Certified Internet Webmaster - CIW - This is all you need to study to ace this puppy!

Author

This is all you need to study to ace this puppy!

2000-08-11, 10:35 pm

Hello all!

Study this info. & I guarantee you'll pass w/ flying colors - or I'll refund what you paid for this cram (e.g., $0)!

I just took the CIW Foundations 1DO-410 about 2 hours ago & got an 88% - finishing in just under 30 minutes. Spanked it like it stole something & left it begging for more when I was through with it!

Thanks to Cyberfriend & Ted - their posts were instrumental in my studying. Below you'll find the areas I focused on consolidated to a few pages w/ my own brand of shorthand. The questions that were definitely on my test are noted with "$$$" because they're the money questions baby. The others are just areas I was warned about - so I studied them also.

2 questions I think I F'd-up: (1) On & tags - the answer actually wasn't there as far as I could tell. I've notified VUE & hopefully they'll fix it (2) Was on best way to network two offices across town - the choices were Cat 3 / Cat 5 / Thinnet / Fiber Optic - I thought it was none of the above, but that wasn't an option so I went w/ Cat 5 even though I knew it was wrong - oh well!

That's my 2 cents for what it's worth.

> Push = e-mail, mailing lists, netcasting l Pull = request info from a computer
>SET = secure online credit card payments
$$$ICANN = IP addresses manage domain names l InterNIC = domain names
>TCP/IP = absolutely needed in Internet
>Customize browser = font size
$$$Domain = www.name.com à wwww (server) / name (secondary) / .com (top level)
>Peer:Peer network = <10 users
$$$If your colleague can read and write a document in one folder, but you can only read in this folder, what to do? allow you write permission
>What topology use terminators = Bus topology
>How many hosts does a class B address support? 65,000
>Veronica = gopher / Archie = FTP/Telnet.
>W3C (World Wide Web Consortium) = standards / interoperability on web
>SET = e-commerce / credit card info never seen by the merchant, only their bank.
>Copyright = Expression and Originality on the Internet.
$$$Boolean operators = AND – must incl. both words / OR – incl. at least 1 word / AND NOT (-) – must exclude particular word / + - must incl. a particular word / NEAR/FAR – 2 keywords on a page are w/in a certain proximity of eachother / “” – combine words into phrases / () – group Boolean operator phrases / * - root word variances/wild cards
$$$Element = provides main instruction of the tag
$$$Attribute = specifies a quality or describes a certain aspect of the element
$$$Value = gives value to the element & its attribute
$$$HTML 4.0 must contain <!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN”> <HTML><HEAD><TITLE>Descriptive page title</TITLE> </HEAD><BODY><Page text</BODY></HTML>
>System notice “All information you send is not secure”, what should you suggest your webmaster? suggest the site to install SSL
$$$A web coder use additions to the web site not comply with the original design specifications? He is introducing scope creep.
$$$In HTML 4.0, what’s “Transitional” flavor? can use CSS and 4.0 compliant tags
$$$X use CSS exclusively to define page in HTML. What flavor? Transitional
>What is block level tag? it affects one or more paragraphs
><TD COLSPAN=3 WIDTH=”45”> and what is 45 stand for? 45 pixels
$$$ and tags difference = optional/blank line l forbidden
$$$What should be included inside<A> tag? URL
$$$<code>, <kbd> & <samp> = require close/fixed space font
>Internal link = <A NAME="bob"><A HREF="#bob"></A> / case sensitive
>ActiveX is open set of technologies for integrating components on net & w/in MS
><PRE></PRE> = Line & spacing r displayed WYSIWYG well as fixed fonts
>X is at home going to get connected to the net w/ modem. X requires? HTTP
>Font style element = specific font instruction / Phrase = relative to surrounding txt
>What is the accepted HTML comment sequence? 
>Give user the max. # of choices in little space? multiple option select list
>How would you add seven more rows to a table? use <TR> seven times
>Hyperlink = <A HREF=”x”> </A>
><IMG SRC="lespaul1.gif" ALIGN="left"> Does this? render the image on the left
>How do you make an alternate description when an image is loading? <IMG SRC="image.gif" ALT="don’t ever mix raspberries and kiwis">
>Ordered and unordered lists = <OL> <UL> <LI> <LI> </OL></UL>
>Create a line at half its length with no 3D effect? <HR WIDTH="50" NOSHADE>
$$$Empty tags stand-alone = (AREA, BODY, BR, COL, COLGROUP, DD, DT, FRAME, HEAD, HTML, IMG, INPUT, ISINDEX, LI, LINK, META, OPTION, P, PARAM, TBODY, TD, TFOOT, TH, THEAD, TR)
>Container tag = uses opening and closing tags
>A Heading tag naturally has a line break before and after it.
>Elements that affect an entire paragraph or more are called Block Level Elements. Ones that affect only a word or smaller are known as Text-Level Elements.
><IMG SRC="graphic.gif" align="bottom"> is the correct syntax for inserting an image and adding text will make it appear at the baseline of the image. Other align options include Middle, Top, Left, and Right.
>Cellpadding = space inside cells / Cellspacing = space between cells
>Colspan = used to make one column span across many. (rowspan for rows).
$$$Radio buttons are mutually exclusive. In a <textarea>, a wrap of virtual means that the text will wrap itself automatically. None means that it will not
>Hacker Process = (1) Discovery – gather info/ mapping/social engineering (2) Penetration – chose specific tgt/default settings are prob/sys bugs (3) Control – destroying evidence/root & admin access/open security holes
>TCSEC security levels = D – minimal à A1 – verified design (ie. SCOMP)
>Auditing security = (1) status quo analysis (2) Risk analysis (3) Threat analysis
$$$Encryption = (1) Symmetric – single-key (2) Asymmetric – key pair (3) One-Way – hash table / functions / for info that won’t be read
>Kerberos = key mgmt scheme for unknown principals who want to talk with high level of trust / vouches for ID of parties / if compromised, very vulnerable
>Packet = header (OSI/RM info) + Actual data + trailer
>Packet Filter = inspects ea packet for predefined content
$$$Firewall Levels = control access to network / filter packets / circuit or app-level gateway / detect intrusions / pw authentication / logging & reporting / evasive actions / permit encrypted access (ie. VPN)
$$$Common firewalls = (1) packet filter router – inspects internet addresses & port numbers (2) single-homed bastion host – one computer serves as firewall & network interface (3) dual-homed bastion host – 2 or more NICs & IP forwarding disabled (4) screened subnet (DMZ) – creates subnetwork between internet & you / bastion host at both circuit-level & app-level gateways while defining a DMZ
>What type of database use SQL? Relational
$$$What is the advantage of using a Java Servlet instead of CGI? Servlet allow Servlet chaining, which allow output from one servlet to go to another
$$$ATTACKS => Spoofing (masquerade) – host assumes id of legit device l Man-in-the-middle (hijacking) – hacker captures packets l Denial-of-svc – program using all resources / mail flooding / Robert Morris l Insider – eavesdropping / compromising control mechanisms l Brute force – front door / uses every character / multiple login failures l Trapdoor – establish certain commands l Replay – captures part of msg & replays it l Trojan horse – hiding unauthorized command in common function l Social engineering – gain info by simple tricks
>Reserved Ports = 1 – 1023 (TCP/UDP to id well-known svc)
>Usable Ports = 1024 - 65535
$$$DHCP = protocol for assigning dynamic IP address to device on network
>VPN likely to use PPTP/connect LAN over net/tunneling protocols/encryption
>NAP = junction between one high speed network and another
$$$IP Addressing = 128 64 32 16 8 4 2 1 = This is the table to know for doing binary/decimal conversions in TCP/IP l 4 8-bit #s (dotted quad) l 0-255 (b-bit) l Classes: A = 0-127 (bit=0) / B = 128-191 (bit=10) / C = 192-223 (bit=110) / D = 224-239 (bit=1110) / E = 240-247 (bit=11110) l 127=loopback l last field up to 255 l no double 00s l 255= broadcast l end in 0 = network IDs l Subnet Masks = Class A – 255.0.0.0 / Class B - 255.255.0.0 / Class C – 255.255.255.0 l ANDing = convert IP/Subnet – binary à 1 & 1 = 1 / any other = 0 à add (255 = 11111111)
$$$Tracert = Network diagnostic tool to know the path of a source and destination
$$$What is the class of 8 bits for network and 24 bits for host? Class A
$$$You are developing a website and have a database on NT server what is the first thing u would do? Create a DSN on the NT server for data access
$$$How would u select an ISP? Based on the bandwidth u require
>Company uses ipx/spx in 3 cities network, some use NetBEUI, some use Netbios, you want to make a secure connection, what is it ...? VPN
>You use x.25 protocol, what type of net is it? WAN
>Which method sends in 53-byte cells in 155 to 622 mbps? ATM
>What you need to connect to ISP from you dial up computer? PPTP
>To upgrade from 10baseT to 100baseT and if the cable is cat 5, then you need to upgrade hub and adapters to get the speed
>HTTP uses "best effort" connection, it's calls? Stateless
>Baseband = single channel / Ethernet
>Broadband = multi channel / T1/cable TV/wireless
>Token Ring = token passing/MAU/ring topology/equal access/IEEE 802.5
>X has audited his company’s server. What must X do, if he wants to increase security w/o obtaining additional software or hardware? Change system defaults
$$$Rupert wants to test his computer’s network connectivity with a ping command. He enters "ping 127.0.0.1". What special address is he using? loopback address
>Randy’s network has IP addresses, a domain name and a T1 line. He goes for Windows NT Server 4.0, and has a motherboard with a dual-processing Pentium 450s and 256MB of RAM. He has multiple NICs and multiple virtual directories and ASP. What should he now go for? MS IIS 4.0
>How many bits does and IP version 4 address have? 32
>A network using 10baseT adapters, category 5 cable and TCP/IP. How could you speed up your network? upgrade network adapters and hubs to fast Ethernet
>The HTTP server is Apache, operating on a Linux OS, communicating with an Oracle database. What specific Java technology will the web server use to communicate with the database? JDBC
$$$CGI = compiled progs./most universal/non-propri/allows HHTP – OS apps/script dir
>Java Server Pages (JSP) = platform independent/interpreted/not proprietary
