Systems Security Certified Practitioner (SSCP) 2018

COURSES INCLUDED

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): NETWORK FUNDAMENTALS
This 14-video course helps prepare for the Systems Security Certified Practitioner (SSCP) certification exam by exploring network concepts, including packet switching, the OSI (open systems interconnect) and TCP/IP (transmission control protocol/Internet protocol) models, network topologies, network infrastructure devices, and wireless router configuration. You will learn the differences between circuit switching and packet switching. You will examine the seven-layer OSI model that is used to describe communications hardware and software, including Layer 3 switch, and the Layer 7 firewall appliance. Continue by examining the TCP/IP model, a conceptual 4-layer model, and the TCP/IP protocol suite. This course then examines types of network interface cards, cable types, including coaxial and twisted pair copper, and connector types. Watch demonstrations of how to configure a wireless router, and how to configure NLB (network load balancing). You will learn to use a physical device or virtual appliance network load balancer, on-premises or in the cloud. Finally, this course shows learners how to configure a network load balancer by using AWS (Amazon Web Services).
14 videos | 58m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): SECURITY CONCEPTS
Learners can explore the ISC squared (International Information System Security Certification Consortium) and its Code of Ethics when performing security work in this course, which prepares for the Systems Security Certified Practitioner (SSCP) certification exam. In its 14 videos, you will examine the four canons of Ethics: 1) to protect society and infrastructure; 2) to act honorably, honestly, justly, responsibly, and legally; 3) to provide diligent and competent service to principals; and 4) to advance and protect the profession. Examine the CIA (confidentiality, integrity, and availability) triad for security controls; then examine restricting access or protecting data through encryption. You will learn how to provide data assurances, and how to use MS Windows Power Shell and Linux to generate file hashes, and digital signatures. Learners will explore availability, and the importance to assuring business processes can run uninterrupted. Next, explore how accountability and data access can be used to track users, devices, or software. Finally, you will learn how to enable file system auditing.
14 videos | 57m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): RISK MANAGEMENT
This 12-video course explores risk management when engaging in business activities supported by IT solutions. Prepare for the Systems Security Certified Practitioner (SSCP) certification exam as you examine risk classification, and learn how to identify digital assets and threats, including natural disasters such as floods, fires, or storms; manmade disasters, arson, terrorism; and identity theft. This course demonstrates threat modeling, and the process to use to identify and prioritize threats. You will examine how to optimize resources, and to focus on reducing risks, and explore counter measures in relation to prioritized threats. Next, explore BIA (business impact analysis), and its importance to business continuity. You will learn how a BIA can be incorporated into a DRP (disaster recovery plan) to facilitate recovery of a failed system. Learners will examine the use of a risk registry with the likelihood of the risk occurrence, the business impact should it occur, and a severity rating. You will learn about risk avoidance and mitigation. Finally, you will explore cost efficiencies for risk mitigation.
12 videos | 41m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): CRYPTOGRAPHY PRIMER
Continue preparing for the Systems Security Certified Practitioner (SSCP) certification exam with this 14-video course, which explores how cryptography can be used to provide confidentiality and integrity for data at rest, and data in transit. You will learn how to acquire a PKI (public key infrastructure), and how to generate a random key to feed into an encryption algorithm. Next, you will examine data hashing and salting. Examine how symmetric and asymmetric encryption provides data confidentiality, and about ECC (elliptic curve cryptography), an asymmetric, cryptographic algorithm. Learners will then explore secure network protocols, including SSL (secure sockets layer), to provide cryptographic functions such as encryption, message authentication, and integrity. This course demonstrates the use of cryptanalysis to identify security flaws, and how to enable IPsec (Internet security protocol) to secure network traffic, and have it applied to all TCP/IP (transmission control protocol/Internet protocol) network traffic. Finally, you will explore how the Telnet and SSH (secure shell) protocols are used for remote administration of things like Linux, Unix, Windows computers.
14 videos | 44m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): PUBLIC KEY INFRASTRUCTURE
This 13-video course explores the PKI (public key infrastructure) certificate, its lifecycle, and how to use it to secure IT solutions, while preparing learners for the Systems Security Certified Practitioner (SSCP) certification exam. You will learn about the numerous CAs (certificate authorities), a hierarchy of digital security certificates, where unique public and private key pairs are issued for each certificate. Learners will explore public and private CAs, including the Microsoft Active Directory Certificate Services, then examine the PKI hierarchy, where certificates are issued and managed by a certificate authority. This course demonstrates how to set up a private certificate authority within your own organization. You will learn to use Linux to create a PKI Certificate Authority, and about the tools available in Linux. This course examines how the CAs digitally sign issued certificates using its private key, and how the signature is used to establish trust. Finally, you will learn several ways to store a PKI certificate, for example, on a smart card, or in a file.
