Exam Review Guide - Prometric
Exam Review Guide - Prometric
Exam Review Guide - Prometric
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Review</strong> <strong>Guide</strong><br />
Common Body of Knowledge<br />
<strong>Exam</strong> Content Outline<br />
How the <strong>Exam</strong> Was Built<br />
Study Strategy<br />
<strong>Exam</strong> Taking Tips<br />
Reference Material and Resources
Today’s world contains many people determined to break<br />
into computer systems for their own gain. Not one day<br />
goes by without a news story on the latest attempt.<br />
Whether they are agents of foreign governments, criminal<br />
elements or malicious individuals, they are all intent on<br />
obtaining data for their own gain.<br />
IT environments are central, then, to every element of business and government as they look for ways to prevent and<br />
detect these risks. And as such environments evolve, they create more complex interdependencies which drive the need<br />
for more professional technical expertise and leadership. This is why <strong>Prometric</strong> created this exam.<br />
We have also prepared this guide to help you get ready for <strong>Prometric</strong>’s Cyber Security Essentials <strong>Exam</strong>. In it, you will find<br />
the following topics covered:<br />
+ + <strong>Exam</strong> Content Outline<br />
+ + How the <strong>Exam</strong> Was built<br />
+ + Study Strategy<br />
+ + <strong>Exam</strong> Taking Tips<br />
+ + Reference Material and Resources<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 2
<strong>Exam</strong> Content Outline<br />
You will find that Cyber Security Essentials is comprehensive in the material that it covers. The <strong>Exam</strong> consists of seven<br />
major subject areas that span the following.<br />
Information Systems Security − Means by which electronically stored information is kept confidential. Information<br />
Systems Security, also known as INFOSEC, often refers to the access controls to prevent unauthorized people from<br />
accessing an information system, which is accomplished through a combination of processes.<br />
Application Security − Use of software, hardware and procedural methods to protect applications from hacker threats.<br />
Because applications are increasingly accessible over networks, they are vulnerable to a wide variety of threats.<br />
Governance – Practices exercised by those responsible for an organization or enterprise. The overarching goal of<br />
governance is to provide an organization with a strategic direction to ensure that it reaches business objectives and that<br />
risks, including ever-increasing cyber security risks, are effectively managed.<br />
Compliance – How well an organization adheres to the standards of good practice when it comes to managing<br />
cyber risks.<br />
Operational Security - Identification and safeguarding of sensitive or critical information. In a well-run organization,<br />
management and users enhance operational security against cyber risks by instilling effective procedures and guidelines<br />
into the day-to-day operations.<br />
Network Security – Procedures and policies adopted by an organization’s computer network administrator to prevent<br />
unauthorized access or misuse of a computer network and systems attached to that network. It also refers to the<br />
systems put in place to ensure authorization of access to data in a network.<br />
Physical Security – Procedures and polices that blunt unauthorized access to areas in a facility where computer and<br />
networking resources are housed. Some common types of physical security include door alarms, video cameras, locked<br />
doors and barrier fences.<br />
Environmental Security – Protection of computer and networking resources from environmental damage from threats<br />
such as fire, water, smoke, dust, radiation and impact.<br />
Vulnerability Management – Consolidated methodology and process for assessing, mitigating and protecting an<br />
organization’s computer and networking resources, while also reducing the cost of security and compliance.<br />
Vulnerability management also includes assessing and planning for myriad threat scenarios, from environmental disaster<br />
