SCCP Outline PDF

Effective Date: April 15, 2015
(Exam Outline)
Effective Date: February 1, 2012
1
April 15, 2015
© 2015 International Information Systems Security Certification Consortium, Inc. All Rights Reserved. Duplication for commercial
purposes is prohibited. 5.19.15 V9
Impartiality Statement
(ISC)² is committed to impartiality by promoting a bias and discrimination free environment for
all members, candidates, staff, volunteers, subcontractors, vendors, and clients. (ISC)²’s board
of directors, management and staff understand the importance of impartiality in carrying out its
certification activities, manage conflict of interest and ensure the objectivity of its certification.
If you feel you have not received impartial treatment, please send an email to notice@isc2.org
or call +1.727.785.0189, so that we can investigate your claim.
Non-Discrimination Policy
(ISC)² is an equal opportunity employer and does not allow, condone or support discrimination
of any type within its organization including, but not limited to, its activities, programs, practices,
procedures, or vendor relationships. This policy applies to (ISC)² employees, members,
candidates, and supporters.
Whether participating in an (ISC)² official event or certification examination as an employee,
candidate, member, staff, volunteer, subcontractor, vendor, or client if you feel you have been
discriminated against based on nationality, religion, sexual orientation, race, gender, disability,
age, marital status or military status, please send an email to notice@isc2.org or call
+1.727.785.0189, so that we can investigate your claim.
For any questions related to these polices, please contact the (ISC)² Legal Department
at legal@isc2.org.
1) ACCESS CONTROLS .............................................................................................................. 5

Overview ...................................................................................................................................... 5
Key Areas of Knowledge ........................................................................................................... 5
2) SECURITY OPERATIONS AND ADMINISTRATION ................................................................ 7
Overview ...................................................................................................................................... 7
Key Areas of Knowledge ........................................................................................................... 8
3) RISK IDENTIFICATION, MONITORING, AND ANALYSIS ....................................................10
Overview ....................................................................................................................................10
Key Areas of Knowledge .........................................................................................................11
4) INCIDENT RESPONSE AND RECOVERY .............................................................................12
Overview ....................................................................................................................................12
5) CRYPTOGRAPHY .................................................................................................................14
Overview ....................................................................................................................................14
6) NETWORK AND COMMUNICATIONS SECURITY ...............................................................16
Overview ....................................................................................................................................16
7) SYSTEMS AND APPLICATION SECURITY .............................................................................18
Overview ....................................................................................................................................18
REFERENCES ...................................................................................................................................20
GENERAL EXAMINATION INFORMATION ....................................................................................26
Computer Based Test (CBT) ........................................................................................................26
Registering for the Exam ..............................................................................................................26
Scheduling a Test Appointment .................................................................................................27
Any questions? ..............................................................................................................................34
The Systems Security Certified Practitioner (SSCP) is an ANSI accredited, internationally recognized
information security certification designed for experienced information security and information
technology practitioners. The SSCP examination measures the competence of candidates against
an internationally accepted common body of knowledge encompassing seven (7) security
domains including Access Controls; Security Operations & Administration; Risk Identification,
Monitoring and Analysis; Incident Response and Recovery; Cryptography; Network and
Communications Security; and Systems and Application Security.
The Systems Security Certified Practitioner (SSCP) Credential is the ideal certification for those with
proven technical skills and practical, hands-on security knowledge in operational IT roles. It provides
confirmation of a practitioner’s ability to implement, monitor and administer IT infrastructure in
accordance with information security policies and procedures that ensure data confidentiality,
integrity and availability. The SSCP is geared toward individuals who may hold technical and
engineering related information technology positions.
This Candidate Information Bulletin includes;

 an exam blueprint that outlines major topics and sub- topics within the seven (7) domains,
 a suggested reference list,
 a description of the format of the items on the exam,
 and general examination registration and administration policies.
In order to be considered for the SSCP credential, candidates are required to have a minimum
of one year of cumulative paid full-time work experience in one or more of the seven domains
of the (ISC)2 SSCP CBK®.
Candidates must also respond to the following four (4) questions regarding criminal history and
related background information and provide an explanation for any questions answered in the
affirmative (any such explanations will be evaluated during the endorsement process).
1. Have you ever been convicted of a felony; a misdemeanor involving a computer crime,
dishonesty, or repeat offenses; or a Court Martial in military service, or is there a felony
charge, indictment, or information now pending against you? (Omit minor traffic
violations and offenses prosecuted in juvenile court).
2. Have you ever had a professional license, certification, membership or registration
revoked, or have you ever been censured or disciplined by any professional organization
or government agency?
3. Have you ever been involved, or publicly identified, with criminal hackers or hacking?
4. Have you ever been known by any other name, alias, or pseudonym? (You need not
include user identities or screen names with which you were publicly identified).
SSCP Candidates must also attest to the truth of their assertions regarding professional
experience, and legally commit to abide by the (ISC)² Code of Ethics (Section 3).
1) ACCESS CONTROLS
Overview
The first domain of the SSCP credential addresses access controls which may be loosely defined
as the mechanisms that govern the access to resources and the operations that may be
performed on those resources. Resources, within the context of the SSCP exam, may include
physical resources, computer systems or information. The entities for which this access is
managed may be users, software or other computer systems.
An access control system ordinarily includes mechanisms that provide for identification,
authentication, authorization and auditing. SSCP candidates are expected to understand the
underlying principles of access control systems and how to implement, manage and secure
those systems.
Candidates should be familiar with authentication mechanisms and terminology including

single/multifactor authentication, single sign-on and device authentication. They should have
an understanding of internetwork trust architectures and the need for federated identity
management across disparate systems.
SSCP candidates must have a thorough understanding of the identity management lifecycle
including authorization, proofing, provisioning, maintenance and entitlement. Candidates will
also be tested on their understanding of and on their ability to implement and manage various
types of access control frameworks including mandatory, discretionary, role and attribute
based.
Key Areas of Knowledge

A. Implement Authentication Mechanisms
A.1 Single/multifactor authentication
A.2 Single sign-on
A.3 Device authentication
B. Operate Internetwork Trust Architectures (e.g., extranet, third-party connections,
federated access)
B.1 One-way trust relationships
B.2 Two-way trust relationships
B.3 Transitive trust
C. Participate in the Identity-Management Lifecycle

