Certified Network Defender (CND)

Module 01: Network Attacks and Defense Strategies
Covers the fundamentals of network attacks and the strategic frameworks used to defend against them, including threat actors, attack methodologies, defence‑in‑depth concepts, and adaptive security strategies.

Module 02: Administrative Network Security
Focuses on policies, standards, compliance, awareness programs, and asset management — establishing administrative controls that form the foundation for secure network operations.

Module 03: Technical Network Security
Explores technical controls such as access control, authentication, network segmentation, cryptography, and secure protocol configurations that protect network traffic and data integrity.

Module 04: Network Perimeter Security
Teaches how to secure the boundary of enterprise networks using firewalls, VPNs, IDS/IPS, and other perimeter devices — essential for preventing unauthorized access and external threats.

Module 05: Endpoint Security – Windows Systems
Details securing Windows‑based endpoints, including patch management, anti‑malware controls, host firewalls, and configuration practices to harden client and server systems.

Module 06: Endpoint Security – Linux Systems
Similar to Windows endpoint security but focused on securing Linux systems through access control, security policies, auditing, hardening, and protection tools used in open‑source environments.

Module 07: Endpoint Security – Mobile Devices
Covers defense strategies for mobile platforms, including device policies, secure configuration, mobile threat vectors, and enterprise mobility management to protect mobile assets.

Module 08: Endpoint Security – IoT Devices
Addresses IoT‑specific risks and defense techniques, including device authentication, network segmentation, firmware protection, and monitoring in environments with connected sensors and appliances.

Module 09: Administrative Application Security
Focuses on managing and securing applications through secure development practices, patching, code review, access control, and vulnerability handling at the application layer.

Module 10: Data Security
Teaches methods to protect data through classification, encryption, access policies, data loss prevention (DLP), and secure handling procedures throughout the data lifecycle.

Module 11: Enterprise Virtual Network Security
Explores security challenges in virtualized environments — securing VMs, hypervisors, virtual networking layers, and micro‑segmentation strategies within virtual infrastructures.

Module 12: Enterprise Cloud Network Security
Covers defense and management of cloud infrastructure — including identity and access management, cloud provider security models, secure workload configurations, and compliance issues in AWS, Azure, and GCP.

Module 13: Enterprise Wireless Network Security
Examines wireless network protocols and threats, secure Wi‑Fi configuration practices (WPA3), rogue access detection, and measures to defend against wireless intrusion attempts.

Module 14: Network Traffic Monitoring and Analysis
Focuses on capturing and analysing network traffic using tools like packet sniffers, IDS/IPS logs, flow analysis, and anomaly detection to detect malicious behaviours.

Module 15: Network Logs Monitoring and Analysis
Teaches how to collect, normalize, analyse, and respond to logs from firewalls, servers, applications, and security devices as part of threat detection and compliance monitoring.

Module 16: Incident Response and Forensic Investigation
Details the processes for incident triage, containment, investigation, evidence collection, and remediation — enabling professionals to respond effectively during a security breach.

Module 17: Business Continuity and Disaster Recovery
Covers strategies to ensure continuity of operations during system disruptions, including backups, recovery planning, redundancy, and resilience‑building practices.

Module 18: Risk Anticipation with Risk Management
Teaches systematic risk identification, analysis, evaluation, and mitigation planning to reduce vulnerabilities and prepare for future threats.

Module 19: Threat Assessment with Attack Surface Analysis
Focuses on evaluating an organization’s attack surface by identifying vulnerable assets, exposures, and potential entry points — helping prioritise defensive investments and testing.

Module 20: Threat Prediction with Cyber Threat Intelligence
Explores using threat intelligence feeds, indicators of compromise (IOCs), threat hunting, and predictive analytics to anticipate and prepare for emerging threats before they occur.