SSCP Exam Preparation

This course is already delivered, please contact us for the next available session tel:+357 22 44 14 92

Course Outline in PDF

Overview:

Looking to move up in the information security field? If you have at least one year of security experience, you qualify for the Systems Security Certified Practitioner (SSCP) certification, which offers junior security professionals a way to validate their experience and demonstrate competence with (ISC)²®'s seven domains. A free copy of the Official (ISC)² Guide to The SSCP® CBK® from (ISC)² Press and a SSCP certification practice exam from Self Test Software are included with the course.Interested in group training toward 8570.1 compliancy? This course can be a component of our 8570.1 Training Solution that can also include assessments, certification preparation and program management, post training and testing, 8570 compliancy tracking and reporting, and continuing education


Who Should Attend:

IT consultants
Managers
Security policy writers
Privacy officers
Information security officers
Network administrators
Security device administrator
Security engineers
Security professionals seeking SSCP certification or, ultimately, CISSP certification.
 
At Course Completion:

In-depth coverage of the seven domains-required to pass the SSCP Exam:
1.Access Controls
2.Security Operations and Administration
3.Analysis and Monitoring
4.Cryptography
5.Networks and Telecommunications
6.Malicious Code/Malware
7.Risk, Response, and Recovery

Outline: 

1. Testing-Taking Tips and Study Techniques
•Preparation for the SSCP Exam
•Submitting Required Paperwork
•Resources and Study Aids
•Passing the Exam the First Time

2. Security Operations and Administration
•Change Control/Configuration Management
•Dual Control, Separation of Duties, Rotation of Duties
•Vulnerability Assessment and Pen-Testing

3. Access Controls
•AAA
•Authentication Methods (Types 1, 2, & 3)
•Authorization - DAC, RBAC, MAC
•Accounting - Logging, Monitoring, Auditing
•Central/Decentralized and Hybrid Management
•Single Sign-On - Kerberos, Radius, Diameter, TACACS
•Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering

4. Cryptography
•Intro/History
•Symmetric
•Asymmetric
•Hashing
•Cryptosystems - SSL, S/MIME, PGP
•PKI
•Cryptanalysis

5. Malicious Code and Malware
•Layering, Data Hiding, and Abstraction
•Database Security
•AI
•OOD
•Mobil Code
•Malware Architecture Problems - Covert Channels + TOC/TOU, Object Reuse
•Network Vulnerabilities

6. Networks and Telecommunications
•OSI/DoD TCP/IP Models
•TCP/UDP/ICMP/IP
•Ethernet
•Devices - Routers/Switches/Hubs
•Firewalls
•Wireless
•WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable
•Voice - PBX/Cell Phones/VOIP
•IPSec

7. Risk, Response, and Recovery
•CIA
•Roles and Responsibilities - RACI
•Asset Management
•Taxonomy - Information Classification
•Risk Management
•Policies, Procedures, Standards, Guidelines, Baselines
•Knowledge Transfer - Awareness, Training, Education
•BIA Policy
•BIA Roles and Teams
•Data Backups, Vaulting, Journaling, Shadowing
•Alternate Sites
•Emergency Response
•Required notifications
•BIA Tests

8. Analysis and Monitoring
•Ethics - Due Care/Due diligence
•Intellectual Property
•Incident Response
•Forensics
•Evidence
•Laws - HIPAA, GLB, SOX

9. Review and Q&A Session
•Final Review and Test Prep

sd sd sd sd sd sd sd sd sd sd sd sd