CERTIFIED NETWORK DEFENDER (CND)(SF)(SYNCHRONOUS E-LEARNING)

CERTIFIED NETWORK DEFENDER (CND)(SF)(SYNCHRONOUS E-LEARNING)

Funded

Course Duration

40.0 hr(s)

Mode of Assessment

Students will be required to complete an assessment during class. There are 2 assessment modes in this module:

  • Written Assessment
  • Case Study

Students will be required to complete a two hour paper-based written and practical performance (SF) assessment during class.

Who Should Attend

  • Network Administrators
  • Network security Administrators
  • Network Security Engineer
  • Network Defense Technicians
  • Security Analyst
  • Security Operator
  • All systems administrators interested in pursuing a career in the field.
  • All cybersecurity operations, roles and anyone interested in pursuing a career in the field.
  • IT Professionals who formulate or promoting Threat Intelligence and Detection services or solutions to their own organisation, client and customer to improve operational productivity and efficiency.

In addition, this is part of EC Council’s Vulnerability Assessment and Penetration Testing (VAPT) pathway.



 

What's In It for Me

 After registering for this course, you will be issued the following:

 

1. EC Council Official E-Courseware (valid for 24 months, after you have registered an Aspen account and entered the subscription access code issued to you via email)

2. EC Council Official iLab (access for 6 months), practice what you have learned from class using iLab hosted over cloud and accessible 24/7 via web browser. 

3. EC Council 1 x Exam Voucher (valid for 1 year after you have submitted course evaluation via Aspen Portal)

4. Certificate of Attendance (after you have submitted course evaluation via Aspen Portal)

5. Cerficate of Award (after you have passed the exam which will be proctored at NTUC LearningHub)



 

Course Overview

NTUC LearningHub Course Code: NICF146

TP Gateway Code: TGS-2022010616

 

The Certified Network Defender (CND) programme is designed to train learners in defending, detecting, and responding to network threats. Familiar with network components, traffic, reliability, and utilization, network topology, system location, and security policies, among other things. Learn the skills will assist in fostering resiliency and operational continuity during attacks and prepares learner to use threat information in a more proactive and constructive way. All organizations are now required to take a proactive approach to safeguard IT infrastructure, work environment and digital assets. The cybersecurity policy would be reactive without threat intelligence.


 

 

Course Schedule

Next available schedule

See All Schedules

Course Objectives

Upon completion, learners will be able to achieve Defense-in-Depth network security preparedness, the program aims to educate learners on network security technologies and operations. It covers the network security approach of secure, detect, respond, and predict. Hands-on labs based on major network security tools and strategies are included in the course, giving learners real-world experience with emerging network security technologies and operations.

  • Learners are more prepared to communicate or liaise with co-workers or clients or customers with regards to strategic general infrastructure aspects, elements, benchmarking compliance and standards, internal and external requirements and techniques to estimate business performance of infrastructure design, performance and specifications.
  • Learners are able to extrapolate, determine the suitability of cloud solutions, conceptual visualisation of IT infrastructure components and features to deliver or to solve problems for businesses internally or externally.

(* Please note registration for class needs to be 1 week prior to class start date)


 

Pre-requisites

Knowledge, Skills & Experience

You should possess foundational knowledge and skills in network security and IT.

While there are no formal prerequisites for CND certification, you should demonstrate a good understanding of the exam topics and some familiarity and or experience in information security.

 

It is recommended that you have prior formal trainings in the following:

  • Comptia Network+

Bonus*

For Learner's who do not have any prior network security knowledge, after signing up for this course we will be giving you a free Network Defense Essentials E-Book and Video to prepare you.

