Ever heard of the CIW Web Security Certification? If not you will be very soon as this is one of the best premier certifications that is rising in popularity when it comes to getting those security fundamentals down and rivals the Security+ and some others for that matter. Let’s dig into why you need to be looking at this CIW certification.
Today we’re going to be starting a new series of articles based around preparing for various certification exams. Each article in this series will cover a different certification including a comprehensive break down of exam objectives, the basics of what you need to know, and some supplementary materials to aid in your studying.
The first certification we’ll be covering is the CIW Web Security Associate. This certification is meant to provide the beginnings of a foundation of security concepts. First of all, some information about the exam. When sitting for this exam, you’ll be given ninety minutes (an hour and a half) to answer sixty-two questions with a minimum passing score of seventy-six percent. (More detailed information is available here.) Now that we’ve got those numbers out of the way, let’s start breaking down the exam objectives:
- Define the significance of security and identify elements of an effective security policy.
- Define encryption standards and their methodologies as it relates to networking.
- Use security guidelines and principles to create effective solutions.
- Identify various network/system attacks.
- Understand the firewalls role in the security matrix, as well as how it can be used to build multiple levels of protection.
The full list of objectives (I’ve shortened it for simplicity) is available here. These objectives are all that is covered on the exam. There is quite some information per objective so we’ll only be covering the basics for them in order. (Note: not all objectives will be covered.) So, without further adieu, let’s get going!
- Define the significance of security and identify elements of an effective security policy.
- Reading and interpreting log files to identify hacker activity is known as auditing.
- The Computer Emergency Response Team (CERT) is part of the Internet Society (ISOC), which establishes protocols and publishes security advisories.
- The outer limit of a network as defined by the firewall is known as the network perimeter.
- All components used to provide a security strategy as a whole is known as a security matrix.
- A list of individual users and their rights to manipulate a given object is known as an access control list.
- A device that scans packets for acceptable and unacceptable activity is known as a packet filter (most likely a router).
- Define encryption standards and their methodologies as it relates to networking.
- Password sniffing a method of stealing credentials off the network in transit (must be in cleartext).
- Secure HTTP (HTTPS) is a protocol used to allow for secure transmissions to and from a website.
- A VPN (virtual private network) extends a LAN (local area network) over the internet and allows for secure real-time communication.
- Cryptographic methods that use the same key to both encrypt and decrypt a message is known as symmetric cryptography.
- Cryptographic methods that use different keys for encrypting and decrypting a message is known as asymmetric cryptography.
- A certificate is a specific form of an asymmetric key.
- Identify various network/system attacks.
- An application that runs automated tasks over the internet is known as a bot.
- A network of systems infected with bots is known as a botnet.
- A brute-force attack involves repeatedly trying usernames and passwords until the correct combination is reached.
- A hidden application that allows an attacker to monitor and control the infected system is known as an illicit server.
- A condition in which a system unnecessarily reveals information is known as information leakage.
- The use of applications and servers to detect suspicious network activity is known as intrusion detection.
- Software designed to harm a system is known as malware.
- A condition where-in a hacker positions themselves in the middle of a connection between two parties is known as a man-in-the-middle attack.
- A scam in which a large number of users are misdirected to a fraudulent site is known as pharming.
- A scam in which the attacker makes contact with the victim in an attempt to mislead them is known as phishing.
- Using disinformation to gain access to a network by tricking legitimate users is known as social engineering.
- A condition in which unauthorized SQL queries can be made through non-sanitized input boxes on a website is known as SQL injection.
- Malware disguised as a legitimate application is known as a trojan.
- Malware capable of replicating itself on a system is known as a virus.
- Malware capable of replicating itself between multiple systems is known as a worm.
- Understand the firewalls role in the security matrix, as well as how it can be used to build multiple levels of protection.
- A small network that lies between the internal network and the internet is known as a demilitarized zone (DMZ).
- Internet Protocol Security (IPSec) is a set of protocols to support the secure exchange of packets at the IP layer.
- The core of the Linux operating system is known as the kernel.
- A standard that allows for multiple internal network addresses to be mapped to a singular (or multiple) external network address(es) is known as NAT (network address translation).
- A single machine dedicated to one purpose on a network is known as a network appliance. Such as a firewall appliance is meant specifically to house firewall software.
That does it for covering our basic information. I know it seems like a lot to digest, so I recommend studying it in sections. Once you feel confident in one section, move on to the next. This study guide is not meant to replace your study materials, but to supplement them. I strongly suggest you use other supplementary study materials in addition to this, I will leave some links to alternative study materials here:
- Short set of flashcards
- Longer set of flashcards
- Another longer set of flashcards (Note: not all of this set is relevant, but a good portion of it is)
I hope this helps you understand some of the concepts needed to pass this certification exam. The next certification we’ll be covering is the EC-Council Certified Encryption Specialist (ECES). I’ll see you in the next article!