Certified

Secure Computer User

Exam Info
Exam Name
CSCU (112-12) Exam

Credit Towards Certification

Certified Secure Computer User (CSCU). Students need to pass the online EC-Council exam to receive the
CSCU certification.

Exam Details

Number of Questions: 50

Passing Score: 70%

Test Duration: 2 Hours

Test Format: Multiple Choice

Test Delivery: EC-Council Exam Portal

Skills Measured
The exam 112-12 tests CSCU candidates on the following 13 domains.
1.

Foundations of Security

2.

Securing Operating Systems

3.

Protecting Systems Using Antiviruses

4.

Data Encryption

5.

Data Backup and Disaster Recovery

6.

Internet Security

7.

Securing Network Connections

Page 1

Certified Secure Computer User Copyright by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited.

8.

Securing Online Transactions

9.

Securing Email Communications

10. Social Engineering and Identity Theft

11. Security on Social Networking Sites
12. Information Security and Legal Compliance
13. Securing Mobile Devices

Test Objectives
CSCU Module 01: Foundations of Security

Discuss computer security scenario

Highlight various factors that affect information security

Discuss key elements of information security

Explain fundamental concepts of computer Security

Discuss Security, Functionality, and Ease of Use Triangle

Describe various layers of information and computer security

Discuss different security risks to home users

Highlight the information system assets that need to be protected from cybercriminals and other security
incidents

Discuss various factors that make a home computer vulnerable to security breaches

Provide a basic understanding of measures to make a system secure

Explain the benefits of computer security awareness

Provide a basic computer security checklist

CSCU Module 02: Securing Operating Systems

Explain various threats to computer system security including malware attacks and password cracking

Discuss different ways of malware propagation

Provide guidelines for Windows Operating System (OS) security

Illustrate different measures to secure Windows OS such as locking the system, creating strong
passwords, disabling unwanted accounts, updating and patching OS and applications, configuring
Windows firewall, etc.

Discuss the Windows Encrypting File System (EFS) and explain how to encrypt and decrypt files in Window

Explain the usage of Windows security utilities such as Windows Defender and BitLocker

Discuss the use of Event Viewer

Illustrate how to disable/kill unnecessary services and processes in Windows 7

Discuss the threats of open ports and explain how to detect open ports

Discuss the role of audit policies in Windows security

Page 2

Certified Secure Computer User Copyright by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited.

Explain how to hide files and folders, and disable simple file sharing in Windows

Discuss the benefits of the UAC slider bar in Windows 7

Provide security tools that can be used to enhance Windows security such as Microsoft Security
Essentials, KeePass Password Safe Portable, Registry Mechanic and Windows Defender

Provide guidelines for securing Mac OS X

Illustrate the different measures to secure Mac OS X such as enabling and locking down the login window,
configuring account preferences, creating accounts, securing the guest accounts, controlling local
accounts with parental controls, using keychain settings, and using apple software update.

Illustrate how to secure date & time preferences, configure network preferences, enable screen saver
password, and set up FileVault to keep home folder secure

Explain firewall security in Mac OS X

Provide security checklists for Windows 7 and Mac OS X OSs

CSCU Module 03: Protecting Systems Using Antiviruses

Discuss different types of antivirus software

Explain the need for an antivirus program

Provide a brief understating of how antivirus software work

Discuss various factors that help in choosing the best antivirus software

Provide general steps to install antivirus applications

Provide a simple test to check if the antivirus is working

Explain the steps to install and configure popular antivirus programs such as McAfee and Kaspersky PURE
antivirus programs

Provide a checklist to enhance system security using antivirus programs

CSCU Module 04: Data Encryption

Explain the basic encryption concepts

Describe the usage of encryption

Discuss the different types of encryption

Explain the concept of digital certificates and how they work

Discuss the use of digital signatures to secure communication

Explain how digital signature works

Discuss the usage of various data encryption tools such as TrueCrypt

CSCU Module 05: Data Backup and Disaster Recovery

Explain the need of data backup

Discuss various factors that determine a data backup plan such as what files and how often to backup

Explain the importance of online data backup

Page 3

Certified Secure Computer User Copyright by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited.

Provide a list of online backup service providers

Discuss the different types of backups

Explain Windows 7 backup and restore procedures

Discuss the use of encryption for protecting backup data

Explain MAC OS X backup and restore procedures using TimeMachine

Describe how to use data backup tools on Windows and Mac OS X OSs

Provide a list of data recovery tools for Windows and Mac OS X OSs

Explain the need of physical security

Discuss various physical security measures such as locks, biometrics, and fire prevention

Provide guidelines to secure laptops from theft

Provide a checklist for an effective data backup

Provide a checklist to ensure physical security of computer systems

CSCU Module 06: Internet Security

Discuss various Internet security threats

Explain various techniques to secure Internet Explorer such as configuring Internet, Intranet, Trusted and
Restricted zone, cookie settings, privacy settings, securing ActiveX Controls, deleting Browsing History and
securing file downloads

Illustrate various Mozilla Firefox security settings including privacy settings, secure downloads, and how to
install Plugins

Explain various Google Chrome privacy and security settings

Explain various Apple Safari security settings

Describe how to test browsers for privacy

Explain various search engine and Instant Messaging (IM) security issues

Discuss the different security measures for search engine and IM security

Describe the different threats of online games and Discuss security practices to stay safe while gaming

Discuss various child online safety issues

Explain the role of the Internet in child related crimes

Provide guideline to find if children are at risk online

Discuss various measures to protect children from online threats

Explain how to report an online crime against a child

Provide a list of actions to take when the child becomes an online victim

List laws that a user needs to be aware of for online security

Provide a checklist for Internet security

Provide a checklist for parents to protect their child from online threats

Page 4

Certified Secure Computer User Copyright by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited.

