The only SSCP study guide officially approved by (ISC)2
The (ISC)2 Systems Security Certified Practitioner (SSCP) certification is a well-known vendor-neutral global IT security certification. The SSCP is designed to show that holders have the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures.
This comprehensive Official Study Guide—the only study guide officially approved by (ISC)2—covers all objectives of the seven SSCP domains.
- Security Operations and Administration
- Access Controls
- Risk Identification, Monitoring, and Analysis
- Incident Response and Recovery
- Cryptography
- Network and Communications Security
- Systems and Application Security
This updated Third Edition covers the SSCP exam objectives effective as of November 2021. Much of the new and more advanced knowledge expected of an SSCP is now covered in a new chapter "Cross-Domain Challenges." If you're an information security professional or student of cybersecurity looking to tackle one or more of the seven domains of the SSCP, this guide gets you prepared to pass the exam and enter the information security workforce with confidence.
Table of Contents:
Introduction xxv
Assessment Test xlviii
Part I Getting Started as an SSCP 1
Chapter 1 The Business Case for Decision Assurance and Information Security 3
Information: The Lifeblood of Business 4
Policy, Procedure, and Process: How Business Gets Business Done 10
Who Runs the Business? 20
Summary 24
Exam Essentials 24
Review Questions 26
Chapter 2 Information Security Fundamentals 33
The Common Needs for Privacy, Confidentiality, Integrity, and Availability 34
Training and Educating Everybody 47
SSCPs and Professional Ethics 47
Summary 49
Exam Essentials 50
Review Questions 54
Part II Integrated Risk Management and Mitigation 61
Chapter 3 Integrated Information Risk Management 63
It’s a Dangerous World 64
The Four Faces of Risk 75
Getting Integrated and Proactive with Information Defense 83
Risk Management: Concepts and Frameworks 89
Risk Assessment 95
Four Choices for Limiting or Containing Damage 107
Summary 114
Exam Essentials 114
Review Questions 120
Chapter 4 Operationalizing Risk Mitigation 127
From Tactical Planning to Information Security Operations 128
Operationalizing Risk Mitigation: Step by Step 134
The Ongoing Job of Keeping Your Baseline Secure 164
Ongoing, Continuous Monitoring 174
Reporting to and Engaging with Management 182
Summary 183
Exam Essentials 183
Review Questions 189
Part III The Technologies of Information Security 197
Chapter 5 Communications and Network Security 199
Trusting Our Communications in a Converged World 200
Internet Systems Concepts 206
Two Protocol Stacks, One Internet 218
Wireless Network Technologies 240
IP Addresses, DHCP, and Subnets 243
IPv4 vs. IPv6: Important Differences and Options 248
CIANA Layer by Layer 251
Securing Networks as Systems 262
Summary 273
Exam Essentials 273
Review Questions 280
Chapter 6 Identity and Access Control 285
Identity and Access: Two Sides of the Same CIANA+PS Coin 286
Identity Management Concepts 288
Access Control Concepts 295
Network Access Control 305
Implementing and Scaling IAM 310
User and Entity Behavior Analytics (UEBA) 329
Zero Trust Architectures 332
Summary 333
Exam Essentials 334
Review Questions 343
Chapter 7 Cryptography 349
Cryptography: What and Why 350
Building Blocks of Digital Cryptographic Systems 358
Keys and Key Management 367
“Why Isn’t All of This Stuff Secret?” 373
Cryptography and CIANA+PS 375
Public Key Infrastructures 381
Applying Cryptography to Meet Different Needs 399
Managing Cryptographic Assets and Systems 405
Measures of Merit for Cryptographic Solutions 407
Attacks and Countermeasures 408
PKI and Trust: A Recap 418
On the Near Horizon 420
Summary 423
Exam Essentials 424
Review Questions 429
Chapter 8 Hardware and Systems Security 435
Infrastructure Security Is Baseline Management 437
Securing the Physical Context 442
Infrastructures 101 and Threat Modeling 444
Endpoint Security 457
Malware: Exploiting the Infrastructure’s Vulnerabilities 462
Privacy and Secure Browsing 466
“The Sin of Aggregation” 469
Updating the Threat Model 469
Managing Your Systems’ Security 470
Summary 471
Exam Essentials 472
Review Questions 478
Chapter 9 Applications, Data, and Cloud Security 483
It’s a Data-Driven World…At the Endpoint 484
Software as Appliances 487
Applications Lifecycles and Security 490
CIANA+PS and Applications Software Requirements 498
Application Vulnerabilities 504
“Shadow IT:” The Dilemma of the User as Builder 507
Information Quality and Information Assurance 511
Protecting Data in Motion, in Use, and at Rest 514
Into the Clouds: Endpoint App and Data Security Considerations 522
Legal and Regulatory Issues 533
Countermeasures: Keeping Your Apps and Data Safe and Secure 535
Summary 536
Exam Essentials 537
Review Questions 548
Part IV People Power: What Makes or Breaks Information Security 555
Chapter 10 Incident Response and Recovery 557
Defeating the Kill Chain One Skirmish at a Time 558
Harsh Realities of Real Incidents 564
Incident Response Framework 566
Preparation 571
Detection and Analysis 578
Containment and Eradication 584
Recovery: Getting Back to Business 587
Post-Incident Activities 590
Summary 594
Exam Essentials 595
Review Questions 601
Chapter 11 Business Continuity via Information Security and People Power 607
What Is a Disaster? 608
Surviving to Operate: Plan for It! 609
Timelines for BC/DR Planning and Action 615
Options for Recovery 617
Cloud- Based “Do- Over” Buttons for Continuity, Security, and Resilience 623
People Power for BC/DR 626
Security Assessment: For BC/DR and Compliance 633
Converged Communications: Keeping Them Secure During BC/DR Actions 634
Summary 637
Exam Essentials 637
Review Questions 641
Chapter 12 Cross-Domain Challenges 647
Operationalizing Security Across the Immediate and Longer Term 648
Supply Chains, Security, and the SSCP 657
Other Dangers on the Web and Net 662
On Our Way to the Future 666
Enduring Lessons 672
Your Next Steps 677
At the Close 678
Exam Essentials 678
Review Questions 683
Appendix Answers to Review Questions 689
Chapter 1: The Business Case for Decision Assurance and Information Security 690
Chapter 2: Information Security Fundamentals 693
Chapter 3: Integrated Information Risk Management 695
Chapter 4: Operationalizing Risk Mitigation 698
Chapter 5: Communications and Network Security 701
Chapter 6: Identity and Access Control 704
Chapter 7: Cryptography 707
Chapter 8: Hardware and Systems Security 709
Chapter 9: Applications, Data, and Cloud Security 712
Chapter 10: Incident Response and Recovery 715
Chapter 11: Business Continuity via Information Security and People Power 718
Chapter 12: Cross- Domain Challenges 722
Index 727
About the Author :
ABOUT THE AUTHOR
Michael S. Wills, SSCP, CISSP, CAMS, is Assistant Professor of Applied Information Technologies in the College of Business at the Embry-Riddle Aeronautical University’s Worldwide Campus. He has many years of experience designing, building, and operating cutting-edge secure systems, and wrote (ISC)2s official training courses for both the SSCP and CISSP. He is also the creator of ERAU’s Master of Science in Information Security and Assurance degree program.
