SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide

  • ID: 3148738
  • Book
  • 576 Pages
  • John Wiley and Sons Ltd
1 of 4
Covers 100% of the April 2015 updated exam objectives, including access controls, admission, audit and monitoring, Cryptography and much more

Includes interactive online learning environment and study tools with:

- Custom practice exams with 125 sample questions
- 100 Electronic Flashcards
- Searchable key term glossary

The Only Official, Fully Updated Study Guide for the SSCP® Exam

This one–stop Sybex Study Guide covers 100% of the exam objectives you'll need to know to pass the Systems Security Certified Practitioner (SSCP) certification. Focused on the Common Body of Knowledge (CBK) as determined by ISC2, this study guide fully examines all seven domains you must master. Superior content and the exclusive Sybex interactive online learning environment help you prepare for and approach the exam with confidence. You'll benefit from end–of–chapter review questions, a 125–question practice exam, instructional video, charts and typical applications, a complete description of exam requirements and process, test–taking tips, and much more.

Coverage of 100% of all exam objectives in this Study Guide means you'll be ready for:

- Access Controls
- Security Operations and Administration
- Auditing and Monitoring Systems
- Risk, Response, and Recovery
- Cryptography Techniques and Cryptanalysis
- Networks and Data Communications
- Malicious Code

Interactive learning environment

Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit [external URL] type in your unique PIN, and instantly gain access to:

- Interactive test bank with a practice exam, to help you identify where you need additional study. Practice exams help you identify areas where further review is needed. Get more than 90% of the answers correct, and you're ready to take the certification exam.125 questions total!
- More than 1000 Electronic Flashcards to reinforce learning and last–minute prep before the exam
- Comprehensive glossary in PDF format gives you instant access to the key terms so you are fully prepared

ABOUT THE CWNP PROGRAM

The SSCP certification is the ideal credential for those with proven technical skills and practical security knowledge in hands–on operational IT roles. It provides industry–leading confirmation of a practitioner's ability to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability. For more information visit [external URL]
READ MORE
Note: Product cover images may vary from those shown
2 of 4

Introduction xxv

Assessment Test xxxi

Chapter 1 Information Security: The Systems Security Certified Practitioner Certification 1

About the (ISC)2 Organization 2

(ISC)2 History 3

Organizational Structure and Programs 3

Exams, Testing, and Certification 6

Certification Qualification: The SSCP Common Body of Knowledge 6

After Passing the Exam 8

Certification Maintenance 9

Types of IT Certifications? 10

About the Systems Security Certified Practitioner Certification 12

How Do I Use My SSCP Knowledge on the Job? 15

The SSCP Exam 17

Preparing for the Exam 17

Booking the Exam 21

Taking the Exam 22

Summary 25

Exam Essentials 25

Chapter 2 Security Basics: A Foundation 27

The Development of Security Techniques 28

Understanding Security Terms and Concepts 29

The Problem (Opportunity) and the Solution 29

Evolution of Items 31

Security Foundation Concepts 38

CIA Triad 38

Primary Security Categories 39

Access Control 40

Nonrepudiation 42

Risk 42

Prudent Man, Due Diligence, and Due Care 44

User Security Management 44

Least Privilege 45

AAA 45

Mandatory Vacation 46

Separation of Duties 46

M of N Requirement 46

Two–Man Rule 47

Job Rotation 48

Geographic Access Control 48

Temporal Access Control, Time of Day Control 48

Privacy 49

Transparency 49

Implicit Deny 50

Personal Device (BYOD) 51

Privilege Management, Privilege Life Cycle 51

Participating in Security Awareness Education 52

Types of Security Awareness Education Programs 52

Working with Human Resources and Stakeholders 53

Senior Executives 53

Customers, Vendors, and Extranet Users Security Awareness Programs 54

Summary 54

Exam Essentials 55

Written Lab 56

Review Questions 57

Chapter 3 Domain 1: Access Controls 61

What Are Controls? 62

What Should Be Protected? 63

Why Control Access? 64

Types of Access Controls 67

Physical Access Controls 67

Logical Access Controls 68

Administrative Access Controls 69

Identification 70

Authentication 72

Factors of Authentication 74

Single–Factor Authentication 84

Multifactor Authentication 84

Token–Based Access Controls 85

System–Level Access Controls 86

Discretionary Access Control (DAC) 86

Nondiscretionary Access Control 87

Mandatory Access Control 87

Administering Mandatory Access Control 89

Trusted Systems 90

Mandatory Access Control Architecture Models 91

Account–Level Access Control 94

Session–Level Access Control 104

View–Based Access Control 104

Data–Level Access Control 105

Contextual– or Content–Based Access Control 106

Physical Data and Printed Media Access Control 106

Assurance of Accountability 107

Manage Internetwork Trust Architectures 108

Cloud–Based Security 111

Summary 113

Exam Essentials 114

Written Lab 115

Review Questions 116

Chapter 4 Domain 2: Security Operations and Administration 121

Security Administration Concepts and Principles 122

Security Equation 123

Security Policies and Practices 124

Data Management Policies 143

Data States 144

Information Life Cycle Management 144

Information Classification Policy 144

Endpoint Device Security 148

Endpoint Health Compliance 148

Endpoint Defense 149

Endpoint Device Policy 149

Security Education and Awareness Training 150

Employee Security Training Policy 153

Employee Security Training program 154

Business Continuity Planning 157

Developing a Business Continuity Plan 160

Disaster Recovery Plans 165

Summary 173

Exam Essentials 174

Written Lab 175

Review Questions 176

Chapter 5 Domain 3: Risk Identification, Monitoring, and Analysis 181

Understanding the Risk Management Process 183

Defining Risk 183

Risk Management Process 184

Risk Management Frameworks and Guidance for Managing Risks 191

ISO/IEC 27005 191

NIST Special Publication 800–37 Revision 1 192

NIST Special Publication 800–39 194

Risk Analysis and Risk Assessment 194

Risk Analysis 195

Risk Assessments 199

Managing Risks 202

Treatment Plan 202

Risk Treatment 202

Risk Treatment Schedule 203

Risk Register 205

Risk Visibility and Reporting 207

Enterprise Risk Management 207

Continuous Monitoring 208

Security Operations Center 209

Threat Intelligence 210

Analyzing Monitoring Results 211

Security Analytics, Metrics, and Trends 212

Event Data Analysis 213

Visualization 214

Communicating Findings 215

Summary 216

Exam Essentials 217

Written Lab 218

Review Questions 219

Chapter 6 Domain 4: Incident Response and Recovery 223

Event and Incident Handling Policy 224

Standards 225

Procedures 225

Guidelines 226

Creating and Maintaining an Incident Response Plan 226

Law Enforcement and Media Communication 229

Building in Incident Response Team 231

Incident Response Records 232

Security Event Information 233

Incident Response Containment and Restoration 233

Implementation of Countermeasures 235

Understanding and Supporting Forensic Investigations 235

Incident Scene 236

Volatility of Evidence 237

Forensic Principles 237

Chain of Custody 238

Proper Investigation and Analysis of Evidence 238

Interpretation and Reporting Assessment Results 239

Understanding and Supporting the Business Continuity Plan and the Disaster Recovery Plan 240

