O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition, 3rd Edition

Book Description

This fully updated study guide offers complete coverage of every topic on the latest version of the SSCP exam

Take the 2018 edition of the challenging Systems Security Certified Practitioner (SSCP) exam with confidence using the detailed information contained in this highly effective self-study guide. The book provides 100% coverage of the revised SSCP Common Body of Knowledge (CBK) as developed by the International Information Systems Security Certification Consortium (ISC)2.

Written by bestselling IT security certification author and trainer Darril Gibson, SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition clearly explains all exam domains. You will get lists of topics covered at the beginning of each chapter, exam tips, practice exam questions, and in-depth answer explanations. Designed to help you pass the exam with ease, SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Third Edition also serves as an essential on-the-job reference.

•Features 100% coverage of every objective on the SSCP exam
•Electronic content includes 250+ practice questions and a secured book PDF
•Written by an industry-recognized expert and experienced trainer

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. Contents at a Glance
  6. Contents
  7. Acknowledgments
  8. Introduction
  9. Exam Objective Map
  10. Chapter 1 Security Fundamentals
    1. Reviewing the Requirements for SSCP
      1. Have One Year of Experience
      2. Registering for the Exam
      3. Passing the Exam
      4. Subscribing to the (ISC)2 Code of Ethics and Getting Endorsed
      5. Maintaining Your SSCP Certification
    2. Understanding Basic Security Concepts
      1. Confidentiality
      2. Integrity
      3. Availability
    3. Exploring Fundamentals of Security
      1. Least Privilege
      2. Separation of Duties
      3. Privacy and Data Sensitivity
      4. Defense in Depth
      5. Nonrepudiation
      6. AAAs of Security
      7. Accountability
      8. Due Diligence
      9. Due Care
    4. Chapter Review
      1. Questions
      2. Answers
  11. Chapter 2 Access Controls
    1. Comparing Identification, Authentication, and Authorization
    2. Exploring Authentication
      1. Three Factors of Authentication
      2. Multifactor Authentication
      3. Two-Step Verification
      4. Reviewing Identification
      5. Single Sign-on Authentication
      6. Centralized vs. Decentralized Authentication
      7. Offline Authentication
      8. Device Authentication
    3. Implementing Access Controls
      1. Comparing Subjects and Objects
      2. Logical Access Controls
    4. Comparing Access Control Models
      1. Discretionary Access Control
      2. Non-Discretionary Access Control
      3. Access Control Matrix vs. Capability Table
    5. Participating in the Identity and Access Management Lifecycle
      1. Identity Proofing
      2. Provisioning and Authorization
      3. Maintenance and Entitlement
      4. De-provisioning
    6. Participating in Physical Security Operations
      1. Badging
      2. Data Center Assessment
    7. Chapter Review
      1. Questions
      2. Answers
  12. Chapter 3 Basic Networking and Communications
    1. Understanding Use Cases
    2. Reviewing the OSI Model
      1. The Physical Layer (Layer 1)
      2. The Data Link Layer (Layer 2)
      3. The Network Layer (Layer 3)
      4. The Transport Layer (Layer 4)
      5. The Session Layer (Layer 5)
      6. The Presentation Layer (Layer 6)
      7. The Application Layer (Layer 7)
    3. Comparing the OSI and TCP/IP Models
    4. Understanding Network Topologies and Relationships
      1. Ethernet
      2. Bus Topology
      3. Star Topology
      4. Tree Topology
      5. Token Ring Topology
      6. Mesh Topology
      7. Network Relationships
    5. Reviewing Basic Protocols and Ports
      1. Comparing IPv4 and IPv6
      2. Dynamic Host Configuration Protocol
      3. Address Resolution Protocol
      4. Network Discovery Protocol
      5. Domain Name System
      6. Internet Control Message Protocol
      7. Internet Group Message Protocol
      8. Simple Network Management Protocol
      9. File Transfer Protocol
      10. Telnet
      11. Secure Shell
      12. Hypertext Transfer Protocol and Hypertext Transfer Protocol Secure