Click on the picture below to find out more:


 

 

Recommended*

For those who do not have any prior IT knowledge it is recommended for you to take up our IT Fundamentals Part 1 and Part 2

Course Outline


 

Module 01: Network Attacks and Defense Strategies

  • Essential Terminologies Related to Network Security Attacks
  • Examples of Network-level Attack Techniques
  • Examples of Application-level Attack Techniques
  • Examples of Social Engineering Attack Techniques
  • Examples of Email Attack Techniques
  • Examples of Mobile Device-specific Attack Techniques
  • Examples of Cloud-specific Attack Techniques
  • Examples of Wireless Network-specific Attack Techniques
  • Attacker Hacking Methodologies and Frameworks
  • Fundamental Goal, Benefits, and Challenges in Network Defense
  • Continual/Adaptive Security Strategy
  • Defense-in-Depth Security Strategy

Module 02: Administrative Network Security

  • Regulatory Frameworks Compliance
  • Regulatory Frameworks, Laws, and Acts
  • Design and Development of Security Policies
  • Security Awareness Training
  • Other Administrative Security Measures Module

Module 03: Technical Network Security

  • Principles of Access Control, Terminologies, and Different models
  • Access Control in Today’s Distributed and Mobile Computing World
  • Cryptographic Security Techniques
  • Cryptographic Algorithms
  • Security Benefits of Network Segmentation Techniques
  • Essential Network Security Solutions
  • Essential Network Security Protocols

Module 04: Network Perimeter Security

  • Firewall Security Concerns, Capabilities, and Limitations
  • Different Types of Firewall Technologies and their Usage
  • Firewall Topologies and their Usage
  • Firewall Implementation and Deployment Process
  • Firewall Administration Activities
  • Role, Capabilities, Limitations, and Concerns in IDS Deployment
  • IDS Classification
  • Effective Deployment of Network and Host-Based IDS
  • Dealing with False Positive and False Negative IDS Alerts
  • Router and Switch Security Measures, Recommendations, and Best Practices
  • Leveraging Zero-Trust Model Security using Software-Defined Perimeter (SDP)

Module 05: Endpoint Security-Windows Systems

  • Window OS and Security Concerns
  • Windows Security Components
  • Windows Security Features
  • Windows Security Baseline Configurations
  • Windows User Account and Password Management
  • Windows Patch Management
  • Windows User Access Management
  • Windows OS Security Hardening Techniques
  • Windows Active Directory Security Best Practices
  • Windows Network Services and Protocol Security

Module 06: Endpoint Security - Linux Systems

  • Linux OS and Security Concerns
  • Linux Installation and Patching
  • Linux OS Hardening Techniques
  • Linux User Access and Password Management
  • Linux Network Security and Remote Access
  • Linux Security Tools and Frameworks

Module 07: Endpoint Security - Mobile Devices

  • Common Mobile Usage Policies in Enterprises
  • Security Risks and Guidelines Associated with Enterprise Mobile Usage Policies
  • Implementing Various Enterprise-level Mobile Security Management Solutions
  • Implementing the General Security Guidelines and Best Practices on Mobile Platforms
  • Security Guidelines and Tools for Android Devices
  • Security Guidelines and Tools for iOS Devices

Module 08: Endpoint Security - IoT Devices

  • IOT Devices Need and Application Areas
  • IoT Ecosystem and Communication Models
  • Security Challenges and Risks Associated with IoT-enabled Environments
  • Security in IoT-Enabled Environments
  • Security Measures for IoT-enabled IT Environments
  • IoT Security Tools and Best Practices
  • Various Standards, Initiatives, and Efforts for IoT Security

Module 09: Administrative Application Security

  • Implement Application Whitelisting and Blacklisting
  • Implement Application Sandboxing
  • Implement Application Patch Management
  • Implement Web Application Firewalls

Module 10: Data Security

  • Data Security and Its Importance
  • Implementation of Data Access Controls
  • Implementation of “Data at Rest” Encryption
  • Implementation of “Data in Transit” Encryption
  • Data Masking Concepts
  • Data Backup and Retention
  • Data Destruction Concepts
  • Data Loss Prevention Concepts

Module 11: Enterprise Virtual Network Security

  • Security Management in Virtualization-Enabled IT Environments
  • Essential Virtualization Concepts
  • Network Virtualization (NV) Security
  • Software Defined Network (SDN) Security
  • Network Function Virtualization (NFV) Security
  • OS Virtualization Security
  • Security Guidelines, Recommendations, and Best Practices for Containers
  • Security Guidelines, Recommendations, and Best Practices for Dockers
  • Security Guidelines, Recommendations, and Best Practices for Kubernetes

