You are previewing SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Second Edition, 2nd Edition.
O'Reilly logo
SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Second Edition, 2nd Edition

Book Description

This fully-updated, integrated self-study system offers complete coverage of the revised 2015 Systems Security Certified Practitioner (SSCP) exam domains

Thoroughly revised for the April 2015 exam update, SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Second Edition enables you to take the exam with complete confidence. To aid in self-study, each chapter includes Exam Tips that highlight key exam information, chapter summaries that reinforce salient points, and end-of-chapter questions that are an accurate reflection of the content and question format of the real exam.

Beyond exam prep, the practical examples and real-world insights offered in this guide make it an ideal on-the-job reference for IT security professionals. You will learn the security concepts, tools, and procedures needed to employ and enforce solid security policies and effectively react to security incidents.

  • Features 100% coverage of the revised SSCP Common Body of Knowledge (CBK), effective April 2015
  • CD-ROM contains two full-length, customizable practice exams in the Total Tester exam engine and a searchable PDF copy of the book
  • Written by a bestselling IT security certification and training expert

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. About the Author
  6. Contents at a Glance
  7. Contents
  8. Acknowledgments
  9. Introduction
  10. Chapter 1 Security Fundamentals
    1. Reviewing the Requirements for SSCP
      1. Registering for the Exam
      2. Have One Year of Experience
      3. Passing the Exam
      4. Maintaining Your SSCP Certification
    2. Understanding Basic Security Concepts
      1. Confidentiality
      2. Integrity
      3. Availability
    3. Exploring Fundamentals of Security
      1. Least Privilege
      2. Separation of Duties
      3. Privacy
      4. Defense in Depth
      5. Nonrepudiation
      6. AAAs of Security
      7. Accountability
      8. Due Diligence
      9. Due Care
    4. Chapter Review
      1. Questions
      2. Answers
  11. Chapter 2 Access Controls
    1. Comparing Identification, Authentication, and Authorization
    2. Exploring Authentication
      1. Three Factors of Authentication
      2. Multifactor Authentication
      3. Reviewing Identification
      4. Single Sign-on Authentication
      5. Centralized vs. Decentralized Authentication
      6. Offline Authentication
      7. Device Authentication
    3. Implementing Access Controls
      1. Comparing Subjects and Objects
      2. Logical Access Controls
    4. Comparing Access Control Models
      1. Discretionary Access Control
      2. Non-Discretionary Access Control
      3. Access Control Matrix vs. Capability Table
    5. Participating in the Identity-Management Life Cycle
      1. Identity Proofing
      2. Provisioning and Authorization
      3. Maintenance and Entitlement
      4. De-provisioning
    6. Participating in Physical Security Operations
    7. Chapter Review
      1. Questions
      2. Answers
  12. Chapter 3 Basic Networking and Communications
    1. The OSI Model
      1. The Physical Layer (Layer 1)
      2. The Data Link Layer (Layer 2)
      3. The Network Layer (Layer 3)
      4. The Transport Layer (Layer 4)
      5. The Session Layer (Layer 5)
      6. The Presentation Layer (Layer 6)
      7. The Application Layer (Layer 7)
    2. Comparing the OSI and TCP/IP Models
    3. Network Topologies
      1. Ethernet
      2. Bus
      3. Star
      4. Tree
      5. Token Ring
      6. Mesh
    4. Reviewing Basic Protocols and Ports
      1. Comparing IPv4 and IPv6
      2. Dynamic Host Configuration Protocol
      3. Address Resolution Protocol
      4. Network Discovery Protocol
      5. Domain Name System
      6. Internet Control Message Protocol
      7. Internet Group Message Protocol
      8. Simple Network Management Protocol
      9. File Transfer Protocol
      10. Telnet
      11. Secure Shell
