Systems Security Certified Practitioner (SSCP) (CS8521)

Module 1: Security Operations and Administration

• Comply With Codes Of Ethics
  • Understand, Adhere to, and Promote Professional Ethics
  • (ISC)² Code of Ethics
  • Organizational Code of Ethics
• Understand Security Concepts
  • Conceptual Models for Information Security
  • Confidentiality
  • Integrity
  • Availability
  • Accountability
  • Privacy
  • Nonrepudiation
  • Authentication
  • Safety
  • Fundamental Security Control Principles
  • Access Control and Need-to-Know
  • Job Rotation and Privilege Creep
• Document, Implement, And Maintain Functional Security Controls
  • Deterrent Controls
  • Preventative Controls
  • Detective Controls
  • Corrective Controls
  • Compensating Controls
  • The Lifecycle of a Control
• Participate In Asset Management
  • Asset Inventory
  • Lifecycle (Hardware, Software, and Data)
  • Hardware Inventory
  • Software Inventory and Licensing
  • Data Storage
• Implement Security Controls And Assess Compliance
  • Technical Controls
  • Physical Controls
  • Administrative Controls
  • Periodic Audit and Review
• Participate In Change Management
  • Execute Change Management Process
  • Identify Security Impact
  • Identify Security Impact
• Participate In Security Awareness And Training
  • Security Awareness Overview
  • Competency as the Criterion
  • Build a Security Culture, One Awareness Step at a Time
• Participate In Physical Security Operations
  • Physical Access Control
  • The Data Center
  • Service Level Agreements

Module 2: Access Controls

• Access Control Concepts
  • Subjects and Objects
  • Privileges: What Subjects Can Do with Objects
  • Data Classification, Categorization, and Access Control
  • Access Control via Formal Security Models
• Implement And Maintain Authentication Methods
  • Single-Factor/Multifactor Authentication
  • Accountability
  • Single Sign-On
  • Device Authentication
  • Federated Access
• Support Internetwork Trust Architectures
  • Trust Relationships (One-Way, Two-Way, Transitive)
  • Extranet
  • Third-Party Connections
  • Zero Trust Architectures
• Participate In The Identity Management Lifecycle
  • Authorization
  • Proofing
  • Provisioning/Deprovisioning
  • Identity and Access Maintenance
  • Entitlement
  • Identity and Access Management Systems
• Implement Access Controls
  • Mandatory vs. Discretionary Access Control
  • Role-Based
  • Attribute-Based
  • Subject-Based
  • Object-Based

Module 3: Risk Identification, Monitoring, and Analysis

• Defeating The Kill Chain One Skirmish At A Time
  • Kill Chains: Reviewing the Basics
  • Events vs. Incidents
• Understand The Risk Management Process
  • Risk Visibility and Reporting
  • Risk Management Concepts
  • Risk Management Frameworks
  • Risk Treatment
• Perform Security Assessment Activities
  • Security Assessment Workflow Management
  • Participate in Security Testing
  • Interpretation and Reporting of Scanning and Testing Results
  • Remediation Validation
  • Audit Finding Remediation
  • Manage the Architectures: Asset Management and Configuration Control
• Operate And Maintain Monitoring Systems
  • Events of Interest
  • Logging
  • Source Systems
  • Legal and Regulatory Concerns
• Analyze Monitoring Results
  • Security Baselines and Anomalies
  • Visualizations, Metrics, and Trends
  • Event Data Analysis
  • Document and Communicate Findings

Module 4: Incident Response and Recovery

• Support The Incident Lifecycle
  • Think like a Responder
  • Physical, Logical, and Administrative Surfaces
  • Incident Response: Measures of Merit
  • The Lifecycle of a Security Incident
  • Preparation
  • Detection, Analysis, and Escalation
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned; Implementation of New Countermeasures
  • Third-Party Considerations
• Understand And Support Forensic Investigations
  • Legal and Ethical Principles
  • Logistics Support to Investigations
  • Evidence Handling
  • Evidence Collection
• Understand And Support Business Continuity Plan And Disaster Recovery Plan Activities
  • Emergency Response Plans and Procedures
  • Interim or Alternate Processing Strategies
  • Restoration Planning
  • Backup and Redundancy Implementation
  • Data Recovery and Restoration
  • Training and Awareness
  • Testing and Drills
• CIANA+PS At Layer 8 And Above
  • It Is a Dangerous World Out There
  • People Power and Business Continuity

