1D0-470
Nov 02,2006 00:00 by NaT-Server

(1D0-470) Security Professional

SYNOPSIS • CIW Professional vs • CIW Security Analyst vs • Master CIW Administrator vs

CIW’s exam 1D0-470, “CIW Security Professional” is an elective requirement for the CIW Professional certification, and one of the requirements for the Master CIW Administrator certification.

It is designed for candidates who “are responsible for the implementation of e-business security policies and technologies.” These candidates typically fulfill these roles: network server administrators, firewall administrators, systems administrators, application developers and IT security officers.
The prerequisites for this exam are: 1) to fill out the on-line CIW Certification Agreement; 2) to hold the CIW Associate certification; 3) to pass exam 1D0-450, CIW Server Administrator; and 4) to pass exam 1D0-460, CIW Internetworking Professional.

This exam, which is offered in English and Japanese, is easy to moderately difficult and costs $125 USD. It may be taken from Pearson Vue or Thomson Prometric.

The pass score for this form-based multiple choice exam is 75%, with a minimum score of 70% for each of these modules: Network Security and Firewalls, Operating Systems Security and Security Auditing, Attacks and Threat Analysis. There are 60 questions and the exam has a duration of 75 minutes.

The topics covered by this exam include:

  • Network perimeter security and elements of an effective security policy
  • Encryption, including the three main encryption methods used in internetworking
  • Universal guidelines and principles for effective network security, as well as guidelines to create effective specific solutions
  • Security principles and security attack identification
  • Firewall types and common firewall terminology
  • Firewall system planning including levels of protection
  • Network firewall deployment
  • Network security including industry security evaluation criteria and guidelines used to determine three security levels
  • Mechanisms used to implement security systems, tools to evaluate key security parameters, techniques for security accounts, and threats to Windows 2000 and UNIX systems
  • Permissions identification, assignment and usage, system defaults, and security commands
  • System patches and fixes including application of system patches
  • Windows 2000 Registry modifications, including lockdown and removal of services for effective security in Windows 2000 and Linux
  • Security auditing principles, security auditor's chief duties and network risk factor assessment
  • Security auditing and discovery processes, audit plans, and network-based and host-based discovery software
  • Penetration strategies and methods, including identification of potential attacks
  • User activities baseline, log analysis, and auditing of various activities
  • Security policy compliance and assessment reports
  • Operating system add-ons, including personal firewalls and native auditing

For more information:
http://www.ciwcertified.com/exams/1d0470.asp?comm=home&llm=3