Home > Computing and Information Technology > Computer certification > SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide
29%
SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide

SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide

4.2       |  5 Reviews 
5
4
3
2
1

Out of Stock


Premium quality
Premium quality
Bookswagon upholds the quality by delivering untarnished books. Quality, services and satisfaction are everything for us!
Easy Return
Easy return
Not satisfied with this product! Keep it in original condition and packaging to avail easy return policy.
Certified product
Certified product
First impression is the last impression! Address the book’s certification page, ISBN, publisher’s name, copyright page and print quality.
Secure Checkout
Secure checkout
Security at its finest! Login, browse, purchase and pay, every step is safe and secured.
Money back guarantee
Money-back guarantee:
It’s all about customers! For any kind of bad experience with the product, get your actual amount back after returning the product.
On time delivery
On-time delivery
At your doorstep on time! Get this book delivered without any delay.
Notify me when this book is in stock
Add to Wishlist

About the Book

Fully updated Study Guide for the SSCP This guide prepares you for the SSCP, Systems Security Certified Practitioner certification examination by focusing on the Common Body of Knowledge (CBK) as determined by ISC2 in seven high level topics. This Sybex Study Guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world practice, access to the Sybex online interactive learning environment and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions. Along with the book you also get access to Sybex's superior online interactive learning environment that includes: *125 question practice exam to help you identify where you need to study more. Get more than 90 percent of the answers correct, you're ready to take the certification exam. * More than 100 Electronic Flashcards to reinforce your learning and give you last minute test prep before the exam * A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam * Appendix of charts, tables, typical applications, and programs Coverage of all of the exam topics in the book means you'll be ready for: * Access Controls * Security Operations and Administration * Risk Identification, Monitoring and Analysis Incident Response and Recovery * Cryptography * Network and Communications Security * Systems and Application Security

