Details

The Official (ISC)2 SSCP CBK Reference


The Official (ISC)2 SSCP CBK Reference


6. Aufl.

von: Mike Wills

51,99 €

Verlag: Wiley
Format: EPUB
Veröffentl.: 03.03.2022
ISBN/EAN: 9781119874874
Sprache: englisch
Anzahl Seiten: 832

DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

<b>The only official body of knowledge for SSCP—(ISC)2’s popular credential for hands-on security professionals—fully revised and updated 2021 SSCP Exam Outline.</b> <p>Systems Security Certified Practitioner (SSCP) is an elite, hands-on cybersecurity certification that validates the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures. SSCP certification—fully compliant with U.S. Department of Defense Directive 8140 and 8570 requirements—is valued throughout the IT security industry. <i>The Official (ISC)2 SSCP CBK Reference</i> is the only official Common Body of Knowledge (CBK) available for SSCP-level practitioners, exclusively from (ISC)2, the global leader in cybersecurity certification and training. <p>This authoritative volume contains essential knowledge practitioners require on a regular basis. Accurate, up-to-date chapters provide in-depth coverage of the seven SSCP domains: Security Operations and Administration; Access Controls; Risk Identification, Monitoring and Analysis; Incident Response and Recovery; Cryptography; Network and Communications Security; and Systems and Application Security. <p>Designed to serve as a reference for information security professionals throughout their careers, this indispensable (ISC)2 guide: <ul> <li>Provides comprehensive coverage of the latest domains and objectives of the SSCP</li> <li>Helps better secure critical assets in their organizations</li> <li>Serves as a complement to the <i>SSCP Study Guide</i> for certification candidates</li></ul> <p><i>The Official (ISC)2 SSCP CBK Reference</i> is an essential resource for SSCP-level professionals, SSCP candidates and other practitioners involved in cybersecurity.
<p>Foreword xxiii</p> <p>Introduction xxv</p> <p><b>Chapter 1: Security Operations and Administration 1</b></p> <p>Comply with Codes of Ethics 2</p> <p>Understand, Adhere to, and Promote Professional Ethics 3</p> <p>(ISC)2 Code of Ethics 4</p> <p>Organizational Code of Ethics 5</p> <p>Understand Security Concepts 6</p> <p>Conceptual Models for Information Security 7</p> <p>Confidentiality 8</p> <p>Integrity 15</p> <p>Availability 17</p> <p>Accountability 18</p> <p>Privacy 18</p> <p>Nonrepudiation 26</p> <p>Authentication 27</p> <p>Safety 28</p> <p>Fundamental Security Control Principles 29</p> <p>Access Control and Need-to-Know 34</p> <p>Job Rotation and Privilege Creep 35</p> <p>Document, Implement, and Maintain Functional Security Controls 37</p> <p>Deterrent Controls 37</p> <p>Preventative Controls 39</p> <p>Detective Controls 39</p> <p>Corrective Controls 40</p> <p>Compensating Controls 41</p> <p>The Lifecycle of a Control 42</p> <p>Participate in Asset Management 43</p> <p>Asset Inventory 44</p> <p>Lifecycle (Hardware, Software, and Data) 47</p> <p>Hardware Inventory 48</p> <p>Software Inventory and Licensing 49</p> <p>Data Storage 50</p> <p>Implement Security Controls and Assess Compliance 56</p> <p>Technical Controls 57</p> <p>Physical Controls 58</p> <p>Administrative Controls 61</p> <p>Periodic Audit and Review 64</p> <p>Participate in Change Management 66</p> <p>Execute Change Management Process 68</p> <p>Identify Security Impact 70</p> <p>Testing/Implementing Patches, Fixes, and