EC-Council

C ND
Certified
Network
Defende
r

CND Exam Blueprint v3.0

CND Exam Blueprint v3.0 1

 No. Of Weightage
Domain Sub Domain Description
Questions (%)

1. Network Defense Network Attacks and • Explain essential terminologies related to 7 10%
Management Defense Strategies network security attacks
• Describe the various examples of network-level
attack techniques
• Describe the various examples of host-level
attack techniques
• Describe the various examples of application-
level attack techniques
• Describe the various examples of social
engineering attack techniques
• Describe the various examples of email attack
techniques
• Describe the various examples of mobile
device-specific attack techniques
• Describe the various examples of cloud-specific
attack techniques
• Describe the various examples of wireless
network-specific attack techniques
• Describe Attacker’s Hacking Methodologies
and Frameworks
• Understand fundamental goal, benefits, and
challenges in network defense
• Explain Continual/Adaptive security strategy
• Explain defense-in-depth security strategy
Administrative • Obtain compliance with regulatory frameworks 3
Network Security • Discuss various Regulatory Frameworks, Laws,
and Acts
• Learn to design and develop security policies
• Conduct security awareness training
• Discuss other administrative security measures
2. Network Technical Network • Discuss access control principles, 6 16%
Perimeter Security terminologies, and models
Protection • Redefine Access Control security in Today’s
Distributed and Mobile Computing World
• Discuss Identity and Access Management (IAM)
concepts
• Discuss cryptographic security techniques
• Discuss various cryptographic algorithms
• Discuss security benefits of network
segmentation techniques
• Discuss various essential network security
solutions
• Discuss various essential network security
protocols

CND Exam Blueprint v3.0 02

 Network Perimeter • Understand firewall security concerns, 10
Security capabilities, and limitations
• Understand different types of firewall
technologies and their usage
• Understand firewall topologies and their usage
• Distinguish between hardware, software, host,
network, internal, and external firewalls
• Select firewalls based on its deep traffic
inspection capability
• Discuss firewall implementation and
deployment process
• Discuss recommendations and best practices
for secure firewall Implementation and
deployment
• Discuss firewall administration activities
• Understand role, capabilities, limitations, and
concerns in IDS deployment
• Discuss IDS/IPS classification
• Discuss various components of IDS
• Discuss effective deployment of network and
host-based IDS
• Learn to how to deal with false positive and
false negative IDS alerts
• Discuss the selection of appropriate IDS
solutions
• Discuss various NIDS and HIDS Solutions with
their intrusion detection capabilities
• Discuss router and switch security measures,
recommendations, and best practices
• Leverage Zero Trust Model Security using
Software-Defined Perimeter (SDP)
3. Endpoint Endpoint Security- • Understand Window OS and Security Concerns 5 15%
Protection Windows Systems • Discuss Windows Security Components
• Discuss Various Windows Security Features
• Discuss Windows security baseline
configurations
• Discuss Windows User Account and Password
Management
• Discuss Windows Patch Management
• Discuss User Access Management
• Discuss Windows OS Security Hardening
Techniques
• Discuss Windows Active Directory Security Best
Practices
• Discuss Windows Network Services and
Protocol Security
Endpoint Security- • Understand Linux OS and Security Concerns 4
Linux Systems • Discuss Linux Installation and Patching
• Discuss Linux OS Hardening Techniques
• Discuss Linux User Access and Password
Management
• Discuss Linux Network and Remote Access
Security
• Discuss Various Linux Security Tools and
Frameworks

CND Exam Blueprint v3.0 03

 Endpoint Security- • Discuss Common Mobile Usage Policies in 3
Mobile Devices Enterprises
• Discuss the Security Risk and challenges
associated with Enterprises mobile usage
policies
• Discuss security guidelines to mitigate risk
associated with enterprise mobile usage
policies
• Discuss and implement various enterprise-level
mobile security management Solutions
• Discuss and implement general security
guidelines and best practices on Mobile
platforms
• Discuss Security guidelines and tools for
Android devices
• Discuss Security guidelines and tools for iOS
devices
Endpoint Security-IoT • Understand IoT Devices, their need, and 3
Devices Application Areas
• Understand IoT Ecosystem and Communication
models
• Understand Security Challenges and risks
associated with IoT-enabled environments
• Discuss the security in IoT-enabled
Environments
• Discuss Security Measures for IoT-enabled
Environments
• Discuss IoT Security Tools and Best Practices
• Discuss and refer various standards, Initiatives
and Efforts for IoT Security
4. Application and Administrative • Discuss and implement Application 4 13%
Data Protection Application Security Whitelisting and Blacklisting
• Discuss and implement application
Sandboxing
• Discuss and implement Application Patch
Management
• Discuss and implement Web Application
Firewall (WAF)
Data Security • Understand Data Security and its Importance 9
• Discuss the implementation of data access
controls
• Discuss the implementation of encryption of
“Data at rest”
• Discuss the implementation of Encryption of
“Data at transit”
• Discuss the implementation of Encryption of
“Data at transit” between browser and web
server
• Discuss the implementation of Encryption of
“Data at transit” between database server and
web server
• Discuss the implementation of Encryption of
“Data at transit” in Email Delivery
• Discuss Data Masking ConceptsDiscuss data
backup and retention
• Discuss Data Destruction Concepts
• Data Loss Prevention(DLP) Concepts

CND Exam Blueprint v3.0 04

5. Enterprise Enterprise Virtual • Understand Virtualization Essential Concepts 4 12%
Virtual, Cloud, Network Security • Discus Network Virtualization (NV) Security
and Wireless • Discuss Software-Defined Network (SDN)
Network Security
Protection • Discuss Network Function Virtualization (NFV)
Security
• Discus OS Virtualization Security
• Discuss Security Guidelines, recommendations
and best practices for Containers
• Discuss Security Guidelines, recommendations
and best practices for Dockers
• Discuss Security Guidelines, recommendations
and best practices for Kubernetes
Enterprise Cloud • Understand Cloud Computing Fundamentals 3
Network Security • Understand the Insights of Cloud Security
• Evaluate CSP for Security before Consuming
Cloud Service
• Discuss security in Amazon Cloud (AWS)
• Discuss security in Microsoft Azure Cloud
• Discuss Security in Google Cloud Platform
(GCP)
• Discuss general security best practices and
tools for cloud security
Enterprise Wireless • Understand wireless network fundamentals 5
Network Security • Understand wireless network encryption
mechanisms
• Understand wireless network authentication
methods
• Discuss and implement wireless network
security measures
6. Incident Network Traffic • Understand the need and advantages of 7 14%
Detection Monitoring and network traffic monitoring
Analysis • Setting up the environment for network
monitoring
• Determine baseline traffic signatures for
normal and suspicious network traffic
• Perform network monitoring and analysis for
suspicious traffic using Wireshark
• Discuss network performance and bandwidth
monitoring concepts
Network Logs • Understand logging concepts 7
Monitoring and • Discuss log monitoring and analysis on
Analysis Windows systems
• Discuss log monitoring and analysis on Linux
• Discuss log monitoring and analysis on Mac
• Discuss log monitoring and analysis on Firewall
• Discuss log monitoring and analysis on Routers
• Discuss log monitoring and analysis on Web
Servers
• Discuss centralized log monitoring and analysis

CND Exam Blueprint v3.0 05

7. Incident Incident Response • Understand incident response concept 6 10%
Response and Forensic • Understand the role of first responder in
Investigation incident response
• Discuss Do’s and Don’t in first response
• Describe incident handling and response
process
• Describe forensics investigation process
Business Continuity • Introduction to Business Continuity (BC) and 4
and Disaster Recovery Disaster Recovery (DR)
• Discuss BC/DR Activities
• Explain Business Continuity Plan (BCP) and
Disaster Recovery Plan (DRP)
• Discuss various BC/DR Standards
8. Incident Risk Anticipation with • Understand risk management concepts 3 10%
Prediction Risk Management • Learn to manage risk though risk management
program
• Learn different Risk Management Frameworks
(RMF)
• Learn to manage vulnerabilities through
vulnerability management program
• Learn vulnerability assessment and scanning
Threat Assessment • Understand the attack surface analysis 4
with Attack Surface • Understand and visualize your attack surface
Analysis • Learn to identify Indicators of Exposures (IoE)
• Learn to conduct attack simulation
• Learn to reduce the attack surface
Threat Prediction • Understand the role of cyber threat 3
With Cyber Threat intelligence in network defense
Intelligence • Understand different types of threat
Intelligence
• Understand the Indicators of Threat
Intelligence: Indicators of Compromise (IoCs)
and Indicators of Attack (IoA)
• Understand the layers of Threat Intelligence
• Learn to leverage/consume threat intelligence
for proactive defense

CND Exam Blueprint v3.0 06