Systems Security Certified Practitioner (2022)
Systems Security Certified Practitioner (2022) Overview
0h 6m
You're watching ITProTV.
[MUSIC]
Hello everybody and welcome to
the overview for the SSCP course.
My name is Adam Gordon,
an edutainer here at ITProTV.
You can think of me as your success guide,
as we're gonna take
a journey together throughout the course,
helping you to prepare for,
understand everything you need to
know to take and pass the SSCP exam.
You can see the SSCP is considered to
be the Premier Security Administration
Certification from ISC
squared currently in market.
Our course is gonna cover
all of the domains,
we'll talk about those in just
a minute and what they are,
that you need to focus on in
order to prepare for the exam.
Now, the SSCP has been around for
some time.
I've been teaching SSCP material along
with many of the other ISC squared
certification courses for
a very, very long time.
I actually have held the SSCP since it
first became available in the market, and
I've been involved with not only
development of curriculum for
this and other ISC squared certifications,
but I've also been involved as
a member of the ISC squared certification
community for a very long time.
Hopefully you will be as you
complete your journey and
successfully taken passed your exam.
It is the first step on the road for
many IT security professionals towards
higher level certifications, and
it's important to think about
that as we look to get started.
All right, let's take a look at what those
domains are actually going to be like,
there are seven of them overall.
We wanna take a look just at a high
level at what they are, and then
we're gonna zoom in a little bit in just
a moment just to see them in more detail.
But I wanna point out while
we're looking at the page here,
down at the bottom the green box that
says SSCP exam outline, you can download
a copy of the exam outline directly
from ISC squared, it's free, it's PDF.
We're gonna follow that
outline in the course, so
it's already been reproduced for
you as we go on our journey together.
But if you like to reference a simple
document, we invite you to go ahead and
do that right from the website.
Let's take a closer look at the seven
domains, so we can see what they are and
really just have a moment to
understand what's in them and
understand how we're gonna approach them.
As we zoom in, you'll be able to
see that they indeed are going to
encompass a very large amount of,
let's say material and
coverage area we often talk
about in this CISSP exam,
the more senior level exam for IT security
professionals that ISC squared has.
We often talk about the domain and
the coverage of the domains as
being mile wide and an inch deep.
As we look at them, not quite mile wide
and an inch deep here with SSCP, but
across seven domains we are gonna have an
opportunity to discuss a lot of important
themes, ideas, approaches, methodologies,
and the information that you're gonna need
to know to synthesize and apply in order
to be able to be successful on the exam.
We'll see in Domain One security
operations and administration that we're
gonna be able to talk about the ways in
which is an IT security professional,
we approach implementing
security within organizations and
how we offer that guidance
necessary to do so effectively.
As we move to Domain Two, access controls,
we think about identity and access
management, privileged access management,
access control models and a lot of
other things relevant to the identity
of management across an organization.
In Domain Three, risk identification
monitoring and analysis.
We're gonna take a look at and
talk about the foundational,
fundamental things that allow us to
build information security management
systems and think about enterprise
security architectures.
We'll frame risk, understand the analysis
methodologies associated with doing so,
business impact analysis, for
instance, security impact analysis,
privacy impact analysis among others.
We'll talk about how we can leverage those
methodologies along with a fundamental
definition and understanding of risk via
NIST SP 830-R1 reference document that
gives us the vocabulary to discuss and
understand risk within an organization.
So move to Domain Four, incident response
and recovery, we'll narrow our focus and
be really aligned with the ideas of
business continuity and disaster recovery.
So, BCDR, what are those approaches?
How do we address incident response?
What's that methodological and
process-driven flow that allows us to be
effective in not only identifying, but
ultimately containing and then remediating
those incidents when they occur.
We can see in Domain Five, cryptography,
well, the name implies what we're gonna be
doing there, we'll be focusing on
cryptography, understand hopefully both
the symmetric and asymmetric approaches
associated with cryptography.
Take a look at different algorithms and
of course the secure protocols that can
be used aligned with cryptography
to ensure secure communication.
Things like ITSEC for instance, we'll
leverage that as we get in Domain Six,
network communications and security.
We'll talk more broadly about how
we establish secure communications,
ITSEC, of course,
will be part of that conversation.
Again, but so will things like VPNs and
the use of the secure methodologies and
the secure approaches that allow
us to communicate but to do so
in fundamentally secure ways of focusing
on confidentiality as well as integrity,
two of the three pillars that make
up what we call the iron triangle or
the CIA triad, confidentiality,
integrity but also availability.
And finally in Domain Seven, systems and
application security, we'll round out our
conversations, talking about things like
the system or software, development life
cycles, how we can approach development
and understand system architecture, baking
security in from the ground up in order to
ensure that we are doing the right things,
giving the right guidance and
mitigating risk wherever possible.
I'm looking forward to have you
join me on this journey, so
take a look at all seven domains, but
also talk about the ways in which you can
synthesize and apply that information.
As we wrap up our overview, what I wanna
make sure you understand is that it's
gonna be a great opportunity for us to
spend time, deal with and understand how
we can approach these issues, focus on
your success for the SSCP journey ahead.
But also we're gonna have fun and
do a lot of really interesting things.
I look forward to that journey,
I hope you do as well.
I'm gonna go get ready, all you have to do
to join me, stop watching this episode and
jump right into the course.
I'll see you there.
Take care everybody, see you soon.
Thank you for watching ITProTV.
Overview
Learning Style
On Demand
Includes
Practice Test
Length of course
27h 4m
Learning Options
Options for this course
Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel partners
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.