SSCP Latest Update with Certified Solutions

SSCP Latest Update with Certified Solutions CBK Common Body of Knowledge- SSCP has 7 Domains Domain 1: Access Controls Domain 1: Access Controls: Policies, standards, and procedures that define who users are, what they can do, which resources and information they can access, and what operations they can perform on a system, such as: 1.1 Implement and maintain authentication methods 1.2 Support internetwork trust architectures 1.3 Participate in the identity management lifecycle 1.4 Implement access controls Domain 2: Security Operations and Administration: Domain 2: Security Operations and Administration: Identification of information assets and documentation of policies, standards, procedures, and guidelines that ensure confidentiality, integrity, and availability, such as: 2.1 Comply with codes of ethics 2.2 Understand security concepts 2.3 Document, implement, and maintain functional security controls 2.4 Participate in asset management 2.5 Implement security controls and assess compliance 2.6 Participate in change management 2.7 Participate in security awareness and training 2.8 Participate in physical security operations (e.g., data center assessment, badging) Domain 3: Risk Identification, Monitoring, and Analysis Domain 3: Risk Identification, Monitoring, and Analysis: Risk identification is the review, analysis, and implementation of processes essential to the identification, measurement, and control of loss associated with unplanned adverse events. Monitoring and analysis are determining system implementation and access in accordance with defined IT criteria. This involves collecting information for identification of, and response to, security breaches or events, such as: 3.1 Understand the risk management process 3.2 Perform security assessment activities 3.3 Operate and maintain monitoring systems (e.g., continuous monitoring) 3.4 Analyze monitoring results Domain 4: Incident Response and Recovery Domain 4: Incident Response and Recovery: "The show must go on" is a well-known saying that means even if there are problems or difficulties, an event or activity must continue. Incident response and recovery ensures the work of the organization will continue. In this domain, the SSCP gains an understanding of how to handle incidents using consistent, applied approaches like business continuity planning (BCP) and disaster recovery planning (DRP). These approaches are utilized to mitigate damages, recover business operations, and avoid critical business interruption: 4.1 Support incident lifecycle 4.2 Understand and support forensic investigations 4.3 Understand and support business continuity plan (BCP) and disaster recovery plan (DRP) activities Domain 5: Cryptography Domain 5: Cryptography: The protection of information using techniques that ensure its integrity, confidentiality, authenticity, and nonrepudiation, and the recovery of encrypted information in its original form: 5.1 Understand fundamental concepts of cryptography 5.2 Understand reasons and requirements for cryptography 5.2 Understand and support secure protocols 5.2 Understand public key infrastructure (PKI) systems Domain 6: Network and Communications Security Domain 6: Network and Communications Security: The network structure, transmission methods and techniques, transport formats, and security measures used to operate both private and public communication networks: 6.1 Understand and apply fundamental concepts of networking 6.2