You are previewing SSCP® Systems Security Certified Practitioner All-in-One Exam Guide.
O'Reilly logo
SSCP® Systems Security Certified Practitioner All-in-One Exam Guide

Book Description

Get complete coverage of all the material on the Systems Security Certified Practitioner (SSCP) exam inside this comprehensive resource. Written by a leading IT security certification and training expert, this authoritative guide addresses all seven SSCP domains as developed by the International Information Systems Security Certification Consortium (ISC)2, including updated objectives effective February 1, 2012. You'll find lists of topics covered at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, SSCP Systems Security Certified Practitioner All-in-One Exam Guide also serves as an essential on-the-job reference.

Covers all exam domains, including:

• Access controls

• Networking and communications

• Attacks

• Malicious code and activity

• Risk, response, and recovery

• Monitoring and analysis

• Controls and countermeasures

• Auditing

• Security operations

• Security administration and planning

• Legal issues

• Cryptography

CD-ROM features:

• TWO PRACTICE EXAMS

• PDF COPY OF THE BOOK

Table of Contents

  1. Title Page
  2. Copyright Page
  3. Dedication
  4. About the Author
  5. Contents at a Glance
  6. Contents
  7. Acknowledgments
  8. Introduction
  9. Chapter 1 Security Fundamentals
    1. Reviewing the Requirements for SSCP
    2. Understanding the Main Goals of Information Security
    3. Exploring Fundamentals of Security
  10. Chapter 2 Access Controls
    1. Comparing Identification and Authentication
    2. Authentication
    3. Implementing Access Controls
    4. Access Control Models
    5. Implementing Identity Management
    6. Understanding Cloud Computing
  11. Chapter 3 Basic Networking and Communications
    1. The OSI Model
    2. Comparing the OSI and TCP/IP Models
    3. Network Topographies
    4. Reviewing Basic Protocols and Ports
    5. Comparing Internetwork Architectures
    6. Exploring Wireless Technologies
  12. Chapter 4 Advanced Networking and Communications
    1. Understanding Telecommunications
    2. Understanding Firewalls
    3. Using Proxy Servers
    4. Exploring Remote Access Solutions
    5. Access and Admission Control
  13. Chapter 5 Attacks
    1. Comparing Attackers
    2. Exploring Attack Types
    3. Understanding Social Engineering
  14. Chapter 6 Malicious Code and Activity
    1. Identifying Malicious Code
    2. Understanding Malicious Web Activity
    3. Implementing Malicious Code Countermeasures
    4. Common Vulnerabilities and Exposures
  15. Chapter 7 Risk, Response, and Recovery
    1. Defining Risk
    2. Managing Risk
    3. Performing Risk Assessments
    4. Responding to Incidents
  16. Chapter 8 Monitoring and Analysis
    1. Intrusion Detection Systems
    2. SEMs, SIMs, and SIEMs
  17. Chapter 9 Controls and Countermeasures
    1. Using Controls, Safeguards, and Countermeasures
    2. Understanding the Goals of Controls
    3. Comparing the Classes of Controls
    4. Exploring Some Basic Controls
    5. Understanding Fault Tolerance
    6. Understanding Backups
  18. Chapter 10 Auditing
    1. Understanding Auditing and Accountability
    2. Exploring Audit Logs
    3. Performing Security Audits
    4. Understanding Configuration Management
    5. Understanding Change Management
  19. Chapter 11 Security Operations
    1. Managing Data
    2. Asset Management
    3. Certification and Accreditation
  20. Chapter 12 Security Administration and Planning
    1. Understanding Security Policies
    2. Understanding Business Continuity Plans
    3. Identifying Security Organizations
  21. Chapter 13 Legal Issues
    1. Exploring Computer Forensics
    2. Comparing Computer Abuse and Computer Crime
    3. Understanding Fraud and Embezzlement Crime
    4. Understanding Privacy Issues
  22. Chapter 14 Cryptography
    1. An Overview of Cryptography Concepts
    2. Enforcing Integrity with Hashing
    3. Exploring Symmetric Encryption
    4. Exploring Asymmetric Encryption
    5. Other Encryption Schemes
    6. Public Key Infrastructure
    7. Comparing Cryptanalysis Attacks
  23. Appendix About the Download
  24. Glossary
  25. Index