EC-Council Certified Network Defender v2


Certified Network Defender (CND) v2

Network Defender Course Overview

Certified Network Defender (CND) by EC-Council strengthens the fundamentals of network security. It provides an in-depth understanding of network security issues and trains network defenders on dealing with them.

CND v2 is the first course in the new Vulnerability Assessment and Penetration Testing (VAPT) Track developed by EC-Council. EC-Council has added and removed domains to focus on a comprehensive approach to deal with current network security issues in the latest version. The course authenticates your understanding of critical and core concepts of network and information security.

The CND certification program focuses on training Network Administrators to protect, detect, respond to, and predict threats on the network. This builds upon the typical knowledge and skills of Network Administrators in network components, traffic, performance and utilization, network topology, system locations, and security policies.

What is NEW in CND v2?
  • The newly updated CND V2 includes the Adaptive Security Strategy, increasing scope from the former Protect – Detect – Respond to Protect – Detect – Respond – Predict strategy.
  • CND has a dedicated focus on loT Security exposing learners to various security challenges that loT devices pose and the measures required to mitigate them.
  • It allows students to implement and manage the security of virtualization technologies such as Network Virtualization (NV), Software-Defined Network (SON), Network Function Virtualization (NFV), OS Virtualization, Containers, Dockers, and Kubernetes used in modern day networks.
  • The new CND program has a special focus on mobile security measures and covers enterprise mobile device security and access control security strategies much deeper than its predecessor as they are extremely relevant in a mobile enabled enterprise. A CND professional shall be trained to ensure that end points in their organization do not pose a security risk.
  • Increased focus on cloud security with enterprise cloud security, AWS security, Microsoft Azure security, Google Cloud Platform security.
  • CND includes an introduction to threat intelligence, in-depth attack surface analysis, and business continuity and disaster recovery concepts.
Why take CND Certification Course?

CND is globally recognized and most sought-after credentials in the field of network security. The new version is based on the cybersecurity education framework and work-role task analysis presented by the National Initiative of Cybersecurity Education (NICE).

The new concept of following the “Predict, Protect, Detect, Respond” cycle by EC-Council has enhanced the learning takeaways by providing a complete package required to defend a network.

Successful completion of CND program and passing the certification exam not only optimize your career opportunities but also provides you an edge over existing competition.

Who would benefit from the CND Certification Course?

CND v2 training helps you to excel your role at the workplace, if you are:

Target Audience
Network Administrators
Network Engineer
Network Security Administrator / Engineer / Analyst
Cybersecurity Engineer
Security Analyst / Operator
Network Defense Technician
Defense-In-Depth Security
Properly Designed, Implemented and Enforced Security Policies
Security Architectures
Appropriate Configuration
Right Selection of Security Controls
Traffic Monitoring
Log Management
Log Monitoring
Anomalies Detection
Incident Response
Forensics Investigation
Business Continuity (BC)
Disaster Recovery (DR)
Risk and Vulnerability Assessment
Attack Surface Analysis
Threat Intelligence
Course Pre-Requisite
  • Basic idea of networking and its components
Overview Course Outline About the exam

Learning Objectives for CND v2 Training Course

The program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the protect, detect and respond approach to network security. The course contains hands-on labs, based on major network security tools and techniques which will provide network administrators real world expertise on current network security technologies and operations. The study-kit provides you with over 10 GB of network security best practices, assessments and protection tools. The kit also contains templates for various network policies and a large number of white papers for additional learning.

The courseware of CNDv2 is designed to develop a strong and deep understanding of various networking verticals, talking first about various network and defense strategies proceeding to incident detection and response and advancing to threat assessments and intelligence. Below is the list of modules with a brief description of what they talk about.

Module 01: Network Attacks and Defense Strategies: This module introduces you to different network-based attacks faced by the organization to understand their working and develop defense strategies.

Module 02: Administrative Network Security: It involves developing or updating security infrastructure and continuously monitoring networks for any suspicious actions or unauthorized access

Module 03: Technical Network Security: Implementing authentication and protection controls for user verification to avoid theft of sensitive information or data. Introducing the concept of zero trust and its effectiveness in maintaining a better security posture

Module 04: Network Perimeter Security: Implementation and management of perimeter devices like firewalls, Intrusion Detection Systems, Intrusion Prevention Systems

Module 05: Endpoint Security-Windows Systems: Security of end-user devices and entry points by implying endpoint security on Windows devices.