CSCU Module 07: Securing Network Connections

Discuss home and wireless networking basics

Describe general steps to set up a home network

Explain the process of setting up a wireless network in Windows 7 and Mac environment

Discuss various wireless network security threats

Provide guidelines to secure wireless network

Explain various techniques for securely using the network in Windows 7 environment including setting up
a PCs name and workgroup name in Windows 7, sharing, transferring files, simple file sharing , hiding a
shared disk or folder, sharing printers, accessing files on other PCs and Windows Easy Transfer

Discuss various measures for securely using the network in MAC OS X environment including setting up
the PCs name, setting up the workgroup name, creating user accounts and groups, sharing files and
folders, sharing printers, and accessing other Macs on the network

Describe various network security threats

Illustrate the different measures to secure network connections such as use of firewall, antivirus
programs, strong passwords, making regular backups, and encryption

Explain how to identify a secure website

Provide general security practices for home networking

Discuss basic networking problems and how to troubleshoot these problems

Provide a checklist for network security

CSCU Module 08: Securing Online Transactions

Explain the basic working of an online shopping system

Discuss security issues in online banking

Discuss credit card payments and describes the different types of credit card frauds

Provide guidelines for ensuring credit card safety

Explain various measures for securing online transactions

Discuss the different techniques to identify secure online shopping sites such as taking care of SSL and the
padlock symbol

Describe how to identify an untrustworthy website

Provide a checklist for online transactions security

CSCU Module 09: Securing Email Communications

Introduce various email security issues

Explain how various email systems work

Discuss various email security threats such as malicious email attachments, spamming, hoax/chain and
scam emails, and Nigerian scam

Page 5

Certified Secure Computer User Copyright by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited.

Explain various email security procedures such as creating strong passwords, providing alternate email
address, unchecking Keep Me Signed In/Remember Me, using https, checking for last account activity,
scanning email attachments, turning off preview feature, and email filtering

Explain how to obtain digital certificates and digitally sign your emails

Describe how to configure Microsoft Outlook download settings

List various email security tools such as Lockbin

Provide an email communication checklist

Provide a checklist for ensuring email security

Provide a security checklist for checking emails on mobile

CSCU Module 10: Social Engineering and Identity Theft

Discuss Identity Theft

Explain various methods attackers may use to steal identity

Discuss the different misuses of a stolen identity

Provide identity theft examples

Explain social engineering with several examples

Discuss the different types of social engineering techniques

Describe the different human-based social engineering techniques

Explain the different computer-based social engineering techniques

Discuss the risk of social engineering through social networking websites

Explain how to know if you are a victim of identity theft

Discuss what a person can do if his/her identity is stolen

Explain how to report identity theft

Provide an identity theft protection checklist

Provide a checklist for computer based identity theft protection

CSCU Module 11: Security on Social Networking Sites

Provide an introduction of social networking sites

Discuss the different social networking security threats such as cyber bullying, identity theft, phishing
scams, malware attacks, site flaws

Describe various social networking threats to minors

Explain how to stay safe on Facebook by configuring privacy settings, profile settings, privacy settings for
applications, settings to block users and search settings

Discuss the different measures to stay safe on MySpace by changing settings for account, comments and
mail, friends request, IM and streaming

Provide a social networking security checklist

Page 6

Certified Secure Computer User Copyright by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited.

Provide a social networking security checklist for parents and teachers to protect their child from social
networking threats

CSCU Module 12: Information Security and Legal Compliance

Introduce Health Insurance Portability and Accountability Act (HIPPA)

Provide a checklist for HIPAA compliance

Discuss different provisions of FERPA (Family Educational Rights and Privacy Act)

Provide a checklist for FERPA compliance

Discuss PCI DSS (Payment Card Industry Data Security Standard )

Provide a checklist for PCI DSS compliance

CSCU Module 13: Securing Mobile Devices

Discuss various mobile security issues

List various mobile phone services

Discuss IMEI number and its importance

Explain the different mobile security threats such as device loss, malware infection, application
vulnerabilities

Discuss various threats to Bluetooth devices

Explain general mobile security procedure such as patching of mobile platforms and applications, avoiding
mobile device theft, using power-on authentication, regularly backing up important data, using encryption
to secure data in mobile device, enabling auto-lock feature, installing only signed applications and
installing mobile phone antivirus
Provide guidelines to Secure Bluetooth Connectivity

Explain various security measures for iPhone and iPad such as enabling passcode protection, enabling SIM
PIN Protection, enabling auto-lock and re-mapping buttons

Explain basic security procedures for BlackBerry and Windows Phone 7 mobile devices such as setting
device password, changing the device password, locking device, encrypting data , using PIN and SIM lock

List various mobile security tools

Provide a Bluetooth security checklist

Provide a checklist for mobile phone security

Page 7

Certified Secure Computer User Copyright by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited.