|
|
||||||||||||||||
|
CIW SECURITY ADMINISTRATOR
CERTIFICATION |
||||||||||||||||
|
Class Hours: 1.0 |
|
Credit Hours: 1.0 |
|
|||||||||||||
|
Laboratory Hours: 0.0 |
|
Revised: Fall 08 |
|
|||||||||||||
|
|
||||||||||||||||
|
Catalog Course
Description: |
|
|
||||||||||||||
|
|
The preparatory course for
the CIW Security Administrator exam (1D0-450) focuses on security
administration skills that are not product- or
system-specific. This course will use materials that allow students to
instantly evaluate the level of IT knowledge achieved and will include
practice exams. |
|||||||||||||||
|
Entry Level Standards: |
|
|
||||||||||||||
|
|
Students taking this course
should be proficient in Windows 98, 2000 or XP. |
|||||||||||||||
|
Prerequisites: |
|
|
||||||||||||||
|
|
WEB 2200 |
|
||||||||||||||
|
Corequisites: |
|
|
||||||||||||||
|
|
WEB 2601 |
|||||||||||||||
|
Textbook(s) and Other
Course Materials: |
|
|||||||||||||||
|
|
Test preparation materials
(CD) and cost of certification exam will run approximately $150 for this
course. Your instructor will provide the URL to you to order the CD and will
manage the ordering of the exam. Doing this through your instructor will get
you the reduced price of $125. Otherwise, the cost for the CD and exam would
be ~$300. 1.
AssessPREP - CIW
Security Administrator Individual License CD (1 year) Product Code: PRSAS-CASACL-PD-209 (Cost~$70) You need to order this directly from ProsoftTraining
at http://sec.computerprep.com/pstcc/.
AssessPREP is a computer-based assessment tool
designed to measure a learner's proficiency on a given topic or application.
The CIW AssessPREP CD will let you (a) pre-assess
your aptitudes, then tailor your study accordingly (b) prepare for the
certification exam (c) instantly evaluate course knowledge and (d) review
materials in testing or study environments. 2.
CIW Security
Administrator Certification Exam You
can either take the certification exam at Information on the CIW
Security Administrator Certification Exam can be found at 1. Contains a total of 60
items. To certify, you must correctly answer at least 45 of the 60
questions to achieve a total score of 75% or greater AND correctly
answer at least 70% of the questions in each individual module.
2. You will have 75
minutes to complete the exam. 3. Each item offers four
solutions or distracters. Exam candidates must select the one best solution
for each item. Security Administrator skills are not product- or
system-specific. They are a combination of minimal technical and
non-technical skills and knowledge required for those interested in
developing specific Internet skills as a Web Security Administrator. The CIW
Server Administrator exam focuses on server and network administration tasks
and tools implemented by IT professionals. CIW Server Administrators manage
and tune corporate e-business solutions and infrastructure including Web,
FTP, news and mail servers, for midsize to large businesses. This
certification validates knowledge and skills in configuring, managing and
deploying e-business solutions servers.
1.
Common IT
services, focusing on hardware platforms and frequently used operating
systems. 2.
TCP/IP
configuration parameters, and Windows 2000 and Linux system configuration
with static IP addresses. 3.
User access
levels, password policies, and permissions based on standard practice and
procedures. 4.
Management of
users in Windows 2000 and Linux. 5.
Domain Name
System (DNS) in Windows 2000 and Linux. 6.
Name resolution
options for LANs and WANs, including the Windows Internet Naming Service
(WINS) and Samba. 7.
Internet
services including FTP and Telnet, and control of access to these services. 8.
Web servers,
including Microsoft IIS and Apache Server. 9.
Advanced Web
server administration tasks. 10.
User-based
access to Web servers. 11.
Limitation of
access based on IP addresses. 12.
Functionality
of a Web server, including Perl configuration and additional services. 13.
Web server
connection to a database via Open Database Connectivity (ODBC). 14.
Configuration
and management of streaming media servers. 15.
Secure Sockets
Layer (SSL) transactions. 16.
Management of
news servers. 17.
Configuration
and management of SMTP, IMAP and POP3 e-mail servers. 18.
Configuration
and management of proxy servers and Internet servers. 19.
Server and
service log analysis. 20.
System
performance evaluation. 21.
Internal and
external security risks. NOTE: It is not
necessary to pass the certification exam in order to pass this course. You
will receive credit for taking the exam.
1.
