If you'd rather place an order by talking to one of our cheerful order desk clerks, please call 1-888-232-4444 (USA and Canada only) or 250-383-6864. From Europe, ring our UK order desk clerk at local rate number 0845 230 9601 (UK only) or 44 (0)1865 722 113.

Secured Computing: A SSCP Study guide

by Carl F. Endorf CISSP

281 pages; quality trade paperback (softcover); catalogue #01-0589; ISBN 1-55369-188-1; US$34.95, C$50.00, EUR32.50, £22.60

The Systems Security Certified Professional (SSCP) designation is one of the most respected certifications an IT professional can obtain. It demonstrates the ability to understand a broad range of security concerns throughout the security profession.

Read more!

about the book      about the author      Table of Contents      catalogue info

About the Book The Systems Security Certified Professional (SSCP) designation is one of the most respected certifications an IT professional can obtain during their career. It demonstrates the ability to understand a broad range of security concerns in many areas of the security profession. This is the ultimate guide for the Systems Security Certified Professional (SSCP) Exam. It is designed for the experienced Security Professional. This guide will help to supplement your studies and further your goal of acquiring the SSCP designation. The book is designed for a security professional by a security professional. The author has strived to take the information that is needed to be successful in the security arena and to condense it into one concise volume. In addition, this book is also a great resource for anyone interested in getting a better hndle on how to secure ones organization and enterprise. This guide will help you to understand the common body of knowledge that is set forth by ISC2* and many security professionals today. * SSCP is a registered Trademark of ISC2, Inc. This publication is not endorsed nor sponsered by ISC2, Inc. The information here within is that of the authors and his intent to consolidate this informaton. The test and quiz questions are not official test questions set forth by ISC2, but intended only for the purpose of learning the knowledge needed to prepare for this test.

---

About the Author Carl Endorf, CISSP, MCSE, CCNA, ITIL, CIWA is a technical security analyst for one of the largest Insurance and banking companies in the U.S. He has practical experience in forensics, corporate investigations and Internet security. He is currently pursuing his graduate degree at the University of Illinois in Management Information Systems. Endorf's first release Secured Computing: CISSP Study Guide is also available through Trafford Publishing.

---

Table of Contents

Acknowledgements/Disclaimer
Preface
SSCP Exam: An Overview
How to Use This Book
The Study Plan
Test Day Tips

CHAPTER ONE
Domain 1 - Access Control Systems and Methodology
    Definitions
    Access Control Techniques
    Access Control Layers
    Types of Access Control
    Account, Log and Journal Monitoring
    The Four Basic Principles of I&A
    Passwords
    Centralized Remote Authentication Access Controls
    Decentralized Administration
    Methods of Attack
    Monitoring
    Test Your Knowledge

CHAPTER TWO
Domain 2 - Security Administration & Management Practices
    Definitions
    CIA Triad
    Data Classification Schemes
    Government Data Classifications
    Military Data Classifications
    Commercial/Business Data Classifications
    Security Control Architecture
    System Development Controls
    Protection Mechanisms
    Data Information Storage
    Configuration Management
    Employment Policies and Practices
    Policies, Standards, Guidelines, Procedures, & Baselines
    Roles and Responsibilities
    Security Awareness
    Security Management Planning
    Methods of Attack
    Test Your Knowledge

CHAPTER THREE
Domain 3 - Audits and Monitoring     Access Controls
    Security Audits
    The Auditing Process
    Monitoring Tools and Techniques
    Detecting Intrusion
    Test Your Knowledge

CHAPTER FOUR
Domain 4 - Risk Management, Response, and Recovery
    Risk Management
    Principles of Risk Management
    Risk Management Tools
    Risk Management Process
    Response
    Investigations
    Other Issues
    Developing a Business Continuity Plan
    Test Your Knowledge

CHAPTER FIVE
Domain 5 - Cryptography
    Definitions
    Uses of Cryptography
    Cryptographic Concepts, Methodologies, and Practices
    Key Management
    Ciphers
    Cryptographic Algorithms
    Public Key Infrastructure
    Application and Network Based Protocols
    Cryptanalysis
    Test Your Knowledge

CHAPTER SIX
Domain 6 - Data Communications & Network Security
    Definitions
    IOS/OSI Model
    Communications and Network Security
    Network Topologies
    Protocol Vulnerabilities
    WAN Protocols
    Identification and Authentication
    Firewalls
    Data Communications
    Web Security Protocols
    Network Components
    Network Availability
    Test Your Knowledge

CHAPTER SEVEN
Domain 7 - Malicious Code
    Viruses
    Hackers/Crackers/Virus Writers
    Denial of Service
    Other Malicious Code
    Software Programming Techniques Used to Exploit
    Scripting Vulnerabilities
    Attack Approaches
    Safeguarding Against Malicious Code
    Recent Viruses/Worms and How They Work
    The ICSA Computer Virus Prevalence Survey
    Test Your Knowledge

References
SSCP Practice Exam
About Endorf Technical Research
Glossary
Index

---

Catalogue Information

---