13 videos | 56m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): IDENTITY MANAGEMENT
Learners can explore identity management, also known as IAM (identity and access management), in this 14-video course helping prepare for the Systems Security Certified Practitioner (SSCP) certification exam. You will learn how to configure identities to have strong authentication for users and devices, such as smart phones. Next, examine single-factor authentication, in which one category is used to authenticate, such as a username and a password. You will examine multifactor authentication where there is a username and a password, and having an additional private key. Learners continue by examining how to use an identity federation, and SSO (single sign-on) a centralized trusted set of logon credentials. This course demonstrates the multiple phases of the IAM lifecycle, including account request, how accounts are provisioned, how the user access is enforced and reported, and how it is de-provisioned. You will learn the concepts and terminology, including IDP (identity provider) and RP (resource provider), and how to use MS Active Directory for authentication. Finally, learners will examine Amazon Web Services CLI (command-line interface) authentication.
14 videos | 55m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): CONTROLLING RESOURCE ACCESS
This 14-video course explores common methods and uses real-world examples for providing resource access after authentication. Prepare for the Systems Security Certified Practitioner (SSCP) certification exam by examining defense in depth, a security term for multiple layers of security. You will learn about Discretionary Access Control, where the resource owner sets the permissions. You will learn how to use the Windows command line to manage a Windows file system access control list, and you will examine MAC (mandatory access control). You will learn to modify the default file system access control permissions on a Linux host using umask. You will examine RBAC (role-based access control). You will learn to use Microsoft PowerShell to assign permissions to a Windows group. You will learn to assign permissions to a group in Linux, and how to modify the default file system access control permissions on a Linux host by using umask. You will learn to configure Attribute-based Access Control in Windows, and object-level access control. Finally, learners will examine NAC (network access control).
14 videos | 1h Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): SECURITY CONTROLS
This course is an exploration and comparison of several categories of security controls ranging from deterrent controls to technical controls, in preparation for the Systems Security Certified Practitioner (SSCP) certification exam. In 14 videos, learners will examine security control safeguards to reduce risks and mitigate threats, including threat detection and threat avoidance. This course uses several examples of security controls, including user awareness and training, deterrent controls, detective controls to confirm vulnerabilities or active threats, and preventative controls to restrict threats, or limit their impact. Learn to install and configure the Microsoft NPS (Network Policy Services) to implement network access control. Next, examine how physical security controls to limit access to IT systems. You will learn why and how to disable SSL version 3, both on the client web browser side as well as on the web server side. You will then learn about administrative controls to guide actions that are taken by personnel within the organization. Learners observe how to use the Microsoft Active Directory to deploy security control settings.
14 videos | 1h 3m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): ASSET & CHANGE MANAGEMENT
Explore asset and change management, and their relationship to security through discussion and demonstration, in this 14-video course, which examines classes of assets, including personnel, hardware, software, data, and trade secrets. Prepare for the Systems Security Certified Practitioner (SSCP) certification exam by learning how to inventory hardware assets; how hardware is configured; and learning about network entry points such as VPN concentrators, wireless access points, and ethernet switches. This course examines software assets, including off-the-shelf and customized software. Learners observe how to configure a hardware inventory using Microsoft SCCM (System Center Configuration Manager). You will learn about data classification, and techniques to help facilitate security on a larger scale. Next, learn how file classification works by using the Windows Server Operating System and the File Server Resource Manager role service. You will examine TPM (Trusted Platform Module), firmware that is embedded in a chip, and which can be used with MFA (multifactor authentication). You will explore MDM (mobile device management). Finally, this course demonstrates a structured approach to change management and adoption.
14 videos | 1h 9m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): NETWORK SECURITY
This 14-video course explores the key concepts for designing and implementing a secure network. Continue preparations for the Systems Security Certified Practitioner (SSCP) certification exam by exploring physical network design, including the location of the network, wired and wireless networks, and infrastructure devices. You will examine local network infrastructure device management, and logical network design, such as VLANs (virtual local area networks), virtual network switches, and software-defined networking. Next, learners observe how to enable HTTPS for a network printer. You will explore types of firewalls, the placement of firewall solutions, and ACLs (access control lists), and how to configure a firewall rule. Then learn how to configure cloud-based firewalls by using the AWS (Amazon Web Services) console, and to configure a firewall rule on a Linux host. You will learn to configure IDS (intrusion detection systems) and IPS (intrusion prevention systems), and placement of intrusion and prevention systems. Finally, this course discusses Bluetooth, NFC (near field communication), and how to configure Wi-Fi security settings on wireless router.
