(Isc)2 Sscp Systems Security Certified Practitioner Official Study Guide

Description: The only SSCP study guide officially approved by (ISC)2 The (ISC)2 Systems Security Certified Practitioner (SSCP) certification is a well-known vendor-neutral global IT security certification. The SSCP is designed to show that holders have the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures. This comprehensive Official Study Guide--the only study guide officially approved by (ISC)2--covers all objectives of the seven SSCP domains. * Security Operations and Administration * Access Controls * Risk Identification, Monitoring, and Analysis * Incident Response and Recovery * Cryptography * Network and Communications Security * Systems and Application Security This updated Third Edition covers the SSCP exam objectives effective as of November 2021. Much of the new and more advanced knowledge expected of an SSCP is now covered in a new chapter "Cross-Domain Challenges." If you're an information security professional or student of cybersecurity looking to tackle one or more of the seven domains of the SSCP, this guide gets you prepared to pass the exam and enter the information security workforce with confidence. ABOUT THE AUTHOR Michael S. Wills, SSCP, CISSP, CAMS, is Assistant Professor of Applied Information Technologies in the College of Business at the Embry-Riddle Aeronautical University's Worldwide Campus. He has many years of experience designing, building, and operating cutting-edge secure systems, and wrote (ISC)²'s official training courses for both the SSCP and CISSP. He is also the creator of ERAU's Master of Science in Information Security and Assurance degree program. Introduction xxv Assessment Test xlviii Part I Getting Started as an SSCP 1 Chapter 1 The Business Case for Decision Assurance and Information Security 3 Information: The Lifeblood of Business 4 Data, Information, Knowledge, Wisdom... 5 Information Is NotInformation Technology 8 Policy, Procedure, and Process: How Business Gets Business Done 10 Who Is the Business? 11 "What's the Business Case for That?" 12 Purpose, Intent, Goals, Objectives 13 Business Logic and Business Processes: Transforming Assets into Opportunity, Wealth, and Success 14 The Value Chain 15 Being Accountable 17 Who Runs the Business? 20 Owners and Investors 20 Boards of Directors 20 Managing or Executive Directors and the "C-Suite" 21 Layers of Function, Structure, Management, and Responsibility 21 Plans and Budgets, Policies, and Directives 23 Summary 24 Exam Essentials 24 Review Questions 26 Chapter 2 Information Security Fundamentals 33 The Common Needs for Privacy, Confidentiality, Integrity, and Availability 34 Privacy 34 Confidentiality 38 Integrity 39 Availability 40 Privacy vs. Security, or Privacy and Security? 41 CIANA+PS Needs of Individuals 43 Private Business's Need for CIANA+PS 44 Government's Need for CIANA+PS 45 The Modern Military's Need for CIA 45 Do Societies Need CIANA+PS? 46 Training and Educating Everybody 47 SSCPs and Professional Ethics 47 Summary 49 Exam Essentials 50 Review Questions 54 Part II Integrated Risk Management and Mitigation 61 Chapter 3 Integrated Information Risk Management 63 It's a Dangerous World 64 What Is Risk? 66 Risk: When Surprise Becomes Disruption 69 Information Security: Delivering Decision Assurance 71 "Common Sense" and Risk Management 74 The Four Faces of Risk 75 Outcomes-Based Risk 77 Process-Based Risk 78 Asset-Based Risk 79 Threat-Based (or Vulnerability-Based) Risk 79 Getting Integrated and Proactive with Information Defense 83 Lateral Movement: Mitigate with Integrated C3 86 Trust, but Verify 87 Due Care and Due Diligence: Whose Jobs Are These? 