PELLISSIPPI STATE TECHNICAL COMMUNITY COLLEGE 
MASTER SYLLABUS

CIW SECURITY ADMINISTRATOR CERTIFICATION
WEB 2691

Class Hours: 1.0

 

Credit Hours: 1.0

 

Laboratory Hours: 0.0

 

Revised: Fall 08

 

 

Catalog Course Description:

 

 

 

The preparatory course for the CIW Security Administrator exam (1D0-450) focuses on security administration skills that are not product- or system-specific. This course will use materials that allow students to instantly evaluate the level of IT knowledge achieved and will include practice exams.

Entry Level Standards:

 

 

 

Students taking this course should be proficient in Windows 98, 2000 or XP.

Prerequisites:

 

 

 

WEB 2200

 

Corequisites:

 

 

 

WEB 2601

Textbook(s) and Other Course Materials:

 

 

 Test preparation materials (CD) and cost of certification exam will run approximately $150 for this course. Your instructor will provide the URL to you to order the CD and will manage the ordering of the exam. Doing this through your instructor will get you the reduced price of $125. Otherwise, the cost for the CD and exam would be ~$300.

1.                    AssessPREP - CIW Security Administrator Individual License CD (1 year) Product Code: PRSAS-CASACL-PD-209 (Cost~$70) You need to order this directly from ProsoftTraining at http://sec.computerprep.com/pstcc/. AssessPREP is a computer-based assessment tool designed to measure a learner's proficiency on a given topic or application. The CIW AssessPREP CD will let you (a) pre-assess your aptitudes, then tailor your study accordingly (b) prepare for the certification exam (c) instantly evaluate course knowledge and (d) review materials in testing or study environments.

2.                    CIW Security Administrator Certification Exam You can either take the certification exam at Pellissippi State through the CIW Exam Membership Program (half price~$75) or go to a Prometric Testing Center to take the exam (~$125). Your instructor will order your exam if you take the exam at PSTCC.

Information on the CIW Security Administrator Certification Exam can be found at
http://www.ciwcertified.com/exams/1d0450.asp?comm=CND&llm=3#examinfo . This exam (CIW Security Administrator 1D0-450) specifically:

1. Contains a total of 60 items. To certify, you must correctly answer at least 45 of the 60 questions to achieve a total score of 75% or greater AND correctly answer at least 70% of the questions in each individual module.

Module

Number of Items

Internet Systems Management

30

Advanced Internet Systems Management

30

          Total Items

60

2. You will have 75 minutes to complete the exam.

3. Each item offers four solutions or distracters. Exam candidates must select the one best solution for each item.

Security Administrator skills are not product- or system-specific. They are a combination of minimal technical and non-technical skills and knowledge required for those interested in developing specific Internet skills as a Web Security Administrator. The CIW Server Administrator exam focuses on server and network administration tasks and tools implemented by IT professionals. CIW Server Administrators manage and tune corporate e-business solutions and infrastructure including Web, FTP, news and mail servers, for midsize to large businesses. This certification validates knowledge and skills in configuring, managing and deploying e-business solutions servers.

