CIW Certification

skillport login|financing

CBT Direct offers you the most effective way to become a CIW Web Security Analyst. CBT Direct’s ClassWare for CIW Web Security Analyst combines the convenience and affordability of computer-based training with the personal attention and effectiveness of instructor-led training for a complete study solution guaranteed to get you certified!*

• Convenient Anytime, Anywhere Training
• Money-back Certification Guarantee*
• 24-hour Online Mentoring from Certified Advisors
• Email Access to IT Courseware Specialists
• Hands-on Interactive Exercises
• Practice Assessment Tests
• Search and Learn Across all Course Material

CIW CERTIFICATION MEANS SUCCESS!

Professional Internet organizations including the Association of Internet Professionals (AIP) and the International Webmasters Association (IWA) have come together to endorse CIW certification to meet the IT industry need for a standardized webmaster certification.

The CIW Site Designer course provides you with all the training and practice you need to pass the CIW Web Security Analyst exam. As a CIW Web Security Analyst, you will have the skills and knowledge needed to implement e-business security policies, identify security threats, develop countermeasures using firewall systems and attack-recognition technologies and manage deployment of security solutions. Along with these skills come increased job opportunities and financial rewards.

CIW WEB SECURITY ANALYST CURRICULUM

 

PLEASE NOTE: Prerequisite

In order to sit for this exam, you must hold one (1) of the following certification titles: MCSA, MCSE 2000 or 2003, CNE, CCNP, CCNA, CCIE or LPI Level 2.

Exam 1D0-470: Certified Internet Web Security Analyst Exam

I. Introduction to Security in Networked Environments

Explain the basic concepts of security

Discuss the principles of information security

Detail some important elements of security

List and explain the recognized industry standards and recommendations that address information and network security

Describe the elements that comprise a typical security policy in the workplace

Discuss the responsibilities of users and correct user response to security incidents

Describe threats to information security and network infrastructure

Explain how different types of denial-of-service attacks affect a network

Detail threats that arise specifically from hackers

Set up and monitor a Telnet session using a protocol analyzer

II. Encryption Technologies

Outline the history of encryption and the reasons why encryption is important

Outline the principles of symmetric encryption

Explain what a block cipher is and identify the algorithms that use them

Discuss the fundamentals of asymmetric encryption

Explain the functionality of hashes and message functions in protecting the integrity of encrypted data

Describe the processes involved in symmetric and asymmetric encryption

Outline the different methods of managing encryption keys

Discuss some practical applications of encryption

Implement a secure encryption scheme on a computer

Exchange encrypted e-mails

Explain the use of certificates for trusted secure public-key implementation

Describe revocation and nonrepudiation of public-key certificates

Discuss the X.509 standard for public-key certificates

Describe public-key infrastructure and Secure Electronic Transactions (SETs)

Outline certificate practices, policies, and paths

III. Firewalls and VPNs

Discuss the requirement for firewalls and their basic principles

Explain how a packet filter operates

Explain the difference between application-level and circuit-level gateways

Recognize different types of firewall technologies

Explain where to deploy a firewall in a network

List advanced security features associated with modern firewalls

Implement appropriate firewalls for specified scenarios

Explain the technologies used to implement VPNs for secure WAN communications

Detail the features of a VPN solution for secure remote connectivity

Implement a VPN solution for secure remote access

IV. Securing Access to Networks

Define the principles of authentication and discuss authentication methods

Outline the use of authentication on local networks and for remote users

Discuss the operation of Single Sign-On authentication

Explain the features and operation of Kerberos

Outline the RADIUS authentication mechanism

Explain the authentication mechanisms used in PPP

Determine when and where to use different authentication mechanisms

Outline the TACACS+ authentication mechanism and compare it to the RADIUS authentication mechanism

V. Intrusion Detection and Response in Networked Environments

Identify common targets for attack on a network

Discuss how to respond to potential combined attacks against a network

Discuss how to counteract IP-based attacks

Run a check for suspicious ports on a networked computer

Discuss the principles of detecting network intruders

Describe how to distract network intruders and limit the damage they can cause

Set up a decoy account and monitor both failed and successful login attempts

Describe the characteristics and features of intrusion detection systems

Describe the different types of intrusion detection mechanisms

Discuss the deployment of intrusion detection systems

Discuss how to respond to and manage computer-related security incidents

Recognize the functionality and deployment issues of intrusion detection

VI. Security Analysis and Auditing in Networked Environments

Describe the importance of risk assessment and auditing to network security

Discuss footprinting and network discovery tools

Explain how system scanners work

Describe how intruders access and take control of network resources

Describe the importance of auditing file system changes to monitor security breaches

Explain how to prevent intruders taking control of resources on a network

Use NetBus to execute applications and capture information

Detail different security log types and analyze their contents

Describe how to filter, store, and manage log files

Discuss audit assessment reports and compliance

Use tactics to detect unauthorized access to a Linux system

Enable and utilize a security log file

Discuss security standards

Describe how to make improvements to network security based on security audit feedback

Describe how to assess security requirements based on audit feedback

VII. Operating System and File Security Issues

Describe Windows NT and Windows 2000 security issues

Describe UNIX security issues

Identify the threats to system security, both intentional and unintentional

Run a security scan on a networked workstation

Outline the main components of OS security

Explain changes that can be made to an OS to make it more secure

Discuss Windows 2000 Registry security

Perform tasks to improve the security of the Windows OS

Describe file system and share security in Windows 2000

Describe different methods of securing accounts in Windows

Describe different methods of securing accounts in UNIX

Discuss the security implications of creating and maintaining groups or users

Implement auditing and specify password policies in Windows

 

