0 +
0 +
0 +
0 +

EC-Council’s cybersecurity programs and credentials are organized into tracks to allow professionals to specialize in a particular domain or gain advancements with added recognition and skills, one after the other.


Is the world’s most advanced network defense course that covers 14 of the most current network security domains any individuals will ever want to know when they are planning to protect, detect, and respond to the network attacks. The course contains hands-on labs, based on major network security tools and to provide network administrators real world expertise on current network security technologies and operations.


is the world’s most advanced ethical hacking course covering 20 of the most important security domains any individual will need when they are planning to beef-up the information security posture of their organization. The course provides hacking techniques and tools used by hackers and information security professionals.


Incident Handler program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system.  The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policy related to incident handling. After attending the course, they will be able to create incident handling and response policies and deal with various types of computer security incidents.

The Certified Network Defender (CND) certification program focuses on creating Network Administrators who are trained on protecting, detecting and responding to the threats on the network. Network administrators are usually familiar with network components, traffic, performance and utilization, network topology, location of each system, security policy, etc. A CND will get the fundamental understanding of the true construct of data transfer, network technologies, software technologies so that the they understand how networks operate, understand what software is automating and how to analyze the subject material. In addition, network defense fundamentals, the application of network security controls, protocols, perimeter appliances, secure IDS, VPN and firewall configuration, intricacies of network traffic signature, analysis and vulnerability scanning are also covered which will help the Network Administrator design greater network security policies and successful incident response plans..


CND is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE).

The purpose of the CND credential is to:

Validate the skills that will help the Network Administrators foster resiliency and continuity of operations during attacks.

About the Exam

Number of Questions: 100

Test Duration: 4 Hours

Test Format: Multiple Choice

Module 01 Network Attacks and Defense Strategies
Module 02 Administrative Network Security
Module 03 Technical Network Security
Module 04 Network Perimeter Security
Module 05 Endpoint Security-Windows Systems
Module 06 Endpoint Security-Linux Systems
Module 07 Endpoint Security- Mobile Devices
Module 08 Endpoint Security-IoT Devices
Module 09 Administrative Application Security
Module 10 Data Security
Module 11 Enterprise Virtual Network Security
Module 12 Enterprise Cloud Network Security
Module 13 Enterprise Wireless Network Security
Module 14 Network Traffic Monitoring and Analysis
Module 15 Network Logs Monitoring and Analysis
Module 16 Incident Response and Forensic Investigation
Module 17 Business Continuity and Disaster Recovery
Module 18 Risk Anticipation with Risk Management
Module 19 Threat Assessment with Attack Surface Analysis
Module 20 Threat Prediction with Cyber Threat Intelligence

  1. Introduction to Ethical Hacking
  2. Footprinting and Reconnaissance
  3. Scanning Networks
  4. Enumeration
  5. Vulnerability Analysis
  6. System Hacking
  7. Malware Threats
  8. Sniffing
  9. Social Engineering
  10. Denial-of-Service
  11. Session Hijacking
  12. Evading IDS, Firewalls, and Honeypots
  13. Hacking Web Servers
  14. Hacking Web Applications
  15. SQL Injection
  16. Hacking Wireless Networks
  17. Hacking Mobile Platforms
  18. IoT Hacking
  19. Cloud Computing
  20. Cryptography


    Handling Incidents

    Need for Incident Response

    Goals of Incident Response

    Incident Response Plan

    Purpose of Incident Response Plan

    Requirements of Incident Response Plan


    Incident Response and Handling Steps

    Step 1: Identification

    Step 2: Incident Recording

    Step 3: Initial Response

    Step 4: Communicating the Incident

    Step 5: Containment

    Step 6: Formulating a Response Strategy

    Step 7: Incident Classification

    Step 8: Incident Investigation

    Step 9: Data Collection

    Step 10: Forensic Analysis

    Step 11: Evidence Protection

    Step 12: Notify External Agencies

    Step 13: Eradication

    Step 14: Systems Recovery

    Step 15: Incident Documentation

    Step 16: Incident Damage and Cost Assessment

    Step 17: Review and Update the Response Policies

    DURATION : 120 Hrs