Security operations and administration is the task of identifying an organization's information assets and the documentation needed for policy implementation, standards, procedures, and guidelines to ensure confidentiality, integrity, and availability. You will understand the process necessary for working with management and information owners, custodians, and users so that proper data classifications are defined. This will ensure the proper handling of all hard copy and electronic information.
The Security operations and Administration course addresses basic security concepts and the application of those concepts in the day to day operation and administration of enterprise computer systems and the information that they host.Ethical considerations in general, and the (ISC)2 Code of Ethics in particular, provide the backdrop for any discussion of information security and SSCP candidates will be tested on both. Information security professionals often find themselves in positions of trust and must be beyond reproach in every way.Several core principles of information security stand above all others and this domain covers these principles in some depth. It can be said that the CIA triad of confidentiality, integrity and availability forms the basis for almost everything that we do in information security and the SSCP candidate must not only fully understand these principles but be able to apply them in all situations. additional security concepts covered in this domain include privacy, least privilege, non-repudiation and the separation of duties.
Course Objectives
1. Define Code of Ethics
2. Describe the security concepts
3. Document and operate security controls
4. Describe the asset management process
5. Implement compliance controls
6. Assess compliance controls
7. Describe the change management process
8. Contribute to the security awareness training program
9. Contribute to physical security operations
Dieser Kurs ist Teil der Spezialisierung Spezialisierung (ISC)² Systems Security Certified Practitioner (SSCP)
Security Operations and Administration
von
467 bereits angemeldet!
Lehrplan - Was Sie in diesem Kurs lernen werden
Woche
13 Stunden zum Abschließen
Understand and Comply with Code of Ethics and Security Concepts
Module Topics: (ISC)2 Code of Ethics, Organizational Code of Ethics, There are usually three types of controls, managerial (sometimes called administrative), Technical (sometimes called logical), and physical (sometimes called operational), Deterrent, Preventative, Detective, and Corrective Controls. Understand and Comply with Code of Ethics: In (ISC)2 Code of Ethics, you will learn about Code of Ethics, and Code of Ethics Canons. In Organizational Code of Ethics, you will learn about how a code of ethics applies to security practitioners, and applying ethical principles. Understand Security Concepts: In Confidentiality, you will learn about consequences of a breach, and ensuring confidentiality. In integrity, you will learn about consequences of integrity failure, availability, and consequences of availability failures. You will also Non-Repudiation. In Privacy, you will understand core guidelines. In least privilege, you will learn about least privilege and cots Applications. You will understand the concept of separation of duties and defense in depth, examples approaches, and additional controls. In Risk based Controls, you will learn about risk assessment data. Security concepts also covers accountability and authorization.
10 Videos (Gesamt 67 min), 10 Lektüren, 1 Quiz
10 Videos
Security Concepts: Confidentiality7m
Security Concepts: Ensuring Confidentiality4m
Security Concepts: Consequences of Integrity Failures6m
Security Concepts: Core Guidelines5m
Security Concepts: Least Privilege7m
Security Concepts: Additional Controls6m
Security Concepts: Risk Assessment Data5m
Security Controls: Deterrent, Preventive, Detective, and Corrective Controls5m
Security Controls: Timeline of a Security Incident6m
10 Lektüren
Understand and Comply with Code of Ethics10m
Security Concepts: Confidentiality10m
Security Concepts: Ensuring Confidentiality10m
Security Concepts: Consequences of Integrity Failures10m
Security Concepts: Core Guidelines10m
Security Concepts: Least Privilege10m
Security Concepts: Additional Controls10m
Security Concepts: Risk Assessment Data10m
Security Controls: Deterrent, Preventive, Detective, and Corrective Controls10m
Security Controls: Timeline of a Security Incident10m
1 praktische Übung
Quiz 120m
Woche
24 Stunden zum Abschließen
Participate in Asset Management
Module Topics: Life Cycle, Hardware/Software, and Data. In life Cycle, you will learn about the waterfall model, it's benefits and drawbacks, requirements gathering and analysis, requirements definition, system design, implementation, integration, testing, deployment of system, maintenance, additional application development methods, system vulnerabilities, secure development, and acquisition practices, OWASP top ten, guidelines for developers, IT asset management (ITAM), device management, continuous diagnostics and mitigation (CDM), hardware, hardware asset management desired state, hardware asset management data, the SSCP's challenge, impact and results. In Data, you will learn about secure information storage, considerations, encryption vulnerabilities, database encryption, data scrubbing, data deduplication, managing encryption keys, consideration, Information Rights Management (IRM), secure output, data retention and disposal, shredders, security levels, destruction of magnetic media, erasure or reformatting, data wiping, degaussing, and disclosure controls: data leakage prevention.
