Trung Tâm Đào Tạo Mạng Máy Tính Nhất Nghệ   Trung Tâm Đào Tạo Mạng Máy Tính Nhất Nghệ
Trang Chủ Giới Thiệu Chương Trình Học Tài Liệu Tin Tức F.A.Q Lịch Khai Giảng Học Phí Việc Làm Liên Hệ

Go Back   Trung Tâm Đào Tạo Mạng Máy Tính Nhất Nghệ > MICROSOFT AREA > Network Infrastructure
Đăng Ký Thành Viên Thành Viên Lịch Ðánh Dấu Ðã Ðọc

Network Infrastructure DHCP, DNS, WINS, VPN, RAS, Radius ...
Người Quản Trị : Nguyễn Văn Cơ , Hoàng Phùng Bảo , Lê Ngọc Hiến

Vui lòng gõ từ khóa liên quan đến vấn đề bạn quan tâm vào khung dưới , trước khi đặt câu hỏi mới.


Ðề tài đã khoá
 
Ðiều Chỉnh
  #1  
Old 30-08-2007, 11:09
nhocbuidoi nhocbuidoi vẫn chưa có mặt trong diễn đàn
Thành Viên Mới
 
Tham gia ngày: Apr 2007
Bài gởi: 27
Thanks: 0
Thanked 1 Time in 1 Post
Các Khái niệm Về Network

Hi All!
Anh chi nao biet nhung khai niem duoi day thi giai thich dum nha


1.1 Recognize and be able to differentiate and explain the following access control models
MAC (Mandatory Access Control)
DAC (Discretionary Access Control)
RBAC (Role Based Access Control)
1.2 Recognize and be able to differentiate and explain the following methods of authentication
Kerberos
CHAP (Challenge Handshake Authentication Protocol)
Certificates
Username / Password
Tokens
Multi-factor
Mutual
Biometrics
1.3 Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols
1.4 Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk
DOS / DDOS (Denial of Service / Distributed Denial of Service)
Back Door
Spoofing
Man in the Middle
Replay
TCP/IP Hijacking
Weak Keys
Mathematical
Social Engineering
Birthday
Password Guessing
Brute Force
Dictionary
Software Exploitation
1.5 Recognize the following types of malicious code and specify the appropriate actions to take to mitigate vulnerability and risk
Viruses
Trojan Horses
Logic Bombs
Worms
"1.6 Understand the concept of and know how
to reduce the risks of social engineering"
"1.7 Understand the concept and significance
of auditing, logging and system scanning"
COMMUNICATION SECURITY
2.1 Recognize and understand the administration of the following types of remote access technologies
802.1x
VPN (Virtual Private Network)
RADIUS (Remote Authentication Dial-In User Service)
"TACACS (Terminal Access Controller Access
Control System)"
"L2TP / PPTP (Layer Two Tunneling Protocol / Point to.
Point Tunneling Protocol)"
SSH (Secure Shell)
IPSEC (Internet Protocol Security)
Vulnerabilities
"2.2 Recognize and understand the administration
of the following email security concepts"
S/MIME (Secure Multipurpose Internet Mail Extensions)
PGP (Pretty Good Privacy) like technologies
Vulnerabilities
SPAM
Hoaxes
2.3 Recognize and understand the administration of the following Internet security concepts
SSL / TLS (Secure Sockets Layer / Transport Layer Security)
HTTP/S (Hypertext Transfer Protocol / Hypertext Transfer Protocol over Secure Sockets Layer)
Instant Messaging
Vulnerabilities
Packet Sniffing
Privacy
Vulnerabilities
Java Script
ActiveX
Buffer Overflows
Cookies
Signed Applets
CGI (Common Gateway Interface)
SMTP (Simple Mail Transfer Protocol) Relay
2.4 Recognize and understand the administration of the following directory security concepts
SSL / TLS (Secure Sockets Layer / Transport Layer Security)
LDAP (Lightweight Directory Access Protocol)
2.5 Recognize and understand the administration of the following file transfer protocols and concepts
S/FTP (File Transfer Protocol)
Blind FTP (File Transfer Protocol) / Anonymous
File Sharing
Vulnerabilities
Packet Sniffing
8.3 Naming Conventions
2.6 Recognize and understand the administration of the following wireless technologies and concepts
WTLS (Wireless Transport Layer Security)
802.11 and 802.11x
WEP / WAP (Wired Equivalent Privacy / Wireless Application Protocol)
Vulnerabilities
Site Surveys
INFRASTRUCTURE SECURITY
3.1 Understand security concerns and concepts of the following types of devices
Firewalls
Routers
Switches
Wireless
Modems
RAS (Remote Access Server)
Telecom / PBX (Private Branch Exchange)
VPN (Virtual Private Network)
IDS (Intrusion Detection System)
Network Monitoring / Diagnostics
Workstations
Servers
Mobile Devices
3.2 Understand the security concerns for the following types of media
Coaxial Cable
UTP / STP (Unshielded Twisted Pair / Shielded Twisted Pair)
Fiber Optic Cable
Removable Media
Tape
CD-R (Recordable Compact Disks)
Hard Drives
Diskettes
Flashcards
Smartcards
3.3 Understand the concepts behind the following kinds of Security Topologies
Security Zones
DMZ (Demilitarized Zone)
Intranet
Extranet
VLANs (Virtual Local Area Network)
NAT (Network Address Translation)
Tunneling
3.4 Differentiate the following types of intrusion detection, be able to explain the concepts of each type, and understand the implementation and configuration of each kind of intrusion detection system
Network Based
Active Detection
Passive Detection
Host Based
Active Detection
Passive Detection
Honey Pots
Incident Response
3.5 Understand the following concepts of Security Baselines, be able to explain what a Security Baseline is, and understand the implementation and configuration of each kind of intrusion detection system
OS / NOS (Operating System / Network Operating System) Hardening
File System
Updates (Hotfixes, Service Packs, Patches)
Network Hardening
Updates (Firmware)
Configuration
Enabling and Disabling Services and Protocols
Access Control Lists
Application Hardening
Updates (Hotfixes, Service Packs, Patches)
Web Servers
E-mail Servers
FTP (File Transfer Protocol) Servers
DNS (Domain Name Service) Servers
NNTP (Network News Transfer Protocol) Servers
File / Print Servers
DHCP (Dynamic Host Configuration Protocol) Servers
Data Repositories
Directory Services
Databases
BASICS OF CRYPTOGRAPHY
4.1 Be able to identify and explain each of the following different kinds of cryptographic algorithms
Hashing
Symmetric
Asymmetric
4.2 Understand how cryptography addresses the following security concepts
Confidentiality
Integrity
Digital Signatures
Authentication
Non-Repudiation
Digital Signatures
Access Control
4.3 Understand and be able to explain the following concepts of PKI (Public Key Infrastructure)
Certificates
Certificate Policies
Certificate Practice Statements
Revocation
Trust Models
4.4 Identify and be able to differentiate different cryptographic standards and protocols
4.5 Understand and be able to explain the following concepts of Key Management and Certificate Lifecycles
Centralized vs. Decentralized
Storage
Hardware vs. Software
Private Key Protection
Escrow
Expiration
Revocation
Status Checking
Suspension
Status Checking
Recovery
M-of-N Control (Of M appropriate individuals, N must be present to authorize recovery)
Renewal
Destruction
Key Usage
Multiple Key Pairs (Single, Dual)
OPERATIONAL / ORGANIZATIONAL SECURITY
5.1 Understand the application of the following concepts of physical security
Access Control
Physical Barriers
Biometrics
Social Engineering
Environment
Wireless Cells
Location
Shielding
Fire Suppression
5.2 Understand the security implications of the following topics of disaster recovery
Backups
Off Site Storage
Secure Recovery
Alternate Sites
Disaster Recovery Plan
5.3 Understand the security implications of the following topics of business continuity
Utilities
High Availability / Fault Tolerance
Backups
5.4 Understand the concepts and uses of the following types of policies and procedures
Security Policy
Acceptable Use
Due Care
Privacy
Separation of Duties
Need to Know
Password Management
SLAs (Service Level Agreements)
Disposal / Destruction
HR (Human Resources) Policy
Termination (Adding and revoking passwords and privileges, etc.)
Hiring (Adding and revoking passwords and privileges, etc.)
Code of Ethics
Incident Response Policy
5.5 Explain the following concepts of privilege management
User / Group / Role Management
Single Sign-on
Centralized vs. Decentralized
Auditing (Privilege, Usage, Escalation)
MAC / DAC / RBAC (Mandatory Access Control / Discretionary Access Control / Role Based Access Control)
5.6 Understand the concepts of the following topics of forensics
Chain of Custody
Preservation of Evidence
Collection of Evidence
5.7 Understand and be able to explain the following concepts of risk identification
Asset Identification
Risk Assessment
Threat Identification
Vulnerabilities
5.8 Understand the security relevance of the education and training of end users, executives and human resources
Communication
User Awareness
Education
On-line Resources
5.9 Understand and explain the following documentation concepts
Standards and Guidelines
Systems Architecture
Change Documentation
Logs and Inventories
Classification
Notification
Retention / Storage
Destruction
__________________
Lang thang đường đời tìm cái gì hả nhóc?
Sponsored links
  #2  
Old 30-08-2007, 22:23
nartynnus's Avatar
nartynnus nartynnus vẫn chưa có mặt trong diễn đàn
đáo bỉ ngạn
 
Tham gia ngày: Mar 2007
Bài gởi: 6,984
Thanks: 6
Thanked 179 Times in 154 Posts
kiếm sách môn CISSP mà đọc
__________________
vouloir, ce n'est pas toujours pouvoir.
mais en plusieurs fois, ne pas pouvoir, c'est parceque ne pas vouloir.
Sponsored links
Ðề tài đã khoá

Bookmarks

Ðiều Chỉnh

Quyền Sử Dụng Ở Diễn Ðàn
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is Mở
Smilies đang Mở
[IMG] đang Mở
HTML đang Tắt

Chuyển đến



Múi giờ GMT +7. Hiện tại là 12:26
Powered by: vBulletin Version 3.8.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Ad Management by RedTyger