Course Index • Information Technology - IT • CIW Security 1D0-470

CIW Security 1D0-470 Course

A Distance Learning Course of 1 Lesson

Course Description

This series is designed to prepare the student to pass the Certified Internet Webmaster (CIW) Security 1D0-470 exam. It helps the student achieve proficiency in identifying security threats, developing countermeasures, and using firewall systems and attack recognition technologies. It covers the fundamental concepts and principles of network security, and it describes the most common types of attacks that can occur. It covers basic networking models, such as TCP/IP and the OSI reference model, and it explains the security vulnerabilities of protocols used at each layer in the model. It also covers the basic tools and procedures used to protect a network, including firewalls, encryption, auditing, and log analysis.

Course Syllabus

SECURITY FUNDAMENTALS

Covers basic security concepts and principles. It introduces the major elements that go into a security implementation, including encryption, authentication, access control lists, execution control lists, and auditing.

What is security?
A security matrix
Assessing the threat
Security standards
Elements of security
The security policy
Encryption
Authentication
Access control
Execution Control Lists
Auditing
Common security principles
Multiple layers
Enforcement and training
Security management
Physical security

ATTACK TYPES AND ENCRYPTION

Provides a detailed introduction to the encryption process for e-mail and other Internet applications, including the interaction of symmetric, asymmetric (public key), and hash encryption, SSL, and S-HTTP. It also provides an introduction to security attacks and how they can be prevented.

Applied encryption
Symmetric-key encryption
Asymmetric encryption
Applied packet-filtering
E-mail encryption applications
File and Web encryption applications
Brute force and dictionary attacks
System bugs, back doors, and Trojans
Social engineering and non-direct attacks

PROTOCOL LAYERS AND SECURITY

Covers the basic models used to conceptualize network communications, including the TCP/IP and OSI reference models. It provides information on the protocols used at each layer of the model and how hackers commonly exploit network protocols. It also explains how to perform security testing on existing and new systems.

TCP/IP security
The OSI reference model
Transport layer
Application layer
Implementing TCP/IP security
Protecting TCP/IP services
Simple Mail Transfer Protocol
Testing and evaluating
Security testing software

FIREWALLS

Introduces users to firewall and VPN design. Basic firewall concepts are covered including bastion hosts, packet filters, screening routers, and proxies.

The role of firewalls
Firewall concepts
Packet filter rules
Applying packet filters
Configuring proxy servers
Remote access and virtual private networks
Public key infrastructure
Designing a firewall
Hardware issues
Common firewall designs
Implementing a firewall strategy

OPERATING SYSTEM SECURITY

Introduces security issues that arise at the operating system level in a network. It covers the major areas of vulnerability for operating systems such as Windows 2000 and Linux. It shows how built-in security features can be activated, how to configure password settings, and how to set permissions on files, folders, and shares.

Security principles
Evaluation criteria
Security levels and mechanisms
Windows 2000 security
Windows 2000 security architecture
Linux security
Pluggable authentication modules
Passwords
Verifying system state
Protecting accounts
Password aging in Linux
Windows 2000 file systems
Remote file access
Linux file systems

ASSESSING AND REDUCING RISK

Examines specific modifications to harden UNIX and Windows-based operating systems, including changes to the Windows Registry and UNIX rlogin, NIS, and NFS.

Assessing risk
Keyloggers
System port scanning
UNIX security vulnerabilities
NIS security concerns
NFS security concerns
Patching and changing defaults
Windows 2000 registry security
Disabling Windows 2000 services
Securing network connectivity
Reducing risk in Linux systems

SECURITY AUDITING

Provides basic information on security auditing concepts, methods, and applications. It covers several categories of auditing software, including DNS utilities, ping and port scanners, network discovery applications, and enterprise-grade vulnerability scanners.

Introduction to auditing
Auditor roles
Risk assessment
Audit stages
Security scans
Network discovery applications
Enterprise-grade audit applications
Using audit applications
Social engineering
Basic audit information

AUDITING AND THE CONTROL PHASE

Examines each type of attack with respect to auditing. It covers the file locations used by root kits, as well as methods of penetration and the goals a hacker has during the control phase. It also covers illicit servers.

Network penetration
Common targets
System bugs
Denial-of-service attacks
Combined attack strategies
Identifying attacks
Network control
UNIX and Windows 2000 file locations
UNIX passwords
Control methods
Back Orifice
NetBus
Adding administrative accounts

ATTACK DETECTION AND RESPONSE

Provides information on how to detect, distract, and deter hacker activity, and suggests ways to create a security and response policy.

Proactive detection
Distracting the hacker
Deterring the hacker
Intrusion detection
Intrusion detection architecture
IDS rules and actions
Intrusion detection software
Auditing with eTrust
Creating rules in eTrust
Auditing with Snort
Planning for response
Documentation and assessment
Executing the response plan

AUDITING AND LOG ANALYSIS

Provides information on how to define a baseline of network performance for security auditing, analyze log files, create a network security assessment report, and suggest ways to improve compliance to a security policy.

Log analysis
Firewall and router logs
Operating system logs
Filtering logs
Suspicious activity
Additional logs
Log auditing tools
Generating reports
Auditing recommendations
Creating the assessment report
Improving compliance
Improving router security
Enabling proactive detection
Host auditing solutions
Personal firewalls
Replacing and updating services
Secure shell

Qualifications

Printable Transcript

On completion of this course you may print a transcript off as evidence of your progression throughout the course.

Study Options

This course is an online course. With online study you have access to your entire course from the start of your studies. You can access your course materials, and submit all of your question papers to your personal tutor, online from anywhere in the World using your unique student account.

Fees

Online

£50.00

N/A

Studying Online. If you would like to study online we cannot accept payment for course fees in instalments, instead course fees must be paid in full at the point of enrolment. The reason for this is due to the fact that when you study online you have access to all of your course materials from the outset.

Requirements for Entry

There is no experience or previous qualifications required for enrolment on this course. It is available to all students, of all academic backgrounds.

Study Hours

This is only an approximate figure and is dependant upon how much time you can dedicate to your studies and how well you grasp the learning concepts in the course material. Furthermore, at the end of each lesson there is a question paper that needs to be completed and returned to your tutor. You should allow at least 1 - 2 hours of study to complete each question paper.

The approximate amount of time required to complete the course is: 40 hrs.

Additional Information

This course is different to other courses hosted on Elearnuk. The course is supplied by Stonebridge Associated Colleges in conjunction with Stonebridge IT School.

Once you have enrolled and paid for your course you will receive an email within 24-72 hours. The email will contain your username and password to login to your course.

CIW Security 1D0-470 Course

Registered Students