      12. HyperText Transfer Protocol and HyperText Transfer Protocol Secure
      13. Transport Layer Security and Secure Sockets Layer
      14. Network File System
      15. Routing Protocols
      16. E-mail Protocols
      17. Tunneling Protocols
      18. Internet Protocol Security
      19. Mapping Well-Known Ports to Protocols
      20. Comparing Ports and Protocol Numbers
    5. Comparing Internetwork Trust Architectures
      1. Comparing Public and Private IP Addresses
      2. Using NAT
      3. Comparing Trust Relationships
    6. Exploring Wireless Technologies
      1. Securing Data Transmissions
      2. Wireless Device Administrator Password
      3. Wireless Service Set Identifier
      4. MAC Filtering
      5. Bluetooth
      6. GSM
      7. 3G, LTE, and 4G
      8. WiMAX
      9. Radio Frequency Identification
      10. NFC
      11. Protecting Mobile Devices
    7. Chapter Review
      1. Questions
      2. Answers
  13. Chapter 4 Advanced Networking and Communications
    1. Managing LAN-Based Security
      1. Comparing Switches and Routers
      2. Segmentation
      3. Secure Device Management
    2. Understanding Telecommunications
      1. Internet Connections
      2. VoIP
      3. Securing Phones
      4. Converged Communications
    3. Using Proxy Servers
    4. Understanding Firewalls
      1. Packet-Filtering Firewall
      2. Stateful Inspection Firewall
      3. Application Firewall
      4. Next-Generation Firewall
      5. Defense Diversity
      6. Comparing Network-based and Host-based Firewalls
    5. Exploring Remote Access Solutions
      1. Risks and Vulnerabilities
      2. Tunneling Protocols
      3. Authentication
      4. Traffic Shaping
    6. Access and Admission Control
    7. Exploring Virtual Environments
      1. Virtualization Terminology
      2. Shared Storage
      3. Virtual Appliances
      4. Continuity and Resilience
      5. Separation of Data Plane and Control Plane
      6. Software-defined Networking
      7. Attacks and Countermeasures
    8. Understanding Cloud Computing
      1. Cloud Operation Models
      2. Storage
      3. Privacy
      4. Data Control and Third-party Outsourcing
      5. Compliance
    9. Chapter Review
      1. Questions
      2. Answers
  14. Chapter 5 Attacks
    1. Comparing Attackers
      1. Hackers and Crackers
      2. White Hats, Black Hats, and Grey Hats
      3. Advanced Persistent Threats
      4. Insider Attacks
      5. Script Kiddies
      6. Phreaks
      7. Accidental Threats
    2. Exploring Attack Types and Countermeasures
      1. Basic Countermeasures
      2. Spoofing
      3. DoS
      4. DDoS
      5. Botnets and Zombies
      6. Sniffing Attack
      7. Ping Sweep
      8. Port Scan
      9. Salami Attack
      10. Man-in-the-Middle
      11. Session Hijacking
      12. Replay
      13. Smurf and Fraggle Attacks
      14. Software Security as a Countermeasure
      15. Buffer Overflow Attacks
      16. Injection Attacks
      17. Cross-Site Scripting
      18. Cross-Site Request Forgery
      19. Password Attacks
      20. Spam
      21. Phishing Attacks
      22. Phishing and Drive-by Downloads
      23. Spear Phishing and Whaling
      24. Vishing
      25. Smishing
      26. Zero Day Exploits
      27. Covert Channel
      28. Wireless Attacks and Countermeasures
    3. Understanding Social Engineering
      1. Tailgating
      2. Impersonation
      3. Dumpster Diving
      4. Shoulder Surfing
      5. Pharming
      6. Social Networking Attacks
      7. User Awareness as a Countermeasure
    4. Chapter Review
      1. Questions
      2. Answers
  15. Chapter 6 Malicious Code and Activity
    1. Identifying Malicious Code
      1. Virus
      2. Worm
      3. Trojan Horse
      4. Scareware
      5. Ransomware
      6. Keylogger
      7. Logic Bomb
      8. Rootkits
      9. Mobile Code
      10. Backdoors and Trapdoors
      11. RATs
      12. Spyware
      13. Malware Hoaxes
      14. Analyzing the Stages of Regin
    2. Understanding Malware Delivery Methods
      1. Delivering Malware via Drive-by Downloads
