Network Training - Course Details

SSCPPC SSCP Prep Course

Network Training Course Description:
Looking to move up in the information security field? If you have at least one year of security experience, you qualify for the Systems Security Certified Practitioner (SSCP) certification, which offers junior security professionals a way to validate their experience and demonstrate competence with (ISC)2®'s seven domains.
Network Training Course Duration:
5 DAYS
Network Training Course Target Audience:
IT consultants, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, security engineers, and other security professionals seeking SSCP certification or, ultimately, CISSP certification.
Network Training Course Prerequisite:
Systems administration experience, familiarity with TCP/IP, and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in ourSecurity+ Prep Course.
Course Content:

  • Testing-Taking Tips and Study Techniques

    • Preparation for the SSCP Exam
    • Submitting Required Paperwork
    • Resources and Study Aids
    • Passing the Exam the First Time

  • Security Operations and Administration

    • Change Control/Configuration Management
    • Dual Control, Separation of Duties, Rotation of Duties
    • Vulnerability Assessment and Pen-Testing

  • Access Controls

    • AAA
    • Authentication Methods (Types 1, 2, & 3)
    • Authorization - DAC, RBAC, MAC
    • Accounting - Logging, Monitoring, Auditing
    • Central/Decentralized and Hybrid Management
    • Single Sign-On - Kerberos, Radius, Diameter, TACACS
    • Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering

  • Cryptography

    • Intro/History
    • Symmetric
    • Asymmetric
    • Hashing
    • Cryptosystems - SSL, S/MIME, PGP
    • PKI
    • Cryptanalysis

  • Malicious Code and Activity

    • Layering, Data Hiding, and Abstraction
    • Database Security
    • OOD
    • Mobil Code
    • Malware Architecture Problems - Covert Channels + TOC/TOU, Object Reuse
    • Network Vulnerabilities

  • Networks and Communications

    • OSI/DoD TCP/IP Models
    • TCP/UDP/ICMP/IP
    • Ethernet
    • Devices - Routers/Switches/Hubs
    • Firewalls
    • Wireless
    • WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable
    • Voice - PBX/Cell Phones/VOIP
    • IPSec

  • Risk, Response, and Recovery

    • CIA
    • Roles and Responsibilities - RACI
    • Asset Management
    • Taxonomy - Information Classification
    • Risk Management
    • Policies, Procedures, Standards, Guidelines, Baselines
    • Knowledge Transfer - Awareness, Training, Education
    • BIA Policy
    • BIA Roles and Teams
    • Data Backups, Vaulting, Journaling, Shadowing
    • Alternate Sites
    • Emergency Response
    • Required notifications
    • BIA Tests

  • Analysis and Monitoring

    • Ethics - Due Care/Due diligence
    • Intellectual Property
    • Incident Response
    • Forensics
    • Evidence
    • Laws - HIPAA, GLB, SOX

  • Review and Q&A Session

    • Final Review and Test Prep