Exam Guide for 1D0-470 CIW Security Professional 

• Credit Toward Certification
• Prerequisites
• Exam Information
• Skills Measured
• Exam Preparation Tools
• Exam Retake Policy
• Exam Retirement

CREDIT TOWARD CERTIFICATION

CIW Security Professional is a requirement for the following CIW certifications:

• CIW Certified Instructor - for those teaching CIW Professional content
• Master CIW Administrator
• CIW Security Analyst
• CIW Professional - CIW Security Professional is one of eight exams available for candidates to achieve Professional certification.

PREREQUISITES

No candidate is restricted from taking the CIW Security Professional exam. However, it is highly recommended that candidates take (and pass) the CIW Foundations exam prior to taking the CIW Security Professional exam.

CIW Security Professional certification is a requirement for Master CIW Administrator certification.

EXAM INFORMATION

Students who have taken CIW courses are encouraged to continue their studies and apply their new skills before attempting the 1D0-470 CIW Security Professional exam. Skills taught in CIW Security Professional courses are best reinforced with real-world experience.

The candidate is responsible for learning the content and achieving a passing score on the 1D0-470 CIW Security Professional exam. Comments regarding course delivery should be referred to the training company that delivered the course.

Any 1D0-470 CIW Security Professional exam will be subject to the following:

• Each delivery of the exam will include a random selection of 60 items.
• The examination period will be 75 minutes.

To achieve a passing score on the 1D0-470 CIW Security Professional exam, candidates must:

• Correctly answer at least 45 of the 60 questions to achieve a total score of 75% or greater,
  AND
• Answer at least 70% of the questions correctly in each individual module.

Module	Number of Items
Network Security and Firewalls	22
Operating Systems Security	16
Security Auditing, Attacks and Threat Analysis	22
Total Items	60

Each exam item offers four solutions or distracters. Exam candidates must select the one best solution for each item.

SKILLS MEASURED

A CIW Security Professional implements security policy, identifies security threats, and develops countermeasures using firewall systems and attack-recognition technologies. This individual is responsible for managing the deployment of e-business transaction and payment security solutions. Skills measured in the 1D0-470 exam include but are not limited to:

• Network perimeter security and elements of an effective security policy.
• Encryption, including the three main encryption methods used in internetworking.
• Universal guidelines and principles for effective network security, as well as guidelines to create effective specific solutions.
• Security principles and security attack identification.
• Firewall types and common firewall terminology.
• Firewall system planning including levels of protection.
• Network firewall deployment.
• Network security including industry security evaluation criteria and guidelines used to determine three security levels.
• Mechanisms used to implement security systems, tools to evaluate key security parameters, techniques for security accounts, and threats to Windows server and UNIX systems.
• Permissions identification, assignment and usage, system defaults, and security commands.
• System patches and fixes including application of system patches.
• Windows Server Registry modifications, including lockdown and removal of services for effective security in Windows server and Linux.
• Security auditing principles, security auditor's chief duties and network risk factor assessment.
• Security auditing and discovery processes, audit plans, and network-based and host-based discovery software.
• Penetration strategies and methods, including identification of potential attacks.
• User activities baseline, log analysis, and auditing of various activities.
• Security policy compliance and assessment reports.
• Operating system add-ons, including personal firewalls and native auditing.

EXAM PREPARATION TOOLS

Official Curriculum

Instructor-Led Training

• Network Security and Firewalls (12 hours)
• Operating Systems Security (6 hours)
• Security Auditing, Attacks, and Threat Analysis (12 hours)

Practice Exam Sites

CIW does not endorse Web sites that list study guides or practice questions for CIW exams. All CIW examinations are copyrighted material. To maintain the security and value of our program, we reserve the right to decertify and/or prohibit from examinations any individuals who republish or distribute our copyrighted certification exam questions.

Official Practice Exams

Official CIW Online Practice Exams allow students and instructors to instantly evaluate the level of IT knowledge achieved. This tool provides students with an additional method of review and assessment to enhance the learning experience. It can also be used as a pre-assessment, practice exam and quiz administration tool to help instructors evaluate their students' knowledge.

Third-Party Practice Exams

Additional exam preparation tools are available from MeasureUP who has developed practice tests to help candidates prepare for the CIW Security Professional exam.