Microsoft
Windows (XP) 2.
Adobe Acrobat Reader.
Download free from http://www.adobe.com/support/downloads/main.html
NOTE: This course is one of a series in the
Certified Internet Web (CIW) Professional program offered at |
|||||||||||||||
|
I. Week/Unit/Topic
Basis: |
|
|
||||||||||||||
|
This course will begin on a specific
date but the student can progress through the course objectives in a
timeframe comfortable for him. If the student works hard, he can complete the
coursework and certification exam before the formal end of the semester. The
instructor will provide benchmarks for the completion of objectives during
the semester. All students will complete the certification exam and course
requirements by the end of the academic semester. AssessPREP is a computer-based assessment tool designed to
measure a learner's proficiency on a given topic or application. The CIW
Security Administrator CD will assess a student's knowledge of the areas
covered on the CIW Security Administrator Certification Exam (1D0-450). |
||||||||||||||||
|
|
Week |
Topic |
||||||||||||||
|
|
Phase I: |
Order AssessPREP CD and certification exam. Student will order the AssessPREP
CD (at the URL above). After installing the AssessPREP
CD for this class on your computer, you can begin your self-study. The
instructor will work with you to determine a date toward the end of the
semester when you wish to schedule for the exam to be given; you must
schedule the exam at least three weeks in advance of when you wish to
take it. You can take the exam once. If you take the exam in the PSTCC
CIW Exam lab, your scores will be recorded by the instructor and factored
into your grade for this course; if you choose to take the exam in a testing
center not associated with PSTCC, you will fax your test scores to the
instructor so the score can be factored into your grade. During Phase I of the
semester, you will be studying and working through the companion CIW course
(for this exam, the co-requisite course is WEB 2601 CIW Security
Administrator). During this time, you can be using the AssessPREP
CD to practice and review the material presented. |
||||||||||||||
|
|
Phase II: |
Use AssessPREP
CD: Student will use the AssessPREP CD to review and practice for the CIW Security
Administrator Certification Exam. Here are some of the activities on the CD
you can use to help review and prepare for the certification exam: Choose to take an exam or a
drill by double clicking on the icons on the AssessPREP
screen. The exams simulate the actual tests. Drills focus in a single subject
matter. |
||||||||||||||
|
|
Phase III: |
Take Online Quizzes: Quizzes have been created in this course made up
from the questions on the AssessPREP CD. The
questions for all quizzes are randomly drawn from the test bank from the CD.
Your performance on these quizzes will indicate to the instructor that you
are studying and learning the skills presented from the companion course and
from the CD and that you are progressing toward successful completion of the
certification exam. The materials allow for:
Schedule and complete
CIW Server Administrator Certification Exam (1D0-450). Your instructor will schedule the date and time for
your exam at least three weeks in advance. This is the lead time ProSoft needs for the certification exam to be ordered
and scheduled for downloading to the CIW lab at PSTCC. The certification exam
can be taken only once in this course. |
||||||||||||||
|
II. Course Objectives*: |
|
|
||||||||||||||
|
|
A. |
Explain
common IT services, focusing on hardware platforms and frequently used
operating systems. (I) |
||||||||||||||
|
|
B. |
Apply
TCP/IP configuration parameters, and Windows 2000, and Linux system
configuration with static IP addresses. (I, IV) |
||||||||||||||
|
|
C. |
Apply
user access levels, password policies, and permissions based on standard
practice and procedures. (I, II) |
||||||||||||||
|
|
D. |
Describe
management of users in Windows 2000 and Linux. (I, IV) |
||||||||||||||
|
|
E. |
Explain
Domain Name System (DNS) in Windows 2000 and Linux. (I, II) |
||||||||||||||
|
|
F. |
Use
name resolution options for LANs and WANs, including the Windows Internet
Naming Service (WINS) and Samba. (II) |
||||||||||||||
|
|
G. |
Use
Internet services including FTP and Telnet, and control of access to these
services. (II, IV) |
||||||||||||||
|
|
H. |
Utilize
web servers, including Microsoft IIS and Apache Server. (II, IV) |
||||||||||||||
|
|
I. |
Perform
advanced Web server administration tasks. (II, IV) |
||||||||||||||
|
|
J. |
Utilize
user-based access to Web servers. (II, IV) |
||||||||||||||
|
|
K. |
Explain
the limitation of access based on IP addresses. (II, IV) |
||||||||||||||
|
|
L. |
Describe
the functionality of a Web server, including Perl configuration and
additional services. (II, IV) |
||||||||||||||
|
|
M. |
Apply
web server connection to a database via Open Database Connectivity (ODBC).
