Table of Contents
I. EXAM PREPARATION.
1. Information Security Essentials.
Introduction. Understanding the Need for Security Controls. Data Protection. Basic Security Threats and Principles. Where Attacks Can Come From. Assessing and Valuing Security. Identifying the Elements of Security. Understanding Security Trade-Offs and Drawbacks. 2. Fundamentals of TCP/IP.
Introduction. Basic TCP/IP Principles. IP Protocols and Services. How Hackers Exploit TCP/IP. Network-Level Topics. 3. Information Security Basics.
Introduction. AAA Overview: Access Control, Authentication, and Accounting. Security Administration—The Importance of a Security Policy. Keeping Up with and Enforcing Security Policies. Risk Assessment. Why Data Classification Is Important. The Importance of Change Management. Performing Vulnerability Assessments. 4. Intrusion Detection and Prevention.
Introduction. Necessary Components to Good Security. Intrusion Detection Systems Fundamentals. Discussion on Firewall Architectures. Administration of Firewalls. Understanding Incident Handling. Setting Up a Honeypot to Attract the Intruder. Using Vulnerability Scanners. Network Sniffers. 5. System Security Using Firewalls.
Introduction. Introduction to Firewalls. Types of Firewalls. Firewall Architecture Review. Introduction to VPNs. 6. Disaster Planningand Recovery.
Introduction. Assembling the Project Team. Business Continuity Versus Disaster Recovery. The Business Continuity Plan. The Disaster Recovery Plan. Step-by-Step Procedures. Testing and Training. 7. Intrusions, Attacks, and Countermeasures.
Introduction. Attack Methods and Countermeasures. Incident Basics. General Incident-Handling Principles. Handling Specific Incidents. Computer Data Forensics. 8. Operating System Security.
Introduction. General Operating System Security. Windows Security Basics. Unix Security Basics. 9. Cryptography and Public Key Infrastructure.
Introduction. Brief History of Cryptography. Uses of Cryptography in Information Security. Types of Encryption. Digital Certificates. Hashing and Hash Functions. Digital Signatures. Managing the Encryption Keys. Steganography. Introduction to PKI. 10. Computer Law and Ethics.
Introduction. Types of Computer Law. Categories of Intellectual Property Law. Types of Computer Crime. Information Privacy Laws. Basics of Computer Investigation and Forensics. Technology Export and Import Issues. Computer Ethics. How to Protect You and Your Company.
II. FINAL REVIEW.
Introductory Note: Learn Key Terms! Define, Specify, or Identify Examples of Essential Security Practices. Identify or Explain Examples of Risk Management Fundamentals and the Basic Tenets of Security. Describe, Recognize, or Select Basic Weaknesses in TCP/IP Networking. Describe, Recognize, or Select Good Firewall Architectures, Properties, and Administration Fundamentals. Describe, Recognize, or Select Good Intrusion Detection Methodologies, Applications, and Disaster Recovery and Forensic Practices. Describe, Recognize, or Select Good Administrative Maintenance and Change-Control Issues and Tools. Identify the Basic Security Issues Associated with System/Network Design and Configuration. Identify and Explain Basic Malicious Code Threats and Common Defensive Mechanisms. Identify, Specify, or Describe Common Computer and Network Ethical, Legal, and Privacy Issues. Identify, Specify, or Describe Good Access Control and Authentication Processes and Techniques. Identify Key Issues of Cryptography, and Be Able to Explain Basic Cryptographic Methods in Use Today. Explain, Identify, or Recognize Basic Uses, Requirements, and Functions of PKI and Digital Certificates. Identify, Specify, or Describe Good Host- and Network-Based Security Fundamentals. Explain, Identify, or Recognize Fundamentals of Operating System Security. Understanding Hacker Tools and Techniques. Study and Exam Prep Tips.
Learning Styles. Study Tips. Exam Prep Tips. Final Considerations. Practice Exam.
Exam Questions. Answers to Exam Questions.
Appendix A. Key ICSA Resources Online.
TICSA Information and Materials. Appendix B. General Security Resources and Bibliography.
1. Information Security Essentials. 2. Fundamentals of TCP/IP. 3. Information Security Basics. 4. Intrusion Detection and Prevention. 5. System Security Using Firewalls. 6. Disaster Planning and Recovery. 7. Intrusions, Attacks, and Countermeasures. 8. Operating System Security. 9. Cryptography and Public Key Infrastructure. 10. Computer Law. Appendix C. Glossary of Technical Terms. Appendix D. Overview of the Certification Process.
Current Elements of the TruSecure ICSA Security Practitioner Program. Emerging Certification Programs and Requirements. Certification Requirements. How to Become a TICSA. How to Become a TICSE. TruSecure ICSA Security Practitioner Recertification. Important TruSecure ICSA Certification Web Pages. Appendix E. What's on the CD-ROM.
PrepLogic Practice Tests, Preview Edition. Exclusive Electronic Version of Text. Easy Access to Online Pointers and References. Appendix F. Using the PrepLogic Practice Tests, Preview Edition Software.
Exam Simulation. Software Requirements. Using PrepLogic Practice Tests, Preview Edition. Contacting PrepLogic. License Agreement. Index.