      13. Transport Layer Security and Secure Sockets Layer
      14. Network File System
      15. Routing Protocols
      16. E-mail Protocols
      17. Internet Protocol Security
      18. Tunneling Protocols
      19. Mapping Well-Known Ports to Protocols
      20. Comparing Ports and Protocol Numbers
    6. Comparing Internetwork Trust Architectures
      1. Comparing Public and Private IP Addresses
      2. Using NAT
      3. Comparing Trust Relationships
    7. Exploring Wireless Technologies
      1. Securing Data Transmissions
      2. Wireless Device Administrator Password
      3. Wireless Service Set Identifier
      4. MAC Address Filtering
      5. Bluetooth
      6. NFC
      7. GSM
      8. 3G, LTE, and 4G
      9. WiMAX
      10. Radio Frequency Identification
      11. Protecting Mobile Devices
    8. Chapter Review
      1. Questions
      2. Answers
  13. Chapter 4 Advanced Networking and Communications
    1. Managing LAN-based Security
      1. Comparing Switches and Routers
      2. Physical and Logical Segmentation
      3. Secure Device Management
      4. VoIP
    2. Using Proxy Servers
    3. Understanding Firewalls
      1. Packet-Filtering Firewall
      2. Stateful Inspection Firewall
      3. Application Firewall
      4. Next-Generation Firewall
      5. Defense Diversity
      6. Comparing Network-based and Host-based Firewalls
    4. Exploring Remote Access Solutions
      1. Risks and Vulnerabilities
      2. Tunneling Protocols
      3. Authentication
      4. Traffic Shaping and WAN Optimization
    5. Managing Network Access Control
    6. Exploring Virtual Environments
      1. Virtualization Terminology
      2. Shared Storage
      3. Virtual Appliances
      4. Virtual Desktop Infrastructure
      5. Continuity and Resilience
      6. Separation of Data Plane and Control Plane
      7. Software-defined Networking
      8. Protecting Virtualization Systems
    7. Understanding Cloud Computing
      1. Shared Responsibility Models
      2. Cloud Operation Models
      3. Storage
      4. Privacy
      5. Data Control and Third-party Outsourcing
      6. Compliance
    8. Chapter Review
      1. Questions
      2. Answers
  14. Chapter 5 Attacks
    1. Comparing Attackers
      1. Hackers and Crackers
      2. White Hats, Black Hats, and Gray Hats
      3. Advanced Persistent Threats
      4. Insider Threats
      5. Script Kiddies
    2. Exploring Attack Types and Countermeasures
      1. Basic Countermeasures
      2. Spoofing
      3. Data Theft
      4. DoS
      5. DDoS
      6. Botnets and Zombies
      7. Sniffing Attack
      8. Reconnaissance and Fingerprinting Attacks
      9. Salami Attack
      10. Man-in-the-Middle
      11. Replay
      12. Session Hijacking
      13. DNS Cache Poisoning
      14. Smurf and Fraggle Attacks
      15. Software Security as a Countermeasure
      16. Buffer Overflow Attacks
      17. Injection Attacks
      18. Cross-Site Scripting
      19. Cross-Site Request Forgery
      20. Password Attacks
      21. Spam
      22. Phishing Attacks
      23. Phishing and Drive-by Downloads
      24. Spear Phishing and Whaling
      25. Vishing
      26. Smishing
      27. Zero Day Exploits
      28. Covert Channel
      29. Wireless Attacks and Countermeasures
    3. Understanding Social Engineering
      1. Tailgating
      2. Impersonation
      3. Skimming
      4. Dumpster Diving
      5. Shoulder Surfing
      6. Social Networking Attacks
      7. User Awareness as a Countermeasure
    4. Chapter Review
      1. Questions
      2. Answers
  15. Chapter 6 Malicious Code and Activity
    1. Identifying Malicious Code
      1. Virus
      2. Worm
      3. Trojan Horse
      4. RATs
      5. Scareware
      6. Ransomware
      7. Keylogger
      8. Logic Bomb
      9. Rootkits
      10. Mobile Code
      11. Backdoors and Trapdoors
      12. Spyware
      13. Malware Hoaxes
      14. Analyzing the Stages of an Attack
    2. Understanding Malware Delivery Methods
      1. Delivering Malware via Drive-by Downloads
      2. Delivering Malware via Malvertising
      3. Delivering Malware via E-mail
      4. Delivering Malware via USB Drives
    3. Implementing Malicious Code Countermeasures
      1. Antivirus Software
      2. Keeping AV Signatures Up to Date
      3. Spam Filters
