Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover
Title Page
Copyright Page
Dedication
Contents at a Glance
Contents
Acknowledgments
Introduction
Exam Objective Map
Chapter 1 Security Fundamentals
Reviewing the Requirements for SSCP
Have One Year of Experience
Registering for the Exam
Passing the Exam
Subscribing to the (ISC)2 Code of Ethics and Getting Endorsed
Maintaining Your SSCP Certification
Understanding Basic Security Concepts
Confidentiality
Integrity
Availability
Exploring Fundamentals of Security
Least Privilege
Separation of Duties
Privacy and Data Sensitivity
Defense in Depth
Nonrepudiation
AAAs of Security
Accountability
Due Diligence
Due Care
Chapter Review
Questions
Answers
Chapter 2 Access Controls
Comparing Identification, Authentication, and Authorization
Exploring Authentication
Three Factors of Authentication
Multifactor Authentication
Two-Step Verification
Reviewing Identification
Single Sign-on Authentication
Centralized vs. Decentralized Authentication
Offline Authentication
Device Authentication
Implementing Access Controls
Comparing Subjects and Objects
Logical Access Controls
Comparing Access Control Models
Discretionary Access Control
Non-Discretionary Access Control
Access Control Matrix vs. Capability Table
Participating in the Identity and Access Management Lifecycle
Identity Proofing
Provisioning and Authorization
Maintenance and Entitlement
De-provisioning
Participating in Physical Security Operations
Badging
Data Center Assessment
Chapter Review
Questions
Answers
Chapter 3 Basic Networking and Communications
Understanding Use Cases
Reviewing the OSI Model
The Physical Layer (Layer 1)
The Data Link Layer (Layer 2)
The Network Layer (Layer 3)
The Transport Layer (Layer 4)
The Session Layer (Layer 5)
The Presentation Layer (Layer 6)
The Application Layer (Layer 7)
Comparing the OSI and TCP/IP Models
Understanding Network Topologies and Relationships
Ethernet
Bus Topology
Star Topology
Tree Topology
Token Ring Topology
Mesh Topology
Network Relationships
Reviewing Basic Protocols and Ports
Comparing IPv4 and IPv6
Dynamic Host Configuration Protocol
Address Resolution Protocol
Network Discovery Protocol
Domain Name System
Internet Control Message Protocol
Internet Group Message Protocol
Simple Network Management Protocol
File Transfer Protocol
Telnet
Secure Shell
Hypertext Transfer Protocol and Hypertext Transfer Protocol Secure
Transport Layer Security and Secure Sockets Layer
Network File System
Routing Protocols
E-mail Protocols
Internet Protocol Security
Tunneling Protocols
Mapping Well-Known Ports to Protocols
Comparing Ports and Protocol Numbers
Comparing Internetwork Trust Architectures
Comparing Public and Private IP Addresses
Using NAT
Comparing Trust Relationships
Exploring Wireless Technologies
Securing Data Transmissions
Wireless Device Administrator Password
Wireless Service Set Identifier
MAC Address Filtering
Bluetooth
NFC
GSM
3G, LTE, and 4G
WiMAX
Radio Frequency Identification
Protecting Mobile Devices
Chapter Review
Questions
Answers
Chapter 4 Advanced Networking and Communications
Managing LAN-based Security
Comparing Switches and Routers
Physical and Logical Segmentation
Secure Device Management
VoIP
Using Proxy Servers
Understanding Firewalls
Packet-Filtering Firewall
Stateful Inspection Firewall
Application Firewall
Next-Generation Firewall
Defense Diversity
Comparing Network-based and Host-based Firewalls
Exploring Remote Access Solutions
Risks and Vulnerabilities
Tunneling Protocols
Authentication
Traffic Shaping and WAN Optimization
Managing Network Access Control
Exploring Virtual Environments
Virtualization Terminology
Shared Storage
Virtual Appliances
Virtual Desktop Infrastructure
Continuity and Resilience
Separation of Data Plane and Control Plane
Software-defined Networking
Protecting Virtualization Systems
Understanding Cloud Computing
Shared Responsibility Models
Cloud Operation Models
Storage
Privacy
Data Control and Third-party Outsourcing
Compliance
Chapter Review
Questions
