SSCP Domain: Malicious Code

Overview/Description
In the modern world of computing, malicious code is becoming commonplace. Organizations and individuals must protect themselves from these attacks. This course provides a history of malicious code and details of how to recognize and analyze the effects of malcodes and infection vectors on a computing system using VMware testing and file capturing techniques. It also explains how to determine appropriate malcode evaluation and mitigation techniques to protect an enterprise environment. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC)2 for its Systems Security Certified Practitioner (SSCP) certification. The SSCP credential certifies student expertise in 7 different knowledge domains.

Target Audience
Experienced IT professionals with a basic knowledge of network and communications protocols and equipment seeking to pass the System Security Certified Practitioner (SSCP) exam, or otherwise gain knowledge in assessing, planning, implementing and managing IT security in an enterprise environment. A minimum of one year's professional experience in one of the seven SSCP CBK Domains is required for certification.

Expected Duration (hours)
3.0

Lesson Objectives

SSCP Domain: Malicious Code

recognize components of CARO-like names

recognize the main purpose of application security

identify types of malicious code

define the basic terms in malicious code

identify significant events in the evolution of malcode

order the significant events in the emergence of the Internet criminal marketplace

identify common methods used to spread malcodes

recognize social engineering attacks

determine which specific malcodes are attacking a system

determine the methods infection vectors have used to access a system

recognize types of attacks that are carried out on computing environments

describe best practices for implementing a security solution in an enterprise environment

implement appropriate malcode inspection processes

select appropriate malcode behavioral analysis methods

sequence the steps for using VMware to test malcode samples

identify techniques for capturing files from a computer

identify appropriate malcode mitigation policies for an enterprise environment

assess how malcodes and infection vectors attack a computing system

determine how to evaluate and mitigate malcodes in an enterprise environment