SKILLS MEASURED
A CIW Security Professional implements security policy, identifies security threats, and develops countermeasures using firewall systems and attack-recognition technologies. This individual is responsible for managing the deployment of e-business transaction and payment security solutions. Skills measured in the 1D0-470 exam include but are not limited to:
Network perimeter security and elements of an effective security policy.
edit
Encryption, including the three main encryption methods used in internetworking.
edit
Universal guidelines and principles for effective network security, as well as guidelines to create effective specific solutions.
edit
Security principles and security attack identification.
edit
Firewall types and common firewall terminology.
edit
Firewall system planning including levels of protection.
edit
Network firewall deployment.
edit
Network security including industry security evaluation criteria and guidelines used to determine three security levels.
edit
Permissions identification, assignment and usage, system defaults, and security commands.
edit
System patches and fixes including application of system patches.
edit
Windows 2000 Registry modifications, including lockdown and removal of services for effective security in Windows 2000 and Linux.
edit
Security auditing principles, security auditor's chief duties and network risk factor assessment.
edit
Security auditing and discovery processes, audit plans, and network-based and host-based discovery software.
edit
Penetration strategies and methods, including identification of potential attacks.
edit
User activities baseline, log analysis, and auditing of various activities.
edit
Security policy compliance and assessment reports.
edit
Operating system add-ons, including personal firewalls and native auditing.
edit