry standards for network security.
Hands-On Labs and Practice
Participate in hands-on labs and practical exercises to apply your knowledge. Practice using security tools, configuring network defenses, and responding to simulated security incidents.
Exam Preparation and Study Tips
Prepare for the Certified Network Defender (CND) exam with study tips, practice tests, and review materials. Get familiar with the exam format, question types, and strategies for passing the certification exam.
Certification Network Defender Syllabus
1. Setting up the Lab
- Installing and Configuring VMware Workstation
- Installing Kali Linux
- Configuring Network Connection
- Updating and Upgrading Kali Linux
- Introduction to Bash Environment
- Automating Administration with Bash Scripting
2. Penetration Testing Standard
- Penetration Testing Framework
- Pre-engagement Interactions
- Intelligence Gathering
- Threat Modelling
3. Penetration Testing Classification
- Penetration Testing Classification
4. Information Discovery
- Google Hacking
- Discovering Devices using Shodan
- DNS Information Gathering
- Whois Information Gathering
- Email Tracking
- Route and Network Information Gathering
- All-in-One Information Gathering
5. Scanning Target
- TCP Connect Port Scanning
- Stealth Port Scanning Techniques
- UDP Port Scanning
- Nmap Scripting Engine
- Advanced Port Scanning Techniques
- Active Banners and System OS Enumeration
- Passive Banners and System OS Enumeration
6. Enumerating Target
- Enumerating Users, Groups, and Shares with SMB
- Enumerating DNS Resource Records
- Enumerating SNMP
- Enumerating SMTP
7. Vulnerability Assessment Tools for System
- Nmap
- Nessus
- OpenVAS
8. Discovering Zero Day
- Vulnerability Research
- Introduction to Fuzzing
- Memory Stack and Heap
- Introduction to Buffer Overflow
- DEP and ASLR
- Buffer Overflow in Action
9. Target Exploitation
- Setting Up Metasploit
- Exploitation with Metasploit
- Using Metasploit Auxiliary
- Using Exploit Modules
- Getting Familiar with Payloads
- Staged and Non-Staged Payloads
- Working with Meterpreter Session
- Working with Multi Handler
- VNC Exploitation
- Adding Your Own MSF Modules
- Using Post Exploitation Modules
- Enabling RDP
- Dumping Password Hashes
10. Privilege Escalation
- Escalating Local Privilege in Linux
- Bypassing UAC in Windows
- Escalating Privileges through Physical Access
- Misconfiguration Attacks for Privilege Escalation
11. Password Cracking
- Types of Password Attacks
- Password Cracking Techniques
- Generating Password Dictionary
- Dictionary Attack
- Rainbow Attack
- Brute Force Attack
- Introduction to Windows and Linux Password Hash
- Pwdump and L0pthCrack
- Breaking Password Hash
- John the Ripper and OphCrack
- Pass the Hash in Windows
- Cracking Telnet and SSH Password
- Cracking FTP and HTTP Password
- Hydra, Fireforce, and Ncrack
- Using Metasploit Post Exploitation Modules
12. Encoding Payloads and Using Frameworks
- Encoding Payload using Msfencode
- Using Veil Framework
- Using Shellter
- Using Custom Tools and Payloads
13. Maintaining Access
- Protocol Tunneling
- Proxy
- Installing Persistent Backdoor
- Netcat, The Swiss Army Knife
- Starting a Listener using Netcat
- Connecting to Target using Netcat
- Stealing Files with Netcat
- Controlling Target with Netcat
14. Advanced Sniffing
- Sniffing Concepts
- Using Wireshark for Sniffing
- Capture and Display Filters
- Follow TCP Stream
- Analyzing Graphs and Endpoints in Wireshark
- Tracing Geo Location of IP in Wireshark
- Using TCP Dump
- ARP Poisoning
- DHCP Starvation
- MAC Flooding
- DNS Poisoning Redirecting User to Fake Website
- Sniffing Credentials From Secured Websites
15. DOS Attack
- SYN Flood Attack
- Application Request Flood Attack
- Service Request Flood
- Permanent Denial of Service Attack
16. Web Application Penetration Testing
- Introduction to Web Application Vulnerabilities
- Introduction to Burp Suite Proxy
- Cross Site Scripting (XSS)
- Cookie Stealing
- Session Hijacking
- Cross Site Request Forgery (CSRF)
- LFI and RFI
- Hacking Database using SQL Injection
- Enumerating Database
- Extracting Database Records
- SQL Injection with Automated Tools
- Web Application Assessment and Exploitation with Automated Tools
17. Wireless Penetration Testing
- Introduction to Wireless Security
- Revealing Hidden SSID
- Cracking Wireless Encryptions
- Cracking WEP
- Cracking WPA and WPA2
- Configuring Fake Access Point
- Halting Wireless Network Through DOS Attack
- Restricting Wireless Access Through Wireless Jammer
18. Exploits and Client-Side Attacks
- Introduction to Client-Side Attacks
- Gathering Client Information
- Exploiting Browser Vulnerability
- Exploiting Internet Explorer Vulnerabilities
- Metasploit Browser Autopwn
19. Social Engineering Toolkit
- Stealing Passwords through Phishing
- Generating Backdoors
- Java Applet Attack Method
20. Firewall and IDS Testing
- Introduction to Firewall and IDS
- Testing IDS Rules
- Testing Firewall Rules
- Firewalking
21. Data Collection, Evidence Management, and Reporting
- Type of Report
- Presentation Report
- Post-Testing Procedure
Training
Basic Level Training
Duration : 1 Month
Advanced Level Training
Duration : 1 Month
Project Level Training
Duration : 1 Month
Total Training Period
Duration : 3 Months
Course Mode :
Available Online / Offline
Course Fees :
Please contact the office for details