C.1 Authorization
C.2 Proofing
C.3 Provisioning
C.4 Maintenance
C.5 Entitlement
D. Implement Access Controls (e.g., subject-based, object-based)
D.1 Mandatory
D.2 Non-Discretionary
D.3 Discretionary
D.4 Role-based
D.5 Attribute-based
2) SECURITY OPERATIONS AND ADMINISTRATION
Overview
The security operations and administration domain addresses basic security concepts and the
application of those concepts in the day to day operation and administration of enterprise
computer systems and the information that they host.
Ethical considerations in general, and the (ISC)2 Code of Ethics in particular, provide the
backdrop for any discussion of information security and SSCP candidates will be tested on both.
Information security professionals often find themselves in positions of trust and must be beyond
reproach in every way.
Several core principles of information security stand above all others and this domain covers
these principles in some depth. It can be said that the CIA triad of confidentiality, integrity and
availability forms the basis for almost everything that we do in information security and the SSCP
candidate must not only fully understand these principles but be able to apply them in all
situations. Additional security concepts covered in this domain include privacy, least privilege,
non-repudiation and the separation of duties.
Asset management constitutes an important part of the security operations and administration
domain. In the context of the SSCSP exam, assets include personnel, facilities, hardware,
software and information. Asset management topics include the systems development
lifecycle (SDLC), hardware, software, and all aspects of data management including storage,
transmission, destruction, and data loss prevention (DLP).
The security operations and administration domain also includes the implementation and
assessment of security controls which is a broad category that covers everything from creating
security policies and procedures to the implementation and operation of technical security
controls such as authentication and access control mechanisms.
The importance of change management processes and procedures to the IT enterprise cannot
be underestimated and an effective change management program will help preserve system
integrity and interoperability. SSCP candidates will be tested on all aspects of configuration
and change management.

A. Understand and Comply with Codes of Ethics
A.1 (ISC)2 Code of Ethics
A.2 Organizational code of ethics
B. Understand Security Concepts
B.1 Confidentiality
B.2 Integrity
B.3 Availability
B.4 Accountability
B.5 Privacy
B.6 Non-repudiation
B.7 Least privilege
B.8 Separation of duties
C. Document and Operate Security Controls
C.1 Deterrent controls
C.2 Preventative controls
C.3 Detective controls
C.4 Corrective controls
C.5 Compensating controls
D. Participate in Asset Management
D.1 Lifecycle
D.2 Hardware
D.3 Software
D.4 Data
E. Implement and Assess Compliance with Controls
E.1 Technical controls
E.2 Operational controls
Managerial controls (e.g., security policies, baselines, standards, and
E.3
procedures)
F. Participate in Change Management
F.1 Implementation of Configuration Management Plan
F.2 Security impact assessment
F.3 System architecture/interoperability of systems
Testing /implementing patches, fixes, and updates (e.g., operating system,
F.4
applications, SDLC)
G. Participate in Security Awareness and Training

H. Participate in Physical Security Operations (e.g., security assessment, cameras,
locks)
3) RISK IDENTIFICATION, MONITORING, AND ANALYSIS
Overview
IT Risk management involves the identification, evaluation and prioritization of potential threats
to enterprise computing systems and the subsequent systematic and continuous application of
resources to monitor and manage those threats and otherwise reduce the probability and
potential impact to the organization. The risk identification, monitoring and analysis domain
includes risk management concepts, assessment activities, and monitoring terminology,
techniques and systems.
The SSCP candidate must have a thorough understanding of the IT risk management process
and candidates will be tested in the areas of risk visibility and reporting, risk management
concepts, risk assessment, risk treatment and audit findings.
Security assessment activities, for the purposes of the risk identification, monitoring and analysis
domain, include internal and external security assessments and compliance audits, penetration
testing, and all aspects of vulnerability assessment including discovery, compliance and
remediation.
Logging and monitoring encompasses an essential part of the risk identification, monitoring and
analysis domain and the candidate will be tested on events of interest, source systems and all
aspects of logging including log integrity and preservation, aggregation, configuration of event
sources and event correlation systems. Candidates must also know how to use and interpret
packet capture and network traffic analysis tools.
Logging and monitoring is not terribly useful in risk reduction if the output of the logging and
monitoring mechanisms and systems that have been employed is not continuously evaluated
and the SSCP candidate will be tested on their ability to analyze and interpret monitoring results
and to act or report on their findings.
10

A. Understand the Risk Management Process
A.1 Risk Visibility and Reporting (e.g., risk register, sharing threat intelligence)
A.2 Risk management concepts (e.g., impacts, threats, vulnerabilities)
A.3 Risk assessment
A.4 Risk treatment (accept, transfer, mitigate, avoid)
A.5 Audit findings
B. Perform Security Assessment Activities
B.1 Participation in security testing and evaluation
B.2 Interpretation and reporting of scanning and testing results
C. Operate and Maintain Monitoring Systems (e.g., continuous monitoring)
C.1 Events of interest
C.2 Logging
C.3 Source systems
D. Analyze Monitoring Results
D.1 Security analytics, metrics, and trends (e.g., baseline)
D.2 Visualization
D.3 Event data analysis (e.g., log, packet dump, machine data)
D.4 Communicate findings
11
4) INCIDENT RESPONSE AND RECOVERY
Overview
History has shown that, in spite of our best efforts, security incidents can and will happen and
yet incidence response and recovery is often one area of information security that is not
adequately addressed. Security practitioners, and organizations in general, must place equal
or greater emphasis on incident response plans and procedures over the preventative
measures employed to circumvent them. The long term survivability of the enterprise may well
depend on it. Moreover, the Security Practitioner is the individual most often found at the
forefront of any security incident.
The incident response and recovery domain tests the SSCP candidate on their ability to properly
implement and exercise incident handling processes and procedures that provide for a rapid,
consistent and methodological approach to addressing security incidents. Candidates will be
tested on the various aspects of incident handling including discovery, escalation, reporting,
response and prevention.
Because security practitioners are often responsible for or most closely associated with many
targets of security related incidents, their knowledge of and ability to support forensic
investigations cannot be underestimated. SSCP candidates will be tested on their ability to
support forensic investigations through identification, preservation, collection, examination,
analysis and presentation.
Disaster Recovery Planning (DRP) provides a set of processes and procedures to be invoked in
the event of a disaster that may be either man-made or the result of an act of nature. The
disaster recovery plan typically includes emergency procedures, provisions for alternate
processing facilities, backup and redundancy procedures as well as plans for post-disaster
recovery.
Business continuity planning includes an analysis of potential threats and the criticality of
information systems and the organization’s tolerance for interruptions to normal business
operations. Processes and procedures are then developed which satisfy the resulting
requirements and minimize the impact of natural and man-made disasters on the organization.
The security practitioner plays a key role in the development, implementation, maintenance
and testing of both disaster recovery and business continuity plans and the SSCP candidate will
be tested on both.
12

