TOIT Training

Facebook X-twitter Linkedin Instagram
Menu
Intermediate
Cyber Security

Systems Security Certified Practitioner (SSCP)

Overview
Curriculum

 

The best way to combat an attack on an organization’s information assets is to have qualified information security professionals with the appropriate practices and controls to implement, monitor and administer IT infrastructure to ensure data confidentiality, integrity and availability. This online instructor-led training SSCP course validates student’s ability to identify, evaluate, and prioritize potential threats, manage and mitigate threats through risk management concepts, assessment activities, and monitoring terminology, techniques and systems.

Students will gain the skills and knowledge to properly and promptly respond to a security incident or forensic investigation with incident handling processes and procedures such as Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP).

Curriculum

  • 7 Sections
  • 126 Lessons
  • 16h Duration
Expand All
Security Operations and Administration
9 Lessons
  1. What is ISC/SSCP
  2. Security Basics
  3. Segregation of duties
  4. Security controls
  5. Administrative controls
  6. Assessing compliance
  7. Types of security controls
  8. Asset management
  9. Change management lifecycle
Access Controls
11 Lessons
  1. Types of authentication
  2. Access Controls
  3. RBAC
  4. Rule Based Access Control
  5. MAC
  6. DAC
  7. Trust relationships
  8. Transitive
  9. Zero
  10. Identity management
  11. Authorization
Risk Identification
17 Lessons
  1. Definitions – risk, risk management, vulnerability
  2. Determining risk levels
  3. Key Risk Indicator
  4. Types of risk responses
  5. Acceptance
  6. Mitigation
  7. Identifying risks and vulnerabilities
  8. Creating baselines and anonamlies
  9. Risk management frameworks (RMF) – enterprise level
  10. Creating reports
  11. Remediation
  12. Continuous monitoring
  13. Slow performance of systems/crashing
  14. Network
  15. Metrics and data analysis
  16. Event triggers
  17. Legal restraints
Incident Response
16 Lessons
  1. Response plan
  2. Documenting a response plan
  3. First steps
  4. Recording any changes/moves made to secure data – chain of custody
  5. Contain damage (disconnect drives, etc)
  6. Next steps
  7. Plan on how to resolve issue
  8. Investigate source of incident – forensic investigation
  9. Begin recovery
  10. Document all actions
  11. After actions reporting
  12. Document future prevention plan
  13. Provide employee/personal training to avoid repeat scenario
  14. Backup planning
  15. Testing backups
  16. Emergency response plans
Cryptography
20 Lessons
  1. Laws and regulations
  2. ISO
  3. Data encryption
  4. Encryption during transit
  5. Encryption at rest
  6. Strength of encryptions
  7. What is Public Key Infrastructure (PKI)
  8. Certificate authority
  9. What uses PKI
  10. Key creation and destruction
  11. PGP
  12. GPG
  13. Blockchain
  14. Nonrepudiation
  15. Digital Signatures
  16. HMAC
  17. Security protocols
  18. SSL/TLS
  19. S/MIME
  20. DKIM
Network and Communication Security
36 Lessons
  1. Parts of a network
  2. Routers/switches
  3. Firewalls
  4. IDS/IPS
  5. TCP/IP model
  6. OSI Model
  7. Compare/contrast models side by side
  8. Important protocols in IP stack
  9. HTTP
  10. Email protocols
  11. Other common protocols – FTP, DNS
  12. Network topologies
  13. Ring
  14. Hybrid
  15. Peer-to-peer
  16. Switches
  17. VLANs
  18. Switchport abilities
  19. Trunking
  20. Routers
  21. Routing protocols
  22. Load balancing
  23. RADIUS
  24. TACACS
  25. ACLs
  26. Remote access through VPN
  27. VPN
  28. Wireless topology
  29. Wireless Standards
  30. Encryption
  31. Authentication
  32. Threats
  33. Prevention
  34. Placement of APs/antennas
  35. Bluetooth
  36. NFC technology
Systems and Applications Security
17 Lessons
  1. Network attacks
  2. Ransomware
  3. Trojans
  4. Exploits
  5. Spyware/Adware
  6. Man in the Middle
  7. Rootkits
  8. Social Engineering attacks
  9. Whaling
  10. Password hacking
  11. Anti-Virus
  12. Host based IDS
  13. Mobile application management
  14. Data transmission
  15. Benefits/drawbacks of cloud
  16. Data ownership in cloud environments
  17. Virtualization

Deleting Course Review

Are you sure? You can't restore this back

Course Access

This course is password protected. To access it please enter your password below:

Buy for group

Systems Security Certified Practitioner (SSCP)
No groups Found

You don't have any groups yet

Create a group and add group members. Sync Group(s)
Choose Group(s)
Sync Group(s)
    Create a new group Go to Checkout