ebook img

SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide PDF

576 Pages·2015·14.7 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide

® SSCP Systems Security Certified Practitioner Study Guide George B. Murphy Development Editor: Tom Cirtin Media Supervising Producer: Richard Graves Technical Editors: Brian D. McCarthy and John Gilleland Book Designers: Judy Fung and Bill Gibson Production Editor: Christine O’Connor Proofreader: Kim Wimpsett Copy Editor: Judy Flynn Indexer: Ted Laux Editorial Manager: Mary Beth Wakefield Project Coordinator, Cover: Brent Savage Production Manager: Kathleen Wisor Cover Designer: Wiley Associate Publisher: Jim Minatel Cover Image: ©Getty Images Inc./Jeremy Woodhouse Copyright © 2015 by John Wiley & Sons, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-1-119-05965-3 ISBN: 978-1-119-05968-4 (ebk.) ISBN: 978-1-119-05995-0 (ebk.) No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permis- sions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions. Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the pub- lisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read. For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002. Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with stan- dard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksup- port.wiley.com. For more information about Wiley products, visit www.wiley.com. Library of Congress Control Number: 2015947763 TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. SSCP, the SSCP logo, and the (ISC)2 logo are registered trademarks or service marks of the International Information Sys- tems Security Certification Consortium. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book. 10 9 8 7 6 5 4 3 2 1 ® Disclaimer: Wiley Publishing, Inc., in association with (ISC)2 , has prepared this study guide for general information ® ® and for use as training for the Official (ISC)2 SSCP CBK and not as legal or operational advice. This is a study guide ® only, and does not imply that any questions or topics from this study guide will appear on the actual (ISC)2 SSCP cer- ® tification examination. The study guide was not prepared with writers or editors associated with developing the (ISC)2 ® ® SSCP certification examination. The study guide may contain errors and omissions. (ISC)2 does not guarantee a pass- ing score on the exam or provide any assurance or guarantee relating to the use of this study guide and preparing for the ® ® (ISC)2 SSCP certification examination. ® The users of the Official SSCP : Systems Security Certified Practitioner Study Guide agree that Wiley Publishing, Inc. and ® (ISC)2 are not liable for any indirect, special, incidental, or consequential damages up to and including negligence that may ® arise from use of these materials. Under no circumstances, including negligence, shall Wiley Publishing Inc. or (ISC)2 , its officers, directors, agents, author or anyone else involved in creating, producing or distributing these materials be liable for any direct, indirect, incidental, special or consequential damages that may result from the use of this study guide. Attacks on organizations’ information assets and infrastructure continue to escalate while attackers ref ne and improve their tactics. The best way to combat these assaults starts with qualif ed information security staff armed with proven technical skills and practical security knowledge. Practitioners who have proven hands-on technical abil- ® ity would do well to include the (ISC)2 Systems Security Certif ed Practitioner (SSCP ) credential in their arsenal of tools to competently handle day-to-day responsibilities and secure their organization’s data and IT infrastructure. The SSCP certif cation aff rms the breadth and depth of practical security knowledge expected of those in hands-on operational IT roles. The SSCP provides industry-lead- ing conf rmation of a practitioner’s ability to implement, monitor and administer poli- cies and procedures that ensure data conf dentiality, integrity and availability (CIA). Ref ecting the most relevant topics in our ever-changing f eld, this new SSCP Study Guide is a learning tool for (ISC)2 certif cation exam candidates. This comprehensive study guide of the seven SSCP domains draws from a global body of knowledge, and prepares you to join thousands of practitioners worldwide who have obtained the (ISC)2 SSCP credential. The SSCP Study Guide will help facilitate the practical knowledge you need to assure a strong security posture for your organization’s daily operations. As the information security industry continues to transition, and cybersecurity becomes a global focus, the ® SSCP Common Body of Knowledge (CBK ) is even more relevant to the challenges faced by today’s frontline information security practitioner. While our Off cial Guides to the CBK are the authoritative references, the new study guides are focused on educating the reader in preparation for exams. As an ANSI accredited certi- f cation body under the ISO/IEC 17024 standard, (ISC)2 does not teach the SSCP exam. Rather, we strive to generate or endorse content that teaches the SSCP’s CBK. Candidates who have a strong understanding of the CBK are best prepared for success with the exam and within the profession. Advancements in technology bring about the need for updates, and we work to ensure that our content is always relevant to the industry. (ISC)2 is breaking new ground by partnering with Wiley, a recognized industry-leading brand. Developing a partnership with renowned content provider Wiley allows (ISC)2 to grow its offerings on the scale required to keep our content fresh and aligned with the constantly changing environment. The power of combining the expertise of our two organizations benef ts certif cation candidates and the industry alike. For more than 26 years, (ISC)2 has been recognized worldwide as a leader in the f eld of information security 2 education and certif cation. Earning an (ISC) credential also puts you in great company with a global network 2 of professionals who echo (ISC) ’s focus to inspire a safe a secure cyber world. Congratulations on taking the f rst step toward earning your certif cation. Good luck with your studies! Regards, David P. Shearer CEO (ISC)2 ff rs.indd 09/18/2015 Page iii To my beautiful wife, Cathy—thank you for your patience, understanding, and especially your encouragement. You are and always will be my angel. With much love. Acknowledgments It’s always amazing how many people are involved in the production of a book like this. Everyone involved deserves a world of thanks for all of their hard work and efforts. I espe- cially want to thank Carol Long, who was executive acquisitions editor for Wiley & Sons when we started this project. I genuinely appreciate the opportunity that she afforded me. I also owe so much to many others, especially Tom Cirtin, for keeping everything on track, as well as Christine O’Connor, who tied together all of the production efforts. I want to thank Jim Minatel for herding all of the cats and keeping it all running. Many thanks to Judy Flynn for her tireless efforts in making sure all of the copy worked, as well as the entire team of layout editors, graphic design folks, and others, all of whom provided their expertise to make this project come together. I would like to express a big thanks to Brian McCarthy for his knowledge and his wonderful work as technical editor. I would also like to express my appreciation to both Mike Siok and Willie Williams for their friendship and inspiration through a great many projects over the years. They have always been there to lend an ear and offer encouragement. I want to recognize Chuck Easttom for giving me my break into the world of publishing a few years ago. And, I want to especially thank all of the wonderful folks at (ISC)2 for their ongoing assistance in this and many other projects. Thank you all very much.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.