0%

Book Description

The only official body of knowledge for SSCP—(ISC)2’s popular credential for hands-on security professionals—fully revised and updated.

Systems Security Certified Practitioner (SSCP) is an elite, hands-on cybersecurity certification that validates the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures. SSCP certification—fully compliant with U.S. Department of Defense Directive 8140 and 8570 requirements—is valued throughout the IT security industry. The Official (ISC)2 SSCP CBK Reference is the only official Common Body of Knowledge (CBK) available for SSCP-level practitioners, exclusively from (ISC)2, the global leader in cybersecurity certification and training.

This authoritative volume contains essential knowledge practitioners require on a regular basis. Accurate, up-to-date chapters provide in-depth coverage of the seven SSCP domains: Access Controls; Security Operations and Administration; Risk Identification, Monitoring and Analysis; Incident Response and Recovery; Cryptography; Network and Communications Security; and Systems and Application Security.

Designed to serve as a reference for information security professionals throughout their careers, this indispensable (ISC)2guide:

  • Provides comprehensive coverage of the latest domains and objectives of the SSCP
  • Helps better secure critical assets in their organizations
  • Serves as a complement to the SSCP Study Guide for certification candidates

The Official (ISC)2 SSCP CBK Reference is an essential resource for SSCP-level professionals, SSCP candidates and other practitioners involved in cybersecurity.

Table of Contents

  1. Cover
  2. Acknowledgments
  3. About the Author
  4. About the Technical Editor
  5. Foreword
  6. Introduction
  7. Chapter 1 Access Controls
    1. Access Control Concepts
    2. Implement and Maintain Authentication Methods
    3. Support Internetwork Trust Architectures
    4. Participate in the Identity Management Lifecycle
    5. Implement Access Controls
    6. Summary
  8. Chapter 2 Security Operations and Administration
    1. Comply with Codes of Ethics
    2. Understand Security Concepts
    3. Document, Implement, and Maintain Functional Security Controls
    4. Participate in Asset Management
    5. Implement Security Controls and Assess Compliance
    6. Participate in Change Management
    7. Participate in Security Awareness and Training
    8. Participate in Physical Security Operations
    9. Summary
  9. Chapter 3 Risk Identification, Monitoring, and Analysis
    1. Defeating the Kill Chain One Skirmish at a Time
    2. Understand the Risk Management Process
    3. Perform Security Assessment Activities
    4. Operate and Maintain Monitoring Systems
    5. Analyze Monitoring Results
    6. Summary
    7. Notes
  10. Chapter 4 Incident Response and Recovery
    1. Support the Incident Lifecycle
    2. Understand and Support Forensic Investigations
    3. Understand and Support Business Continuity Plan and Disaster Recovery Plan Activities
    4. CIANA at Layer 8 and Above
    5. Summary
  11. Chapter 5 Cryptography
    1. Understand Fundamental Concepts of Cryptography
    2. Cryptographic Attacks, Cryptanalysis, and Countermeasures
    3. Understand the Reasons and Requirements for Cryptography
    4. Understand and Support Secure Protocols
    5. Understand Public Key Infrastructure Systems
    6. Summary
    7. Notes
  12. Chapter 6 Network and Communications Security
    1. Understand and Apply Fundamental Concepts of Networking
    2. IPv4 Addresses, DHCP, and Subnets
    3. IPv4 vs. IPv6: Key Differences and Options
    4. Understand Network Attacks and Countermeasures
    5. Manage Network Access Controls
    6. Manage Network Security
    7. Operate and Configure Network-Based Security Devices
    8. Operate and Configure Wireless Technologies
    9. Summary
    10. Notes
  13. Chapter 7 Systems and Application Security
    1. Systems and Software Insecurity
    2. Information Security = Information Quality + Information Integrity
    3. Identify and Analyze Malicious Code and Activity
    4. Implement and Operate Endpoint Device Security
    5. Operate and Configure Cloud Security
    6. Operate and Secure Virtual Environments
    7. Notes
  14. Index
  15. End User License Agreement
54.152.5.73