Description

Prepare for the Systems Security Certified Practitioner certification (SSCP). Review the objectives from the Systems and Application Security domain of the SSCP exam.

Tags

Syllabus

Syllabus IntroductionSecuring systems and applicationsWhat you need to knowStudy resources1. MalwareComparing viruses, worms, and trojansMalware payloadsUnderstanding backdoors and logic bombsLooking at advanced malwareUnderstanding botnetsCode signing2. Understanding AttackersCybersecurity adversariesPreventing insider threatsAttack vectorsZero-days and the Advanced Persistent Threat3. Social Engineering AttacksSocial engineeringImpersonation attacksIdentity fraud and pretextingWatering hole attacksPhysical social engineering4. Web Application AttacksOWASP Top TenApplication securityPreventing SQL injectionUnderstanding cross-site scriptingRequest forgeryDefending against directory traversalOverflow attacksExplaining cookies and attachmentsSession hijackingCode execution attacks5. Host SecurityOperating system securityMalware preventionApplication managementHost-based network security controlsFile integrity monitoringData loss preventionEndpoint monitoring6. Hardware SecurityData encryptionHardware and firmware securityPeripheral security7. Mobile Device SecurityMobile connection methodsMobile device securityMobile device managementMobile device trackingMobile application managementMobile security enforcementBring Your Own Device (BYOD)Mobile deployment models8. Embedded Systems SecurityIndustrial control systemsInternet of ThingsSecuring smart devicesSecure networking for smart devices9. Cloud ComputingWhat is the cloud?Cloud activities and the Cloud Reference ArchitectureCloud deployment modelsCloud service categoriesVirtualizationCloud compute resourcesCloud storageContainers10. Cloud IssuesSecurity and privacy concerns in the cloudData sovereigntyOperational concerns in the cloud11. What's Next?Continuing your studies Read more