Updates 70</p> <p>Participate in Security Awareness and Training 71</p> <p>Security Awareness Overview 72</p> <p>Competency as the Criterion 73</p> <p>Build a Security Culture, One Awareness Step at a Time 73</p> <p>Participate in Physical Security Operations 74</p> <p>Physical Access Control 74</p> <p>The Data Center 78</p> <p>Service Level Agreements 79</p> <p>Summary 82</p> <p><b>Chapter 2: Access Controls 83</b></p> <p>Access Control Concepts 85</p> <p>Subjects and Objects 86</p> <p>Privileges: What Subjects Can Do with Objects 88</p> <p>Data Classification, Categorization, and Access Control 89</p> <p>Access Control via Formal Security Models 91</p> <p>Implement and Maintain Authentication Methods 94</p> <p>Single-Factor/Multifactor Authentication 95</p> <p>Accountability 114</p> <p>Single Sign-On 116</p> <p>Device Authentication 117</p> <p>Federated Access 118</p> <p>Support Internetwork Trust Architectures 120</p> <p>Trust Relationships (One-Way, Two-Way, Transitive) 121</p> <p>Extranet 122</p> <p>Third-Party Connections 123</p> <p>Zero Trust Architectures 124</p> <p>Participate in the Identity Management Lifecycle 125</p> <p>Authorization 126</p> <p>Proofing 127</p> <p>Provisioning/Deprovisioning 128</p> <p>Identity and Access Maintenance 130</p> <p>Entitlement 134</p> <p>Identity and Access Management Systems 137</p> <p>Implement Access Controls 140</p> <p>Mandatory vs. Discretionary Access Control 141</p> <p>Role-Based 142</p> <p>Attribute-Based 143</p> <p>Subject-Based 144</p> <p>Object-Based 144</p> <p>Summary 145</p> <p><b>Chapter 3: Risk Identification, Monitoring, And Analysis 147</b></p> <p>Defeating the Kill Chain One Skirmish at a Time 148</p> <p>Kill Chains: Reviewing the Basics 151</p> <p>Events vs. Incidents 155</p> <p>Understand the Risk Management Process 156</p> <p>Risk Visibility and Reporting 159</p> <p>Risk Management Concepts 165</p> <p>Risk Management Frameworks 185</p> <p>Risk Treatment 195</p> <p>Perform Security Assessment Activities 203</p> <p>Security Assessment Workflow Management 204</p> <p>Participate in Security Testing 206</p> <p>Interpretation and Reporting of Scanning and Testing Results 215</p> <p>Remediation Validation 216</p> <p>Audit Finding Remediation 217</p> <p>Manage the Architectures: Asset Management and Configuration Control 218</p> <p>Operate and Maintain Monitoring Systems 220</p> <p>Events of Interest 222</p> <p>Logging 229</p> <p>Source Systems 230</p> <p>Legal and Regulatory Concerns 236</p> <p>Analyze Monitoring Results 238</p> <p>Security Baselines and Anomalies 240</p> <p>Visualizations, Metrics, and Trends 243</p> <p>Event Data Analysis 244</p> <p>Document and Communicate Findings 245</p> <p>Summary 246</p> <p><b>Chapter 4: Incident Response and Recovery 247</b></p> <p>Support the Incident Lifecycle 249</p> <p>Think like a Responder 253</p> <p>Physical, Logical, and Administrative Surfaces 254</p> <p>Incident Response: Measures of Merit 254</p> <p>The Lifecycle of a Security Incident 255</p> <p>Preparation 257</p> <p>Detection, Analysis, and Escalation 264</p> <p>Containment 275</p> <p>Eradication 277</p> <p>Recovery 279</p> <p>Lessons Learned; Implementation of New Countermeasures 283</p> <p>Third-Party Considerations 284</p> <p>Understand and Support Forensic Investigations 287</p> <p>Legal and Ethical Principles 289</p> <p>Logistics Support to Investigations 291</p> <p>Evidence Handling 292</p> <p>Evidence Collection 297</p> <p>Understand and Support Business Continuity