考试代码:102 网络安全 考试大纲

ITS认证考试考什么?考试内容?

ITS认证考试是分科目的,现在我们要看得就是Certiport给出的ITS考试代码:102 考试名称:网络安全的大纲,如果你通过了这科考试之后,将会获得网络安全的ITS证书

本ITS考试的考生将展示基本的安全知识和技能,包括了解操作系统安全、网络和设备安全以及安全计算实践的核心安全原则。

Defense in Depth

  1. Identify core security principles
    • Confidentiality, integrity, availability, non-repudiation, threat, risk, vulnerability, principle of least privilege, attack surfaces including IoT
  2. Define and enforce physical security
    • Site security, computer security, removable devices and drives, mantraps
  3. Identify security policy types
    • Administrative controls, technical controls
  4. Identify attack types
    • Buffer overflow, viruses, polymorphic viruses, worms, Trojan horses, spyware, ransomware, adware, rootkits, backdoors, zero day attacks/ vulnerabilities, denial-of-service (DoS) attacks, common attack methods, types of vulnerability, cross-site scripting (XSS), SQL injection, brute force attack, man-in-the-middle (MITM) and man-in-the-browser (MITB), social engineering, keyloggers (software and hardware), logic bombs
  5. Identify backup and restore types
    • Full, incremental, differential

Operating System Security

  1. Identify client and server protection
    • Separation of services, hardening, patch management, reducing the attack surface, group policy (gpupdate and gpresult), secure dynamic Domain Name System (DNS) updates, User Account Control (UAC), keeping client operating system and software updated, encrypting offline folders, software restriction policies
  2. Configure user authentication
    • Multifactor authentication, enforcing password policies, remote access, using secondary sign-on to perform administrative tasks (Run As, sudo), domain and local user and group creation, Kerberos
  3. Manage permissions in Windows and Linux
    • File and folder permissions, share permissions, inheritance, moving or copying files within the same disk or on another disk, multiple groups with different permissions, take ownership, delegation
  4. Facilitate non-repudiation using audit policies and log files
    • Types of auditing, what can be audited, enabling auditing, what to audit for specific purposes, where to save audit information, reviewing log files
  5. Demonstrate knowledge of encryption
    • File and folder encryption, how encryption impacts moving/copying files and folders, drive encryption, TPM, secure communication processes (email, texting, chat, social media), virtual private network (VPN) encryption methods, public key/private key, certificate properties and services, Bitlocker

Network Device Security

  1. Implement wireless security
    • Wireless security types (strength of encryption), service set identifiers (SSIDs), MAC filtering, default configuration (OOBE)
  2. Identify the role of network protection devices
    • Purpose of firewalls, hardware vs. software firewalls, network vs. host firewalls, stateful vs. stateless firewall inspection, security baselines, intrusion detection system (IDS), intrusion prevention system (IPS), security information and event manager (SIEM), content filtering, blacklisting/ whitelisting
  3. Identify network isolation methods
    • Routing, honeynet, perimeter networks (DMZ), NAT/PAT, VPN, IPsec, air gap network, DirectAccess, virtual LAN (VLAN)
  4. Identify protocol security concepts
    • Tunneling, DNSSEC, network sniffing, well-known ports (FTP, HTTP, HTTPS, DNS, RDP, Telnet, SSH, LDAP, LDAPS, SNMP, SMTP, IMAP, SFTP)

Secure Computing

  1. Implement email protection
    • Antispam, spoofing, phishing, and pharming, client protection, user training
  2. Manage browser security
    • Browser settings, cache management, private browsing
  3. Install and configure anti-malware and antivirus software
    • Installing, uninstalling, reinstalling, and updating; remediation, scheduling scans, investigating alerts

©重庆睿一网络科技有限公司