• Home
• Login
• Corporate Sales
• Free Course Online
• Course List
• Features
• Resources
• About Us
• News
• Certification
• Contact Us

• Training Packages
• >>
• Web Development
• >>
• CIW Security 1D0-470

CIW Security 1D0-470 Training

This online training series is designed to prepare the student to pass the Certified Internet Webmaster (CIW) Security 1D0-470 exam. It helps the student achieve proficiency in identifying security threats, developing countermeasures, and using firewall systems and attack recognition technologies. It covers the fundamental concepts and principles of network security, and it describes the most common types of attacks that can occur. It covers basic networking models, such as TCP/IP and the OSI reference model, and it explains the security vulnerabilities of protocols used at each layer in the model. It also covers the basic tools and procedures used to protect a network, including firewalls, encryption, auditing, and log analysis.

This CIW Security 1D0-470 online training series provides 39 hours of self-paced courseware. This web-based training provides 1 year of unlimited access to all of the following lessons:

1 . Security Fundamentals
2 . Attack Types and Encryption
3 . Protocol Layers and Security
4 . Firewalls
5 . Operating System Security
6 . Assessing and Reducing Risk
7 . Security Auditing
8 . Auditing and the Control Phase
9 . Attack Detection and Response
10 . Auditing and Log Analysis

Lesson Detail:

Security Fundamentals
This course covers basic security concepts and principles. It introduces the major elements that go into a security implementation, including encryption, authentication, access control lists, execution control lists, and auditing.

• What is security?
• A security matrix
• Assessing the threat
• Security standards
• Elements of security
• The security policy
• Encryption
• Authentication
• Access control
• Execution Control Lists
• Auditing
• Common security principles
• Multiple layers
• Enforcement and training
• Security management
• Physical security

Attack Types and Encryption
This course provides a detailed introduction to the encryption process for e-mail and other Internet applications, including the interaction of symmetric, asymmetric (public key), and hash encryption, SSL, and S-HTTP. It also provides an introduction to security attacks and how they can be prevented.

• Applied encryption
• Symmetric-key encryption
• Asymmetric encryption
• Applied packet-filtering
• E-mail encryption applications
• File and Web encryption applications
• Brute force and dictionary attacks
• System bugs, back doors, and Trojans
• Social engineering and non-direct attacks

Protocol Layers and Security
This course covers the basic models used to conceptualize network communications, including the TCP/IP and OSI reference models. It provides information on the protocols used at each layer of the model and how hackers commonly exploit network protocols. It also explains how to perform security testing on existing and new systems.

• TCP/IP security
• The OSI reference model
• Transport layer
• Application layer
• Implementing TCP/IP security
• Protecting TCP/IP services
• Simple Mail Transfer Protocol
• Testing and evaluating
• Security testing software

Firewalls
This course introduces users to firewall and VPN design. Basic firewall concepts are covered including bastion hosts, packet filters, screening routers, and proxies.

• The role of firewalls
• Firewall concepts
• Packet filter rules
• Applying packet filters
• Configuring proxy servers
• Remote access and virtual private networks
• Public key infrastructure
• Designing a firewall
• Hardware issues
• Common firewall designs
• Implementing a firewall strategy

Operating System Security
This course introduces security issues that arise at the operating system level in a network. It covers the major areas of vulnerability for operating systems such as Windows 2000 and Linux. It shows how built-in security features can be activated, how to configure password settings, and how to set permissions on files, folders, and shares.

• Security principles
• Evaluation criteria
• Security levels and mechanisms
• Windows 2000 security
• Windows 2000 security architecture
• Linux security
• Pluggable authentication modules
• Passwords
• Verifying system state
• Protecting accounts
• Password aging in Linux
• Windows 2000 file systems
• Remote file access
• Linux file systems

Assessing and Reducing Risk
This course examines specific modifications to harden UNIX and Windows-based operating systems, including changes to the Windows Registry and UNIX rlogin, NIS, and NFS.

• Assessing risk
• Keyloggers
• System port scanning
• UNIX security vulnerabilities
• NIS security concerns
• NFS security concerns
• Patching and changing defaults
• Windows 2000 registry security
• Disabling Windows 2000 services
• Securing network connectivity
• Reducing risk in Linux systems

Security Auditing
This course provides basic information on security auditing concepts, methods, and applications. It covers several categories of auditing software, including DNS utilities, ping and port scanners, network discovery applications, and enterprise-grade vulnerability scanners.

