TOIT Training

Systems Security Certified Practitioner (SSCP)

Systems Security Certified Practitioner (SSCP)
  • Overview
  • Curriculum
  • Reviews

 

The best way to combat an attack on an organization’s information assets is to have qualified information security professionals with the appropriate practices and controls to implement, monitor and administer IT infrastructure to ensure data confidentiality, integrity and availability. This online instructor-led training SSCP course validates student’s ability to identify, evaluate, and prioritize potential threats, manage and mitigate threats through risk management concepts, assessment activities, and monitoring terminology, techniques and systems.

Students will gain the skills and knowledge to properly and promptly respond to a security incident or forensic investigation with incident handling processes and procedures such as Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP).

  • 7 Sections
  • 126 Lessons
  • 16h Duration
Expand All

Security Operations and Administration

9 Lessons
  • What is ISC/SSCP
  • Security Basics
  • Segregation of duties
  • Security controls
  • Administrative controls
  • Assessing compliance
  • Types of security controls
  • Asset management
  • Change management lifecycle

Access Controls

11 Lessons
  • Types of authentication
  • Access Controls
  • RBAC
  • Rule Based Access Control
  • MAC
  • DAC
  • Trust relationships
  • Transitive
  • Zero
  • Identity management
  • Authorization

Risk Identification

17 Lessons
  • Definitions – risk, risk management, vulnerability
  • Determining risk levels
  • Key Risk Indicator
  • Types of risk responses
  • Acceptance
  • Mitigation
  • Identifying risks and vulnerabilities
  • Creating baselines and anonamlies
  • Risk management frameworks (RMF) – enterprise level
  • Creating reports
  • Remediation
  • Continuous monitoring
  • Slow performance of systems/crashing
  • Network
  • Metrics and data analysis
  • Event triggers
  • Legal restraints

Incident Response

16 Lessons
  • Response plan
  • Documenting a response plan
  • First steps
  • Recording any changes/moves made to secure data – chain of custody
  • Contain damage (disconnect drives, etc)
  • Next steps
  • Plan on how to resolve issue
  • Investigate source of incident – forensic investigation
  • Begin recovery
  • Document all actions
  • After actions reporting
  • Document future prevention plan
  • Provide employee/personal training to avoid repeat scenario
  • Backup planning
  • Testing backups
  • Emergency response plans

Cryptography

20 Lessons
  • Laws and regulations
  • ISO
  • Data encryption
  • Encryption during transit
  • Encryption at rest
  • Strength of encryptions
  • What is Public Key Infrastructure (PKI)
  • Certificate authority
  • What uses PKI
  • Key creation and destruction
  • PGP
  • GPG
  • Blockchain
  • Nonrepudiation
  • Digital Signatures
  • HMAC
  • Security protocols
  • SSL/TLS
  • S/MIME
  • DKIM

Network and Communication Security

36 Lessons
  • Parts of a network
  • Routers/switches
  • Firewalls
  • IDS/IPS
  • TCP/IP model
  • OSI Model
  • Compare/contrast models side by side
  • Important protocols in IP stack
  • HTTP
  • Email protocols
  • Other common protocols – FTP, DNS
  • Network topologies
  • Ring
  • Hybrid
  • Peer-to-peer
  • Switches
  • VLANs
  • Switchport abilities
  • Trunking
  • Routers
  • Routing protocols
  • Load balancing
  • RADIUS
  • TACACS
  • ACLs
  • Remote access through VPN
  • VPN
  • Wireless topology
  • Wireless Standards
  • Encryption
  • Authentication
  • Threats
  • Prevention
  • Placement of APs/antennas
  • Bluetooth
  • NFC technology

Systems and Applications Security

17 Lessons
  • Network attacks
  • Ransomware
  • Trojans
  • Exploits
  • Spyware/Adware
  • Man in the Middle
  • Rootkits
  • Social Engineering attacks
  • Whaling
  • Password hacking
  • Anti-Virus
  • Host based IDS
  • Mobile application management
  • Data transmission
  • Benefits/drawbacks of cloud
  • Data ownership in cloud environments
  • Virtualization

0

0 Ratings
5 Star 0%
4 Star 0%
3 Star 0%
2 Star 0%
1 Star 0%

Reviews

Free

Start Course

Retake Course

Are you sure you want to retake the course? This action will permanently delete all your progress in this course.

Course Includes

  • Better understand Access Control
  • Better understand Security Operations and Administration
  • Better understand Risk Identification, Monitoring, and Analysis
  • Better understand Incident Response and Recovery
  • Better understand Cryptography
  • Better understand Networks and Communications Security
  • Better understand Systems and Application Security

Deleting Course Review

Are you sure? You can't restore this back

Course Access

This course is password protected. To access it please enter your password below:

Buy for group

Systems Security Certified Practitioner (SSCP)
No groups Found

You don't have any groups yet

Create a group and add group members. Sync Group(s)