to cyber attack.<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 3
How the <strong>Exam</strong> Was Built<br />
Cyber Security Essentials was developed by <strong>Prometric</strong> in collaboration with senior IT engineers and technical staff from<br />
premier companies, spanning the globe, with more than 20 years of experience. These Subject Matter Experts (SMEs)<br />
who helped develop the exam hold excellent credentials including CISSP, CISA and CEH to name a few. They currently<br />
perform in a variety of fields, including computer hacking forensic investigation, ethical hacking, network security, digital<br />
forensics and cyber security.<br />
<strong>Prometric</strong>’s test design approach is founded in valid methods that follow well-established industry practices. Our<br />
services are in accordance with the four key measurement testing standards:<br />
The Standards for<br />
Educational and<br />
Psychological Testing<br />
(Standard 14)<br />
ANSI PCAC<br />
(GI 502)<br />
ANSI/ISO/IEC<br />
17024<br />
NCCA/ICE<br />
(Standard 10)<br />
These standards influence how a job analysis is conducted by outlining specific tasks, including:<br />
+ + Defining the job characteristics clearly;<br />
+ + Justifying why aspects of a profession are important;<br />
+ + Recruiting qualified SMEs to provide input during the study;<br />
+ + Sampling individuals that represent the full spectrum of practitioners by covering all job titles, major practice<br />
areas, work settings, geographic regions, ethnicities, demographics, genders and work experiences;<br />
+ + Developing a test specification for the construction of the examination; and<br />
+ + Updating the test specifications periodically with new job analyses (every three to five years, depending on<br />
the dynamic nature of the profession).<br />
All of our test design activities incorporate these standards, so you can trust that our methods have resulted in the<br />
development of the highest quality security exam. With Cyber Security Essentials, you have a vendor-neutral exam<br />
that affords you a flexible, affordable option while accurately measuring your competency in the content area<br />
described above.<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 4
Study Strategy and Where to Find Training Curriculum<br />
Talk to people! Every organization has one or more expert in any security subject area you could imagine.<br />
Study Strategy<br />
Cyber Security Essentials is an affordable option that is just as comprehensive as other well-known entry-level security<br />
exams in the market place, such as CompTIA Security+ and GIAC Security Essentials, to name a few. There is a lot<br />
to know, and you should give yourself plenty of time to study. Begin by reviewing <strong>Prometric</strong>’s list of references and<br />
resources that are available on the website (also included in this guide). After looking over this list, you can start focusing<br />
on those references you realistically have time to absorb. Here are some other useful ideas:<br />
+ + The <strong>Exam</strong> is 100 well-researched multiple-choice questions, and the questions went through a rigorous<br />
process before being placed in the <strong>Exam</strong>.<br />
+ + You will have 2 hours to complete the <strong>Exam</strong>, and no breaks are included.<br />
+ + There is no extra penalty for wrong answers. (Wrong answers are not subtracted from the right answers.)<br />
+ + You need to get 180 “points” out of a possible 300 to pass. <strong>Prometric</strong> applies advanced statistical methodology<br />
to convert to a 3-digit scale that will allow the same ability level to be required to pass over time and across<br />
multiple versions of the test.<br />
+ + The <strong>Exam</strong> questions force you to read them carefully and consider context.<br />
+ + You should understand that the <strong>Exam</strong> tests your in-depth knowledge and your ability to integrate knowledge<br />
and experience, not your ability to merely memorize facts.<br />
+ + Attack the Content Domains one at a time, remembering that you will want to review the material. Remember to<br />
make time for review.<br />
