The official (ISC)2 SSCP CBK reference
The only official body of knowledge for SSCP--(ISC)2's popular credential for hands-on security professionals--fully revised and updated 2021 SSCP Exam Outline. Systems Security Certified Practitioner (SSCP) is an elite, hands-on cybersecurity certification that validates the technical skills t...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Hoboken, New Jersey :
John Wiley & Sons, Inc
[2022]
|
| Edición: | 6th ed |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009657417406719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright Page
- Acknowledgments
- About the Author
- About the Technical Editor
- Contents at a Glance
- Contents
- Introduction
- About This Book
- The SSCP Seven Domains
- Using This Book to Defeat the Cybersecurity Kill Chain
- Where Do You Go from Here?
- The SSCP CBK and Your Professional Growth Path
- Maintaining the SSCP Certification
- Join a Local Chapter
- Let's Get Started!
- How to Contact the Publisher
- Chapter 1 Security Operations and Administration
- Comply with Codes of Ethics
- Understand, Adhere to, and Promote Professional Ethics
- (ISC)2 Code of Ethics
- Organizational Code of Ethics
- Understand Security Concepts
- Conceptual Models for Information Security
- Confidentiality
- Integrity
- Availability
- Accountability
- Privacy
- Nonrepudiation
- Authentication
- Safety
- Fundamental Security Control Principles
- Access Control and Need-to-Know
- Job Rotation and Privilege Creep
- Document, Implement, and Maintain Functional Security Controls
- Deterrent Controls
- Preventative Controls
- Detective Controls
- Corrective Controls
- Compensating Controls
- The Lifecycle of a Control
- Participate in Asset Management
- Asset Inventory
- Lifecycle (Hardware, Software, and Data)
- Hardware Inventory
- Software Inventory and Licensing
- Data Storage
- Implement Security Controls and Assess Compliance
- Technical Controls
- Physical Controls
- Administrative Controls
- Periodic Audit and Review
- Participate in Change Management
- Execute Change Management Process
- Identify Security Impact
- Testing/Implementing Patches, Fixes, and Updates
- Participate in Security Awareness and Training
- Security Awareness Overview
- Competency as the Criterion
- Build a Security Culture, One Awareness Step at a Time
- Participate in Physical Security Operations.
- Physical Access Control
- The Data Center
- Service Level Agreements
- Summary
- Chapter 2 Access Controls
- Access Control Concepts
- Subjects and Objects
- Privileges: What Subjects Can Do with Objects
- Data Classification, Categorization, and Access Control
- Access Control via Formal Security Models
- Implement and Maintain Authentication Methods
- Single-Factor/Multifactor Authentication
- Accountability
- Single Sign-On
- Device Authentication
- Federated Access
- Support Internetwork Trust Architectures
- Trust Relationships (One-Way, Two-Way, Transitive)
- Extranet
- Third-Party Connections
- Zero Trust Architectures
- Participate in the Identity Management Lifecycle
- Authorization
- Proofing
- Provisioning/Deprovisioning
- Identity and Access Maintenance
- Entitlement
- Identity and Access Management Systems
- Implement Access Controls
- Mandatory vs. Discretionary Access Control
- Role-Based
- Attribute-Based
- Subject-Based
- Object-Based
- Summary
- Chapter 3 Risk Identification, Monitoring, and Analysis
- Defeating the Kill Chain One Skirmish at a Time
- Kill Chains: Reviewing the Basics
- Events vs. Incidents
- Understand the Risk Management Process
- Risk Visibility and Reporting
- Risk Management Concepts
- Risk Management Frameworks
- Risk Treatment
- Perform Security Assessment Activities
- Security Assessment Workflow Management
- Participate in Security Testing
- Interpretation and Reporting of Scanning and Testing Results
- Remediation Validation
- Audit Finding Remediation
- Manage the Architectures: Asset Management and Configuration Control
- Operate and Maintain Monitoring Systems
- Events of Interest
- Logging
- Source Systems
- Legal and Regulatory Concerns
- Analyze Monitoring Results
- Security Baselines and Anomalies
- Visualizations, Metrics, and Trends.
- Event Data Analysis
- Document and Communicate Findings
- Summary
- Chapter 4 Incident Response and Recovery
- Support the Incident Lifecycle
- Think like a Responder
- Physical, Logical, and Administrative Surfaces
- Incident Response: Measures of Merit
- The Lifecycle of a Security Incident
- Preparation
- Detection, Analysis, and Escalation
- Containment
- Eradication
- Recovery
- Lessons Learned
- Implementation of New Countermeasures
- Third-Party Considerations
- Understand and Support Forensic Investigations
- Legal and Ethical Principles
- Logistics Support to Investigations
- Evidence Handling
- Evidence Collection
- Understand and Support Business Continuity Plan and Disaster Recovery Plan Activities
- Emergency Response Plans and Procedures
- Interim or Alternate Processing Strategies
- Restoration Planning
- Backup and Redundancy Implementation
- Data Recovery and Restoration
- Training and Awareness
- Testing and Drills
- CIANA+PS at Layer 8 and Above
- It Is a Dangerous World Out There
- People Power and Business Continuity
- Summary
- Chapter 5 Cryptography
- Understand Fundamental Concepts of Cryptography
- Building Blocks of Digital Cryptographic Systems
- Hashing
- Salting
- Symmetric Block and Stream Ciphers
- Stream Ciphers
- EU ECRYPT
- Asymmetric Encryption
- Elliptical Curve Cryptography
- Nonrepudiation
- Digital Certificates
- Encryption Algorithms
- Key Strength
- Cryptographic Attacks, Cryptanalysis, and Countermeasures
- Cryptologic Hygiene as Countermeasures
- Common Attack Patterns and Methods
- Secure Cryptoprocessors, Hardware Security Modules, and Trusted Platform Modules
- Understand the Reasons and Requirements for Cryptography
- Confidentiality
- Integrity and Authenticity
- Data Sensitivity
- Availability
- Nonrepudiation
- Authentication
- Privacy.
- Safety
- Regulatory and Compliance
- Transparency and Auditability
- Competitive Edge
- Understand and Support Secure Protocols
- Services and Protocols
- Common Use Cases
- Deploying Cryptography: Some Challenging Scenarios
- Limitations and Vulnerabilities
- Understand Public Key Infrastructure Systems
- Fundamental Key Management Concepts
- Hierarchies of Trust
- Web of Trust
- Summary
- Chapter 6 Network and Communications Security
- Understand and Apply Fundamental Concepts of Networking
- Complementary, Not Competing, Frameworks
- OSI and TCP/IP Models
- OSI Reference Model
- TCP/IP Reference Model
- Converged Protocols
- Software-Defined Networks
- IPv4 Addresses, DHCP, and Subnets
- IPv4 Address Classes
- Subnetting in IPv4
- Running Out of Addresses?
- IPv4 vs. IPv6: Key Differences and Options
- Network Topographies
- Network Relationships
- Transmission Media Types
- Commonly Used Ports and Protocols
- Understand Network Attacks and Countermeasures
- CIANA+PS Layer by Layer
- Common Network Attack Types
- SCADA, IoT, and the Implications of Multilayer Protocols
- Manage Network Access Controls
- Network Access Control and Monitoring
- Network Access Control Standards and Protocols
- Remote Access Operation and Configuration
- Manage Network Security
- Logical and Physical Placement of Network Devices
- Segmentation
- Secure Device Management
- Operate and Configure Network-Based Security Devices
- Network Address Translation
- Additional Security Device Considerations
- Firewalls and Proxies
- Network Intrusion Detection/Prevention Systems
- Security Information and Event Management Systems
- Routers and Switches
- Network Security from Other Hardware Devices
- Traffic-Shaping Devices
- Operate and Configure Wireless Technologies
- Wireless: Common Characteristics
- Wi-Fi
- Bluetooth.
- Near-Field Communications
- Cellular/Mobile Phone Networks
- Ad Hoc Wireless Networks
- Transmission Security
- Wireless Security Devices
- Summary
- Chapter 7 Systems and Application Security
- Systems and Software Insecurity
- Software Vulnerabilities Across the Lifecycle
- Risks of Poorly Merged Systems
- Hard to Design It Right, Easy to Fix It?
- Hardware and Software Supply Chain Security
- Positive and Negative Models for Software Security
- Is Blocked Listing Dead? Or Dying?
- Information Security = Information Quality + Information Integrity
- Data Modeling
- Preserving Data Across the Lifecycle
- Identify and Analyze Malicious Code and Activity
- Malware
- Malicious Code Countermeasures
- Malicious Activity
- Malicious Activity Countermeasures
- Implement and Operate Endpoint Device Security
- HIDS
- Host-Based Firewalls
- Allowed Lists: Positive Control for App Execution
- Endpoint Encryption
- Trusted Platform Module
- Mobile Device Management
- Secure Browsing
- IoT Endpoint Security
- Operate and Configure Cloud Security
- Deployment Models
- Service Models
- Virtualization
- Legal and Regulatory Concerns
- Data Storage and Transmission
- Third-Party/Outsourcing Requirements
- Lifecycles in the Cloud
- Shared Responsibility Model
- Layered Redundancy as a Survival Strategy
- Operate and Secure Virtual Environments
- Software-Defined Networking
- Hypervisor
- Virtual Appliances
- Continuity and Resilience
- Attacks and Countermeasures
- Shared Storage
- Summary
- Appendix: Cross-Domain Challenges
- Paradigm Shifts in Information Security?
- Pivot 1: Turn the Attackers' Playbooks against Them
- ATT&
- CK: Pivoting Threat Intelligence
- Analysis: Real-Time and Retrospective
- The SOC as a Fusion Center
- All-Source, Proactive Intelligence: Part of the Fusion Center.
- Pivot 2: Cybersecurity Hygiene: Think Small, Act Small.