Plan and Disaster Recovery Plan Activities 306</p> <p>Emergency Response Plans and Procedures 307</p> <p>Interim or Alternate Processing Strategies 310</p> <p>Restoration Planning 313</p> <p>Backup and Redundancy Implementation 315</p> <p>Data Recovery and Restoration 319</p> <p>Training and Awareness 321</p> <p>Testing and Drills 322</p> <p>CIANA+PS at Layer 8 and Above 328</p> <p>It <i>I<b>s </b></i>a Dangerous World Out There 329</p> <p>People Power and Business Continuity 333</p> <p>Summary 333</p> <p><b>Chapter 5: Cryptography 335</b></p> <p>Understand Fundamental Concepts of Cryptography 336</p> <p>Building Blocks of Digital Cryptographic Systems 339</p> <p>Hashing 347</p> <p>Salting 351</p> <p>Symmetric Block and Stream Ciphers 353</p> <p>Stream Ciphers 365</p> <p>Eu Ecrypt 371</p> <p>Asymmetric Encryption 371</p> <p>Elliptical Curve Cryptography 380</p> <p>Nonrepudiation 383</p> <p>Digital Certificates 388</p> <p>Encryption Algorithms 392</p> <p>Key Strength 393</p> <p>Cryptographic Attacks, Cryptanalysis, and Countermeasures 395</p> <p>Cryptologic Hygiene as Countermeasures 396</p> <p>Common Attack Patterns and Methods 401</p> <p>Secure Cryptoprocessors, Hardware Security Modules, and Trusted Platform Modules 409</p> <p>Understand the Reasons and Requirements for Cryptography 414</p> <p>Confidentiality 414</p> <p>Integrity and Authenticity 415</p> <p>Data Sensitivity 417</p> <p>Availability 418</p> <p>Nonrepudiation 418</p> <p>Authentication 420</p> <p>Privacy 421</p> <p>Safety 422</p> <p>Regulatory and Compliance 423</p> <p>Transparency and Auditability 423</p> <p>Competitive Edge 424</p> <p>Understand and Support Secure Protocols 424</p> <p>Services and Protocols 425</p> <p>Common Use Cases 437</p> <p>Deploying Cryptography: Some Challenging Scenarios 442</p> <p>Limitations and Vulnerabilities 444</p> <p>Understand Public Key Infrastructure Systems 446</p> <p>Fundamental Key Management Concepts 447</p> <p>Hierarchies of Trust 459</p> <p>Web of Trust 462</p> <p>Summary 464</p> <p><b>Chapter 6: Network and Communications Security 467</b></p> <p>Understand and Apply Fundamental Concepts of Networking 468</p> <p>Complementary, Not Competing, Frameworks 470</p> <p>OSI and TCP/IP Models 471</p> <p>OSI Reference Model 486</p> <p>TCP/IP Reference Model 501</p> <p>Converged Protocols 508</p> <p>Software-Defined Networks 509</p> <p>IPv4 Addresses, DHCP, and Subnets 510</p> <p>IPv4 Address Classes 510</p> <p>Subnetting in IPv4 512</p> <p>Running Out of Addresses? 513</p> <p>IPv4 vs. IPv6: Key Differences and Options 514</p> <p>Network Topographies 516</p> <p>Network Relationships 521</p> <p>Transmission Media Types 525</p> <p>Commonly Used Ports and Protocols 530</p> <p>Understand Network Attacks and Countermeasures 536</p> <p>CIANA+PS Layer by Layer 538</p> <p>Common Network Attack Types 553</p> <p>SCADA, IoT, and the Implications of Multilayer Protocols 562</p> <p>Manage Network Access Controls 565</p> <p>Network Access Control and Monitoring 568</p> <p>Network Access Control Standards and Protocols 573</p> <p>Remote Access Operation and Configuration 575</p> <p>Manage Network Security 583</p> <p>Logical and Physical Placement of Network Devices 586</p> <p>Segmentation 587</p> <p>Secure Device Management 591</p> <p>Operate and Configure Network-Based Security Devices 593</p> <p>Network Address Translation 594</p> <p>Additional Security Device Considerations 596</p> <p>Firewalls and Proxies 598</p> <p>Network Intrusion Detection/Prevention