+ + Assemble the material reflecting each Domain in turn.<br />
+ + Read, review and repeat. Repetition and review are good.<br />
+ + Identify those non-security areas in which you need deeper knowledge and get up to speed on them. We can’t<br />
tell you what to study here, but you’ll see your technical knowledge gaps as you study.<br />
+ + Identify those security areas where you need additional help. Focus on them.<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 5
As you look over the sample <strong>Exam</strong> questions, you’ll see what we’re getting at. They include the following:<br />
1. A company needs to digitally sign all of the data sent to its customers. What should the administrator use<br />
to digitally sign the data?<br />
(A)<br />
(B)<br />
(C)<br />
(D)<br />
Asymmetric Keys<br />
Standard Keys<br />
Symmetric Keys<br />
Quantitative Keys<br />
2. What standard does a Certificate Authority (CA) use to create a certificate?<br />
(A) X.509<br />
(B) X.802<br />
(C) X.423<br />
(D) X.129<br />
3. The concept of comparing the best practices and performance metrics of other companies with similar<br />
processes is known as:<br />
(A)<br />
(B)<br />
(C)<br />
(D)<br />
Benchmarking<br />
Gap Analysis<br />
Baselining<br />
Quantifying<br />
4. If an intrusion detection system wanted to only monitor web traffic, on what would the rules filter?<br />
(A)<br />
(B)<br />
(C)<br />
(D)<br />
IP Address<br />
Port<br />
User Name<br />
Destination Name<br />
5. What security technique can be used to identify malicious HTTPS (Secure Hyper Text Transport<br />
Protocol) tunnels?<br />
(A)<br />
(B)<br />
(C)<br />
(D)<br />
Detection inspection<br />
Context inspection<br />
Plain HTTP inspection<br />
SSL inspection<br />
Training Curriculum<br />
You are also fortunate that there are now lots of training courses at a host of IT training organizations who have strong<br />
partner relationships with <strong>Prometric</strong>, including New Horizons Learning Centers and Global Knowledge, to name just two.<br />
You will find that they have reputable training material and even cyber security “boot camps” that will help you along<br />
the way.<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 6
<strong>Exam</strong>-Taking Tips<br />
+ + Enter the <strong>Exam</strong> room as rested and relaxed as possible. Forget about last minute cramming. Passing Cyber<br />
Security Essentials depends on in-depth understanding. Cramming the night before won’t help you. Rest will.<br />
+ + Pay attention to the testing center regulations and requirements. <strong>Prometric</strong> is serious about the security of the<br />
<strong>Exam</strong> and the testing environment, so expect a great deal of monitoring and scrutiny.<br />
+ + Study the questions carefully. No word is wasted. Every word is important. Remember that the “easy” questions<br />
might have a nuance you are not expecting. Remember also, these questions are highly researched. Every<br />
word in the question is there for a reason. On the flip side, try not to read into a question a meaning or context<br />
that is not literally in the question.<br />
+ + Look closely for key words, especially NOT, EXCEPT, FIRST and BEST.<br />
+ + Think the “big picture.” Look for the most universal or general choice in the list of response options.<br />
+ + Try to eliminate the obviously wrong choices. Every choice you eliminate works in your favor.<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 7
Reference Materials and Resources<br />
You will want to arm yourself with some of the more helpful texts. The authors of this document found the following books<br />
and online resources to be helpful. You are also fortunate that there are now lots of books hitting the CISSP marketplace.<br />
Just go to a bookseller of your choice (e.g., Amazon) and search on topics such as “CISSP.”<br />
Books<br />
1. Amies, Alex; Sluiman, Harm; Liu, Guo Ning, Infrastructure as a Service Cloud Concepts, (2012) -Developing and<br />
Hosting Applications on the Cloud. IBM Press.<br />
2. Bosworth, Seymour & Kabay, M.E. & (eds), Eric Whyne. Computer Security handbook, fifth edition.<br />
ISBN:9780471716525.<br />
