SSCP Cert Prep: 7 Systems and Application Security
4h 8mIntermediate2022-03-28
Authors

Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
The Systems Security Certified Practitioner (SSCP) certification is an excellent entry point to a career in IT security. To help you prepare for the SSCP exam, instructor Mike Chapple has designed a series of courses covering each domain. In this installment, Mike covers the objectives of the seventh and final domain, Systems and Application Security. Join Mike to learn about malicious code and cyberattacks, as well as the endpoint device security controls used to protect against them. He also covers topics like the controls you can use to secure mobile devices, cloud computing environments, and virtualized environments.
Skills covered
Incident ResponseCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Securing systems and applications
- 02 - What you need to know
- 03 - Study resources
1. Malware
- 04 - Comparing viruses, worms, and trojans
- 05 - Malware payloads
- 06 - Understanding backdoors and logic bombs
- 07 - Looking at advanced malware
- 08 - Understanding botnets
- 09 - Code signing
2. Understanding Attackers
- 10 - Cybersecurity adversaries
- 11 - Preventing insider threats
- 12 - Attack vectors
- 13 - Zero-days and the Advanced Persistent Threat
3. Social Engineering Attacks
- 14 - Social engineering
- 15 - Impersonation attacks
- 16 - Identity fraud and pretexting
- 17 - Watering hole attacks
- 18 - Physical social engineering
4. Web Application Attacks
- 19 - OWASP Top Ten
- 20 - Application security
- 21 - Preventing SQL injection
- 22 - Understanding cross-site scripting
- 23 - Request forgery
- 24 - Defending against directory traversal
- 25 - Overflow attacks
- 26 - Explaining cookies and attachments
- 27 - Session hijacking
- 28 - Code execution attacks
5. Host Security
- 29 - Operating system security
- 30 - Malware prevention
- 31 - Application management
- 32 - Host-based network security controls
- 33 - File integrity monitoring
- 34 - Data loss prevention
- 35 - Endpoint monitoring
6. Hardware Security
- 36 - Data encryption
- 37 - Hardware and firmware security
- 38 - Peripheral security
7. Mobile Device Security
- 39 - Mobile connection methods
- 40 - Mobile device security
- 41 - Mobile device management
- 42 - Mobile device tracking
- 43 - Mobile application management
- 44 - Mobile security enforcement
- 45 - Bring Your Own Device (BYOD)
- 46 - Mobile deployment models
8. Embedded Systems Security
- 47 - Industrial control systems
- 48 - Internet of Things
- 49 - Securing smart devices
- 50 - Secure networking for smart devices
9. Cloud Computing
- 51 - What is the cloud
- 52 - Cloud activities and the Cloud Reference Architecture
- 53 - Cloud deployment models
- 54 - Cloud service categories
- 55 - Virtualization
- 56 - Cloud compute resources
- 57 - Cloud storage
- 58 - Containers
10. Cloud Issues
- 59 - Security and privacy concerns in the cloud
- 60 - Data sovereignty
- 61 - Operational concerns in the cloud
11. What's Next
- 62 - Continuing your studies
Related courses
- RAG, AI Apps, and AI Agents for Cybersecurity and Networking
- Introduction to Applied Cryptography and Cryptanalysis by Infosec
- ISC2 Systems Security Certified Practitioner (SSCP) Cert Prep
- CCNA Cybersecurity (200-201) v1.2 Cert Prep
- Automated Threat Detection: Building SOC Solutions with Splunk, TheHive, and Snort
- Azure Event Hubs for Developers
- Applied ChatGPT for Cybersecurity by Infosec
- Corporate Security Policies by Infosec