InCert Network Security Professional Certificate Description for Candidates



Similar documents
NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

Security + Certification (ITSY 1076) Syllabus

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Networking: EC Council Network Security Administrator NSA

ICANWK406A Install, configure and test network security

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

IPv6 SECURITY. May The Government of the Hong Kong Special Administrative Region

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

Implementing Cisco IOS Network Security

How To Protect Your Network From Attack

IINS Implementing Cisco Network Security 3.0 (IINS)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Recommended IP Telephony Architecture

The following chart provides the breakdown of exam as to the weight of each section of the exam.

INFORMATION SECURITY TRAINING CATALOG (2015)

Implementing Cisco IOS Network Security v2.0 (IINS)

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

SonicWALL PCI 1.1 Implementation Guide

Network Access Security. Lesson 10

Information Security Basic Concepts

Cisco Certified Security Professional (CCSP)

Network Security Guidelines. e-governance

CMPT 471 Networking II

Payment Card Industry (PCI) Data Security Standard

Securing Cisco Network Devices (SND)

Bachelor of Information Technology (Network Security)

CTS2134 Introduction to Networking. Module Network Security

How To Pass A Credit Course At Florida State College At Jacksonville

Network Security Administrator

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

Cisco Certified Network Professional (CCNP Routing & Switching)

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

(d-5273) CCIE Security v3.0 Written Exam Topics

Developing Network Security Strategies

Chapter 1 The Principles of Auditing 1

INTRUSION DETECTION SYSTEMS and Network Security

Gigabit Content Security Router

CISCO IOS NETWORK SECURITY (IINS)

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router Firewalls. Intrusion Detection Systems

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

Detailed Description about course module wise:

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

Information Technology Career Cluster Advanced Cybersecurity Course Number:

Gigabit SSL VPN Security Router

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

NETWORK SECURITY (W/LAB) Course Syllabus

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

CCNA Security v1.0 Scope and Sequence

Tim Bovles WILEY. Wiley Publishing, Inc.

CCNA Cisco Associate- Level Certifications

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

CompTIA Security+ (Exam SY0-410)

74% 96 Action Items. Compliance

Fundamentals of Network Security - Theory and Practice-

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

information security and its Describe what drives the need for information security.

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

CEH Version8 Course Outline

Principles of Information Assurance Syllabus

Description: Objective: Attending students will learn:

PCI Security Scan Procedures. Version 1.0 December 2004

Networking Technology Online Course Outline

Reducing Application Vulnerabilities by Security Engineering

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

TABLE OF CONTENTS NETWORK SECURITY 1...1

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Internet infrastructure. Prof. dr. ir. André Mariën

Wired Network Security: Hospital Best Practices. Jody Barnes. East Carolina University

Network Security. Network Security. Protective and Dependable. > UTM Content Security Gateway. > VPN Security Gateway. > Multi-Homing Security Gateway

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Cisco RV 120W Wireless-N VPN Firewall

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

8 Steps for Network Security Protection

Network Security Auditing April 2015

Systems and Principles Unit Syllabus

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

8 Steps For Network Security Protection

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Government of Canada Managed Security Service (GCMSS) Annex A-1: Statement of Work - Firewall

CompTIA Network+ (Exam N10-005)

RuggedCom Solutions for

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

External Supplier Control Requirements

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

PBL: Network Design. Competency: Networking Installation Planning & Configuration (sizing, expandability, redundancy)

CESG Certification of Cyber Security Training Courses

Network Security Policy

Eleventh Hour Security+

Transcription:

TUT / T. Kelo, J. Koskinen / 04.09.2007 InCert The 2nd handbook Version 1.5 InCert Network Security Professional Certificate Description for Candidates Introduction InCert Network Security Professional is a certification awarded by the InCert consortium to individuals who pass a demanding examination. An InCert Network Security Professional, or ICNSP for short, is capable of taking responsibility of the security of a computer network that is connected to the Internet. In particular this means that if you are already able to (i) design, or (ii) build, or (iii) maintain technically, or (iv) administer a computer network, your ICNSP examination will assure your current or future employer that you have the knowledge and skills necessary for carrying out the corresponding task in a secure way. The certification exam is vendor neutral and computer based, but enters such practical levels, that an ICNSP can quickly adapt to the specialities of the products in a new working place. This document describes knowledge and skills required for passing the ICNSP certification exam. For a more general description about the tasks in enterprises that ICNSPs are capable of handling, see the document InCert Network Security Professional Competences of the Certificate Possessors and Their Role in a Company. For more details on the requirements see sample exam questions at http://incert.eu. Consult this site also for administrative procedures for enrolment and for examination locations and dates. Overview of the required competence There are some prerequisites that are not directly assessed in the exam: 1. Basics of networking: IP addressing, routing, LAN, WAN, VLAN, WLAN 2. Basics of information security: concepts, technologies, management issues 3. Basic English language comprehension skills. In principle, with a lot of luck and extensive learning by rote it could be possible to pass the examination without satisfying the prerequisites 1 and 2. There are two other InCert certificates that would serve well the purpose of these two areas, namely Intranet/Internet technology and Information security (cf. http://incert.eu). These prerequisites do not require work experience and they can of course be achieved also otherwise than through certification. There are broadly six kinds of work that a network security professional needs to be familiar with. These task areas are: 1. Preparations for defence: plan, define policies, measure, analyze, make contracts, rehearse, 2. Building countermeasures: procure, install, configure, test, 3. Daily operations: update, monitor, tune, administer, 4. Reacting to incidents: fight, recover, trace, 1

