SSCP Domain : Security Operations and Administration Part 1

Target Audience
Expected Duration
Lesson Objectives
Course Number

Information is often at the core of business, and maintaining the security of that information in the digital age is of utmost importance. This course provides the learner with the skills needed to identify and organize essential information in an organization, and how to document and implement policies, standards, procedures and guidelines. These skills will ensure confidentiality, integrity and availability of core business information. This course teaches the learner about the importance of Confidentiality, Integrity and Availability (The C-I-A Triad) and how to determine appropriate methods for dealing with security and threats. It teaches how to assess and optimize your own security plan and program. The course also demonstrates the importance of Ethics in Business Security. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC)2 for its Systems Security Certified Practitioner (SSCP) certification. The SSCP credential certifies student expertise in 7 different knowledge domains and covers the most recent key areas of knowledge as outlined in the Candidate Information Bulletin (CIB) effective date: February 1, 2012.

Target Audience
Experienced IT professionals with a basic knowledge of network and communications protocols and equipment seeking to pass the System Security Certified Practitioner (SSCP) exam, or otherwise gain knowledge in assessing, planning, implementing and managing IT security in an enterprise environment. A minimum of one year's professional experience in one of the seven SSCP CBK Domains is required for certification.

Expected Duration (hours)

Lesson Objectives

SSCP Domain : Security Operations and Administration Part 1

  • describe the objectives that effective security controls should meet
  • describe security architecture design best practices
  • describe the PDCA improvement cycle for an ISMS
  • identify features the ISO/SEC 27002 security standards framework
  • describe how to manage identity and access and privileged user accounts
  • recognize the considerations for managing outsourced security partners
  • assess a security program's objectives, architecture and framework
  • determine appropriate measures for managing identify, access and privileged accounts and for selecting an MSSP
  • describe the phases of a policy life cycle
  • recognize security standards and baselines
  • describe industry standards and open standards
  • describe the importance of well documented security procedures
  • recognize the main responsibilities of a security officer in the security plan development process
  • identify confidentiality protection methods
  • recognize important considerations for information classification
  • assess security policies and standards
  • optimize security procedures and plans and determine appropriate information protection and classification methods
  • Course Number: