CompTIA A+ 2006

ISC2 SSCP

Access Controls

Overview/Description
To recognize the concepts that make up the Access Controls SSCP domain

Target Audience
Candidates who plan to take the International Information Systems Security Certification Consortium's (ISC)2 Systems Security Certified Practitioner (SSCP) certification exam or IT professionals who want an introduction to the concepts and practices of information system security

Prerequisites
The candidate should have at least one year of cumulative experience in one or more of the seven SSCP test domains

Expected Duration
1.75 to 3.50 Hours

Access Controls

Define access control and recognize access control types and models
Recognize how access control is implemented
Recognize the way in which the authentication protocol Kerberos works
Identify the mechanisms used to ensure Information Assurance
Identify suitable access control solutions

Administration

Overview/Description
To identify security administration requirements and outline how they are met

Target Audience
Candidates who plan to take the International Information Systems Security Certification Consortium's (ISC)2 Systems Security Certified Practitioner (SSCP) certification exam or IT professionals who want an introduction to the concepts and practices of information system security

Prerequisites
The candidate should have at least one year of cumulative experience in one or more of the seven SSCP test domains

Expected Duration
2.75 to 5.50 Hours

Administration

Identify the features of the security development life cycle
Outline the policies and practices used to secure an information system and its environment
Identify the function of a roadmap in security administration and outline the activities required to develop one for an organization
Outline technologies used in organizations to secure information and information systems
Implement suitable security mechanisms
Outline best practices for security administration in a network
Identify the requirements for a security awareness program and outline how it can be implemented in an organization
Implement a successful security awareness program

Auditing and Monitoring

Overview/Description
To outline the tools and mechanisms for system security monitoring and auditing

Target Audience
Candidates who plan to take the International Information Systems Security Certification Consortium's (ISC)2 Systems Security Certified Practitioner (SSCP) certification exam or IT professionals who want an introduction to the concepts and practices of information system security

Prerequisites
The candidate should have at least one year of cumulative experience in one or more of the seven SSCP test domains

Expected Duration
2.25 to 4.5 Hours

Auditing and Monitoring

Identify the role of auditing
Identify the types of data collected during an audit and outline how it is processed
Outline the methods and tools involved in conducting a security audit
Identify features of the audit process
Outline the different types of monitoring and the tools associated with each type
Recognize the need to develop an effective incident response program
Identify incident response features

Risk, Response, and Recovery

Overview/Description
To outline risk management and identify best practices for handling risk and ensuring business continuity

Target Audience
Candidates who plan to take the International Information Systems Security Certification Consortium's (ISC)2 Systems Security Certified Practitioner (SSCP) certification exam or IT professionals who want an introduction to the concepts and practices of information system security

Prerequisites
The candidate should have at least one year of cumulative experience in one or more of the seven SSCP test domains

Expected Duration
2.25 to 4.5 Hours

Risk, Response, and Recovery

Define risk and identify the strategies used to manage it
Identify methods and tools used to perform risk analysis
Identify the steps and activities of a risk assessment methodology
Identify the mechanisms used when responding to a security attack
Identify the features of contingency plans and disaster recovery plans
Identify appropriate solutions for business continuity
Identify the roles and tools involved in computer forensics

Cryptography

Overview/Description
To define cryptograhy and identify its use in ensuring the confidentiality, integrity, authenticity, and non-repudiation of information

Target Audience
Candidates who plan to take the International Information Systems Security Certification Consortium's (ISC)2 Systems Security Certified Practitioner (SSCP) certification exam or IT professionals who want an introduction to the concepts and practices of information system security

Prerequisites
The candidate should have at least one year of cumulative experience in one or more of the seven SSCP test domains

Expected Duration
2.50 to 5 Hours

Cryptography

Recognize how encryption developed and identify the process and types involved
Identify the block cipher modes of operation and the different block cipher algorithims
To identify the role of hashes and digital signatures in protecting the integrity of encrypted data
Recognize encryption processes
Identify the various methods of key management
Identify the features of the general hierarchical model of public key infrastructure and the top-down hierarchical SET public key infrastructure
Identify the types and features of encryption protocols
Identify various types of cryptographic attack

Data Communications

Overview/Description
To identify the standards and technology used in data communication

Target Audience
Candidates who plan to take the International Information Systems Security Certification Consortium's (ISC)2 Systems Security Certified Practitioner (SSCP) certification exam or IT professionals who want an introduction to the concepts and practices of information system security

Prerequisites
The candidate should have at least one year of cumulative experience in one or more of the seven SSCP test domains

Expected Duration
2.25 to 4.5 Hours

Data Communications

Identify the types of signals and transmission media used to transfer data information
Identify the attributes of various network deployments
Identify the topologies and standards used in networking
Identify the layers of the OSI and TCP/IP network communication models
Identify common network devices
Identify types of network attacks and the methods used to mitigate them
Identify ways to secure a network from given attacks

Malicious Code

Overview/Description
To identify types of malicious code and the protection used to defend against it

Target Audience
Candidates who plan to take the International Information Systems Security Certification Consortium's (ISC)2 Systems Security Certified Practitioner (SSCP) certification exam or IT professionals who want an introduction to the concepts and practices of information system security

Prerequisites
The candidate should have at least one year of cumulative experience in one or more of the seven SSCP test domains

Expected Duration
1.25 to 2.5 Hours

Malicious Code

Identify types and characteristics of malicious code
Identify the mechanisms and best practices used to counter malicious code attacks
Identify malicious code protection products and the mechanisms they use
Identify how to defend against malicious code