Replacew/NGE87078CIW Security Professional Part 4: Security Auditing and Attack Techniques

Course Code NGE87014

Contents

1. Contents
2. Description
3. Audience
4. Prerequisites
5. Objectives
6. Topics Include
7. Duration
8. Minimum Requirements
9. Media

Screenshot

Description

This is the fourth course in a five part series that teaches students about the role of the security auditor, discovery methods that can be used to find weaknesses, auditing server penetration and attack techniques, and the steps of the control phase.

Audience

The target audiences for this course are, System Administrators, Application Developers, Firewall Administrators, and IT Security Officers. Students must have CIW Foundations certification or equivalent experience, as well pass the CIW Server Administrator and CIW Internetworking Professional exams or have equivalent skills. In addition, students should have taken the first three parts in this series (87011-87013). This course is an approved study guide that will help Certified Internet Webmaster (CIW) candidates prepare for exam 1D0-470.

Prerequisites

(Currently no course prerequisite information)

Objective

• Identify auditing the security of a network.
• Identify the risk assessment process.
• Identify basic securityscanning techniques and enterprisegrade auditing applications.
• Identify the categories of security information that help a security auditor determine the security requirements of a network.
• Identify the network targets and related threats.
• Identify server penetration.
• Identify the control phase of auditing.
• Identify various hacking tools.

Topics Include

Unit 1: Security Auditing

• Identify the benefits obtained by auditing security in a specific situation.
• Identify the actions that conform to the role that a security auditor performs in a given situation.
• Identify the situation that depicts the complete risk assessment process.
• Identify the risk assessment activities performed by a security auditor in a specific situation.

Unit 2: Network Vulnerability: Discovery

• Identify the network discovery tool that provides network information in a specific situation.
• Identify the network discovery service that provides network information in a specific situation.
• Scan network elements by using WS_Ping ProPack.
• Configure NetXRay to capture packets by using the Filter Settings dialog box.
• Capture unique protocol packets by using NetXRay.
• Match enterprise-grade applications with the situations in which they are used.
• Identify the feature of Axent NetRecon that is used to achieve a specified result.
• Scan a host by using Axent NetRecon.
• Identify the part of an Axent NetRecon report that provides the specified information.
• Scan a host by using ISS Internet Scanner.
• Match the type of ISS Internet Scanner report with the situation in which it is used.
• Match the scenarios that provide network security information with the decisions that a security auditor can make.
• Match the scenarios that provide host security information with the decisions that a security auditor can make.

Unit 3: Network: Penetration

• Match the common penetration attacks with actions to prevent these attacks.
• Identify the hacker attacks that can result from loopholes in specific network components.
• Match the types of penetration audits with the situations in which they are used.
• Identify the penetration strategy being used in a specific situation.
• Identify the penetration attack that is involved in a specific situation.

Unit 4: Network: Control

• Match a situation with the threat of hacking involved in that situation.
• Discover the passwords stored on a Windows NT computer by using L0pht.
• Discover the passwords stored on a Linux computer by using John the Ripper.
• Identify the activities that follow the guidelines to prevent a hacker from controlling a network.
• Identify characteristics that depict a NetBus attack in a specific situation.
• Identify characteristics that depict a BackOrifice attack in a specific situation.

Duration

8

Minimum Requirements

The CDROM version of this course requires:

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).
• At least a double speed CDROM drive.
• An MPC compliant sound card with attached speakers or headphones is recommended (Currently, only the CDROM version supports audio).

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM and 22MB available hard disk space or file server space.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).

Media