>Java Servlets = compiled/OS-ind./not propri./JVM/servlet chaining
$$$JavaScript = client side/NetScape/active content/Object based scripting language
>Jscript / Visual Basic = MS/active content
>SSJS Server = Proprietary/NetScape/interpreted/SuiteSpot/Enterprise/LiveWire
$$$ASP = proprietary/server-side/server must be MS/optim with VBScript & ActiveX
>PHP3 = srvr-side scripting lang./auto obtain browser’s version/Apache & MSIIS/free
>JDBC = $$ for support/platform-ind./not propri./uniform db connect.
$$$ODBC = MS connect to db
>The web server’s capacity is reaching 100% capacity because of a 200% increase in web traffic. It needs a scalable, more efficient solution than Perl CGI which is being used. What’s the best solution? ISAPI
>Herman knows Perl and C++ languages. He wants to connect his web server to his database. How does big Herman go about this? CGI
>Which of the following is the protocol of a directory server? LDAP
>A small program which allows one server to access information on another, then pass it on to a client for browsing Internet is : Java servlet
>OSI networking protocols = TCP/IP & IPX/SPX (routable), NetBEUI, AppleTalk, DLC (laser printers), & SNA (not routable)
>You are unable to view some of the contents of a web page. You can only see text. The download image setting is on. What gives? incorrect plug-in
>Repeater = amplifies signal traveling on cable segment / physical layer
>Hub = connects pcs in star configuration / physical layer
>Bridges = filter frames to determine whether a specific frame belongs on a local segment or another LAN / Datalink layer
>Routers = similar to bridges / network layer / protocol dependent / BROUTERS are protocol-independent
$$$Switches = directs flow of info from 1 node to another / simple, faster, more bandwidth / operate on several layers
$$$Twisted Pair Cable = (STP or UTP) is 10baseT or 100baseT and has a max length of 100m./ CAT 1 – voice only / 2 – 4 Mbps / 3 – 10 Mbps / 4 – 16 Mbps / 5 – 100 Mbps (Ethernet/fast) / 6 – 155 Mbps (fast Ethernet) / 7 – 1000 Mbps
$$$T1 = 1.5 Mbps (CSU – diagnose & prepare signal/DSU – converts LAN to T1/Multiplexor – load channels into digital line/Router – interface between Lan & T1) l T2 = 6.312 Mbps l T3 = 45.736 Mbps l Modem
$$$Netstat command = state of sockets
>ipconfig command = display WinNT IP config.
>arp = resolves software to hardware addresses
$$$MIME = HTTP identify files it must use
$$$Gateway = protocol converter from one type of network to another
$$$SERVERS => Proxy = provide enhanced security, manage TCP/IP addresses, speed access to net by caching / caching web docs, firewall access, filter transactions, log transactions, secure the host, enhanced admin l Caching = dedicated srvr speeds up data access l Mail = stores & fwds e-mail (SMTP, POP, IMAP) l Mailing List = SMTP srvr that automatically fwd e-mail to dist list / imitate newsgroup l Media = streaming audio & video / UDP ports (connectionless) l DNS = translate host computer names into IP addresses l FTP = allows t’fer of files in real time l News = NNTP / written text output / multiperson l Certificate = validate, certify keys l Directory = LDAP/directory of names, network svcs, e-mail lists, company contacts, addresses to all users l Catalog = search engines/index databases, files, & info l Transaction = CICS / stand alone solution
>SERVER PRODUCTS => Apache = tested, well-accepted / no formal support / UNIX – not fully tested on NT l MSIIS = runs only NT / remote serever to store & retrieve files / GUI / good support l Lotus Domino = all most used servers / serve apps over intranets & internet / supports Java servlets / supports AS/400, S/390, OS/2, NT, Solaris, AIX, HP-UX l Netscape SuiteSpot = trusted / support / same platforms / SSJS l Novell = solid / cust svc / files across network
>A bussed topology requires that all computers share the same cable
>A ring topology requires a hub or MAU & no central connection point
>Mesh topology = multiple paths & redundancy
>OSI Model = (1) physical – transmission of unstructured bit stream over phys. link (2) Data Link – reliable data t’fer across phys. link / IEEE 802 (3) Network – organizes data into datagrams, or packets / fwds & routes to dest. (4) Transport – reliable, transparent transport between end points / end-end recovery (5) Session – Establishes, manages, & terminates connections / traffic flow info. (6) Presentation – providing useful transformations on data to support a standardized app interface & gen comm. svcs. (7) Application – interface to the end user / file t’fer, netwrk mgmt, etc. / All People Should Try New Data Processing
>Connection Oriented (stateful) = connection must be established (TCP)
>Connectionless (Stateless) = connection is not needed (IP).
>Thin Coaxial Cable (thinnet) is 10base2 and has a max length of 185metres.
>Thick Coaxial (thicknet) is 10base5 and has a max length of 500metres.
>IEEE 802.3 = Ethernet / IEEE 802.5 = Token Ring
>FDDI is token based and is a high speed LAN standard.
>LDAP is a directory server. It is basically a central point to keep track of info.
>ISAPI is Microsoft, NSAPI is Netscape.
$$$SSL allows applications to privately exchange data over public networks.
$$$A packet filter inspects Internet addresses & port #s after network header