Module 5: Cryptography

• Understand Fundamental Concepts Of Cryptography
  • Building Blocks of Digital Cryptographic Systems
  • Hashing
  • Salting
  • Symmetric Block and Stream Ciphers
  • Stream Ciphers
  • EU ECRYPT
  • Asymmetric Encryption
  • Elliptical Curve Cryptography
  • Nonrepudiation
  • Digital Certificates
  • Encryption Algorithms
  • Key Strength
• Cryptographic Attacks, Cryptanalysis, And Countermeasures
  • Cryptologic Hygiene as Countermeasures
  • Common Attack Patterns and Methods
  • Secure Cryptoprocessors, Hardware Security Modules, and Trusted Platform Modules
• Understand The Reasons And Requirements For Cryptography
  • Confidentiality
  • Integrity and Authenticity
  • Data Sensitivity
  • Availability
  • Nonrepudiation
  • Authentication
  • Privacy
  • Safety
  • Regulatory and Compliance
  • Transparency and Auditability
  • Competitive Edge
• Understand And Support Secure Protocols
  • Services and Protocols
  • Common Use Cases
  • Deploying Cryptography: Some Challenging Scenarios
  • Limitations and Vulnerabilities
• Understand Public Key Infrastructure Systems
  • Fundamental Key Management Concepts
  • Hierarchies of Trust
  • Web of Trust

 Module 6: Network and Communications Security

• Understand And Apply Fundamental Concepts Of Networking
  • Complementary, Not Competing, Frameworks
  • OSI and TCP/IP Models
  • OSI Reference Model
  • TCP/IP Reference Model
  • Converged Protocols
  • Software-Defined Networks
• IPv4 Addresses, Dhcp, And Subnets
  • IPv4 Address Classes
  • Subnetting in IPv4
  • Running Out of Addresses?
• IPv4 Vs. IPv6: Key Differences And Options
  • Network Topographies
  • Network Relationships
  • Transmission Media Types
  • Commonly Used Ports and Protocols
• Understand Network Attacks And Countermeasures
  • CIANA+PS Layer by Layer
  • Common Network Attack Types
  • SCADA, IoT, and the Implications of Multilayer Protocols
• Manage Network Access Controls
  • Network Access Control and Monitoring
  • Network Access Control Standards and Protocols
  • Remote Access Operation and Configuration
• Manage Network Security
  • Logical and Physical Placement of Network Devices
  • Segmentation
  • Secure Device Management
• Operate And Configure Network-Based Security Devices
  • Network Address Translation
  • Additional Security Device Considerations
  • Firewalls and Proxies
  • Network Intrusion Detection/Prevention Systems
  • Security Information and Event Management Systems
  • Routers and Switches
  • Network Security from Other Hardware Devices
  • Traffic-Shaping Devices
• Operate And Configure Wireless Technologies
  • Wireless: Common Characteristics
  • Bluetooth
  • Near-Field Communications
  • Cellular/Mobile Phone Networks
  • Ad Hoc Wireless Networks
  • Transmission Security
  • Wireless Security Devices

 Module 7: Systems and Application Security

• Systems And Software Insecurity
  • Software Vulnerabilities Across the Lifecycle
  • Risks of Poorly Merged Systems
  • Hard to Design It Right, Easy to Fix It?
  • Hardware and Software Supply Chain Security
  • Positive and Negative Models for Software Security
  • Is Blocked Listing Dead? Or Dying?
• Information Security = Information Quality + Information Integrity
  • Data Modeling
  • Preserving Data Across the Lifecycle
• Identify And Analyze Malicious Code And Activity
  • Malware
  • Malicious Code Countermeasures
  • Malicious Activity
  • Malicious Activity Countermeasures
• Implement And Operate Endpoint Device Security
  • HIDS
  • Host-Based Firewalls
  • Allowed Lists: Positive Control for App Execution
  • Endpoint Encryption
  • Trusted Platform Module
  • Mobile Device Management
  • Secure Browsing
  • IoT Endpoint Security
  • Endpoint Security: EDR, MDR, XDR, UEM, and Others
• Operate And Configure Cloud Security
  • Deployment Models
  • Service Models
  • Virtualization
  • Legal and Regulatory Concerns
  • Data Storage and Transmission
  • Third-Party/Outsourcing Requirements
  • Lifecycles in the Cloud
  • Shared Responsibility Model
  • Layered Redundancy as a Survival Strategy
• Operate And Secure Virtual Environments
  • Hypervisor
  • Virtual Appliances
  • Continuity and Resilience
  • Attacks and Countermeasures
  • Shared Storage