3. Grimes, Roger A., Honeypots for windows., (2005) -Page # of reference: Chapter 1: An Introduction to Honeypots<br />
ISBN:9781590593356.<br />
4. Haines, Brad., Seven Deadliest Wireless Technologies Attacks., (2010). ADVANCED WPA AND WPA2 CRACKING<br />
ISBN:9781597495417.<br />
5. Ingram, D., Design - Build - Run: Applied Practices and Principles for Production-Ready Software Development.<br />
(2009).<br />
6. Krause, Micki; Tipton, Harold F., Information Security Management Handbook (Fourth Edition), (1997), (2009), CRC<br />
Press/Auerbach Publications. ISBN-10: 0849308003, ISBN-13: 978-0849308000. This is what some consider<br />
the classic text.<br />
7. Ligh, Michael Hale; Adair, Steven; Hartstein, Blake; Richard, Matthew., Malware Analyst’s Cookbook: Tools and<br />
Techniques for Fighting Malicious Code. (2011). ISBN:9780470613030.<br />
8. Littlejohn Shinder, Debra; Cross, Michael, Scene of the Cybercrime, Second Edition.<br />
9. Lowe, Doug, Networking all-in-one for dummies, (2011) -Pg: Controlling User Access with Permissions<br />
ISBN:9780470625873.<br />
10. National Institute of Standard and Technology (NIST) Special Publications – various.<br />
11. Orebaugh, A.; Pinkard, B., Nmap In the Enterprise: Your <strong>Guide</strong> to Network Scanning, (2008) -Chapter 1 -<br />
Introducing Network Scanning ISBN:9781597492416.<br />
12. Prowell, Stacy; Kraus, Rob; Borkin, Mike, Seven Deadliest Network Attacks, (2010) -Chapter 2: War Dialing<br />
ISBN:9781597495493.<br />
13. Stallings, W, Network Security Essential (2rd edition). (2003) -Pg; 88-89.<br />
14. Whitman, Michael E., Mattord, Herbert J., and Green, A. (2012). <strong>Guide</strong> to Firewalls and VPNs (3rd edition). Course<br />
Technology: Boston, MA.<br />
15. Vyncke, Eric; Paggen, Christopher., Lan Switch Security: What Hackers Know About Your Switches: A Practical<br />
<strong>Guide</strong> to Hardening Layer 2 Devices and Stopping Campus Network Attacks., (2008). ISBN:9781587052569.<br />
16. Whitman, Michael E. and Mattord, Herbert J. (2009). Principles of Information Security (3rd edition). Course<br />
Technology: Boston, MA.<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 8
Internet<br />
The Web is a fantastic source for material, too. A search with the “CISSP” key word, for example, will result in lots of<br />
material. In addition, a search on the Domain titles will uncover lots of material, too. Here are some of the better Web<br />
sources we recommend:<br />
https://www.owasp.org - OWASP - The Open Web Application Security Project<br />
http://www.postcastserver.com<br />
http://www.n2net.net<br />
http://www.pcmag.com/encyclopedia_term/0,1237,t=whitelist&i=54441,00.asp<br />
http://www.infosecurity-magazine.com/view/26475/whitelisting-is-the-solution-for-the-national-infrastructure/<br />
http://www.postcastserver.com/help/Internet_Black_and_White_Lists.aspx<br />
http://netforbeginners.about.com<br />
http://www.us-cert.gov<br />
http://www.sans.edu/research/security-laboratory/article/it-separation-duties - SANS Technology Institute<br />
http://www.openxtra.co.uk/articles/data-center-environmental<br />
http://www.dna.gov<br />
http://www.active-directory-privilege-escalation-security-risks.com/2012/07/in-this-post-we-will-look-at-3-primary.html<br />
http://www.theiia.org<br />
http://www.ietf.org - The Internet Engineering Task Force (IETF)<br />
http://www.domaintools.com<br />
http://www.auditnet.org<br />
https://www.ncjrs.gov – National Criminal Justice Reference Service<br />
http://searchvmware.techtarget.com<br />
http://www.unesco.org – United Nations Educational, Scientific and Cultural Organization<br />
http://www.clir.org – Council on Library and Information Resources<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 9
<strong>Prometric</strong>, a wholly-owned subsidiary of ETS, is a trusted provider of technology-enabled testing and assessment. With<br />
more than 20 years’ experience, innovative testing methods, market-leading solutions and a secure worldwide network<br />
of more than 4,000 IT testing centers, you can count on us for your IT Certification program in cyber security.<br />
Find Out More<br />
Just visit www.prometric.com<br />
Copyright© 2013 <strong>Prometric</strong>, Inc. All Rights Reserved.