01. Security Operations and Administration

• What is ISC2 SSCP: Exam length/type (3 hrs 125 questions)
• ISC2 Code of Ethics
• Security Basics: CIA triad, Least privilege, and Segregation of duties
• Security Controls: Technical (Passwords, Lockout), Physical (Locks, Bollards, Cameras, Mantraps), and Administrative (Policies, Training)
• Assessing Compliance: Periodic audit and review of policies
• Types of Security Controls: Deterrent, Corrective, and Preventative
• Asset Management: Data retention, Inventory, and Licensing models
• Change Management Lifecycle

02. Access Controls

• Types of Authentication: MFA and SSO
• Access Control Models: RBAC, Rule-Based, MAC, and DAC
• Read/Write/Execute Privileges and Allow/Deny Logic
• Trust Relationships: One-way, Two-way, Transitive, and Zero Trust
• Identity Management: IAM systems, Provisioning/Deprovisioning, and Authorization

03. Risk Identification

• Definitions: Risk, Vulnerability, and Risk Management
• Determining Risk Levels: Probability x Loss, Asset Values, and KRIs
• Risk Responses: Avoidance, Transference, Acceptance, and Mitigation
• Identifying Risks: Vulnerability scanners, Penetration testing, and STIGs
• Risk Management Frameworks (RMF): NIST 800-171, CMMC, and COBIT
• Vulnerability Management Planning and Remediation
• Continuous Monitoring: IDS/IPS and Indicators of Intrusion (File/Network)
• Legal Restraints: Privacy laws and Data regulations

04. Incident Response

• Response Plan: First responders, Contacts, and Documentation
• First Steps: Assessing the situation and Chain of Custody
• Containment and Damage Control (Disconnecting drives, etc.)
• Recovery and Investigation: Forensic investigation (Logs, AV, Diagnostics)
• After Actions Reporting: Cost of damages and prevention plans
• Backup Planning: Differential, Incremental, and Full backups
• Backup Locations: Cloud vs. Tapes and Offsite (Hot/Cold/Warm sites)
• Business Continuity (BCP) and Disaster Recovery (DRP) Testing

[Image of the Incident Response Lifecycle: Preparation, Detection, Containment, Eradication, Recovery]

05. Cryptography

• Laws and Regulations: PII/PHI, HIPAA, and PCI-DSS
• Data Encryption: Symmetric vs. Asymmetric, In-Transit, and At-Rest
• Encryption Strengths: RSA, AES, etc.
• Public Key Infrastructure (PKI): Private/Public keys, CA, and Key Lifecycle
• Nonrepudiation: Hashing, Salting, and Digital Signatures (HMAC)
• Security Protocols: IPSEC, TLS, SSL, S/MIME, and DKIM

06. Network and Communication Security

• Network Parts: Hosts, Routers, Switches, Firewalls, and IDPS
• Models: TCP/IP vs. OSI Model Layers and Data Flow
• Protocols: TCP, UDP, HTTP, DNS, and Email protocols
• Topologies: Mesh, Star, Bus, Ring, and Hybrid
• Switching and Routing: VLANs, Trunking, ACLs, and Load Balancing
• VPNs: Encapsulation (L2TP, SSH, PPTP) and Types (IPSec, SSL, Site-to-Site)
• Firewalls: Packet filtering, NAT, DMZ, and Evasion techniques
• IDPS: NIDS vs. HIDS, True/False Positives/Negatives, and Signature matching
• Wireless Security: Standards, Encryption (WEP, WPA2, EAP), and Threats (Evil Twin, War driving)

07. Systems and Applications Security

• Network Attacks: DDOS, Malware, Ransomware, and Social Engineering
• Password Hacking: Brute force and Dictionary attacks
• System Hardening: Baselines, Imaging, STIGs, and Patch Management
• Endpoint Security: Anti-Virus functions, Host-based Firewalls, and HIDS
• Mobile Device Management: BYOD, COPE, Containerization, and DLP
• Cloud Security: Public, Private, Hybrid, and Service Models (IaaS, PaaS, SaaS)
• Virtualization: Hypervisors, VMs, Virtual switches, and Shared storage
• Data Ownership in the Cloud and Service Level Agreements (SLA)