------------------

2000-08-13, 2:44 am

Hey Big Daddy,

I was just reading your post and something caught my eye.

First of all, let me say that I passed the Foundations exam (IDO-410) in early July with an 88% on the first try (thanks also to some help from Cert21.com -check 'em out). Anyway, although an 88% is a decent score, I noticed on my exam that for two questions the correct answers simply "weren't there". In one case answers "C" and "D" were exact, word-for-word duplicates of answers "A" and "B". No kidding. And here's the rub: neither answer, A or B were correct. What was I going to do? I "checked" one anyway and moved along. Afterward I e-mailed ProSoft and asked them to look into my test and specifically at the 2 questions that didn't render answers correctly. They did so and said they found "no irregularities". Yeah sure. I'm not gonna cry about it but I definately think that my score w/ another correct answer or two would have been in the low 90's which is, hey, in the 90's. Ninety-anything hs a nice ring to it when you're talking with possible future employers.

Anyway, I passed the exam and that's cool so now I'm on to the CIW Site Designer exam this week (IDO-320). But my point is this: It looks like maybe I wasn't "seeing things" after all and these guys (ProSoft, Prometric, Vue, etc.) might have screwed up on your exam as well. Sorry to hear, because it looks like you were prepared enough to nail a score in the 90's yourself. Wouldn't that have been nice.

Anyway congrats' on your efforts and best of luck to you. I'll watch for your work on the web.

Michael in Seattle, WA

[This message has been edited by Michael (edited 08-12-2000).]

Sponsored Links