A. Participate in Incident Handling
A.1 Discovery
A.2 Escalation
A.3 Reporting and feedback loops (lessons learned)
A.4 Incident response
A.5 Implementation of countermeasures
B. Understand and support forensic investigations (e.g., first responder, evidence
handling, chain of custody, preservation of scene)
C. Understand and Support Business Continuity Plan (BCP) and Disaster
Recovery Plan (DRP)
Emergency response plans and procedures (e.g., information system
C.1
contingency plan)
C.2 Interim or alternate processing strategies
C.3 Restoration planning
C.4 Backup and redundancy implementation
C.5 Testing and drills
13
5) CRYPTOGRAPHY
Overview
The cryptography domain encompasses the protection of information, both while in motion
and at rest, by altering that information to ensure its integrity, confidentiality and authenticity.
The SSCP candidate will be tested on their understanding of fundamental cryptographic
concepts and the requirements for its use.
Candidates must understand common cryptographic concepts, methodologies and

technologies including hashing, salting, symmetric/asymmetric encryption and digital
signatures. The concept of non-repudiation as well as the tools and techniques used to
achieve it will be covered.
SSCP candidates must understand the legal and regulatory requirements and limitations with
regard to the use cryptography and cryptographic systems. They must have a thorough
understanding of secure protocols and participate in end user training.
The security practitioner is expected to be capable of implementing and operating

cryptographic systems and will be tested on their general knowledge of key management
concepts, public key infrastructure, administration and validation, web of trust, and on the
implementation and use of secure protocols.
A. Understand and Apply Fundamental Concepts of Cryptography

A.1 Hashing
A.2 Salting
A.3 Symmetric/asymmetric encryption
A.4 Digital signatures
A.5 Non-repudiation
B. Understand Requirements for Cryptography (e.g., data sensitivity, regulatory
requirements, end-user training)
C. Understand and Support Secure Protocols (e.g., differences in
implementation, appropriate use)
14
D. Operate and implement cryptographic systems

Fundamental key management concepts (e.g., key rotation, key
D.1
composition, cryptographic attacks)
D.2 Public key infrastructure
Administration and validation (e.g., key creation, exchange, revocation,
D.3
escrow)
D.4 Web of Trust (e.g., PGP)
D.5 Implementation of secure protocols (e.g., IPSec, SSL/TLS, S/MIME)
15
6) NETWORK AND COMMUNICATIONS SECURITY
Overview
The network and communications security domain encompasses the network architecture,
transmission methods, transport formats, control devices, and the security measures used to
maintain the confidentiality, integrity and availability of information so transmitted over both
private and public communication networks.
A Security Practitioner cannot expect to manage the security of a network or an enterprise
without a strong knowledge of network fundamentals including network topologies, the TCP/IP
protocol suite, the OSI and TCP models, IP addressing, switching and routing, and the domain
name system (DNS). The SSCP candidate’s knowledge in these areas will be directly tested and
is also a prerequisite for more advanced topics in this and other domains.
Additionally, the candidate is expected to have a thorough understanding of network access
control in general and remote access in particular. Logical and physical segmentation of
networks and encryption is used extensively in securing network communications and the
Security Practitioner must have a thorough understanding of each.
It is only with these fundamentals in place that the Security Practitioner can move on to the
business of configuring and securing networks. Advanced topics in this domain include, router
and switch operation and configuration, firewalls and proxies, wireless technologies and WAN
optimization. The candidate will be tested in all of these and other areas. The Practitioner must
be able to not only operate and configure these devices in securing the enterprise, but to
secure the devices themselves from attack as well.
A. Understand Security Issues Related to Networks

A.1 OSI and TCP/IP models
A.2 Network topographies and relationships (e.g., ring, star, bus, mesh, tree)
A.3 Commonly used ports and protocols
B. Protect Telecommunications Technologies
B.1 Converged communications
B.2 Attacks and countermeasures
16
C. Control Network Access

C.1 Access control and monitoring (e.g., NAC, remediation, quarantine, admission)
C.2 Access control standards and protocols (e.g., IEEE 802.1X, Radius, TACACS)
Remote access operation and configuration (e.g., thin client, SSL VPN, IPSec
C.3
VPN, telework)
C.4 Attacks and countermeasures
D. Manage LAN-based security
D.1 Separation of data plane and control plane
D.2 Segmentation (e.g., VLAN, ACLs)
D.3 Secure device management
E. Operate and Configure Network-Based Security Devices
E.1 Firewalls and proxies
E.2 Network intrusion detection/prevention systems
E.3 Routers and switches
E.4 Traffic-shaping devices (e.g., WAN optimization)
F. Implement and Operate Wireless Technologies
F.1 Transmission security (e.g., WPA, WPA2/802.11i, AES, TKIP)
F.2 Wireless security devices (e.g., dedicated/integrated WIPS, WIDS)
F.3 Attacks and countermeasures (e.g., management protocols)
17
7) SYSTEMS AND APPLICATION SECURITY
Overview
The Security Practitioner often plays a pivotal role in protecting the enterprise against malicious
code and activity, particularly as it relates to end point security. Consequently, the SSCP
candidate is expected to be well versed in common attack vectors and associated counter
measures. The nature of endpoints is itself continuously changing with the proliferation of
mobile devices and remote users and the Security Practitioner must be equipped to manage
and secure all manner of devices deployed in almost any environment.
Rapid advances in virtualization technology coupled with shared storage and its widespread
adoption has radically transformed the information technology landscape. Organizations now
benefit from the more efficient use of resources, scalability, and portability that virtualization
provides but are also challenged by new virtualization-specific attack vectors and the security
concerns inherent in this new landscape. The SSCP candidate must have a solid understanding
and working knowledge of virtualization technologies and of the security benefits and
challenges that they present.
The past several years has seen extraordinary growth in the area of Cloud Computing fueled, at
least in part, by the advances in virtualization and storage technologies discussed above.
Cloud Computing offers subscribers almost unlimited possibilities but also presents some
formidable challenges with regard to information security. The Security Practitioner must have a
thorough knowledge of cloud concepts and the security implications of outsourced IT in
general.
Technological advances in our ability to collect and store information, both structured and
unstructured, has given rise to data sets so large that they are not easily managed. The
information that can be derived from such massive data sets is impressive. The tools required to
secure, store and process this information must be equally impressive. The SSCP candidate
should be familiar with big data systems and the security issues associated with them.

