The (ISC)2 SSCP CBK Review Seminar

You Will Learn How To

Prepare for SSCP Certification based on the (ISC)² CBK
Identify the access control standards and procedures that define users and user rights
Explore security operations and administration policies that maintain confidentiality and availability
Examine the risk, response and recovery processes essential for identifying and controlling information loss
Recognize the cryptography principles for disguising information and ensuring information integrity
Review core elements of network security including network structures and transmission methods

Course Benefits

This course provides a comprehensive overview of information security concepts and industry best practices and is the only review course endorsed by (ISC)². In this course, you cover the seven SSCP domains as outlined in the (ISC)² CBK and analyze the latest information-system security issues. You also develop an individual study plan to enhance your exam preparation skills.

Who Should Attend

Security professionals, government and military personnel seeking IAT-1 or IAT-2 certification to fulfill the DoD 8570.1 Directive, network security personnel and managers. Participants should be aware of the exam eligibility criteria established by (ISC)².

Workshop Course

Throughout this course, you get an in-depth review of the seven SSCP domains as outlined by the (ISC)² CBK. Workshops include:

Reviewing the seven SSCP domains including access controls, network security and cryptography
Uncovering areas to further develop and expand your exam preparedness
Investigating the latest information-system security issues, concerns and countermeasures
Reinforcing key areas of the CBK through numerous review sessions

Course 959 Content

Introduction

Overview of (ISC)² and the exam process
Introduction to the AIC (availability, integrity, confidentiality) triad

Access Controls

Access control principles

Least privilege, need to know, separation of duties
Methods of identification and registration process
User account maintenance and identity management

Hardening of systems

Levels of access: system/desktop/network/data
Patches and updates, ports, protocols
Physical access controls: environmental controls
Authentication: three factors of authentication
Directories: LDAP, Active Directory, X.500, Kerberos
IDS and IPS: monitoring and implementation
Firewalls: circuit, stateful inspection, packet filtering
Anti-virus: signature/heuristics/anomaly

Security Operations and Administration

Security administration

Event logging: SYSLOG, log protection and analysis
Information classification: compliance monitoring
Managed security service provider for secured outsourcing
Change management and configuration management
Systems development: SDLC, security design and implementation
Evaluation: penetration testing, vulnerability assessments

User Security Awareness

Code of Ethics: Personal, corporate, professional ethics
Certification and Accreditation: Purpose and process of certification
Facility and Power Management: Equipment protection, UPS, generators, surge protectors

Analysis and Monitoring

Audits: compliance and monitoring/social engineering
Log management: correlation/clipping levels
Monitoring systems: central management, retention periods for logs
Secure configurations: password cracking, war driving, war dialing, unauthorized changes

Risk, Response, and Recovery

Risk management process and incident handling

Risk assessment, risk mitigation, risk acceptance, SLE, ALE, ARO and countermeasures
Security assessments: network scanning
Response process, isolating networks, chain of evidence

Business Continuity

Disaster recovery: definitions and tests
Backups: SANS, RAID, fault-tolerant systems, frequency

Cryptography

Definitions

Algorithms: symmetric/asymmetric ciphers and stream/block
Business and security requirements
Non-repudiation, confidentiality, integrity, authentication
Certificates: X.509, PKCS, trust models, PKI
Key recovery, generation, distribution, negotiation

Cryptographic Implementations

Secure protocols: IPSEC, SSL, SSH
Cryptanalysis: plaintext/cipher-based attacks
Message integrity checks: SHA-1, MD5, hash functions, parity, checksums, digital signatures

Networks and Telecommunications

Protocols

OSI
TCP/IP
IPv4
IPv6
IP-based attacks: fragmentation, teardrop
Transmission Control Protocol (TCP): syn flood
Routing and switching protocols: RIP, OSPF, BGP
Dynamic Host Authentication Protocol (DHCP)

Transmission technologies

ATM
X.25
Frame Relay
MPLS
SVC
PVC
Remote access controls: RADIUS, TACACS+
Wireless technologies: IEEE 802.11 a/b/g, 802.15, 802.16
Network configuration: LAN/WAN/DMZ/intranet
Attacks: Port scans/null scans, honeypots, source routing

Malicious Code and Other Attacks

Types of malware: viruses, worms, Trojan horses, logic bombs
Spyware/adware, keystroke loggers/botnets/spam, phishing
Anti-virus software
Integrity-checking software

<< Back to Security Course List

Related Courses

SSCP, CBK, and (ISC)² are registered marks of the International Information Systems Security Certification Consortium in the United States and other countries.

Security Training

The (ISC)^{2^®} SSCP^® CBK^® Review Seminar

Introduction