    1. Skills measured in the he CIW Security Administrator (1DO-450) exam include but are not limited to:

1.        Common IT services, focusing on hardware platforms and frequently used operating systems.

2.        TCP/IP configuration parameters, and Windows 2000 and Linux system configuration with static IP addresses.

3.        User access levels, password policies, and permissions based on standard practice and procedures.

4.        Management of users in Windows 2000 and Linux.

5.        Domain Name System (DNS) in Windows 2000 and Linux.

6.        Name resolution options for LANs and WANs, including the Windows Internet Naming Service (WINS) and Samba.

7.        Internet services including FTP and Telnet, and control of access to these services.

8.        Web servers, including Microsoft IIS and Apache Server.

9.        Advanced Web server administration tasks.

10.     User-based access to Web servers.

11.     Limitation of access based on IP addresses.

12.     Functionality of a Web server, including Perl configuration and additional services.

13.     Web server connection to a database via Open Database Connectivity (ODBC).

14.     Configuration and management of streaming media servers.

15.     Secure Sockets Layer (SSL) transactions.

16.     Management of news servers.

17.     Configuration and management of SMTP, IMAP and POP3 e-mail servers.

18.     Configuration and management of proxy servers and Internet servers.

19.     Server and service log analysis.

20.     System performance evaluation.

21.     Internal and external security risks.

NOTE: It is not necessary to pass the certification exam in order to pass this course. You will receive credit for taking the exam.

  1. Supplementary Materials:
    1. Software
      The following software should be installed on your system before beginning this class:

1.        Microsoft Windows (XP)

2.        Adobe Acrobat Reader. Download free from http://www.adobe.com/support/downloads/main.html

    1. AssessPREP CD-ROM. You will purchase the AssessPREP CD-ROM with study files that you will use to pre-assess your skills, review the material covered on the actual certification exam, and use the material as practice for the exam.

NOTE: This course is one of a series in the Certified Internet Web (CIW) Professional program offered at Pellissippi State. This course is a part of the requirements for the PSTCC CIW Master Administrator certificate and can be used as a guided elective in the AAS in Media Technologies Web Concentration degree. The CIW certification program validates job-role skills competency for entry-level job seekers and seasoned professionals alike. Candidates can earn CIW certificates in various information technology (IT) job roles, from the foundational CIW Associate certification, continuing to CIW Professional and specialization certifications, and up to advanced-level Master CIW certifications. The course prepares you for the Master CIW Administrator certification. For detailed information, see CIW's website at http://www.ciwcertified.com/.

I. Week/Unit/Topic Basis:

 

 

 This course will begin on a specific date but the student can progress through the course objectives in a timeframe comfortable for him. If the student works hard, he can complete the coursework and certification exam before the formal end of the semester. The instructor will provide benchmarks for the completion of objectives during the semester. All students will complete the certification exam and course requirements by the end of the academic semester.

AssessPREP is a computer-based assessment tool designed to measure a learner's proficiency on a given topic or application. The CIW Security Administrator CD will assess a student's knowledge of the areas covered on the CIW Security Administrator Certification Exam (1D0-450).

 

Week

Topic

 

Phase I:
Fall\Spring Weeks 1-6
Summer Weeks 1-4

Order AssessPREP CD and certification exam. Student will order the AssessPREP CD (at the URL above). After installing the AssessPREP CD for this class on your computer, you can begin your self-study. The instructor will work with you to determine a date toward the end of the semester when you wish to schedule for the exam to be given; you must schedule the exam at least three weeks in advance of when you wish to take it. You can take the exam once. If you take the exam in the PSTCC CIW Exam lab, your scores will be recorded by the instructor and factored into your grade for this course; if you choose to take the exam in a testing center not associated with PSTCC, you will fax your test scores to the instructor so the score can be factored into your grade.

 

During Phase I of the semester, you will be studying and working through the companion CIW course (for this exam, the co-requisite course is WEB 2601 CIW Security Administrator). During this time, you can be using the AssessPREP CD to practice and review the material presented.

 

Phase II:
Fall/Spring Weeks 7-12
Summer Weeks 5-6

Use AssessPREP CD: Student will use the AssessPREP CD to review and practice for the CIW Security Administrator Certification Exam. Here are some of the activities on the CD you can use to help review and prepare for the certification exam:

 

Choose to take an exam or a drill by double clicking on the icons on the AssessPREP screen. The exams simulate the actual tests. Drills focus in a single subject matter.

