You are previewing SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide.
O'Reilly logo
SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide

Book Description

Fully updated Study Guide for the SSCP

This guide prepares you for the SSCP, Systems Security Certified Practitioner certification examination by focusing on the Common Body of Knowledge (CBK) as determined by ISC2 in seven high level topics. This Sybex Study Guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world practice, access to the Sybex online interactive learning environment and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

Along with the book you also get access to Sybex's superior online interactive learning environment that includes:

  • 125 question practice exam to help you identify where you need to study more. Get more than 90 percent of the answers correct, you're ready to take the certification exam.

  • More than 100 Electronic Flashcards to reinforce your learning and give you last minute test prep before the exam

  • A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam

  • Appendix of charts, tables, typical applications, and programs

  • Coverage of all of the exam topics in the book means you'll be ready for:

  • Access Controls

  • Security Operations and Administration

  • Risk Identification, Monitoring and Analysis Incident Response and Recovery

  • Cryptography

  • Network and Communications Security

  • Systems and Application Security

  • Table of Contents

    1. Title Page
    2. Copyright
    3. Series
    4. Dedication
    5. Acknowledgments
    6. About the Author
    7. About the Technical Editor
    8. Introduction
      1. Who Should Read This Book?
      2. What Is Covered in This Book
      3. How Do I Use This Book?
    9. Assessment Test
      1. Assessment Test
      2. Answers to Assessment Test
    10. Chapter 1: Information Security: The Systems Security Certified Practitioner Certification
      1. About the (ISC)<sup xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:svg="http://www.w3.org/2000/svg" xmlns:ibooks="http://vocabulary.itunes.apple.com/rdf/ibooks/vocabulary-extensions-1.0">2</sup> Organization Organization
      2. Exams, Testing, and Certification
      3. The SSCP Exam
      4. Summary
      5. Exam Essentials
    11. Chapter 2: Security Basics: A Foundation
      1. The Development of Security Techniques
      2. Understanding Security Terms and Concepts
      3. Security Foundation Concepts
      4. Participating in Security Awareness Education
      5. Summary
      6. Exam Essentials
      7. Written Lab
      8. Review Questions
    12. Chapter 3: Domain 1: Access Controls
      1. What Are Controls?
      2. Types of Access Controls
      3. Identification
      4. Authentication
      5. System-Level Access Controls
      6. Discretionary Access Control (DAC)
      7. Nondiscretionary Access Control
      8. Mandatory Access Control
      9. Summary
      10. Exam Essentials
      11. Written Lab
      12. Review Questions
    13. Chapter 4: Domain 2: Security Operations and Administration
      1. Security Administration Concepts and Principles
      2. Data Management Policies
      3. Endpoint Device Security
      4. Security Education and Awareness Training
      5. Business Continuity Planning
      6. Summary
      7. Exam Essentials
      8. Written Lab
      9. Review Questions
    14. Chapter 5: Domain 3: Risk Identification, Monitoring, and Analysis
      1. Understanding the Risk Management Process
      2. Risk Management Frameworks and Guidance for Managing Risks
      3. Risk Analysis and Risk Assessment
      4. Managing Risks
      5. Risk Visibility and Reporting
      6. Analyzing Monitoring Results
      7. Summary
      8. Exam Essentials
      9. Written Lab
      10. Review Questions
    15. Chapter 6: Domain 4: Incident Response and Recovery
      1. Event and Incident Handling Policy
      2. Creating and Maintaining an Incident Response Plan
      3. Understanding and Supporting Forensic Investigations
      4. Understanding and Supporting the Business Continuity Plan and the Disaster Recovery Plan
      5. Summary
      6. Exam Essentials
      7. Written Lab
      8. Review Questions
    16. Chapter 7: Domain 5: Cryptography
      1. Concepts and Requirements of Cryptography
      2. Key Management
      3. Secure Protocols
      4. Summary
      5. Exam Essentials
      6. Written Lab
      7. Review Questions
    17. Chapter 8: Domain 6: Networks and Communications
      1. Network Models
      2. Network Design Topographies
      3. Ports and Protocols
      4. Converged Network Communications
      5. Network Monitoring and Control
      6. Access Control Protocols and Standards
      7. Remote User Authentication Services
      8. Local User Authentication Services
      9. Network Segmentation
      10. Securing Devices
      11. Security Posture
      12. Firewall and Proxy Implementation
      13. Network Routers and Switches
      14. Intrusion Detection and Prevention Devices
      15. Telecommunications Remote Access
      16. Wireless & Cellular Technologies
      17. Wireless Networks
      18. Traffic Shaping Techniques and Devices
      19. Quality of Service
      20. Summary
      21. Exam Essentials
      22. Written Lab
      23. Review Questions
    18. Chapter 9: Domain 7: Systems and Application Security
      1. Understand Malicious Code and Apply Countermeasures
      2. Malicious Add-Ons
      3. User Threats and Endpoint Device Security
      4. Understand and Apply Cloud Security
      5. Secure Data Warehouse and Big Data Environments
      6. Secure Software-Defined Networks and Virtual Environments
      7. Summary
      8. Exam Essentials
      9. Written Lab
      10. Review Questions
    19. Appendix A: Answers to Written Labs
      1. Chapter 2
      2. Chapter 3
      3. Chapter 4
      4. Chapter 5
      5. Chapter 6
      6. Chapter 7
      7. Chapter 8
      8. Chapter 9
    20. Appendix B: Answers to Review Questions
      1. Chapter 2
      2. Chapter 3
      3. Chapter 4
      4. Chapter 5
      5. Chapter 6
      6. Chapter 7
      7. Chapter 8
      8. Chapter 9
    21. Appendix C: Diagnostic Tools
      1. Microsoft Baseline Security Analyzer
      2. Microsoft Password Checker
      3. Internet Explorer Phishing and Malicious Software Filter
      4. Manage Internet Cookies
      5. Observing Logs with Event Viewer
      6. Viewing a Digital Certificate
      7. Monitoring PC Activities with Windows Performance Monitor
      8. Analyzing Error Messages in Event Viewer
      9. Calculate Hash Values
    22. Comprehensive Online Learning Environment
    23. End User License Agreement