87 Be Prepared: First, Set Priorities 88 Risk Management: Concepts and Frameworks 89 The SSCP and Risk Management 92 Plan, Do, Check, Act 93 Risk Assessment 95 Establish Consensus about Information Risk 95 Information Risk Impact Assessment 96 Information Classification and Categorization 97 Risk Analysis 99 The Business Impact Analysis 105 From Assessments to Information Security Requirements 106 Four Choices for Limiting or Containing Damage 107 Deter 109 Detect 110 Prevent 110 Avoid 111 Summary 114 Exam Essentials 114 Review Questions 120 Chapter 4 Operationalizing Risk Mitigation 127 From Tactical Planning to Information Security Operations 128 Operationally Outthinking Your Adversaries 130 Getting Inside the Other Side's OODA Loop 132 Defeating the Kill Chain 133 Operationalizing Risk Mitigation: Step by Step 134 Step 1: Assess the Existing Architectures 135 Step 2: Assess Vulnerabilities and Threats 142 Step 3: Select Risk Treatment and Controls 152 Step 4: Implement Controls 159 Step 5: Authorize: Senior Leader Acceptance and Ownership 163 The Ongoing Job of Keeping Your Baseline Secure 164 Build and Maintain User Engagement with Risk Controls 165 Participate in Security Assessments 166 Manage the Architectures: Asset Management and Change Control 169 Ongoing, Continuous Monitoring 174 Exploiting What Monitoring and Event Data Is Telling You 177 Incident Investigation, Analysis, and Reporting 181 Reporting to and Engaging with Management 182 Summary 183 Exam Essentials 183 Review Questions 189 Part III The Technologies of Information Security 197 Chapter 5 Communications and Network Security 199 Trusting Our Communications in a Converged World 200 CIANA+PS: Applying Security Needs to Networks 203 Threat Modeling for Communications Systems 205 Internet Systems Concepts 206 Datagrams and Protocol Data Units 207 Handshakes 208 Packets and Encapsulation 209 Addressing, Routing, and Switching 211 Network Segmentation 212 URLs and the Web 212 Topologies 213 "Best Effort" and Trusting Designs 217 Two Protocol Stacks, One Internet 218 Complementary, Not Competing, Frameworks 218 Layer 1: The Physical Layer 222 Layer 2: The Data Link Layer 223 Layer 3: The Network Layer 225 Layer 4: The Transport Layer 226 Layer 5: The Session Layer 230 Layer 6: The Presentation Layer 231 Layer 7: The Application Layer 232 Cross-Layer Protocols and Services 233 IP and Security 234 Layers or Planes? 235 Network Architectures 236 DMZs and Botnets 237 Software-Defined Networks 238 Virtual Private Networks 239 Wireless Network Technologies 240 Wi-Fi 241 Bluetooth 242 Near-Field Communication 242 IP Addresses, DHCP, and Subnets 243 DHCP Leases: IPv4 and IPv6 243 IPv4 Address Classes 245 Subnetting in IPv4 247 IPv4 vs. IPv6: Important Differences and Options 248 CIANA Layer by Layer 251 CIANA at Layer 1: Physical 251 CIANA at Layer 2: Data Link 254 CIANA at Layer 3: Network 256 CIANA at Layer 4: Transport 257 CIANA at Layer 5: Session 258 CIANA at Layer 6: Presentation 260 CIANA at Layer 7: Application 260 Securing Networks as Systems 262 Network Security Devices and Services 263 Wireless Network Access and Security 264 CIANA+PS and Wireless 265 Monitoring and Analysis for Network Security 267 A SOC Is Not a NOC 269 Tools for the SOC and the NOC 270 Integrating Network and Security Management 271 Summary 273 Exam Essentials 273 Review Questions 280 Chapter 6 Identity and Access Control 285 Identity and Access: Two Sides of the Same CIANA+PS Coin 286 Identity Management Concepts 288 Identity Provisioning and Management 289 Identity and AAA 293 Access Control Concepts 295 Subjects and Objects--Everywhere! 296 Data Classification and Access Control 297 Bell-LaPadula and Biba Models 299 Role-Based 302 Attribute-Based 303 Subject-Based 303 Object-Based 304 Rule-Based Access Control 304 Risk-Based Access Control 304 Mandatory vs. Discretionary Access Control 305 Network Access Control 305 IEEE 802.1X Concepts 307 RADIUS Authentication 308 TACACS and TACACS+ 309 Implementing and Scaling IAM 310 Choices for Access Control Implementations 311 "Built-in" Solutions? 313 Other Protocols for IAM 314 Multifactor Authentication 315 Server-Based IAM 319 Integrated IAM systems 320 Single Sign-On 321 OpenID Connect 322 Identity as a Service (IDaaS) 322 Federated IAM 322 Session Management 323 Kerberos 325 Credential Management 326 Trust Frameworks and Architectures 328 User and Entity Behavior Analytics (UEBA) 329 Zero Trust Architectures 332 Summary 333 Exam Essentials 334 Review Questions 343 Chapter 7 Cryptography 349 Cryptography: What and Why 350 Codes and Ciphers: Defining Our Terms 352 Cryptography, Cryptology, or...? 357 Building Blocks of Digital Cryptographic Systems 358 Cryptographic Algorithms 359 Cryptographic Keys 360 Hashing as One-Way Cryptography 362 A Race Against Time 365 "The Enemy Knows Your System" 366 Keys and Key Management 367 Key Storage and Protection 367 Key Revocation and Disposal 368 Modern Cryptography: Beyond the "Secret Decoder Ring" 370 Symmetric Key Cryptography 370 Asymmetric Key Cryptography 370 Hybrid Cryptosystems 371 Design and Use of Cryptosystems 371 Cryptanalysis, Ethical and Unethical 372 Cryptographic Primitives 373 Cryptographic Engineering 373 "Why Isn't All of This Stuff Secret?" 