Systems Security Certified Practitioner [SSCP]

OVERVIEW

The (ISC)2 Systems Security Certified Practitioner (SSCP) certification covers seven domains which they describe as 'the compendium of topics pertaining to an Information Systems Security Practitioner', the CBK (Common Body of Knowledge). The seven domains maps directly to the seven modules of this course listed below, it is referred to as a taxonomy or collection of past, present and future topics around Information Security.

The SSCP is aimed at security people who are on the front line of a business dealing with technologies employed to protect Information. If you are responsible for implementing and maintaining countermeasures such as Firewalls, Intrusion Detection or Prevention, Anti-Virus solutions or Public Key Infrastructures and you want a certification to attest to your skills and professionalism within Information Security, this is the course for you.

• The (ISC)2 SSCP exam is not a part of the course.
• To book the new CBT exam requires the candidate to acquire a Pearson VUE testing voucher. Please note, the price of the voucher is not included in the RRP of this course.

OBJECTIVES

In-depth coverage of the seven domains-required to pass the SSCP Exam:

1. Access Controls
2. Security Operations and Administration
3. Analysis and Monitoring
4. Cryptography
5. Networks and Telecommunications
6. Malicious Code/Malware
7. Risk, Response, and Recovery

AUDIENCE

This credential is ideal of those who have already obtained or are working towards positions such as: Security Administrators; Security Systems Analysts and Network Security Administrators, security policy writers, privacy officers, information security officers, security device administrators, security engineers, and other security professionals seeking SSCP certification or, ultimately, CISSP certification.

It may also be of interest to those who desire a better understanding of security, but do not have a direct security role, examples of these could include: System Administrators; Network Administrators; Systems Analysts; Auditors and Database Administrators, IT consultants and managers.

NEXT STEP

CISSP (GK9840), http://www.globalknowledge.nl/cursussen/global_knowledge/security/gk9840.html

CONTENT

• Identification Authentication Authorisation and Accounting
• Logical Access Controls (Subjects accessing Objects)
• Implementing Authentication
• Access Control Models, MAC, DAC, NDAC and RBAC
• TCSEC, ITSEC and Common Criteria

Module 2: Cryptography

• Public Key Infrastructure's
• Confidentiality and Integrity
• Digital Signatures
• Transmission Security

Module 3: Malicious Code and Activity

• Viruses, Trojan's, Worms and their characteristics
• Anatomy of an attack
• Hackers and Crackers
• Incident detection and prevention, tools and techniques

Module 4: Monitoring and Analysis

• Security Auditing and Frameworks
• Vulnerability and Penetration Testing
• IDS and IPS and Firewalls
• Logging and Monitoring

Module 5: Networks and Communications

• OSI and Networking Technologies
• TCP/IP and LAN based protocols
• Remote Access Protocols
• Wireless Security

Module 6: Risk, Response and Recovery

• Risk Management
• Business Continuity Planning
• Disaster Recovery Planning
• Incident Response and Forensics

Module 7: Security Operations and Administration

• Policies, Standards and Guidelines
• Change and Configuration Management
• System Development Lifecycle
• Security best practices