What’s new with CND v2.0?
Overview Organizations have made it possible for employees to work remotely since COVID-19. Hackers have the opportunity to exploit vulnerabilities and take advantage the human factor, thus enabling them to work from home. According to Tessian, 45% said that distraction was the main reason they fell for a phishing scheme while working remotely. The 2020 Data Breach Investigations Report from Verizon shows that web application attacks have increased by twice the rate of 2019. Although we are more comfortable working from home, many employees initially had inadequate security controls and were not prepared. These settings can expose the entire network’s data to risk. Companies are moving to a segmented network rather than a flat network in order to manage these situations. Similar requirements are being applied for protecting the network.
CNDv2 was announced by the EC-council with security in mind and the goal of empowering the defenders. A continuous adaptive security cycle is more important than a linear approach. CNDv2 offers a comprehensive approach to modern network security problems.
CNDv2 is moving beyond the traditional cybersecurity approach of “protect & detect”, and towards “Predict Protect, Detect, Respond.”
Course Objectives for CNDv2
CNDv2 has updated and removed domains based upon the current cybersecurity market analysis. The National Initiative of Cybersecurity Education (NICE) has created a new version based on the cybersecurity education framework. CNDv2 has 20 domains, compared to the 14 domains of CNDv1. The CNDv2 certification exam validates candidates on all critical aspects information and network security. It also helps them gain a deeper understanding of:
Modern network attacks and their defense strategies
There are many aspects to network security controls, including administrative, perimeter, and technical.
Secure entry points and end-user devices with endpoint security for Windows, Linux, IoT, and mobile devices
Concept of data storage, classification, data masking and retention, as well as destruction
Security of administrative applications and its role in minimizing security vulnerabilities
IoT concepts, threats, and countermeasures
Security in an enterprise environment: The core elements of virtualization, including software defined networks (SDN) security and network function virtualization security (NFV).
Cloud computing: threats, challenges, and security across cloud platforms (AWS. Azure. Google Cloud), container security. Kubernetes security
Wireless network security
Monitoring and analysis network traffic to detect anomalies
Analyse and monitoring logs and events to identify suspicious activity or potential incidents
Incident management process to respond to security incidents and understanding of forensics investigating techniques
Risk management and risk anticipation, risk assessment, risk mitigation, prevention, mitigation, and acceptance
Essentials for business continuity planning and disaster recovery
Perform threat assessment and analysis of attack surface, identification and testing of vulnerable areas
Fundamentals of threat intelligence and its use in moving towards a better, proactive security approach
CNDv2 offers almost twice the number of labs than CNDv1. This gives candidates the opportunity to use various tools in their hands and helps them understand the underlying technologies.
The exam format, as well as other aspects, such as eligibility criteria and exam duration, remain the same. CNDv2 provides a wider range of topics that will help you understand the current cybersecurity environment.