8
EC-Council CND Exam Blueprint v1 Certified D Network Defender N C
CND Exam Blueprint 1
EC-Council
CND Exam Blueprint v1
CertifiedD
Network Defender
NC
CND Exam Blueprint 02
CND Phases CND Domains CND Objectives Weight Number of Questions
Introduction
Module 01 Computer Network and Defense Fundamentals
01. Understanding computer network02. Describing OSI and TCP/IP network Models 03. Comparing OSI and TCP/IP network Models 04. Understanding different types of networks 05. Describing various network topologies 06. Understanding various network
components 07. Explaining various protocols in TCP/IP
protocol stack 08. Explaining IP addressing concept 09. Understanding Computer Network
Defense(CND) 10. Describing fundamental CND attributes 11. Describing CND elements 12. Describing CND process and Approaches
5% 5
Module 02 Network Security Threats, Vulnerabilities, and Attacks
01. Understanding threat, attack, and vulnerability
02. Discussing network security concerns03. Discussing the reasons behind network
security concerns04. Understanding the effect of network
security breach on business continuity05. Understanding different types of network
threats06. Understanding different types of network
security vulnerabilities07. Understanding different types of network
attacks08. Describing various network attacks
5% 5
Module 03 Network Security Controls, Protocols, and Devices
01. Understanding fundamental elements of network security
02. Explaining network access control mechanism
03. Understanding different types of access controls
04. Explaining network Authentication, Authorization and Auditing (AAA) mechanism
05. Explaining network data encryption mechanism
06. Describing Public Key Infrastructure (PKI) 07. Describing various network security
protocols 08. Describing various network security
devices
8% 8
CND Exam Blueprint 03
Protection
Module 04 Network Security Policy Design and Implementation
01. Understanding security policy02. Discussing the need of security policies03. Describing the hierarchy of security policy04. Describing the characteristics of a good
security policy05. Describing typical content of security
policy06. Understanding policy statement07. Describing steps for creating and
implementing security policy08. Understanding the designing of security
policy09. Understanding the implementation of
security policy10. Describing various types of security policy11. Discussing the designing of various
security policies12. Discussing various information security
related standards, laws and acts
6% 6
Module 05 Physical Security
01. Understanding physical security 02. Discussing the need of physical security 03. Discussing the factors affecting physical
security 04. Describing various physical security
controls 05. Understanding choosing Fire Fighting
Systems 06. Describing various access control
authentication techniques 07. Understanding workplace security 08. Understanding personnel security 09. Describing Environmental Controls 10. Understanding the importance of physical
security awareness and training
6% 6
Module 06Host Security
01. Understanding host security02. Understanding need of securing individual
hosts03. Understanding threats specific to hosts04. Identifying paths to host threats05. Understanding the purpose of host before
assessment06. Describing host security baselining07. Describing OS security baselining08. Understanding and describing security
requirements for different types of servers09. Understanding security requirements for
hardening of routers
7% 7
CND Exam Blueprint 04
10. Understanding security requirements for hardening of switches
11. Understanding data security at rest, motion and use
12. Understanding virtualization security
Module 07 Secure Firewall Configuration and Management
01. Understanding firewalls 02. Understanding firewall security concerns 03. Describing various firewall technologies 04. Describing firewall topologies 05. Understanding the appropriate selection
of firewall topologies 06. Understanding the designing and
configuring firewall ruleset 07. Discussing the Implementation of firewall
policies08. Explaining the deployment and
implementation of firewall09. Discussing the factors to considers before
purchasing any firewall solution 10. Describing the configuring, testing and
deploying of firewalls 11. Describing the managing, maintaining,
administrating firewall implementation 12. Understanding firewall logging 13. Understanding the measures for avoiding
firewall evasion 14. Understanding firewall security best
practices
8% 8
Module 08 Secure IDS Configuration and Management
01. Understanding different types of intrusions and their indications
02. Understanding IDPS03. Understanding the importance of
implementing IDPS04. Describing role of IDPS in network defense05. Describing functions, components, and
working of IDPS06. Explaining various types of IDS
implementation07. Describing staged deployment of NIDS
and HIDS08. Describing fine-tuning of IDS by
minimizing false positive and false negative rate
09. Discussing characteristics of good IDS implementation
10. Discussing common IDS implementation mistakes and their remedies
11. Explaining various types of IPS implementation
8% 8
CND Exam Blueprint 05
12. Discussing requirements for selectingappropriate IDSP product
13. Discussing the technologiescomplementing IDS functionality
