Название: The Official (ISC)2 SSCP CBK Reference
Автор: Mike Wills
Издательство: John Wiley & Sons Limited
Жанр: Зарубежная компьютерная литература
isbn: 9781119874874
isbn:
The goal for SSCP credential holders is to achieve the highest standard for cybersecurity expertise—managing multiplatform IT systems while keeping sensitive data secure. This becomes especially crucial in the era of digital transformation, where cybersecurity permeates virtually every data stream. Organizations that can demonstrate world-class cybersecurity capabilities and trusted transaction methods enable customer loyalty and fuel success.
The opportunity has never been greater for dedicated professionals like yourself to carve out a meaningful career and make a difference in their organizations. The Official (ISC)2 SSCP CBK Reference will be your constant companion in protecting and securing the critical data assets of your organization, and it will serve you for years to come as you progress in your career.
I wish you luck on the exam and success in your next step along your career path.
Best regards,
Clar Rosso, CEO, (ISC)2
Introduction
CONGRATULATIONS ON CHOOSING TO become a Systems Security Certified Practitioner (SSCP)! In making this choice, you're signing up to join the professionals who strive to keep our information-based modern world safe, secure, and reliable. SSCPs and other information security professionals help businesses and organizations keep private data private and help to ensure that published and public-facing information stays unchanged and unhacked.
Whether you are new to the fields of information security, information assurance, or cybersecurity, or you've been working with these concepts, tools, and ideas for some time now, this book is here to help you grow your knowledge, skills, and abilities as a systems security professional.
Let's see how!
ABOUT THIS BOOK
You're here because you need a ready reference source of ideas, information, knowledge, and experience about information systems security. Users of earlier editions of the CBK describe it as the place to go when you need to look up something about bringing your systems or networks back up and online—when you can't exactly Google it. As a first responder in an information security incident, you may need to rely on what you know and what you've got at hand as you characterize, isolate, and contain an intruder and their malware or other causal agents. This book cannot answer all of the questions you'll have in real time, but it may just remind you of important concepts as well as critical details when you need them. As with any reference work, it can help you think your way through to a solution. By taking key definitions and concepts and operationalizing them, showing how they work in practice, this book can enrich the checklists, troubleshooting guides, and task-focused procedures that you may already be using in your work.
The SSCP Seven Domains
This book directly reflects the SSCP Common Body of Knowledge, which is the comprehensive framework that (ISC)2 has developed to express what security professionals should have working knowledge of. These domains include theoretical knowledge, industry best practices, and applied skills and techniques. Chapter by chapter, this book takes you through these domains, with major headings within each chapter being your key to finding what you need when you need it. Topics that are covered in more than one domain will be found within sections or subsections in each chapter as appropriate.
This Sixth Edition has been updated to reflect (ISC)2's Domain Content Outline, released in November 2021. This outline update changed the relative order of the first two domains, but largely kept the topics within each domain the same. Revisions, clarifications, and additions have been made throughout, while a new Appendix brings topics from across those Domains together to provide you assistance with today's thorniest of information security challenges.
(ISC)2 is committed to helping members learn, grow, and thrive. The Common Body of Knowledge (CBK) is the comprehensive framework that helps it fulfill this commitment. The CBK includes all the relevant subjects a security professional should be familiar with, including skills, techniques, and best practices. (ISC)2 uses the various domains of the CBK to test a certificate candidate's levels of expertise in the most critical aspects of information security. You can see this framework in the SSCP Exam Outline at https://www.isc2.org/-/media/ISC2/Certifications/Exam-Outlines/2021/SSCP-Exam-Outline-English-Nov-2021.ashx?la=en&hash=ABCB9E34548D2E8170ADA04EAAD3003F5577D3F5
Successful candidates are competent in the following seven domains:
Domain 1 Security Operations and Administration Identification of information assets and documentation of policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability, such as:1.1 Comply with codes of ethics.1.2 Understand security concepts.1.3 Identify and implement security controls.1.4 Document and maintain functional security controls.1.5 Participate in asset management lifecycle (hardware, software, and data).1.6 Participate in change management lifecycle.1.7 Participate in implementing security awareness and training (e.g., social engineering/phishing).1.8 Collaborate with physical security operations (e.g., data center assessment, badging).
Domain 2 Access Controls Policies, standards, and procedures that define users (human and nonhuman) as entities with identities that are approved to use an organization's systems and information assets, what they can do, which resources and information they can access, and what operations they can perform on a system, such as:2.1 Implement and maintain authentication methods.2.2 Support internetwork trust architectures.2.3 Participate in the identity management lifecycle.2.4 Understand and apply access controls.
Domain 3 Risk Identification, Monitoring, and Analysis Risk identification is the review, analysis, and implementation of processes essential to the identification, measurement, and control of loss associated with unplanned adverse events.Monitoring and analysis are determining system implementation and access in accordance with defined IT criteria. This involves collecting information for identification of, and response to, security breaches or events, such as:3.1 Understand the risk management process.3.2 Understand legal and regulatory concerns (e.g., jurisdiction, limitations, privacy).3.3 Participate in security assessment and vulnerability management activities.3.4 Operate and monitor security platforms (e.g., continuous monitoring).3.5 Analyze monitoring results.
Domain 4 Incident Response and Recovery Prevent. Detect. Respond. Recover. Incident response and recovery focus on the near real-time actions that must take place if the organization is to survive a cyberattack or other information security incident, get back into operation, and continue as a viable entity. In this domain, the SSCP gains an understanding of how to handle incidents using consistent, applied approaches within a framework of business continuity planning (BCP) and disaster recovery planning (DRP). These approaches are utilized to mitigate damages, recover business operations, and avoid critical business interruption:4.1 Support incident lifecycle (e.g., National Institute of Standards and Technology [NIST], International Organization for Standardization [ISO]).4.2 Understand and support forensic investigations.4.3 Understand and support business continuity plan (BCP) and disaster recovery plan (DRP) activities.
Domain 5 Cryptography The protection of information using techniques that ensure its integrity, confidentiality, authenticity, and nonrepudiation, and therecovery of encrypted information in its original СКАЧАТЬ