(ISC)2 SSCP Systems Security Certified Practitioner Official Study Guide

Introduction xxv Assessment Test xlviii Part I Getting Started as an SSCP 1 Chapter 1 The Business Case for Decision Assurance and Information Security 3 Information: The Lifeblood of Business 4 Policy, Procedure, and Process: How Business Gets Business Done 10 Who Runs the Business? 20 Summary 24 Exam Essentials 24 Review Questions 26 Chapter 2 Information Security Fundamentals 33 The Common Needs for Privacy, Confidentiality, Integrity, and Availability 34 Training and Educating Everybody 47 SSCPs and Professional Ethics 47 Summary 49 Exam Essentials 50 Review Questions 54 Part II Integrated Risk Management and Mitigation 61 Chapter 3 Integrated Information Risk Management 63 It’s a Dangerous World 64 The Four Faces of Risk 75 Getting Integrated and Proactive with Information Defense 83 Risk Management: Concepts and Frameworks 89 Risk Assessment 95 Four Choices for Limiting or Containing Damage 107 Summary 114 Exam Essentials 114 Review Questions 120 Chapter 4 Operationalizing Risk Mitigation 127 From Tactical Planning to Information Security Operations 128 Operationalizing Risk Mitigation: Step by Step 134 The Ongoing Job of Keeping Your Baseline Secure 164 Ongoing, Continuous Monitoring 174 Reporting to and Engaging with Management 182 Summary 183 Exam Essentials 183 Review Questions 189 Part III The Technologies of Information Security 197 Chapter 5 Communications and Network Security 199 Trusting Our Communications in a Converged World 200 Internet Systems Concepts 206 Two Protocol Stacks, One Internet 218 Wireless Network Technologies 240 IP Addresses, DHCP, and Subnets 243 IPv4 vs. IPv6: Important Differences and Options 248 CIANA Layer by Layer 251 Securing Networks as Systems 262 Summary 273 Exam Essentials 273 Review Questions 280 Chapter 6 Identity and Access Control 285 Identity and Access: Two Sides of the Same CIANA+PS Coin 286 Identity Management Concepts 288 Access Control Concepts 295 Network Access Control 305 Implementing and Scaling IAM 310 User and Entity Behavior Analytics (UEBA) 329 Zero Trust Architectures 332 Summary 333 Exam Essentials 334 Review Questions 343 Chapter 7 Cryptography 349 Cryptography: What and Why 350 Building Blocks of Digital Cryptographic Systems 358 Keys and Key Management 367 “Why Isn’t All of This Stuff Secret?” 373 Cryptography and CIANA+PS 375 Public Key Infrastructures 381 Applying Cryptography to Meet Different Needs 399 Managing Cryptographic Assets and Systems 405 Measures of Merit for Cryptographic Solutions 407 Attacks and Countermeasures 408 PKI and Trust: A Recap 418 On the Near Horizon 420 Summary 423 Exam Essentials 424 Review Questions 429 Chapter 8 Hardware and Systems Security 435 Infrastructure Security Is Baseline Management 437 Securing the Physical Context 442 Infrastructures 101 and Threat Modeling 444 Endpoint Security 457 Malware: Exploiting the Infrastructure’s Vulnerabilities 462 Privacy and Secure Browsing 466 “The Sin of Aggregation” 469 Updating the Threat Model 469 Managing Your Systems’ Security 470 Summary 471 Exam Essentials 472 Review Questions 478 Chapter 9 Applications, Data, and Cloud Security 483 It’s a Data-Driven World…At the Endpoint 484 Software as Appliances 487 Applications Lifecycles and Security 490 CIANA+PS and Applications Software Requirements 498 Application Vulnerabilities 504 “Shadow IT:” The Dilemma of the User as Builder 507 Information Quality and Information Assurance 511 Protecting Data in Motion, in Use, and at Rest 514 Into the Clouds: Endpoint App and Data Security Considerations 522 Legal and Regulatory Issues 533 Countermeasures: Keeping Your Apps and Data Safe and Secure 535 Summary 536 Exam Essentials 537 Review Questions 548 Part IV People Power: What Makes or Breaks Information Security 555 Chapter 10 Incident Response and Recovery 557 Defeating the Kill Chain One Skirmish at a Time 558 Harsh Realities of Real Incidents 564 Incident Response Framework 566 Preparation 571 Detection and Analysis 578 Containment and Eradication 584 Recovery: Getting Back to Business 587 Post-Incident Activities 590   Summary 594 Exam Essentials 595 Review Questions 601 Chapter 11 Business Continuity via Information Security and People Power 607 What Is a Disaster? 608 Surviving to Operate: Plan for It! 609 Timelines for BC/DR Planning and Action 615 Options for Recovery 617 Cloud- Based “Do- Over” Buttons for Continuity, Security, and Resilience 623 People Power for BC/DR 626 Security Assessment: For BC/DR and Compliance 633 Converged Communications: Keeping Them Secure During BC/DR Actions 634 Summary 637 Exam Essentials 637 Review Questions 641 Chapter 12 Cross-Domain Challenges 647 Operationalizing Security Across the Immediate and Longer Term 648 Supply Chains, Security, and the SSCP 657 Other Dangers on the Web and Net 662 On Our Way to the Future 666 Enduring Lessons 672 Your Next Steps 677 At the Close 678 Exam Essentials 678 Review Questions 683 Appendix Answers to Review Questions 689 Chapter 1: The Business Case for Decision Assurance and Information Security 690 Chapter 2: Information Security Fundamentals 693 Chapter 3: Integrated Information Risk Management 695 Chapter 4: Operationalizing Risk Mitigation 698 Chapter 5: Communications and Network Security 701 Chapter 6: Identity and Access Control 704 Chapter 7: Cryptography 707 Chapter 8: Hardware and Systems Security 709 Chapter 9: Applications, Data, and Cloud Security 712 Chapter 10: Incident Response and Recovery 715 Chapter 11: Business Continuity via Information Security and People Power 718 Chapter 12: Cross- Domain Challenges 722 Index 727