SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Video accessible from your Account page after purchase.
Register your product to gain access to bonus material or receive a coupon.
15 hours of video instruction to learn everything you need to know about the Systems Security Certified Practitioner (SSCP) certification exam. Includes the new content covering the 2022 update.
Overview
SSCP (Systems Security Certified Practitioner) Complete Video Course provides 15 hours of comprehensive video that teaches you everything you need to know to get up and running with systems security. The content in this title has been updated to include coverage of the all-new topics in the 2022 exam release. The (ISC)2 SSCP exam is a solid introductory certification in IT security, and this comprehensive video course walks you through every topic on the exam blueprint so you can learn about system security from the ground up and gain the knowledge and skills you need to pass the SSCP exam. Full of live trainer discussions, hands-on demos, whiteboard work, and deep-dive discussions, this course covers security fundamentals and principles in a way that is easy to access.
This video course covers every objective in the SSCP certification exam so you can use it as a complete study tool to pass the test, including the updates in the 2022 exam release, along with the knowledge and skills you need to advance your cybersecurity career. The (ISC)2 SSCP exam is a vendor-neutral world-recognized certification that endorses your IT security knowledge. It is also a great way to start your path toward CISSP certification, which is the next step through (ISC)2.
Topics include
Skill Level
What You Will Learn
Who Should Take This Course
The target audience for this course consists of systems/network/application security professionals who are preparing for the SSCP exam. A secondary audience consists of any IT professional who wants to gain a broad understanding of how to secure modern enterprises.
Course Requirements
There are no prerequisites for this course, although fundamental networking knowledge is recommended.
About LiveLessons Video Training
LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons on InformIT at http://www.informit.com/livelessons.
Introduction
Module 1: Security Operations and Administration
Lesson 1: Fundamental Security Concepts
1.1 (ISC)2 Code of Ethics
1.2 Understand Security Concepts
1.3 Identify and Implement Security Controls
1.4 Document and Maintain Functional Security Controls
Lesson 2: Security Management Lifecycles
2.1 Initiation and Development or Acquisition Phases
2.2 Implementation and Operation Phases
2.3 Archiving and Disposal Phases
2.4 Change and Configuration Management
Lesson 3: Security Awareness and Training
3.1 Security Training During Onboarding
3.2 Continual Security Awareness
3.3 Security Education for the Enterprise
Lesson 4: Collaborate with Physical Security Operations
4.1 Defense-in-Depth
4.2 Campus Physical Security
4.3 Facility Physical Security
4.4 Operational Physical Security
Module 2: Practical Cryptography
Lesson 5: Cryptography Use Cases
5.1 The CIAN Model
5.2 Data Sensitivity Cases
5.3 Regulatory Use Cases
Lesson 6: Applied Cryptographic Concepts
6.1 Cryptographic Hashing and HMACs
6.2 Salt and Pepper
6.3 Symmetric vs. Asymmetric Cryptosystems
6.4 Digital Signatures
6.5 Strength of Encryption Algorithms and Keys
6.6 Cryptographic Attacks and Cryptanalysis
Lesson 7: Public Key Infrastructure
7.1 Web of Trust
7.2 Digital Certificates
7.3 Internet PKI
7.4 Fundamental Key Management Concepts
Lesson 8: Understand Secure Protocols
8.1 Services and Protocols
8.2 Common Use Cases
8.3 Limitations and Vulnerabilities
Module 3: Access Controls
Lesson 9: Implement and Maintain Authentication Methods
9.1 Single/Multi-factor Authentication (MFA)
9.2 Single Sign-on (SSO) and Federated Access
9.3 Device Authentication
Lesson 10: Support Internetwork Trust Architectures
10.1 Trust Relationships
10.2 Internet, Intranet, and Extranet
10.3 Third-party Connections
Lesson 11: The Identity Management Lifecycle
11.1 Authorization and Proofing
11.2 Provisioning and De-Provisioning
11.3 Maintenance and Entitlement
11.4 Identity and Access Management (IAM) Systems
Lesson 12: Understand and Apply Access Controls
12.1 Mandatory Access Controls (MAC)
12.2 Discretionary Access Controls
12.3 Role-Based Access Controls (RBAC)
12.4 Rule-Based Access Controls (ACLs)
Module 4: Risk Identification, Monitoring and Analysis
Lesson 13: The Risk Management Process
13.1 Risk Management Concepts and Terminology
13.2 Risk Treatment and Tolerance
13.3 Qualitative vs. Quantitative Risk Analysis
13.4 Risk Management Frameworks
13.5 Regulatory and Legal Concerns
Lesson 14: Vulnerability Assessment and Management
14.1 Vulnerability Management Lifecycle
14.2 Vulnerability Assessment Tools and Methods
14.3 Security Testing and Risk Review
Lesson 15: Security Testing and Risk Review
15.1 Source Systems
15.2 Events of Interest
15.3 Log Management
15.4 Event Aggregation and Correlation
Lesson 16: Risk Identification, Monitoring, and Analysis
16.1 Security Baselines and Anomalies
16.2 Visualizations, Metrics, and Trends
16.3 Document and Communicate Findings
Module 5: Network and Communications Security
Lesson 17: Fundamental Networking Concepts
17.1 OSI and TCP/IP Reference Models
17.2 Network Topologies and Relationships
17.3 Commonly Used Ports and Protocols
17.4 Transmission Media Types
17.5 Software-Defined Networking (SDN)
Lesson 18: Network Attacks
18.1 Spoofing and Flooding
18.2 Denial of Service and Botnets
18.3 MitM and Poisoning
18.4 Wireless Attacks
Lesson 19: Network Access Controls
19.1 RADIUS and TACACS+
19.2 IEEE 802.1x PNAC
19.3 Remote Access Security
19.4 IPsec v4 and v6
Lesson 20: Manage Network Security
20.1 Security Device Placement
20.2 Zoning and Segmentation
20.3 Secure Routers
20.4 Secure Switches
Lesson 21: Network Security Device Operation
21.1 Firewalls and Proxies
21.2 IDS and IPS
21.3 Traffic Shaping
Lesson 22: Secure Wireless Communication
22.1 Survey of Wireless Technologies
22.2 Authentication and Encryption Protocols
22.3 Internet of Things (IoT)
Module 6: Systems and Application Security
Lesson 23: Identify Malicious Code and Actions
23.1 Survey of Malware
23.2 Malware Countermeasures
23.3 Survey of Malicious Exploits and Activity
23.4 Malware Activity Countermeasures
23.5 Social Engineering and Countermeasures
Lesson 24: Implement Endpoint Security
24.1 HIPS and Host-based Firewalls
24.2 Endpoint Encryption and TPM
24.3 Secure Browsers
24.4 Endpoint Detection and Response (EDR)
Lesson 25: Enterprise Mobility Management (EMM)
25.1 MDM vs. MAM
25.2 Provisioning Techniques
25.3 Containerization and Encryption
25.4 Mobile Application Management (MAM)
Lesson 26: Cloud Security
26.1 Service and Deployment Models
26.2 Legal and Regulatory Concerns
26.3 Data Storage, Processing, and Transmission
26.4 Third-party and Outsourcing Requirements
Lesson 27: Operate Secure Virtual Environments
27.1 Types of Hypervisors
27.2 Containers
27.3 Virtual Appliance Continuity and Resilience
27.4 Attacks and Countermeasures
Module 7: Incident Response and Recovery
Lesson 28: Incident Response Lifecycle
28.1 Preparation
28.2 Detection, Analysis, and Escalation
28.3 Containment and Eradication
28.4 Recovery and Lessons Learned
Lesson 29: Forensic Investigations
29.1 Legal and Ethical Principles
29.2 Evidence Handling
29.3 Reporting of Analysis
Lesson 30: Business Continuity Planning
30.1 Business Impact Analysis (BIA)
30.2 Backup, Redundancy, and Restoration
30.3 Disaster Recovery Plannng (DRP)
30.4 Testing and Drills
Summary