SSCP Domain : Security Operations and Administration Part 1

Overview/Description
Information is often at the core of business, and maintaining the security of that information in the digital age is of utmost importance. This course provides the learner with the skills needed to identify and organize essential information in an organization, and how to document and implement policies, standards, procedures and guidelines. These skills will ensure confidentiality, integrity and availability of core business information. This course teaches the learner about the importance of Confidentiality, Integrity and Availability (The C-I-A Triad) and how to determine appropriate methods for dealing with security and threats. It teaches how to assess and optimize your own security plan and program. The course also demonstrates the importance of Ethics in Business Security. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC)2 for its Systems Security Certified Practitioner (SSCP) certification. The SSCP credential certifies student expertise in 7 different knowledge domains.

Target Audience
Experienced IT professionals with a basic knowledge of network and communications protocols and equipment seeking to pass the System Security Certified Practitioner (SSCP) exam, or otherwise gain knowledge in assessing, planning, implementing and managing IT security in an enterprise environment. A minimum of one year's professional experience in one of the seven SSCP CBK Domains is required for certification.

Expected Duration (hours)
2.5

Lesson Objectives

SSCP Domain : Security Operations and Administration Part 1

describe the objectives that effective security controls should meet

describe security architecture design best practices

describe the PDCA improvement cycle for an ISMS

identify features the ISO/SEC 27002 security standards framework

describe how to manage identity and access and privileged user accounts

recognize the considerations for managing outsourced security partners

assess a security program's objectives, architecture and framework

determine appropriate measures for managing identify, access and privileged accounts and for selecting an MSSP

describe the phases of a policy life cycle

recognize security standards and baselines

describe industry standards and open standards

describe the importance of well documented security procedures

recognize the main responsibilities of a security officer in the security plan development process

identify confidentiality protection methods

recognize important considerations for information classification

assess security policies and standards

optimize security procedures and plans and determine appropriate information protection and classification methods