Systems Security Certified Practitioner (SSCP) Online Course
About the Course
The Systems Security Certified Practitioner (SSCP) is the ideal certification for those with proven technical skills and practical, hands-on security knowledge in operational IT roles. It provides confirmation of a practitioner’s ability to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability. Initially Course provides information about certification exam. Then It covers 7 domains of SSCP Examination Curriculum. Successful candidates will become competent in the following 7 domains:
- Access Controls
- Security Operations and Administration
- Risk Identification, Monitoring, and Analysis
- Incident Response and Recovery
- Cryptography
- Network and Communications Security
- Systems and Application Security
After Completion this course, Student will be able to secure systems, networks, applications and will be able to implement IT security policies.
Course Curriculum
Preparing for (ISC) ² Certification Course
- The Course Overview
- Course Introduction
- (ISC)² Exam Overview
- Virtual Machine
- Lab Setup
Access Controls: Part 1
- Section Objectives
- AAA and Authentication Factors
- Trust Relations and Architecture
- Subject-Based versus Object-Based
- MAC versus DAC
- Role–Based and Attribute–Based
- Management Lifecycle
Access Controls: Part 2
- Section Objectives
- IEEE 802.1X and Mac Security
- RADIUS and TACACS+
- NAC and RAT
- IPSec and SSL/TLS VPN
Security Operations and Administration
- Section Objective
- Asset Management and Change Management
- Configuration Management and Impact Management
- Security Training and Physical Security Operations
- AUP Policy Enforcement
Security Policy and Terminologies
- Section Objectives
- Threat, Risk, and Vulnerability
- Compromise Indicators
- Security Triad
- Written Security Policy
- Countermeasure and Mitigation
Risk Identification, Monitoring, and Analysis: Part 1
- Section Objectives
- Risk Management and Assessment
- Qualitative Risk Management
- Quantitative Risk Management
- Risk Visibility
- Reporting
- Auditing
Risk Identification, Monitoring, and Analysis: Part 2
- Section Objectives
- Regular Monitoring Importance
- Syslog
- SNMP and NetFlow
- Security Analytics, Metrices, and Trends
- Visualization
- Data Analysis
- Communicating Findings
Incident Response and Recovery
- Section Objectives
- Incident Handling Lifecycle
- Forensics Investigations
- BCP and DRP
- Emergency Response
- Restoration
- Testing and Drills
Overview of Cryptography
- Section Objectives
- Cryptography Basics
- Cipher and Types
- Identify Algorithm
- Encryption and Types
- Hashing
Beyond the Basics of Cryptography
- Section Objectives
- Key Management
- Digital Signatures
- PKI and Components
- Expiration and Suspension
- Cryptography Attacks
- Mitigation
Networks and Communications Security: Protocols and Services
- Section Objectives
- OSI and TCP/IP Model
- Physical and Logical Topologies
- Layer 2-4
- Layer 5-7
Networks and Communications Security: Security Devices
- Section Objectives
- Routers
- Switches
- Firewall
- Proxies
- IDS and IPS
- VPNs
Networks and Communications Security: Device Protection
- Section Objectives
- Device Hardening
- Security Controls and Types
- Segmentation and Zoning
- Device Protection Best Practices
System and Application Security: Identify Malware Threats
- Section Objectives
- Virus, Worm, and Trojan
- Ransomwares and Crypters
- Spyware, Backdoor, and Logic Bombs
- Identify Malicious Systems
- Attack Tools and Kits
- Malware Attack Countermeasure
System and Application Security: Secure Practices
- Section Objectives
- Application Security Basics
- Data Storage Security
- Third Party Outsourcing
- Virtualization Security
- Cloud Computing Security
- Big Data Security
- Legal Concerns