Answers
Chapter 5 Attacks
Comparing Attackers
Hackers and Crackers
White Hats, Black Hats, and Gray Hats
Advanced Persistent Threats
Insider Threats
Script Kiddies
Exploring Attack Types and Countermeasures
Basic Countermeasures
Spoofing
Data Theft
DoS
DDoS
Botnets and Zombies
Sniffing Attack
Reconnaissance and Fingerprinting Attacks
Salami Attack
Man-in-the-Middle
Replay
Session Hijacking
DNS Cache Poisoning
Smurf and Fraggle Attacks
Software Security as a Countermeasure
Buffer Overflow Attacks
Injection Attacks
Cross-Site Scripting
Cross-Site Request Forgery
Password Attacks
Spam
Phishing Attacks
Phishing and Drive-by Downloads
Spear Phishing and Whaling
Vishing
Smishing
Zero Day Exploits
Covert Channel
Wireless Attacks and Countermeasures
Understanding Social Engineering
Tailgating
Impersonation
Skimming
Dumpster Diving
Shoulder Surfing
Social Networking Attacks
User Awareness as a Countermeasure
Chapter Review
Questions
Answers
Chapter 6 Malicious Code and Activity
Identifying Malicious Code
Virus
Worm
Trojan Horse
RATs
Scareware
Ransomware
Keylogger
Logic Bomb
Rootkits
Mobile Code
Backdoors and Trapdoors
Spyware
Malware Hoaxes
Analyzing the Stages of an Attack
Understanding Malware Delivery Methods
Delivering Malware via Drive-by Downloads
Delivering Malware via Malvertising
Delivering Malware via E-mail
Delivering Malware via USB Drives
Implementing Malicious Code Countermeasures
Antivirus Software
Keeping AV Signatures Up to Date
Spam Filters
Content-filtering Appliances
Keeping Operating Systems Up to Date
Scanners
Beware of Shortened Links
Sandboxing
Least Privilege
Software Security
Application Whitelisting and Blacklisting
Participating in Security Awareness and Training
Common Vulnerabilities and Exposures
Chapter Review
Questions
Answers
Chapter 7 Risk, Response, and Recovery
Defining Risk
Identifying Threat Sources
Identifying Threat Events
Understanding Vulnerabilities
Understanding Impact Assessments
Sharing Threat Intelligence
Managing Risk
Risk Treatment
Residual Risk
Identifying Assets
Risk Visibility and Reporting
Risk Register
Common Vulnerability Scoring System
Risk Management Frameworks
Performing Risk Assessments
Threat Modeling
Quantitative Analysis
Qualitative Analysis
Risk Assessment Steps
Address Findings
Supporting the Incident Lifecycle
Preparation
Detection, Analysis, and Escalation
Containment
Eradication
Recovery
Lessons Learned/Implementation of New Countermeasure
Chapter Review
Questions
Answers
Chapter 8 Monitoring and Analysis
Operating and Maintaining Monitoring Systems
Events of Interest
Intrusion Detection Systems
IDS Alerts
Network-based Intrusion Detection Systems
Host-based Intrusion Detection Systems
Intrusion Prevention Systems
Detection Methods
Wireless Intrusion Detection and Prevention Systems
Analyze Monitoring Results
Detection Systems and Logs
Detecting Unauthorized Changes
Using Security Information and Event Management Tools
Continuous Monitoring
Document and Communicate Findings
Performing Security Tests and Assessments
Vulnerability Assessments
Penetration Tests
Chapter Review
Questions
Answers
Chapter 9 Controls and Countermeasures
Using Security Controls, Safeguards, and Countermeasures
Performing a Cost-Benefit Analysis
Security Controls Lifecycle
Understanding Control Goals
Preventive
Detective
Corrective
Other Controls
Comparing Security Control Implementation Methods
Administrative Security Controls
Technical Security Controls
Physical Security Controls
Combining Control Goals and Classes
Exploring Some Basic Controls
Hardening Systems
Policies, Standards, Procedures, and Guidelines
Response Plans
Change Control and Configuration Management
Testing and Implementing Patches, Fixes, and Updates
Endpoint Device Security
User Awareness and Training Programs
Understanding Fault Tolerance
Fault Tolerance for Disks
Failover Clusters
Load Balancing
Redundant Connections
Understanding Backups
Full Backups
Full/Incremental Backup Strategy
Full/Differential Backup Strategy
Image-based Backups
