|
|
CIW Security 1D0 470
Join over 1 million people who learn
online, with these complete interactive computer training
courses.
Receive your login ID to take the training courses online,
as many times as you wish, for 1 year.
Click
here for group orders.
| Buy this entire
online training course with one easy payment of $67 |
|
OR
| Buy the Web Design
pack, and receive this course
plus many more, for only $197
|
 |
|
Benefits |
- Unlimited access for
1 year
- Learn anytime,
anywhere
- You control the pace
- Start & stop
wherever you want
- No books to read
- No software needed
- Value Packs include
Free online tech support
- Double
guarantee
|
- 100% Money back
guarantee
- One time payment No
monthly fee
- Use the course index
for review anytime
- Answer course
questions with at least 70% accuracy and print
your own certificates of
completion to prove that you have mastered each training course.
- Free status reports
for company managers
|
|
|
Requirements |
All you need is a PC with Windows,
the Microsoft Internet Explorer (browser)
and an Internet connection.
Note: The online computer training is designed to
work only with Internet Explorer. Prices shown are per
user. |
|
What
You will Learn |
| This online training course is designed to prepare the student to pass the Certified Internet Webmaster (CIW) Security 1D0 470 exam. It helps the student achieve proficiency in identifying security threats, developing countermeasures, and using firewall systems and attack recognition technologies. It covers the fundamental concepts and principles of network security, and it describes the most common types of attacks that can occur. It covers basic networking models, such as TCP/IP and the OSI reference model, and it explains the security vulnerabilities of protocols used at each layer in the model. It also covers the basic tools and procedures used to protect a network, including firewalls, encryption, auditing, and log analysis. |
|
Security Fundamentals |
- List the basic elements of a security matrix
- Explain the types of security threats that are now common
|
- Describe the most common elements of a security system, including encryption, authentication, access control lists, execution control lists, and auditing
|
|
|
Attack Types and Encryption |
- Explain the e mail encryption process and its components
- Use common applications to encrypt messages and files
- List methods of preventing each type of attack
|
- Explain the differences between SSL and S HTTP
- List and describe the categories of security attack: brute force/dictionary, buffer overflow, Trojan, DOS/DDOS, and man in the middle
|
|
|
Protocol Layers and Security |
- Diagram the OSI reference model and explain how it functions
- List protocols used at the Network, Transport, and Application layers of each model
- Explain the processes used for security testing
|
- Describe the TCP/IP protocol stack
- Identify the major security vulnerabilities of network protocols
- List basic steps you can take to protect network services
- Identify the security vulnerabilities of e mail servers
|
|
|
Firewalls |
- Explain the role and purpose of a firewall
- Distinguish between packet filters, application layer proxies, and circuit level proxies
- Describe the role and possible configurations of a bastion host
- Write rules for a basic packet filter
|
- Outline how PKI works
- Describe the four basic firewall designs and discuss their advantages and disadvantages
- Use WinRoute to configure NAT or a proxy on a Windows machine
- Use Ipchains and Iptables to configure packet filtering on Linux
|
|
|
Operating System Security |
- Describe the most widely used industry security standards
- List the key vulnerabilities of Windows 2000 and Linux operating systems
- Describe the built in security features of Windows 2000
|
- Use Pluggable Authentication Modules to improve authentication on Linux systems
- Configure password settings for improved security
- Set permissions on files, folders and shares
|
|
|
Assessing and Reducing Risk |
- Identify general and specific operating system attacks
- Describe the function of a keylogger program
- Scan a system to view its services and assess security risks
- Lock down and remove services for effective security in Windows 2000 and Linux
|
- Explain Linux security concerns including rlogin, NIS, and NFS
- Explain the purpose and importance of system patches and fixes
- Modify the Windows 2000 Registry to increase security
|
|
|
Security Auditing |
- Describe the activities of auditors in their various roles, including that of security manager, consultant, and insider
- List and describe the three basic stages of a security audit
|
- Identify and utilize auditing software, including DNS utilities, ping and port scanners, and enterprise grade vulnerability scanners
- Classify information revealed during audits
|
|
|
Auditing and the Control Phase |
- Identify common targets of attack
- Discuss penetration strategies and methods
- List potential physical, OS, and TCP/IP stack attacks
- Identify and analyze specific brute force and DoS attacks
|
- Implement methods designed to thwart penetration
- Define control procedures
- Identify control methods
- List ways to document control procedures and methods
|
|
|
Attack Detection and Response |
- Deter and distract hackers using proactive detection techniques
- Describe the different types of IDS architectures
|
- Audit and create rules using eTrust
- Audit your network using Snort
- Create and implement a response policy
|
|
|
Auditing and Log Analysis |
- Audit network activity in Windows NT/2000 and Linux
- Use log analysis to identify suspicious network activity
- Create a security audit report
- Configure a personal firewall
|
- Recommend steps for improving security compliance
- Enable proactive detection of security problems
- Use SSH for data security and authentication
|
|
|
