Librería Portfolio

Fully updated Study Guide for the SSCP
This guide prepares you for the SSCP, Systems Security Certified Practitioner certification examination by focusing on the Common Body of Knowledge (CBK) as determined by ISC2 in seven high level topics. This Sybex Study Guide covers 100% of all exam objectives. You´ll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world practice, access to the Sybex online interactive learning environment and much more. Reinforce what you´ve learned with key topic exam essentials and chapter review questions.

Along with the book you also get access to Sybex´s superior online interactive learning environment that includes:

125 question practice exam to help you identify where you need to study more. Get more than 90 percent of the answers correct, you´re ready to take the certification exam.
More than 100 Electronic Flashcards to reinforce your learning and give you last minute test prep before the exam
A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam
Appendix of charts, tables, typical applications, and programs
Coverage of all of the exam topics in the book means you´ll be ready for:

Access Controls
Security Operations and Administration
Risk Identification, Monitoring and Analysis Incident Response and Recovery
Cryptography
Network and Communications Security
Systems and Application Security



Table of Contents

Introduction xxv

Assessment Test xxxi

Chapter 1 Information Security: The Systems Security Certified Practitioner Certification 1

About the (ISC)2 Organization 2

(ISC)2 History 3

Organizational Structure and Programs 3

Exams, Testing, and Certification 6

Certification Qualification: The SSCP Common Body of Knowledge 6

After Passing the Exam 8

Certification Maintenance 9

Types of IT Certifications? 10

About the Systems Security Certified Practitioner Certification 12

How Do I Use My SSCP Knowledge on the Job? 15

The SSCP Exam 17

Preparing for the Exam 17

Booking the Exam 21

Taking the Exam 22

Summary 25

Exam Essentials 25

Chapter 2 Security Basics: A Foundation 27

The Development of Security Techniques 28

Understanding Security Terms and Concepts 29

The Problem (Opportunity) and the Solution 29

Evolution of Items 31

Security Foundation Concepts 38

CIA Triad 38

Primary Security Categories 39

Access Control 40

Nonrepudiation 42

Risk 42

Prudent Man, Due Diligence, and Due Care 44

User Security Management 44

Least Privilege 45

AAA 45

Mandatory Vacation 46

Separation of Duties 46

M of N Requirement 46

Two-Man Rule 47

Job Rotation 48

Geographic Access Control 48

Temporal Access Control, Time of Day Control 48

Privacy 49

Transparency 49

Implicit Deny 50

Personal Device (BYOD) 51

Privilege Management, Privilege Life Cycle 51

Participating in Security Awareness Education 52

Types of Security Awareness Education Programs 52

Working with Human Resources and Stakeholders 53

Senior Executives 53

Customers, Vendors, and Extranet Users Security Awareness Programs 54

Summary 54

Exam Essentials 55

Written Lab 56

Review Questions 57

Chapter 3 Domain 1: Access Controls 61

What Are Controls? 62

What Should Be Protected? 63

Why Control Access? 64

Types of Access Controls 67

Physical Access Controls 67

Logical Access Controls 68

Administrative Access Controls 69

Identification 70

Authentication 72

Factors of Authentication 74

Single-Factor Authentication 84

Multifactor Authentication 84

Token-Based Access Controls 85

System-Level Access Controls 86

Discretionary Access Control (DAC) 86

Nondiscretionary Access Control 87

Mandatory Access Control 87

Administering Mandatory Access Control 89

Trusted Systems 90

Mandatory Access Control Architecture Models 91

Account-Level Access Control 94

Session-Level Access Control 104

View-Based Access Control 104

Data-Level Access Control 105

Contextual- or Content-Based Access Control 106

Physical Data and Printed Media Access Control 106

Assurance of Accountability 107

Manage Internetwork Trust Architectures 108

Cloud-Based Security 111

Summary 113

Exam Essentials 114

Written Lab 115

Review Questions 116

Chapter 4 Domain 2: Security Operations and Administration 121

Security Administration Concepts and Principles 122

Security Equation 123

Security Policies and Practices 124

Data Management Policies 143

Data States 144

Information Life Cycle Management 144

Information Classification Policy 144

Endpoint Device Security 148

Endpoint Health Compliance 148

Endpoint Defense 149

Endpoint Device Policy 149

Security Education and Awareness Training 150

Employee Security Training Policy 153

Employee Security Training program 154

Business Continuity Planning 157

Developing a Business Continuity Plan 160

Disaster Recovery Plans 165

Summary 173

Exam Essentials 174

Written Lab 175

Review Questions 176

Chapter 5 Domain 3: Risk Identification, Monitoring, and Analysis 181

Understanding the Risk Management Process 183

Defining Risk 183

Risk Management Process 184

Risk Management Frameworks and Guidance for Managing Risks 191

ISO/IEC 27005 191

NIST Special Publication 800-37 Revision 1 192

NIST Special Publication 800-39 194

Risk Analysis and Risk Assessment 194

Risk Analysis 195

Risk Assessments 199

Managing Risks 202

Treatment Plan 202

Risk Treatment 202

Risk Treatment Schedule 203

Risk Register 205

Risk Visibility and Reporting 207

Enterprise Risk Management 207

Continuous Monitoring 208

Security Operations Center 209

Threat Intelligence 210

Analyzing Monitoring Results 211

Security Analytics, Metrics, and Trends 212

Event Data Analysis 213

Visualization 214

Communicating Findings 215

Summary 216

Exam Essentials 217

Written Lab 218

Review Questions 219

Chapter 6 Domain 4: Incident Response and Recovery 223

Event and Incident Handling Policy 224

Standards 225

Procedures 225

Guidelines 226

Creating and Maintaining an Incident Response Plan 226

Law Enforcement and Media Communication 229

Building in Incident Response Team 231

Incident Response Records 232

Security Event Information 233

Incident Response Containment and Restoration 233

Implementation of Countermeasures 235

Understanding and Supporting Forensic Investigations 235

Incident Scene 236

Volatility of Evidence 237

Forensic Principles 237

Chain of Custody 238

Proper Investigation and Analysis of Evidence 238

Interpretation and Reporting Assessment Results 239

Understanding and Supporting the Business Continuity Plan and the Disaster Recovery Plan 240

Emergency Response Plans and Procedures 240