Chapter Review
Questions
Answers
Chapter 10 Auditing and Management Processes
Understanding Auditing and Accountability
Holding Users Accountable with Audit Logs
Auditing with Logs
Clipping Levels
Understanding Audit Trails
Exploring Audit Logs
Operating System Logs
Storing Logs on Remote Systems
*Nix Logs
Proxy Server Logs
Firewall Logs
Reviewing Logs
Managing Audit Logs
Performing Security Audits
Periodic Audit and Review
Auditing Passwords
Auditing Security Policies
ISACA
Exploring PCI DSS Requirements
Auditing Physical Access Controls
Understanding Configuration Management
Using Imaging for Configuration Management
Using Group Policy for Configuration Management
Using Other Tools for Configuration Management
Understanding Change Management
Change Management Process
Identifying Security Impact
Chapter Review
Questions
Answers
Chapter 11 Security Operations
Handling Data
Classifying Data
Marking and Labeling Data
Roles and Responsibilities
Protecting Data from Cradle to Grave
Data at Rest and Data in Motion
Data Management Policies
Understanding Databases
Data Inference
Data Diddling
Regulatory Requirements
Training
Managing Assets Through the Lifecycle
Hardware Inventory
Software Inventory and Licenses
Data Storage
Certification and Accreditation
Certification, Accreditation, and Security Assessments
Common Criteria
Using a Risk Management Framework
Understanding Security Within the System Development Lifecycle
Chapter Review
Questions
Answers
Chapter 12 Security Administration and Planning
Understanding Security Policies
Security Policy Characteristics
Enforcing Security Policies
Value of a Security Policy
Security Policies Becoming More Common
Complying with Codes of Ethics
Policy Awareness
Updating Security Policies
Understanding BCP and DRP Activities
Business Impact Analysis
Disaster Recovery Plan
Emergency Response Plans and Procedures
Comparing a BCP and a DRP
Restoration Planning
Testing and Drills
Alternative Locations
Identifying Security Organizations
NIST
US-CERT
SANS Institute
CERT Division
Chapter Review
Questions
Answers
Chapter 13 Legal Issues
Exploring Computer Forensics
Supporting the Incident Lifecycle
Handling Evidence
Three Phases of a Computer Forensics Investigation
Legal and Ethical Principles
Comparing Computer Abuse and Computer Crime
Understanding Fraud and Embezzlement Crime
Mandatory Vacations
Job Rotation
Understanding Privacy Issues
General Data Protection Regulation
California Supreme Court Rules That ZIP Codes Are PII
Connecticut’s Public Act No. 08-167
Children’s Online Privacy Protection Act
California Online Privacy Protection Act of 2003
Legal and Regulatory Concerns
Chapter Review
Questions
Answers
Chapter 14 Cryptography
Understanding Basic Cryptography Concepts
Cryptography Terminology
Data Sensitivity
Regulatory Requirements
Participating in Security Awareness and Training
Enforcing Integrity with Hashing
Hashing Algorithms Provide One-Way Encryption
Hashing Algorithms
Verifying Integrity with a Hash
Salting Passwords
Exploring Symmetric Encryption
ROT13
Creating Strong Keys
Comparing Block and Stream Ciphers
Advanced Encryption Standard
Other Symmetric Encryption Algorithms
Exploring Asymmetric Encryption
RSA
Secure Sockets Layer
Transport Layer Security
SSL Decryptors
Diffie-Hellman
Elliptic Curve Cryptography
Secure Shell
Protecting E-mail with S/MIME
Protecting E-mail with DKIM
PGP and GPG
Other Encryption Schemes
Steganography
IPsec
Understanding Public Key Infrastructure Systems
Certificates
Certificate Authority
Key Escrow
Alternative Certificate Trusts
Comparing Cryptanalysis Attacks
Fundamental Key Management Concepts
Known-Plaintext Attack
Ciphertext-Only Attack
Hashing and Collisions
Countermeasures Against Cryptanalysis Attacks
Chapter Review
Questions
Answers
Appendix About the Online Content
System Requirements
Your Total Seminars Training Hub Account
Privacy Notice
Single User License Terms and Conditions
TotalTester Online
Technical Support
Glossary
Index
← Prev
Back
Next →
← Prev
Back
Next →