Oreilly - SSCP (Systems Security Certified Practitioner)
by Michael J. Shannon | Publisher: Pearson IT Certification | Release Date: August 2017 | ISBN: 9780134838489
14 hours of video instruction to learn everything you need to know about the Systems Security Certified Practitioner (SSCP) certification exam.OverviewSSCP (Systems Security Certified Practitioner) Complete Video Course provides 14 hours of comprehensive video that teaches you everything you need to know get up and running with systems security. (ISC)2's SSCP exam is a solid introductory certification in IT security and this comprehensive video course walks you through every topic on the exam blueprint so you can learn about system security from the ground up and also gain the knowledge and skills you need to pass the SSCP exam. Full of live trainer discussions, hands-on demos, whiteboard work, and deep dive discussions, this course covers security fundamentals and principles in a way that is easy to access. DescriptionSSCP (Systems Security Certified Practitioner) Complete Video Course is a unique video product that teaches you the fundamentals of system security while also covering every objective in the SSCP certification exam so you can learn everything needed to pass the test and also the knowledge and skills you need to advance your cybersecurity career. The (ISC)2 SSCP exam is a vendor neutral world-recognized certification that endorses your IT security knowledge. It is also the a great way to start your path toward CISSP certification, which is the next step through (ISC)2.The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the SSCP exam. Topics include: Access ControlsSecurity Operations and AdministrationRisk Identification, Monitoring and AnalysisIncident Response and RecoveryCryptographyNetwork and Communications SecuritySystems and Application SecurityAbout the Instructor Michael J Shannon began his IT career when he transitioned from a recording studio engineer to network technician for a major telecommunications company in the early 90's. He soon began to focus on security and was one of the first 10 people to attain the HIPAA Certified Security Specialist. Throughout his 30 years in IT he has worked as an employee, contractor, trainer and consultant for a number of companies including Platinum Technologies, Fujitsu, IBM, State Farm, Pearson, MindSharp, Thomson/NetG, and Skillsoft among others. Mr. Shannon has authored several books, training manuals, published articles, and produced dozens of CBT titles over the years as well. For security purposes, he has attained the CISSP, CCNP Security, SSCP, Security+, and ITIL Intermediate SO and RCV certifications. He is also a licensed insurance agent specializing in cyber insurance on behalf of large insurers and numerous companies throughout Texas.Skill Level BeginningWhat You Will LearnKey concepts for all the objectives on the SSCP examSecurity and cybersecurity fundamentals and principlesWho Should Take This Course The target audience for this course consists of systems/network/application security professionals that are preparing for the SSCP Exam. A secondary audience consists of any IT professional who wants to gain a broad understanding of how to secure modern enterprises.Table of Contents Module 1: Security Operations and Administration Lesson 1: Overview of SSCP and the (ISC)2 Code of Ethics Lesson 2: Security Terminology and Policy Lesson 3: Security AdministrationModule 2: Risk Identification, Monitoring and Analysis Lesson 4: Risk Management and Assessment Lesson 5: Security Operations Module 3: Access Controls Lesson 6: Access Controls (Part 1) Lesson 7: Access Controls (Part 2)Module 4: Network and Communications Security Lesson 8: Types of Attacks Lesson 9: Network Protocols and Services Lesson 10: Infrastructure Device Protection Lesson 11: Overview of Security Devices Lesson 12: Wireless Technology and SecurityModule 5: Cryptography Lesson 13: Cryptography (Part 1) Lesson 14: Cryptography (Part 2)Module 6: Systems and Application Security Lesson 15: Malware Threats Lesson 16: Identifying Malware and IoCs Lesson 17: Endpoint Security Lesson 18: Systems and Application SecurityModule 7: Incident Response and Recovery Lesson 19: Incident Response and Recovery Lesson 20: Exam Tips and TechniquesAbout LiveLessons Video Training LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more. View all LiveLessons on InformIT at http://www.informit.com/livelessons.