      2. Delivering Malware via Malvertising
      3. Delivering Malware via E-mail
      4. Delivering Malware via USB Drives
    3. Implementing Malicious Code Countermeasures
      1. Antivirus Software
      2. Keeping AV Signatures Up to Date
      3. Spam Filters
      4. Content-Filtering Appliances
      5. Keeping Operating Systems Up to Date
      6. Scanners
      7. Beware of Shortened Links
      8. Sandboxing
      9. Least Privilege
      10. Software Security
      11. Application Whitelisting and Blacklisting
      12. Participating in Security Awareness and Training
    4. Common Vulnerabilities and Exposures
    5. Chapter Review
      1. Questions
      2. Answers
  16. Chapter 7 Risk, Response, and Recovery
    1. Defining Risk
      1. Identifying Threat Sources
      2. Identifying Threat Events
      3. Understanding Vulnerabilities
      4. Understanding Impact
    2. Managing Risk
      1. Residual Risk
      2. Identifying Assets
      3. Risk Visibility and Reporting
      4. Risk Register
    3. Performing Risk Assessments
      1. Quantitative Analysis
      2. Qualitative Analysis
      3. Risk Assessment Steps
      4. Address Findings
    4. Responding to Incidents
      1. Preparation
      2. Detection and Analysis
      3. Containment, Eradication, and Recovery
      4. Post-incident Activity
    5. Chapter Review
      1. Questions
      2. Answers
  17. Chapter 8 Monitoring and Analysis
    1. Operating and Maintaining Monitoring Systems
      1. Intrusion Detection Systems
      2. IDS Alerts
      3. Network-based Intrusion Detection Systems
      4. Host-based Intrusion Detection Systems
      5. Intrusion Prevention Systems
      6. Detection Methods
      7. Wireless Intrusion Detection and Prevention Systems
      8. Analyzing Results
      9. Detection Systems and Logs
      10. Detecting Unauthorized Changes
    2. Using Security Information and Event Management Tools
    3. Performing Security Assessment Activities
      1. Vulnerability Assessments
      2. Penetration Tests
    4. Chapter Review
      1. Questions
      2. Answers
  18. Chapter 9 Controls and Countermeasures
    1. Using Controls, Safeguards, and Countermeasures
      1. Performing a Cost-Benefit Analysis
      2. Security Controls Life Cycle
    2. Understanding Control Goals
      1. Preventive
      2. Detective
      3. Corrective
      4. Other Controls
    3. Comparing the Classes of Controls
      1. Management/Administrative Security Controls
      2. Technical Security Controls
      3. Operational Security Controls
      4. Physical Security Controls
    4. Combining Control Goals and Classes
    5. Exploring Some Basic Controls
      1. Hardening Systems
      2. Policies, Standards, Procedures, and Guidelines
      3. Response Plans
      4. Change Control and Configuration Management
      5. Testing Patches, Fixes, and Updates
      6. Endpoint Device Security
      7. User Awareness and Training Programs
    6. Understanding Fault Tolerance
      1. Fault Tolerance for Disks
      2. Failover Clusters
      3. Redundant Connections
    7. Understanding Backups
      1. Full Backups
      2. Full/Incremental Backup Strategy
      3. Full/Differential Backup Strategy
    8. Chapter Review
      1. Questions
      2. Answers
  19. Chapter 10 Auditing
    1. Understanding Auditing and Accountability
      1. Holding Users Accountable with Audit Logs
      2. Auditing with Logs
      3. Clipping Levels
      4. Understanding Audit Trails
    2. Exploring Audit Logs
      1. Operating System Logs
      2. Storing Logs on Remote Systems
      3. *Nix Logs
      4. Proxy Server Logs
      5. Firewall Logs
      6. Reviewing Logs
      7. Managing Audit Logs
    3. Performing Security Audits
      1. Auditing Passwords
      2. Auditing Security Policies
      3. ISACA
      4. Exploring PCI DSS Requirements
      5. Auditing Physical Access Controls
    4. Understanding Configuration Management
      1. Using Imaging for Configuration Management
      2. Using Group Policy for Configuration Management
    5. Understanding Change Management
