Computer Training Programs

IT Security Courses Structure | IT Security Programs

IT Security FAQs

(Frequently Asked Questions)

Q: Why is security knowledge important in today’s environment?

A: There is a growing need for current knowledge of security in the IT sector. This is due to the increasing complexity inherent in the systems and networks in common use and the increasing threat from many sources including hackers, disgruntled employees, insiders and terrorism.

Q: Who should receive security training?

A: Security training would be of benefit to anyone whose current or future job responsibilities include the network infrastructure or application development is a potential candidate for security training. In addition those who wish to increase their marketability in today’s tight job market would also profit.

Q: What is an Intrusion Detection System?

A: An Intrusion Detection System, or (IDS) is used to detect anomalous packets that ingress a network. An IDS inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack is taking place.

Q: What are the different categories of IDS’?

A: There exist (2) two different types of Intrusion Detection Systems. The first category includes Network Intrusion Detection Systems, or NIDS. With this type of IDS solution, packets are analyzed off the network medium on which hosts are connected. NIDS are used to detect anomalous activities that are designed to slip past firewalls.

Host Intrusion Detection Systems, or HIDS, examines the activity occurring on that individual computer system. An example of this would be the detection of an application making a malicious SYSCALL to the Operating System’s kernel.

Q: What is the difference between misuse and anomaly detection methods?

A: Misuse detection-based IDS’ analyze packets off the network and compares them to a database of known attack signatures or patterns. Essentially, the IDS looks for specific attacks that it already knows about in every packet it looks at. Synonymous to anti-virus software, these types of IDS’ are only as good as the database of attacks they knows about.

With anomaly detection, the system administrator defines the baseline, or normal, state of the network’s traffic load, breakdown, protocol, and typical packet size. The anomaly detector monitors network segments to compare their state to the normal baseline to identify anomalies.

Q: What is Penetration Testing?

A: Penetration testing is an ethical manner in which a security engineer will conduct an authorized risk assessment of a computer network with the intent of gaining unauthorized access to network resources.

Unlike vulnerability assessments, Penetration Testers do not use commercial scanners or software for identifying vulnerabilities. Typically, the engineer will use real hacker exploits and physically gain access to the network rather than simulating the attack.

Q: What is a Virtual Private Network?

A: A Virtual Private Network, or VPN, offers secure remote access between physically disparate locations wrapped inside an encrypted tunnel. Companies utilize VPNs to connect remote offices and allow remote users to tunnel in to the company from remote locations.

Q: What skills will the Intrusion Detection and Analysis course give me?

A: The Intrusion Detection and Analysis track will teach you how to read and understand raw packets. It will offer an affective means of learning how to install, configure, and deploy Network and Host-based Intrusion Detection Systems. This course will also provide detail on the shortcomings of Intrusion Detection Systems and how they can be exploited.

Q: What will the Ethical Hacking course teach me?

A: This course decomposes the methodologies of computer hacking. It explains the usage of exploits and tools needed to conduct risk assessments on your own network needed to identify different vectors of attacks.

This is a trust-based course that gives a great deal of power to its students. All students are expected to take this information and use them in the utmost ethical manner. Breaking into your own network will give you the perspective of a hacker; how hackers will exploit your network and its vulnerabilities, so these vulnerabilities can be identified and fixed.

CISSP Frequently Asked Questions

Q: What is the CISSP certification

A: CISSP stands for Certified Information Systems Security Professional. It is commonly recognized as the most prestigious security certification available today. It is administered by a non-profit organization called (ISC)2.

Q: How is the CISSP different from other security certifications?

A: The CISSP is a high-level security certification. The material covered will give you the overall view of IT security. In general the material covered does not include much that is particular to any one platform or brand of software. It is the big picture view. The advantage to this is that your skills will be transferable to any platform. Remember security is only as effective as it’s weakest link. If you are using very strong encryption but someone takes advantage of the fact that they are an insider or walks off with your hardware you have not accomplished much. Many breaches of security are not technical in nature.

Q: How long has the CISSP certification been available?

A: Since the late 80’s. However the CISSP has been growing very quickly in recent years.

Q: What will I learn in this class?

A: The class is a review of the material in the Common Body of Knowledge or CBK. It comprises 10 domains or areas of IT security related knowledge. Some of the areas are encryption, network security, physical security and law. Please refer to the complete list for details.

Q: What are the other requirements for certification?

A: You need to pay the examination fee (currently $450) and have the required 4 years of experience or 3 years plus a college degree. You also need an endorsement and you need to agree to the code of ethics. The complete details are available at www.isc2.org.

Q: What type of organization is (ISC)2?

A: (ISC)2 is a not-for-profit consortium and certification body - not a membership corporation - charged with the responsibility of maintaining a Common Body of Knowledge (CBK) on Information Security, administering certification for professionals and practitioners in the industry, preparing training for certification examinations, and maintaining certification standards. (ISC)2 has no members or membership programs, but provides and participates in a number of IS industry conferences, seminars and informational meetings to further the industry and its professionals/practitioners.

Q: How will CISSP or SSCP Certification enhance my career?

A: CISSP Certification identifies you as an IS professional who has demonstrated mastery of significant industry knowledge by passing of a rigorous exam. It also allows for peer networking among some of the most highly-regarded professionals in the IS industry. SSCP Certification is recognition of similar achievement for IS practitioners.

Q: What is the ACT Class and will it help me with the CISSP exam?

A: The Common Body of Knowledge [CBK] is a compilation and distillation of all security information collected internationally of relevance to information security [IS] professionals. It is used as the basis for the CISSP exam.

However, the seminar is not a substitute for formal training and experience, nor is it designed to specifically prepare candidates for the test. Candidates who take the CBK Review Seminar historically demonstrate a statistically significant higher average score on the examination than those who do not attend.