Information Systems Security Professional (CISSP
Information Systems Security Professional (CISSP, CISSP
Course Description
Hi, I’m Sulaiman Siddiqi, and I’d like to welcome you to our course on preparing for the SSCP exam. The system security certified practitioner credential is a popular entry-level certification for cybersecurity professionals.
learning path helps IT security professionals prepare for and pass the challenging Certified Information Systems Security Professional (CISSP) exam from (ISC)²
This course contains all of the information that you’ll need to pass the SSCP exam Earning your SSCP credential is a professional journey. It won’t happen overnight, but it also doesn’t need to take years of arduous planning and preparation. In this course, I’ll explain how you can plan your time wisely and work your way toward passing the SSCP exam. Employers and IT professionals around the world recognize the SSCP as a strong certification program that allows candidates to demonstrate a breadth of knowledge across seven domains of information security. Earning the SSCP requires a combination of passing a rigorously administered exam and demonstrating one year of work experience in information security. Most people attempting the SSCP exam have some experience working in the security field, but you don’t need to have the experience in hand before you take the exam.
(ISC)2 provides a detailed curriculum for the SSCP exam. It organizes the content into seven domains of information security: access controls, security operations, and administration, risk identification, monitoring, and analysis, incident response and recovery, cryptography, network and communications security, and systems and application security. If you’d like, take the time to look through the official exam objectives and get a sense of the things you’ll learn as you prepare for the SSCP exam. Chances are that you’re already familiar with some topics, while others may be brand new to you. That’s fine. This course is designed to give you all of the knowledge that you’ll need to pass the SSCP exam no matter where you are in your security career. In this video and the six that follow, I’ll walk you through each of the seven SSCP domains and give you just a quick flavor of what the exam covers. Once you’re done with these brief introductions, I have an entire course ready and waiting for you on each one of these seven domains. The first domain of the SSCP exam, access controls, makes up 16% of the questions on the test. Access controls are extremely important to security professionals because they ensure that information and resources stay out of unauthorized hands. This domain has four objectives. The first objective is that you be able to implement authentication mechanisms. Authentication is the process of ensuring that an individual is who they claim to be, and security professionals do this in a number of ways. We’ll cover authentication mechanisms as simple as passwords, and then explain how you can improve security by implementing multifactor authentication. As you work your way through the second objective, you’ll learn how to operate internetwork trust architectures. Now that phrase is a mouthful, but it’s not as complex as it sounds. It just means that when we connect different networks together, we need to think carefully about how much they should trust each other. For example, if we connect two offices from the same company together, we’d have a much higher degree of trust than if we connected our network to a vendor’s network. In the third objective, you’ll learn about the identity management lifecycle. You’ll learn about how security professionals manage identity from the first act of providing a new user with an account, through the ongoing management and monitoring of that account, and ending up with the deprovisioning of that account when the user eventually leaves the organization. And, finally, the fourth objective covers implementing access controls. This is where we’ll get into some of the formal models governing access controls. You’ll learn about different types of access control systems, and how to choose one that’s most appropriate for your organization.