Module 06: Endpoint Security-Linux Systems: Securing entry points or end-user devices by ensuring endpoint security on Linux devices

Module 07: Endpoint Security- Mobile Devices: Securing entry points or end-user devices by ensuring endpoint security on mobile devices

Module 08: Endpoint Security-IoT Devices: Fundamentals of IoT, IoT threats and security using endpoint security implementation

Module 09: Administrative Application Security: Understanding the methodologies of administrative application security and its importance to minimize the security-related vulnerabilities in the application

Module 10: Data Security: Implementing policies to safeguard data from unauthorized access using various techniques like encryption, hashing, tokenization, and other key management practices. Concept of data storage, data classification, data masking, retention and destruction

Module 11: Enterprise Virtual Network Security: In-depth understanding of virtualization, related threats, and security. Essentials of software-defined network (SDN) security, network function virtualization (NFV) security

Module 12: Enterprise Cloud Network Security: Introduction to cloud computing, threats, challenges and security across cloud platforms, concepts of container security, docker security, and Kubernetes security

Module 13: Enterprise Wireless Network Security: Understanding of wireless network security essentials, threats, attacks, and countermeasures.

Module 14: Network Traffic Monitoring and Analysis: Analysis and monitoring of logs from various perimeter network devices to identify any anomalies in the traffic.

Module 15: Network Logs Monitoring and Analysis: Analyzing the events generated by various devices in the network to identify signs of any suspicious activity or a potential incident

Module 16: Incident Response and Forensic Investigations: Understanding of incident management response process and methodologies to be followed in case of security incidents. Understanding of forensics investigation techniques and tools used for analysis.

Module 17: Business Continuity and Disaster Recovery: Understanding the importance of BCP and DR, related concepts and procedures required to allow smooth functioning of operations in case of a disaster

Module 18: Risk Anticipation with Risk Management: Risk management process, analyzing various risks that the organization is susceptible to and developing policies to manage them.

Module 19: Threat Assessment with Attack Surface Analysis: Analyzing the threats and attack vectors to develop solutions for their countermeasures

Module 20: Threat Prediction with Cyber Threat Intelligence: Developing a proactive approach by understanding various frameworks aiding in threat intelligence to anticipate the kinds of attacks hackers could use to gain access to the network.


Exam Codes 312-38 (ECC EXAM)
Number of Questions 100 questions per exam
Type of Questions Multiple choice
Length of Test 4 Hours / 240 Minutes
Testing Provider ECC EXAM
Passing Score In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has real world applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall cut score for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

Course Highlights

EC-Council Authorized Partner
96% passing rate
Get certified at an affordable price
Blended learning delivery model
CEI Certified Trainers


  • Unit 15B Penthouse Atherton Place, Tomas Morato, Corner Don A. Roces Ave, Quezon City, 1103 Metro Manila
  • +(632) 7905 8718


View our Course Documents below with the current Curriculum and Pricing presented in an easy to read guide for the course offered.


As an Internal Auditor, I find CND program to be versatile and useful to all professions. It has added great value to my skill set and I believe it will be of use for all IA who seeks to expand their area of expertise.



I filled the gap of my current security knowledge. The practical stuff from our instructor was interesting and liked the labs which showed you how to's for security management in the it environment.



Good to know for starting in IT Technology Security, the courseware was Good, CND is my start to Technology Security basic.



An excellent starting point for anyone interested in the IT Security Industry. Courseware was very comprehensive. Virtual Labs are absolutely amazing.



The CND program is sensational, fully updated content and meets a demand repressed in the market. In Brazil we are addressing professionals and companies on the CND and the demand expectation this is great, because the content is very rich and what the program aims not learned in the course of graduate courses and much less in post graduation courses.



At vero eos et accusamus et iusto odio digni goikussimos ducimus qui to bonfo blanditiis praese. Ntium voluum deleniti atque.

Melbourne, Australia
(Sat - Thursday)
(10am - 05 pm)

No products in the cart.

Subscribe to our newsletter

Sign up to receive latest news, updates, promotions, and special offers delivered directly to your inbox.
No, thanks