14 hours of video instruction to learn everything you need to know about the Systems Security Certified Practitioner (SSCP) certification exam.
Overview
SSCP (Systems Security Certified Practitioner) Complete Video Course provides 14 hours of comprehensive video that teaches you everything you need to know get up and running with systems security. (ISC)2’s SSCP exam is a solid introductory certification in IT security and this …
14 hours of video instruction to learn everything you need to know about the Systems Security Certified Practitioner (SSCP) certification exam.
Overview
SSCP (Systems Security Certified Practitioner) Complete Video Course provides 14 hours of comprehensive video that teaches you everything you need to know get up and running with systems security. (ISC)2’s SSCP exam is a solid introductory certification in IT security and this comprehensive video course walks you through every topic on the exam blueprint so you can learn about system security from the ground up and also gain the knowledge and skills you need to pass the SSCP exam. Full of live trainer discussions, hands-on demos, whiteboard work, and deep dive discussions, this course covers security fundamentals and principles in a way that is easy to access.
Description
SSCP (Systems Security Certified Practitioner) Complete Video Course is a unique video product that teaches you the fundamentals of system security while also covering every objective in the SSCP certification exam so you can learn everything needed to pass the test and also the knowledge and skills you need to advance your cybersecurity career. The (ISC)2 SSCP exam is a vendor neutral world-recognized certification that endorses your IT security knowledge. It is also the a great way to start your path toward CISSP certification, which is the next step through (ISC)2.
The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the SSCP exam.
Topics include:
About the Instructor
Michael J Shannon began his IT career when he transitioned from a recording studio engineer to network technician for a major telecommunications company in the early 90’s. He soon began to focus on security and was one of the first 10 people to attain the HIPAA Certified Security Specialist. Throughout his 30 years in IT he has worked as an employee, contractor, trainer and consultant for a number of companies including Platinum Technologies, Fujitsu, IBM, State Farm, Pearson, MindSharp, Thomson/NetG, and Skillsoft among others. Mr. Shannon has authored several books, training manuals, published articles, and produced dozens of CBT titles over the years as well. For security purposes, he has attained the CISSP, CCNP Security, SSCP, Security+, and ITIL Intermediate SO and RCV certifications. He is also a licensed insurance agent specializing in cyber insurance on behalf of large insurers and numerous companies throughout Texas.
Skill Level
Beginning
What You Will Learn
Who Should Take This Course
The target audience for this course consists of systems/network/application security professionals that are preparing for the SSCP Exam. A secondary audience consists of any IT professional who wants to gain a broad understanding of how to secure modern enterprises.
Table of Contents
Module 1: Security Operations and Administration
Lesson 1: Overview of SSCP and the (ISC)2 Code of Ethics
Lesson 2: Security Terminology and Policy
Lesson 3: Security Administration
Module 2: Risk Identification, Monitoring and Analysis
Lesson 4: Risk Management and Assessment
Lesson 5: Security Operations
Module 3: Access Controls
Lesson 6: Access Controls (Part 1)
Lesson 7: Access Controls (Part 2)
Module 4: Network and Communications Security
Lesson 8: Types of Attacks
Lesson 9: Network Protocols and Services
Lesson 10: Infrastructure Device Protection
Lesson 11: Overview of Security Devices
Lesson 12: Wireless Technology and Security
Module 5: Cryptography
Lesson 13: Cryptography (Part 1)
Lesson 14: Cryptography (Part 2)
Module 6: Systems and Application Security
Lesson 15: Malware Threats
Lesson 16: Identifying Malware and IoCs
Lesson 17: Endpoint Security
Lesson 18: Systems and Application Security
Module 7: Incident Response and Recovery
Lesson 19: Incident Response and Recovery
Lesson 20: Exam Tips and Techniques
About LiveLessons Video Training
LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons on InformIT at http://www.informit.com/livelessons.
