SSCP® (System Security Certified Practitioner®)
Event
20 – 24 March 2017 | Rp. 10.000.000 (Training Exclude Exam) at Kuningan, Jakarta Selatan
Program Description:
Prove your ability to protect key areas of your organization’s day-to-day operations as a System Security Certified Practitioner (SSCP). The (ISC)2 certification will demonstrate your technical knowledge and competency in using cryptography, implementing access control systems, performing network monitoring and detecting and resolving security threats. (ISC)2, as the global leader in information security certifications, draws from a comprehensive and cutting-edge body of knowledge to ensure you have the right skills to prevent data breaches and improve your organization’s cyber security.
Program Objectives:
At the end of the program, the participants will be able to:
- Demonstrate technical knowledge and competency in using cryptography
- Implement access control systems
- Perform network monitoring
- Detect and resolve security threats
- Ensure data confidentiality, integrity, and availability
Target Audience:
This course has proven to be very valuable to personnel in an organization that are fairly new to the field of information security or that do not have security as their primary job responsibility. Many of the attendees have been Information Systems Auditors, System and Network Administrators, Application Programmers and Project Managers.
Duration:
This program is 5 days of intensive training class.
Requirement:
Participants are required to have minimum 1 (one) year of cumulative paid full-time work experience in two or more of the seven domains:
- Access Controls
- Security Operations and Administration
- Risk Identification, Monitoring, and Analysis
- Incident Response and Recovery
- Cryptography
- Networks and Communications Security
- Systems and Application Security
Assessment:
At the end of the program, the participants will be assessed with 3 hours of SSCP® Exam.
Award:
SSCP® Certification will be awarded upon successfully passing the exam from (ISC)2.
SSCP® PROGRAM MODULES:
Module 1: Testing-Taking Tips and Study Techniques
- Preparation for the SSCP Exam
- Submitting Required Paperwork
- Resources and Study Aids
- Passing the Exam the First Time
Module 2: Security Operations and Administration
- Change Control/Configuration Management
- Dual Control, Separation of Duties, Rotation of Duties
- Vulnerability Assessment and Pen-Testing
Module 3: Access Controls
- AAA
- Authentication Methods (Types 1, 2, & 3)
- Authorization – DAC, RBAC, MAC
- Accounting – Logging, Monitoring, Auditing
- Central/Decentralized and Hybrid Management
- Single Sign-On – Kerberos, Radius, Diameter, TACACS
- Vulnerabilities – Emanations, Impersonation, Rouge Infrastructure, Social Engineering
Module 4: Cryptography
- Intro/History
- Symmetric
- Asymmetric
- Hashing
- Cryptosystems – SSL, S/MIME, PGP
- PKI
- Cryptanalysis
Module 5: Malicious Code and Malware
- Layering, Data Hiding, and Abstraction
- Database Security
- AI
- OOD
- Mobil Code
- Malware Architecture Problems – Covert Channels + TOC/TOU, Object Reuse
- Network Vulnerabilities
Module 6: Networks and Telecommunications
- OSI/DoD TCP/IP Models
- TCP/UDP/ICMP/IP
- Ethernet
- Devices – Routers/Switches/Hubs
- Firewalls
- Wireless
- WAN Technologies – X.25/Frame Relay/PPP/ISDN/DSL/Cable
- Voice – PBX/Cell Phones/VOIP
- IPSec
Module 7: Risk, Response, and Recovery
- CIA
- Roles and Responsibilities – RACI
- Asset Management
- Taxonomy – Information Classification
- Risk Management
- Policies, Procedures, Standards, Guidelines, Baselines
- Knowledge Transfer – Awareness, Training, Education
- BIA Policy
- BIA Roles and Teams
- Data Backups, Vaulting, Journaling, Shadowing
- Alternate Sites
- Emergency Response
- Required notifications
- BIA Tests
Module 8: Analysis and Monitoring
- Ethics – Due Care/Due diligence
- Intellectual Property
- Incident Response
- Forensics
- Evidence
- Laws – HIPAA, GLB, SOX
Module 9: Review and Q&A Session
- Final Review and Test Prep