      4. Content-filtering Appliances
      5. Keeping Operating Systems Up to Date
      6. Scanners
      7. Beware of Shortened Links
      8. Sandboxing
      9. Least Privilege
      10. Software Security
      11. Application Whitelisting and Blacklisting
      12. Participating in Security Awareness and Training
    4. Common Vulnerabilities and Exposures
    5. Chapter Review
      1. Questions
      2. Answers
  16. Chapter 7 Risk, Response, and Recovery
    1. Defining Risk
      1. Identifying Threat Sources
      2. Identifying Threat Events
      3. Understanding Vulnerabilities
      4. Understanding Impact Assessments
      5. Sharing Threat Intelligence
    2. Managing Risk
      1. Risk Treatment
      2. Residual Risk
      3. Identifying Assets
      4. Risk Visibility and Reporting
      5. Risk Register
      6. Common Vulnerability Scoring System
      7. Risk Management Frameworks
    3. Performing Risk Assessments
      1. Threat Modeling
      2. Quantitative Analysis
      3. Qualitative Analysis
      4. Risk Assessment Steps
      5. Address Findings
    4. Supporting the Incident Lifecycle
      1. Preparation
      2. Detection, Analysis, and Escalation
      3. Containment
      4. Eradication
      5. Recovery
      6. Lessons Learned/Implementation of New Countermeasure
    5. Chapter Review
      1. Questions
      2. Answers
  17. Chapter 8 Monitoring and Analysis
    1. Operating and Maintaining Monitoring Systems
      1. Events of Interest
      2. Intrusion Detection Systems
      3. IDS Alerts
      4. Network-based Intrusion Detection Systems
      5. Host-based Intrusion Detection Systems
      6. Intrusion Prevention Systems
      7. Detection Methods
      8. Wireless Intrusion Detection and Prevention Systems
      9. Analyze Monitoring Results
      10. Detection Systems and Logs
      11. Detecting Unauthorized Changes
      12. Using Security Information and Event Management Tools
      13. Continuous Monitoring
      14. Document and Communicate Findings
    2. Performing Security Tests and Assessments
      1. Vulnerability Assessments
      2. Penetration Tests
    3. Chapter Review
      1. Questions
      2. Answers
  18. Chapter 9 Controls and Countermeasures
    1. Using Security Controls, Safeguards, and Countermeasures
      1. Performing a Cost-Benefit Analysis
      2. Security Controls Lifecycle
    2. Understanding Control Goals
      1. Preventive
      2. Detective
      3. Corrective
      4. Other Controls
    3. Comparing Security Control Implementation Methods
      1. Administrative Security Controls
      2. Technical Security Controls
      3. Physical Security Controls
    4. Combining Control Goals and Classes
    5. Exploring Some Basic Controls
      1. Hardening Systems
      2. Policies, Standards, Procedures, and Guidelines
      3. Response Plans
      4. Change Control and Configuration Management
      5. Testing and Implementing Patches, Fixes, and Updates
      6. Endpoint Device Security
      7. User Awareness and Training Programs
    6. Understanding Fault Tolerance
      1. Fault Tolerance for Disks
      2. Failover Clusters
      3. Load Balancing
      4. Redundant Connections
    7. Understanding Backups
      1. Full Backups
      2. Full/Incremental Backup Strategy
      3. Full/Differential Backup Strategy
      4. Image-based Backups
    8. Chapter Review
      1. Questions
      2. Answers
  19. Chapter 10 Auditing and Management Processes
    1. Understanding Auditing and Accountability
      1. Holding Users Accountable with Audit Logs
      2. Auditing with Logs
      3. Clipping Levels
      4. Understanding Audit Trails
    2. Exploring Audit Logs
      1. Operating System Logs
      2. Storing Logs on Remote Systems
      3. *Nix Logs
      4. Proxy Server Logs
      5. Firewall Logs
      6. Reviewing Logs
      7. Managing Audit Logs
    3. Performing Security Audits
      1. Periodic Audit and Review
      2. Auditing Passwords
      3. Auditing Security Policies
      4. ISACA
      5. Exploring PCI DSS Requirements
      6. Auditing Physical Access Controls
    4. Understanding Configuration Management
      1. Using Imaging for Configuration Management
      2. Using Group Policy for Configuration Management
      3. Using Other Tools for Configuration Management
