The Systems Security Certified Practitioner (SSCP®) course provides a comprehensive review of the knowledge required to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability.
This training course will help students review and refresh their knowledge and identify areas they need to study for the SSCP exam. Content aligns with and comprehensively covers the seven domains of the ISC2 SSCP Common Body of Knowledge (CBK®).
Official courseware is developed by ISC2 – creator of the SSCP CBK – to ensure your training is relevant and up-to-date. Our instructors are verified security experts who hold the SSCP and have completed intensive training to teach ISC2 content
Objetivos
- Describe security and the alignment of asset management to risk management.
- Appraise risk management options and the use of access controls to protect assets.
- Examine the field of cryptography to secure information and communication.
- Build a security posture by securing software, data, and endpoints.
- Apply network and communications security to establish a secure networked environment.
- Evaluate cloud and wireless security.
- Prepare for incident detection and response.
- Implement appropriate measures that contribute to the maturation of risk management.
Destinatários
This training course is intended for practitioners who have at least one year of cumulative, paid work experience in one or more of the seven domains of the ISC2 SSCP CBK and are pursuing SSCP training and certification to acquire the credibility and mobility to advance within their current information
security careers. The training seminar is ideal for those with technical skills and practical, hand-on security knowledge working in operational IT positions such as, but not limited to:
- Network Security Engineer
- Systems/Network Administrator
- Security Analyst
- Systems Engineer
- Security Consultant/Specialist
- Security Administrator
- Systems/Network Analyst
- Database Administrator
Pré-Requisitos
Have at least one year of cumulative, paid work experience in one or more of the seven domains of the ISC2 SSCP CBK.
Programa
- Introducing Security and Aligning Asset Management to Risk Management
- Understanding Risk Management Options and the Use of Access Controls to Protect Assets
- Cryptography
- Securing Software, Data, and Endpoints
- Network and Communications Security
- Cloud and Wireless Security
- Incident Detection and Response
- Maturing Risk Management
Introducing Security and Aligning Asset Management to Risk Management
- Classify information security and security concepts.
- Summarize components of the asset management lifecycle.
- Identify common risks and vulnerabilities.
- Provide examples of appropriate risk treatment.
Understanding Risk Management Options and the Use of Access Controls to Protect Assets
- Provide examples of functional security controls and policies for identified scenarios.
- Classify various access control models.
- Identify components of the identity management lifecycle.
- Recognize access control and authentication methods.
Cryptography
- Identify the fundamental concepts of cryptography driving requirements and benefits.
- Recognize symmetric encryption methods.
- Use asymmetric encryption methods.
- Examine Public-Key Infrastructure (PKI) systems and certificates.
- Summarize fundamental key management terms and concepts.
- Recognize how to implement secure protocols.
- Review methods of cryptanalytic attack.
Securing Software, Data, and Endpoints
- Discuss software systems and application security.
- Recognize data security concepts and skills.
- Identify malicious code and countermeasures.
- Evaluate Mobile Device Management (MDM) and security issues with mobile and autonomous endpoints.
- Review attacks and countermeasures for virtual machines.
Network and Communications Security
- Recognize layers of the OSI Model, their functions, and attacks present at each layer.
- Identify commonly used ports and protocols.
- Select appropriate countermeasures for various network attacks.
- Summarize best practices for establishing a secure networked environment.
Cloud and Wireless Security
- Recall cloud security concepts and configurations.
- Recognize types of virtualization and cloud security considerations.
- Summarize the types of telecommunications and network access controls.
Incident Detection and Response
- Review the steps for monitoring, incident detection, and data loss prevention using all source intelligence.
- Identify the elements of an incident response policy and members of the incident response team (IRT).
- Classify the SSCP’s role in supporting forensic investigations.
Maturing Risk Management
- Identify operational aspects of change management.
- Summarize physical security considerations.
- Design a security education and awareness strategy.
- Recognize common security assessment activities.
- Classify the components of a business continuity plan and disaster recovery plan.