HTI
Exam Domains
Examination
Domain 1.0 – Contingency Planning
1.1
– Fundamental Contingency Planning
1.1.1 – Identify the Need for Contingency Planning
1.1.2 – Describe Environmental and Technological Disasters
1.1.3 – Examine the Impact of the Plan on Business
1.2 – Creation of the Contingency Plan
1.2.1 – Requirements of the Plan
1.2.2 – Goals of the Plan
1.2.3 – Testing the Plan
1.3 – Technologies of Power
1.3.1 – Personal UPS Devices
1.3.2 – Server Room UPS Devices
1.3.3 – Full Building Generators
1.4 – Backing up the Operating System
1.4.1 – Backup Strategies
1.4.2 – Backing up Windows Systems
1.4.3 – Backing up Linux Systems
Domain
2.0 – Tools and Techniques – 9 %
2.1 – Perform Network Scanning and Discovery
Methods
2.1.1 – Network Reconnaissance
2.1.2 – Network Scanning
2.1.2 – Network Mapping
2.2 – Describe Virii, Trojans, and Worms
2.2.1 – Virus
2.2.2 – Trojan Horse
2.2.3 – Worm
2.3 – Examine Social Engineering techniques
2.3.1 – Email Social Engineering
2.3.2 – Telephone Social Engineering
2.3.3 – Physical Social Engineering
2.4 – Describe Privilege Escalation
2.4.1 – Basic Programming Techniques
2.4.2 – Gain Unauthorized Access
2.5 – Examine the process of Keystroke
Logging
2.5.1 – Hardware Keystroke Logging
2.5.2 – Software Keystroke Logging
2.6 – Examine the Concepts of DoS
2.6.1 – Denial of Service
2.6.2 – Distributed Denial of Service
2.7 – Exploiting Password Weaknesses
2.7.1 – Strong Password Design
2.7.2 – Weak Password Design
2.7.3 – Password Cracking Techniques
Domain
3.0 – Security on the Internet and the WWW – 11 %
3.1 – Identify and define the Weak points
in the
structure of the Internet
3.1.1 – Tier System
3.1.2 – DNS
3.1.3 – ISPs
3.1.4 – NAPs
3.1.5 – Routers
3.1.6 – Denial of Service
3.2 – Define Web Site Attack Techniques
3.2.1 – Poor Programming
3.2.2 – Buffer Overflows
3.2.3 – Vulnerability Scanning
3.2.3 – IIS Vulnerabilities
3.2.4 – Apache Vulnerabilities
3.3 – Define Attack techniques of Web Users
3.3.1 – Email Attacks
3.3.2 – Scripting Vulnerabilities
3.3.3 – File Attachments
3.3.4 – Cookie Misuse
3.4 – Hardening Internet Access Points
3.4.1 – Internet Explorer Browser Settings
3.4.2 – IIS patching and Hot Fixing
3.4.3 – Apache Fundamental Security
Settings
3.4.4 – Securing Email Clients
3.4.5 – Securing DNS Transfers
Domain
4.0 – Router Security – 15 %
4.1 – Implementation of Fundamental Cisco
Router Security
4.1.1 – Cisco Authentication and Authorization
4.1.2 – Implementation of Passwords
4.1.3 – Implementation of Banners
4.1.4 – Configuration of SSH
4.1.5 – Verification of SSH
4.2 – Describe the Routing Process
4.2.1 – Describe the ARP Process
4.2.2 – Describe the LAN to LAN Routing
Process
4.2.3 – Describe the LAN to WAN Routing
Process
4.2.4 – Examine Routing Protocols
4.3 – Removing Unwanted Protocols and Services
4.3.1 – Describe what services to remove
4.3.2 – Configure the removal of unneeded
protocols
4.3.3 – Configure the removal of unneeded
services
4.4 – Creation and Implementation of Access
Control Lists
4.4.1 – Describe the Cisco ACL process
4.4.2 – Create Wildcard Masks
4.4.3 – Implement Standard ACLs
4.4.4 – Implement Extended ACLs
4.4.5 – Implement ACLs to defend against
attacks
4.5
– Configuring Cisco Router Logging
4.5.1 – Describe Logging options on a Cisco Router
4.5.2 – Configure Buffered Logging
4.5.3 – Configure Antispoofing Logging
Important Note: All percentages are approximate
and subject to change at any time.
The HTI Exam will be updated every year to ensure
that candidate’s knowledge remains current and updated. In
the event that significant changes are to be made at the yearly
update, The SCP website will announce those modifications.