A. Identify and Analyze Malicious Code and Activity
A.1 Malicious code (e.g., malware)
Malicious code countermeasures (e.g., scanners, anti-malware, code signing,
A.2
sandboxing)
Malicious activity (e.g., social engineering, insider threat, data theft, DDoS,
A.3
spoofing, phishing, pharming, spam, Botnet)
Malicious activity countermeasures (e.g., user awareness, system hardening,
A.4
patching, sandboxing)
18
B. Implement and Operate Endpoint Device Security (e.g., virtualization, thin clients,
thick clients, USB devices)
B.1 HIDS
B.2 Host-based firewalls
B.3 Application white listing
B.4 Endpoint encryption
B.5 Trusted platform module
B.6 Mobile device management (e.g., COPE, BYOD, telework)
B.7 Secure browsing (e.g., sandbox)
C. Operate and Configure Cloud Security
C.1 Operation models (e.g., public, private, hybrid)
C.2 Service models (e.g., DNS, email, proxy, VPN)
C.3 Virtualization (e.g., hypervisor)
Legal and privacy concerns (e.g., surveillance, data ownership, jurisdiction,
C.4
eDiscovery)
C.5 Data storage and transmission (e.g., archiving, recovery, resilience)
Third-party/outsourcing requirements (e.g., SLA, data portability, data
C.6
destruction, auditing)
D. Secure Big Data Systems
D.1 Application vulnerabilities
D.2 Architecture or design vulnerabilities
E. Operate and Secure Virtual Environments
E.1 Software-defined networking
E.2 Hypervisor
E.3 Virtual appliances
E.4 Continuity and resilience
E.5 Attacks and countermeasures
E.6 Shared storage
19
REFERENCES
The SSCP exam is based on a common body of knowledge that is recognized internationally
and the exam content is based on a job task analysis conducted as recommended by
ISO/IEC/ANSI 17024 standards. Questions included in the examination are developed by item
writers who are subject matter experts in the field from information gained through their
practical experience. Such information is validated against reference materials including (ISC)
²’s own common body of knowledge, textbooks, articles, standards and regulations. The
following supplemental reference list is not intended to be all inclusive and (ISC) ² makes no
assertion that the use of this list or knowledge of the subject matter within will result in the
successful completion of the examination. Nor does (ISC) ² endorse any particular text or
author. Candidates are encouraged to supplement their education and experience by
reviewing relevant resources that pertain to common body of knowledge and finding
information for areas in which they find themselves to be deficient.
Domain Supplementary Reference

Bertino, E., K. Takahashi, (2011). Identity Management: Concepts,
Technologies, and Systems (Information Security and Privacy)
Birch, D., et al (2007). Digital Identity Management:
Technological, Business and Social Implications
Chin, S-K., S.B. Older, (2010). Access Control, Security, and Trust: A
Logical Approach
Ferraiolo, D.F., D.R. Kuhn, R. Chandramouli, (2007). Role-Based
Access Control, (2nd Edition)
Garman, J., (2003). Kerberos: The Definitive Guide
Henrici, D., (20080). RFID Security and Privacy: Concepts,
Protocols, and Architectures
Access Controls Links, C.L., (2008). IAM Success Tips (Volumes 1-3)
Moskowitz, J., (2014). Group Policy: Fundamentals, Security, and
the Managed Desktop (2nd Edition)
Newman, R., (2009). Security and Access Control Using Biometric
Technologies: Application, Technology, and Management
Rankl, W., W. Effing, (2010). Smart Card Handbook (4th Edition)
Roebuck, K., (2011). Security Tokens: High-impact Strategies -
What You Need to Know: Definitions, Adoptions, Impact, Benefits,
Maturity, Vendors
Smith, R.E., (2001). Authentication: From Passwords to Public Keys
Vacca, J.R., (2007). Biometric Technologies and Verification
Systems
(ISC)2, Code of Ethics (https://www.isc2.org/ethics/default.aspx)
Security Operations & Aiello, R., (2010). Configuration Management Best Practices:
Administration Practical Methods that Work in the Real World
Bacik, S., (2008). Building an Effective Information Security Policy
Architecture
20
Bosworth, S., M. E. Kabay, E. Whyne, (2014). Computer Security

Handbook (6th Edition)
Calder, A., S. Watkins, (2012). IT Governance: A Manager's Guide
to Data Security and ISO 27001/ISO 27002 (5th Edition)
Cole, E., (2009). Network Security Bible (2nd Edition)
Frisch, Æleen, (2002). Essential System Administration, (3rd Edition)
Gordon, Hernandez, (2015). Official (ISC)2 Guide to the SSCP CBK,
(3rd Edition)
Herold, R., (2010). Managing an Information Security and Privacy
Awareness and Training Program, (2nd Edition)
Security Operations & Johnson, M., (2011). It Asset Management: What you Need to
Administration Know For It Operations Management
(Continued) Ladley, J., (2010). Making Enterprise Information Management
(EIM) Work for Business: A Guide to Understanding Information as
an Asset
Roper, C., L. Fischer, J.A. Grau, (2005). Security Education,
Awareness and Training: SEAT from Theory to Practice
W Higaki, Y. Higaki, (2010). Successful Common Criteria
Evaluations: A Practical Guide for Vendors
Ali, S., T. Heriyanto, (2011). BackTrack 4: Assuring Security by
Penetration Testing
Andrews, M., J.A. Whittaker, (2006). How to Break Web Software:
Functional and Security Testing of Web Applications and Web
Services
Babbin, J., D. Kleiman, E.F. Carter Jr., J. Faircloth, (2006). Security
Log Management: Identifying Patterns in the Chaos
Bejtlich, R., (2004). The Tao of Network Security Monitoring:
Beyond Intrusion Detection
Risk Identification, Carter, E., J. Hogue, (2006). Intrusion Prevention Fundamentals
Monitoring, and Foreman, P., (2009). Vulnerability Management
Analysis Fry, C., M. Nystrom, (2009). Security Monitoring: Proven Methods
for Incident Detection on Enterprise Networks
Hope, P. B. Walther, (2008). Web Security Testing Cookbook:
Systematic Techniques to Find Problems Fast
Kent, K., M. Souppaya, (2006). NIST Special Publication 800-92,
Guide to Computer Security Log Management
Kouns, J., (2010). Information Technology Risk Management in
Enterprise Environments: A Review of Industry Practices and a
Practical Guide to Risk Management Team
Kruegel, C., F. Valeur, G. Vigna, (2010). Intrusion Detection and
Correlation: Challenges and Solutions (2010 Edition)
Landoll, D., (2011). The Security Risk Assessment Handbook: A
Complete Guide for Performing Security Risk Assessments, (2nd
Edition)
Maier, P.Q., (2006). Audit and Trace Log Management:
Consolidation and Analysis
NIST, (2010). Guide for Applying the Risk Management Framework
to Federal Information Systems A Security Life Cycle Approach
(NIST Special Publication 800-37, Revision 1)
21
Provos, N., T. Holz, (2007). Virtual Honeypots: From Botnet Tracking