373 Cryptography and CIANA+PS 375 Confidentiality 376 Authentication 376 Integrity 376 Nonrepudiation 377 "But I Didn't Get That Email..." 378 Availability 379 Privacy 380 Safety 381 Public Key Infrastructures 381 Diffie-Hellman-Merkle Public Key Exchange 382 RSA Encryption and Key Exchange 385 ElGamal Encryption 385 Elliptical Curve Cryptography (ECC) 386 Digital Signatures 387 Digital Certificates and Certificate Authorities 387 Hierarchies (or Webs) of Trust 388 Pretty Good Privacy 392 TLS 393 HTTPS 394 Symmetric Key Algorithms and PKI 395 Encapsulation for Security: IPSec, ISAKMP, and Others 396 Applying Cryptography to Meet Different Needs 399 Message Integrity Controls 399 S/MIME 400 DKIM 400 Blockchain 401 Data Storage, Content Distribution, and Archiving 403 Steganography 404 Access Control Protocols 404 Managing Cryptographic Assets and Systems 405 Measures of Merit for Cryptographic Solutions 407 Attacks and Countermeasures 408 Social Engineering for Key Discovery 409 Implementation Attacks 410 Brute Force and Dictionary Attacks 410 Side Channel Attacks 411 Numeric (Algorithm or Key) Attacks 412 Traffic Analysis, "Op Intel," and Social Engineering Attacks 413 Massively Parallel Systems Attacks 414 Supply Chain Vulnerabilities 414 The "Sprinkle a Little Crypto Dust on It" Fallacy 415 Countermeasures 416 PKI and Trust: A Recap 418 On the Near Horizon 420 Pervasive and Homomorphic Encryption 420 Quantum Cryptography and Post-Quantum Cryptography 421 AI, Machine Learning, and Cryptography 422 Summary 423 Exam Essentials 424 Review Questions 429 Chapter 8 Hardware and Systems Security 435 Infrastructure Security Is Baseline Management 437 It's About Access Control... 437 It's Also About Supply Chain Security 439 Do Clouds Have Boundaries? 439 Securing the Physical Context 442 Facilities Security 442 Services Security 443 OT-Intensive (or Reliant) Contexts 444 Infrastructures 101 and Threat Modeling 444 Protecting the Trusted Computing Base 447 Hardware Vulnerabilities 447 Firmware Vulnerabilities 449 Operating Systems Vulnerabilities 451 Virtual Machines and Vulnerabilities 454 Network Operating Systems 455 Endpoint Security 457 MDM, COPE, and BYOD 459 BYOI? BYOC? 460 Malware: Exploiting the Infrastructure's Vulnerabilities 462 Countering the Malware Threat 465 Privacy and Secure Browsing 466 "The Sin of Aggregation" 469 Updating the Threat Model 469 Managing Your Systems' Security 470 Summary 471 Exam Essentials 472 Review Questions 478 Chapter 9 Applications, Data, and Cloud Security 483 It's a Data-Driven World...At the Endpoint 484 Software as Appliances 487 Applications Lifecycles and Security 490 The Software Development Lifecycle (SDLC) 491 Why Is (Most) Software So Insecure? 494 Hard to Design It Right, Easy to Fix It? 497 CIANA+PS and Applications Software Requirements 498 Positive and Negative Models for Software Security 502 Is Negative Control Dead? Or Dying? 503 Application Vulnerabilities 504 Vulnerabilities Across the Lifecycle 505 Human Failures and Frailties 506 "Shadow IT:" The Dilemma of the User as Builder 507 Data and Metadata as Procedural Knowledge 509 Information Quality and Information Assurance 511 Information Quality Lifecycle 512 Preventing (or Limiting) the "Garbage In" Problem 513 Protecting Data in Motion, in Use, and at Rest 514 Data Exfiltration I: The Traditional Threat 516 Detecting Unauthorized Data Acquisition 518 Preventing Data Loss 519 Detecting and Preventing Malformed Data Attacks 521 Into the Clouds: Endpoint App and Data Security Considerations 522 Cloud Deployment Models and Information Security 524 Cloud Service Models and Information Security 525 Edge and Fog Security: Virtual Becoming Reality 527 Clouds, Continuity, and Resiliency 528 Clouds and Threat Modeling 529 Cloud Security Methods 531 Integrate and Correlate 532 SLAs, TORs, and Penetration Testing 532 Data Exfiltration II: Hiding in the Clouds 533 Legal and Regulatory Issues 533 Countermeasures: Keeping Your Apps and Data Safe and Secure 535 Summary 536 Exam Essentials 537 Review Questions 548 Part IV People Power: What Makes or Breaks Information Security 555 Chapter 10 Incident Response and Recovery 557 Defeating the Kill Chain One Skirmish at a Time 558 Kill Chains: Reviewing the Basics 560 Events vs. Incidents 562 Harsh Realities of Real Incidents 564 MITRE's ATT&CK Framework 564 Learning from Others' Painful Experiences 566 Incident Response Framework 566 Incident Response Team: Roles and Structures 568 Incident Response Priorities 570 Preparation 571 Preparation Planning 572 Put the Preparation Plan in Motion 574 Are You Prepared? 