The SSCP includes topics from seven domains:
- Access controls
- Malicious code and activity
- Monitoring and analysis
- Networks and communications
- Risk, response, and recovery
- Security operations and administration
This includes items such as the different factors of authentication, and various controls used to control access to files, systems, and networks.
You should have a basic understanding of the purpose of cryptography, including hashing, symmetric encryption, asymmetric encryption, certificates, and secure protocols such as IPSec, SSL, TLS, and S/MIME.
This includes a wide variety of malicious activity such as phishing, viruses, worms, Trojan horses, botnets, Denial of Service (DoS) attacks, and more. In addition to knowing the methods to detect malware, you should also know some of the different methods that malware uses to prevent detection. This topic also includes non-technical aspects such as social engineering and the importance of user training.
These topics start to get a little more technical with items such as Intrusion Detection Systems, Intrusion Prevention Systems, honeypots, and sniffers. You should also have a basic understanding of what to look for when analyzing the results.
Common networking topics such as the OSI and TCP/IP models, common protocols, remote access, firewalls, and wireless technologies are covered. If you have a networking background, you’ll find this material familiar, though you’ll need to ensure you brush up on the individual topics listed in the CIB. A Network+ or CCNA certification will definitely help you here.
These topics cover a widely diverse set of knowledge that someone with only a single year of experience will rarely have. It includes concepts about risk management, security assessments, incident handling, Business Continuity Plans (BCPs), and Disaster Recovery Plans (DRPs).
Topics include security administration, change management, security awareness education, the (ISC)2 code of ethics, and more. It’s worth noting that the code of ethics you subscribe to isn’t something you should just scan over. They are actually identified in the CIB.