(ISC)2 SSCP Systems Security Certified Practitioner Official Practice Tests

Smarter, faster prep for the SSCP exam

The (ISC)² SSCP Official Practice Tests is the only (ISC)²-endorsed set of practice questions for the Systems Security Certified Practitioner (SSCP). This book's first seven chapters cover each of the seven domains on the SSCP exam with sixty or more questions per domain, so you can focus your study efforts exactly where you need more review. When you feel well prepared, use the two complete practice exams from Sybex's online interactive learning environment as time trials to assess your readiness to take the exam.

Coverage of all exam objectives, including:

• Access Controls
• Security Operations and Administration
• Risk Identification, Monitoring, and Analysis
• Incident Response and Recovery
• Cryptography
• Network and Communications Security
• Systems and Application Security

SSCP certification demonstrates you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures. It's ideal for students pursuing cybersecurity degrees as well as those in the field looking to take their careers to the next level.

ABOUT THE AUTHORS

Mike Chapple, PhD, CISSP, Security+, CISA, CySA+ is Associate Teaching Professor of IT, Analytics and Operations at the University of Notre Dame. He is a leading expert on cybersecurity certification and runs CertMike.com. Mike is the author of more than 25 books including (I^SC)2 CISSP Certified Information Systems Security Professional Official Study Guide,7th and 8th Editions.

David Seidl, CISSP, GPEN, GCIH, CySA+, Pentest+ is the Vice President for Information Technology and CIO at Miami University of Ohio. During his IT career, he has served in a variety of technical and information security roles including serving as the Senior Director for Campus Technology Services at the University of Notre Dame and leading Notre Dame's information security team as Notre Dame's Director of Information Security. David has taught college courses on information security, and writes books on information security and cyberwarfare.

Introduction xi

Chapter 1 Access Controls (Domain 1) 1

Chapter 2 Security Operations and Administration (Domain 2) 17

Chapter 3 Risk Identification, Monitoring, and Analysis (Domain 3) 35

Chapter 4 Incident Response and Recovery (Domain 4) 57

Chapter 5 Cryptography (Domain 5) 75

Chapter 6 Network and Communications Security (Domain 6) 91

Chapter 7 Systems and Application Security (Domain 7) 113

Chapter 8 Practice Test 1 131

Chapter 9 Practice Test 2 159

Appendix Answers to Review Questions 187

Chapter 1: Access Controls (Domain 1) 188

Chapter 2: Security Operations and Administration (Domain 2) 195

Chapter 3: Risk Identification, Monitoring, and Analysis (Domain 3) 201

Chapter 4: Incident Response and Recovery (Domain 4) 210

Chapter 5: Cryptography (Domain 5) 217

Chapter 6: Network and Communications Security (Domain 6) 223

Chapter 7: Systems and Application Security (Domain 7) 232

Chapter 8: Practice Test 1 240

Chapter 9: Practice Test 2 253

Index 267

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.