Course Contents

Remember, you can complete this CIW Web Security course within 160 hours of enrolling. So take your first step by contacting us today !

Detailed Content

• Network Security Background
• What Is Security?
• Hacker Statistics
• The Myth of 100-Percent Security
• Attributes of an Effective Security Matrix
• What You Are Trying to Protect
• Who Is the Threat?
• Security Standards

Back to top >>

• Security Elements and Mechanisms
• The Security Policy
• Determining Backups
• Encryption
• Authentication
• Specific Authentication Techniques
• Access Control
• Auditing
• Security Trade-offs and Drawbacks

Back to top >>

• Reasons to Use Encryption
• Creating Trust Relationships
• Symmetric-Key Encryption
• Symmetric Algorithms
• Asymmetric-Key Encryption
• One-Way (Hash) Encryption
• Applied Encryption Processes
• Encryption Review

Back to top >>

• Network Attack Categories
• Brute-Force and Dictionary Attacks
• System Bugs and Back Doors
• Malware (Malicious Software)
• Social Engineering Attacks
• Denial-of-Service (DOS) Attacks
• Distributed Denial-of-Service (DDOS) Attacks
• Spoofing Attacks
• Scanning Attacks
• Man-in-the-Middle Attacks
• Bots and Botnets
• SQL Injection
• Auditing

Back to top >>

• Networking Vulnerability Considerations
• Wireless Network Technologies and Security
• IEEE 802.11 Wireless Standards
• Wireless Networking Modes
• Wireless Application Protocol (WAP)
• Wireless Network Security Problems
• Wireless Network Security Solutions
• Site Surveys
• Convergence Networking and Security
• Web 2.0 Technologies
• Greynet Applications
• Vulnerabilities with Data at Rest
• Security Threats from Trusted Users
• Anonymous Downloads and Indiscriminate Link-Clicking

Back to top >>

• Common Security Principles
• Be Paranoid
• You Must Have a Security Policy
• No System or Technique Stands Alone
• Minimize the Damage
• Deploy Companywide Enforcement
• Provide Training
• Use an Integrated Security Strategy
• Place Equipment According to Needs
• Identify Security Business Issues
• Consider Physical Security

Back to top >>

• TCP/IP Security Introduction
• OSI Reference Model Review
• Data Encapsulation
• The TCP/IP Stack and the OSI Reference Model
• Link/Network Access Layer
• Network/Internet Layer
• Transport Layer
• Application Layer
• Protocol Analysers

Back to top >>

• TCP/IP Security Vulnerabilities
• Implementing Security
• Resources and Services
• Protecting TCP/IP Services
• Simple Mail Transfer Protocol (SMTP)
• Physical Security
• Testing Systems
• Security Testing Software
• Security and Repetition

Back to top >>

• Access Control Overview
• Definition and Description of a Firewall
• The Role of a Firewall
• Firewall Terminology
• Firewall Configuration Defaults
• Creating Packet Filter Rules
• Packet Filter Advantages and Disadvantages
• Configuring Proxy Servers
• URL Filtering
• Remote Access and Virtual Private Networks (VPNs)
• Public Key Infrastructure (PKI)

Back to top >>

• Designing a Firewall
• Types of Bastion Hosts
• Hardware Issues
• Common Firewall Designs
• Putting It All Together

Back to top >>

• Proactive Detection
• Distracting the Hacker
• Deterring the Hacker

Back to top >>

• Creating an Incident Response Policy
• Determining If an Attack Has Occurred
• Executing the Response Plan
• Analysing and Learning

Back to top >>

Get a FREE CIW Web Security brochure