Home Page Icon
Home Page
Table of Contents for
Contents
Close
Contents
by George Murphy
SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide
Title Page
Copyright
Series
Dedication
Acknowledgments
About the Author
About the Technical Editor
Introduction
Who Should Read This Book?
What Is Covered in This Book
How Do I Use This Book?
Assessment Test
Assessment Test
Answers to Assessment Test
Chapter 1: Information Security: The Systems Security Certified Practitioner Certification
About the (ISC)2 Organization
Exams, Testing, and Certification
The SSCP Exam
Summary
Exam Essentials
Chapter 2: Security Basics: A Foundation
The Development of Security Techniques
Understanding Security Terms and Concepts
Security Foundation Concepts
Participating in Security Awareness Education
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 3: Domain 1: Access Controls
What Are Controls?
Types of Access Controls
Identification
Authentication
System-Level Access Controls
Discretionary Access Control (DAC)
Nondiscretionary Access Control
Mandatory Access Control
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 4: Domain 2: Security Operations and Administration
Security Administration Concepts and Principles
Data Management Policies
Endpoint Device Security
Security Education and Awareness Training
Business Continuity Planning
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 5: Domain 3: Risk Identification, Monitoring, and Analysis
Understanding the Risk Management Process
Risk Management Frameworks and Guidance for Managing Risks
Risk Analysis and Risk Assessment
Managing Risks
Risk Visibility and Reporting
Analyzing Monitoring Results
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 6: Domain 4: Incident Response and Recovery
Event and Incident Handling Policy
Creating and Maintaining an Incident Response Plan
Understanding and Supporting Forensic Investigations
Understanding and Supporting the Business Continuity Plan and the Disaster Recovery Plan
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 7: Domain 5: Cryptography
Concepts and Requirements of Cryptography
Key Management
Secure Protocols
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 8: Domain 6: Networks and Communications
Network Models
Network Design Topographies
Ports and Protocols
Converged Network Communications
Network Monitoring and Control
Access Control Protocols and Standards
Remote User Authentication Services
Local User Authentication Services
Network Segmentation
Securing Devices
Security Posture
Firewall and Proxy Implementation
Network Routers and Switches
Intrusion Detection and Prevention Devices
Telecommunications Remote Access
Wireless & Cellular Technologies
Wireless Networks
Traffic Shaping Techniques and Devices
Quality of Service
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 9: Domain 7: Systems and Application Security
Understand Malicious Code and Apply Countermeasures
Malicious Add-Ons
User Threats and Endpoint Device Security
Understand and Apply Cloud Security
Secure Data Warehouse and Big Data Environments
Secure Software-Defined Networks and Virtual Environments
Summary
Exam Essentials
Written Lab
Review Questions
Appendix A: Answers to Written Labs
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Appendix B: Answers to Review Questions
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Appendix C: Diagnostic Tools
Microsoft Baseline Security Analyzer
Microsoft Password Checker
Internet Explorer Phishing and Malicious Software Filter
Manage Internet Cookies
Observing Logs with Event Viewer
Viewing a Digital Certificate
Monitoring PC Activities with Windows Performance Monitor
Analyzing Error Messages in Event Viewer
Calculate Hash Values
Comprehensive Online Learning Environment
End User License Agreement
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Cover
Next
Next Chapter
Title Page
Table of Contents
Title Page
Copyright
Series
Dedication
Acknowledgments
About the Author
About the Technical Editor
Introduction
Who Should Read This Book?
What Is Covered in This Book
How Do I Use This Book?
Assessment Test
Assessment Test
Answers to Assessment Test
Chapter 1: Information Security: The Systems Security Certified Practitioner Certification
About the (ISC)
2
Organization
Exams, Testing, and Certification
The SSCP Exam
Summary
Exam Essentials
Chapter 2: Security Basics: A Foundation
The Development of Security Techniques
Understanding Security Terms and Concepts
Security Foundation Concepts
Participating in Security Awareness Education
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 3: Domain 1: Access Controls
What Are Controls?