to Intrusion Detection
Thomas L. Norman, T.L., (2009). Risk Analysis and Security
Countermeasure Selection
Tipton, H.F., M.K. Nozaki, (2011). Information Security
Risk Identification, Management Handbook (6th Edition)
Monitoring, and Trost, R., (2009). Practical Intrusion Analysis: Prevention and
Analysis Detection for the Twenty-First Century
(Continued)
Wheeler, E., (2011). Security Risk Management: Building an
Information Security Risk Management Program from the Ground
Up
Barrett, D., G. Kipper, (2010). Virtualization and Forensics: A Digital
Forensic Investigator's Guide to Virtual Environments
Bowman, R.H., (2008). Business Continuity Planning for Data
Centers and Systems: A Strategic Implementation Guide
Carrier, B., (2005). File System Forensic Analysis
Casey, E., (2011). Digital Evidence and Computer Crime,
Forensic Science, Computers, and the Internet, (3rd Edition)
Hiles, A., P., (2010). The Definitive Handbook of Business Continuity
Management, (3rd Edition)
Nolan, R., C. O’Sullivan, J. Branson, C. Waits, (2005). First
Incident Response and Responders Guide to Computer Forensics CMU/SEI-2005-HB-001
Recovery
Photopoulos, C., (2008). Managing Catastrophic Loss of Sensitive
Data: A Guide for IT and Security Professionals
Rajnovic, D., (2010). Computer Incident Response and Product
Security
Schmidt, K., (2006). High Availability and Disaster Recovery:
Concepts, Design, Implementation
Snedaker, S., (2007). Business Continuity and Disaster Recovery
Planning for IT Professionals
Toigo, J.W., (2002). Disaster Recovery Planning: Preparing for the
Unthinkable, (3rd Edition)
Adams, C., S. Lloyd, (2002). Understanding PKI: Concepts,
Standards, and Deployment Considerations (2nd Edition)
D. Hankerson, A.J. Menezes, S. Vanstone, (2004). Guide to Elliptic
Curve Cryptography
Davies, J. (2011). Implementing SSL/TLS Using Cryptography and
PKI
Cryptography Doraswamy, N., (2003). IPSec, (2nd Edition)
Feghhi, J., P. Williams, (1998). Digital Certificates: Applied Internet
Security
Ghosh, A.K., (1998). E-Commerce Security: Weak Links, Best
Defenses
Karamanian, A., S. Tenneti, (2011). PKI Uncovered: Certificate-
Based Security Solutions for Next-Generation Networks
Kenan, K., (2005). Cryptography in the Database: The Last Line of
Defense
22
Menezes, A.J., P. van Oorschot, S. Vanstone, (1996). Handbook of

Applied Cryptography
Nash, A., B. Duane, D. Brink, C. Joseph, (2001). PKI: Implementing
& Managing E-Security
Paar, C., Pelzl, J., (2010). Understanding Cryptography: A
Textbook for Students and Practitioners
Schneier, B., (1996). Applied Cryptography: Protocols, Algorithms,
and Source Code in C (2nd Edition)
Cryptography Stallings, W., (2013). Cryptography and Network Security:
(Continued) Principles and Practice, (6th Edition)
Turner, S., R. Housley, (2008). Implementing Email and Security
Tokens: Current Standards, Tools, and Practices
Biswas, K., Md. L. Ali, R. Sultana, (2011). Security Issues in Wireless
Technologies:: Bluetooth, MANET and WiMAX
Boudriga, N., (2009). Security of Mobile Communications
Cache, J., J. Wright, V. Liu, (2010). Hacking Exposed Wireless, (2nd
Edition)
Cheswick, W.R., S.M. Bellovin, A.D. Rubin, (2003). Firewalls and
Internet Security: Repelling the Wily Hacker, (2nd Edition)
Daniel V. Hoffman, D.V., (2008). Implementing NAP and NAC
Security Technologies: The Complete Guide to Network Access
Control
Erickson, J., (2008). Hacking: The Art of Exploitation, (2nd Edition)
Hogg, S., E. Vyncke (2008). IPv6 Security
Kaeo, M., (2003). Designing Network Security, (2nd Edition)
Luotonen, A., (1997). Web Proxy Servers
McCabe, J.D., (2007). Network Analysis, Architecture, and Design,
(3rd Edition)
Mcclure, S., Scambray, J., (2012). Hacking Exposed: Network
Network and Security Secrets, (7th Edition)
Communications Nam-Kee, T., (2003). Building VPNs: with IPSec and MPLS
Security Noonan, W. I. Dubrawsky, (2006). Firewall Fundamentals
Oppenheimer, P., (2010). Top-Down Network Design, (3rd Edition)
Porter, T., J. Kanclirz, B. Baskin, (2006). Practical VoIP Security
Prowell, S., R.Kraus, M. Borkin, (2010). Seven Deadliest Network
Attacks
Rescorla, E. (2000). SSL and TLS: Designing and Building Secure
Systems
Ristic, I., (2010). ModSecurity Handbook
Santos, O., (2007). End-to-End Network Security: Defense-in-Depth
Steinberg, J., T. Speed, (2005). SSL VPN : Understanding,
Evaluating and Planning Secure, Web-based Remote Access: A
Comprehensive Overview of SSL VPN Technologies and Design
Strategies
Stevens, W.R., G.R. Wright, (2001). TCP/IP Illustrated (3 Volume Set)
Thermos, P., A. Takanen, (2007). Securing VoIP Networks: Threats,
Vulnerabilities, and Countermeasures
Wetteroth, D., (2001). OSI Reference Model for
Telecommunications
23
Blunden, B., (2009). The Rootkit Arsenal: Escape and Evasion in the
Dark Corners of the System
Buffington, J., (2010). Data Protection for Virtual Data Centers
Carlos Serrao, C., V. Aguilera, F. Cerullo, (2010). Web Application
Security: Iberic Web Application Security Conference
Clarke, J., et al, (2009). SQL Injection Attacks and Defense, (2nd
Edition)
Cloud Security Alliance, (2011). Security Guidance For Critical
Areas Of Focus In Cloud Computing V3.0
Davis, M., S. Bodmer, A. LeMasters, (2014). Hacking Exposed:
Malware & Rootkits Secrets & Solutions, (2nd Edition)
Dwivedi, H., Clark, C., Thiel, D., (2010). Mobile Application Security
Garfinkel, S., G. Spafford, A. Schwartz, (2003). Practical Unix &
Internet Security, (3rd Edition)
Grimes, R.A., (2001). Malicious Mobile Code: Virus Protection for
Windows
Hadnagy, C., (2010). Social Engineering: The Art of Human
Hacking
Hoglund, G., J. Bulter, (2005). Rootkits: Subverting the Windows
Systems and Kernel
Application Security Hope, P., B. Walther, (2008). Web Security Testing Cookbook:
Systematic Techniques to Find Problems Fast
Kadrich, M., (2007). Endpoint Security
Ligh, M., S. Adair, B. Hartstein, M. Richard, (2010). Malware
Analyst's Cookbook and DVD: Tools and Techniques for Fighting
Malicious Code
Malin, C.H., E. Casey, J.M. Aquilina, (2008). Malware Forensics:
Investigating and Analyzing Malicious Code
Mather, T., S. Kumaraswamy, S. Latif, (2009). Cloud Security and
Privacy : An Enterprise Perspective on Risks and Compliance
(Theory in Practice)
McGraw, G., G. Hoglund, (2004). Exploiting Software: How to
Break Code
Pfleeger, C.P., S.L. Pfleeger, (2006). Security in Computing, (4th
Edition)
Salomon, D., (2005). Foundations of Computer Security
Skoudis, E. L. Zeltser, (2003). Malware: Fighting Malicious Code
Stuttard, D., M. Pinto, (2011). The Web Application Hacker's
Handbook: Discovering and Exploiting Security Flaws, (2nd Edition)
24
SAMPLE EXAM QUESTIONS