575 Detection and Analysis 578 Warning Signs 578 Initial Detection 580 Timeline Analysis 581 Notification 582 Prioritization 583 Containment and Eradication 584 Evidence Gathering, Preservation, and Use 585 Constant Monitoring 586 Recovery: Getting Back to Business 587 Data Recovery 588 Post-Recovery: Notification and Monitoring 589 Post-Incident Activities 590 Learning the Lessons 591 Orchestrate and Automate 592 Support Ongoing Forensics Investigations 592 Information and Evidence Retention 593 Information Sharing with the Larger IT Security Community 594 Summary 594 Exam Essentials 595 Review Questions 601 Chapter 11 Business Continuity via Information Security and People Power 607 What Is a Disaster? 608 Surviving to Operate: Plan for It! 609 Business Continuity 610 IS Disaster Recovery Plans 610 Plans, More Plans, and Triage 611 Timelines for BC/DR Planning and Action 615 Options for Recovery 617 Backups, Archives, and Image Copies 618 Cryptographic Assets and Recovery 620 "Golden Images" and Validation 621 Scan Before Loading: Blocking Historical Zero-Day Attacks 622 Restart from a Clean Baseline 622 Cloud-Based "Do-Over" Buttons for Continuity, Security, and Resilience 623 Restoring a Virtual Organization 625 People Power for BC/DR 626 Threat Vectors: It Is a Dangerous World Out There 628 "Blue Team's" C3I 631 Learning from Experience 632 Security Assessment: For BC/DR and Compliance 633 Converged Communications: Keeping Them Secure During BC/DR Actions 634 POTS and VoIP Security 635 People Power for Secure Communications 636 Summary 637 Exam Essentials 637 Review Questions 641 Chapter 12 Cross-Domain Challenges 647 Operationalizing Security Across the Immediate and Longer Term 648 Continuous Assessment and Continuous Compliance 650 SDNs and SDS 651 SOAR: Strategies for Focused Security Effort 653 A "DevSecOps" Culture: SOAR for Software Development 655 Just-in-Time Education, Training, and Awareness 656 Supply Chains, Security, and the SSCP 657 ICS, IoT, and SCADA: More Than SUNBURST 658 Extending Physical Security: More Than Just Badges and Locks 660 All-Source, Proactive Intelligence: The SOC as a Fusion Center 661 Other Dangers on the Web and Net 662 Surface, Deep, and Dark Webs 662 Deep and Dark: Risks and Countermeasures 664 DNS and Namespace Exploit Risks 665 On Our Way to the Future 666 Cloud Security: Edgier and Foggier 667 AI, ML, and Analytics: Explicability and Trustworthiness 667 Quantum Communications, Computing, and Cryptography 669 Paradigm Shifts in Information Security? 669 Perception Management and Information Security 671 Widespread Lack of Useful Understanding of Core Technologies 672 Enduring Lessons 672 You Cannot Legislate Security (But You Can Punish Noncompliance) 673 It's About Managing Our Security and Our Systems 673 People Put It Together 674 Maintain Flexibility of Vision 675 Accountability--It's Personal. Make It So 675 Stay Sharp 676 Your Next Steps 677 At the Close 678 Exam Essentials 678 Review Questions 683 Appendix Answers to Review Questions 689 Chapter 1: The Business Case for Decision Assurance and Information Security 690 Chapter 2: Information Security Fundamentals 693 Chapter 3: Integrated Information Risk Management 695 Chapter 4: Operationalizing Risk Mitigation 698 Chapter 5: Communications and Network Security 701 Chapter 6: Identity and Access Control 704 Chapter 7: Cryptography 707 Chapter 8: Hardware and Systems Security 709 Chapter 9: Applications, Data, and Cloud Security 712 Chapter 10: Incident Response and Recovery 715 Chapter 11: Business Continuity via Information Security and People Power 718 Chapter 12: Cross-Domain Challenges 722 Index 727

Price: 78.11 AUD

Location: Hillsdale, NSW

End Time: 2024-10-10T02:59:31.000Z

Shipping Cost: 33.97 AUD