The Official (ISC)2 SSCP CBK Reference. Mike Wills
Чтение книги онлайн.
Читать онлайн книгу The Official (ISC)2 SSCP CBK Reference - Mike Wills страница 17
Certified Authorization Professional (CAP): The CAP is a leader in information security and aligns information systems with the risk management framework (RMF). The CAP certification covers the RMF at an extensive level, and it's the only certification under the DoD 8570/DoD 8140 Approved Baseline Certifications that aligns to each of the RMF steps.
Certified Secure Software Lifecycle Professional (CSSLP): The CSSLP is an internationally recognized professional with the ability to incorporate security practices—authentication, authorization, and auditing—into each phase of the software development lifecycle (SDLC).
HealthCare Information Security and Privacy Practitioner (HCISPP): The HCISSP is a skilled practitioner who combines information security with healthcare security and privacy best practices and techniques.
Each of these certifications has its own requirements for documented full-time experience in its requisite topic areas.
Newcomers to information security who have not yet had supervised work experience in the topic areas can take and pass the SSCP exam and then become recognized as Associates of (ISC)2. Associates then have two years to attain the required experience to become full members of (ISC)2.
Maintaining the SSCP Certification
SSCP credentials are maintained in good standing by participating in various activities and gaining continuing professional education credits (CPEs). CPEs are obtained through numerous methods such as reading books, attending seminars, writing papers or articles, teaching classes, attending security conventions, and participating in many other qualifying activities. Visit the (ISC)2 website for additional information concerning the definition of CPEs.
Join a Local Chapter
As an SSCP, you've become one of more than 160,000 members worldwide. They, like you, are there to share in the knowledge, experience, and opportunity to help accomplish the goals and objectives of being an information security professional. Nearly 12,500 of your fellow members participate in local area chapters, and (ISC)2 has over 140 local chapters around the world. You can find one in your area by visiting www.isc2.org/Chapters
.
Being an active part of a local chapter helps you network with your peers as you share knowledge, exchange information about resources, and work on projects together. You can engage in leadership roles and participate in co-sponsored local events with other industry associations. You might write for or speak at (ISC)2 events and help support other (ISC)2 initiatives. You can also be a better part of your local community by participating in local chapter community service outreach projects.
Chapter membership earns you CPE credits and can make you eligible for special discounts on (ISC)2 products and programs.
LET'S GET STARTED!
This book is for you. This is your journey map, your road atlas, and your handbook. Make it work for you.
Choose your own course through it, based on what you need on the job today and every day.
Go for it.
HOW TO CONTACT THE PUBLISHER
If you believe you've found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.
In order to submit your possible errata, please email it to our Customer Service Team at [email protected]
with the subject line “Possible Book Errata Submission”.
NOTES
1 1 I had the privilege of developing and teaching some of these evolving concepts at the U.S. National Defense University's School of Information Warfare and Strategy, 1998-2000. At the School, we made extensive use of the “Strategic Information Warfare” series of publications by Roger C. Molander and others at the RAND Corporation, which were exploring this backward chain from desired strategic effect to the “kill effect” required of attacks on information and information systems.
2 2 Ponemon Institute LLC, for IBM Security. “2021 Cost of a Data Breach Study: Global Overview.” Other sources, particularly business news media in India and Asia, have claimed as high as 220 days for this average, but there is little hard data to support this larger claim. Either way, this is seriously bad news.
CHAPTER 1 SSCP® Security Operations and Administration
THIS IS WHERE THE planning hits reality; it's in the day to day of information security operations that you see every decision made during the threat assessments and the risk mitigation plans being live-fire tested by your co-workers, customers, legitimate visitors, and threat actors alike. Whether you're an on-shift watch-stander in a security operations center (SOC) or network operations center (NOC) or you work a pattern of normal business hours and days, you'll be exposed to the details of information security in action.
Security operations and administration entail a wide breadth of tasks and functions, and the security professional is expected to have a working familiarity with each of them. This can include maintaining a secure environment for business functions and the physical security of a campus and, specifically, the data center. Throughout your career, you will likely have to oversee and participate in incident response activities, which will include conducting investigations, handling material that may be used as evidence in criminal prosecution and/or civil suits, and performing forensic analysis. The Systems Security Certified Practitioner (SSCP) should also be familiar with common tools for mitigating, detecting, and responding to threats and attacks; this includes knowledge of the importance and use of event logging as a means to enhance security efforts. Another facet the security practitioner may have to manage could be how the organization deals with emergencies, including disaster recovery.
There is a common thread running through all aspects of this topic: supporting business functions by incorporating security policy and practices with normal daily activities. This involves maintaining an accurate and detailed asset inventory, tracking the security posture and readiness of information technology (IT) assets through the use of configuration/change management, and ensuring personnel are trained and given adequate support for their own safety and security.
This chapter will address all these aspects of security operations. The practitioner is advised, however, to not see this as a thorough treatment of all these concepts, each of which could be (and has been) the subject of an entire book (or books) by themselves; for each topic that is unfamiliar, you should look at the following content as an introduction only and pursue a more detailed review of related subject matter.
NOTE The countries and regions that an organization operates in may have varying, distinct, and at times conflicting legal systems. Beyond considerations of written laws and regulations, the active functioning of court systems and regulatory bodies often has intricate, myriad applications in the real world that extend far beyond how things are codified in written laws. These factors become even more varied and complex when an organization