(ISC)2 SSCP Systems Security Certified Practitioner Official Study Guide
The only SSCP study guide officially approved by (ISC)2 The (ISC)2 Systems Security Certified Practitioner (SSCP) certification is a well-known vendor-neutral global IT security certification. The SSCP is designed to show that holders have the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures. This comprehensive Official Study Guide—the only study guide officially approved by (ISC)2—covers all objectives of the seven SSCP domains. Access Controls Security Operations and Administration Risk Identification, Monitoring, and Analysis Incident Response and Recovery Cryptography Network and Communications Security Systems and Application Security If you’re an information security professional or student of cybersecurity looking to tackle one or more of the seven domains of the SSCP, this guide gets you prepared to pass the exam and enter the information security workforce with confidence.
Foreword xxi Introduction xxiii Self-Assessment xlv Part I Getting Started as an SSCP 1 Chapter 1 The Business Case for Decision Assurance and Information Security 3 Information: The Lifeblood of Business 4 Data, Information, Knowledge, Wisdom… 5 Information Is Not Information Technology 8 Policy, Procedure, and Process: How Business Gets Business Done 10 Who Is the Business? 11 “What’s Your Business Plan?” 12 Purpose, Intent, Goals, Objectives 13 Business Logic and Business Processes: Transforming Assets into Opportunity, Wealth, and Success 14 The Value Chain 15 Being Accountable 17 Who Runs the Business? 19 Owners and Investors 19 Boards of Directors 20 Managing or Executive Directors and the “C-Suite” 20 Layers of Function, Structure, Management, and Responsibility 21 Plans and Budgets, Policies, and Directives 22 Summary 23 Chapter 2 Information Security Fundamentals 25 The Common Needs for Privacy, Confidentiality, Integrity, and Availability 26 Privacy 26 Confidentiality 29 Integrity 30 Availability 31 Privacy vs. Security, or Privacy and Security? 32 CIA Needs of Individuals 34 Private Business’s Need for CIA 35 Government’s Need for CIA 36 The Modern Military’s Need for CIA 36 Do Societies Need CIA? 36 Training and Educating Everybody 38 SSCPs and Professional Ethics 38 Summary 40 Exam Essentials 40 Review Questions 44 Part II Integrated Risk Management and Mitigation 51 Chapter 3 Integrated Information Risk Management 53 It’s a Dangerous World 54 What Is Risk? 55 Risk: When Surprise Becomes Disruption 59 Information Security: Delivering Decision Assurance 60 “Common Sense” and Risk Management 63 The Four Faces of Risk 65 Outcomes-Based Risk 67 Process-Based Risk 67 Asset-Based Risk 68 Threat-Based (or Vulnerability-Based) Risk 69 Getting Integrated and Proactive with Information Defense 72 Trust, but Verify 76 Due Care and Due Diligence: Whose Jobs Are These? 76 Be Prepared: First, Set Priorities 77 Risk Management: Concepts and Frameworks 78 The SSCP and Risk Management 81 Plan, Do, Check, Act 82 Risk Assessment 84 Establish Consensus about Information Risk 84 Information Risk Impact Assessment 85 The Business Impact Analysis 92 From Assessments to Information Security Requirements 92 Four Choices for Limiting or Containing Damage 94 Deter 96 Detect 96 Prevent 97 Avoid 97 Summary 100 Exam Essentials 101 Review Questions 105 Chapter 4 Operationalizing Risk Mitigation 111 From Tactical Planning to Information Security Operations 112 Operationally Outthinking Your Adversaries 114 Getting Inside the Other Side’s OODA Loop 116 Defeating the Kill Chain 117 Operationalizing Risk Mitigation: Step by Step 118 Step 1: Assess the Existing Architectures 119 Step 2: Assess Vulnerabilities and Threats 126 Step 3: Select Risk Treatment and Controls 135 Step 4: Implement Controls 141 Step 5: Authorize: Senior Leader Acceptance and Ownership 146 The Ongoing Job of Keeping Your Baseline Secure 146 Build and Maintain User Engagement with Risk Controls 147 Participate in Security Assessments 148 Manage the Architectures: Asset Management and Configuration Control 151 Ongoing, Continuous Monitoring 152 Exploiting What Monitoring and Event Data Is Telling You 155 Incident Investigation, Analysis, and Reporting 159 Reporting to and Engaging with Management 160 Summary 161 Exam Essentials 161 Review Questions 166 Part III The Technologies of Information Security 173 Chapter 5 Communications and Network Security 175 Trusting Our Communications in a Converged World 176 Introducing CIANA 179 Threat Modeling for Communications Systems 180 Internet Systems Concepts 181 Datagrams and Protocol Data Units 182 Handshakes 184 Packets and Encapsulation 185 Addressing, Routing, and Switching 187 Network Segmentation 188 URLs and the Web 188 Topologies 189 “Best Effort” and Trusting Designs 193 Two Protocol Stacks, One Internet 194 Complementary, Not Competing, Frameworks 194 Layer 1: The Physical Layer 198 Layer 2: The Data Link Layer 199 Layer 3: The Network Layer 201 Layer 4: The Transport Layer 202 Layer 5: The Session Layer 206 Layer 6: The Presentation Layer 207 Layer 7: The Application Layer 208 Cross-Layer Protocols and Services 209 IP and Security 210 Layers or Planes? 211 Software-Defined Networks 212 Virtual Private Networks 213 A Few Words about Wireless 214 IP Addresses, DHCP, and Subnets 217 IPv4 Address Classes 217 Subnetting in IPv4 219 IPv4 vs. IPv6: Key Differences and Options 221 CIANA Layer by Layer 223 CIANA at Layer 1: Physical 223 CIANA at Layer 2: Data Link 226 CIANA at Layer 3: Network 228 CIANA at Layer 4: Transport 229 CIANA at Layer 5: Session 230 CIANA at Layer 6: Presentation 231 CIANA at Layer 7: Application 232 Securing Networks as Systems 233 A SOC Is Not a NOC 234 Tools for the SOC and the NOC 235 Integrating Network and Security Management 236 Summary 238 Exam Essentials 238 Review Questions 243 Chapter 6 Identity and Access Control 249 Identity and Access: Two Sides of the Same CIANA Coin 250 Identity Management Concepts 251 Identity Provisioning and Management 252 Identity and AAA 254 Access Control Concepts 255 Subjects and Objects—Everywhere! 257 Data Classification and Access Control 258 Bell-LaPadula and Biba Models 260 Role-Based 263 Attribute-Based 263 Subject-Based 264 Object-Based 264 Mandatory vs. Discretionary Access Control 264 Network Access Control 265 IEEE 802.1X Concepts 267 RADIUS Authentication 268 TACACS and TACACS+ 269 Implementing and Scaling IAM 270 Choices for Access Control Implementations 271 “Built-in” Solutions? 273 Multifactor Authentication 274 Server-Based IAM 276 Integrated IAM systems 277 Zero Trust Architectures 281 Summary 282 Exam Essentials 283 Review Questions 290 Chapter 7 Cryptography 297 Cryptography: What and Why 298 Codes and Ciphers: Defining Our Terms 300 Cryptography, Cryptology, or…? 305 Building Blocks of Digital Cryptographic Systems 306 Cryptographic Algorithms 307 Cryptographic Keys 308 Hashing as One-Way Cryptography 310 A Race Against Time 313 “The Enemy Knows Your System” 314 Keys and Key Management 314 Key Storage and Protection 315 Key Revocation and Zeroization 315 Modern Cryptography: Beyond the “Secret Decoder Ring” 317 Symmetric Key Cryptography 317 Asymmetric Key (or Public Key) Cryptography 318 Hybrid Cryptosystems 318 Design and Use of Cryptosystems 319 Cryptanalysis (White Hat and Black Hat) 319 Cryptographic Primitives 320 Cryptographic Engineering 320 “Why Isn’t All of This Stuff Secret?” 320 Cryptography and CIANA 322 Confidentiality 322 Authentication 323 Integrity 323 Nonrepudiation 324 “But I Didn’t Get That Email…” 324 Availability 325 Public Key Infrastructures 327 Diffie-Hellman-Merkle Public Key Exchange 328 RSA Encryption and Key Exchange 331 ElGamal Encryption 331 Digital Signatures 332 Digital Certificates and Certificate Authorities 332 Hierarchies (or Webs) of Trust 333 Pretty Good Privacy 337 TLS 338 HTTPS 340 Symmetric Key Algorithms and PKI 341 PKI and Trust: A Recap 342 Other Protocols: Applying Cryptography to Meet Different Needs 344 IPSec 344 S/MIME 345 DKIM 345 Blockchain 346 Access Control Protocols 348 Measures of Merit for Cryptographic Solutions 348 Attacks and Countermeasures 349 Brute Force and Dictionary Attacks 350 Side Channel Attacks 350 Numeric (Algorithm or Key) Attacks 351 Traffic Analysis, “Op Intel,” and Social Engineering Attacks 352 Massively Parallel Systems Attacks 353 Supply Chain Vulnerabilities 354 The “Sprinkle a Little Crypto Dust on It” Fallacy 354 Countermeasures 355 On the Near Horizon 357 Pervasive and Homomorphic Encryption 358 Quantum Cryptography and Post–Quantum Cryptography 358 AI, Machine Learning, and Cryptography 360 Summary 361 Exam Essentials 361 Review Questions 366 Chapter 8 Hardware and Systems Security 371 Infrastructure Security Is Baseline Management 372 It’s About Access Control… 373 It’s Also About Supply Chain Security 374 Do Clouds Have Boundaries? 375 Infrastructures 101 and Threat Modeling 376 Hardware Vulnerabilities 379 Firmware Vulnerabilities 380 Operating Systems Vulnerabilities 382 Virtual Machines and Vulnerabilities 385 Network Operating Systems 386 MDM, COPE, and BYOD 388 BYOI? BYOC? 389 Malware: Exploiting the Infrastructure’s Vulnerabilities 391 Countering the Malware Threat 394 Privacy and Secure Browsing 395 “The Sin of Aggregation” 397 Updating the Threat Model 398 Managing Your Systems’ Security 399 Summary 399 Exam Essentials 400 Review Questions 407 Chapter 9 Applications, Data, and Cloud Security 413 It’s a Data-Driven World…At the Endpoint 414 Software as Appliances 417 Applications Lifecycles and Security 420 The Software Development Lifecycle (SDLC) 421 Why Is (Most) Software So Insecure? 424 Hard to Design It Right, Easy to Fix It? 427 CIANA and Applications Software Requirements 428 Positive and Negative Models for Software Security 431 Is Blacklisting Dead? Or Dying? 432 Application Vulnerabilities 434 Vulnerabilities Across the Lifecycle 434 Human Failures and Frailties 436 “Shadow IT:” The Dilemma of the User as Builder 436 Data and Metadata as Procedural Knowledge 438 Information Quality and Information Assurance 440 Information Quality Lifecycle 441 Preventing (or Limiting) the “Garbage In” Problem 442 Protecting Data in Motion, in Use, and at Rest 443 Data Exfiltration I: The Traditional Threat 445 Detecting Unauthorized Data Acquisition 446 Preventing Data Loss 447 Into the Clouds: Endpoint App and Data Security Considerations 448 Cloud Deployment Models and Information Security 449 Cloud Service Models and Information Security 450 Clouds, Continuity, and Resiliency 452 Clouds and Threat Modeling 453 Cloud Security Methods 455 SLAs, TORs, and Penetration Testing 456 Data Exfiltration II: Hiding in the Clouds 456 Legal and Regulatory Issues 456 Countermeasures: Keeping Your Apps and Data Safe and Secure 458 Summary 459 Exam Essentials 460 Review Questions 470 Part IV People Power: What Makes or Breaks Information Security 477 Chapter 10 Incident Response and Recovery 479 Defeating the Kill Chain One Skirmish at a Time 480 Kill Chains: Reviewing the Basics 482 Events vs. Incidents 484 Incident Response Framework 485 Incident Response Team: Roles and Structures 487 Incident Response Priorities 490 Preparation 491 Preparation Planning 491 Put the Preparation Plan in Motion 493 Are You Prepared? 494 Detection and Analysis 497 Warning Signs 497 Initial Detection 499 Timeline Analysis 500 Notification 500 Prioritization 501 Containment and Eradication 502 Evidence Gathering, Preservation, and Use 504 Constant Monitoring 505 Recovery: Getting Back to Business 505 Data Recovery 506 Post-Recovery: Notification and Monitoring 508 Post-Incident Activities 508 Learning the Lessons 509 Support Ongoing Forensics Investigations 510 Information and Evidence Retention 511 Information Sharing with the Larger IT Security Community 511 Summary 512 Exam Essentials 512 Review Questions 518 Chapter 11 Business Continuity via Information Security and People Power 525 A Spectrum of Disruption 526 Surviving to Operate: Plan for It! 529 Cloud-Based “Do-Over” Buttons for Continuity, Security, and Resilience 531 CIANA at Layer 8 and Above 537 It Is a Dangerous World Out There 539 People Power for Secure Communications 541 POTS and VoIP Security 542 Summary 543 Exam Essentials 544 Review Questions 547 Chapter 12 Risks, Issues, and Opportunities, Starting Tomorrow 553 On Our Way to the Future 554 Access Control and Zero Trust 555 AI, ML, BI, and Trustworthiness 556 Quantum Communications, Computing, and Cryptography 557 Paradigm Shifts in Information Security? 558 Perception Management and Information Security 559 Widespread Lack of Useful Understanding of Core Technologies 560 IT Supply Chain Vulnerabilities 561 Government Overreactions 561 CIA, CIANA, or CIANAPS? 562 Enduring Lessons 563 You Cannot Legislate Security 563 It’s About Managing Our Security and Our Systems 563 People Put It Together 564 Maintain Flexibility of Vision 565 Accountability—It’s Personal. Make It So. 565 Stay Sharp 566 Your Next Steps 567 At the Close 568 Appendix Answers to Review Questions 569 Self-Assessment 570 Chapter 2: Information Security Fundamentals 576 Chapter 3: Integrated Information Risk Management 579 Chapter 4: Operationalizing Risk Mitigation 581 Chapter 5: Communications and Network Security 583 Chapter 6: Identity and Access Control 586 Chapter 7: Cryptography 589 Chapter 8: Hardware and Systems Security 592 Chapter 9: Applications, Data, and Cloud Security 594 Chapter 10: Incident Response and Recovery 597 Chapter 11: Business Continuity via Information Security and People Power 601 Index 605
Mike Wills, SSCP, CISSP, Assistant Professor and Program Chair of Applied Information Technologies in the College of Business at Embry-Riddle Aeronautical University's Worldwide Campus. Mike has been a pioneer in ethical hacking since his days as a phone phreak. His many years of cutting-edge experience in secure systems design, development, and operation have enriched the dozens of courses he's built and taught. He created ERAU's Master of Science in Information Security and Assurance degree program and leads the university's teaching and courseware development for the Microsoft Software & Systems Academy at ERAU's 13 US teaching sites.
Completely new for the 2018 updated exam objectives, including Access Controls, Security Operations and Administration, Risk Identification, Monitoring, and Analysis, and much more… Includes interactive online learning environment and study tools with: 450 Practice questions 100 Electronic flashcards Searchable key term glossary Your complete guide to preparing for the SSCP exam The (ISC)2 SSCP Official Study Guide, Second Edition is your one-stop resource for complete coverage of the SSCP exam objectives. This Sybex Study Guide leads self-paced learners on a topic-by-topic journey through the foundations and into in-depth explorations of SSCP knowledge domains, while also providing specific information relevant to helping businesses of all sizes remain accountable, compliant, and secure. This book guides your preparation for the SSCP Certification Exam — while providing current, focused tutorials and explanations of the underlying concepts, ideas, and technologies you'll use every day and for years to come. Coverage of all exam objectives in this Study Guide means you'll be ready for: Access Controls Security Operations and Administration Risk Identification, Monitoring, and Analysis Incident Response and Recovery Cryptography Network and Communications Security Systems and Application Security Interactive learning environment Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, visit http://www.wiley.com/go/sybextestprep, register your book to receive your unique PIN, and instantly gain a year of FREE access to: Interactive test bank with 2 practice exams, for a total of 450 questions! 100 electronic flashcards to reinforce learning and last-minute prep before the exam. Comprehensive glossary in PDF format gives you instant access to the key terms so you are fully prepared. ABOUT THE SSCP CERTIFICATION The SSCP recognizes your hands-on, technical abilities and practical experience. It proves you have that skills to implement, monitor, and administer IT infrastructure using information security policies and procedures—ensuring the confidentiality, integrity, and availability of data. This certification is ideal for students pursuing security degrees as well as those in the field looking to take their careers to the next level. Visit www.isc2.org/sscp to learn more.
Diese Produkte könnten Sie auch interessieren:
NeuheitenAdvanced Mathematics 92,99 €
Cybercrime Investigators Handbook 41,99 €
Anorganische Chemie für Dummies 17,99 €
The Handbook of White-Collar Crime 150,99 €
The Handbook of White-Collar Crime 150,99 €