Search  
(0 items)
 
OUR PARTNERS




















 
 
 
Online Courses From Only £19.99 per year
IT Training » CIW Security 1D0-470

CIW Security 1D0-470

CIW Security 1D0-470

Price: £49.99

Duration: 39.00 hour(s)
Delivery: online

This course is for professionals who wish to learn more about network security and those wanting to attain Certified Internet Webmaster certification on the CIW Security 1D0-470 exam.

CIW Security 1D0-470 Series

Summary:

This training is designed to prepare the student to pass the Certified Internet Webmaster (CIW) Security 1D0-470 exam.

It helps the student achieve proficiency in identifying security threats, developing countermeasures, and using firewall systems and attack recognition technologies.

It covers the fundamental concepts and principles of network security, and it describes the most common types of attacks that can occur.

It covers basic networking models, such as TCP/IP and the OSI reference model, and it explains the security vulnerabilities of protocols used at each layer in the model.

It also covers the basic tools and procedures used to protect a network, including firewalls, encryption, auditing, and log analysis.      


Learning Segment 1 : Security Fundamentals    

This learning segment covers basic security concepts and principles. It introduces the major elements that go into a security implementation, including encryption, authentication, access control lists, execution control lists, and auditing.  

Objectives:

  • List the basic elements of a security matrix
  • Explain the types of security threats that are now common
  • Describe the most common elements of a security system, including encryption, authentication, access control lists, execution control lists, and auditing  

Topics:

  • What is security?
  • A security matrix
  • Assessing the threat
  • Security standards
  • Elements of security
  • The security policy
  • Encryption
  • Authentication
  • Access control
  • Execution Control Lists
  • Auditing
  • Common security principles
  • Multiple layers
  • Enforcement and training
  • Security management
  • Physical security    

 Learning Segment 2 : Attack Types and Encryption    

This learning segment provides a detailed introduction to the encryption process for e-mail and other Internet applications, including the interaction of symmetric, asymmetric (public key), and hash encryption, SSL, and S-HTTP.

It also provides an introduction to security attacks and how they can be prevented.  

Objectives:

  • Explain the e-mail encryption process and its components
  • Explain the differences between SSL and S-HTTP
  • Use common applications to encrypt messages and files
  • List and describe the categories of security attack: brute force/dictionary, buffer overflow, Trojan, DOS/DDOS, and man in the middle
  • List methods of preventing each type of attack  

Topics:

  • Applied encryption
  • Symmetric-key encryption
  • Asymmetric encryption
  • Applied packet-filtering
  • E-mail encryption applications
  • File and Web encryption applications
  • Brute force and dictionary attacks
  • System bugs, back doors, and Trojans
  • Social engineering and non-direct attacks    

Learning Segment 3 : Protocol Layers and Security    

This learning segment covers the basic models used to conceptualize network communications, including the TCP/IP and OSI reference models.

It provides information on the protocols used at each layer of the model and how hackers commonly exploit network protocols. It also explains how to perform security testing on existing and new systems.  

Objectives:

  • Describe the TCP/IP protocol stack
  • Diagram the OSI reference model and explain how it functions
  • List protocols used at the Network, Transport, and Application layers of each model
  • Identify the major security vulnerabilities of network protocols
  • List basic steps you can take to protect network services
  • Identify the security vulnerabilities of e-mail servers
  • Explain the processes used for security testing  

Topics:

  • TCP/IP security
  • The OSI reference model
  • Transport layer
  • Application layer
  • Implementing TCP/IP security
  • Protecting TCP/IP services
  • Simple Mail Transfer Protocol
  • Testing and evaluating
  • Security testing software    

Learning Segment 4 : Firewalls    

This learning segment introduces users to firewall and VPN design. Basic firewall concepts are covered including bastion hosts, packet filters, screening routers, and proxies.  