Module 12: Enterprise Cloud Network Security

  • Cloud Computing Fundamentals
  • Cloud Security Insights
  • Evaluating CSPs for Security Before Consuming a Cloud Service
  • Security in Amazon Cloud (AWS) 12.5. Security in Microsoft Azure Cloud
  • Security in Google Cloud Platform (GCP)
  • General Security Best Practices and Tools for Cloud Security

Module 13: Enterprise Wireless Network Security

  • Fundamentals of Wireless Networks
  • Encryption Mechanisms Used in Wireless Networks
  • Authentication Methods Used in Wireless Networks
  • Various Security Measures in Wireless Networks

Module 14: Network Traffic Monitoring and Analysis

  • Need and Advantages of Network Traffic Monitoring
  • Setting Up the Environment for Network Monitoring
  • Baseline Traffic Signatures for Normal and Suspicious Network Traffic
  • Network Monitoring and Analysis for Suspicious Traffic Using Wireshark
  • Network Performance and Bandwidth Monitoring Concepts

Module 15: Network Logs Monitoring and Analysis

  • Logging Concepts
  • Log Monitoring and Analysis on Windows Systems
  • Log Monitoring and Analysis on Linux Systems
  • Log Monitoring and Analysis on Mac Systems
  • Log Monitoring and Analysis in Firewalls
  • Log Monitoring and Analysis on Routers
  • Log Monitoring and Analysis on Web Servers
  • Centralized Log Monitoring and Analysis

Module 16: Incident Response and Forensic Investigation

  • Concept of Incident Response
  • Role of First Responder in Incident Response
  • Do’s and Don’ts in First Response
  • Incident Handling and Response Process
  • Forensics Investigation Process

Module 17: Business Continuity and Disaster Recovery

  • Business Continuity (BC) and Disaster Recovery (DR) Concepts
  • BC/DR Activities
  • Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
  • BC/DR Standards

Module 18: Risk Anticipation with Risk Management

  • Risk Management Concepts
  • Managing Risk though Risk Management Program
  • Different Risk Management Frameworks (RMF)
  • Managing Vulnerabilities through Vulnerability Management Program
  • Vulnerability Scanning and Assessment

Module 19: Threat Assessment with Attack Surface Analysis

  • Attack Surface Analysis
  • Attack Surface Visualization
  • Identifying Indicators of Exposures (IoEs)
  • Conducting Attack Simulation
  • Reducing the Attack Surface

Module 20: Threat Prediction with Cyber Threat Intelligence

  • Role of Cyber Threat Intelligence in Network Defense
  • Different Types of Threat Intelligence
  • Indicators of Threat Intelligence: IoCs and IoAs
  • Different Layers of Threat Intelligence
  • Consuming Threat Intelligence for Proactive Defense

Certificate Obtained and Conferred by

  • Certificate of Completion from NTUC LearningHub
    • Upon meeting at least 75% attendance and passing the assessment(s), participants will receive a Certificate of Completion from NTUC LearningHub.

 

 

  • External Certification
    • After completing this course and upon passing the official “EC Council Certified Network Defender” certification exam, candidates will receive the official certification from EC Council. The certification is governed and maintained by EC Council.


Additional Details

Medium of Instruction: English

Trainer: Trainee Ratio is 1:20

 

Price

Course Fee:

Course-Code: NICF146

NTUC LHUB must receive payment by 31st December 2023 (8% GST applies)
[You are encouraged to make payment ahead of time]

  

Individual Sponsored 

Company Sponsored 

 

Non-SME 

SME 

Before GST 

With GST 

Before GST 

With GST 

Before GST 

With GST 

For foreigners and all others who are not eligible for subsidies in the next two categories below (Full Course Fee)

$2,500.00

$2,700.00

$2,500.00

$2,700.00

$2,500.00

$2,700.00

For Singapore Citizens & PRs:
(a) individually-sponsored trainees aged 21-39 years
(b) company-sponsored trainees aged 39 years & below

