We may earn an affiliate commission when you visit our partners.
(ISC)² Education & Training
Security operations and administration is the task of identifying an organization's information assets and the documentation needed for policy implementation, standards, procedures, and guidelines to ensure confidentiality, integrity, and availability. You will understand the process necessary for working with management and information owners, custodians, and users so that proper data classifications are defined. This will ensure the proper handling of all hard copy and electronic information.
Read more
Security operations and administration is the task of identifying an organization's information assets and the documentation needed for policy implementation, standards, procedures, and guidelines to ensure confidentiality, integrity, and availability. You will understand the process necessary for working with management and information owners, custodians, and users so that proper data classifications are defined. This will ensure the proper handling of all hard copy and electronic information.
Read more
Security operations and administration is the task of identifying an organization's information assets and the documentation needed for policy implementation, standards, procedures, and guidelines to ensure confidentiality, integrity, and availability. You will understand the process necessary for working with management and information owners, custodians, and users so that proper data classifications are defined. This will ensure the proper handling of all hard copy and electronic information.
The Security operations and Administration course addresses basic security concepts and the application of those concepts in the day to day operation and administration of enterprise computer systems and the information that they host.Ethical considerations in general, and the (ISC)2 Code of Ethics in particular, provide the backdrop for any discussion of information security and SSCP candidates will be tested on both. Information security professionals often find themselves in positions of trust and must be beyond reproach in every way.Several core principles of information security stand above all others and this domain covers these principles in some depth. It can be said that the CIA triad of confidentiality, integrity and availability forms the basis for almost everything that we do in information security and the SSCP candidate must not only fully understand these principles but be able to apply them in all situations. additional security concepts covered in this domain include privacy, least privilege, non-repudiation and the separation of duties.
Course Objectives
1. Define Code of Ethics
2. Describe the security concepts
3. Document and operate security controls
4. Describe the asset management process
5. Implement compliance controls
6. Assess compliance controls
7. Describe the change management process
8. Contribute to the security awareness training program
9. Contribute to physical security operations
Register for this course and see more details by visiting:
OpenCourser.com/course/k16h4n/security
Three deals to help you save
We found three deals and offers that may be relevant to this course.
Save money when you learn.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid until December 12
Annual Subscription Savings
Unlock programs from Google, Microsoft, and IBM and join 77% of learners who reported positive career outcomes.
Only $239!
Valid for a limited time only
Future-proof your career
Access O'Reilly books, live events, courses, and more. Save with an annual subscription.
Take
15%
off
What's inside
Syllabus
Understand and Comply with Code of Ethics and Security Concepts
Module Topics: (ISC)2 Code of Ethics, Organizational Code of Ethics, There are usually three types of controls, managerial (sometimes called administrative), Technical (sometimes called logical), and physical (sometimes called operational), Deterrent, Preventative, Detective, and Corrective Controls. Understand and Comply with Code of Ethics: In (ISC)2 Code of Ethics, you will learn about Code of Ethics, and Code of Ethics Canons. In Organizational Code of Ethics, you will learn about how a code of ethics applies to security practitioners, and applying ethical principles. Understand Security Concepts: In Confidentiality, you will learn about consequences of a breach, and ensuring confidentiality. In integrity, you will learn about consequences of integrity failure, availability, and consequences of availability failures. You will also Non-Repudiation. In Privacy, you will understand core guidelines. In least privilege, you will learn about least privilege and cots Applications. You will understand the concept of separation of duties and defense in depth, examples approaches, and additional controls. In Risk based Controls, you will learn about risk assessment data. Security concepts also covers accountability and authorization.
Read more
Syllabus
Understand and Comply with Code of Ethics and Security Concepts
Module Topics: (ISC)2 Code of Ethics, Organizational Code of Ethics, There are usually three types of controls, managerial (sometimes called administrative), Technical (sometimes called logical), and physical (sometimes called operational), Deterrent, Preventative, Detective, and Corrective Controls. Understand and Comply with Code of Ethics: In (ISC)2 Code of Ethics, you will learn about Code of Ethics, and Code of Ethics Canons. In Organizational Code of Ethics, you will learn about how a code of ethics applies to security practitioners, and applying ethical principles. Understand Security Concepts: In Confidentiality, you will learn about consequences of a breach, and ensuring confidentiality. In integrity, you will learn about consequences of integrity failure, availability, and consequences of availability failures. You will also Non-Repudiation. In Privacy, you will understand core guidelines. In least privilege, you will learn about least privilege and cots Applications. You will understand the concept of separation of duties and defense in depth, examples approaches, and additional controls. In Risk based Controls, you will learn about risk assessment data. Security concepts also covers accountability and authorization.
