Systems Security Certified Practitioner (SSCP) – Zarys informacji

Szczegółowy program szkolenia

Domain 1: Security Operations and Administration
  • Comply with codes of ethics
  • Understand security concepts
  • Identify and implement security controls
  • Document and maintain functional security controls
  • Participate in asset management lifecycle
  • Participate in change management lifecycle
  • Participate in implementing security awareness and training
  • Collaborate with physical security operations
Domain 2: Access Controls
  • Implement and maintain authentication methods
  • Support internetwork trust architectures
  • Participate in the identity management lifecycle
  • Understand and apply access controls
Domain 3: Risk Identification, Monitoring, and Analysis
  • Understand the risk management process
  • Understand legal and regulatory concerns
  • Participate in security assessment and vulnerability management activities
  • Operate and monitor security platforms
  • Analyze monitoring results
Domain 4: Incident Response and Recovery
  • Support incident lifecycle
  • Understand and support forensic investigations
  • Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities
Domain 5: Cryptography
  • Understand cryptography
  • Apply cryptography concepts
  • Understand and implement secure protocols
  • Understand Public Key Infrastructure (PKI) systems
Domain 6: Network and Communication Security
  • Understand and apply fundamental concepts of networking
  • Understand network attacks and countermeasures (e.g., DDoS, man-in-the-middle, DNS poisoning)
  • Manage network access controls
  • Manage network security
  • Operate and configure network-based security devices
  • Secure wireless communications
Domain 7: Systems and Application Security
  • Identify and analyze malicious code and activity
  • Implement and operate endpoint device security
  • Administer Mobile Device Management (MDM)
  • Understand and configure cloud security
  • Operate and maintain secure virtual environments