5. Learning and growing, not only from incidents, but generally: attacks, tools, methods, efficiency, ethics, 6. Various communicative tasks within all other task areas: documentation; with managers, team, users, outside interest groups; educational tasks, Your preparedness to deal with these tasks will be examined rather evenly with slight emphasis on the areas 1 and 2. This will happen within the following five concrete competence areas that form the main categories of the examination questions. I. Security threats in networks (20 %) II. Using, applying and evaluating the defence arsenal (30 %) III. Good practices in network security design (21 %) IV. Administrative and organizational defences of network security (21 %) V. Legislation of network security related issues (8 %) There will be altogether 200 questions divided among these categories according to the percentages mentioned in the list. So, for instance, the category II is the largest one and it will be represented by 60 questions, and among them there will be roughly 10 questions for each of the task areas 1 6. The questions are either MCQs or VSQs: The MCQs are multiple choice questions with four options, out of which one is correct. The VSQs are value submission questions, where you are supposed to answer with a numeric or textual value. A vast majority of the questions are MCQs. Details of the required competence This section presents a long but rather condensed listing of topics that are included in the examination. You can expect about two questions for each of the lowest level bullets (either o or ). Some of these are further divided to show the variety of topics that can appear in the questions. Still, a list of this length cannot be exhaustive. For instance terms ESP, AH, and SA are not shown even if they are essential parts of IPsec and will appear in exam questions. A categorization like this somewhat simplifies the requirements, because it hides many essential logical connections. To mitigate this, some terms (like PKI, VPN, IDS) are repeated in several contexts. I Security threats in networks The ICNSP must be able to protect a computer network against a wide spectrum of security threats. The first category in the examination concentrates on the foundation of this task, the threats and their targets. The other categories of course revisit them when dealing with various protections and addressing more concretely what is being protected. There is, however, a large body of general knowledge about threats that the ICNSP must possess before the more specific knowledge and skills are really useful. So, the questions in this category mainly require you to recognize threat models inner and outer threats attack types (authentication failures protocol failures information leakage denial of service stealing passwords social engineering bugs and back doors ) 2

attackers (hackers spies terrorists corporate raiders professional criminals vandals script kiddies saboteurs hactivists...) administrative and personnel threats and understand attack techniques o reconnaissance (site reconnaissance Internet reconnaissance IP/network reconnaissance DNS reconnaissance social engineering ) o mapping targets (war dialling network mapping (ICMP) port scanning vulnerability scanning researching and probing vulnerabilities ) o system/network penetration (file system hacking DNS attacks cache exploits application attacks account (password) cracking hostile and self replicating code programming tactics process manipulation shell hacking session hijacking spoofing XSS statebased hacking traffic capture (sniffing) trust relationship exploitation relay consolidation ) o denial of service (DoS Distributed DoS) II Using, applying and evaluating the defence arsenal The ICNSP has extensive skills in proper usage and evaluation of the defence arsenal of network security. By using these principles and tools effectively the ICNSP can substantially enhance the overall security of a network. In this category you are required to understand how to design, implement and evaluate access control, to (automatically) let the right people and only them to use the information and other resources of your network: o system access control (privilege management firewalls ) o network access control (routers and switches LAN WLAN WAN VLAN access lists device hardening proxies remote access firewalls ) authentication, the essential precursor to access control: o static schemes (username/password IP/MAC centralized key based biometrics ) o dynamic schemes (key based session token based PKI ) auditing and logging, to know how access control has worked and enable investigative and corrective actions if something has gone wrong: o centralized auditing and logging o operating system auditing facilities o forensics resource controls, a more technology oriented aspect to similar goals as auditing and logging: o operating system resource controls (process memory ) 3