Read more
Participate in Asset Management
Module Topics: Life Cycle, Hardware/Software, and Data. In life Cycle, you will learn about the waterfall model, it's benefits and drawbacks, requirements gathering and analysis, requirements definition, system design, implementation, integration, testing, deployment of system, maintenance, additional application development methods, system vulnerabilities, secure development, and acquisition practices, OWASP top ten, guidelines for developers, IT asset management (ITAM), device management, continuous diagnostics and mitigation (CDM), hardware, hardware asset management desired state, hardware asset management data, the SSCP's challenge, impact and results. In Data, you will learn about secure information storage, considerations, encryption vulnerabilities, database encryption, data scrubbing, data deduplication, managing encryption keys, consideration, Information Rights Management (IRM), secure output, data retention and disposal, shredders, security levels, destruction of magnetic media, erasure or reformatting, data wiping, degaussing, and disclosure controls: data leakage prevention.
Implement and Assess Compliance with Controls & Participate in Change Management Duties
Module Topics: Technical Controls, Operational Controls, Managerial Controls, Security Policies, Standards, Guidelines, and Procedures, Implementation and Configuration Management Plan, security Impact Assessment, System Architecture/Interoperability of Systems, Testing Patches, Fixes, and Updates. In technical Controls, you will learn about identification and authentication, logical access controls, public access controls, audit trails. In Operational Controls, you will learn about operational security measures, operational solutions, managerial Controls. In Security Policies, Standards, Guidelines, and Procedures, you will learn about subject-specific security policies, typical policy elements, policy life cycle, components of a security policy, standard guidelines, and procedures.
Participate in Change Management Duties: In Implementation and Configuration Management Plan, you will learn about release management, release manager, release management policy, release management process, code signing, release management tools, systems assurance and controls validation, configuration management (CM), CM process, CM system goals, operational aspects of CM, hardware inventory, software inventory, configuration lists, configuration management for opening systems, identification, automated configuration management tools, control, accounting, and auditing. You will also understand the concepts of Security Impact Assessment and System Architecture/Interoperability of Systems. In Testing, Patches, Fixes, and Updates, you will learn about patch management, patch management process.
Participate in Physical Security Operations & Security Awareness Training
Module Topics: Security Awareness Training, Physical Security, Building Security, keys, Locks, and safes, communications and Server Rooms, Restricted and Work Area Security, Utilities and HVAC Considerations, Fire Prevention, Detection, and Suppression. Participate in Physical Security Operations: In Physical Security, you will learn about interior access control elements, and escort and visitor control. In building security, you will learn about doors, perimeter doors, door locks, mantraps, and turnstiles. In Keys, Locks, and Safe, you will learn about types of locks, hi-tech keys, safes, vaults, containers, key control, medeco guide for developing and managing key control. In communications and Server Rooms, you will learn about securing the area, protection from lightning, server rooms, and rack security. In Restricted and Work Area Security, you will learn about restricted work areas, data center security, and the "two- person rule". In Utilities and HVAC Considerations, you will learn about utilities and power uninterruptible power supply, generator, HVAC, air contamination, guidelines, and water issues. In Fire Prevention, Detection, and Suppression, you will learn about fire detection, fire suppression, sprinkler systems, and gas suppression systems.
Case Study
Exam
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Teaches students about the (ISC)2 Code of Ethics and how it applies to security practitioners
Explores security concepts such as confidentiality, integrity, availability, and least privilege
Provides guidance on documenting and operating security controls to ensure compliance with regulations
Emphasizes the importance of asset management and outlines best practices for managing hardware, software, and data assets
Covers topics related to change management, including release management, configuration management, and patch management
Includes hands-on exercises and case studies to reinforce learning and prepare students for real-world scenarios
Save this course
Save Security Operations and Administration to your list so you can find it easily later:
Save
Save
Reviews summary
Highly enjoyable and informative security operations course
Learners say this course is highly enjoyable and informative. Its clear and engaging presentations meet the core requirements for SSCP Professionals. Nearly all students highly recommend this course, saying it provides a complete overview of security operations and helps them understand the roles of security practitioners in protecting information.
Students say the course material meets the core requirements for SSCP Professionals.
"The course is technically detailed, meeting the core requirements of SSCP Professionals."
Learners find this course helpful in understanding the role of security practitioners.
"This course gives the correct knowledge of all aspects of security operations which are paramount for the organization's information security."
Students find the course's presentations clear and engaging.
"Presentations are clear and informative."
