Information is exposed to a large number and range of threats in an increasingly interconnected world. Due to the ever-increasing number of cyberattacks, security has become the prime concern in information technology. Information security can help protect an organization’s technology and information assets by preventing, detecting, and responding to attacks. This article will cover the second domain of the SSCP certification exam that deals with the various aspects related to security operations and administration.
Domains of SSCP
The seven domains covered by the SSCP certification exam are:
Domain 2: Security Operations and Administration
Domain 2 of the SSCP certification exam is Security Operations and Administration. The Security Operations and Administration domain comprises a 15% weightage of the SSCP certification exam. This domain is concerned with the availability, integrity, and confidentiality of information related to management staff, system owners, information managers, and end-users. This domain will discuss the availability to ensure accessibility to all hardware, software applications, and data throughout the system. It will also discuss integrity to protect systems from unauthorized, unanticipated, or unintentional modifications. Every business should have policies, standards, procedures, and guidelines that give recorded information to govern the organization’s actions and the behavior of the people it employs or interacts with. You will learn about change management, software and system patches and upgrades, and data management rules in this domain. It will also go over data classification and validate whether or not a security measure is working correctly. The subtopics covered in Security Operations and Administration domains are:
1. Comply with Codes of Ethics
In this subsection, we will understand what a code of ethics is. A code of ethics is a set of guidelines for professionals to conduct business honestly and ethically. This section will provide the ethical rules and best practices for maintaining honesty, integrity, and professionalism in an organization. In addition, the examination candidate must also agree to and sign the ISC2 Code of Ethics and non-disclosure agreement (NDA).
2. Understand Security Concepts
This subsection will discuss the three core security targets, known as the CIA triad, confidentiality, integrity, and availability. These are the three things that businesses prefer to prevent. It will also cover the significance of the concepts of confidentiality, integrity, and availability and how to connect any other security topic to one of these three goals. It will also help you understand the basic security concepts such as accountability, privacy, non-repudiation, least privilege, and more. It will cover ‘separation of duties’ policies to ensure that no one person has too much authority and control.
3. Document, Implement and Maintain Functional Security Controls
This subsection will look at different control types and recognize the need for layered security in our information systems. A single security countermeasure is never enough; we need layers upon layers of protection. We will understand various controls such as deterrent, preventive, corrective, detective, and compensating controls.
4. Participate in Asset Management
This subsection deals with the management of organizational IT assets and the processes involved in management. Asset management is the process of monitoring, deploying, maintaining, upgrading, and disposing of an organization’s assets as needed. It is an integral part of this domain. This section will cover the hardware, software, and data lifecycle of an organization in depth. It will go through the hardware and software inventory and licensing and various data storage capabilities available.
5. Implement Security Controls and Assess Compliance
In this section, we will learn multistep processes to control access to an organization’s resources. It will cover the technical controls such as session timeout, password aging, and physical controls such as mantrap, cameras, locks, and more. It will also cover administrative controls such as security policies and standards, procedures, baseline security, and more. This section will also go through periodic audits and reviews.
6. Participate in Change Management
We will learn about the change management process and various components of change management processes in this subsection of the Security Operations and Administration domain. The discussion will be around the ways to execute the change management process. This domain will teach you how you can identify security impacts. Learn how to establish security practices throughout the enterprise. This section will also cover rules to test and implement patches, fixes, and various updates of operating systems, applications, SDLC, and more.
7. Participate in Security Awareness and Training
This subsection will go through how IT and security professionals avoid and mitigate user risk. Businesses can reduce help desk costs and protect their entire cybersecurity investment by implementing security awareness training. Professionals learn how to prevent phishing and other types of social engineering cyber attacks, spot potential malware behaviors, report possible security threats, follow company IT policies and best practices and comply with any applicable data privacy and compliance regulations by participating in security awareness training.
8. Participate in Physical Security Operations
We will study how to participate in physical security, what physical security is, how to manage it, and how to apply and implement it inside an organization in this subsection. This section will cover physical security, building security, keys, locks, safes, communications and server rooms, restricted and work area security, fire prevention, detection and suppression, and more.
SSCP with InfosecTrain
Enroll in the SSCP certification training course at InfosecTrain. We are one of the leading security training providers in the world. With the help of our highly educated and trained instructors, you may earn prestigious ISC2 SSCP certifications. This training course will teach you how to apply basic security concepts to the day-to-day operation and administration of enterprise computer systems and stored data.