SSCP SYSTEMS SECURITY CERTIFIED PRACTITIONER

COURSE DESCRIPTION

The Official (ISC)² SSCP training provides a comprehensive review of the knowledge required to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability. This training course will help students review and refresh their knowledge and identify areas they need to study for the SSCP exam. Taught by an (ISC)²-authorized instructor, the course features:

• Official (ISC)² courseware
• Interactive flash cards
• Post-course assessment with 125 questions
• Collaboration with classmates (not currently available for self-paced course)
• Real-world learning activities and scenarios
• Labs

COURSE OBJECTIVES

After completing this course, learners will be able to:

• Describe security and the alignment of asset management to risk management
• Appraise risk management options and the use of access controls to protect assets
• Examine the field of cryptography to secure information and communication
• Build a security posture by securing software, data and endpoints
• Apply network and communications security to establish a secure networked environment
• Evaluate cloud and wireless security
• Prepare for incident detection and response
• Implement appropriate measures that contribute to the maturation of risk management

INTENDED AUDIENCE:

This course is ideal for those working in positions such as but not limited to:

• Network Security Engineer
• IT Systems/Network Administrator
• Security Analyst
• Systems Engineer
• Security Consultant/Specialist
• Security Administrator
• Systems/Network Analyst
• Database Administrator
• Individuals operating in a security operations center (SOC) environment performing the role of incident handler, SIEM, forensics specialist, threat intel researcher, etc.

PREREQUISITES:

• Candidates must have a minimum of 1 year cumulative work experience in 1 or more of the 7 domains of the SSCP Common Body of Knowledge (CBK).
  • A 1-year prerequisite pathway will be granted if the candidate has a degree in a cybersecurity program (bachelor’s or master’s).
  • A candidate who doesn’t have the required experience may become an Associate of (ISC)² by successfully passing the SSCP examination. The Associate of (ISC)² will then have 2 years to earn the 1 year of required experience.

COURSE OUTLINE

Module 1: Introducing Security and Aligning Asset Management to Risk Management

• Classify information security and security concepts.
• Summarize components of the asset management lifecycle.
• Identify common risks and vulnerabilities.
• Provide examples of appropriate risk treatment.

Module 2: Understanding Risk Management Options and the Use of Access Controls to Protect Assets

• Provide examples of functional security controls and policies for identified scenarios.
• Classify various access control models.
• Identify components of the identity management lifecycle.
• Recognize access control and authentication methods.

Module 3: Cryptography

• Identify the fundamental concepts of cryptography driving requirements and benefits.
• Recognize symmetric encryption methods.
• Use asymmetric encryption methods.
• Examine Public-Key Infrastructure (PKI) systems and certificates.
• Summarize fundamental key management terms and concepts.
• Recognize how to implement secure protocols.
• Review methods of cryptanalytic attack.

Module 4: Securing Software, Data, and Endpoints

• Discuss software systems and application security.
• Recognize data security concepts and skills.
• Identify malicious code and countermeasures.
• Evaluate Mobile Device Management (MDM) and security issues with mobile and autonomous endpoints.
• Review attacks and countermeasures for virtual machines.

Module 5: Network and Communications Security

• Recognize layers of the OSI Model, their functions, and attacks present at each layer.
• Identify commonly used ports and protocols.
• Select appropriate countermeasures for various network attacks.
• Summarize best practices for establishing a secure networked environment.

Module 6: Cloud and Wireless Security

• Recall cloud security concepts and configurations.
• Recognize types of virtualization and cloud security considerations.
• Summarize the types of telecommunications and network access controls.

Module 7: Incident Detection and Response

• Review the steps for monitoring, incident detection, and data loss prevention using all source intelligence.
• Identify the elements of an incident response policy and members of the incident response team (IRT).
• Classify the SSCP’s role in supporting forensic investigations.

Module 8: Maturing Risk Management

• Identify operational aspects of change management.
• Summarize physical security considerations.
• Design a security education and awareness strategy.
• Recognize common security assessment activities.
• Classify the components of a business continuity plan and disaster recovery plan.

Please contact us for schedules and for booking a private class.

Inquire Now