- Introduction
- SSCP (Systems Security Certified Practitioner): Introduction 00:03:41
- Module 1: Security Operations and Administration
- Module Introduction 00:00:55
- Lesson 1: Overview of SSCP and the (ISC)2 Code of Ethics
- Learning objectives 00:00:29
- 1.1 Who Is (ISC)2? 00:01:51
- 1.2 The Systems Security Certified Practitioner (SSCP) Certification 00:04:03
- 1.3 SSCP Exam Overview 00:00:53
- 1.4 (ISC)2 Code of Ethics 00:01:36
- Summary 00:00:22
- Lesson 2: Security Terminology and Policy
- Learning objectives 00:00:32
- 2.1 The Threat Landscape 00:02:58
- 2.2 Risks and Vulnerabilities 00:10:29
- 2.3 Threats and Threat Agents 00:03:11
- 2.4 Motivations and Means 00:04:41
- 2.5 Indicators of Compromise (IOCs) 00:03:16
- 2.6 Countermeasures and Mitigation 00:04:29
- 2.7 The Security Triad 00:04:17
- 2.8 The Written Security Policy 00:05:37
- Summary 00:00:26
- Lesson 3: Security Administration
- Learning objectives 00:00:28
- 3.1 Asset Management 00:03:34
- 3.2 Change Management 00:06:14
- 3.3 Configuration Management 00:02:55
- 3.4 Security Impact Assessment 00:05:02
- 3.5 Security Awareness and Training 00:05:17
- 3.6 Physical Security Operations 00:12:03
- 3.7 AUP Policy Enforcement 00:05:41
- Summary 00:00:23
- Module 2: Risk Identification, Monitoring and Analysis
- Module Introduction 00:00:51
- Lesson 4: Risk Management and Assessment
- Learning objectives 00:00:27
- 4.1 Risk Management Concepts 00:08:37
- 4.2 Handling Risk 00:03:35
- 4.3 Qualitative Risk Assessment 00:06:07
- 4.4 Quantitative Risk Assessment 00:09:42
- 4.5 Risk Visibility and Reporting 00:08:34
- 4.6 Auditing Findings for Continual Improvement 00:01:54
- Summary 00:00:24
- Lesson 5: Security Operations
- Learning objectives 00:00:27
- 5.1 Importance of Continuous Monitoring 00:01:30
- 5.2 Syslog 00:14:55
- 5.3 SNMPv3 00:04:43
- 5.4 NetFlow 00:03:07
- 5.5 Security Analytics, Metrics and Trends 00:01:39
- 5.6 Visualization 00:12:01
- 5.7 Event Data Analysis 00:02:01
- 5.8 Communicating Findings 00:00:45
- Summary 00:00:25
- Module 3: Access Controls
- Module Introduction 00:00:55
- Lesson 6: Access Controls (Part 1)
- Learning objectives 00:00:37
- 6.1 AAA Defined 00:04:52
- 6.2 Authentication Factors 00:04:49
- 6.3 Internetwork Trust Architectures 00:06:09
- 6.4 Trust Relationships 00:06:52
- 6.5 Subject-based versus Object-based 00:01:42
- 6.6 MAC versus DAC 00:03:46
- 6.7 Role-based and Attribute-based 00:11:32
- 6.8 Identity Management Lifecycle 00:03:03
- Summary 00:00:32
- Lesson 7: Access Controls (Part 2)
- Learning objectives 00:00:31
- 7.1 IEEE 802.1X 00:08:29
- 7.2 802.1AE MAC Security 00:04:35
- 7.3 RADIUS 00:09:44
- 7.4 TACACS+ 00:06:08
- 7.5 Network Admission Control 00:02:14
- 7.6 Remote-Access Teleworkers 00:12:07
- 7.7 IPSec VPN 00:08:03
- 7.8 SSL/TLS VPN 00:04:45
- Summary 00:00:26
- Module 4: Network and Communications Security
- Module Introduction 00:01:49
- Lesson 8: Types of Attacks
- Learning objectives 00:00:38
- 8.1 Social Engineering 00:07:03
- 8.2 Spoofing 00:04:44
- 8.3 Denial-of-Service and DDoS 00:11:16
- 8.4 Botnets 00:04:22
- 8.5 ZeroDay Attacks and APTs 00:03:08
- 8.6 Buffer Overflow and Injection 00:01:59
- 8.7 Reflection and Amplification 00:03:10
- 8.8 Poisoning 00:04:53
- 8.9 Phishing, Pharming, and Spam 00:16:05
- 8.10 Hijacking 00:02:47
- Summary 00:00:31
- Lesson 9: Network Protocols and Services
- Learning objectives 00:00:35
- 9.1 The OSI Model 00:06:38
- 9.2 The TCP/IP Model 00:03:08
- 9.3 Physical Topologies 00:08:45
- 9.4 Logical Topologies 00:08:52
- 9.5 Common Protocols and Services 00:08:37
- 9.6 Physical Security 00:06:00
- 9.7 Securing Layers 2-4 00:08:29
- 9.8 Securing Layers 5-7 00:09:05
- Summary 00:00:30
- Lesson 10: Infrastructure Device Protection
- Learning objectives 00:00:31
- 10.1 Overview of Network Infrastructure Protection 00:01:43
- 10.2 Hardening the Device Planes 00:23:13
- 10.3 Types of Security Controls 00:03:49
- 10.4 Categories of Security Controls 00:04:17
- 10.5 Segmentation and Zoning 00:07:05
- 10.6 Secure Device Management 00:11:19
- 10.7 Device Protection Best Practices 00:01:30
- Summary 00:00:27
- Lesson 11: Overview of Security Devices