Emergency Response Plans and Procedures 240

Business Continuity Planning 240

Disaster Recovery Planning 242

Interim or Alternate Processing Strategies 245

Restoration Planning 247

Backup and Redundancy Implementation 247

Business Continuity Plan and Disaster Recovery Plan Testing and Drills 252

Summary 253

Exam Essentials 254

Written Lab 255

Review Questions 256

Chapter 7 Domain 5: Cryptography 261

Concepts and Requirements of Cryptography 263

Terms and Concepts Used in Cryptography 263

Cryptographic Systems and Technology 272

Data Classification and Regulatory Requirements 297

Public Key Infrastructure and Certificate Management 299

Key Management 303

Key Generation 303

Key Distribution 303

Key Encrypting Keys 304

Key Retrieval 304

Secure Protocols 306

IPsec 306

Summary 311

Exam Essentials 311

Written Lab 313

Review Questions 314

Chapter 8 Domain 6: Networks and Communications 317

Network Models 318

TCP/IP and OSI Reference Models 319

Network Design Topographies 330

Network Topology Models 330

Network Connection Models 334

Media Access Models 335

Ports and Protocols 336

Ports 336

Common Protocols 338

Converged Network Communications 340

Network Monitoring and Control 341

Continuous Monitoring 341

Network Monitors 341

Managing Network Logs 342

Access Control Protocols and Standards 343

Remote Network Access Control 343

Remote User Authentication Services 346

RADIUS 347

TACACS/TACACS+/XTACACS 347

Local User Authentication Services 348

LDAP 348

Kerberos 348

Single Sign–On 350

Network Segmentation 351

Subnetting 352

Virtual Local Area Networks 353

Demilitarized Zones 353

Network Address Translation 354

Securing Devices 355

MAC Filtering and Limiting 356

Disabling Unused Ports 356

Security Posture 356

Firewall and Proxy Implementation 357

Firewalls 357

Firewall Rules 359

Network Routers and Switches 361

Routers 361

Switches 363

Intrusion Detection and Prevention Devices 363

Intrusion Detection Systems 364

Intrusion Prevention Systems 364

Wireless Intrusion Prevention Systems 365

Comparing Intrusion Detection Systems and Intrusion

Prevention Systems 366

Spam Filter to Prevent Email Spam 368

Telecommunications Remote Access 368

Network Access Control 368

Wireless & Cellular Technologies 369

IEEE 802.11x Wireless Protocols 370

WEP/WPA/WPA2 371

Wireless Networks 373

Cellular Network 375

WiMAX 375

Wireless MAN 376

Wireless WAN 377

Wireless LAN 377

Wireless Mesh Network 377

Bluetooth 377

Wireless Network Attacks 378

Wireless Access Points 378

Traffic Shaping Techniques and Devices 381

Quality of Service 381

Summary 382

Exam Essentials 383

Written Lab 384

Review Questions 385

Chapter 9 Domain 7: Systems and Application Security 389

Understand Malicious Code and Apply Countermeasures 390

Malicious Code Terms and Concepts 393

Managing Spam to Avoid Malware 401

Cookies and Attachments 402

Malicious Code Countermeasures 405

Malicious Add–Ons 409

Java Applets 409

ActiveX 410

User Threats and Endpoint Device Security 410

General Workstation Security 411

Physical Security 416

Securing Mobile Devices and Mobile

Device Management 426

Understand and Apply Cloud Security 428

Cloud Concepts and Cloud Security 429

Cloud Deployment Model Security 434

Cloud Service Model Security 436

Cloud Management Security 438

Cloud Legal and Privacy Concepts 442

Cloud Virtualization Security 449

Secure Data Warehouse and

Big Data Environments 449

Data Warehouse and Big Data Deployment and Operations 450

Securing the Data Warehouse and Data Environment 451

Secure Software–Defined Networks and Virtual Environments 451

Software–Defined Networks 452

Security Benefits and Challenges of Virtualization 455

Summary 457

Exam Essentials 458

Written Lab 459

Review Questions 460

Appendix A Answers to Written Labs 465

Chapter 2 466

Chapter 3 466

Chapter 4 467

Chapter 5 468

Chapter 6 468

Chapter 7 469

Chapter 8 470

Chapter 9 471

Appendix B Answers to Review Questions 473

Chapter 2 474

Chapter 3 475

Chapter 4 476

Chapter 5 478

Chapter 6 479

Chapter 7 481

Chapter 8 483

Chapter 9 484

Appendix C Diagnostic Tools 487

Microsoft Baseline Security Analyzer 488

Using the Tool 488

Microsoft Password Checker 491

Using the Tool 491

Internet Explorer Phishing and Malicious Software Filter 492

Using the Tool 493

Manage Internet Cookies 494

Using the Tool 494

Observing Logs with Event Viewer 495

Using the Tool 495

Viewing a Digital Certificate 497

Using the Tool 497

Monitoring PC Activities with Windows Performance Monitor 500

Using the Tool 500

Analyzing Error Messages in Event Viewer 504

Using the Tool 504

Calculate Hash Values 508

Using the Tool 509

Index 511

Note: Product cover images may vary from those shown
3 of 4

Loading
LOADING...

4 of 4
George Murphy
Note: Product cover images may vary from those shown
5 of 4
Note: Product cover images may vary from those shown
Adroll
adroll