14 Videos (Gesamt 84 min), 14 Lektüren, 1 Quiz
14 Videos
Asset Management: The Waterfall Model10m
Asset Management: Benefits and Drawbacks5m
Asset Management: Deployment of System4m
Asset Management: OWASP Top Ten5m
Asset Management: Guidelines for Developers5m
Asset Management: IT Asset Management (ITAM)5m
Asset Management: Impact and Result4m
Asset Management: Encryption Vulnerabilities6m
Asset Management: Data Scrubbing6m
Asset Management: Considerations6m
Asset Management: Secure Output6m
Asset Management: Destruction of Magnetic Media4m
Asset Management: Disclosure Controls4m
14 Lektüren
Asset Management: Life Cycle10m
Asset Management: The Waterfall Model10m
Asset Management: Benefits and Drawbacks10m
Asset Management: Deployment of System10m
Asset Management: OWASP Top Ten10m
Asset Management: Guidelines for Developers10m
Asset Management: IT Asset Management (ITAM)10m
Asset Management: Impact and Result10m
Asset Management: Encryption Vulnerabilities10m
Asset Management: Data Scrubbing10m
Asset Management: Considerations10m
Asset Management: Secure Output10m
Asset Management: Destruction of Magnetic Media10m
Asset Management: Disclosure Controls10m
1 praktische Übung
Quiz 220m
Woche
33 Stunden zum Abschließen
Implement and Assess Compliance with Controls & Participate in Change Management Duties
Module Topics: Technical Controls, Operational Controls, Managerial Controls, Security Policies, Standards, Guidelines, and Procedures, Implementation and Configuration Management Plan, security Impact Assessment, System Architecture/Interoperability of Systems, Testing Patches, Fixes, and Updates. In technical Controls, you will learn about identification and authentication, logical access controls, public access controls, audit trails. In Operational Controls, you will learn about operational security measures, operational solutions, managerial Controls. In Security Policies, Standards, Guidelines, and Procedures, you will learn about subject-specific security policies, typical policy elements, policy life cycle, components of a security policy, standard guidelines, and procedures.
Participate in Change Management Duties: In Implementation and Configuration Management Plan, you will learn about release management, release manager, release management policy, release management process, code signing, release management tools, systems assurance and controls validation, configuration management (CM), CM process, CM system goals, operational aspects of CM, hardware inventory, software inventory, configuration lists, configuration management for opening systems, identification, automated configuration management tools, control, accounting, and auditing. You will also understand the concepts of Security Impact Assessment and System Architecture/Interoperability of Systems. In Testing, Patches, Fixes, and Updates, you will learn about patch management, patch management process.
9 Videos (Gesamt 58 min), 9 Lektüren, 1 Quiz
9 Videos
Compliance with Controls: Managerial Controls6m
Compliance with Controls: Policy Life Cycle7m
Change Management Duties: Implementation and Configuration Management Plan7m
Change Management Duties: Systems Assurance and Controls Validation5m
Change Management Duties: CM Process5m
Change Management Duties: Configuration Management for Operating Systems6m
Change Management Duties: Control8m
Change Management Duties: Testing Patches, Fixes, and Updates6m
9 Lektüren
Compliance with Controls: Technical Controls10m
Compliance with Controls: Managerial Controls10m
Compliance with Controls: Policy Life Cycle10m
Change Management Duties: Implementation and Configuration Management Plan10m
Change Management Duties: Systems Assurance and Controls10m
Change Management Duties: CM Process10m
Change Management Duties: Configuration Management for Operating Systems10m
Change Management Duties: Control10m
Change Management Duties: Testing Patches, Fixes, and Updates10m
1 praktische Übung
Week 3 Quiz20m
Woche
43 Stunden zum Abschließen
Participate in Physical Security Operations & Security Awareness Training
Module Topics: Security Awareness Training, Physical Security, Building Security, keys, Locks, and safes, communications and Server Rooms, Restricted and Work Area Security, Utilities and HVAC Considerations, Fire Prevention, Detection, and Suppression. Participate in Physical Security Operations: In Physical Security, you will learn about interior access control elements, and escort and visitor control. In building security, you will learn about doors, perimeter doors, door locks, mantraps, and turnstiles. In Keys, Locks, and Safe, you will learn about types of locks, hi-tech keys, safes, vaults, containers, key control, medeco guide for developing and managing key control. In communications and Server Rooms, you will learn about securing the area, protection from lightning, server rooms, and rack security. In Restricted and Work Area Security, you will learn about restricted work areas, data center security, and the "two- person rule". In Utilities and HVAC Considerations, you will learn about utilities and power uninterruptible power supply, generator, HVAC, air contamination, guidelines, and water issues. In Fire Prevention, Detection, and Suppression, you will learn about fire detection, fire suppression, sprinkler systems, and gas suppression systems.
