Paths

SSCP® (Systems Security Certified Practitioner)

Author: Kevin Henry

This series provides the foundational knowledge needed to implement and maintain strong security practices that will enable an organization to defend itself against security... Read more

SSCP® (Systems Security Certified Practitioner)

This series provides the foundational knowledge needed to implement and maintain strong security practices that will enable an organization to defend itself against security threats and attacks. This series can be used to prepare for the (ISC)²® SSCP® (Systems Security Certified Practitioner) examination, with coverage of the SSCP® Certification Exam Outline effective November 2018.

Preparing for an (ISC)2® Certification Exam

by Kevin Henry

Mar 31, 2018 / 17m

17m

Start Course
Description

Preparing for an (ISC)2® examination can be difficult and stressful. In this course, Preparing for an (ISC)2® Certification Examination, you will learn how to set yourself up for success, prior to taking the exam. First, you will delve into the test-taking process. Next, you will discover some helpful tips and tricks to pass the exam. Last, you will learn how to develop a study plan. When you are finished with this course, you will have the skills and knowledge needed to be prepared for an (ISC)2 exam.

Table of contents
  1. Course Overview1m
  2. The (ISC)2® Exam Format12m
  3. How to Prepare for an (ISC)2® Examination 3m

Security Management

by Kevin Henry

Apr 13, 2018 / 1h 29m

1h 29m

Start Course
Description

As a Security Manager you play a critical role in setting up an effective security program that will protect the assets of the organization in a cost-effective way. In this course ,Security Management, you will first learn the process of working with management to develop a security strategy and a budget. Next, you'll learn how to promote an understanding of security concepts and responsibilities. Finally, you will gain an understanding on the management functions of being a security leader and meeting the requirements of compliance, governance and development of policies and security procedures. By the end of this course, you'll be knowledgeable in the goals and aims of information protection, management and responsibility.

Table of contents
  1. Course Overview1m
  2. Understanding Security Concepts30m
  3. The Principles of Security Governance20m
  4. Security Roles and Responsibilities19m
  5. Security Policies18m

Information Classification

by Kevin Henry

Apr 25, 2018 / 1h 39m

1h 39m

Start Course
Description

Security professionals need to know how to comply with laws and standards in information protection. In this course, Information Classification, you will learn foundational knowledge of asset protection and gain the ability to identify assets and provide them with adequate protection. First, you will learn about information classification and ownership. Next, you will discover the legal aspects of intellectual property protection. Finally, you will explore how to manage all of the assets of the organization. When you’re finished with this course, you will have the skills and knowledge of information security needed to be an effective manager and practitioner in information management.

Table of contents
  1. Course Overview1m
  2. Information Ownership15m
  3. Data Retention and Deletion28m
  4. Protection of Intellectual Property23m
  5. Security Concerns During Divestitures and Acquisitions16m
  6. Asset Management14m

Business Continuity Management

by Kevin Henry

Jun 13, 2018 / 1h 35m

1h 35m

Start Course
Description

Business success depends on being prepared for any incident that could affect business operations. The art and science of Business Continuity Management is essential to handling any problem in a calm and forward-thinking manner. In this course, Business Continuity Management, you will gain understanding of maintaining resilience through incidents of your business operations. First, you will learn how to prepare a business continuity plan. Then, you will learn how to analyze the business to discover important products, services, and critical timelines for recovery. Finally, you will learn how to write, test, and maintain business continuity plans. When you're finished with this course, you will have the skills and knowledge needed to contribute to the development of business continuity and disaster recovery plans.

Table of contents
  1. Course Overview1m
  2. Business Continuity Management Process22m
  3. Business Impact Analysis14m
  4. Create Contingency Strategies20m
  5. Writing Business Continuity Plans17m
  6. Implementing, Testing, and Maintaining Business Continuity Plans19m

Risk Assessment and Management

by Kevin Henry

May 24, 2018 / 2h 33m

2h 33m

Start Course
Description

Security Professionals rely on risk management to justify and develop an Information Security program. In this course, Risk Assessment and Management, you will learn comprehensive knowledge of risk management and the theories, concepts, and practices of threat modeling and enterprise risk management. First, you will learn about establishing the context for risk management. Next, you will compare the various methods of risk assessment. Finally, you will examine the options for risk response and monitoring. When you’re finished with this course, you will have the skills and knowledge of information security needed to be an effective manager and practitioner in information and risk management.

