Exploring SSCP Domain 2 Security Operations and Administration for a Career in IT Security - PowerPoint PPT Presentation

About This Presentation
Title:

Exploring SSCP Domain 2 Security Operations and Administration for a Career in IT Security

Description:

Domain 2: Security Operations and Administration Domain 2 of the SSCP certification exam is Security Operations and Administration. The Security Operations and Administration domain comprises a 15% weightage of the SSCP certification exam. – PowerPoint PPT presentation

Number of Views:24
Slides: 19
Provided by: infosectrain

less

Transcript and Presenter's Notes

Title: Exploring SSCP Domain 2 Security Operations and Administration for a Career in IT Security


1
Exploring SSCP Domain 2 Security Operations and
Administration for a Career in IT Security
www.infosectrain.com sales_at_infosectrain.com
2
Information is exposed to a large number and
range of threats in an increasingly
interconnected world. Due to the ever-increasing
number of cyberattacks, security has become the
prime concern in information technology.
Information security can help protect an
organizations technology and information assets
by preventing, detecting, and responding to
attacks. This article will cover the second
domain of the SSCP certification exam that deals
with the various aspects related to security
operations and administration.
www.infosectrain.com sales_at_infosectrain.com
3
www.infosectrain.com sales_at_infosectrain.com
4
Domains of SSCP
www.infosectrain.com sales_at_infosectrain.com
5
  • The seven domains covered by the SSCP
    certification exam are
  • Domain 1 Access Controls (16)
  • Domain 2 Security Operations and Administration
    (15)
  • Domain 3 Risk Identification, Monitoring, and
    Analysis (15)
  • Domain 4 Incident Response and Recovery (13)
  • Domain 5 Cryptography (10)
  • Domain 6 Network and Communications Security
    (16)
  • Domain 7 Systems and Application Security (15)

www.infosectrain.com sales_at_infosectrain.com
6
Domain 2 Security Operations and
Administration Domain 2 of the SSCP
certification exam is Security Operations and
Administration. The Security Operations and
Administration domain comprises a 15 weightage
of the SSCP certification exam. This domain is
concerned with the availability, integrity, and
confidentiality of information related to
management staff, system owners, information
managers, and end-users. This domain will discuss
the availability to ensure accessibility to all
hardware, software applications, and data
throughout the system. It will also discuss
integrity to protect systems from unauthorized,
unanticipated, or unintentional modifications.
Every business should have policies, standards,
procedures, and guidelines that give recorded
information to govern the organizations actions
and the behavior of the people it employs or
interacts with. You will learn about change
management, software and system patches and
upgrades, and data management rules in this
domain. It will also go over data classification
and validate whether or not a security measure is
working correctly. The subtopics covered in
Security Operations and Administration domains
are




www.infosectrain.com sales_at_infosectrain.com
7
  • Comply with codes of ethics
  • Understand security concepts
  • Document, implement and maintain functional
    security controls
  • Participate in asset management
  • Implement security controls and assess compliance
  • Participate in change management
  • Participate in security awareness and training
  • Participate in physical security operations





www.infosectrain.com sales_at_infosectrain.com
8
1. Comply with Codes of EthicsIn this
subsection, we will understand what a code of
ethics is. A code of ethics is a set of
guidelines for professionals to conduct business
honestly and ethically. This section will provide
the ethical rules and best practices for
maintaining honesty, integrity, and
professionalism in an organization. In addition,
the examination candidate must also agree to and
sign the ISC2 Code of Ethics and non-disclosure
agreement (NDA). 2. Understand Security
ConceptsThis subsection will discuss the three
core security targets, known as the CIA triad,
confidentiality, integrity, and availability.
These are the three things that businesses prefer
to prevent. It will also cover the significance
of the concepts of confidentiality, integrity,
and availability and how to connect any other
security topic to one of these three goals. It
will also help you understand the basic security
concepts such as accountability, privacy,
non-repudiation, least privilege, and more. It
will cover separation of duties policies to
ensure that no one person has too much authority
and control.




www.infosectrain.com sales_at_infosectrain.com
9
3. Document, Implement and Maintain Functional
Security ControlsThis subsection will look at
different control types and recognize the need
for layered security in our information systems.
A single security countermeasure is never enough
we need layers upon layers of protection. We will
understand various controls such as deterrent,
preventive, corrective, detective, and
compensating controls. 4. Participate in Asset
ManagementThis subsection deals with the
management of organizational IT assets and the
processes involved in management. Asset
management is the process of monitoring,
deploying, maintaining, upgrading, and disposing
of an organizations assets as needed. It is an
integral part of this domain. This section will
cover the hardware, software, and data lifecycle
of an organization in depth. It will go through
the hardware and software inventory and licensing
and various data storage capabilities available.




www.infosectrain.com sales_at_infosectrain.com
10
5. Implement Security Controls and Assess
ComplianceIn this section, we will learn
multistep processes to control access to an
organizations resources. It will cover the
technical controls such as session timeout,
password aging, and physical controls such as
mantrap, cameras, locks, and more. It will also
cover administrative controls such as security
policies and standards, procedures, baseline
security, and more. This section will also go
through periodic audits and reviews. 6.
Participate in Change ManagementWe will learn
about the change management process and various
components of change management processes in this
subsection of the Security Operations and
Administration domain. The discussion will be
around the ways to execute the change management
process. This domain will teach you how you can
identify security impacts. Learn how to establish
security practices throughout the enterprise.
This section will also cover rules to test and
implement patches, fixes, and various updates of
operating systems, applications, SDLC, and more.




www.infosectrain.com sales_at_infosectrain.com
11
7. Participate in Security Awareness and
TrainingThis subsection will go through how IT
and security professionals avoid and mitigate
user risk. Businesses can reduce help desk costs
and protect their entire cybersecurity investment
by implementing security awareness training.
Professionals learn how to prevent phishing and
other types of social engineering cyber attacks,
spot potential malware behaviors, report possible
security threats, follow company IT policies and
best practices and comply with any applicable
data privacy and compliance regulations by
participating in security awareness training. 8.
Participate in Physical Security OperationsWe
will study how to participate in physical
security, what physical security is, how to
manage it, and how to apply and implement it
inside an organization in this subsection. This
section will cover physical security, building
security, keys, locks, safes, communications and
server rooms, restricted and work area security,
fire prevention, detection and suppression, and
more.




www.infosectrain.com sales_at_infosectrain.com
12
SSCP with InfosecTrain Enroll in the SSCP
certification training course at InfosecTrain. We
are one of the leading security training
providers in the world. With the help of our
highly educated and trained instructors, you may
earn prestigious ISC2 SSCP certifications. This
training course will teach you how to apply basic
security concepts to the day-to-day operation and
administration of enterprise computer systems and
stored data.




www.infosectrain.com sales_at_infosectrain.com
13
About InfosecTrain
  • Established in 2016, we are one of the finest
    Security and Technology Training and Consulting
    company
  • Wide range of professional training programs,
    certifications consulting services in the IT
    and Cyber Security domain
  • High-quality technical services, certifications
    or customized training programs curated with
    professionals of over 15 years of combined
    experience in the domain

www.infosectrain.com sales_at_infosectrain.com
14
Our Endorsements
www.infosectrain.com sales_at_infosectrain.com
15
Why InfosecTrain
Global Learning Partners
Access to the recorded sessions
Certified and Experienced Instructors
Flexible modes of Training
Tailor Made Training
Post training completion
www.infosectrain.com sales_at_infosectrain.com
16
Our Trusted Clients
www.infosectrain.com sales_at_infosectrain.com
17
(No Transcript)
18
Contact us
Get your workforce reskilled by our certified and
experienced instructors!
IND 1800-843-7890 (Toll Free) / US 1
657-221-1127 / UK 44 7451 208413
sales_at_infosectrain.com
www.infosectrain.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Exploring SSCP Domain 2 Security Operations and Administration for a Career in IT Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!