 

Phase III:
Fall/Spring Weeks 13-14
Summer Weeks 7-8

Take Online Quizzes: Quizzes have been created in this course made up from the questions on the AssessPREP CD. The questions for all quizzes are randomly drawn from the test bank from the CD. Your performance on these quizzes will indicate to the instructor that you are studying and learning the skills presented from the companion course and from the CD and that you are progressing toward successful completion of the certification exam. The materials allow for:

  • Multiple study modes for adaptive learning
  • Personalized study plan and progress reports
  • Study questions and reference tools
  • Simulations of actual testing environments
  • Alignment and references back to CIW instructor-led courseware
  • Drill-down testing on missed questions

Schedule and complete CIW Server Administrator Certification Exam (1D0-450). Your instructor will schedule the date and time for your exam at least three weeks in advance. This is the lead time ProSoft needs for the certification exam to be ordered and scheduled for downloading to the CIW lab at PSTCC. The certification exam can be taken only once in this course.

 

II. Course Objectives*:

 

 

 

A.

Explain common IT services, focusing on hardware platforms and frequently used operating systems. (I)

 

B.

Apply TCP/IP configuration parameters, and Windows 2000, and Linux system configuration with static IP addresses. (I, IV)

 

C.

Apply user access levels, password policies, and permissions based on standard practice and procedures. (I, II)

 

D.

Describe management of users in Windows 2000 and Linux. (I, IV)

 

E.

Explain Domain Name System (DNS) in Windows 2000 and Linux. (I, II)

 

F.

Use name resolution options for LANs and WANs, including the Windows Internet Naming Service (WINS) and Samba. (II)

 

G.

Use Internet services including FTP and Telnet, and control of access to these services. (II, IV)

 

H.

Utilize web servers, including Microsoft IIS and Apache Server. (II, IV)

 

I.

Perform advanced Web server administration tasks. (II, IV)

 

J.

Utilize user-based access to Web servers. (II, IV)

 

K.

Explain the limitation of access based on IP addresses. (II, IV)

 

L.

Describe the functionality of a Web server, including Perl configuration and additional services. (II, IV)

 

M.

Apply web server connection to a database via Open Database Connectivity (ODBC). (II, IV)

 

N.

Apply configuration and management of streaming media servers. (II, IV)

 

O.

Utilize Secure Sockets Layer (SSL) transactions. (II, IV)

 

P.

Apply management of news servers. (II, IV)

 

Q.

Describe configuration and management of SMTP, IMAP and POP3 e-mail servers. (II, IV)

 

R.

Perform server and service log analysis. (II, IV)

 

S.

Explain configuration and management of proxy servers and Internet servers. (II, IV)

 

T.

Perform system performance evaluation. (II, IV)

 

U.

Describe internal and external security risks. (II, IV)

*Roman numerals after course objectives reference goals of the WEB program.

III. Instructional Processes*: 

 

 

Students will:

 

 

 

 

1.

1.        Explain the server and network administration tasks and tools required by IT professionals. (Technological literacy outcome)

 

2.

2.        Identify the current direction and application of server administration. (Technological literacy outcome)

 

3.

3.        Identify the differences between e-business solutions and infrastructure tools used in midsize to large businesses. (Technological literacy outcome)

 

4.

4.        Monitor FTP, news and mail servers, and Web servers. (Technological literacy outcome)

 

5.

5.        Configure and deploy e-business solutions servers. (Active Learning Strategies)

 

6.

6.        Use research activities to promote independent thinking. (Active Learning Strategies)

 

7.

7.        Use software tools and web development skills to administer web sites that are functional and efficient. (Active Learning Strategies)

*Strategies and outcomes listed after instructional processes reference TBR's goals for strengthening general education knowledge and skills, connecting course work to experiences beyond the classroom, and encouraging students to take active and responsible roles in the educational process. 

IV. Expectations for Student Performance*: 

 

 

Upon successful completion of this course, the student should be able to:

 

1.

List the services offered by IT departments. (A)

 

2.

Identify backbone and mission-critical services offered by IT departments. (A)

 

3.

Discuss the concepts of system maintenance, including fault tolerance, server optimization, and backup. (A)

 

4.

