Systems Security Certified Practitioner

Systems Security Certified PractitionerSSCPI2(ISC)²I2-SSCP8.0<p>Candidates must have a minimum of 1 year cumulative work experience in 1 or more of the 7 domains of the SSCP CBK. A 1 year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.</p> <p>A candidate that doesn’t have the required experience to become an SSCP may become an Associate of ISC2 by successfully passing the SSCP examination. The Associate of ISC2 will then have 2 years to earn the 1 year required experience.</p><p>The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets, including those in the following positions:</p> <ul> <li>Network Security Engineer</li><li>Systems Administrator</li><li>Security Analyst</li><li>Systems Engineer</li><li>Security Consultant/Specialist</li><li>Security Administrator</li><li>Systems/Network Analyst</li><li>Database Administrator</li><li>Health Information Manager</li><li>Practice Manager</li></ul><h5>Domain 1: Security Operations and Administration</h5><ul> <li>Comply with codes of ethics</li><li>Understand security concepts</li><li>Identify and implement security controls</li><li>Document and maintain functional security controls</li><li>Participate in asset management lifecycle</li><li>Participate in change management lifecycle</li><li>Participate in implementing security awareness and training</li><li>Collaborate with physical security operations</li></ul><h5>Domain 2: Access Controls</h5><ul> <li>Implement and maintain authentication methods</li><li>Support internetwork trust architectures</li><li>Participate in the identity management lifecycle</li><li>Understand and apply access controls</li></ul><h5>Domain 3: Risk Identification, Monitoring, and Analysis</h5><ul> <li>Understand the risk management process</li><li>Understand legal and regulatory concerns</li><li>Participate in security assessment and vulnerability management activities</li><li>Operate and monitor security platforms</li><li>Analyze monitoring results</li></ul><h5>Domain 4: Incident Response and Recovery</h5><ul> <li>Support incident lifecycle</li><li>Understand and support forensic investigations</li><li>Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities</li></ul><h5>Domain 5: Cryptography</h5><ul> <li>Understand cryptography</li><li>Apply cryptography concepts</li><li>Understand and implement secure protocols</li><li>Understand Public Key Infrastructure (PKI) systems</li></ul><h5>Domain 6: Network and Communication Security</h5><ul> <li>Understand and apply fundamental concepts of networking</li><li>Understand network attacks and countermeasures (e.g., DDoS, man-in-the-middle, DNS poisoning)</li><li>Manage network access controls</li><li>Manage network security</li><li>Operate and configure network-based security devices</li><li>Secure wireless communications</li></ul><h5>Domain 7: Systems and Application Security</h5><ul> <li>Identify and analyze malicious code and activity</li><li>Implement and operate endpoint device security</li><li>Administer Mobile Device Management (MDM)</li><li>Understand and configure cloud security</li><li>Operate and maintain secure virtual environments</li></ul>Candidates must have a minimum of 1 year cumulative work experience in 1 or more of the 7 domains of the SSCP CBK. A 1 year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program. A candidate that doesn’t have the required experience to become an SSCP may become an Associate of ISC2 by successfully passing the SSCP examination. The Associate of ISC2 will then have 2 years to earn the 1 year required experience.The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets, including those in the following positions: - Network Security Engineer - Systems Administrator - Security Analyst - Systems Engineer - Security Consultant/Specialist - Security Administrator - Systems/Network Analyst - Database Administrator - Health Information Manager - Practice ManagerDomain 1: Security Operations and Administration - Comply with codes of ethics - Understand security concepts - Identify and implement security controls - Document and maintain functional security controls - Participate in asset management lifecycle - Participate in change management lifecycle - Participate in implementing security awareness and training - Collaborate with physical security operations Domain 2: Access Controls - Implement and maintain authentication methods - Support internetwork trust architectures - Participate in the identity management lifecycle - Understand and apply access controls Domain 3: Risk Identification, Monitoring, and Analysis - Understand the risk management process - Understand legal and regulatory concerns - Participate in security assessment and vulnerability management activities - Operate and monitor security platforms - Analyze monitoring results Domain 4: Incident Response and Recovery - Support incident lifecycle - Understand and support forensic investigations - Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities Domain 5: Cryptography - Understand cryptography - Apply cryptography concepts - Understand and implement secure protocols - Understand Public Key Infrastructure (PKI) systems Domain 6: Network and Communication Security - Understand and apply fundamental concepts of networking - Understand network attacks and countermeasures (e.g., DDoS, man-in-the-middle, DNS poisoning) - Manage network access controls - Manage network security - Operate and configure network-based security devices - Secure wireless communications Domain 7: Systems and Application Security - Identify and analyze malicious code and activity - Implement and operate endpoint device security - Administer Mobile Device Management (MDM) - Understand and configure cloud security - Operate and maintain secure virtual environments5 days45000.0010000.001140.001140.001140.004419.004940.003990.003950.003950.003950.003590.005100.00