SSCP Domain : Risk, Response, and Recovery

Overview/Description
With more and more business success relying on secure and guaranteed access to data, having plans and policies in place to manage risks and recover from disasters is pivotal. This course provides the learner with the knowledge to provide data redundancy and handling incidents and risks. This course teaches the learner how to identify the threats and vulnerabilities that can put information systems at risk and how to optimize a risk assessment and management system to protect resources. It covers risk limitation and mitigation and the security incident handling process. The course covers business continuity planning and shows how to design an effective disaster contingency plan and an optimized data recovery and restoration methodology. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC)2 for its Systems Security Certified Practitioner (SSCP) certification. The SSCP credential certifies student expertise in 7 different knowledge domains.

Target Audience
Experienced IT professionals with a basic knowledge of network and communications protocols and equipment seeking to pass the System Security Certified Practitioner (SSCP) exam, or otherwise gain knowledge in assessing, planning, implementing and managing IT security in an enterprise environment. A minimum of one year's professional experience in one of the seven SSCP CBK Domains is required for certification.

Expected Duration (hours)
3.0

Lesson Objectives

SSCP Domain : Risk, Response, and Recovery

recognize threats and vulnerabilities that expose information technology systems to risk

define key risk management concepts

recognize key factors for improving a risk management system

specify appropriate risk limitation controls for a particular scenario

describe a security incident detection and analysis process

describe a security incident containment and eradication process

identify key considerations for gathering and handling evidence

optimize a risk assessment methodology for a particular scenario

determine appropriate risk and incident handling methods for a particular scenario

describe a business impact analysis process

define key business impact analysis concepts

select an appropriate disaster recovery site for a particular scenario

identify key considerations for disaster recovery planning

describe disaster plan testing methodologies

identify an appropriate data backup rotation schedule for a particular scenario

identify features of high-availability and load-balancing clustering

select an appropriate RAID level for a particular scenario

optimize a disaster planning process for a particular scenario

analyze a data backup and restoration methodology