Systems 605</p> <p>Security Information and Event Management Systems 607</p> <p>Routers and Switches 609</p> <p>Network Security from Other Hardware Devices 610</p> <p>Traffic-Shaping Devices 613</p> <p>Operate and Configure Wireless Technologies 615</p> <p>Wireless: Common Characteristics 616</p> <p>Wi-Fi 624</p> <p>Bluetooth 637</p> <p>Near-Field Communications 638</p> <p>Cellular/Mobile Phone Networks 639</p> <p>Ad Hoc Wireless Networks 640</p> <p>Transmission Security 642</p> <p>Wireless Security Devices 645</p> <p>Summary 646</p> <p><b>Chapter 7: Systems and Application Security 649</b></p> <p>Systems and Software Insecurity 650</p> <p>Software Vulnerabilities Across the Lifecycle 654</p> <p>Risks of Poorly Merged Systems 663</p> <p>Hard to Design It Right, Easy to Fix It? 664</p> <p>Hardware and Software Supply Chain Security 667</p> <p>Positive and Negative Models for Software Security 668</p> <p>Is Blocked Listing Dead? Or Dying? 669</p> <p>Information Security = Information Quality + Information Integrity 670</p> <p>Data Modeling 671</p> <p>Preserving Data Across the Lifecycle 674</p> <p>Identify and Analyze Malicious Code and Activity 678</p> <p>Malware 679</p> <p>Malicious Code Countermeasures 682</p> <p>Malicious Activity 684</p> <p>Malicious Activity Countermeasures 688</p> <p>Implement and Operate Endpoint Device Security 689</p> <p>HIDS 691</p> <p>Host-Based Firewalls 692</p> <p>Allowed Lists: Positive Control for App Execution 693</p> <p>Endpoint Encryption 694</p> <p>Trusted Platform Module 695</p> <p>Mobile Device Management 696</p> <p>Secure Browsing 697</p> <p>IoT Endpoint Security 700</p> <p>Endpoint Security: EDR, MDR, XDR, UEM, and Others 701</p> <p>Operate and Configure Cloud Security 701</p> <p>Deployment Models 702</p> <p>Service Models 703</p> <p>Virtualization 706</p> <p>Legal and Regulatory Concerns 709</p> <p>Data Storage and Transmission 716</p> <p>Third-Party/Outsourcing Requirements 716</p> <p>Lifecycles in the Cloud 717</p> <p>Shared Responsibility Model 718</p> <p>Layered Redundancy as a Survival Strategy 719</p> <p>Operate and Secure Virtual Environments 720</p> <p>Software-Defined Networking 723</p> <p>Hypervisor 725</p> <p>Virtual Appliances 726</p> <p>Continuity and Resilience 727</p> <p>Attacks and Countermeasures 727</p> <p>Shared Storage 729</p> <p>Summary 730</p> <p><b>Appendix: Cross-Domain Challenges 731</b></p> <p>Paradigm Shifts in Information Security? 732</p> <p>Pivot 1: Turn the Attackers’ Playbooks Against Them 734</p> <p>ATT&CK: Pivoting Threat Intelligence 734</p> <p>Analysis: Real-Time and Retrospective 735</p> <p>The SOC as a Fusion Center 737</p> <p>All-Source, Proactive Intelligence: Part of the Fusion Center 738</p> <p>Pivot 2: Cybersecurity Hygiene: Think Small, Act Small 739</p> <p>CIS IG 1 for the SMB and SME 740</p> <p>Hardening Individual Cybersecurity 740</p> <p>Assume the Breach 742</p> <p>Pivot 3: Flip the “Data-Driven Value Function” 743</p> <p>Data-Centric Defense and Resiliency 744</p> <p>Ransomware as a Service 745</p> <p>Supply Chains, Security, and the SSCP 746</p> <p>ICS, IoT, and SCADA: More Than SUNBURST 747</p> <p>Extending Physical Security: More Than Just Badges and Locks 749</p> <p>The IoRT: Robots Learning via the Net 750</p> <p>Pivot 4: Operationalize Security Across the Immediate and Longer Term 751</p> <p>Continuous Assessment and Continuous Compliance 752</p> <p>SDNs and SDS 753</p> <p>SOAR: Strategies for Focused Security Effort 755</p> <p>A “DevSecOps” Culture: SOAR for Software Development 756</p> <p>Pivot 5: Zero-Trust Architectures and Operations 757</p> <p>FIDO and Passwordless Authentication 760</p> <p>Threat Hunting, Indicators, and Signature Dependence 761</p> <p>Other Dangers on the Web and Net 763</p> <p>Surface, Deep, and Dark Webs 763</p> <p>Deep and Dark: Risks and Countermeasures 764</p> <p>DNS and Namespace Exploit Risks 765</p> <p>Cloud Security: Edgier and Foggier 766</p> <p>Curiosity as Countermeasure 766</p> <p>Index 769</p>
<p><b>“As our world becomes more complex and interconnected, organizations across the globe need qualified cybersecurity professionals to protect their most critical assets from our adversaries. Becoming a Systems Security Certified Practitioner (SSCP) catapults individuals forward in their cybersecurity career in more ways than one. The respected certification quickly validates the breadth and depth of a certified individual’s practical security knowledge and opens the door for more advanced career opportunities. The SSCP CBK is the ultimate reference guide for those taking the next step on their cybersecurity career path.”</b></p> <p>—Clar Rosso, CEO (ISC)<sup>2</sup> <p>Cybersecurity professionals are responsible for protecting information central to virtually every aspect of modern life. Systems Security Certified Practitioners (SSCP) ensure that businesses and organizations keep private data safe, secure, and reliable. This elite certification validates technical skills to implement, monitor, and administer IT infrastructure using appropriate information security policies and procedures. Information security professionals need to keep pace with new threats and the ever-changing ways organizations use the Internet and information technology. <i>The Official (ISC)<sup>2</sup> SSCP CBK Reference</i> is the only official Common Body of Knowledge (CBK) for SSCP-level practitioners from (ISC)<sup>2</sup>, a global leader in cybersecurity certification and training. <p>Updated for the 2021 SSCP Exam Outline, this comprehensive volume provides detailed, fully up-to-date coverage of the seven SSCP domains: Security Operations and Administration; Access Controls; Risk Identification, Monitoring and Analysis; Incident Response and Recovery; Cryptography; Network and Communications Security; and Systems and Application Security. The book is organized around domain-based concepts, ideas, problems, and solutions to help you find the right information quickly and efficiently. Fundamental principles, design standards, and techniques are demonstrated by numerous illustrated examples, tables, and real-world scenarios. It contains in-depth coverage of theoretical knowledge, industry best practices, and applied skills including implementing and maintaining authentication methods, implementing security controls and assessing compliance, supporting forensic investigations, cryptography and Public Key Infrastructure (PKI) systems, and analyzing malicious code and activity. <p>An ideal complement to the <i>SSCP Study Guide, 3<sup>rd</sup> Edition</i> this indispensable resource will serve as your authoritative reference source throughout your career.

Diese Produkte könnten Sie auch interessieren:

Symbian OS Explained
Symbian OS Explained
von: Jo Stichbury
PDF ebook
32,99 €
Symbian OS Internals
Symbian OS Internals
von: Jane Sales
PDF ebook
56,99 €
Parallel Combinatorial Optimization
Parallel Combinatorial Optimization
von: El-Ghazali Talbi
PDF ebook
120,99 €