What you’ll learn
Describe security and the alignment of asset management to risk management
Appraise risk management options and the use of access controls to protect assets
Examine the field of cryptographyto secure information and communication
Build a security posture by securing software, data, and endpoints
Apply network and communications security to establish a secure networked environment
Evaluate cloud and wireless security
Prepare for incident detection and response
Implement appropriate measures that contribute to the maturation of risk management
ISC2 at Lumify Work
ISC2: The world’s leading cyber security and IT security professional organisation. Lumify Work is one of only a few select training providers in Australia with campuses in New Zealand and the Philippines. We offer official ISC2 courses and training materials.
Who is the course for?
This course is for individuals planning to pursue the ISC2 SSCP certification. The SSCP is the ideal certification for those with proven technical skills and practical, hands-on security knowledge in operational IT roles. It provides confirmation of a practitioner's ability to implement, monitor, and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability.
Course subjects
Refer to the SSCP Exam Outline for a deeper dive into the SSCP domains.
Domain 1. Security Operations and Administration
Comply with codes of ethics
Understand security concepts
Identify and implement security controls
Document and maintain functional security controls
Participate in asset management lifecycle (hardware, software and data)
Participate in change management lifecycle
Participate in implementing security awareness and training (e.g., social engineering/ phishing)
Collaborate with physical security operations (e.g., data center assessment, badging)
Domain 2. Access Controls
Implement and maintain authentication methods
Support internetwork trust architectures
Participate in the identity management lifecycle
Understand and apply access controls
Domain 3. Risk Identification, Monitoring and Analysis
Understand the risk management process
Understand legal and regulatory concerns (e.g., jurisdiction, limitations, privacy)
Participate in security assessment and vulnerability management activities
Operate and monitor security platforms (e.g., continuous monitoring)
Analyse monitoring results
Domain 4. Incident Response and Recovery
Support incident lifecycle (e.g., National Institute of Standards and Technology (NIST), International Organisation for Standardisation (ISO))
Understand and support forensic investigations
Understand and support business continuity plan (BCP) and disaster recovery plan (DRP) activities
Domain 5. Cryptography
Understand reasons and requirements for cryptography
Apply cryptography concepts
Understand and implement secure protocols
Understand and support public key infrastructure (PKI) systems
Domain 6. Network and Communications Security
Understand and apply fundamental concepts of networking
Understand network attacks (e.g., distributed denial of service (DDoS), man-in-the-middle (MITM), Domain Name System (DNS) poisoning) and countermeasures (e.g., content delivery networks (CDN))
Manage network access controls
Manage network security
Operate and configure network-based security devices
Secure wireless communications
Domain 7. Systems and Application Security
Identify and analyse malicious code and activity
Implement and operate endpoint device security
Administer Mobile Device Management (MDM)
Understand and configure cloud security
Operate and maintain secure virtual environments
Prerequisites
Prior to taking this course the learner should have experience, skills, or knowledge obtained while serving in the following roles:
Network Security Engineer
IT/Systems/Network Administrator
Security Analyst
Systems Engineer
Security Consultant/Specialist
Security Administrator
Systems/Network Analyst
Database Administrator
Individuals operating in a security operations center (SOC) environment performing the role of incident handler, SIEM, forensics specialist, threat intel researcher, etc.
Exam candidates must have a minimum of one year cumulative paid work experience in one or more of the seven domains of the SSCP CBK® (Common Body of Knowledge). A one year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.
A candidate who doesn’t have the required experience to become an SSCP may become an Associate of ISC2 by successfully passing the SSCP exam. An Associate of ISC2 can then accumulate the necessary work experience to achieve full certification.
FREE E-BOOK: Meeting the Cyber Security Challenge
What are the top challenges in cyber security? Gain insight into how organisations can address challenges through cyber security training programs that build a skilled and diverse cyber workforce.
Terms & Conditions
The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.