"Very usefull this course is realated to Security Admin"
Students appreciate the course's thorough overview of security operations.
"It s a brilliant course comprised of minute details in small packet and learners will get a complete overview of the systems."
Vast majority of learners highly recommend this course.
"Learners say this course is highly enjoyable and informative."
"Nearly all students highly recommend this course."
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Security Operations and Administration with these
activities:
Read 'Computer Security Fundamentals' by Chuck Easttom
Show steps
Gain a solid foundation in computer security principles by reviewing a foundational book.
View
Computer Security Fundamentals (Pearson It...
on Amazon
Show steps
-
Read the book to grasp basic principles.
-
Summarize key concepts and highlight important sections.
-
Discuss the book's ideas with a study group.
Complete Security Assessment Tutorials
Show steps
Enhance your understanding of security assessment techniques through guided tutorials.
Browse courses on
Security Assessment
Show steps
-
Identify reputable sources for security assessment tutorials.
-
Choose tutorials that align with your skill level.
-
Follow the tutorials step-by-step and take notes.
-
Test your understanding by applying the techniques.
Practice Access Control Concepts
Show steps
Practice applying access control concepts to enhance your understanding of security controls.
Browse courses on
Access Control
Show steps
-
Review the concept of access control.
-
Identify different authentication methods.
-
Practice implementing access control models.
-
Test your understanding through hypothetical scenarios.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Create Security Awareness Posters
Show steps
Develop creative posters to reinforce security awareness concepts and educate others.
Browse courses on
Security Awareness
Show steps
-
Choose a specific security awareness topic.
-
Research and gather relevant information.
-
Design and create the posters using visually appealing elements.
-
Distribute the posters in high-traffic areas.
Compile a Resource Directory for Security Best Practices
Show steps
Create a comprehensive resource directory to guide you in implementing security best practices.
Browse courses on
Security Best Practices
Show steps
-
Identify credible sources for security best practices.
-
Collect and organize relevant resources.
-
Categorize and index the resources for easy reference.
-
Share the resource directory with peers and colleagues.
Develop a Security Policy and Procedures Manual
Show steps
Create a comprehensive policy manual to solidify your understanding of security best practices.
Browse courses on
Security Policies
Show steps
-
Gather information on security requirements.
-
Draft security policies and procedures.
-
Review and finalize the manual.
-
Implement the manual and monitor its effectiveness.
Attend a Security Conference
Show steps
Expand your knowledge and network with professionals at a security conference.
Browse courses on
Networking
Show steps
-
Research and identify relevant security conferences.
-
Register and attend the conference.
-
Actively participate in sessions and workshops.
-
Network with speakers and attendees.
-
Follow up on connections made at the conference.
Volunteer with a Security Non-Profit Organization
Show steps
Gain practical experience and contribute to the community by volunteering at a security non-profit.
Browse courses on
Volunteering
Show steps
-
Research and identify security non-profit organizations.
-
Contact the organizations and inquire about volunteer opportunities.
-
Commit to a regular volunteering schedule.
-
Participate in security-related activities and projects.
-
Network with other volunteers and professionals in the field.
Read 'Computer Security Fundamentals' by Chuck Easttom
Show steps
Gain a solid foundation in computer security principles by reviewing a foundational book.
View
Computer Security Fundamentals (Pearson It...
on Amazon
Show steps
Show steps
Show steps
- Read the book to grasp basic principles.
- Summarize key concepts and highlight important sections.
- Discuss the book's ideas with a study group.
Complete Security Assessment Tutorials
Show steps
Enhance your understanding of security assessment techniques through guided tutorials.
Browse courses on
Security Assessment
Show steps
Show steps
Show steps
- Identify reputable sources for security assessment tutorials.
- Choose tutorials that align with your skill level.
- Follow the tutorials step-by-step and take notes.
- Test your understanding by applying the techniques.
Practice Access Control Concepts
Show steps
Practice applying access control concepts to enhance your understanding of security controls.
Browse courses on
Access Control
Show steps
Show steps
Show steps
- Review the concept of access control.
- Identify different authentication methods.
- Practice implementing access control models.
- Test your understanding through hypothetical scenarios.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Create Security Awareness Posters
Show steps
Develop creative posters to reinforce security awareness concepts and educate others.
Browse courses on
Security Awareness
Show steps
Show steps
Show steps
- Choose a specific security awareness topic.
- Research and gather relevant information.
- Design and create the posters using visually appealing elements.
- Distribute the posters in high-traffic areas.
Compile a Resource Directory for Security Best Practices
Show steps
Create a comprehensive resource directory to guide you in implementing security best practices.
Browse courses on
Security Best Practices
Show steps
Show steps
Show steps
- Identify credible sources for security best practices.
- Collect and organize relevant resources.
- Categorize and index the resources for easy reference.
- Share the resource directory with peers and colleagues.
Develop a Security Policy and Procedures Manual
Show steps
Create a comprehensive policy manual to solidify your understanding of security best practices.
Browse courses on
Security Policies
Show steps
Show steps
Show steps
- Gather information on security requirements.
- Draft security policies and procedures.
- Review and finalize the manual.
- Implement the manual and monitor its effectiveness.
Attend a Security Conference
Show steps
Expand your knowledge and network with professionals at a security conference.
Browse courses on
Networking
Show steps
Show steps
Show steps
- Research and identify relevant security conferences.
- Register and attend the conference.
- Actively participate in sessions and workshops.
- Network with speakers and attendees.
- Follow up on connections made at the conference.
Volunteer with a Security Non-Profit Organization
Show steps
Gain practical experience and contribute to the community by volunteering at a security non-profit.
Browse courses on
Volunteering
Show steps
Show steps
Show steps
- Research and identify security non-profit organizations.
- Contact the organizations and inquire about volunteer opportunities.
- Commit to a regular volunteering schedule.
- Participate in security-related activities and projects.
- Network with other volunteers and professionals in the field.
Career center
Learners who complete Security Operations and Administration will develop knowledge and skills
that may be useful to these careers:
Information Security Analyst
Information Security Analyst
Information Security Analysts are responsible for protecting an organization's computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This course provides a foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. These are all essential skills for Information Security Analysts.
Security Architect
Security Architect
Security Architects design, implement, and maintain an organization's security infrastructure. They work with stakeholders to identify security requirements, develop security policies, and implement security controls. This course provides a comprehensive overview of security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Security Architects to be successful in their roles.
Security Consultant
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their security posture. They work with clients to identify security risks, develop security plans, and implement security controls. This course provides a strong foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Security Consultants to be successful in their roles.
Network Security Engineer
Network Security Engineer
Network Security Engineers design, implement, and maintain an organization's network security infrastructure. They work with stakeholders to identify security requirements, develop security policies, and implement security controls. This course provides a strong foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Network Security Engineers to be successful in their roles.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for overseeing an organization's information security program. They work with stakeholders to identify security risks, develop security policies, and implement security controls. This course provides a comprehensive overview of security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Information Security Managers to be successful in their roles.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
Chief Information Security Officers (CISOs) are responsible for overseeing an organization's entire security program. They work with stakeholders to identify security risks, develop security policies, and implement security controls. This course provides a comprehensive overview of security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for CISOs to be successful in their roles.
Security Operations Center (SOC) Analyst
Security Operations Center (SOC) Analyst
Security Operations Center (SOC) Analysts monitor an organization's security systems and respond to security incidents. They work with stakeholders to develop security plans, implement security controls, and monitor for security breaches. This course provides a solid foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for SOC Analysts to be successful in their roles.
Security Manager
Security Manager
Security Managers are responsible for overseeing an organization's security program. They work with stakeholders to identify security risks, develop security policies, and implement security controls. This course provides a comprehensive overview of security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Security Managers to be successful in their roles.
Cloud Security Architect
Cloud Security Architect
Cloud Security Architects design, implement, and maintain an organization's cloud security infrastructure. They work with stakeholders to identify security requirements, develop security policies, and implement security controls. This course provides a comprehensive overview of security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Cloud Security Architects to be successful in their roles.
Chief Risk Officer (CRO)
Chief Risk Officer (CRO)
Chief Risk Officers (CROs) are responsible for overseeing an organization's entire risk management program. They work with stakeholders to identify risks, develop risk management policies, and implement controls to mitigate risks. This course provides a comprehensive overview of security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for CROs to be successful in their roles.
Risk and Compliance Manager
Risk and Compliance Manager
Risk and Compliance Managers are responsible for overseeing an organization's risk management and compliance program. They work with stakeholders to identify risks, develop risk management policies, and implement controls to mitigate risks. This course provides a strong foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Risk and Compliance Managers to be successful in their roles.
IT Auditor
IT Auditor
IT Auditors review an organization's IT systems and processes to ensure that they are secure and compliant with regulations. This course provides a strong foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for IT Auditors to be successful in their roles.
Security Compliance Specialist
Security Compliance Specialist
Security Compliance Specialists ensure that an organization's security program complies with regulatory requirements. They work with stakeholders to identify security risks, develop security policies, and implement security controls. This course provides a strong foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Security Compliance Specialists to be successful in their roles.
