(ISC)²

Systems Security Certified Practitioner (SSCP)

(SSCP.AE2) / ISBN : 9781644593776

This course includes
Lessons
TestPrep
LiveLab

Get hands-on experience in system security with the Systems Security Certified Practitioner (SSCP) course and lab. The course contains interactive tools such as live labs, test preps, and SSCP exam objective-based lessons with knowledge checks, quizzes, flashcards, and glossary terms to get a detailed understanding of critical aspects of information security. It will be a great source to learn about Security Operations and Administration, Access Controls,  Risk Identification, Monitoring, and Analysis, Incident Response and Recovery, Cryptography, Network and Communications Security, and Systems and Application Security.

Here's what you will get

SSCP is a global IT security certification. It validates the candidate's skills to implement, monitor, and administer IT infrastructure using information security policies and procedures — ensuring data confidentiality, integrity and availability. This certification is designed for IT administrators, managers, directors, and network security professionals responsible for the hands-on operational security of their organization’s critical assets.

Lessons

13+ Lessons | 593+ Exercises | 249+ Quizzes | 344+ Flashcards | 344+ Glossary of terms

TestPrep

125+ Pre Assessment Questions | 2+ Full Length Tests | 125+ Post Assessment Questions | 250+ Practice Test Questions

Hand on lab

25+ LiveLab | 25+ Video tutorials | 40+ Minutes

Here's what you will learn

Download Course Outline

  • About This Course
  • What Is an SSCP?
  • Using This Course
  • Let's Get Started!

  • Information: The Lifeblood of Business
  • Policy, Procedure, and Process: How Business Gets Business Done
  • Who Runs the Business?
  • Summary
  • Exam Essentials

  • The Common Needs for Privacy, Confidentiality, Integrity, and Availability
  • Training and Educating Everybody
  • SSCPs and Professional Ethics
  • Summary
  • Exam Essentials

  • It’s a Dangerous World
  • The Four Faces of Risk
  • Getting Integrated and Proactive with Information Defense
  • Risk Management: Concepts and Frameworks
  • Risk Assessment
  • Four Choices for Limiting or Containing Damage
  • Summary
  • Exam Essentials

  • From Tactical Planning to Information Security Operations
  • Operationalizing Risk Mitigation: Step by Step
  • The Ongoing Job of Keeping Your Baseline Secure
  • Ongoing, Continuous Monitoring
  • Reporting to and Engaging with Management
  • Summary
  • Exam Essentials

  • Trusting Our Communications in a Converged World
  • Internet Systems Concepts
  • Two Protocol Stacks, One Internet
  • Wireless Network Technologies
  • IP Addresses, DHCP, and Subnets
  • IPv4 vs. IPv6: Important Differences and Options
  • CIANA Layer by Layer
  • Securing Networks as Systems
  • Summary
  • Exam Essentials

  • Identity and Access: Two Sides of the Same CIANA+PS Coin
  • Identity Management Concepts
  • Access Control Concepts
  • Network Access Control
  • Implementing and Scaling IAM
  • User and Entity Behavior Analytics (UEBA)
  • Zero Trust Architectures
  • Summary
  • Exam Essentials

  • Cryptography: What and Why
  • Building Blocks of Digital Cryptographic Systems
  • Keys and Key Management
  • Modern Cryptography: Beyond the “Secret Decoder Ring”
  • “Why Isn't All of This Stuff Secret?”
  • Cryptography and CIANA+PS
  • Public Key Infrastructures
  • Applying Cryptography to Meet Different Needs
  • Managing Cryptographic Assets and Systems
  • Measures of Merit for Cryptographic Solutions
  • Attacks and Countermeasures
  • PKI and Trust: A Recap
  • On the Near Horizon
  • Summary
  • Exam Essentials

  • Infrastructure Security Is Baseline Management
  • Securing the Physical Context
  • Infrastructures 101 and Threat Modeling
  • Endpoint Security
  • Malware: Exploiting the Infrastructure's Vulnerabilities
  • Privacy and Secure Browsing
  • “The Sin of Aggregation”
  • Updating the Threat Model
  • Managing Your Systems' Security
  • Summary
  • Exam Essentials

  • It's a Data-Driven World…At the Endpoint
  • Software as Appliances
  • Applications Lifecycles and Security
  • CIANA+PS and Applications Software Requirements
  • Application Vulnerabilities
  • “Shadow IT:” The Dilemma of the User as Builder
  • Information Quality and Information Assurance
  • Protecting Data in Motion, in Use, and at Rest
  • Into the Clouds: Endpoint App and Data Security Considerations
  • Legal and Regulatory Issues
  • Countermeasures: Keeping Your Apps and Data Safe and Secure
  • Summary
  • Exam Essentials

  • Defeating the Kill Chain One Skirmish at a Time
  • Harsh Realities of Real Incidents
  • Incident Response Framework
  • Preparation
  • Detection and Analysis
  • Containment and Eradication
  • Recovery: Getting Back to Business
  • Post-Incident Activities
  • Summary
  • Exam Essentials

  • What Is a Disaster?
  • Surviving to Operate: Plan for It!
  • Timelines for BC/DR Planning and Action
  • Options for Recovery
  • Cloud-Based “Do-Over” Buttons for Continuity, Security, and Resilience
  • People Power for BC/DR
  • Security Assessment: For BC/DR and Compliance
  • Converged Communications: Keeping Them Secure During BC/DR Actions
  • Summary
  • Exam Essentials

  • Operationalizing Security Across the Immediate and Longer Term
  • Supply Chains, Security, and the SSCP
  • Other Dangers on the Web and Net
  • On Our Way to the Future
  • Enduring Lessons
  • Your Next Steps
  • At the Close
  • Exam Essentials

Hands-on LAB Activities

  • Encrypting Files with EFS

  • Conducting Vulnerability Scanning Using Nessus
  • Using Social Engineering Techniques to Plan an Attack
  • Configuring a VPN

  • Configuring a Router
  • Configuring Default Routing
  • Configuring Network Address Translation
  • Finding the Physical and Logical Address of a LAN Adapter
  • Getting the UDP Settings and the Current Connection Statistics of UDP
  • Tracing Route Using Tracert
  • Intercepting Packets
  • Configuring VLANs
  • Obtaining the ARP Cache and Getting Information about DNS
  • Obtaining Information about Different IP Versions and the IP Version of a Network Adapter
  • Getting the TCP Settings and Information about the Current Connection Statistics of TCP
  • Adding an IPv6 Address
  • Assigning Different Classes of IP Addresses
  • Using Burp Suite
  • Using Ettercap for ARP Spoofing

  • Creating ACL in a Router

  • Observing an MD5-Generated Hash Value
  • Observing an SHA-Generated Hash Value
  • Performing Symmetric Key Encryption
  • Using OpenSSL to Create a Public/Private Key Pair

  • Creating a Virtual Machine

Exam FAQs

$249 USD

Pearson VUE

Multiple-choice

The exam contains 125 questions.

180 minutes

700

  • If you don’t pass the exam the first time, you can retest after 30 days.
  • If you don’t pass a second time, you can retest after an additional 90 days.
  • If you don’t pass a third time, you can retest after 180 days from your most recent exam attempt.