Third-Party Books

The following resources are provided as a supplement to your studies, and will reinforce the skills and concepts learned with CIW official Security Professional course materials.

• Amoroso, Edward G. Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Traps, Trace Back, and Response. Intrusion Net Books, 1999. ISBN: 0966670078
• Bellovin, Steven M., and William R. Cheswick. Firewalls and Internet Security. Reading MA: Addison-Wesley, 1994. ISBN 0-20163-357-4.
• Chapman, Brent D., and Elizabeth D. Zwicky. Building Internet Firewalls. Sebastopol, California: O'Reilly & Associates, 1997. ISBN 1-56592-124-0.
• Escamilla, Terry. Intrusion Detection: Network Security Beyond the Firewall. New York: John Wiley and Sons, 1998. ISBN: 0471290009.
• Garfinkel, Simson, and Gene Spafford Practical Unix & Internet Security. Sebastopol, California: O'Reilly & Associates, 1996. ISBN 1-56592-148-8.
• Maximum Security. New York: Sams.net Publishers (Macmillan Computer Publishing), 1997. ISBN 1-57521-268-4 (http://www.sams.com/).
• Power, Richard. "CSI/FBI Computer Crime and Security Survey." Computer Security Issues and Trends, Volume V., Number 1. Winter, 1999. Available at http://www.gosci.com/.
• Sans Institute. Windows NT Security Step by Step. Bethesda, MD: Sans Institute, 1998.
• Spafford, Eugene H., and Simson Garfinkel. Practical UNIX and Internet Security, 2nd Edition. Sebastopol, CA: O'Reilly & Associates, 1997. ISBN 1-56592-148-8.
• Stevens, W. Richard. TCP/IP Illustrated. Reading, MA: Addison-Wesley, 1997. Vol. 1 ISBN 0-20163-346-9. Vol. 3 ISBN 0-20163-495-3.
• Sutton, Stephen A. Windows NT Security Guide. Reading, MA: Addison-Wesley, 1996.
• Sys Admin Magazine. Unix Security New York: R&D Books, 1997. ISBN 0-87930-471-5.

EXAM RETAKE POLICY

The CIW Exam Retake Policy outlines the conditions under which a candidate may retake a CIW exam. A waiting period between retakes of a single certification exam maintains the security of the exam and strengthens the value of the CIW certification. Each CIW exam is defined by a unique exam ID (e.g., ID0-510). A retake is any subsequent sitting of an exam with the same CIW exam ID by the same candidate at any authorized testing center.

In the event that a candidate passes a CIW exam, the candidate will not be allowed to retake that CIW exam. If the CIW exam objectives change, the exam ID changes to reflect the new exam version. Candidates who have passed an exam may sit a newer version of the exam that may have the same title but a different ID number.

In the event that a candidate fails a CIW exam on his or her first attempt, a 24-hour waiting period is required between the first and second sittings of that CIW exam. Candidates are required to wait for a period of no less than thirty (30) calendar days from the date of the previous sitting before any third or subsequent sitting of the same CIW exam.

Exams administered in any ways that do not comply with the CIW Exam Retake Policy shall be considered invalid and ineligible for a refund.

In the event that a candidate has violated this Exam Retake Policy, the candidate may be deemed ineligible to register for or schedule any CIW exam for a minimum period of twelve (12) months from the date of such determination.

In addition, any candidate determined to have violated the CIW Exam Retake Policy may be subject to any or all of the following:

• Denial of a specific CIW certification for a period of twelve (12) months from the date of such determination;
• Revocation of a specific CIW certification, if such certification had been previously granted to the candidate;
• Revocation of all CIW certifications previously granted to the candidate;
• Ineligibility to receive any CIW certification for a minimum of twelve (12) months from the date of such determination;
• Any other appropriate actions, including legal remedies, deemed necessary or appropriate to enforce the CIW Exam Retake Policy.

EXAM RETIREMENT

Exam 1D0-470 will be retired in China on 1/1/2007. It will remain available in the United States and Europe until further notice.

COMMENTS

To make a comment or recommendation about CIW certification exams, please contact our CIW certification department.

© 2009  Certification Partners
UK/Ireland | Find Training | CIW Store | Privacy Policy | Contact Us | Home