Types of Access Controls
Identification
Authentication
System-Level Access Controls
Discretionary Access Control (DAC)
Nondiscretionary Access Control
Mandatory Access Control
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 4: Domain 2: Security Operations and Administration
Security Administration Concepts and Principles
Data Management Policies
Endpoint Device Security
Security Education and Awareness Training
Business Continuity Planning
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 5: Domain 3: Risk Identification, Monitoring, and Analysis
Understanding the Risk Management Process
Risk Management Frameworks and Guidance for Managing Risks
Risk Analysis and Risk Assessment
Managing Risks
Risk Visibility and Reporting
Analyzing Monitoring Results
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 6: Domain 4: Incident Response and Recovery
Event and Incident Handling Policy
Creating and Maintaining an Incident Response Plan
Understanding and Supporting Forensic Investigations
Understanding and Supporting the Business Continuity Plan and the Disaster Recovery Plan
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 7: Domain 5: Cryptography
Concepts and Requirements of Cryptography
Key Management
Secure Protocols
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 8: Domain 6: Networks and Communications
Network Models
Network Design Topographies
Ports and Protocols
Converged Network Communications
Network Monitoring and Control
Access Control Protocols and Standards
Remote User Authentication Services
Local User Authentication Services
Network Segmentation
Securing Devices
Security Posture
Firewall and Proxy Implementation
Network Routers and Switches
Intrusion Detection and Prevention Devices
Telecommunications Remote Access
Wireless & Cellular Technologies
Wireless Networks
Traffic Shaping Techniques and Devices
Quality of Service
Summary
Exam Essentials
Written Lab
Review Questions
Chapter 9: Domain 7: Systems and Application Security
Understand Malicious Code and Apply Countermeasures
Malicious Add-Ons
User Threats and Endpoint Device Security
Understand and Apply Cloud Security
Secure Data Warehouse and Big Data Environments
Secure Software-Defined Networks and Virtual Environments
Summary
Exam Essentials
Written Lab
Review Questions
Appendix A: Answers to Written Labs
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Appendix B: Answers to Review Questions
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Appendix C: Diagnostic Tools
Microsoft Baseline Security Analyzer
Microsoft Password Checker
Internet Explorer Phishing and Malicious Software Filter
Manage Internet Cookies
Observing Logs with Event Viewer
Viewing a Digital Certificate
Monitoring PC Activities with Windows Performance Monitor
Analyzing Error Messages in Event Viewer
Calculate Hash Values
Comprehensive Online Learning Environment
End User License Agreement
Pages
iii
v
vii
ix
xi
xxv
xxvi
xxvii
xxviii
xxix
xxx
xxxi
xxxii
xxxiii
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
465
466
467
468
469
470
471
473
474
475
476
477
478
479
480
481
482
483
484
485
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
539
Guide
Cover
Table of Contents
Introduction
Begin Reading
List of Illustrations
Chapter 1: Information Security: The Systems Security Certified Practitioner Certification
Figure 1.1 The DODD 8140 chart
Figure 1.2 A typical framed SSCP certification
Figure 1.3 An example of a hand-drawn rough sketch
Figure 1.4 An example of a Google Images search on the term
IPsec
Chapter 2: Security Basics: A Foundation
Figure 2.1 This Figure illustrates a notepad drawing of a remote user logon
Figure 2.2 A typical 15-pin D-shaped connector
Figure 2.3 The CIA triad
Figure 2.4 An access process illustrating the three AAAs, known as authentication, authorization, and accounting
Figure 2.5 A typical job rotation scheme
Chapter 3: Domain 1: Access Controls
Figure 3.1 The relationships between subjects and objects
Figure 3.2 A typical authorized use policy screen
Figure 3.3 A typical login screen
Figure 3.4 User entering PIN into a reader device
Figure 3.5 Typical login verification question
Figure 3.6 This Figure illustrates CAPTCHA characters
Figure 3.7 Toll authority RFID device
Figure 3.8 Standard ID badge with proximity chip
Figure 3.9 Retina scanning technique
Figure 3.10 The crossover error rate (CER) is where the FAR and FRR intersect. The lower the CER, the better the biometric system.
Figure 3.11 An example of a token
Figure 3.12 The reference monitor mediates all transactions between subjects and objects.