Table of Contents:
Introduction xxv Assessment Test xxxi Chapter 1 Information Security: The Systems Security Certified Practitioner Certification 1 About the (ISC)2 Organization 2 (ISC)2 History 3 Organizational Structure and Programs 3 Exams, Testing, and Certification 6 Certification Qualification: The SSCP Common Body of Knowledge 6 After Passing the Exam 8 Certification Maintenance 9 Types of IT Certifications? 10 About the Systems Security Certified Practitioner Certification 12 How Do I Use My SSCP Knowledge on the Job? 15 The SSCP Exam 17 Preparing for the Exam 17 Booking the Exam 21 Taking the Exam 22 Summary 25 Exam Essentials 25 Chapter 2 Security Basics: A Foundation 27 The Development of Security Techniques 28 Understanding Security Terms and Concepts 29 The Problem (Opportunity) and the Solution 29 Evolution of Items 31 Security Foundation Concepts 38 CIA Triad 38 Primary Security Categories 39 Access Control 40 Nonrepudiation 42 Risk 42 Prudent Man, Due Diligence, and Due Care 44 User Security Management 44 Least Privilege 45 AAA 45 Mandatory Vacation 46 Separation of Duties 46 M of N Requirement 46 Two-Man Rule 47 Job Rotation 48 Geographic Access Control 48 Temporal Access Control, Time of Day Control 48 Privacy 49 Transparency 49 Implicit Deny 50 Personal Device (BYOD) 51 Privilege Management, Privilege Life Cycle 51 Participating in Security Awareness Education 52 Types of Security Awareness Education Programs 52 Working with Human Resources and Stakeholders 53 Senior Executives 53 Customers, Vendors, and Extranet Users Security Awareness Programs 54 Summary 54 Exam Essentials 55 Written Lab 56 Review Questions 57 Chapter 3 Domain 1: Access Controls 61 What Are Controls? 62 What Should Be Protected? 63 Why Control Access? 64 Types of Access Controls 67 Physical Access Controls 67 Logical Access Controls 68 Administrative Access Controls 69 Identification 70 Authentication 72 Factors of Authentication 74 Single-Factor Authentication 84 Multifactor Authentication 84 Token-Based Access Controls 85 System-Level Access Controls 86 Discretionary Access Control (DAC) 86 Nondiscretionary Access Control 87 Mandatory Access Control 87 Administering Mandatory Access Control 89 Trusted Systems 90 Mandatory Access Control Architecture Models 91 Account-Level Access Control 94 Session-Level Access Control 104 View-Based Access Control 104 Data-Level Access Control 105 Contextual- or Content-Based Access Control 106 Physical Data and Printed Media Access Control 106 Assurance of Accountability 107 Manage Internetwork Trust Architectures 108 Cloud-Based Security 111 Summary 113 Exam Essentials 114 Written Lab 115 Review Questions 116 Chapter 4 Domain 2: Security Operations and Administration 121 Security Administration Concepts and Principles 122 Security Equation 123 Security Policies and Practices 124 Data Management Policies 143 Data States 144 Information Life Cycle Management 144 Information Classification Policy 144 Endpoint Device Security 148 Endpoint Health Compliance 148 Endpoint Defense 149 Endpoint Device Policy 149 Security Education and Awareness Training 150 Employee Security Training Policy 153 Employee Security Training program 154 Business Continuity Planning 157 Developing a Business Continuity Plan 160 Disaster Recovery Plans 165 Summary 173 Exam Essentials 174 Written Lab 175 Review Questions 176 Chapter 5 Domain 3: Risk Identification, Monitoring, and Analysis 181 Understanding the Risk Management Process 183 Defining Risk 183 Risk Management Process 184 Risk Management Frameworks and Guidance for Managing Risks 191 ISO/IEC 27005 191 NIST Special Publication 800-37 Revision 1 192 NIST Special Publication 800-39 194 Risk Analysis and Risk Assessment 194 Risk Analysis 195 Risk Assessments 199 Managing Risks 202 Treatment Plan 202 Risk Treatment 202 Risk Treatment Schedule 203 Risk Register 205 Risk Visibility and Reporting 207 Enterprise Risk Management 207 Continuous Monitoring 208 Security Operations Center 209 Threat Intelligence 210 Analyzing Monitoring Results 211 Security Analytics, Metrics, and Trends 212 Event Data Analysis 213 Visualization 214 Communicating Findings 215 Summary 216 Exam Essentials 217 Written Lab 218 Review Questions 219 Chapter 6 Domain 4: Incident Response and Recovery 223 Event and Incident Handling Policy 224 Standards 225 Procedures 225 Guidelines 226 Creating and Maintaining an Incident Response Plan 226 Law Enforcement and Media Communication 229 Building in Incident Response Team 231 Incident Response Records 232 Security Event Information 233 Incident Response Containment and Restoration 233 Implementation of Countermeasures 235 Understanding and Supporting Forensic Investigations 235 Incident Scene 236 Volatility of Evidence 237 Forensic Principles 237 Chain of Custody 238 Proper Investigation and Analysis of Evidence 238 Interpretation and Reporting Assessment Results 239 Understanding and Supporting the Business Continuity Plan and the Disaster Recovery Plan 240 Emergency Response Plans and Procedures 240 Business Continuity Planning 240 Disaster Recovery Planning 242 Interim or Alternate Processing Strategies 245 Restoration Planning 247 Backup and Redundancy Implementation 247 Business Continuity Plan and Disaster Recovery Plan Testing and Drills 252 Summary 253 Exam Essentials 254 Written Lab 255 Review Questions 256 Chapter 7 Domain 5: Cryptography 261 Concepts and Requirements of Cryptography 263 Terms and Concepts Used in Cryptography 263 Cryptographic Systems and Technology 272 Data Classification and Regulatory Requirements 297 Public Key Infrastructure and Certificate Management 299 Key Management 303 Key Generation 303 Key Distribution 303 Key Encrypting Keys 304 Key Retrieval 304 Secure Protocols 306 IPsec 306 Summary 311 Exam Essentials 311 Written Lab 313 Review Questions 314 Chapter 8 Domain 6: Networks and Communications 317 Network Models 318 TCP/IP and OSI Reference Models 319 Network Design Topographies 330 Network Topology Models 330 Network Connection Models 334 Media Access Models 335 Ports and Protocols 336 Ports 336 Common Protocols 338 Converged Network Communications 340 Network Monitoring and Control 341 Continuous Monitoring 341 Network Monitors 341 Managing Network Logs 342 Access Control Protocols and Standards 343 Remote Network Access Control 343 Remote User Authentication Services 346 RADIUS 347 TACACS/TACACS+/XTACACS 347 Local User Authentication Services 348 LDAP 348 Kerberos 348 Single Sign-On 350 Network Segmentation 351 Subnetting 352 Virtual Local Area Networks 353 Demilitarized Zones 353 Network Address Translation 354 Securing Devices 355 MAC Filtering and Limiting 356 Disabling Unused Ports 356 Security Posture 356 Firewall and Proxy Implementation 357 Firewalls 357 Firewall Rules 359 Network Routers and Switches 361 Routers 361 Switches 363 Intrusion Detection and Prevention Devices 363 Intrusion Detection Systems 364 Intrusion Prevention Systems 364 Wireless Intrusion Prevention Systems 365 Comparing Intrusion Detection Systems and Intrusion Prevention Systems 366 Spam Filter to Prevent Email Spam 368 Telecommunications Remote Access 368 Network Access Control 368 Wireless & Cellular Technologies 369 IEEE 802.11x Wireless Protocols 370 WEP/WPA/WPA2 371 Wireless Networks 373 Cellular Network 375 WiMAX 375 Wireless MAN 376 Wireless WAN 377 Wireless LAN 377 Wireless Mesh Network 377 Bluetooth 377 Wireless Network Attacks 378 Wireless Access Points 378 Traffic Shaping Techniques and Devices 381 Quality of Service 381 Summary 382 Exam Essentials 383 Written Lab 384 Review Questions 385 Chapter 9 Domain 7: Systems and Application Security 389 Understand Malicious Code and Apply Countermeasures 390 Malicious Code Terms and Concepts 393 Managing Spam to Avoid Malware 401 Cookies and Attachments 402 Malicious Code Countermeasures 405 Malicious Add-Ons 409 Java Applets 409 ActiveX 410 User Threats and Endpoint Device Security 410 General Workstation Security 411 Physical Security 416 Securing Mobile Devices and Mobile Device Management 426 Understand and Apply Cloud Security 428 Cloud Concepts and Cloud Security 429 Cloud Deployment Model Security 434 Cloud Service Model Security 436 Cloud Management Security 438 Cloud Legal and Privacy Concepts 442 Cloud Virtualization Security 449 Secure Data Warehouse and Big Data Environments 449 Data Warehouse and Big Data Deployment and Operations 450 Securing the Data Warehouse and Data Environment 451 Secure Software-Defined Networks and Virtual Environments 451 Software-Defined Networks 452 Security Benefits and Challenges of Virtualization 455 Summary 457 Exam Essentials 458 Written Lab 459 Review Questions 460 Appendix A Answers to Written Labs 465 Chapter 2 466 Chapter 3 466 Chapter 4 467 Chapter 5 468 Chapter 6 468 Chapter 7 469 Chapter 8 470 Chapter 9 471 Appendix B Answers to Review Questions 473 Chapter 2 474 Chapter 3 475 Chapter 4 476 Chapter 5 478 Chapter 6 479 Chapter 7 481 Chapter 8 483 Chapter 9 484 Appendix C Diagnostic Tools 487 Microsoft Baseline Security Analyzer 488 Using the Tool 488 Microsoft Password Checker 491 Using the Tool 491 Internet Explorer Phishing and Malicious Software Filter 492 Using the Tool 493 Manage Internet Cookies 494 Using the Tool 494 Observing Logs with Event Viewer 495 Using the Tool 495 Viewing a Digital Certificate 497 Using the Tool 497 Monitoring PC Activities with Windows Performance Monitor 500 Using the Tool 500 Analyzing Error Messages in Event Viewer 504 Using the Tool 504 Calculate Hash Values 508 Using the Tool 509 Index 511