(II, IV) |
||||||||||||||
|
|
N. |
Apply
configuration and management of streaming media servers. (II, IV) |
||||||||||||||
|
|
O. |
Utilize
Secure Sockets Layer (SSL) transactions. (II, IV) |
||||||||||||||
|
|
P. |
Apply
management of news servers. (II, IV) |
||||||||||||||
|
|
Q. |
Describe
configuration and management of SMTP, IMAP and POP3 e-mail servers. (II, IV) |
||||||||||||||
|
|
R. |
Perform
server and service log analysis. (II, IV) |
||||||||||||||
|
|
S. |
Explain
configuration and management of proxy servers and Internet servers. (II, IV) |
||||||||||||||
|
|
T. |
Perform
system performance evaluation. (II, IV) |
||||||||||||||
|
|
U. |
Describe
internal and external security risks. (II, IV) |
||||||||||||||
|
*Roman numerals after
course objectives reference goals of the WEB program. |
||||||||||||||||
|
III. Instructional
Processes*: |
|
|
||||||||||||||
|
Students will: |
|
|
|
|||||||||||||
|
|
1. |
1.
Explain the
server and network administration tasks and tools required by IT
professionals. (Technological literacy
outcome) |
||||||||||||||
|
|
2. |
2.
Identify the current
direction and application of server administration. (Technological literacy outcome) |
||||||||||||||
|
|
3. |
3.
Identify the
differences between e-business solutions and infrastructure tools used in
midsize to large businesses. (Technological
literacy outcome) |
||||||||||||||
|
|
4. |
4.
Monitor FTP,
news and mail servers, and Web servers. (Technological
literacy outcome) |
||||||||||||||
|
|
5. |
5.
Configure and
deploy e-business solutions servers. (Active
Learning Strategies) |
||||||||||||||
|
|
6. |
6.
Use research activities
to promote independent thinking. (Active
Learning Strategies) |
||||||||||||||
|
|
7. |
7.
Use software
tools and web development skills to administer web sites that are functional
and efficient. (Active Learning
Strategies) |
||||||||||||||
|
*Strategies
and outcomes listed after instructional processes reference TBR's goals for strengthening general education knowledge
and skills, connecting course work to experiences beyond the classroom, and
encouraging students to take active and responsible roles in the educational
process. |
||||||||||||||||
|
IV. Expectations for Student Performance*: |
|
|
||||||||||||||
|
Upon
successful completion of this course, the student should be able to: |
||||||||||||||||
|
|
1. |
List
the services offered by IT departments. (A) |
||||||||||||||
|
|
2. |
Identify
backbone and mission-critical services offered by IT departments. (A) |
||||||||||||||
|
|
3. |
Discuss
the concepts of system maintenance, including fault tolerance, server
optimization, and backup. (A) |
||||||||||||||
|
|
4. |
Identify
common hardware platforms. (A) |
||||||||||||||
|
|
5. |
Describe
capabilities of various platform components, including multiple CPUs, I/O
issues, and system memory. (A) |
||||||||||||||
|
|
6. |
Define
bandwidth and throughput (A) |
||||||||||||||
|
|
7. |
Identify
common network operating systems (A) |
||||||||||||||
|
|
8. |
Determine
the ideal operating system for a given environment. (A) |
||||||||||||||
|
|
9. |
Discuss
system installation issues. (A) |
||||||||||||||
|
|
10. |
List
key TCP/IP configuration parameters.
