ISC2 Systems Security Certified Practitioner (SSCP)
Description
As organizations continue to pursue digital transformation initiatives, the threat landscape is always expanding. Yet cybersecurity leadership talent is scarce. That's where SSCP from ISC2 comes in - to help fill the gap. Once certified, the opportunities for certified professionals are almost limitless.
The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization's critical assets. It shows you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures.
Target group
This training course is intended for practitioners who have at least one year of cumulative, paid work experience in one or more of the seven domains of the ISC2 SSCP CBK and are pursuing SSCP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training seminar is ideal for those with technical skills and practical, hand-on security knowledge working in operational IT positions such as, but not limited to:
- Network Security Engineer
- Systems/Network Administrator
- Security Analyst
- Systems Engineer
- Security Consultant/Specialist
- Security Administrator
- Systems/Network Analyst
- Database Administrator
Program
- Duration : 5 days
Chapter 1: Introducing Security and Aligning Asset Management to Risk Management
- Classify information security and security concepts.
- Summarize components of the asset management lifecycle .
- Identify common risks and vulnerabilities.
- Provide examples of appropriate risk treatment.
Chapter 2: Understanding Risk Management Options and the Use of Access Controls to Protect Assets
- Provide examples of functional security controls and policies for identified scenarios.
- Classify various access control models.
- Identify components of the identity management lifecycle.
- Recognize access control and authentication methods.
Chapter 3: Cryptography
- Identify the fundamental concepts of cryptography driving requirements and benefits.
- Recognize symmetric encryption methods.
- Use asymmetric encryption methods.
- Examine Public-Key Infrastructure (PKI) systems and certificates.
- Summarize fundamental key management terms and concepts.
- Recognize how to implement secure protocols.
- Review methods of cryptanalytic attack.
Chapter 4: Securing Software, Data, and Endpoints
- Discuss software systems and application security.
- Recognize data security concepts and skills.
- Identify malicious code and countermeasures.
- Evaluate Mobile Device Management (MDM) and security issues with mobile and autonomous endpoints.
- Review attacks and countermeasures for virtual machines.
Chapter 5: Network and Communications Security
- Recognize layers of the OSI Model, their functions, and attacks present at each layer.
- Identify commonly used ports and protocols.
- Select appropriate countermeasures for various network attacks.
- Summarize best practices for establishing a secure networked environment.
Chapter 6: Cloud and Wireless Security
- Recall cloud security concepts and configurations.
- Recognize types of virtualization and cloud security considerations.
- Summarize the types of telecommunications and network access controls.
Chapter 7 : Incident Detection and Response
- Review the steps for monitoring, incident detection, and data loss prevention using all source intelligence.
- Identify the elements of an incident response policy and members of the incident response team (IRT).
- Classify the SSCP's role in supporting forensic investigations.
Chapter 8: Maturing Risk Management
- Identify operational aspects of change management.
- Summarize physical security considerations.
- Design a security education and awareness strategy.
- Recognize common security assessment activities.
- Classify the components of a business continuity plan and disaster recovery plan.
Note Throughout this course, exam domains may be covered in several chapters. Included in the course is a table indicating where the exam outline
Goal
After completing this course, the student will be able to:
- Describe security and the alignment of asset management to risk management.
- Appraise risk management options and the use of access controls to protect assets.
- Examine the field of cryptography to secure information and communication.
- Build a security posture by securing software, data, and endpoints.
- Apply network and communications security to establish a secure networked environment.
- Evaluate cloud and wireless security.
- Prepare for incident detection and response.
- Implement appropriate measures that contribute to the maturation of risk management.
Recommended
Candidates must have a minimum of one year of cumulative paid work experience in one or more of the seven domains of the SSCP Common Body of Knowledge (CBK). Alternatively, earning a bachelor's or master's degree in cybersecurity or in certain related fields (such as Computer Science, Computer Engineering, Computer Systems Engineering, Management Information Systems, or Information Technology) may substitute for this one-year experience.
- Language : English
- Level : Advanced
- Certification body : ISC2
- Certification: Yes
- Accessibility : Yes
- Duration: 5 days
Important information:
Our courses are not registered with the Répertoire National des Certifications Professionnelles (RNCP), but they do comply with the requirements of the Répertoire Spécifique (RS).