Figure 3.13 Warning screen
Figure 3.14 Various groups under role-based access control
Chapter 4: Domain 2: Security Operations and Administration
Figure 4.1 The relationship between corporate policies, security policies, and supporting policies
Figure 4.2 Illustration of the hierarchy from general corporate policies to guidelines
Figure 4.3 The business continuity plan and support plans and documents
Figure 4.4 An illustration of the relationship between maximum tolerable downtime and the recovery time objective
Figure 4.5 The relationship between recovery point objective and recovery time objective
Figure 4.6 An illustration of restoration priorities based upon the importance of the asset or department to the organization and the impact to the organization if it is unavailable or lost during a disaster
Chapter 5: Domain 3: Risk Identification, Monitoring, and Analysis
Figure 5.1 The process of risk management
Figure 5.2
NIST SP 800-37 Revision 1
risk management framework
Figure 5.3 The four risk assessment process steps from the
NIST SP 800-37 Revision 1
risk management framework
Figure 5.4 Typical risk treatment schedule
Figure 5.5 A typical security operations center
Figure 5.6 Data visualization
Chapter 6: Domain 4: Incident Response and Recovery
Figure 6.1 A hard drive attached to a Tableau portable forensic write blocker
Figure 6.2 A cost/timeline graph Illustrating the relationship between MTD, RTO, and RPO
Figure 6.3 A typical disaster classification system
Figure 6.4 An illustration of a differential backup
Figure 6.5 An illustration of an incremental backup
Chapter 7: Domain 5: Cryptography
Figure 7.1 Electronic codebook (ECB) mode
Figure 7.2 Cipher block chaining (CBC) mode
Figure 7.3 Cipher feedback (CFB) mode
Figure 7.4 Output feedback (OFB) mode
Figure 7.5 Counter (CTR) mode
Figure 7.6 Symmetric cryptography using one shared key
Figure 7.7 The relationships of public and private keys in an asymmetric cryptographic system
Figure 7.8 Proof of origin encrypted message with a private asymmetric key
Figure 7.9 The creation of a digital signature by encrypting a hash of a message
Figure 7.10 The process of steganography
Figure 7.11 Comparison of hash values
Figure 7.12 A typical digital certificate
Figure 7.13 A certificate warning banner
Chapter 8: Domain 6: Networks and Communications
Figure 8.1 The Open Systems Interconnection model
Figure 8.2 The OSI model mapped to the TCP/IP model
Figure 8.3 Categories of twisted-pair cable
Figure 8.4 TCP three-way handshake
Figure 8.5 A bus topology
Figure 8.6 A tree topology
Figure 8.7 A ring topology
Figure 8.8 A mesh topology
Figure 8.9 A star topology
Figure 8.10 A virtual private network
Figure 8.12 IPsec in tunnel mode
Figure 8.11 IPsec in transport mode
Figure 8.13 Kerberos diagram
Figure 8.14 Single sign-on with federated access
Figure 8.15 Example of a three-segment network
Figure 8.16 Illustration of a demilitarized zone
Figure 8.17 Illustration of a baseline and a clipping level
Figure 8.18 Illustration of an ad hoc mode wireless network
Figure 8.19 Illustration of the infrastructure mode wireless network zone
Figure 8.20 Illustration of a home network using a wireless router
Figure 8.21 A cellular network illustrating geographical cells served by cellular base stations
Chapter 9: Domain 7: Systems and Application Security
Figure 9.1 Threat source and threat action as illustrated in
NIST SP 800-30 revision 1
Figure 9.2 The APISID cookie from Google.com
Figure 9.3 A Wireshark packet capture
Figure 9.4 A Microsoft Baseline Security Analyzer scan showing several problems that were found
Figure 9.5 A typical password change policy advisory pop-up
Appendix C: Diagnostic Tools
Figure C.1 Select an MBSA download version
Figure C.2 MBSA selection choices
Figure C.3 Select a device to scan.
Figure C.4 Scanning report with errors
Figure C.5 Using Microsoft Password Checker
Figure C.6 Internet Options advanced settings
Figure C.7 Internet Options Privacy tab
Figure C.8 Advanced Privacy Settings dialog
Figure C.9 Windows Control Panel
Figure C.10 Event Viewer
Figure C.11 Event Viewer showing events and errors
Figure C.12 Certificate properties
Figure C.13 Windows Certificate Manager
Figure C.14 Certificates of trusted root certification authorities
Figure C.15 Performance Monitor
Figure C.16 Resource Monitor indicating usage levels
Figure C.17 Performance Monitor expanded view
Figure C.18 Selecting Event Viewer from Control Panel
Figure C.19 Event Viewer Overview and Summary
Figure C.20 Windows Logs
Figure C.21 Summary of the system event errors
Figure C.22 Event properties
Figure C.23 Event details
Figure C.24 The MD2 Hash Calculator in text mode
Figure C.25 Choosing a hash algorithm
Figure C.26 Hash Calculator creating a hash value from a message
List of Tables
Chapter 6: Domain 4: Incident Response and Recovery
Table 6.1 Alert levels
Chapter 7: Domain 5: Cryptography
Table 7.1 The XOR truth table
Table 7.2 Block cipher algorithms
Table 7.3 Hashing functions and their hash value lengths
Chapter 8: Domain 6: Networks and Communications
Table 8.1 Well-known TCP ports
Table 8.2 Well-known UDP ports
Table 8.3 802.11 Standards and amendments
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset