logo

ISC Course

course overview

Click to View dates & book now

Overview

Looking to move up in the information security field? If you have at least one year of security experience, you qualify for the Systems Security Certified Practitioner (SSCP) certification, which offers junior security professionals a way to validate their experience and demonstrate competence with (ISC)² 's seven domains. A free copy of the Official (ISC)² Guide to The SSCP CBK from (ISC)² Press and a SSCP certification practice exam from Self Test Software are included with the course.Interested in group training toward 8570.1 compliancy? This course can be a component of our 8570.1 Training Solution that can also include assessments, certification preparation and program management, post training and testing, 8570 compliancy tracking and reporting, and continuing education. Learn more about our 8570 Training Solution by contacting us at 1-888-DOD-8570

Audience

This course has proven to be very valuable to personnel in an organization that are fairly new to the field of information security or that do not have security as their primary job responsibility. Many of the attendees have been Information Systems Auditors, System and Network Administrators, Application Programmers and Project Managers.

Skills Gained

In-depth coverage of the seven domains-required to pass the SSCP Exam:

  • Access Controls
  • Security Operations and Administration
  • Analysis and Monitoring
  • Cryptography
  • Networks and Telecommunications
  • Malicious Code/Malware
  • Risk, Response, and Recovery

Prerequisites

  • Systems administration experience, familiarity with TCP/IP, and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in our Security+ Prep Course

Outline

1. Testing-Taking Tips and Study Techniques

  • Preparation for the SSCP Exam
  • Submitting Required Paperwork
  • Resources and Study Aids
  • Passing the Exam the First Time

2. Security Operations and Administration

  • Change Control/Configuration Management
  • Vulnerability Assessment and Pen-Testing

3. Access Controls

  • AAA
  • Authentication Methods (Types 1, 2, & 3)
  • Authorization - DAC, RBAC, MAC
  • Accounting - Logging, Monitoring, Auditing
  • Single Sign-On - Kerberos, Radius, Diameter, TACACS
  • Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering

4. Cryptography

  • Intro/History
  • Symmetric
  • Asymmetric
  • Hashing
  • Cryptosystems - SSL, S/MIME, PGP
  • PKI
  • Cryptanalysis

5. Malicious Code and Malware

  • Layering, Data Hiding, and Abstraction
  • Database Security
  • AI
  • OOD
  • Mobil Code
  • Malware Architecture Problems - Covert Channels + TOC/TOU, Object Reuse
  • Network Vulnerabilities

6. Networks and Telecommunications

  • OSI/DoD TCP/IP Models
  • TCP/UDP/ICMP/IP
  • Ethernet
  • Devices - Routers/Switches/Hubs
  • Firewalls
  • Wireless
  • WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable
  • Voice - PBX/Cell Phones/VOIP
  • IPSec

7. Risk, Response, and Recovery

  • CIA
  • Roles and Responsibilities - RACI
  • Asset Management
  • Taxonomy - Information Classification
  • Risk Management
  • Policies, Procedures, Standards, Guidelines, Baselines
  • Knowledge Transfer - Awareness, Training, Education
  • BIA Policy
  • BIA Roles and Teams
  • Data Backups, Vaulting, Journaling, Shadowing
  • Alternate Sites
  • Emergency Response
  • Required notifications
  • BIA Tests

8. Analysis and Monitoring

  • Ethics - Due Care/Due diligence
  • Intellectual Property
  • Incident Response
  • Forensics
  • Evidence
  • Laws - HIPAA, GLB, SOX

9. Review and Q&A Session

  • Final Review and Test Prep

Talk to an expert

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

All $ prices are in USD unless it’s a NZ or AU date

SPVC = Self Paced Virtual Class

LVC = Live Virtual Class

Please Note: All courses are availaible as Live Virtual Classes

Trusted by over 1/2 million students in 15 countries

Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.