Best Sellers


Product Details
  • ISBN-13: 9781119059653
  • Publisher: John Wiley & Sons Inc
  • Publisher Imprint: John Wiley & Sons Inc
  • Depth: 51
  • Height: 239 mm
  • No of Pages: 576
  • Series Title: English
  • Weight: 804 gr
  • ISBN-10: 1119059658
  • Publisher Date: 15 Sep 2015
  • Binding: Paperback
  • Edition: STG
  • Language: English
  • Returnable: N
  • Spine Width: 33 mm
  • Width: 187 mm


Similar Products

How would you rate your experience shopping for books on Bookswagon?

Add Photo
Add Photo

Customer Reviews

4.2       |  5 Reviews 
out of (%) reviewers recommend this product
Top Reviews
Rating Snapshot
Select a row below to filter reviews.
5
4
3
2
1
Average Customer Ratings
4.2       |  5 Reviews 
00 of 0 Reviews
Sort by :
Active Filters

00 of 0 Reviews
SEARCH RESULTS
1–2 of 2 Reviews
    BoxerLover2 - 5 Days ago
    A Thrilling But Totally Believable Murder Mystery

    Read this in one evening. I had planned to do other things with my day, but it was impossible to put down. Every time I tried, I was drawn back to it in less than 5 minutes. I sobbed my eyes out the entire last 100 pages. Highly recommend!

