SSCP Cert Prep: 1 Security Operations and Administration
2h 17mIntermediate2021-08-09
Authors

Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
The Systems Security Certified Practitioner (SSCP) certification is an excellent entry point to a career in IT security. To help you prepare for the SSCP exam, instructor Mike Chapple has designed a series of courses covering each domain. In this installment, Mike covers the objectives of the first domain, Security Operations and Administration, which comprises 16% of the questions on the exam. Topics include the security triad, data security, security controls, and compliance training. Learn about core concepts and the security code of ethics, and find out how to document controls, start asset and change management programs, conduct security awareness and training, implement physical controls, and assess the compliance of your organization.
Skills covered
Incident ResponseCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Conducting cybersecurity operations
- 02 - What you need to know
- 03 - Study resources
1. The Security Triad
- 04 - The goals of information security
- 05 - Confidentiality
- 06 - Integrity
- 07 - Availability
- 08 - Ethics
2. Security Principles
- 09 - Accountability
- 10 - Privacy compliance
- 11 - Employee privacy
- 12 - Need to know and least privilege
- 13 - Separation of duties and responsibilities
3. Resource Security
- 14 - Physical asset management
- 15 - Software licensing
- 16 - Change and configuration management
4. Data Security
- 17 - Understanding data security
- 18 - Data security policies
- 19 - Data security roles
- 20 - Limiting data collection
- 21 - The data lifecycle
5. Security Standards
- 22 - Developing security baselines
- 23 - Leveraging industry standards
- 24 - Customizing security standards
6. Security Controls
- 25 - Security control selection and implementation
- 26 - Control frameworks
- 27 - Security policy framework
7. Assessing Security Controls
- 28 - Collect security process data
- 29 - Management review
- 30 - Security metrics
- 31 - Audits and assessments
- 32 - Control management
8. Awareness and Training
- 33 - Security awareness and training
- 34 - Compliance training
- 35 - User habits
- 36 - Social engineering
- 37 - Measuring compliance and security posture
9. Physical Security
- 38 - Site and facility design
- 39 - Data center environmental controls
- 40 - Data center environmental protection
- 41 - Physical access control
- 42 - Visitor management
Conclusion
- 43 - Continuing your studies
Related courses
- RAG, AI Apps, and AI Agents for Cybersecurity and Networking
- Introduction to Applied Cryptography and Cryptanalysis by Infosec
- ISC2 Systems Security Certified Practitioner (SSCP) Cert Prep
- CCNA Cybersecurity (200-201) v1.2 Cert Prep
- Automated Threat Detection: Building SOC Solutions with Splunk, TheHive, and Snort
- Azure Event Hubs for Developers
- Applied ChatGPT for Cybersecurity by Infosec
- Corporate Security Policies by Infosec