1. When properly installed, which type of card/badge reader is MOST tamper resistant?
(A) Card swipe device

(B) Optical reader
(C) Proximity reader
(D) Card insertion device
Answer: C
________________________________________________________________
2. Which one of the following describes how a polymorphic virus attempts to hide from
antivirus software?
(A) By repeatedly changing the boot record of the host disk

(B) By changing the routines that encrypt the body of the virus
(C) By directly attacking the antivirus software
(D) By directly attaching itself to an email
Answer: B
________________________________________________________________
3. Which one of the following is a technique used to prevent inference violations by

allowing different versions of the same information item to exist at different classification
levels?
(A) Appropriate labeling

(B) Query restriction
(C) Auditing
(D) Polyinstantiation
Answer: D
________________________________________________________________
25
GENERAL EXAMINATION INFORMATION

Computer Based Test (CBT)
Registering for the Exam
Process for Registration Overview
This section describes procedures for candidates registering to sit for a Computer Based Test
(CBT). The test is administered at Pearson VUE Testing centers in the US, Canada, and other
parts of the world.
1. Go to www.pearsonvue.com/isc2 to register for a test appointment.
2. Select the most convenient test center
3. Select an appointment time.
4. Pay for your exam appointment.
5. Receive confirmation from Pearson VUE with the appointment details, test center
location and other relevant instructions, if any.
Please note that your registration information will be transferred to (ISC)² and all
communication about the testing process from (ISC)² and Pearson VUE will be sent to you via
email.
Fees
Please visit the (ISC)² website https://www.isc2.org/certification-register-now.aspx for the most

current examination registration fees.
U.S. Government Veteran’s Administration G.I. Bill

The U.S. Department of Veterans Affairs has approved reimbursement to veterans under the G.I.
Bill for the cost of the Certified Information System Security Professional (CISSP), the CISSP
Concentrations (ISSAP, ISSEP, ISSMP), the Certification and Accreditation Professional (CAP), and
the System Security Certified Practitioner (SSCP) examinations. Please refer to the U.S.
Department of Veterans Affairs Website at www.va.gov for more details.
CBT Demonstration
Candidates can experience a demonstration and tutorial of the CBT experience

on our Pearson VUE web page. The tutorial may be found at
www.pearsonvue.com/isc2 .
26
Scheduling a Test Appointment
Process for Registration Overview
Candidates may register for a testing appointment directly with Pearson VUE (
www.pearsonvue.com/isc2 ). Candidates who do not pass the test will be subject to the retake
policy and must wait the applicable time before they are allowed to re-sit for the examination.
Exam Appointment
Test centers may fill up quickly because of high volume and previously scheduled special
events. Pearson VUE testing centers also serve candidates from other entities; thus waiting to
schedule the testing appointment may significantly limit the options for candidate’s desired
testing dates at the closest center available.
Scheduling for a Testing Appointment

Candidates may schedule their appointment online at (ISC)² CBT Website located at
www.pearsonvue.com/isc2. Candidates will be required to create a Pearson VUE account in
order to complete registration. Candidates profile will be transferred to (ISC)² and becomes
part of the candidate’s permanent record. Candidates will be able to locate test centers and
select from a choice of available examination appointment times at the Pearson VUE website.
Candidates may also register over the telephone with a CBT registration specialist. Please refer
to ‘Contact Information’ for local telephone numbers for your region.
Rescheduling or Cancellation of a Testing Appointment

If you wish to reschedule or cancel your exam appointment, you must contact Pearson VUE at
least 48 hours before the exam date by contacting Pearson VUE online
(www.pearsonvue.com/isc2), OR at least 24 hours prior to exam appointment time by
contacting Pearson VUE over the phone. Canceling or rescheduling an exam appointment less
than 24 hours via phone notification, or less than 48 hours via online notification is subject to a
forfeit of exam fees. Exam fees are also forfeited for no-shows. Please note that Pearson VUE
charges a 50 USD/35 £/40 € fee for reschedules, and 100 USD/70 £/80 € fee for cancellations.
Reschedules and cancellations may be done at the (ISC)² CBT Candidate Website
(www.pearsonvue.com/isc2) or via telephone. Please refer to ‘Contact Information’ for more
information and local telephone numbers for your region.
27
Late Arrivals or No Shows

If the candidate does not arrive within 15 minutes of the scheduled exam starting time, he or
she has technically forfeited his or her assigned seat.
If the candidate arrives late (after 15 minutes of his/her scheduled appointment), it is up to the
discretion of the testing center as to whether or not the candidate may still take the exam. If the
test administrator at the testing location is able to accommodate a late arriving candidate,
without affecting subsequent candidates’ appointments, he/she will let the candidate to sit for
the exam and launch his/her exam.
Any/all attempts are made to accommodate candidates who arrive late. However, if the
schedule is such that the test center is not able to accommodate a late arrival, the candidate
will be turned away and his/her exam fees will be forfeited.
If a candidate fails to appear for a testing appointment, the test result will appear in the system
as a No-Show and the candidate’s exam fees will be forfeited.
Procedure for Requesting Special Accommodations

