Скачать книгу

information security knowledge. These domains are meant to serve as the broad knowledge foundation required to succeed in the information security profession. They include:

       Access Controls

       Security Operations and Administration

       Risk Identification, Monitoring, and Analysis

       Incident Response and Recovery

       Cryptography

       Network and Communications Security

       Systems and Application Security

      Complete details on the SSCP Common Body of Knowledge (CBK) are contained in the Candidate Information Bulletin (CIB). The CIB, which includes a full outline of exam topics, can be found on the ISC2 website at www.isc2.org.

      The SSCP exam is a 3-­hour exam that consists of 125 questions covering the seven domains. Passing requires achieving a score of at least 700 out of 1,000 points. It’s important to understand that this is a scaled score, meaning that not every question is worth the same number of points. Questions of differing difficulty may factor into your score more or less heavily. That said, as you work through these practice exams, you might want to use 70 percent as a yardstick to help you get a sense of whether you’re ready to sit for the actual exam. When you’re ready, you can schedule an exam via links provided on the (ISC)2 website—­tests are offered in locations throughout the world.

      The questions on the SSCP exam are all multiple choice questions with four answer options. You will be asked to select the one correct answer for each question. Watch out for questions that ask you to exercise judgement—­these are commonly used on (ISC)2 exams. You might be asked to identify the “best” option or select the “least” expensive approach. These questions require that you use professional judgement to come to the correct answer.

      Computer-­Based Testing Environment

      Almost all SSCP exams are now administered in a computer-­based testing (CBT) format. You’ll register for the exam through the Pearson Vue website and may take the exam in the language of your choice. It is offered in English, Japanese, and Brazilian Portuguese.

      When you sit down to take the exam, you’ll be seated at a computer that has the exam software already loaded and running. It’s a pretty straightforward interface that allows you to navigate through the exam. You can download a practice exam and tutorial from Pearson at: http://www.vue.com/athena/athena.asp.

      Be aware that the testing software will not let you move back to questions that you previously saw. Each time a question is presented to you, you must provide your answer before moving on to the next question. Be sure to read each question carefully and thoroughly before advancing because you will not have any other opportunity to check your work.

      Exam Retake Policy

      If you don’t pass the SSCP exam, you shouldn’t panic. Many individuals don’t reach the bar on their first attempt but gain valuable experience that helps them succeed the second time around. When you retake the exam, you’ll have the benefit of familiarity with the CBT environment and SSCP exam format. You’ll also have time to study up on the areas where you felt less confident.

      After your first exam attempt, you must wait 30 days before retaking the computer-­based exam. If you’re not successful on that attempt, you must then wait 60 more days before your third attempt and 90 more days before any additional attempt. You may only attempt the SSCP exam four times within any 12-­month period. For more information on the Retake Policy, see https://www.isc2.org/Exams/After-­Your-­Exam.

      none (ISC)2 exam policies are subject to change. Please be sure to check www.isc2.org for the current policies before you register and take the exam.

      Candidates who wish to earn the SSCP credential must not only pass the exam but also demonstrate that they have at least one year of work experience in the information security field. Your work experience must cover activities in at least one of the seven domains of the SSCP program and must be paid employment.

      You may be eligible to waive the work experience requirement based on your educational achievements. If you hold a bachelor’s or master’s degree in cybersecurity, you may be eligible for a degree waiver that covers one of those years. For more information see https://www.isc2.org/Certifications/SSCP/experience-­requirements.

      If you haven’t yet completed your work experience requirement, you may still attempt the SSCP exam. Individuals who pass the exam are designated Associates of (ISC)2 and have two years to complete the work experience requirement.

      To maintain your SSCP certification, you must earn at least 60 CPE credits during each three-­year renewal period. (ISC)2 provides an online portal where members may submit CPE completion for review and approval. The portal also tracks annual maintenance fee payments and progress toward recertification.

      This book is composed of 9 chapters. Each of the first seven chapters covers a domain, with a variety of questions that can help you test your knowledge of real-­world, scenario, and best practices–based security knowledge. The final two chapters are complete practice exams that can serve as timed practice tests to help determine if you’re ready for the SSCP exam.

      We recommend taking the first practice exam to help identify where you may need to spend more study time, and then using the domain-­specific chapters to test your domain knowledge where it is weak. Once you’re ready, take the second practice exam to make sure you’ve covered all of the material and are ready to attempt the SSCP exam.

      All of the questions in this book are also available in Sybex’s online practice test tool. To get access to this online format, go to www.wiley.com/go/sybextestprep and start by registering your book. You’ll receive a pin code and instructions on where to create an online test bank account. Once you have access, you can use the online version to create your own sets of practice tests from the book questions and practice in a timed and graded setting.

      none Do you need more? If you are not seeing passing grades on these practice tests, look for the all new (ISC)2 SSCP Systems Security Certified Practitioner Official Study Guide, Third Edition by Michael S. Wills (ISBN: 978-­1-­119-­85498-2). This book is an excellent resource to master any SSCP topics causing

Скачать книгу