Certified Ethical Hacker Domain 3: Security
About the Domain
Domain 3 is the second largest of the seven domains covered on the EC-Council’s Certified Ethical Hacker (CEH) exam. The topic of Security has 30 questions (23.73%) of the exam devoted to it. The domain is broken up into three sections, testing an applicant’s knowledge of information security controls and the detection and prevention of information security attacks.
What’s Covered
This part of the CEH exam focuses on the defensive side of the job of an ethical hacker. The questions in this domain are targeted toward the specific information security controls that an ethical hacker may have to identify and evade in the course of an ethical hacking engagement. The domain is broken into three sections: Information Security Controls, Information Security Attack Detection and Information Security Attack Prevention.
Information Security Controls
The information security controls subdomain has 15 questions (12%) of the total exam devoted to it. This high percentage is due to the fact that this category covers a lot of ground, including system security controls, security controls for applications and file servers and the use of firewalls and cryptography for security.
The first thing to know about system security controls for the CEH exam is the three types: physical (guards, gates and so on), technical (software-based protections) and administrative (policies and procedures). A candidate should be able to classify examples of security controls into the appropriate category.
Candidates should also be familiar with the Department of Defense’s Common Criteria for Information Technology Security Evaluation (Common Criteria). When a system is assessed against Common Criteria, the result is an Evaluation Assurance Level (EAL) in the range of 1-7. Other important terms are the Target of Evaluation (the system being tested), the Security Target (documentation that describes the TOE and the security requirements of the test) (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/4LMZ3inSNTQ/
