| ISC SSCP Value Pack |
|||||
|---|---|---|---|---|---|
 Save $19.99 Now $154.98 $134.99 
|
|
||||
| ISC SSCP Preparation Materials | |||
|---|---|---|---|
| |||
 | |||
|
1074 Questions
Introduction:
International Information Systems Security Certification Consortium (ISC) is the world's largest IT security organization which specializes in certifications on information security. Systems Security Certified Practitioner (SSCP) is worldwide accepted certification exam specially designed for IT professionals who wants to set their career in information security field. The ISC SSCP exam has been divided into seven Common body of knowledge (CBK) domains as follows:
- Access controls over the system
- Cryptography
- Malicious program code and activity
- Analysis and Monitoring of security incidents
- Networks and communications between systems
- Risks, responses and recovery of system data
- Security Operations and Administration
Authentication mechanisms, Security concepts, firewalls, Data management policies, risk management process, cloud computing, Internetwork trust architectures are some major topics covered for this exam.
Exam description:
Why is this exam required?
ISC SSCP exam is an entry level certification exam which proves the certified candidate has gained basic knowledge about information security, tools and procedures to safeguard system security. The certified professional is practically and theoretically trained up with the concepts below.
- Concepts of access controls.
- Identity management.
- Assistance and evaluation of security.
- Infrastructure of Information communication technology.
- Endpoint device security.
- Analysis of security incident handling and disaster recovery plans.
- Secure protocols, cryptography concepts, key management.
- Remote access, telecommunications, wireless and cellular technologies.
Associated exams:
The ISC SSCP exam is an entry level exam. The IT professional after getting certified in this exam, can move to a higher level which is CAP (Certified Authorized Professional) designed for specialization in Risk Tolerance and Authorization concepts. Some of the other associated exams as follows
- Certified Secure Software Lifecycle Professional (CSSLP) which champions in system security by using softwares.
- Certified Information Systems Security Professional (CISSP) which expertise in data security concepts currently in practice in the industry.
- Certified Cyber Forensics Professional (CCFP) which expertise in forensic techniques and procedures,
- HealthCare Information Security and Privacy Practitioner (HCISSP) is basically about information security in healthcare industry.
Pre-requisites:
Although ISC SSCP exam is a terrific entry level certification program, it requires the exam undergoing candidates to have knowledge in prior about networks and communications between networks, some security concepts, tools and procedures. So, the pre-requisite set for this exam is that the candidate should have one year work experience in any one or more of the domains/topics that the exam covers.
Objectives of the exam:
The ISC SSCP exam trains an IT professional in maintaining the confidentiality, integrity and availability of system data. An IT professional, in order to get through this exam needs to have basic knowledge about networks and network communications, common security attacks, security tools used in IT industry to recover system data. The ISC SSCP exam covers seven domains under which many sub-topics are covered.
- Access controls
This chapter provides authentication rights to the users, setting permissions for every user in the network. Logical Access Controls - Subjects & Objects, Authentication Mechanisms, Access Control Concepts, Internetwork Trust Architectures, Identity Management and Cloud Computing are the topics which are covered in this chapter.
- Security Operations and Administration
Code of ethics, Security Administration, Security evaluation, assistance and awareness, Security concepts, Change management, Information communication technology infrastructure, Endpoint device security, Data management policies are the sub-topics of this chapter. It covers identifying the data assets of the organization and documenting the policies, guidelines, procedures and standards.
- Monitoring and Analysis
It involves determination of system access and implementation and information gathering of security breaches. It covers monitoring network communications and the results of monitoring being analyzed.
- Risk, response and recovery
Risk Management Process, Security Assessment Activities, Incident Handling Analysis, Business Continuity Plan (BCP), Disaster Recovery Plan (DRP) are the topics involved and include learning of the threats and vulnerabilities caused due to loss of access control, the consequence of the loss and techniques to recover the lost data.
- Cryptography
This involves data protection using encryption and decryption techniques. Certificate and key management and secure protocols lie in this section.
- Networks and Communications
Structure of networks and communications between networks, security measures used during message transmission are the topics discussed. Networks, Telecommunications, Wireless communication technologies, Remote access, proxies and firewalls are the sub topics.
- Malicious code and activity
Prevention techniques for dealing with worms, viruses, Trojan horses are discussed here.
Career Prospects:
Networks is the fastest growing field in IT technology. The risks also grows along with it. IT companies prefer professional with basic administrator skills to understand the risks involved and quickly respond to a security incident. By hiring a SSCP certified professional, the organization also gets benefited by setting the best standard policies and procedures.
As an ISC SSCP certified professional, the candidate is exposed better in the IT industry. The professional can post his resumes for numerous job roles such as application programmer, system administrator, systems analyst, security architect/consultant/specialist and so on.