(B) |
||||||||||||||
|
|
11. |
Add
NICs in Windows 2000 and Linux (B) |
||||||||||||||
|
|
12. |
Configure
Windows 2000 with static IP addresses. (B) |
||||||||||||||
|
|
13. |
Configure
Linux with static IP addresses. (B) |
||||||||||||||
|
|
14. |
Describe
how DHCP works. (B) |
||||||||||||||
|
|
15. |
Define
authentication. (C) |
||||||||||||||
|
|
16. |
Explain
the share-level and user-level access security models. (C) |
||||||||||||||
|
|
17. |
Identify
the purposes and functions of logon accounts, groups, and passwords. (C) |
||||||||||||||
|
|
18. |
Create
a network password policy using standard practices and procedures. (C) |
||||||||||||||
|
|
19. |
Discuss
permissions issues. (C) |
||||||||||||||
|
|
20. |
Describe
the relationship between permissions and user profiles (C) |
||||||||||||||
|
|
21. |
Use
administrative utilities for specific networks and operating systems (C) |
||||||||||||||
|
|
22. |
Identify
the permissions needed to add, delete, or modify user accounts. (D) |
||||||||||||||
|
|
23. |
Identify the purpose of the
Windows 2000 Security Accounts Manager. (D) |
||||||||||||||
|
|
24. |
Enforce system wide
policies, including account lockout settings, password rules, and password
aging. (D) |
||||||||||||||
|
|
25. |
Convert a FAT drive to
NTFS. (D) |
||||||||||||||
|
|
26. |
Enable auditing in Windows
2000 Server. (D) |
||||||||||||||
|
|
27. |
View local and remote
events in Event Viewer. (D) |
||||||||||||||
|
|
28. |
Manage file and directory
ownership. (D) |
||||||||||||||
|
|
29. |
Manage user rights. (D) |
||||||||||||||
|
|
30. |
Enable custom user settings,
such as specifying home directories, logon scripts, and dial-in access. (D) |
||||||||||||||
|
|
31. |
Identify accounts used by
Windows 2000 services. (D) |
||||||||||||||
|
|
32. |
Create new accounts on
Linux systems. (D) |
||||||||||||||
|
|
33. |
Set password-aging policies
on Linux systems. (D) |
||||||||||||||
|
|
34. |
Set account policies in
Linux. (D) |
||||||||||||||
|
|
35. |
View user accounts used by
system daemons. (D) |
||||||||||||||
|
|
36. |
Explain run levels. (D) |
||||||||||||||
|
|
37. |
Use the ntsysv
and chkconfig commands. (D) |
||||||||||||||
|
|
38. |
Explain the Domain Name
System (DNS). (E) |
||||||||||||||
|
|
39. |
Identify DNS components,
including zones, name server types, and resolvers.
(E) |
||||||||||||||
|
|
40. |
List and create the common DNS
record types, including A, NS, and CNAME. (E) |
||||||||||||||
|
|
41. |
Define reverse DNS lookup.
(E) |
||||||||||||||
|
|
42. |
Implement DNS in Windows
2000 and Linux. (E) |
||||||||||||||
|
|
43. |
Deploy Dynamic DNS (DDNS).
(E) |
||||||||||||||
|
|
44. |
Configure caching servers and
forwarders. (E) |
||||||||||||||
|
|
45. |
Use nslookup
and additional troubleshooting tools. (E) |
||||||||||||||
|
|
46. |
Explain the basics of
NetBIOS, including the NetBIOS naming convention. (F) |
||||||||||||||
|
|
47. |
Identify additional name resolution
options for LANs and WANs. (F) |
||||||||||||||
|
|
48. |
Implement and manage WINS.
(F) |
||||||||||||||
|
|
49. |
Use Samba to create a WINS
server in UNIX. (F) |
||||||||||||||
|
|
50. |
Configure a UNIX system as
a WINS client. (F) |
||||||||||||||
|
|
51. |
Configure Samba systems to
use Windows 2000 authentication. (F) |
||||||||||||||
|
|
52. |
Create and manage shares
using Samba. (F) |
||||||||||||||
|
|
53. |
Deploy user-level and
anonymous FTP access in Windows 2000 and Linux. (G) |
||||||||||||||
|
|
54. |
Describe standard and passive
FTP. (G) |
||||||||||||||
|
|
55. |
Configure Telnet for
Windows 2000 and Linux. (G) |
||||||||||||||
|
|
56. |
Configure finger in Linux.
(G) |
||||||||||||||
|
|
57. |
Control access to Linux
services. (G) |
||||||||||||||
|
|
58. |
Identify foundational services,
including DNS, WINS, and Samba. (H) |
||||||||||||||
|
|
59. |
List mission-critical
services, including Web servers, databases, e-commerce servers, news servers,
streaming media servers, e-mail servers, and proxy servers. (H) |
||||||||||||||
|
|
60. |
Discuss system maintenance
and logging. (I) |
||||||||||||||
|
|
61. |
Describe performance
monitoring and server optimization issues. (I) |
||||||||||||||
|
|
62. |
Explain the importance of
implementing security features for your servers. (I) |
||||||||||||||
|
|
63. |
|||||||||||||||