Pearson VUE Professional Centers can accommodate a variety of candidates’ needs, as they
are fully compliant with the Americans with Disability Act (ADA), and the equivalent
requirements in other countries.
Requests for accommodations should be made to (ISC)² in advance of the desired testing
appointment. Once (ISC)² grants the accommodations request, the candidate may schedule
the testing appointment using Pearson VUE’s special accommodations number. From there, a
Pearson VUE coordinator will handle all of the arrangements.
PLEASE NOTE: Candidates that request special accommodations should not schedule their
appointment online or call the main CBT registration line.
28
What to Bring to the Test Center
Proper Identification
(ISC)² requires two forms of identification, a primary and a secondary, when checking in for a
CBT test appointment at a Pearson VUE Test Center. All candidate identification documents
must be valid (not expired) and must be an original document (not a photocopy or a fax).
Primary IDs: Must contain a permanently affixed photo of the candidate, along with the
candidate’s signature.
Secondary IDs: Must have the candidate’s signature.
Accepted Primary ID (photograph and signature, not expired)

 Government issued Driver’s License or Identification Card
 U.S. Dept of State Drivers License
 U.S. Learner’s Permit (card only with photo and signature)
 National/State/Country Identification Card
 Passport
 Passport Cards
 Military ID
 Military ID for spouses and dependents
 Alien Registration Card (Green Card, Permanent Resident Visa)
 Government Issued local language ID (plastic card with photo and signature
 Employee ID
 School ID
 Credit Card* (A credit card can be used as a primary form of ID only if it contains both
a photo and a signature and is not expired. Any credit card can be used as a
secondary form of ID, as long as it contains a signature and is not expired. This includes
major credit cards, such as VISA, MasterCard, American Express and Discover. It also
includes department store and gasoline credit cards.
Accepted Secondary ID (contains signature, not expired)
 U.S. Social Security Card
 Debit/(ATM) Card
 Credit Cards
 Any form of ID on the primary list
29
Name Matching Policy

Candidate’s first and last name on the presented identification document must exactly match
the first and last name on the registration record with Pearson VUE. If the name the candidate
has registered with does not match the name on the identification document, proof of legal
name change must be brought to the test center on the day of the test. The only acceptable
forms of legal documentation are marriage licenses, divorce decrees, or court sanctioned legal
name change documents. All documents presented at the test center must be original
documents. If a mistake is made with a name during the application process, candidates
should contact (ISC)² to correct the information well in advance of the actual test date. Name
changes cannot be made at the test center or on the day of the exam. Candidates who do
not meet the requirements presented in the name matching policy on the day of the test may
be subject to forfeiture of testing fees and asked to leave the testing center.
Examination Agreement and Non-Disclosure Agreement
All candidates must agree to the terms listed in (ISC)2’s Examination Agreement. The
agreement is located at
https://www.isc2.org/uploadedfiles/education/cbt%20examination%20agreement.pdf.
Prior to starting the exam, all candidates are also required to accept the (ISC)² non-disclosure
agreement (NDA), and are required in the computer to accept the agreement prior to being
presented with exam questions. If the NDA is not accepted by the candidate, or refused to
accept within the time allotted, the exam will end, and the candidate will be asked to leave
the test center. No refund of exam fees will be given. For this reason, all candidates are strongly
encouraged to review the non-disclosure agreement prior to scheduling for, or taking the
exam. The agreement is located at www.pearsonvue.com/isc2/isc2_nda.pdf.
Check-In Process
Plan to arrive at the Pearson VUE testing center at least 30 minutes before the scheduled testing
time. If you arrive more than 15 minutes late to your scheduled appointment, you may lose your
examination appointment. For checking-in:
 You will be required to present two acceptable forms of identification.

 You will be asked to provide your signature, submit to a palm vein scan, and have
your photograph taken. Hats, scarves and coats may not be worn in the testing room,
or while your photograph is being taken.
 You will be required to leave your personal belongings outside the testing room.
Secure storage will be provided. Storage space is small, so candidates should plan
appropriately. Pearson Professional Centers assume no responsibility for candidates’
personal belongings.
 The Test Administrator (TA) will give you a short orientation, and then will escort you to
a computer terminal. You must remain in your seat during the examination, except
30
when authorized to leave by test center staff. You may not change your computer
terminal unless a TA directs you to do so.
Raise your hand to notify the TA if you
• believe you have a problem with your computer.

• need to change note boards.
• need to take a break.
• need the administrator for any reason.
Breaks
You will have up to six hours to complete the CISSP, and up to four hours to complete the CSSLP
and CCFP up to three hours to complete the following examinations:
 SSCP
 CAP
 HCISPP
 ISSAP
 ISSEP
 ISSMP
Total examination time includes any unscheduled breaks you may take. All breaks count
against your testing time. You must leave the testing room during your break, but you may not
leave the building or access any personal belongings unless absolutely necessary (e.g. for
retrieving medication). Additionally, when you take a break, you will be required to submit to a
palm vein scan before and after your break.
Examination Format and Scoring
®
 The CISSP examination consists of 250 multiple choice questions with four (4) choices
each.
®
 The CSSLP examination consists of 175 multiple choice questions with four (4) choices
each.
 The HCISPP examination contains 125 multiple choice questions with four (4) choices
each.
 The CCFP examination contains 125 multiple choice questions with four (4) choices each.
 The SSCP® examination contains 125 multiple choice questions with four (4) choices
each.
 The ISSAP®, ISSEP®, and ISSMP® concentration examinations contain 125, 150, 125
multiple choice questions respectively with four (4) choices each.
 The Certified Authorization Professional (CAP®) examination contains 125 multiple choice
questions with four (4) choices each. Also, administered in computers.
31
There may be scenario-based items which may have more than one multiple choice
question associated with it. These items will be specifically identified in the test booklet.
Each of these exams contains 25 questions which are included for research purposes only.
The research questions are not identified; therefore, answer all questions to the best of your
ability. There is no penalty for guessing, so candidates should not leave any item unanswered.
Examination results will be based only on the scored questions on the examination. There
are several versions of the examination. It is important that each candidate have an
equal opportunity to pass the examination, no matter which version is administered. Subject
Matter Experts (SMEs) have provided input as to the difficulty level of all questions used in the
examinations. That information is used to develop examination forms that have comparable
difficulty levels. When there are differences in the examination difficulty, a mathematical
procedure called equating is used to make the difficulty level of each test form equal.
Because the number of questions required to pass the examination may be different for each
version, the scores are converted onto a reporting scale to ensure a common standard. The
passing grade required is a scale score of 700 out of a possible 1000 points on the grading
scale.
Technical Issues
On rare occasions, technical problems may require rescheduling of a candidate’s examination.
If circumstances arise causing you to wait more than 30 minutes after your scheduled
appointment time, or a restart delay lasts longer than 30 minutes, you will be given the choice
of continuing to wait, or rescheduling your appointment without an additional fee.
• If you choose to wait, but later change your mind at any time prior to beginning or
restarting the examination, you will be allowed to take exam at a later date, at
no additional cost.
• If you choose not to reschedule, but rather test after a delay, you will have no
further recourse, and your test results will be considered valid.
• If you choose to reschedule your appointment, or the problem causing the delay
cannot be resolved, you will be allowed to test at a later date at no additional
charge. Every attempt will be made to contact candidates if technical problems
are identified prior to a scheduled appointment.
Testing Environment
Pearson Professional Centers administer many types of examinations including some that
require written responses (essay-type). Pearson Professional Centers have no control over typing
noises made by candidates sitting next to you while writing their examination. Typing noise is
considered a normal part of the computerized testing environment, just as the noise of turning
pages is a normal part of the paper-and pencil testing environment. Earplugs are available
upon request.
32
When the Exam is Finished