Objectives:

  • Explain the role and purpose of a firewall
  • Distinguish between packet-filters, application-layer proxies, and circuit-level proxies
  • Describe the role and possible configurations of a bastion host
  • Outline how PKI worksWrite rules for a basic packet filter
  • Describe the four basic firewall designs and discuss their advantages and disadvantages
  • Use WinRoute to configure NAT or a proxy on a Windows machine
  • Use Ipchains and Iptables to configure packet-filtering on Linux  
  • The role of firewalls
  • Firewall concepts
  • Packet filter rules
  • Applying packet filters
  • Configuring proxy servers
  • Remote access and virtual private networks
  • Public key infrastructure
  • Designing a firewall
  • Hardware issues
  • Common firewall designs
  • Implementing a firewall strategy    

Learning Segment 5 : Operating System Security    

This learning segment introduces security issues that arise at the operating system level in a network. It covers the major areas of vulnerability for operating systems such as Windows 2000 and Linux. It shows how built-in security features can be activated, how to configure password settings, and how to set permissions on files, folders, and shares.  

Objectives:

  • Describe the most widely-used industry security standards
  • List the key vulnerabilities of Windows 2000 and Linux operating systems
  • Describe the built-in security features of Windows 2000
  • Use Pluggable Authentication Modules to improve authentication on Linux systems
  • Configure password settings for improved security
  • Set permissions on files, folders and shares  

Topics:

  • Security principles
  • Evaluation criteria
  • Security levels and mechanisms
  • Windows 2000 security
  • Windows 2000 security architecture
  • Linux security
  • Pluggable authentication modules
  • Passwords
  • Verifying system state
  • Protecting accounts
  • Password aging in Linux
  • Windows 2000 file systems
  • Remote file access
  • Linux file systems    

Learning Segment 6 : Assessing and Reducing Risk    

This learning segment examines specific modifications to harden UNIX and Windows-based operating systems, including changes to the Windows Registry and UNIX rlogin, NIS, and NFS.  

Objectives:

  • Identify general and specific operating system attacks
  • Describe the function of a keylogger program
  • Scan a system to view its services and assess security risks
  • Explain Linux security concerns including rlogin, NIS, and NFS
  • Explain the purpose and importance of system patches and fixes
  • Modify the Windows 2000 Registry to increase security
  • Lock down and remove services for effective security in Windows 2000 and Linux  

Topics:

  • Assessing risk
  • Keyloggers
  • System port scanning
  • UNIX security vulnerabilities
  • NIS security concerns
  • NFS security concerns
  • Patching and changing defaultsWindows 2000 registry security
  • Disabling Windows 2000 services
  • Securing network connectivity
  • Reducing risk in Linux systems      

Learning Segment 7 : Security Auditing    

This learning segment provides basic information on security auditing concepts, methods, and applications. It covers several categories of auditing software, including DNS utilities, ping and port scanners, network discovery applications, and enterprise-grade vulnerability scanners.  

Objectives:

  • Describe the activities of auditors in their various roles, including that of security manager, consultant, and insider
  • List and describe the three basic stages of a security audit
  • Identify and utilize auditing software, including DNS utilities, ping and port scanners, and enterprise-grade vulnerability scanners
  • Classify information revealed during audits  

Topics:

  • Introduction to auditingAuditor roles
  • Risk assessment
  • Audit stages
  • Security scans
  • Network discovery applications
  • Enterprise-grade audit applications
  • Using audit applications
  • Social engineering
  • Basic audit information   

Learning Segment 8 : Auditing and the Control Phase    

This learning segment examines each type of attack with respect to auditing. It covers the file locations used by root kits, as well as methods of penetration and the goals a hacker has during the control phase. It also covers illicit servers.  

Objectives:

  • Identify common targets of attack
  • Discuss penetration strategies and methods
  • List potential physical, OS, and TCP/IP stack attacks
  • Identify and analyze specific brute-force and DoS attacks
  • Implement methods designed to thwart penetration
  • Define control procedures
  • Identify control methodsList ways to document control procedures and methods  

Topics:

  • Network penetration
  • Common targets
  • System bugs
  • Denial-of-service attacks
  • Combined attack strategies
  • Identifying attacks
  • Network control
  • UNIX and Windows 2000 file locations
  • UNIX passwords
  • Control methods
  • Back Orifice
  • Net
  • Bus
  • Adding administrative accounts    

Learning Segment 9 : Attack Detection and Response    

This learning segment provides information on how to detect, distract, and deter hacker activity, and suggests ways to create a security and response policy.  

Objectives:

  • Deter and distract hackers using proactive detection techniques
  • Describe the different types of IDS architectures
  • Audit and create rules using eTrust
  • Audit your network using Snort
  • Create and implement a response policy  

Topics:

  • Proactive detection
  • Distracting the hacker
  • Deterring the hacker
  • Intrusion detection
  • Intrusion detection architecture
  • IDS rules and actions
  • Intrusion detection software
  • Auditing with eTrust
  • Creating rules in eTrust
  • Auditing with Snort
  • Planning for response
  • Documentation and assessmen
  • tExecuting the response plan    

Learning Segment 10 : Auditing and Log Analysis    

This learning segment provides information on how to define a baseline of network performance for security auditing, analyse log files, create a network security assessment report, and suggest ways to improve compliance to a security policy.  

Objectives:

  • Audit network activity in Windows NT/2000 and Linux
  • Use log analysis to identify suspicious network activity
  • Create a security audit report
  • Recommend steps for improving security compliance
  • Enable proactive detection of security problems
  • Configure a personal firewall
  • Use SSH for data security and authentication  

Topics:

  • Log analysis
  • Firewall and router logs
  • Operating system logs
  • Filtering logs
  • Suspicious activity
  • Additional logs
  • Log auditing tools
  • Generating reports
  • Auditing recommendations
  • Creating the assessment report
  • Improving compliance
  • Improving router security
  • Enabling proactive detection
  • Host auditing solutions
  • Personal firewalls
  • Replacing and updating services
  • Secure shell

Features:

  • Flash and audio provide animated, interactive Lesson Introductions, Activities, and Simulations.
  • Simulations teach learners to perform specific tasks in applications through guided, multi-step exercises.
  • Activities allow learners to apply course concepts in an interactive questioning environment.
  • Exercises allow learners to practice in the actual application being studied.
  • Supplied sample files include sample documents, application files, programs, and programming code that enable learners to practice with these files, enhancing the learning experience.
  • A Course Topics list contains active hyperlinks, permitting quick access to specific topics.
  • Find-A-Word allows learners to look up an unfamiliar term in the Glossary, on the Web, or in a dictionary. In addition, it lets them find other occurrences of the term in the same course.
  • Search text enables learners to rapidly search all text within a course to easily retrieve information required.
  • Courses challenge the learner with a variety of question formats, including multi-step simulations, true/false, multiple choice, and fill-in-the-blank.
  • A skill assessment generates a customized learning path based on the results of a pre-test.
  • A glossary provides a reference for definitions of unfamiliar terms.
  • Bookmarking tracks the learner's progress in a course.  

Technical Requirements:

P500+ Processor, 128MB of RAM; Windows 2000, 2003, XP, Minimum screen resolution 800x600, Internet Explorer 5.5 or higher; Windows Media Player 9.0 or higher; Flash 8.0 or higher; 56K minimum connection; broadband (256 kpbs or higher) connection recommended; Cookies enabled; Sound card with speakers or headphones strongly recommended.

Share This
Avg. Customer Rating: 12345 (0)
Rate This item: Saved
1 2 3 4 5
Share:
  • Digg
  • del.icio.us
  • Mixx
  • Google
  • Facebook
  • LinkedIn
  • YahooMyWeb
  • StumbleUpon
  • Technorati
  • TwitThis
FREE COURSES
Free Trial to 1000 Courses
Get FREE Access to Over 1000 Video Training Courses

* indicates a required field
 
TESTIMONIALS
Raj Odedra passed his MCSE in just six months! "I Passed my MCSE in Just Six Months!"
Raj Odedra
read more
 
 
copyright © nhanced learning. All Rights Reserved.