Table of contents
  1. Course Overview1m
  2. Risk Frameworks - ISO27005, 31000, NIST, HTRA45m
  3. Framing Risk10m
  4. Assessing Risk44m
  5. Mitigating Risk30m
  6. Monitoring Risk19m

Security Controls and Control Frameworks

by Kevin Henry

Jun 7, 2018 / 59m

59m

Start Course
Description

It can be challenging to evaluate and select the best controls for an organization. Through this course, Security Controls and Control Frameworks, you will gain an understanding of the risk associated with the development of a security control framework, and how to address it. You will first learn the various types of controls and the factors used in establishing an effective security infrastructure. Next, you will examine the strengths of various types of controls including managerial, technical, and environmental controls that can be deployed to prevent and react to security incidents. Finally, you will examine how to test and evaluate the effectiveness of controls in relation to risk and compliance. When you're finished with this course, you will have the skills and knowledge needed to be an effective contributor to the design of secure information systems and business processes.

Table of contents
  1. Course Overview1m
  2. Types of Controls27m
  3. Control Selection Criteria30m

Cryptography Application

by Kevin Henry

Aug 3, 2018 / 2h 22m

2h 22m

Start Course
Description

Cryptography is all about logic and process - understanding the terminology, the process flow, and the strengths and weaknesses of the various cryptographic algorithms. Through this course, Cryptography Application, you will learn how cryptography works, how to attack it and how it is used in everyday life. First, you will explore the fascinating world of cryptography and become familiar with each type of algorithm. Next, you will learn how cryptography works in many of the tools we use today. Finally, you will learn how to attack and compromise a crypto system. When you're finished with this course, you will have a comfortable understanding of cryptography and its application.

Table of contents
  1. Course Overview1m
  2. Introduction to Cryptography1h 9m
  3. Cryptography Operations and Uses38m
  4. Cryptanalysis and Attacks33m

Physical Security

by Kevin Henry

Aug 6, 2018 / 1h 19m

1h 19m

Start Course
Description

Physical Security is an area that is relatively unknown to most information security professionals, and yet it is one of the most important elements of an effective and complete information security program. In this course, Physical Security, you will gain an understanding of how a breach in physical security may lead to the breach of information and systems despite the effectiveness of other technical controls. First, you will learn the principles of physical security and how to protect systems and data. Then, you will examine environmental controls and learn the threats to physical security systems. Finally, you will discover how to integrate physical security controls into information security frameworks. By the end of this course, you'll be comfortable with your knowledge of physical and environmental security.

Table of contents
  1. Course Overview1m
  2. Location Security and Defense in Depth17m
  3. Integration of Physical and Information Security33m
  4. Environmental Security26m

Communications and Network Security

by Kevin Henry

Sep 18, 2018 / 2h 59m

2h 59m

Start Course
Description

Network communication is one of the primary areas of risk to most business processes. Networks provide the attack surface used to compromise data and business operations. In this course, Communications and Network Security, you will learn about network and communications models such as OSI and TCP/IP. Next, you'll touch on the area of secure protocols. Finally, you will explore network attacks. When you're finished with this course, you will have a good understanding of network and communications security, protocols, and network encryption needed to help you audit, operate, and manage secure communications.

Table of contents
  1. Course Overview1m
  2. Secure Communications Models1h 4m
  3. Secure Network Communications1h 4m
  4. Network Protocols and Network Security48m

Secure Network Design

by Kevin Henry

Nov 21, 2018 / 2h 19m

2h 19m

Start Course
Description

Networks provide the foundation for almost every business operation and they require careful architecture and management. This course, Secure Network Design, will help you understand the challenges and solutions for designing secure networks. First, you will learn about types of communication. Next, you will gain an understanding of network devices. Finally, you will learn about network design, configuration, and management. By the end of this course, you how to secure and protect networks, secure all of the devices connected to networks, and overall, become a more proficient and effective security professional.

Table of contents
  1. Course Overview1m
  2. The Evolution of Network Communications1h 3m
  3. Secure Network Configuration59m
  4. Secure Network Operations14m

Access Control and Identity Management

by Kevin Henry

Dec 6, 2018 / 1h 43m

1h 43m

Start Course
Description

Access Controls and Identity Management are the heart of Information Security. In this course, Access Control and Identity Management, you will learn about the risks and challenges associated with access control concepts that a security professional must understand. First, you will discover the various access control attacks. Then, you will explore the methods of implementing and monitoring an access control system. Finally, you will learn about access control models and techniques. By the end of this course, you will know and understand the foundation of information security - access control.

Table of contents
  1. Course Overview1m
  2. Access Control Principles43m
  3. Access Control Models29m
  4. Access Control Implementations29m

What you will learn

  • How to implement authentication methods and access controls
  • How to implement and maintain security controls
  • How to perform security assessment activities
  • How to support incident response activities as well as business continuity and disaster recovery plans
  • The basic concepts of cryptography and key management
  • How to manage network security, including how to operate and configure network-based security devices
  • How to operate and configure cloud security and virtual environments

Pre-requisites

(ISC)² requires SSCP® candidates have at least one year of work experience in at least one of the SSCP® Common Body of Knowledge (CBK) domains or a Bachelor or Masters degree from a cybersecurity program. It is recommended that viewers have an understanding of the basic concepts of information security before embarking on these courses.