Congratulations! You have made the decision to take control of your career with TheOfficial (ISC)² Guide to the SSCP CBK. The fact that you’ve taken this step shows your commitment to the field and the high importance you place on continuing your professional education. It should be no surprise to you that IT professionals, who are doing hands-on work, need to be doing that work in accordance with the best practices, policies and procedures found in the SSCP CBK.

This third edition of the SSCP CBK will help facilitate the practical knowledge you need to assure strong information security for your organization’s daily operations. Practitioners who have proven hands-on technical ability would do well to include the SSCP CBK in their arsenal of tools to competently handle day-to-day responsibilities and secure their organization’s data.

Reflecting the most pertinent issues that security practitioners currently face, along with the best practices for mitigating those issues, the SSCP CBK offers step-by-step guidance through seven domains:

• Access Controls
• Security Operations and Administration
• Risk Identification, Monitoring, and Analysis
• Incident Response and Recovery
• Cryptography
• Networks and Communications Security
• Systems and Application Security

Drawing from a comprehensive, up-to-date global body of knowledge, this textbook prepares you to join the thousands of practitioners worldwide who have obtained the (ISC)² Systems Security Certified Practitioner (SSCP) credential. For those with proven technical skills and practical security knowledge, the SSCP certification is the ideal credential. The SSCP confirms the breadth and depth of practical security knowledge expected of those in hands-on operational IT roles. The certification provides industry-leading confirmation of a practitioner’s ability to implement, monitor and administer information security policies and procedures that ensure data confidentiality, integrity and availability (CIA).

In order to meet continuing professional education requirements, SSCPs must also stay current on security issues related to changing technologies and emerging threats. As a result, SSCP practitioners can be confident that they have the know-how to competently handle day-to-day responsibilities in support of information security and business requirements.

As the recognized global leader in the field of information security education and certification, (ISC)²’s mission is to promote the development of information security professionals throughout the world. Working in coordination with members, (ISC)² also strives to raise the profile of the profession through security awareness programs for schoolchildren and an information security career program for colleges and their students. Earning an (ISC)² credential puts you in great company with a global network of professionals who echo (ISC)²’s focus to inspire a safe a secure cyber world.

As you make plans for your career, you will find that The Official (ISC)² Guide to the SSCP CBK most accurately reflects the technical and practical security knowledge required for the daily job functions of today’s frontline information security practitioner.

I wish you good luck and success as you work toward achieving your goals.

Regards,

David P. Shearer, CISSP, PMP

Chief Executive Officer (CEO)

(ISC)²