-
Course Code
ISCS-002
SSCP - Systems Security Certified Practitioner Certification Preparation
- The ISC² Systems Security Certified Practitioner (SSCP) certification covers seven domains which they describe as ‘the compendium of topics pertaining to an Information Systems Security Practitioner', the CBK (Common Body of Knowledge). The SSCP is aimed at security go-to-people, on the front line of a business dealing with technologies employed to protect Information. If you are responsible for implementing and maintaining countermeasures such as Firewalls, Intrusion Detection or Prevention, Anti-Virus solutions or Public Key Infrastructures and you want a certification to attest to your skills and professionalism within Information Security, this is it.
Learning Outcomes
- SSCP maps to just over half of the CISSP required knowledge, so it is great as a precursor or certification path to follow if you intend on obtaining CISSP in the future
- Build a relationship with (ISC)² use the many member benefits to manage and improve your career as an Information Security professional
- SSCP allows you to waive one year of the 5 years’ experience required to pass CISSP, (other certifications can also allow this)
Course Contents
- Preparation for the SSCP Exam
- Submitting Required Paperwork
- Resources and Study Aids
- Passing the Exam, the First Time
- Change Control/Configuration Management
- Dual Control, Separation of Duties, Rotation of Duties
- Vulnerability Assessment and Pen-Testing
- Authentication Methods
- Authorization - DAC, RBAC, MAC
- Accounting - Logging, Monitoring, Auditing
- Central/Decentralized and Hybrid Management
- Single Sign-On - Kerberos, Radius, Diameter, TACACS
- Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering
- Intro/History
- Symmetric
- Asymmetric
- Hashing
- Cryptosystems - SSL, S/MIME, PGP
- PKI
- Cryptanalysis
- Layering, Data Hiding, and Abstraction
- Database Security
- OOD
- Mobil Code
- Malware Architecture Problems - Covert Channels + TOC/TOU, Object Reuse
- Network Vulnerabilities
- OSI/DoD TCP/IP Models
- TCP/UDP/ICMP/IP
- Ethernet
- Devices - Routers/Switches/Hubs
- Firewalls
- Wireless
- WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable
- Voice - PBX/Cell Phones/VOIP
- Roles and Responsibilities - RACI
- Asset Management
- Taxonomy - Information Classification
- Risk Management
- Policies, Procedures, Standards, Guidelines, Baselines
- Knowledge Transfer - Awareness, Training, Education
- BIA Policy
- BIA Roles and Teams
- Data Backups, Vaulting, Journaling, Shadowing
- Alternate Sites
- Emergency Response
- Required notifications
- Ethics - Due Care/Due diligence
- Intellectual Property
- Incident Response
- Forensics
- Evidence
- Laws - HIPAA, GLB, SOX
Testing-Taking Tips and Study Techniques
Security Operations and Administration
Access Controls
Cryptography
Malicious Code and Malware
Networks and Telecommunications
Risk, Response, and Recovery
Analysis and Monitoring
Final Review and Test Preparations
Our Methodology
- Make coaching and monitoring innovative and using modern
- Media training also using on the go training by using interactive means and focusing on
- The exercises, practical applications and real situations study
- Live delivery method, instructor-led training
- Experienced consultant, trainers, and professional
- Qualified trainer with high-level experience
Attendance Reports
- Send daily attendance reports to training departments
- Send full attendance report to training dep. by the end of the course
- Attend 100 % from the course days also provide daily
- Issue attendance certificate for participant who attend minimum 80% from the course duration
Pre/Post Reports
- Pre- assessment before starting training
- Post assessment after finish training
- Full report for the deferent between Pre-& Post assessment
Who Should Attend
- Network Security Engineer
- Security Administrator
- Security Analyst
- Systems Engineer
- Network Administrator
- Systems Administrator
- Security Specialist
- Systems/Network Analyst
- Security Consultant
- Database Administrator