Introduction
SSCP (Systems Security Certified Practitioner): Introduction
Module 1: Security Operations and Administration
Module Introduction
Lesson 1: Overview of SSCP and the (ISC)2 Code of Ethics
Learning objectives
1.1 Who Is (ISC)2?
1.2 The Systems Security Certified Practitioner (SSCP) Certification
1.3 SSCP Exam Overview
1.4 (ISC)2 Code of Ethics
Summary
Lesson 2: Security Terminology and Policy
Learning objectives
2.1 The Threat Landscape
2.2 Risks and Vulnerabilities
2.3 Threats and Threat Agents
2.4 Motivations and Means
2.5 Indicators of Compromise (IOCs)
2.6 Countermeasures and Mitigation
2.7 The Security Triad
2.8 The Written Security Policy
Summary
Lesson 3: Security Administration
Learning objectives
3.1 Asset Management
3.2 Change Management
3.3 Configuration Management
3.4 Security Impact Assessment
3.5 Security Awareness and Training
3.6 Physical Security Operations
3.7 AUP Policy Enforcement
Summary
Module 2: Risk Identification, Monitoring and Analysis
Module Introduction
Lesson 4: Risk Management and Assessment
Learning objectives
4.1 Risk Management Concepts
4.2 Handling Risk
4.3 Qualitative Risk Assessment
4.4 Quantitative Risk Assessment
4.5 Risk Visibility and Reporting
4.6 Auditing Findings for Continual Improvement
Summary
Lesson 5: Security Operations
Learning objectives
5.1 Importance of Continuous Monitoring
5.2 Syslog
5.3 SNMPv3
5.4 NetFlow
5.5 Security Analytics, Metrics and Trends
5.6 Visualization
5.7 Event Data Analysis
5.8 Communicating Findings
Summary
Module 3: Access Controls
Module Introduction
Lesson 6: Access Controls (Part 1)
Learning objectives
6.1 AAA Defined
6.2 Authentication Factors
6.3 Internetwork Trust Architectures
6.4 Trust Relationships
6.5 Subject-based versus Object-based
6.6 MAC versus DAC
6.7 Role-based and Attribute-based
6.8 Identity Management Lifecycle
Summary
Lesson 7: Access Controls (Part 2)
Learning objectives
7.1 IEEE 802.1X
7.2 802.1AE MAC Security
7.3 RADIUS
7.4 TACACS+
7.5 Network Admission Control
7.6 Remote-Access Teleworkers
7.7 IPSec VPN
7.8 SSL/TLS VPN
Summary
Module 4: Network and Communications Security
Module Introduction
Lesson 8: Types of Attacks
Learning objectives
8.1 Social Engineering
8.2 Spoofing
8.3 Denial-of-Service and DDoS
8.4 Botnets
8.5 ZeroDay Attacks and APTs
8.6 Buffer Overflow and Injection
8.7 Reflection and Amplification
8.8 Poisoning
8.9 Phishing, Pharming, and Spam
8.10 Hijacking
Summary
Lesson 9: Network Protocols and Services
Learning objectives
9.1 The OSI Model
9.2 The TCP/IP Model
9.3 Physical Topologies
9.4 Logical Topologies
9.5 Common Protocols and Services
9.6 Physical Security
9.7 Securing Layers 2-4
9.8 Securing Layers 5-7
Summary
Lesson 10: Infrastructure Device Protection
Learning objectives
10.1 Overview of Network Infrastructure Protection
10.2 Hardening the Device Planes
10.3 Types of Security Controls
10.4 Categories of Security Controls
10.5 Segmentation and Zoning
10.6 Secure Device Management
10.7 Device Protection Best Practices
Summary
Lesson 11: Overview of Security Devices
Learning objectives
11.1 Security Router
11.2 Security Switches
11.3 Firewalls
11.4 Proxies
11.5 NIDS and NIPS
11.6 VPN Gateways
11.7 Content Security Appliances
11.8 Traffic-shaping Devices
Summary
Lesson 12: Wireless Technology and Security
Learning objectives
12.1 Overview of Wireless Technology
12.2 Transmission Security
12.3 Common Wireless Attacks
12.4 Basic Countermeasures
12.5 Wireless Infrastructure Devices
12.6 Protecting Wireless Endpoints
Summary
Module 5: Cryptography
Module Introduction
Lesson 13: Cryptography (Part 1)
Learning objectives
13.1 Introduction to Cryptology
13.2 Ciphers
13.3 Block versus Stream Ciphers
13.4 Encryption
13.5 Symmetric Key Systems
13.6 Asymmetric Key Systems
13.7 Hashing and Integrity
Summary
Lesson 14: Cryptography (Part 2)
Learning objectives
14.1 Key Management
14.2 Digital Signatures
14.3 Web of Trust
14.4 Public Key Infrastructure
14.5 X.509v3 Certificates
14.6 CA Trusts and Certificate Chaining
14.7 Expiration, Revocation and Suspension
14.8 Implementation of Secure Protocols
Summary
Module 6: Systems and Application Security
Module Introduction
Lesson 15: Malware Threats
Learning objectives
15.1 Viruses
15.2 Worms
15.3 Trojan Horse (RATs)
15.4 Ransomware and Cryptoware
15.5 Backdoors
15.6 Logic Bombs
15.7 Keyloggers
15.8 Spyware
15.9 Stegomalware
Summary
Lesson 16: Identifying Malware and IoCs
Learning objectives
16.1 Identifying Malicious Code
16.2 Indications of Compromise (IoCs)
16.3 Survey of Attack Tools and Kits
16.4 Malicious Code Countermeasures
16.5 Malicious Activity Countermeasures
Summary
Lesson 17: Endpoint Security
Learning objectives
17.1 Host-based IDS (HIDS)
17.2 Personal Security Suites
17.3 Endpoint Encryption
17.4 Advanced Endpoint Systems
17.5 Virtualization and Thin Clients
17.6 Protecting Detached Storage
17.7 Secure Browsing
17.8 Mobile Device Security Management
Summary
Lesson 18: Systems and Application Security
Learning objectives
18.1 Application Security
18.2 Mitigating Architecture and Design Vulnerabilities
18.3 Service Models
18.4 Data Storage and Transmission
18.5 Third-party and Outsourcing
18.6 Virtualization Security Overview
18.7 Cloud Computing Models
18.8 Operate and Secure Virtual Environments
18.9 Securing Big Data Systems
18.10 Legal and Privacy Concerns
Summary
Module 7: Incident Response and Recovery
Module Introduction
Lesson 19: Incident Response and Recovery
Learning objectives
19.1 Participating in Incident Handling
19.2 Incident Handling Lifecycle
19.3 Supporting Forensic Investigations
19.4 Understanding BCPs and DRPs
19.5 Emergency Response
19.6 Restoration Planning
19.7 Implementing Backups and Redundancy
19.8 Testing and Drills
Summary
Summary
SSCP (Systems Security Certified Practitioner): Summary