o network resource controls o bandwidth controls o ingress filtering and access controls o cache controls confidentiality (privacy), you must know a lot about this goal already from the prerequisites and now proceed into network security specialities: o file and storage privacy o session and protocol encryption (SSH SSL) o VPN, Virtual Private Network (IPsec PPTP L2TP SSL) o PKI, Public Key Infrastructure o electronic mail o VoIP, Voice over Internet Protocol data integrity (the same comment holds here as with confidentiality): o programming (input/output validation controls web/cgi techniques bounds checking ) o network (proxies VPN PKI application / file system content assurance cryptographic controls file system integrity checkers ) o platform integrity (system/device hardening system/device access controls system/device account management system/device maintenance patching procedures ) non repudiation, usage of digital signatures in networks intrusion detection and prevention (IDS/IPS): o characteristics (signatures anomalies) o network based (network management systems security information management) o host based (auditing and logging controls file system integrity checkers) malware control, basic knowledge belongs to the prerequisites; now this is a specific area of network intrusion prevention incidence response and recovery, how to act when something has gone wrong, especially when your network has been attacked: o practices and procedures o devices o tools o resource allocation 4

Physical and Link layer issues (cabling, interference, crosstalk, manageability, Address Resolution Protocol,...) IPv6 issues (neighbour discovery, multicast, IPsec, filtering,...) III Good practices in network security design The ICNSP is well aware of the good practices of network security design. The ICNSP knows how to design, implement and evaluate a network in such way that the security of the network is assured. The questions in this category require you to understand design principles: o appreciation of a complete view of a security landscape o architectural security controls o defence in depth / layered defence (purpose of applying defences at the perimeter evaluation of) o least privileges (management access control need to know) o incidence response and recovery firewall and secure router design, installation and maintenance: o network baseline o firewall design and architectures (host based centralized DMZ DHCP rule sets access lists) o VLAN, Virtual Local Area Network (segmentation access lists) o NAT, Network Address Translation & PAT, Port Address Translation o SNMP, Simple Network Management Protocol o wireless access o remote access o maintenance issues common AAA implementations, for authentication, authorization and accounting: o Tacacs+ o Radius o proxy authentication o service authentication secure VPN implementation, to enable remote working in a way that the assets of an organization are properly protected: 5

o remote access VPN o site to site VPN o CA, Certificate Authority in a VPN o web VPN secure procedures of providing services: o electronic mail o WWW o tele systems (traditional VoIP) security related routing issues with o BGP, Border Gateway Protocol o OSPF, Open Shortest Path First o RIP, Routing Information Protocol o EIGRP, Enhanced Interior Gateway Routing Protocol physical security issues (access control protectables) the need, design and implementation of testing, to prevent unexpected losses due to inaccurate configurations, incompatibility, etc. One way how all this happens is that you are required to analyze example networks IV Administrative and organizational defences of network security The ICNSP understands the business wise value of network security and thus can keep the defence mechanisms always in line with the business goals. The ICNSP understands the value of administrative defences and knows how to implement and evaluate the defences in an enterprise. In this category you are required to show ability to apply information risk management (IRM) in an enterprise, to enable efficient use of security resources: o concepts (ALE SLE ARO EF information asset safeguard effectiveness) o business needs (purpose of networking performance resources acceptable risk level) o risk assessment (threat analysis asset identification and valuation vulnerability analysis threat/vulnerability/asset mapping risk mitigation analysis) o return on (information) security investment (ROSI/ROISI) (calculation schemes resourcing) 6

design, apply and evaluate security policies, to ensure that security is acknowledged as an asset of an organization and that the security activities are supported by the management: o purpose of policies o levels and types of policies o design, implementation and maintenance of policies (enforceability of a policy administrative controls) o turning high level policies to firewall rules (justification effectiveness perimeter policy models shortcomings of technical implementations) o procedures for abuse situations design, apply and evaluate personnel security: o role in network security (weakest link strongest link) o awareness (security awareness programs education) o policies (hiring firing non tiring) o teams (response forensics watch) apply identity and access management, to enable efficient access control: o authentication (identity management password management trust relationship) o authorization (privacy role based, mandatory and discretionary access control: RBAC, MAC, DAC) understand security design, maintenance and development: o processes o assurance (incl. audits), metrics, communication o incidence response o network security projects o standards and guidelines (ISO/IEC 17799 and 27001 Common Criteria COBIT X.800 X.805 OECD: Guidelines for the Security of Information Systems and Networks ISF: The Standard of Good Practice for Information Security ITIL BSI: The IT Baseline Protection Manual) o outsourcing issues V Legislation of network security related issues The ICNSP is aware of the legislation related to network security. Responsibilities and the lawfulness of activities done in defending the network security in an enterprise are known by the ICNSP. However, legislation varies within Europe, and an international certificate cannot contain as much detail at this point as working life will require. 7

In this category you are required to prove that you know what kinds of responsibilities, laws and other regulations there can be in the areas of o intrusion handling o privacy (voice mail electronic mail tele & VoIP) o copyrights o contracts (NDA SLA...) o digital signatures o certificates 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information