• Introduction to auditing
• Auditor roles
• Risk assessment
• Audit stages
• Security scans
• Network discovery applications
• Enterprise-grade audit applications
• Using audit applications
• Social engineering
• Basic audit information

Auditing and the Control Phase
This course examines each type of attack with respect to auditing. It covers the file locations used by root kits, as well as methods of penetration and the goals a hacker has during the control phase. It also covers illicit servers.

• Network penetration
• Common targets
• System bugs
• Denial-of-service attacks
• Combined attack strategies
• Identifying attacks
• Network control
• UNIX and Windows 2000 file locations
• UNIX passwords
• Control methods
• Back Orifice
• NetBus
• Adding administrative accounts

Attack Detection and Response
This course provides information on how to detect, distract, and deter hacker activity, and suggests ways to create a security and response policy.

• Proactive detection
• Distracting the hacker
• Deterring the hacker
• Intrusion detection
• Intrusion detection architecture
• IDS rules and actions
• Intrusion detection software
• Auditing with eTrust
• Creating rules in eTrust
• Auditing with Snort
• Planning for response
• Documentation and assessment
• Executing the response plan

Auditing and Log Analysis
This course provides information on how to define a baseline of network performance for security auditing, analyze log files, create a network security assessment report, and suggest ways to improve compliance to a security policy.

• Log analysis
• Firewall and router logs
• Operating system logs
• Filtering logs
• Suspicious activity
• Additional logs
• Log auditing tools
• Generating reports
• Auditing recommendations
• Creating the assessment report
• Improving compliance
• Improving router security
• Enabling proactive detection
• Host auditing solutions
• Personal firewalls
• Replacing and updating services
• Secure shell

Certification:
CIW Security 1D0-470

Audience:
This online training series is for professionals who wish to learn more about network security and those wanting to attain Certified Internet Webmaster certification on the CIW Security 1D0-470 exam.

Features:

• Flash and audio provide animated, interactive Lesson Introductions, Activities, and Simulations.
• Simulations teach learners to perform specific tasks in applications through guided, multi-step exercises.
• Activities allow learners to apply course concepts in an interactive questioning environment.
• Exercises allow learners to practice in the actual application being studied.
• Supplied sample files include sample documents, application files, programs, and programming code that enable learners to practice with these files, enhancing the learning experience.
• A Course Topics list contains active hyperlinks, permitting quick access to specific topics.
• Find-A-Word allows learners to look up an unfamiliar term in the Glossary, on the Web, or in a dictionary. In addition, it lets them find other occurrences of the term in the same course.
• Search text enables learners to rapidly search all text within a course to easily retrieve information required.
• Courses challenge the learner with a variety of question formats, including multi-step simulations, true/false, multiple choice, and fill-in-the-blank.
• A skill assessment generates a customized learning path based on the results of a pre-test.
• A glossary provides a reference for definitions of unfamiliar terms.
• Bookmarking tracks the learner's progress in a course.

Technical Requirements:

• Internet connection
• Browser: Internet Explorer, FireFox, Chrome, Safari, Opera or any standards compliant browser.
• Authorware and Macromedia Flash player recommended but not required.
• JavaScript must be enabled.

What You Get:

You will receive Unlimited Access to all of the CIW Security 1D0-470 training tutorials listed above. Your online training courses will be available from anywhere you have internet access.This e-learning series includes all of the online training tutorials listed and is provided in an interactive, self-paced format. Retake any or all of our computer training as often as you want. Our online tutorials allow you to learn anywhere, anytime from any computer with internet access. All courses allow for 1 year unlimited access (1 user), include a variety of features and qualify for Continuing Education Unit credit.

StaffKit is a leader in providing online computer training tutorials and online education. We have customers use our online training courses in over 75 countries. StaffKit has been providing e-learning solutions for 10 years.

Web-Based Training Products:

Only $59.95   

You might also be interested in our Web Development Package which includes all of the CIW Security 1D0-470 training courses listed above plus hundreds of hours of related online training courses