 

Recommended System Requirements:

• Intel® Pentium® 90 MHz processor or greater
• 64 MB RAM recommended if using Windows 95, 98; 128 MB if using Windows 2000, XP
• Connection speed of 40 Kbps minimum, 56 Kbps recommended
• Windows® 95, 98, 2000, NT or XP
• Valid Email address
• Supported browser versions: Internet Explorer (4.01 SP2 to 6.x), Netscape Communicator 4.7 or >
• Allow cookies

CBT Direct

(800) 653-4933

CBT Direct, LLC

25400 US Hwy 19 N., #285, Clearwater, FL 33763

(727) 724-8994   Fax: (727) 726-6922

 

Contact:

CBT Direct training is covered by a 120-day certification warranty. You must pass the corresponding CertBlaster pre-test certification mode exam(s) for this course before taking the corresponding certification exam. If you fail the same exam covered by CBT Direct training on two (2) attempts within 120 days of purchase and fax in your results of both the CertBlaster and the certification exam(s), a refund will be issued for the corresponding training package. For courses with no CertBlaster available, you still must fail the certification exam on two attempts [five (5) days must elapse between first and second attempt] within the 120 days of purchase and fax your results of the certification exams and a refund will be issued for the corresponding training package. If your purchase includes 2 (two) or more courses, this warranty only applies to your first certification exam.

Note where applicable: Practice questions are of similar type, but not identical to the actual certification questions.

Copyright © 2005 CBT Direct, LLC. All rights reserved. CBT Direct is a SkillSoft Learning Partner. SkillSoft's courses meet requirements set by certifying vendors for partner status. All other trademarks and logos are properties of their respective owners.

ff.ciwwebsecurityanalyst101205

Boldface fields required.

I am a...

Corporate User. Personal User.

First name

Last name

Company Name

Work Phone

Alt Phone

E-mail Address

Postal Code

State Outside N. AmericaALABAMAALASKAALBERTAARIZONAARKANSASARMED FORCES AMERICAARMED FORCES CANADAARMED FORCES PACIFICBRITISH COLUMBIACALIFORNIACOLORADOCONNECTICUTDELAWAREFLORIDAGEORGIAHAWAIIIDAHOILLINOISINDIANAIOWAKANSASKENTUCKYLOUISIANAMAINEMANITOBAMARYLANDMASSACHUSETTSMICHIGANMINNESOTAMISSISSIPPIMISSOURIMONTANANEBRASKANEVADANEW BRUNSWICKNEW HAMPSHIRENEW JERSEYNEW MEXICONEW YORKNEWFOUNDLANDNORTH CAROLINANORTH DAKOTANORTHWEST TERRITORIESNOVA SCOTIAOHIOOKLAHOMAONTARIOOREGONPENNSYLVANIAPRINCE EDWARD ISLANDPUERTO RICOQUEBECRHODE ISLANDSASKATCHEWANSOUTH CAROLINASOUTH DAKOTATENNESSEETEXASUTAHVERMONTVIRGIN ISLANDSVIRGINIAWASHINGTONWashington DCWEST VIRGINIAWISCONSINWYOMINGYUKON

Country United States AfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia-HerzegovinaBotswanaBouvet IslandBrazilBritish Indian OceanBrunei DarussalamBulgariaBurkina FasoBurmaBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos IslandsColombiaComorosCongoCook IslandsCosta RicaCroatiaCubaCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland IslandsFaroe IslandsFIJI ISLANDSFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGaza StripGeorgiaGermanyGhanaGibraltarGREAT BRITAINGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsraelItalyIvory CoastJamaicaJapanJordanKazakhstanKenyaKiribatiKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLiechtensteinLithuaniaLuxembourgLybiaMacauMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesiaMoldovaMonacoMongoliaMontserratMoroccoMozambiqueNamibiaNauruNepalNetherlandsNetherlands AntillesNeutral ZoneNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorth Korea Northern Mariana IslandsNorwayOmanPakistanPalauPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarReunionRomaniaRussiaRwandaSaint HelenaSaint Kitts and NevisSaint LuciaSaint Pierre and MiquelonSaint Vincent and The GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSeychellesSierra LeoneSingaporeSLOVAK REPUBLICSloveniaSolomon IslandsSomaliaSouth AfricaSouth KoreaSpainSri LankaSudanSurinameSvalbard and Jan MayenSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUgandaUkraineUnited Arab EmiratesUnited Kingdom (Great Britain)United StatesUruguayUzbekistanVanuatuVatican City StateVenezuelaVietnamVirgin Islands (British)Virgin Islands (U.S.)Wallis And Futuna IslandsWestern SaharaYemenYugoslaviaZaireZambiaZimbabwe

You will be contacted regarding: complete course details and demos, blended learning options, and promotional pricing.

You will also be registered to receive our informative email newsletter, new product offers and special discount pricing from CBT Direct. CBT Direct has a strong commitment to providing excellent service to all who visit this website. At CBT Direct, meeting your needs and expectations forms the foundation of everything we do. Protection of your privacy is paramount. Any information you share with us will be treated with care. We will not share your personal information with any third parties.