Systems Security Certified Practitioner | SSCP

Systems Security Certified Practitioner | SSCP

The Systems Security Certified Practitioner (SSCP) is the ideal certification for those with proven technical skills and practical, hands-on security knowledge in operational IT roles. It provides confirmation of a practitioner’s ability to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability. The broad spectrum of topics included in the SSCP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security.

Successful candidates are competent in the following seven domains:
– Security Operations and Administration
– Access Controls
– Risk Identification, Monitoring and Analysis
– Incident Response and Recovery
– Cryptography
– Network and Communications Security
– Systems and Application Security

Doelstellingen

• Understand the different Access Control systems and how they should be implemented to protect the system and data using the different levels of confidentiality, integrity, and availability.
• Understand the processes necessary for working with management and information owners, custodians, and users so that proper data classifications are defined. This will ensure the proper handling of all hard copy and electronic information as it is applied by the Security Operations and Administration.
• The Risk Identification, Monitoring, and Analysis Domain identifies the how to identify, measure, and control losses associated with adverse events. You will review,analyze, select, and evaluate safeguards for mitigating risk.
• Identify how to handle Incident Response and Recovery using consistent, applies approaches including the use of the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) concepts in order to mitigate damages, recover business operations, and avoid critical business interruption; and emergency response and post-disaster recovery.
• Identify and differentiate key cryptographic concepts and how to apply them, implement secure protocols, key management concepts, key administration and validation, and Public Key Infrastructure as it applies to securing communications in the presence of third parties.
• Define and identify the Networks and Communications Security needed to secure network structure, data transmission methods, transport formats, and the security measures used to maintain integrity, availability, authentication, and confidentiality of the information being transmitted.
• The Systems and Application Security section identifies and defines technical and non-technical attacks and how an organization can protect itself from these attacks including the concepts in endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments.

Voorkennis

One year working in the Information Security arena, covering at least one of the domains from the SSCP CBK.

Aanbevolen vereisten:
– CompTIA Network+

Voor wie

The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets, including those in the following positions:

– Network Security Engineer
– Systems Administrator
– Security Analyst
– Systems Engineer
– Security Consultant/Specialist
– Security Administrator
– Systems/Network Analyst
– Database Administrator

Inhoud

1. Security Operations and Administration
– 1.1 Comply with codes of ethics
– 1.2 Understand security concepts
– 1.3 Identify and implement security controls
– 1.4 Document and maintain functional security controls
– 1.5 Participate in asset management lifecycle (hardware, software and data)
– 1.6 Participate in change management lifecycle
2. Access Controls
– 2.1 Implement and maintain authentication methods
– 2.2 Support internetwork trust architectures
– 2.3 Participate in the identity management lifecycle
– 2.4 Understand and apply access controls
3. Risk Identification, Monitoring and Analysis
– 3.1 Understand the risk management process
– 3.2 Understand legal and regulatory concerns (e.g., jurisdiction, limitations, privacy)
– 3.3 Participate in security assessment and vulnerability management activities
– 3.4 Operate and monitor security platforms (e.g., continuous monitoring)
– 3.5 Analyze monitoring results
4. Incident Response and Recovery
– 4.1 Support incident lifecycle lifecycle e.g., National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO))
– 4.2 Understand and support forensic investigations
– 4.3 Understand and support business continuity plan (BCP) and disaster recovery plan (DRP)
5. Cryptography
– 5.1 Understand cryptography
– 5.2 Apply cryptography concepts
– 5.3 Understand and implement secure protocols
– 5.4 Understand public key infrastructure (PKI)
6. Network and Communications Security
– 6.1 Understand and apply fundamental concepts of networking
– 6.2 Understand network attacks (e.g., distributed denial of service (DDoS), man-in-the-middle (MITM), Domain Name System (DNS) poisoning) and countermeasures (e.g., content delivery networks (CDN))
– 6.3 Manage network access controls
– 6.4 Manage network security
– 6.5 Operate and configure network-based security devices
– 6.6 Secure wireless communications
7. Systems and Application Security
– 7.1 Identify and analyze malicious code and activity
– 7.2 Implement and operate endpoint device security
– 7.3 Administer Mobile Device Management (MDM)
– 7.4 Understand and configure cloud security
– 7.5 Operate and maintain secure virtual environments

Exclusief examen

Systems Security Certified Practitioner | SSCP

DutchTrain is een officieel geaccrediteerd Test Center voor Pearson Vue Test, Prometric, Kryterion, Castle Worldwide, Certiport & PSI. U bent bij ons van harte welkom voor examens welke via deze Test Centers beschikbaar zijn. Examens kunnen elke dag, binnen kantooruren, worden afgenomen.

Duur

5 dagen

Deze training is ook beschikbaar als

– Education On Demand (e-learning)
– Maatwerktraining, neem hiervoor contact op met een van onze opleidingsadviseurs.