• Network administrators, network security administrators, and operations engineers
• Security analysts, security operations center (SOC) personnel, blue teamers
• IT professionals responsible for securing, monitoring, or defending network infrastructure
• Individuals preparing to take the CND (Exam 312-38) certification
• Those who have foundational networking knowledge and wish to strengthen their security-defense skills

• Basic knowledge of networking, TCP/IP, routing, switching
• Some exposure to security concepts (e.g. firewalls, IDS/IPS, authentication)
• Familiarity with operating systems (Windows/Linux) is beneficial
• No formal prerequisites are mandated by EC-Council, though readiness improves with prior experience

• Understand, classify, and anticipate network attacks and apply defense strategies
• Develop and enforce security policies, governance, and administrative controls
• Configure and manage access controls, cryptography, and segmentation
• Deploy perimeter defenses: firewalls, VPNs, IDS/IPS, proxies
• Secure endpoints (Windows, Linux, mobile, IoT) using hardening, patching, and security controls
• Apply application security practices and protect sensitive data via encryption, DLP, and secure architecture
• Defend virtual, cloud, and wireless environments
• Monitor network traffic, analyze logs, detect anomalies, and leverage SIEM principles
• Respond to security incidents, conduct basic forensic procedures, and recover from attacks
• Perform risk assessments, analyze attack surfaces, and incorporate threat intelligence into defense posture
• Plan for business continuity, disaster recovery, and resilience of operations

Terminology, attack types (network, host, application, social engineering, mobile, cloud, wireless)
Hacking methodologies & frameworks
Defense-in-depth, adaptive security, continual security strategies

Regulatory frameworks, compliance, policy development
Security training, awareness, administrative controls

Access control models, IAM, cryptographic techniques, network segmentation
Security protocols, identity services

Firewalls, IDS/IPS, VPNs, proxy, content filtering, perimeter defense strategies

Hardening, host controls, patching, mobile device security, securing IoT endpoints

Application security controls, secure coding, vulnerability mitigation
Data classification, encryption, data loss prevention, data policies

Virtual networking, hypervisors, cloud security models
Wireless protocols, securing wireless, cloud & hybrid environments

Packet analysis, flow monitoring (NetFlow), signatures, anomaly detection
Log collection, correlation, SIEM fundamentals

Incident handling lifecycle, first response, evidence acquisition, forensic basics

Risk management, attack surface analysis, threat intelligence, disaster recovery, continuity planning