11 Videos (Gesamt 65 min), 11 Lektüren, 1 Quiz
11 Videos
Physical Security Operations: Doors4m
Physical Security Operations: Door Locks4m
Physical Security Operations: Turnstiles6m
Physical Security Operations: Securing the Area6m
Physical Security Operations: Rack Security5m
Physical Security Operations: HVAC6m
Security Operations: Sprinkler Systems5m
Security Operations: Gas Suppression Systems5m
Security Awareness Training: Critical Success Factors7m
Security Awareness Training: Training6m
11 Lektüren
Physical Security Operations: Physical Security10m
Physical Security Operations: Doors10m
Physical Security Operations: Door Locks10m
Physical Security Operations: Turnstiles10m
Physical Security Operations: Securing the Area10m
Physical Security Operations: Rack Security10m
Physical Security Operations: HVAC10m
Security Operations: Sprinkler Systems10m
Security Operations: Gas Suppression Systems10m
Security Awareness Training: Critical Success Factors10m
Security Awareness Training: Training10m
1 praktische Übung
Week 4 Quiz20m
Woche
52 Stunden zum Abschließen
Case Study
1 Quiz
Woche
61 Stunde zum Abschließen
Exam
1 Lektüre, 1 Quiz
1 Lektüre
SSCP Exam Information10m
1 praktische Übung
End of the Course Assessment30m
Top-Bewertungen
Thank you. Great course. The instructor breaks everything down, and makes it easy to learn.
Dozent
(ISC)² Education & Training
Education & Training
Über (ISC)²
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. www.isc2.org
Über die Spezialisierung (ISC)² Systems Security Certified Practitioner (SSCP)
Pursue better IT security job opportunities and prove knowledge with confidence. The SSCP Professional Training Certificate shows employers you have the IT security foundation to defend against cyber attacks – and puts you on a clear path to earning SSCP certification.
Learn on your own schedule with 120-day access to content aligned with the latest (ISC)2 SSCP exam domains. We’re offering the complete online self-paced program for only $1,000 – a $200 savings when you get all domains bundled together.
3 Steps to Career Advancement
1. Register for the course
2. Gain access for 120 days
3. Register and sit for the SSCP certification exam
Upon completing the SSCP Professional Certificate, you will:
1. Complete six courses of preparing you to sit for the Systems Security Certified Practitioner (SSCP) certification exam as outlined below.
Course 1 - Access Controls
Course 2 - Security Operations and Administration
Course 3 - Risk Identification, Monitoring, and Analysis/Incident Response and Recovery
Course 4 - Cryptography
Course 5 - Network and Communication Security
Course 6 - Systems and Application Security
2. Receive a certificate of program completion.
3. Understand how to implement, monitor and administer an organization’s IT infrastructure in accordance with security policies and procedures that ensure data confidentiality, integrity and availability.
Häufig gestellte Fragen
Kann ich vor der Anmeldung eine Vorschau des Kurses ansehen?
Ja, Sie können eine Vorschau des ersten Videos und den Lehrplan ansehen, bevor Sie sich anmelden. Sie müssen den Kurs kaufen, um Zugriff auf die Inhalte zu erhalten, die nicht in der Vorschau inbegriffen sind.
Wann erhalte ich Zugang zu den Vorträgen und Aufgaben?
Wenn Sie sich vor dem Startdatum der ersten Kurseinheit anmelden, haben Sie Zugriff auf alle Vortragsvideos und Texte für den Kurs. Sobald die erste Kurseinheit beginnt, können Sie Aufgaben einreichen.
Was bekomme ich, wenn ich mich anmelde?
Sobald Sie sich anmelden und Ihre Kurseinheit beginnt, haben Sie Zugriff auf alle Videos und andere Ressourcen, einschließlich der Texte und des Kurs-Diskussionsforums. Sie können praktische Aufgaben ansehen und einreichen und erforderliche bewertete Aufgaben abschließen, um eine Bewertung und ein Kurszertifikat zu erhalten.
Wann erhalte ich mein Kurszertifikat?
Wenn Sie den Kurs erfolgreich abschließen, wird der Seite „Errungenschaften“ Ihr elektronisches Kurszertifikat hinzugefügt – von dort können Sie Ihr Kurszertifikat ausdrucken oder es zu Ihrem LinkedIn-Profil hinzufügen.
Warum kann ich nicht als Gast an diesem Kurs teilnehmen?
Dieser Kurs ist einer der wenigen auf Coursera angebotenen Kurse, die derzeit ausschließlich für Kursteilnehmer zugänglich sind, die bezahlt oder finanzielle Unterstützung erhalten haben, wenn diese verfügbar ist.
Wie erfolgen Rückerstattungen?
How long does it take to complete the course?
The course schedule contains approximately 16 hours of content material covering lectures, reading materials, a case study, and quizzes broken up over the course of 6 weeks.
Haben Sie weitere Fragen? Besuchen Sie das Hilfe-Center für Teiln..
Coursera arbeitet mit erstklassigen Universitäten und Organisationen zusammen, um Online-Kurse anzubieten und dadurch universellen Zugriff auf die weltweit beste Ausbildung zu ermöglichen.
© 2019 Coursera Inc. Alle Rechte vorbehalten.
