Certified Cyber Network Defender, CCND
Cyber network defenders help create computer systems that can handle sensitive data and withstand external cyber threats. They also review networks that already are in place in order to identify potential threats or to respond to immediate threats.
Specific knowledge includes expertise in automated information systems (AIS) security; computer terminal devices; networking theory and concepts, Windows and UNIX operating systems; procedural actions in telecommunications operations such as message formatting, processing incoming/outgoing messages, and service actions; and training on communications security equipment and devices.
- Cyber Network Defender Duties & Responsibilities generally requires the ability to do the following work:
Implement hardware and software infrastructures
- Test hardware and software infrastructures
- Assess the general strengths and likely vulnerabilities of networks
- Analyse specific issues to identify threats or potential threats
- Respond to immediate cyber threats
- Provide detailed reports to review issues or potential issues and solutions or potential solutions
Live Instructor Led. Face-to-face or attend from anywhere.
Skill up and get certified, guaranteed
What is included?
- 10 Days of training
- Course material/Slides.
- Classroom training Or attend from anywhere.
- Training delivered by Professionals with enormous industry experience.
- Labs with Virtual machines
- Total comprehensive exam preparation.
What you will Learn?
- Cyber-attack types and terminology from Network, web application, client side, devices, and OS attacks point of view.
- Cyber related laws and regulation focusing on UK laws and world-wide regulations
- Networking protocols, cablings and network types and networking device
- How to secure Windows OS and services, patching, AD security, disk encryption, LAPS, AppLocker, JEA/JIT administration, how to use baselines templated to secure Windows servers and workstations.
- How to secure Linux OS and services, patching, OS and application virtualization on Linux, how to install and secure commonly used services: SSH, apache web server, nginx, samba. How to implement password policies and AppArmor.
- How to configure firewalls, proxies, IDS/IPS, routers and VPNs
- How to protect clients on Wi-Fi networks and how to implement Enterprise security enabled Wi-Fi
- Cloud terminology and migration caveats
- How to handle the incidents and utilize MITRE ATT@CK framework and Cyber Kill Chain during the incident handling
- Use computer forensics during the Incident handling process, and understand how to collect, preserve, and maintain the integrity of the digital evidence by using bit-stream copy, chain of custody and hashing techniques. How to analyse HDD image, memory image and EXIF information inside the files. How to do a simple malware analysis.
- Use different tools to analyse network traffic and network and OS logs, and how to use advanced tools for centralised log management and SIEM and how to utilize external knowledge through Threat intelligence.
Who should attend?
- System Administrators
- Network Administrators
- Security Administrators
- Anyone who need to learn and understand how to securely configure network infrastructures
21 Jun – 2 Jul, 2021
11 – 22 Oct, 2021
29 Nov – 10 Dec, 2021
- Network attacks: MitM, ARP spoofing, SSL strip, HTTPS MitM
- Web app attacks: OWASP top 10, LFI/RFI, DoR
- Client-side attacks: Phishing, spear phishing, browser attack
- Device attacks: Routers and firewalls historical exploits
- OS attacks: AD, BoF
- Terminology: Data at rest, data in transit and data in use explained, other terminology needed for the course
- UK cyber related laws and regulations
- World-wide regulations
- Protocols: TCP/IP suite of protocols, TCP, UDP, IP, OSI model, TCP/IP model
- Cabling and network types
- Devices: NIC, hub, switch, router, firewall, IDS/IPS
- AD basics, security features, baseline configuration, patch management hardening
- Windows security features: BitLocker, JEA/JIT administration, LAPS, AppLocker
- Baselines and hardening
- Patch management
- AD basics
- OS and Application virtualization on Windows
- Linux security features
- Patching Linux
- Hardening Linux
- OS and Application virtualization on Linux
- Firewall types and usage
- IDS/IPS explained: Classification, deployment, false positives, false negatives, true positives and true negatives
- Routing explained
- VPN explained: VPN types, implementation options
- Wi-Fi protocols explained: WEP, WPA, WPA2, WPA3, implementing enterprise WPA2 and WPA3
- Enterprise Wi-Fi: Certificates, RADIUS server
- Cloud explained: SaaS, PaaS, IaaS, (XaaS), public, private, hybrid, community clouds; big players (AWS, Azure, google cloud, DigitalOcean)
- On-prem to cloud migration security considerations
- DEMO: Overview of interesting cyber security features in the cloud
- Incident handling explained: using NIST and ENISA as a template
- MITRE ATT@CK framework
- Lockheed martin cyber kill chain, cyber kill chain in general
- Computer forensics terminology: evidence, how to deal with the evidence, how to collect and preserve the evidence, chain of custody
- Evidence acquisition: create a bitstream copy, acquire memory image
- Evidence analysis: Analyse the HDD bitstream copy and memory image
- Malware analysis explained: Static analysis, dynamic analysis
- Tools: Wireshark, network miner, tcpdump
- Windows logs explained, windows built in tools for log analysis
- Linux logs explained, location and analysis
- Network devices logs, like firewalls, IDS/IPS, routers explained
- IIS, Apache, nginx, apache tomcat logs location and format explained
- SIEM Explained: usage, leaders
- Thereat intelligence steps, types (Strategic, tactical, operational), use cases (incident response, SoC, vulnerability management, risk analysis, fraud prevention, security leadership)
Basic OS administration knowledge