14 videos | 1h 2m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): MALWARE & ENDPOINT SECURITY
This 14-video course explores how malware infections occur, and how to mitigate these threats. Learners prepare for the Systems Security Certified Practitioner (SSCP) certification exam by examining how to compare current activity to a baseline. You will examine spyware, which tracks your computing usage with or without your consent, and adware, to direct information to the user. Next, explore rootkits, which stem from replacing UNIX Operating System files in the past with malicious code, and hide their presence. You will examine types of rootkits, including the form of files replaced on the host, running processes in memory, web browser plug-ins, on a Windows platform, or a Windows registry entry. You will examine backdoors which create a hidden entry point for malicious users, and is part of a rootkit. You will explore worms, viruses, and social engineering security threats. This course demonstrates how to configure common Windows Defender settings, and how to use the SCCM (System Center Configuration Manager), and malware policies by using white lists, and locking down USB removable media.
14 videos | 57m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): SECURING ENVIRONMENTS
Learners can explore how to secure virtual and cloud environments in this 12-video course, which examines different types of virtualization technologies, including hypervisors, application virtualization, OS (operating system) virtualization, and desktop virtualization. Prepare for the Systems Security Certified Practitioner (SSCP) certification exam by examining hypervisors, a physical host that runs virtual machines, and appropriate software, and uses them to increase server density. You will learn about application virtualization, where the app files are not installed on the host machine, but run on the host machine. Next, you will examine OS virtualization where a virtual machine is assigned virtual hardware, such as virtual CPUs, virtual network adapters, and hard disks. You will learn how to install and configure a Microsoft Hyper-V Virtual Machine. Learn how to configure iSCSI (Internet Small Computer Systems Interface), and secure it by using CHAP (challenge handshake authentication protocol). Then learn to use AWS (Amazon Web Service) to secure data at rest in the cloud. Finally, you will examine laws and regulations to consider when using public cloud services.
12 videos | 59m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): SECURITY ASSESSMENTS
This 15-video course prepares learners for the Systems Security Certified Practitioner (SSCP) certification exam by exploring security assessments, vulnerability scans, and penetration testing. First, you will examine the Nmap (network mapper) scanner to probe computer networks for host discovery, service, and operating system detection. You will learn how to use Nmap to conduct a network scan by using Windows. This course examines vulnerability scanning, and it demonstrates how to do penetration testing to identify and exploit host and network weaknesses. Learners will examine the importance of monitoring and analysis to identify security incidents. You will learn how to use a Windows performance monitor, and how to monitor resource usage in Linux. Continue by examining LANguard and end map assessments. This course then demonstrates how to view system logs to troubleshoot problems, and how to enhance the security of a network. You will learn how to configure log filtering in a Windows environment. Finally, learners will explore SCADA (Supervisory Control and Data Acquisition), and SIEM (for Security Information and Event Management).
15 videos | 1h 2m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): DIGITAL FORENSICS
This course explores key aspects of digital forensics by looking at device usage while helping prepare learners for the Systems Security Certified Practitioner (SSCP) certification exam. In 13 videos, you will examine evidence gathering, chain of custody, data recovery, hard drive scrubbing, IP address tracking, and memory forensics. You will learn that a crucial aspect of digital forensics is the gathering of evidence in a lawful manner. Next, learners will examine how to determine when events occurred, when files were modified, when certain websites were accessed, and when messages were received. You will examine the chain of custody for preservation of evidence, and having a detailed account of gathering and handling evidence. This course demonstrates how to recover deleted data, and how to use a steganography tool to hide data in plain sight. You will examine memory forensics, a subset of digital forensics. This course then discusses the NIST (National Institute of Standards and Technologies) document publication 800-86. Finally, learn how to create a raw image of a hard disk drive.
13 videos | 47m Assessment

SYSTEM SECURITY CERTIFIED PRACTITIONER (SSCP 2018): BUSINESS CONTINUITY
This 14-video course explores effective contingency planning and incidence response while preparing learners for the Systems Security Certified Practitioner (SSCP) certification exam. First, examine core elements of business continuity planning, data backup and restore, redundancy, how to use RAID (redundant array of independent disks), and incident response. This course then describes how to assess risk, the likelihood of events occurring against valued assets, and how to conduct a BIA (business impact analysis). Learners will explore a BCP (business continuity plan), assess assets, IT systems, data, and possible threats against those valued assets. This course continues by discussing alternate disaster recovery site types, including cold sites, warm sites, and hot sites. You will learn to use Windows Server 2016 to configure backup of data, restore data from a virtual machine, and understand the importance of backing up configurations of servers. You will learn to configure software RAID level 1 and RAID level 5 on a Windows host. Finally, learners will examine incident response lifecycles, and observe how to prepare the IRP (incident response plan).
14 videos | 53m Assessment