Takes you step-by-step through the seven domains of the SSCP® CBK®Prepares you to join the thousands of professionals worldwide who have obtained an (ISC)² certificationDiscusses best-practices garnered by years of experience from organizations around the worldUses clear dialogue, bulleted lists, tables, charts, and diagrams to build a thorough understanding of the conceptsOffers guidance from world leaders in information security implementation
The SSCP® certification is the key to unlocking the upper ranks of security implementation at the world's most prestigious organizations. If you're serious about becoming a leading tactician at the front lines, the (ISC)²® Systems Security Certified Practitioner (SSCP) certification is an absolute necessity-demanded by cutting-edge companies worldwide, today more than ever before. As a warrior defending an organization's digital assets, a SSCP must demonstrate a high level of competence and understanding of the seven domains of the (ISC)² CBK®. This comprehensive taxonomy of information security topics establishes a common framework of terms and principles that enable security professionals around the world to discuss, debate, and resolve matters pertaining to the industry.
Nowhere else are the seven domains of the CBK embodied more adeptly than in the first edition of the Official (ISC) ²® Guide to the SSCP® CBK®. In a milestone effort by (ISC)², five of the of the world's leading tacticians with hands-on experience in IT security acknowledge the importance of the security implementation process. Armed with practical experience, the authors discuss the critical role that policy, procedures, standards, and guidelines play within the overall information security management infrastructure.
Simply put, the (ISC)² Systems Security Certified Practitioner certification is the most important credential an information security practitioner can have. Through clear descriptions accompanied by numerous tables, easy-to-follow instructions, sample questions, and an entire chapter of self-assessment questions, this book builds a solid, product-independent understanding of information security fundamentals.
The Official (ISC) ²® Guide to the SSCP® CBK®.
Master it, and you'll have the current concepts, widely recognized best practices, and key techniques used by the world's top specialists.
Table of Contents
Access Controls in Terms of Subjects
Access Controls in Terms of Objects
Access Control Concepts
SECURITY OPERATIONS AND ADMINISTRATION
Change Management Concepts
Systems Development Life Cycle (SDLC)
Organization Security Evaluation and Assistance
User Security Awareness and Education
Code of Ethics
Security Infrastructure Evaluation Tools
Security Policy Administration
Certification and Accreditation Process Concepts
Security Best Practices Implementation
ANALYSIS AND MONITORING
Principles, Practices and Mechanisms
Analysis of Exploits
RISK, RESPONSE, AND RECOVERY
Risk Management Process
Incident Handling Analysis
The Business Continuity Plan (BCP)
The Disaster Recovery Plan (DRP)
Business and Security Requirements for Cryptography
Principles of Certificates and Key Management
NETWORKS AND TELECOMMUNICATIONS
Business and Security Requirements
Remote Access Architecture
Viruses, Worms and Trojan Horses,
Trap Doors and Back Doors
Virus Hoaxes and Myths
Characteristics of Malicious Code
Appropriate Security Measures