Embedded Files
Course Information
Course Name
SSCP: Systems Security Certified Practitioner
Exam code
SSCP
Duration
5 Days
Certification
Systems Security Certified Practitioner (SSCP)
Overview
The Systems Security Certified Practitioner (SSCP®) provides a comprehensive review of the knowledge required to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability.
This training course will help students review and refresh their knowledge and identify areas they need to study for the SSCP exam. Content aligns with and comprehensively covers the seven domains of the (ISC)² SSCP Common Body of Knowledge (CBK®).
Audience Profile
The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets, including those in the following positions:
Network Security Engineer
Systems Administrator
Security Analyst
Systems Engineer
Security Consultant/Specialist
Security Administrator
Systems/Network Analyst
Database Administrator
Health Information Manager
Practice Manager
Prerequisites
This training course is intended for practitioners who have at least one year of cumulative, paid work experience in one or more of the seven domains of the (ISC)2 SSCP CBK and are pursuing SSCP training and certification to acquire the credibility and mobility to advance within their current information security careers.
At Course Completion
After completing this course, the student will be able to:
Describe security and the alignment of asset management to risk
Appraise risk management options and the use of access controls to protect assets.
Examine the field of cryptography to secure information and communication.
Build a security posture by securing software, data, and
Apply network and communications security to establish a secure networked environment.
Evaluate cloud and wireless
Prepare for incident detection and
Implement appropriate measures that contribute to the maturation of risk management.
Course Outline
Module 1: Security Concepts and Practices
Comply with Codes of Ethics
ISC2 Code of Ethics
Organizational code of ethics
Understand Security Concepts
Confidentiality, Integrity, Availability
Accountability, Non-repudiation
Least privilege, Segregation of duties
Identify and Implement Security Controls
Technical, Physical, and Administrative controls
Compliance requirements and periodic audits
Document and Maintain Functional Security Controls
Deterrent, Preventative, Detective, Corrective, Compensating controls
Support and Implement Asset Management Lifecycle
Planning, Design, Development, Acquisition, Implementation, Operation, Maintenance, End of Life, Archival, Retention, Disposal
Support and Implement Change Management Lifecycle
Roles, Responsibilities, Processes, Communications, Audit
Security impact analysis, Configuration management
Support and Implement Security Awareness and Training
Social engineering, Phishing, Tabletop exercises, Awareness communications
Collaborate with Physical Security Operations
Data center/facility assessment, Badging, Visitor management, Personal device restrictions
Module 2: Access Controls
Implement and Maintain Authentication Methods
Single/Multi-factor authentication (MFA)
Single sign-on (SSO), Device authentication
Federated access (e.g., OAuth2, SAML)
Understand and Support Internetwork Trust Architectures
Trust relationships, Internet, intranet, extranet, DMZ
Third-party connections (e.g., API, app extensions, middleware)
Module 3: Risk Identification, Monitoring, and Analysis
Identify and Assess Security Risks
Risk assessment methodologies
Threat, vulnerability, and impact analysis
Implement and Manage Security Monitoring
Security monitoring tools and techniques
Continuous monitoring and reporting
Conduct Security Audits and Assessments
Audit planning, execution, and reporting
Compliance assessments and gap analysis
Module 4: Incident Response and Recovery
Develop and Implement Incident Response Plans
Incident response lifecycle
Roles and responsibilities during incidents
Conduct Forensic Investigations
Evidence collection and preservation
Chain of custody and legal considerations
Implement Business Continuity and Disaster Recovery Plans
Continuity planning, recovery strategies
Testing and maintenance of plans
Module 5: Cryptography
Understand Cryptographic Concepts
Symmetric and asymmetric encryption
Hashing, digital signatures, certificates
Implement and Manage Cryptographic Solutions
Key management practices
Public Key Infrastructure (PKI)
Ensure Compliance with Cryptographic Standards
Cryptographic algorithms and protocols
Regulatory requirements and industry standards
Module 6: Network and Communications Security
Implement Secure Network Architecture
Network segmentation, zoning, and isolation
Secure network design principles
Manage Network Security Controls
Firewalls, intrusion detection/prevention systems (IDS/IPS)
Virtual Private Networks (VPNs), proxies
Ensure Secure Communication Channels
Secure protocols (e.g., SSL/TLS, IPsec)
Wireless security standards and practices
Module 7: Systems and Application Security
Implement Secure Software Development Practices
Secure coding standards
Software development life cycle (SDLC)
Manage Application Security Controls
Application firewalls, code reviews
Vulnerability scanning and remediation
Ensure Secure System Configurations
System hardening techniques
Patch management and updates
All ISC2 certification courses are conducted by certified trainers from Iverson.
Digital Methods acts as the official training partner and assists with program consultation, registration, coordination, scheduling, and administrative arrangements to ensure a seamless and professionally managed training experience.
Page updated
Google Sites
Report abuse