- Learning objectives 00:00:31
- 11.1 Security Router 00:02:21
- 11.2 Security Switches 00:06:19
- 11.3 Firewalls 00:08:47
- 11.4 Proxies 00:02:05
- 11.5 NIDS and NIPS 00:18:25
- 11.6 VPN Gateways 00:10:39
- 11.7 Content Security Appliances 00:12:05
- 11.8 Traffic-shaping Devices 00:01:53
- Summary 00:00:25
- Lesson 12: Wireless Technology and Security
- Learning objectives 00:00:29
- 12.1 Overview of Wireless Technology 00:21:57
- 12.2 Transmission Security 00:05:55
- 12.3 Common Wireless Attacks 00:07:28
- 12.4 Basic Countermeasures 00:06:03
- 12.5 Wireless Infrastructure Devices 00:09:45
- 12.6 Protecting Wireless Endpoints 00:01:36
- Summary 00:00:26
- Module 5: Cryptography
- Module Introduction 00:00:50
- Lesson 13: Cryptography (Part 1)
- Learning objectives 00:00:26
- 13.1 Introduction to Cryptology 00:02:02
- 13.2 Ciphers 00:04:35
- 13.3 Block versus Stream Ciphers 00:03:29
- 13.4 Encryption 00:06:27
- 13.5 Symmetric Key Systems 00:02:11
- 13.6 Asymmetric Key Systems 00:03:03
- 13.7 Hashing and Integrity 00:09:19
- Summary 00:00:23
- Lesson 14: Cryptography (Part 2)
- Learning objectives 00:00:33
- 14.1 Key Management 00:03:02
- 14.2 Digital Signatures 00:04:30
- 14.3 Web of Trust 00:02:15
- 14.4 Public Key Infrastructure 00:07:20
- 14.5 X.509v3 Certificates 00:06:31
- 14.6 CA Trusts and Certificate Chaining 00:03:43
- 14.7 Expiration, Revocation and Suspension 00:04:06
- 14.8 Implementation of Secure Protocols 00:01:22
- Summary 00:00:31
- Module 6: Systems and Application Security
- Module Introduction 00:01:41
- Lesson 15: Malware Threats
- Learning objectives 00:00:30
- 15.1 Viruses 00:04:31
- 15.2 Worms 00:03:09
- 15.3 Trojan Horse (RATs) 00:05:02
- 15.4 Ransomware and Cryptoware 00:02:11
- 15.5 Backdoors 00:03:57
- 15.6 Logic Bombs 00:02:36
- 15.7 Keyloggers 00:01:37
- 15.8 Spyware 00:01:19
- 15.9 Stegomalware 00:01:38
- Summary 00:00:26
- Lesson 16: Identifying Malware and IoCs
- Learning objectives 00:00:26
- 16.1 Identifying Malicious Code 00:08:47
- 16.2 Indications of Compromise (IoCs) 00:04:09
- 16.3 Survey of Attack Tools and Kits 00:02:43
- 16.4 Malicious Code Countermeasures 00:04:31
- 16.5 Malicious Activity Countermeasures 00:01:04
- Summary 00:00:21
- Lesson 17: Endpoint Security
- Learning objectives 00:00:32
- 17.1 Host-based IDS (HIDS) 00:02:12
- 17.2 Personal Security Suites 00:04:43
- 17.3 Endpoint Encryption 00:08:00
- 17.4 Advanced Endpoint Systems 00:05:59
- 17.5 Virtualization and Thin Clients 00:05:02
- 17.6 Protecting Detached Storage 00:02:24
- 17.7 Secure Browsing 00:14:00
- 17.8 Mobile Device Security Management 00:04:55
- Summary 00:00:28
- Lesson 18: Systems and Application Security
- Learning objectives 00:00:46
- 18.1 Application Security 00:08:42
- 18.2 Mitigating Architecture and Design Vulnerabilities 00:05:30
- 18.3 Service Models 00:04:39
- 18.4 Data Storage and Transmission 00:07:47
- 18.5 Third-party and Outsourcing 00:03:29
- 18.6 Virtualization Security Overview 00:04:36
- 18.7 Cloud Computing Models 00:10:32
- 18.8 Operate and Secure Virtual Environments 00:10:08
- 18.9 Securing Big Data Systems 00:05:15
- 18.10 Legal and Privacy Concerns 00:02:31
- Summary 00:00:43
- Module 7: Incident Response and Recovery
- Module Introduction 00:00:43
- Lesson 19: Incident Response and Recovery
- Learning objectives 00:00:34
- 19.1 Participating in Incident Handling 00:02:14
- 19.2 Incident Handling Lifecycle 00:19:40
- 19.3 Supporting Forensic Investigations 00:14:30
- 19.4 Understanding BCPs and DRPs 00:09:10
- 19.5 Emergency Response 00:01:36
- 19.6 Restoration Planning 00:07:58
- 19.7 Implementing Backups and Redundancy 00:04:40
- 19.8 Testing and Drills 00:01:56
- Summary 00:00:31
- Summary
- SSCP (Systems Security Certified Practitioner): Summary 00:00:59
9780134838489.SSCP.Systems.Security.Certified.Practitioner.part1.OR.rar
9780134838489.SSCP.Systems.Security.Certified.Practitioner.part2.OR.rar
9780134838489.SSCP.Systems.Security.Certified.Practitioner.part3.OR.rar
9780134838489.SSCP.Systems.Security.Certified.Practitioner.part4.OR.rar
9780134838489.SSCP.Systems.Security.Certified.Practitioner.part5.OR.rar