    6. Chapter Review
      1. Questions
      2. Answers
  20. Chapter 11 Security Operations
    1. Handling Data
      1. Classifying Data
      2. Marking and Labeling Data
      3. Roles and Responsibilities
      4. Protecting Data from Cradle to Grave
      5. Data at Rest and Data in Motion
      6. Data Management Policies
      7. Understanding Databases
      8. Data Inference
      9. Data Diddling
      10. Securing Big Data
      11. Regulatory Requirements
      12. Training
    2. Managing Assets
      1. Hardware
      2. Software
      3. Data
    3. Certification and Accreditation
      1. Certification, Accreditation, and Security Assessments
      2. Common Criteria
      3. Using a Risk Management Framework
      4. Understanding Security Within the System Development Life Cycle
    4. Chapter Review
      1. Questions
      2. Answers
  21. Chapter 12 Security Administration and Planning
    1. Understanding Security Policies
      1. Security Policy Characteristics
      2. Enforcing Security Policies
      3. Value of a Security Policy
      4. Security Policies Becoming More Common
      5. Understanding Code of Ethics
      6. Policy Awareness
      7. Updating Security Policies
    2. Understanding BCPs and DRPs
      1. Business Impact Analysis
      2. Disaster Recovery Plan
      3. Emergency Response Plans and Procedures
      4. Comparing a BCP and a DRP
      5. Restoration Planning
      6. Testing and Drills
      7. Alternative Locations
    3. Identifying Security Organizations
      1. NIST
      2. US-CERT
      3. SANS Institute
      4. CERT Division
    4. Chapter Review
      1. Questions
      2. Answers
  22. Chapter 13 Legal Issues
    1. Exploring Computer Forensics
      1. Participating in Incident Handling
      2. First Responders and Preserving the Scene
      3. Three Phases of a Computer Forensics Investigation
      4. Forensic Evidence Guidelines and Principles
    2. Comparing Computer Abuse and Computer Crime
    3. Understanding Fraud and Embezzlement Crime
      1. Mandatory Vacations
      2. Job Rotation
    4. Understanding Privacy Issues
      1. European Directives
      2. California Supreme Court Rules That ZIP Codes Are PII
      3. Connecticut’s Public Act No. 08-167
      4. Children’s Online Privacy Protection Act
      5. California Online Privacy Protection Act of 2003
    5. Chapter Review
      1. Questions
      2. Answers
  23. Chapter 14 Cryptography
    1. Understanding Basic Cryptography Concepts
      1. Cryptography Terminology
      2. Data Sensitivity
      3. Regulatory Requirements
      4. Participating in Security Awareness and Training
    2. Enforcing Integrity with Hashing
      1. Hashing Algorithms Provide One-Way Encryption
      2. Hashing Algorithms
      3. Verifying a Hash
      4. Salting Passwords
    3. Exploring Symmetric Encryption
      1. ROT13
      2. Composing and Rotating Keys
      3. Comparing Block and Stream Ciphers
      4. Advanced Encryption Standard
      5. Other Symmetric Encryption Algorithms
    4. Exploring Asymmetric Encryption
      1. RSA
      2. Transport Layer Security
      3. Secure Sockets Layer
      4. Diffie-Hellman
      5. Elliptic Curve Cryptography
      6. Secure Shell
      7. Protecting E-mail with S/MIME
      8. Pretty Good Privacy (PGP)
    5. Other Encryption Schemes
      1. Steganography
      2. IPsec
    6. Public Key Infrastructure
      1. Certificates
      2. Certificate Authority
      3. Key Escrow
      4. Alternative Certificate Trusts
    7. Comparing Cryptanalysis Attacks
      1. Managing Cryptographic Keys
      2. Known-Plaintext Attack
      3. Ciphertext-Only Attack
    8. Chapter Review
      1. Questions
      2. Answers
  24. Appendix About the Download
    1. System Requirements
    2. Downloading Total Tester Premium Practice Exam Software
      1. Total Tester Premium Practice Exam Software
      2. Installing and Running Total Tester
    3. Technical Support
      1. Total Seminars Technical Support
      2. McGraw-Hill Education Content Support
  25. Glossary
  26. Index