Module 09 Secure VPN Configuration and Management
01. Understanding Virtual Private Network(VPN) and its working
02. Understanding the importance ofestablishing VPN
03. Describing various VPN components04. Describing implementation of VPN
concentrators and its functions05. Explaining different types of VPN
technologies06. Discussing components for selecting
appropriate VPN technology 07. Explaining core functions of VPN08. Explaining various topologies for
implementation of VPN 09. Discussing various VPN security concerns10. Discussing various security implications for
to ensure VPN security and performance
5% 6
Module 10 Wireless Network Defense
01. Understanding wireless network02. Discussing various wireless standards03. Describing various wireless network
topologies04. Describing possible use of wireless
networks05. Explaining various wireless network
components06. Explaining wireless encryption (WEP,
WPA,WPA2) technologies07. Describing various authentication
methods for wireless networks08. Discussing various types of threats on
wireless networks09. Discussing the creation of inventory for
wireless network components10. Discussing the appropriate placement of
wireless AP11. Discussing the appropriate placement of
wireless antenna12. Discussing the monitoring of wireless
network traffic13. Discussing the detection and locating of
rogue access points14. Discussing the prevention of wireless
network from RF interference15. Describing various security implications for
wireless network
6% 6
CND Exam Blueprint 06
Analysis and Detection
Module 11 Network Traffic Monitoring and Analysis
01. Understanding network traffic monitoring 02. Understanding the importance of network
traffic monitoring 03. Discussing techniques used for network
monitoring and analysis 04. Discussing the appropriate position for
network monitoring 05. Discussing the connection of network
monitoring system with managed switch 06. Understanding network traffic signatures 07. Discussing the baselining for normal traffic 08. Disusing the various categories of
suspicious traffic signatures 09. Discussing the various techniques for
attack signature analysis 10. Understanding Wireshark components,
working and features 11. Demonstrating the use of various
Wireshark filters 12. Demonstrating the monitoring LAN traffic
against policy violation 13. Demonstrating the security monitoring of
network traffic 14. Demonstrating the detection of various
attacks using Wireshark15. Discussing network bandwidth monitoring
and performance improvement
9% 9
Module 12 Network Risk and Vulnerability Management
01. Understanding risk and risk management02. Discussing the key roles and
responsibilities in risk management03. Understanding Key Risk Indicators (KRI) in
risk management04. Explaining phase involves in risk
management05. Understanding enterprise network risk
management06. Describing various risk management
frameworks07. Discussing best practices for effective
implementation of risk management08. Understanding vulnerability management09. Explaining various phases involve in
vulnerability management10. Understanding vulnerability assessment
and its importance11. Discussing requirements for effective
network vulnerability assessment12. Discussing internal and external
vulnerability assessment13. Discussing steps for effective external
vulnerability assessment
9% 9
CND Exam Blueprint 07
14. Describing various phases involve invulnerability assessment
15. Discussing the selection of appropriatevulnerability assessment tool
16. Discussing best practices and precautionsfor deploying vulnerability assessment tool
17. Describing vulnerability reporting,mitigation, remediation and verification
Response
Module 13Data Backup and Recovery
01. Understanding data backup02. Describing the data backup plan03. Describing the identification of data to
backup04. Determining the appropriate backup
medium for data backup05. Understanding RAID backup technology
and its advantages06. Describing RAID architecture07. Describing various RAID levels and their
use08. Discussing the selection of appropriate
RAID level09. Understanding Storage Area Network
(SAN) backup technology and itsadvantages
10. Discussing the best practices of using SAN11. Understanding Network Attached
Storage (NAS) backup technology and itsadvantages
12. Describing various types of NASimplementation
13. Determining the appropriate backupmethod
14. Discussing the selection of appropriatelocation for backup
15. Understanding full, differential, andincremental backup types
16. Discussing the selection of appropriatebackup types
17. Determining the appropriate BackupSolution
18. Discussing recovery drill test on backupdata
19. Understanding data recovery20. Discussing data recovery tools for various
backup technology
9% 9
Module 14 Network Incident Response and Management
01. Understanding Incident Handling andResponse (IH&R)
8% 8
CND Exam Blueprint 08
02. Discussing the roles andresponsibilities of Incident ResponseTeam (IRT)
03. Describing role of first responder04. Describing first response activities for
network administrators05. Describing Incident Handling and
Response (IH&R) process06. Understanding forensic investigation07. Discussing the people involved in
forensics investigation08. Describing forensics investigation
methodology