$1,250.00

$1,450.00

$1,250.00

$1,450.00

$750.00

$950.00

For Singapore Citizens aged 40 years and above

$750.00

$950.00

$750.00

$950.00

$750.00

$950.00

Payments received by NTUC LHUB from 1st January 2024 (9% GST applies)

  

Individual Sponsored 

Company Sponsored 

 

Non-SME 

SME 

Before GST 

With GST 

Before GST 

With GST 

Before GST 

With GST 

For foreigners and all others who are not eligible for subsidies in the next two categories below (Full Course Fee)

$2,500.00

$2,725.00

$2,500.00

$2,725.00

$2,500.00

$2,725.00

For Singapore Citizens & PRs:
(a) individually-sponsored trainees aged 21-39 years
(b) company-sponsored trainees aged 39 years & below

$1,250.00

$1,475.00

$1,250.00

$1,475.00

$750.00

$975.00

For Singapore Citizens aged 40 years and above

$750.00

$975.00

$750.00

$975.00

$750.00

$975.00

*After 70% ­­­­funding for SME-sponsored Singaporeans and PRs under Enhanced Training Support for SMEs (ETSS) scheme

Funding Eligibility Criteria:

Individual Sponsored Trainee

Company Sponsored Trainee
  • Singapore Citizens or Singapore Permanent Residents

  • From 1 October 2023, attendance-taking for SkillsFuture Singapore's (SSG) funded courses must be done digitally via the Singpass App. This applies to both physical and synchronous e-learning courses

  • Trainee must achieve at least 75% attendance
  • Trainee must pass all prescribed tests / assessments, and attain 100% competency
  • NTUC LearningHub reserves the right to claw back the funded amount from trainee if he/she did not meet the eligibility criteria
  • Singapore Citizens or Singapore Permanent Residents

  • From 1 October 2023, attendance-taking for SkillsFuture Singapore's (SSG) funded courses must be done digitally via the Singpass App. This applies to both physical and synchronous e-learning courses

  • Trainee must achieve at least 75% attendance
  • Trainee must pass all prescribed tests / assessments, and attain 100% competency
  • NTUC LearningHub reserves the right to claw back the funded amount from the employer if trainee did not meet the eligibility criteria


Remarks:

Individualual Sponsored Trainee

Company Sponsored Trainee

SkillsFuture Credit:

  • Eligible Singapore Citizens can use their SkillsFuture Credit to offset course fee payable after funding

PSEA:

  • Eligible Singapore Citizens can use their Post-Secondary Education Account (PSEA) funds to offset course fee payable after funding

UTAP:

  • NTUC Members can enjoy up to 50% funding (capped at $250 per year) under Union Training Assistance Programme (UTAP)

Absentee Payroll (AP) Funding:

  • $4.50 per hour, capped at $100,000 per enterprise per calendar year
  • AP funding will be computed based on the actual number of training hours attended by the trainee
  • Note: Courses / Modules under Professional Conversion Programme (PCP) will not be eligible for AP funding claim.

Terms and conditions apply. NTUC LearningHub reserve the right to make changes or improvements to any of the products described in this document without prior notice.

Prices are subject to other LHUB miscelleanous fees.

What Others Also Enrolled In

Funded

IDENTITY AND ACCESS MANAGEMENT ESSENTIALS (SF)

View detail
Before Funding $1,400.00
View detail
Funded

CYBER AWARENESS FOR EMPLOYEES WORKSHOP

View detail
Before Funding $490.00
View detail
Funded

CYBER AWARENESS FOR EMPLOYEES WORKSHOP

View detail
Before Funding $490.00
View detail
Funded

CERTIFIED NETWORK DEFENDER (CND)(SF)(SYNCHRONOUS E-LEARNING)

View detail
Before Funding $2,500.00
View detail
Funded

CYBERSECURITY AWARENESS PROGRAMME (SF) (SYNCHRONOUS E-LEARNING)

View detail
Before Funding $400.00
View detail