EC-COUNCIL CND

CERTIFIED NETWORK DEFENDER v2/v3

Module 01: Network Attacks & Defense Strategies

歡迎來到 CND 第一模組。作為一名網路防禦者 (Network Defender),我們的目標不僅是配置防火牆,更是要理解攻擊者的思維並制定全面的防禦策略。本模組將深入探討網路防禦的核心目標、攻擊面分析以及現代防禦架構。

GOAL

CIA Triad 維護

STRATEGY

Defense-in-Depth

STANDARD

NIST / GDPR

核心防禦目標 (The CIA Triad)

Confidentiality (機密性)

確保數據僅能被授權人員訪問。

Threats: Snooping, Dumpster Diving, Wiretapping.
Defense: Encryption (AES/RSA), Access Control (ACLs).

Integrity (完整性)

確保數據在傳輸或存儲過程中未被未經授權地修改。

Threats: Salami attacks, Data Diddling.
Defense: Hashing (SHA-256), Digital Signatures.

Availability (可用性)

確保授權用戶在需要時可以訪問系統與數據。

Threats: DoS/DDoS attacks.
Defense: Redundancy, Load Balancing, IPS.

防禦策略 (Defense Strategies)

Defense-in-Depth (縱深防禦)

不要依賴單一防禦層。如果防火牆失效,IPS 必須接手;如果 IPS 失效,主機防禦 (HIDS) 必須發揮作用。

  • Physical: 警衛, 門禁, CCTV
  • Network: Firewall, VPN, NIDS, VLAN
  • Host: OS Hardening, Antivirus, Patching
  • Application: Input Validation, WAF
  • Data: Encryption, DLP

Adaptive Security Strategy

PREDICT威脅情資分析
PREVENT強化配置與隔離
DETECT持續監控 (SIEM)
RESPOND事故應變 (IR)

常見攻擊向量 (Common Attack Vectors)

DDoS Attacks

耗盡系統資源。

Defense: Anti-DDoS appliances, Rate Limiting, CDN.

Social Engineering

Phishing, Vishing, Tailgating.

Defense: Security Awareness Training, MFA.

Malware

Ransomware, Trojans, Rootkits.

Defense: EDR, Sandboxing, Backup (3-2-1 rule).

MiTM

ARP Poisoning, DNS Spoofing.

Defense: VPN, HTTPS everywhere, Dynamic ARP Inspection.

TACTICAL SIMULATION

EC-COUNCIL STYLE EXAM PRACTICE // SELECT THE OPTIMAL DEFENSE STRATEGY