Home > Vendors > ec-council > cnd

CND - Certified Network Defender


Duration: 5.0 days

EC-Council's Certified Network Defender (C|ND) is an essential vendor-neutral network security certification for every IT and systems administrator who needs to operate with a secure mindset.

Students will learn the critical skills required to defend their networks and operating environments across local networks, endpoints, cloud infrastructure, applications, OT, and Mobile. They will also acquire knowledge of effective proper log analysis, network traffic monitoring, basic investigation and response, as well as business continuity and disaster recovery.

Additionally, they will dive into threats, analyzing the attack surface, and studying threat prediction and threat intelligence as it relates to their administration and defense responsibilities.

Often referred to as blue-teaming, C|NDs will be able to apply defense and countermeasure strategies in their organizations, playing a critical role not only in attack prevention but also in detection, response, and remediation as they configure networks and systems to operate securely. The C|ND program will cover the concepts and fortify skills through hands-on practice across over 100+ labs delivered on live target machines.

The C|ND program designed by industry experts prepares network defenders with strategic, technological, and operational network security capabilities, enabling them to design, develop, and maintain secure networks.


  • Planning and administering network security for organizations
  • Recognizing security risks, threats, and vulnerabilities
  • Ensuring compliance with regulatory standards
  • Designing and implementing network security policies
  • Applying security principles in distributed and mobile computing environment
  • Implementing Identity and Access Management, encryption, and network segmentation
  • Managing Windows and Linux Security Administration
  • Addressing security risks in mobile devices and IoT
  • Implementing strong data security techniques
  • Managing security in virtualization technologies and cloud platforms
  • Implementing wireless network security
  • Conducting risk and vulnerability assessments
  • Providing first response to security incidents
  • Identifying Indicators of Compromise and Attack
  • Integrating threat intelligence for proactive defense
  • Conducting Attack Surface Analysis
  • Assisting in Business Continuity and Disaster Recovery planning
  • Monitoring network traffic and performing log Management
  • Managing proxy, content filtering, and troubleshooting network issues
  • Hardening security of endpoints and selecting firewall solutions
  • Configuring IDS/IPS for enhanced security
  • Maintaining an inventory of network devices
  • Providing security awareness guidance and training
  • Managing AAA for network devices
  • Reviewing audit logs and analyzing security anomalies
  • Maintaining and configuring security platforms
  • Evaluating security products and operations procedures
  • Identifying and classifying organizational assets
  • Implementing system integrity monitoring tools
  • Understanding EDR/XDR and UEBA solutions
  • Conducting PIA processes for privacy assessment
  • Collaborating on threat hunting and incident response
  • Understanding SOAR platforms in cybersecurity operations
  • Integrating Zero Trust principles into security architectures
  • Staying updated on emerging cyber threats
  • Understanding the role of AI/ML in cyber defense.


  • Module 01: Network Attacks and Defense Strategies
  • Module 02: Administrative Network Security
  • Module 03: Technical Network Security
  • Module 04: Network Perimeter Security
  • Module 05: Endpoint Security-Windows Systems
  • Module 06: Endpoint Security-Linux Systems
  • Module 07: Endpoint Security- Mobile Devices
  • Module 08: Endpoint Security-IoT Devices
  • Module 09: Administrative Application Security
  • Module 10: Data Security
  • Module 11: Enterprise Virtual Network Security
  • Module 12: Enterprise Cloud Network Security
  • Module 13: Enterprise Wireless Network Security
  • Module 14: Network Traffic Monitoring and Analysis
  • Module 15: Network Logs Monitoring and Analysis
  • Module 16: Incident Response and Forensic Investigation
  • Module 17: Business Continuity and Disaster Recovery
  • Module 18: Risk Anticipation with Risk Management
  • Module 19: Threat Assessment with Attack Surface Analysis
  • Module 20: Threat Prediction with Cyber Threat Intelligence


  • Network Administrators
  • Network Security Administrators
  • Network Engineer
  • Security Operator
  • Data Security Analyst
  • Network Security Engineer
  • Network Defense Technician
  • Security Analyst
  • Cybersecurity Engineer
  • Network Security


Students/IT Professionals/Any other industry professionals planning a career in cybersecurity. Anyone who wants to start a career in the blue team and network security.


Number of Questions: 100

Test Duration: 4 Hours

Test Format: Multiple Choice

Test Delivery: ECC EXAM

Exam Prefix: 312-38 (ECC EXAM)

Passing Score:

In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (i.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the guide of a committee of subject matter experts. This approach ensures that our exams offer academic difficulty, as well as, “real world” applications. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form adheres to assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.


Enquire Now
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy