CIW Security 1D0-470 - Online Course

This series is designed to prepare the student to pass the Certified Internet Webmaster (CIW) Security 1D0-470 exam. It helps the student achieve proficiency in identifying security threats, developing countermeasures, and using firewall systems and attack recognition technologies. It covers the fundamental concepts and principles of network security, and it describes the most common types of attacks that can occur. It covers basic networking models, such as TCP/IP and the OSI reference model, and it explains the security vulnerabilities of protocols used at each layer in the model. It also covers the basic tools and procedures used to protect a network, including firewalls, encryption, auditing, and log analysis.

This series is for professionals who wish to learn more about network security and those wanting to attain Certified Internet Webmaster certification on the CIW Security 1D0-470 exam. This online course contains 10 lessons and should take approximately 39 hours to complete.

Lesson 1: Security Fundamentals (4.0) hours

Security Fundamentals teaches you how to list the basic elements of a security matrix, explain the types of security threats that are now common, and describe the most common elements of a security system, including encryption, authentication, access control lists, execution control lists, and auditing. This course covers basic security concepts and principles. It introduces the major elements that go into a security implementation, including encryption, authentication, access control lists, execution control lists, and auditing. Topics include What is security?, A security matrix, Assessing the threat, Security standards, Elements of security, The security policy, Encryption, Authentication, Access control, Execution Control Lists, Auditing, Common security principles, Multiple layers, Enforcement and training, Security management, and Physical security.

Lesson 2: Attack Types and Encryption (4.0) hours

Attack Types and Encryption teaches you how to explain the e-mail encryption process and its components, explain the differences between SSL and S-HTTP, use common applications to encrypt messages and files, list and describe the categories of security attack: brute force/dictionary, buffer overflow, Trojan, DOS/DDOS, and man in the middle, and list methods of preventing each type of attack. This course provides a detailed introduction to the encryption process for e-mail and other Internet applications, including the interaction of symmetric, asymmetric (public key), and hash encryption, SSL, and S-HTTP. It also provides an introduction to security attacks and how they can be prevented. Topics include Applied encryption, Symmetric-key encryption, Asymmetric encryption, Applied packet-filtering, E-mail encryption applications, File and Web encryption applications, Brute force and dictionary attacks, System bugs, back doors, and Trojans, and Social engineering and non-direct attacks.

Lesson 3: Protocol Layers and Security (3.0) hours

Protocol Layers and Security teaches you how to describe the TCP/IP protocol stack, diagram the OSI reference model and explain how it functions, list protocols used at the Network, Transport, and Application layers of each model, identify the major security vulnerabilities of network protocols, list basic steps you can take to protect network services, identify the security vulnerabilities of e-mail servers, and explain the processes used for security testing. This course covers the basic models used to conceptualize network communications, including the TCP/IP and OSI reference models. It provides information on the protocols used at each layer of the model and how hackers commonly exploit network protocols. It also explains how to perform security testing on existing and new systems. Topics include TCP/IP security, The OSI reference model, Transport layer, Application layer, Implementing TCP/IP security, Protecting TCP/IP services, Simple Mail Transfer Protocol, Testing and evaluating, and Security testing software.

Lesson 4: Firewalls (4.0) hours

Firewalls teaches you how to explain the role and purpose of a firewall, distinguish between packet-filters, application-layer proxies, and circuit-level proxies, describe the role and possible configurations of a bastion host, outline how PKI works, write rules for a basic packet filter, describe the four basic firewall designs and discuss their advantages and disadvantages, use WinRoute to configure NAT or a proxy on a Windows machine, and use Ipchains and Iptables to configure packet-filtering on Linux. This course introduces users to firewall and VPN design. Basic firewall concepts are covered including bastion hosts, packet filters, screening routers, and proxies. Topics include The role of firewalls, Firewall concepts, Packet filter rules, Applying packet filters, Configuring proxy servers, Remote access and virtual private networks, Public key infrastructure, Designing a firewall, Hardware issues, Common firewall designs, and Implementing a firewall strategy.

Lesson 5: Operating System Security (5.0) hours

Operating System Security teaches you how to describe the most widely-used industry security standards, list the key vulnerabilities of Windows 2000 and Linux operating systems, describe the built-in security features of Windows 2000, use Pluggable Authentication Modules to improve authentication on Linux systems, configure password settings for improved security, and set permissions on files, folders and shares. This course introduces security issues that arise at the operating system level in a network. It covers the major areas of vulnerability for operating systems such as Windows 2000 and Linux. It shows how built-in security features can be activated, how to configure password settings, and how to set permissions on files, folders, and shares. Topics include Security principles, Evaluation criteria, Security levels and mechanisms, Windows 2000 security, Windows 2000 security architecture, Linux security, Pluggable authentication modules, Passwords, Verifying system state, Protecting accounts, Password aging in Linux, Windows 2000 file systems, Remote file access, and Linux file systems.

Lesson 6: Assessing and Reducing Risk (4.0) hours

Assessing and Reducing Risk teaches you how to identify general and specific operating system attacks, describe the function of a keylogger program, scan a system to view its services and assess security risks, explain Linux security concerns including rlogin, NIS, and NFS, explain the purpose and importance of system patches and fixes, modify the Windows 2000 Registry to increase security, and lock down and remove services for effective security in Windows 2000 and Linux. This course examines specific modifications to harden UNIX and Windows-based operating systems, including changes to the Windows Registry and UNIX rlogin, NIS, and NFS. Topics include Assessing risk, Keyloggers, System port scanning, UNIX security vulnerabilities, NIS security concerns, NFS security concerns, Patching and changing defaults, Windows 2000 registry security, Disabling Windows 2000 services, Securing network connectivity, and Reducing risk in Linux systems.

Lesson 7: Security Auditing (3.0) hours

Security Auditing teaches you how to describe the activities of auditors in their various roles, including that of security manager, consultant, and insider, list and describe the three basic stages of a security audit, identify and utilize auditing software, including DNS utilities, ping and port scanners, and enterprise-grade vulnerability scanners, and classify information revealed during audits. This course provides basic information on security auditing concepts, methods, and applications. It covers several categories of auditing software, including DNS utilities, ping and port scanners, network discovery applications, and enterprise-grade vulnerability scanners. Topics include Introduction to auditing, Auditor roles, Risk assessment, Audit stages, Security scans, Network discovery applications, Enterprise-grade audit applications, Using audit applications, Social engineering, and Basic audit information.

Lesson 8: Auditing and the Control Phase (5.0) hours

Auditing and the Control Phase teaches you how to identify common targets of attack, discuss penetration strategies and methods, list potential physical, OS, and TCP/IP stack attacks, identify and analyze specific brute-force and DoS attacks, implement methods designed to thwart penetration, define control procedures, identify control methods, and list ways to document control procedures and methods. This course examines each type of attack with respect to auditing. It covers the file locations used by root kits, as well as methods of penetration and the goals a hacker has during the control phase. It also covers illicit servers. Topics include Network penetration, Common targets, System bugs, Denial-of-service attacks, Combined attack strategies, Identifying attacks, Network control, UNIX and Windows 2000 file locations, UNIX passwords, Control methods, Back Orifice, NetBus, and Adding administrative accounts.

Lesson 9: Attack Detection and Response (3.0) hours

Attack Detection and Response teaches you how to deter and distract hackers using proactive detection techniques, describe the different types of IDS architectures, audit and create rules using eTrust, audit your network using Snort, and create and implement a response policy. This course provides information on how to detect, distract, and deter hacker activity, and suggests ways to create a security and response policy. Topics include Proactive detection, Distracting the hacker, Deterring the hacker, Intrusion detection, Intrusion detection architecture, IDS rules and actions, Intrusion detection software, Auditing with eTrust, Creating rules in eTrust, Auditing with Snort, Planning for response, Documentation and assessment, and Executing the response plan.

Lesson 10: Auditing and Log Analysis (4.0) hours

Auditing and Log Analysis teaches you how to audit network activity in Windows NT/2000 and Linux, use log analysis to identify suspicious network activity, create a security audit report, recommend steps for improving security compliance, enable proactive detection of security problems, configure a personal firewall, and use SSH for data security and authentication. This course provides information on how to define a baseline of network performance for security auditing, analyze log files, create a network security assessment report, and suggest ways to improve compliance to a security policy. Topics include Log analysis, Firewall and router logs, Operating system logs, Filtering logs, Suspicious activity, Additional logs, Log auditing tools, Generating reports, Auditing recommendations, Creating the assessment report, Improving compliance, Improving router security, Enabling proactive detection, Host auditing solutions, Personal firewalls, Replacing and updating services, and Secure shell.