Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
320 views

Example SSCP PDF

Uploaded by

cheikso Bonjour
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
320 views

Example SSCP PDF

Uploaded by

cheikso Bonjour
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

17

20
V.
B.
SSCP ®
Training
e

Slide Book
rc
tfo
us
Tr
©
TABLE OF CONTENT

INTRODUCTIONS __________________________________________________________________ 5
INTRODUCTIONS ________________________________________________________________ 5
SSCP DOMAINS _________________________________________________________________ 7
SSCP EXAM _____________________________________________________________________ 8
PRE-ASSESSMENT QUESTIONS _____________________________________________________ 12

17
DOMAIN 1: ACCESS CONTROLS _____________________________________________________ 21
WHY ACCESS CONTROL? _________________________________________________________ 22
TYPES OF ACCESS CONTROLS ______________________________________________________ 23

20
IDENTIFICATION ________________________________________________________________ 26
AUTHENTICATION ______________________________________________________________ 27
ACCESS CONTROL MODELS _______________________________________________________ 35
SSO AND FEDERATION ___________________________________________________________ 41
REVIEW QUESTIONS_____________________________________________________________ 45

V.
DOMAIN 2: SECURITY OPERATIONS AND ADMINISTRATION ______________________________ 51
CODE OF ETHICS ________________________________________________________________
B. 52
SECURITY CONCEPTS AND PRINCIPLES_______________________________________________ 54
DATA MANAGEMENT POLICIES ____________________________________________________ 57
SECURITY EDUCATION AND AWARENESS TRAINING ____________________________________ 64
BUSINESS CONTINUITY PLANNING _________________________________________________ 68
e
REVIEW QUESTIONS_____________________________________________________________ 69
DOMAIN 3: RISK IDENTIFICATION, MONITORING AND ANALYSIS __________________________ 75
rc

UNDERSTANDING THE RISK MANAGEMENT PROCESS __________________________________ 76


RISK MANAGEMENT FRAMEWORKS AND GUIDANCE FOR MANAGING RISKS_________________ 77
fo

RISK ANALYSIS AND RISK ASSESSMENT ______________________________________________ 79


MANAGING RISKS ______________________________________________________________ 82
RISK VISIBILITY AND REPORTING ___________________________________________________ 86
st

ANALYZING MONITORING RESULTS_________________________________________________ 89


REVIEW QUESTIONS_____________________________________________________________ 90
u

DOMAIN 4: INCIDENT RESPONSE AND RECOVERY ______________________________________ 97


EVENTS AND INCIDENTS HANDLING POLICY __________________________________________ 98
Tr

CREATING AND MAINTAINING AN INCIDENT RESPONSE PLAN ____________________________ 99


UNDERSTANDING AND SUPPORTING FORENSIC INVESTIGATIONS ________________________ 106
UNDERSTANDING AND SUPPORTING THE BUSINESS CONTINUITY ________________________ 109
REVIEW QUESTIONS____________________________________________________________ 123
©

DOMAIN 5: CRYTOGRAPHY _______________________________________________________ 131


CONCEPTS AND REQUIREMENTS OF CRYPTOGRAPHY __________________________________ 132
KEY MANAGEMENT ____________________________________________________________ 143
SECURE PROTOCOLS ___________________________________________________________ 153
REVIEW QUESTIONS____________________________________________________________ 155
DOMAIN 6: NETWORKS AND COMMUNICATIONS _____________________________________ 163
OSI REFERENCE MODEL _________________________________________________________ 164
TCP/IP MODEL ________________________________________________________________ 166
NETWORKING FOUNDATIONS ____________________________________________________ 169
TYPES OF TRANSMISSION _______________________________________________________ 172
NETWORKING DEVICES _________________________________________________________ 177
WIRELESS TECHNOLOGIES _______________________________________________________ 188

17
REVIEW QUESTIONS____________________________________________________________ 195
DOMAIN 7: SYSTEMS AND APPLICATION SECURITY ____________________________________ 203
INTERNET RISKS & THREATS ______________________________________________________ 204

20
CYBER ATTACKS _______________________________________________________________ 209
ENDPOINT DEVICE SECURITY _____________________________________________________ 217
CLOUD SECURITY ______________________________________________________________ 219
SECURE BIG DATA______________________________________________________________ 230

V.
SECURE SOFTWARE-DEFINED NETWORKS AND VIRTUAL ENVIRONMENTS__________________ 231
REVIEW QUESTIONS____________________________________________________________ 233
B.
e
rc
fo
u st
Tr
©

You might also like