    BoxerLover2 - 5 Days ago
    A Thrilling But Totally Believable Murder Mystery

    Read this in one evening. I had planned to do other things with my day, but it was impossible to put down. Every time I tried, I was drawn back to it in less than 5 minutes. I sobbed my eyes out the entire last 100 pages. Highly recommend!


Sample text
Photo of
    Media Viewer

    Sample text
    Reviews
    Reader Type:
    BoxerLover2
    00 of 0 review

    Your review was submitted!
    SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide
    John Wiley & Sons Inc -
    SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide
    Writing guidlines
    We want to publish your review, so please:
    • keep your review on the product. Review's that defame author's character will be rejected.
    • Keep your review focused on the product.
    • Avoid writing about customer service. contact us instead if you have issue requiring immediate attention.
    • Refrain from mentioning competitors or the specific price you paid for the product.
    • Do not include any personally identifiable information, such as full names.

    SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide

    Required fields are marked with *

    Review Title*
    Review
      Add Photo Add up to 6 photos
      Would you recommend this product to a friend?
      Tag this Book
      Read more
      Does your review contain spoilers?
      What type of reader best describes you?
      I agree to the terms & conditions
      You may receive emails regarding this submission. Any emails will include the ability to opt-out of future communications.

      CUSTOMER RATINGS AND REVIEWS AND QUESTIONS AND ANSWERS TERMS OF USE

      These Terms of Use govern your conduct associated with the Customer Ratings and Reviews and/or Questions and Answers service offered by Bookswagon (the "CRR Service").


      By submitting any content to Bookswagon, you guarantee that:
      • You are the sole author and owner of the intellectual property rights in the content;
      • All "moral rights" that you may have in such content have been voluntarily waived by you;
      • All content that you post is accurate;
      • You are at least 13 years old;
      • Use of the content you supply does not violate these Terms of Use and will not cause injury to any person or entity.
      You further agree that you may not submit any content:
      • That is known by you to be false, inaccurate or misleading;
      • That infringes any third party's copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy;
      • That violates any law, statute, ordinance or regulation (including, but not limited to, those governing, consumer protection, unfair competition, anti-discrimination or false advertising);
      • That is, or may reasonably be considered to be, defamatory, libelous, hateful, racially or religiously biased or offensive, unlawfully threatening or unlawfully harassing to any individual, partnership or corporation;
      • For which you were compensated or granted any consideration by any unapproved third party;
      • That includes any information that references other websites, addresses, email addresses, contact information or phone numbers;
      • That contains any computer viruses, worms or other potentially damaging computer programs or files.
      You agree to indemnify and hold Bookswagon (and its officers, directors, agents, subsidiaries, joint ventures, employees and third-party service providers, including but not limited to Bazaarvoice, Inc.), harmless from all claims, demands, and damages (actual and consequential) of every kind and nature, known and unknown including reasonable attorneys' fees, arising out of a breach of your representations and warranties set forth above, or your violation of any law or the rights of a third party.


      For any content that you submit, you grant Bookswagon a perpetual, irrevocable, royalty-free, transferable right and license to use, copy, modify, delete in its entirety, adapt, publish, translate, create derivative works from and/or sell, transfer, and/or distribute such content and/or incorporate such content into any form, medium or technology throughout the world without compensation to you. Additionally,  Bookswagon may transfer or share any personal information that you submit with its third-party service providers, including but not limited to Bazaarvoice, Inc. in accordance with  Privacy Policy


      All content that you submit may be used at Bookswagon's sole discretion. Bookswagon reserves the right to change, condense, withhold publication, remove or delete any content on Bookswagon's website that Bookswagon deems, in its sole discretion, to violate the content guidelines or any other provision of these Terms of Use.  Bookswagon does not guarantee that you will have any recourse through Bookswagon to edit or delete any content you have submitted. Ratings and written comments are generally posted within two to four business days. However, Bookswagon reserves the right to remove or to refuse to post any submission to the extent authorized by law. You acknowledge that you, not Bookswagon, are responsible for the contents of your submission. None of the content that you submit shall be subject to any obligation of confidence on the part of Bookswagon, its agents, subsidiaries, affiliates, partners or third party service providers (including but not limited to Bazaarvoice, Inc.)and their respective directors, officers and employees.

      Accept

      New Arrivals


      Inspired by your browsing history


      Your review has been submitted!

      You've already reviewed this product!
      ASK VIDYA