    5. Understanding Change Management
      1. Change Management Process
      2. Identifying Security Impact
    6. Chapter Review
      1. Questions
      2. Answers
  20. Chapter 11 Security Operations
    1. Handling Data
      1. Classifying Data
      2. Marking and Labeling Data
      3. Roles and Responsibilities
      4. Protecting Data from Cradle to Grave
      5. Data at Rest and Data in Motion
      6. Data Management Policies
      7. Understanding Databases
      8. Data Inference
      9. Data Diddling
      10. Regulatory Requirements
      11. Training
    2. Managing Assets Through the Lifecycle
      1. Hardware Inventory
      2. Software Inventory and Licenses
      3. Data Storage
    3. Certification and Accreditation
      1. Certification, Accreditation, and Security Assessments
      2. Common Criteria
      3. Using a Risk Management Framework
      4. Understanding Security Within the System Development Lifecycle
    4. Chapter Review
      1. Questions
      2. Answers
  21. Chapter 12 Security Administration and Planning
    1. Understanding Security Policies
      1. Security Policy Characteristics
      2. Enforcing Security Policies
      3. Value of a Security Policy
      4. Security Policies Becoming More Common
      5. Complying with Codes of Ethics
      6. Policy Awareness
      7. Updating Security Policies
    2. Understanding BCP and DRP Activities
      1. Business Impact Analysis
      2. Disaster Recovery Plan
      3. Emergency Response Plans and Procedures
      4. Comparing a BCP and a DRP
      5. Restoration Planning
      6. Testing and Drills
      7. Alternative Locations
    3. Identifying Security Organizations
      1. NIST
      2. US-CERT
      3. SANS Institute
      4. CERT Division
    4. Chapter Review
      1. Questions
      2. Answers
  22. Chapter 13 Legal Issues
    1. Exploring Computer Forensics
      1. Supporting the Incident Lifecycle
      2. Handling Evidence
      3. Three Phases of a Computer Forensics Investigation
      4. Legal and Ethical Principles
    2. Comparing Computer Abuse and Computer Crime
    3. Understanding Fraud and Embezzlement Crime
      1. Mandatory Vacations
      2. Job Rotation
    4. Understanding Privacy Issues
      1. General Data Protection Regulation
      2. California Supreme Court Rules That ZIP Codes Are PII
      3. Connecticut’s Public Act No. 08-167
      4. Children’s Online Privacy Protection Act
      5. California Online Privacy Protection Act of 2003
    5. Legal and Regulatory Concerns
    6. Chapter Review
      1. Questions
      2. Answers
  23. Chapter 14 Cryptography
    1. Understanding Basic Cryptography Concepts
      1. Cryptography Terminology
      2. Data Sensitivity
      3. Regulatory Requirements
      4. Participating in Security Awareness and Training
    2. Enforcing Integrity with Hashing
      1. Hashing Algorithms Provide One-Way Encryption
      2. Hashing Algorithms
      3. Verifying Integrity with a Hash
      4. Salting Passwords
    3. Exploring Symmetric Encryption
      1. ROT13
      2. Creating Strong Keys
      3. Comparing Block and Stream Ciphers
      4. Advanced Encryption Standard
      5. Other Symmetric Encryption Algorithms
    4. Exploring Asymmetric Encryption
      1. RSA
      2. Secure Sockets Layer
      3. Transport Layer Security
      4. SSL Decryptors
      5. Diffie-Hellman
      6. Elliptic Curve Cryptography
      7. Secure Shell
      8. Protecting E-mail with S/MIME
      9. Protecting E-mail with DKIM
      10. PGP and GPG
    5. Other Encryption Schemes
      1. Steganography
      2. IPsec
    6. Understanding Public Key Infrastructure Systems
      1. Certificates
      2. Certificate Authority
      3. Key Escrow
      4. Alternative Certificate Trusts
    7. Comparing Cryptanalysis Attacks
      1. Fundamental Key Management Concepts
      2. Known-Plaintext Attack
      3. Ciphertext-Only Attack
      4. Hashing and Collisions
      5. Countermeasures Against Cryptanalysis Attacks
    8. Chapter Review
      1. Questions
      2. Answers
  24. Appendix About the Online Content
    1. System Requirements
    2. Your Total Seminars Training Hub Account
      1. Privacy Notice
    3. Single User License Terms and Conditions
    4. TotalTester Online
    5. Technical Support
  25. Glossary
  26. Index