Security Engineer
Security Engineer
Security Engineers design, implement, and maintain security solutions. They work with stakeholders to identify security requirements, develop security policies, and implement security controls. This course provides a solid foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Security Engineers to be successful in their roles.
Cybersecurity Analyst
Cybersecurity Analyst
Cybersecurity Analysts identify, analyze, and respond to cybersecurity threats. They work with stakeholders to develop security plans, implement security controls, and monitor for security breaches. This course provides a solid foundation in security concepts, asset management, compliance controls, change management, physical security, and security awareness training. This knowledge is essential for Cybersecurity Analysts to be successful in their roles.
For more career information including salaries, visit:
OpenCourser.com/course/k16h4n/security
Reading list
We've selected 13 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Security Operations and Administration.
Comprehensive guide to the CISSP exam, covering all eight domains of the exam.
Provides a foundation in network security, covering topics such as network security threats, vulnerabilities, and countermeasures.
Provides a hands-on approach to computer security, covering topics such as cryptography, authentication, and access control.
Provides a step-by-step guide to network security, covering topics such as firewalls, intrusion detection systems, and VPNs.
Provides a comprehensive overview of information security management, covering topics such as risk assessment, security policies, and incident response.
Provides a guide to building dependable distributed systems, covering topics such as security requirements, threat modeling, and fault tolerance.
Save
Provides a comprehensive overview of cryptography, covering topics such as encryption, authentication, and digital signatures.
Provides an introduction to computer security, covering topics such as cryptography, authentication, and access control.
Provides a comprehensive overview of security in computing, covering topics such as security threats, vulnerabilities, and countermeasures.
Provides a comprehensive overview of cryptography and network security, covering topics such as encryption, authentication, and network security protocols.
Provides a comprehensive overview of network security essentials, covering topics such as network security threats, vulnerabilities, and countermeasures.
Save
Provides a practical guide to network security, covering topics such as hacking techniques, vulnerability assessment, and penetration testing.
Save
Provides a unique perspective on security, focusing on the human element.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/k16h4n/security
Share
Similar courses
Here are nine courses similar to
Security Operations and Administration.
Security Operations and Administration for SSCP®
OpenCourser.com/course/dt53hm/security
Security Operations and Administration for SSCP®
Most relevant
Cryptography for SSCP®
OpenCourser.com/course/z4lx32/cryptography
Cryptography for SSCP®
Most relevant
Systems and Application Security for SSCP®
OpenCourser.com/course/4enqke/systems
Systems and Application Security for SSCP®
Most relevant
Network and Communications Security for SSCP®
OpenCourser.com/course/tk94hj/network
Network and Communications Security for SSCP®
Most relevant
Cryptography
OpenCourser.com/course/frn6fu/cryptograph
Cryptography
Most relevant
Networks and Communications Security
OpenCourser.com/course/fui85z/networks
Networks and Communications Security
Most relevant
Cybersecurity Fundamentals
OpenCourser.com/course/6dyzny/cybersecurity
Cybersecurity Fundamentals
Information and Cyber Security Literacy: Security Engineering and Architecture
OpenCourser.com/course/6zvsk6/information
Information and Cyber Security Literacy: Security...
Play It Safe: Manage Security Risks
OpenCourser.com/course/xk9ut0/play
Play It Safe: Manage Security Risks
Level
Introductory
Via
Coursera
Institution
ISC2
Instructor
(ISC)² Education & Training
Language
English
Transcripts
Español
Français
Português
Deutsch
Italiano
中文
العربية
한국어
日本語
हिंदी
Nederlands
Svenska
Pусский
Türkçe
Polski
Ελληνικά
українська мова
Bahasa Indonesia
ไทย
қазақша
This course belongs to a
collection
called
(ISC)² Systems Security Certified Practitioner (SSCP) . It's comprised of six courses:
- Security Operations and Administration (viewing)
- Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
- Cryptography
- Access Controls
- Systems and Application Security
- Networks and Communications Security
Good to know
Teaches students about the (ISC)2 Code of Ethics and how it applies to security practitioners
Explores security concepts such as confidentiality, integrity, availability, and least privilege
Provides guidance on documenting and operating security controls to ensure compliance with regulations
Emphasizes the importance of asset management and outlines best practices for managing hardware, software, and data assets
Covers topics related to change management, including release management, configuration management, and patch management
Includes hands-on exercises and case studies to reinforce learning and prepare students for real-world scenarios
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser