SSCP Cert Prep: 2 Security Operations and Administration

May 20, 2018 Courses
SSCP Cert Prep: 2 Security Operations and Administration

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 2h 59m | 422 MB

The (ISC)2 Systems Security Certified Practitioner (SSCP) certification is an excellent entry point to a career in IT security. To help you prepare for the SSCP exam, instructor Mike Chapple has designed a series of courses covering each domain. In this installment, Mike covers the objectives of Security Operations and Administration, the second domain, which comprises 17% of the questions on the exam. Topics include the security triad, data security, security controls, and compliance training. Learn about core concepts and the security code of ethics, and find out how to document controls, start asset and change management programs, conduct security awareness and training, implement physical controls, and assess the compliance of your organization.

Topics include:

  • The security triad: confidentiality, integrity, and availability
  • Security principles
  • Resource security
  • Data security
  • Security controls
  • Assessing security controls
  • Security policy
  • Physical security
Table of Contents

Introduction
1 Welcome
2 What you need to know

The Security Triad
3 The goals of information security
4 Confidentiality
5 Integrity
6 Availability

Security Principles
7 Accountability
8 Privacy compliance
9 Employee privacy
10 Need to know and least privilege
11 Separation of duties and responsibilities

Resource Security
12 Physical asset management
13 Change and configuration management
14 Software licensing

Data Security
15 Understanding data security
16 Data security policies
17 Data security roles
18 Data privacy
19 Limiting data collection

Data Security Controls
20 Developing security baselines
21 Leveraging industry standards
22 Customizing security standards
23 File permissions
24 Data encryption
25 Cloud storage security
26 Information classification

Security Controls
27 Security control selection and implementation
28 Control frameworks

Assessing Security Controls
29 Collect security process data
30 Management review
31 Security metrics
32 Audits and assessments
33 Control management

Security Policy
34 Security policy framework
35 Security policies

Awareness and Training
36 Security policy training and procedures
37 Compliance training
38 User habits
39 User-based threats
40 Measuring compliance and security posture
41 Awareness program reviews

Physical Security
42 Site and facility design
43 Data center environmental controls
44 Data center environmental protection
45 Physical security control types
46 Physical access control
47 Visitor management

Next Steps
48 Ethics

Resolve the captcha to access the links!