COURSE NAME: Systems Security Certified Practitioner (SSCP) (4025)

Course length: 5 days

Overview:

A one-stop source of security and privacy information for IT professionals, covering everything you’ll need to know to pass the Systems Security Certified Practitioner examination.

Prerequesite Courses:

• No Prerequisites listed for this course

Performance-based Objectives:

Covered in detail are the seven domains of the common body of knowledge (CBK), as defined by the (ISC)2. Explore such topics as access controls, administration, audit and monitoring, cryptography, and data communications.

Providing you with all the tools you’ll need to become proficient in systems security, this guide covers:

• Mechanisms to specify user and process rights
• System vulnerabilities, safeguards, and recovery plans and procedures
• Means to disguise information to ensure its integrity, confidentiality, authenticity, and non repudiation
• Ways to protect against infection, abuse, or negative impacts to the proper operation of an information processing system or network

Course content:

Chapter 1: The Journey Toward Information Security: An Overview

• Five Essentials for Making the Journey
• How the System Security Certified Practitioner Participates

Chapter 2: Domain 1: Access Controls

• Domain Definition
• Why Control Access
• Types of Access Controls
• Access Control Mechanisms
• Account-Level Access Controls

Chapter 3: Domain 2: Administration

• What is Security Administration
• Policies and Practices
• Building Your Roadmap
• Administering Security in an Operational System or Enterprise

Chapter 4: Domain 3: Auditing and Monitoring

• Auditing
• Components to Audit
• Conducting a Security Review (audit)
• Monitoring
• Computer Forensics

Chapter 5: Domain 4: Risk, Response and Recovery

• Risk
• Analyzing Risk
• What do with Risk
• Why Assess Risk
• What is Risk Management
• An Effective Risk-Assessment Methology
• Response
• Recovery

Chapter 6: Domain 5: Cryptograph

• Definitions of Cryptographic Terms
• The History of Cryptology: An Overview
• Security and Cryptography
• Encryption Techniques
• Common Cryptographic Systems
• Cryptography in Networks
• Cryptography for Email
• Cryptography for E-Commerce
• What is a Public Key Infrastructure (PKI)
• Stegnography
• Cryptanalysis

Chapter 7: Domain 6: Data Communications

• Data Communications Fundamentals
• Physical Aspects of Data Communications
• Networks
• Virtual Private Networks (VPNs)
• Physical Topologies
• Logical Topologies
• Standards
• Protocols
• Models for Network Communication
• Network Testing Techniques

Chapter 8: Domain 7: Malicious Code

• Types and Characteristics of Malicious Code
• Malicious Code Protection
• Types of Malicious Code Detection Products
• Example Cases