SSCP®: Cryptography & Networks and Communications (2012 Objectives)

Part 4 of 5 of the Systems Security Certified Practitioner (SSCP®) series. This series will prepare you for the Systems Security Certified Practitioner (SSCP®) certification.
Course info
Rating
(107)
Level
Intermediate
Updated
Nov 18, 2015
Duration
4h 10m
Table of contents
Concepts and Requirements of Cryptography
Certificate and Key Management
Secure Protocols
Networks
Telecommunications
Remote Access
Firewalls and Proxies
Wireless and Cellular Technologies
Description
Course info
Rating
(107)
Level
Intermediate
Updated
Nov 18, 2015
Duration
4h 10m
Description

Part 4 of 5 of the Systems Security Certified Practitioner (SSCP®) series. This series will prepare you for the Systems Security Certified Practitioner (SSCP®) certification. Learn about cool topics like access controls, security operations, security administration, monitoring, analysis, risks, responses, recovery, cryptography, networks, communication, malicious code, and malicious activity. This training course is the perfect entry-level course for someone looking to launch their career in security or advance their current security position.

About the author
About the author

Award-winning author and video instructor Tony Northrup (MCITP, MCPD, MCSE, MCTS, CISSP) has published more than 30 books covering Windows, networking, and Microsoft certification.

More from the author
Section Introduction Transcripts
Section Introduction Transcripts

Concepts and Requirements of Cryptography
Hi, this is Tony Northrup for TrainSignal and in this video lesson I'm going to cover the concepts and requirements of Cryptography for the SSCP certification exam. Cryptography is the intersection of math and security, the math behind it is pretty crazy and pretty complex, and if you're into math it's really fascinating, if you're not into math, don't worry I'm not going to go to much into the details of how it actually works because the nice part about Cryptography is some math geniuses have done all the hard stuff for you, and they just give you some apps and settings, but you still need to understand the concepts of Cryptography, both for the real world and your certification exam. Cryptography is primarily used for three different things, Encryption which is protecting data confidentiality, Hashing which is protecting data integrity, and Digital Signing which can provide authentication and non-repudiation.

Certificate and Key Management
Hi, this is Tony Northrup for Train Signal and in this video lesson I'm going to cover Certificate and Key Management for the SSCP certification exam, these concepts are critical for implementing Asymmetric Cryptography using a public key infrastructure, basically if you want to do Encryption and Digital Signatures and stuff, you need this. As covered in more depth in other lesson Asymmetric Cryptography allows you to encrypt things and decrypt things securely, you can encrypt something and only the person with a private key can decrypt it, that's because of this complex mathematical relationship between the public key and the private key, however issuing these keys and keeping them secret is a pretty complex process. to make it easier to manage these keys you create a public key infrastructure, there are lots of different applications out there that create the PKI for you, and many of them are built into the operating systems that your already using, most PKIs are based on open standards, and as a result they work across vendors, so as your addressing different vendors you probably don't have to worry about compatibility, instead you can look at things like ease of use and manageability and cost. Ultimately what the PKI gives you are three important things, Authentication, just confirming that the owner actually owns a private key, as well as non-repudiation, which proves that the claimed sender of the file is genuinely the sender of the file. Digital Signatures also allow you to verify that a file hasn't changed since it was sent.

Secure Protocols
Hi, this is Tony Northrup for Train Signal, and in this video lesson I'm going to teach you about all sorts of secure protocols for the SSCP certification exam, if you love acronyms and memorization this is going to be a blast, okay maybe this is one of the drier lessons in the series, but these types of facts are really easy to write questions about, so there's a good chance that the exam writers are going to be a little bit lazy and this is the kind of thing that they like to test. Let's get started by discussing Symmetric Encryption.

Firewalls and Proxies
Hi, this is Tony Northrup for Train Signal's SSCP certification video training course, and in this lesson I'd like to talk to you about Firewall and Proxies, two of the most important security elements of a network. As you might recall from previous lessons Firewalls monitor network traffic, and drop any traffic that they don't think is safe, anything that hasn't been explicitly allowed through the Firewall is dropped by a Firewall. Now there are two types of Firewalls, Network Firewalls, and Host-based Firewalls, as you can see here the Network Firewall connects to the network, it exists on the network between the host machines and the internet, or whatever it is your trying to protect, all communications between the two networks go through the firewall, this computer wants to access TrainSignal. com, those requests get passed through the Firewall, and the Firewall gets to decide if they continue on or not, so an administrator could block TrainSignal. com, I don't know why they'd want to do that, but more likely the network administrator will configure the firewall to block requests coming in from the internet, and only allow those requests that are specifically required for the applications used on the internal network. Now the Host-based Firewall here is actually a chunk of software that's running on this PC, that allows the Host-based Firewall to monitor all communications coming in across that PCs network adapter.