After you have finished the examination, raise your hand to summon the TA. The TA will collect
and inventory all note boards. The TA will dismiss you when all requirements are fulfilled.
If you believe there was an irregularity in the administration of your test, or the associated test
conditions adversely affected the outcome of your examination, you should notify the TA
before you leave the test center.
Results Reporting
Candidates will receive their unofficial test result at the test center. The results will be handed
out by the Test Administrator during the checkout process. (ISC)² will then follow up with an
official result via email.
In some instances, real time results may not be available. A comprehensive statistical and
psychometric analysis of the score data is conducted during every testing cycle before scores
are released. A minimum number of candidates are required to take the exam before this
analysis can be completed. Depending upon the volume of test takers for a given cycle, there
may be occasions when scores are delayed for approximately 6-8 weeks in order to complete
this critical process. Results WILL NOT be released over the phone. They will be sent via email
from (ISC)² as soon as the scores are finalized. If you have any questions regarding this policy,
you should contact (ISC)² prior to your examination.
Exam Irregularities and Test Invalidation
(ISC)2 exams are intended to be delivered under standardized conditions. If any irregularity or
fraud is encountered before, during, or after the administration of the exam, (ISC)2 will examine
the situation and determine whether action is warranted. If (ISC)2 determines that any testing
irregularity or fraud has occurred, it may choose not to score the answer documents of the
affected test taker(s), or it may choose to cancel the scores of the affected test taker(s).
(ISC)2 may at its sole discretion revoke any and all certifications a candidate may have earned
and ban the candidate from earning future (ISC)2 certifications, and decline to score or cancel
any Exam under any of the circumstances listed in the (ISC)2 Examination Agreement.
Please refer to the (ISC)2 Examination Agreement for further details
(https://www.isc2.org/uploadedfiles/education/cbt%20examination%20agreement.pdf).
33
Retake Policy
Test takers who do not pass the exam the first time will be able to retest after 30 days. Test
takers that fail a second time will need to wait 90 days prior to sitting for the exam again. In the
unfortunate event that a candidate fails a third time, the next available time to sit for the exam
will be 180 days after the most recent exam attempt. Candidates are eligible to sit for (ISC)²
exams a maximum of 3 times within a calendar year.
Recertification by Examination
Candidates and members may recertify by examination for the following reasons ONLY;
 The candidate has become decertified due to reaching the expiration of the time limit
for endorsement.
 The member has become decertified for not meeting the number of required continuing
professional education credits.
Logo Usage Guidelines

(ISC)² is a non-profit membership organization identified as the leader in certifying individuals in
information security.
Candidates who successfully complete any of the (ISC)² certification requirements may use the
appropriate Certification Mark or the Collective Mark, where appropriate, and the logo
containing the Certification Mark or the Collective Mark, where appropriate (the “Logo”) to
identify themselves as having demonstrated the professional experience and requisite
knowledge in the realm of information system security. Please visit the following link (URL) for
more information on logo use:
https://www.isc2.org/uploadedfiles/(ISC)2_Public_Content/Legal _and
_Policies/LogoGuidleines.pdf
Any questions?
(ISC)2 Candidate Services

311 Park Place Blvd, Suite 400
Clearwater, FL 33759
Phone: 1.866.331.ISC2 (4722) in the United States
1.727.785.0189 all others
Fax: 1.727.683.0785
34
35

SCCP Outline PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

SCCP Outline PDF

Hochgeladen von

Copyright:

Verfügbare Formate

Effective Date: April 15, 2015

1) ACCESS CONTROLS .............................................................................................................. 5

This Candidate Information Bulletin includes;

Candidates should be familiar with authentication mechanisms and terminology including

Key Areas of Knowledge

C. Participate in the Identity-Management Lifecycle

2) SECURITY OPERATIONS AND ADMINISTRATION

Key Areas of Knowledge

G. Participate in Security Awareness and Training

3) RISK IDENTIFICATION, MONITORING, AND ANALYSIS

Key Areas of Knowledge

4) INCIDENT RESPONSE AND RECOVERY

Key Areas of Knowledge

Candidates must understand common cryptographic concepts, methodologies and

The security practitioner is expected to be capable of implementing and operating

Key Areas of Knowledge

A. Understand and Apply Fundamental Concepts of Cryptography

D. Operate and implement cryptographic systems

6) NETWORK AND COMMUNICATIONS SECURITY

Key Areas of Knowledge

A. Understand Security Issues Related to Networks

C. Control Network Access

7) SYSTEMS AND APPLICATION SECURITY

Key Areas of Knowledge

Domain Supplementary Reference

Bosworth, S., M. E. Kabay, E. Whyne, (2014). Computer Security

Provos, N., T. Holz, (2007). Virtual Honeypots: From Botnet Tracking

Menezes, A.J., P. van Oorschot, S. Vanstone, (1996). Handbook of

SAMPLE EXAM QUESTIONS

(A) Card swipe device

(A) By repeatedly changing the boot record of the host disk

3. Which one of the following is a technique used to prevent inference violations by

(A) Appropriate labeling

GENERAL EXAMINATION INFORMATION

Registering for the Exam

Process for Registration Overview

Please visit the (ISC)² website https://www.isc2.org/certification-register-now.aspx for the most

U.S. Government Veteran’s Administration G.I. Bill

Candidates can experience a demonstration and tutorial of the CBT experience

Scheduling a Test Appointment

Process for Registration Overview

Scheduling for a Testing Appointment

Rescheduling or Cancellation of a Testing Appointment

Late Arrivals or No Shows

Procedure for Requesting Special Accommodations

What to Bring to the Test Center

Secondary IDs: Must have the candidate’s signature.

Accepted Primary ID (photograph and signature, not expired)

Name Matching Policy

Examination Agreement and Non-Disclosure Agreement

 You will be required to present two acceptable forms of identification.

Raise your hand to notify the TA if you

• believe you have a problem with your computer.

Examination Format and Scoring

When the Exam is Finished

Exam Irregularities and Test Invalidation

Logo Usage Guidelines

(ISC)2 Candidate Services

Das könnte Ihnen auch gefallen