With damaging viruses and intrusions in the news almost weekly, an increasing number of organizations are choosing to hire full-time security specialists. They won't, however, hire self-proclaimed "experts" or even general-purpose consultants who reckon they can learn digital crime-fighting on the job. Organizations will hire people who can prove their competence with a certification like the Certified Internet Webmaster (CIW) Security Professional rating, which is what
CIW Security Professional Certification Bible provides you with the background to earn. The book does a snappy job of conveying the tested facts and concepts, and though most readers will wish for coverage of security under Windows 2000 and Windows XP (there's none here), those operating systems aren't on the test yet and we can't fault the authors for that.
Some of the advice on how to defeat attackers is entertaining, like the authors' suggestion that you give your Windows NT administrator a user name other than "Administrator," then create another account--one with no access rights--with the "Administrator" user name as a sort of straw man to sap crackers' energy. Other advice makes up more of a litany of technical best practices and policy rules of thumb. Still other sections focus on tools, both offensive (like L0phtCrack and NetBus) and defensive (like Syslog and SuperScan). There are also multiple-choice assessment questions--with annotated answers--and lab exercises accompanying each chapter. --David Wall
Topics covered: The subjects you need to understand in order to pass the Certified Internet Webmaster (CIW) Security Professional Exam (1D0-470), which is accredited by the Association of Internet Professionals (AIP) and the International Webmasters Association (IWA). The authors cover general security principles (everything from user-rights management to physical safety of equipment), and the specifics of attacks and defenses on several popular operating systems.
The only guide you need for CIW Security Professional exam success ... You're holding in your hands the most comprehensive and effective guide available for the CIW Security Professional exam. Security pros Mandy Andress and Phil Cox deliver incisive, crystal-clear explanations of every topic covered, highlighting exam-critical concepts and offering hands-on tips that can help you in your real-world Web career. Throughout, they provide pre-tests, exam-style assessment questions, scenario problems, and lab exercises - everything you need to master the material and pass the exam. Inside, get complete coverage of CIW Security Professional exam objectives
* Understand basic computer, systems, and network security concepts
* Get a handle on site encryption technologies and TCP/IP security
* Delve into DoS, Trojan horses, man-in-the-middle, and other attacks
* Find out how to select and implement a firewall
* Get the scoop on defeating and preventing attacks and penetration
* Discover how to run a security audit and act on the results
* Master the ins and outs of UNIX/Linux and Windows OS security
* Lock down network file systems, resources, and user accounts
Test-Prep Tools on CD-ROM
* Hungry Minds test engine powered by top-rated Boson Software
* Plus security tools, including BlackICE Defender and Retina trials; evaluation versions of ISS Internet Scanner, SuperScan, and WS_Ping ProPack
Boson Software System Requirements: Pentium PC running Windows NT 4 or later. 80 MB RAM (128 MB recommended); 250 MB free hard disk space. See the About the CD appendix for details and complete system requirements. www.hungryminds.com