Identify common hardware platforms. (A)

 

5.

Describe capabilities of various platform components, including multiple CPUs, I/O issues, and system memory. (A)

 

6.

Define bandwidth and throughput (A)

 

7.

Identify common network operating systems (A)

 

8.

Determine the ideal operating system for a given environment. (A)

 

9.

Discuss system installation issues. (A)

 

10.

List key TCP/IP configuration parameters.  (B)

 

11.

Add NICs in Windows 2000 and Linux (B)

 

12.

Configure Windows 2000 with static IP addresses. (B)

 

13.

Configure Linux with static IP addresses. (B)

 

14.

Describe how DHCP works. (B)

 

15.

Define authentication. (C)

 

16.

Explain the share-level and user-level access security models. (C)

 

17.

Identify the purposes and functions of logon accounts, groups, and passwords. (C)

 

18.

Create a network password policy using standard practices and procedures. (C)

 

19.

Discuss permissions issues. (C)

 

20.

Describe the relationship between permissions and user profiles (C)

 

21.

Use administrative utilities for specific networks and operating systems (C)

 

22.

Identify the permissions needed to add, delete, or modify user accounts. (D)

 

23.

Identify the purpose of the Windows 2000 Security Accounts Manager. (D)

 

24.

Enforce system wide policies, including account lockout settings, password rules, and password aging. (D)

 

25.

Convert a FAT drive to NTFS. (D)

 

26.

Enable auditing in Windows 2000 Server. (D)

 

27.

View local and remote events in Event Viewer. (D)

 

28.

Manage file and directory ownership. (D)

 

29.

Manage user rights. (D)

 

30.

Enable custom user settings, such as specifying home directories, logon scripts, and dial-in access. (D)

 

31.

Identify accounts used by Windows 2000 services. (D)

 

32.

Create new accounts on Linux systems. (D)

 

33.

Set password-aging policies on Linux systems. (D)

 

34.

Set account policies in Linux. (D)

 

35.

View user accounts used by system daemons. (D)

 

36.

Explain run levels. (D)

 

37.

Use the ntsysv and chkconfig commands. (D)

 

38.

Explain the Domain Name System (DNS). (E)

 

39.

Identify DNS components, including zones, name server types, and resolvers. (E)

 

40.

List and create the common DNS record types, including A, NS, and CNAME. (E)

 

41.

Define reverse DNS lookup. (E)

 

42.

Implement DNS in Windows 2000 and Linux. (E)

 

43.

Deploy Dynamic DNS (DDNS). (E)

 

44.

Configure caching servers and forwarders. (E)

 

45.

Use nslookup and additional troubleshooting tools. (E)

 

46.

Explain the basics of NetBIOS, including the NetBIOS naming convention. (F)

 

47.

Identify additional name resolution options for LANs and WANs. (F)

 

48.

Implement and manage WINS. (F)

 

49.

Use Samba to create a WINS server in UNIX. (F)

 

50.

Configure a UNIX system as a WINS client. (F)

 

51.

Configure Samba systems to use Windows 2000 authentication. (F)

 

52.

Create and manage shares using Samba. (F)

 

53.

Deploy user-level and anonymous FTP access in Windows 2000 and Linux. (G)

 

54.

Describe standard and passive FTP. (G)

 

55.

Configure Telnet for Windows 2000 and Linux. (G)

 

56.

Configure finger in Linux. (G)

 

57.

Control access to Linux services. (G)

 

58.

Identify foundational services, including DNS, WINS, and Samba. (H)

 

59.

List mission-critical services, including Web servers, databases, e-commerce servers, news servers, streaming media servers, e-mail servers, and proxy servers.  (H)

 

60.

Discuss system maintenance and logging. (I)

 

61.

Describe performance monitoring and server optimization issues. (I)

 

62.

Explain the importance of implementing security features for your servers. (I)

 

63.