They will be able to describe what the access policies are and to design / specify the set of them that a scenario or particular case requires. |
|
|
CJ7 CJ15
|
They can design and describe, for a specific scenario / topology, alternative configurations to place the firewall within the corporate network (bastion, DMZ, distributed firewall) |
AJ25
|
|
CJ7 CJ10
|
They will be able to describe the basic principles that underlie intrusion detection, the common sensors they use for information collection, and the analysis techniques (anomaly detection versus heuristic detection) that decide when to trigger an alarm. They will know possible technical solutions (HIDS / NIDS, IPS, SIEM, honeypot), which they will know how to install and configure for some platforms and particular implementations |
AJ25
|
|
CJ15
|
They will be familiar with the concepts of tunneling and network virtualization, and will be able to choose and implement the most appropriate virtual private network technology for different scenarios |
AJ25
|
BJ21
|
CJ15
|