Official (ISC)2 Guide to the SSCP CBK (Hardcover, 2 ed)

Access Controls; Paul Henry
Access Control Concepts
Architecture Models
Identification, Authentication, Authorization, and Accountability
Remote Access Methods
Other Access Control Areas
Sample Questions

Cryptography; Christopher M. Nowell
The Basics
Symmetric Cryptography
General Cryptography
Specific Hashes
Specific Protocols
X.509
Sample Questions

Malicious Code; Ken Dunham
Introduction to Windows Malcode Security Management
Malcode Naming Conventions and Types
Brief History of Malcode
Vectors of Infection
Payloads
Identifying Infections
Behavioral Analysis of Malcode
Malcode Mitigation
Sample Questions

Monitoring and Analysis; Mike Mackrill
Policy, Controls, and Enforcement
Audit
Monitoring
Sample Questions

Networks and Telecommunications; Eric Waxvik and Samuel Chun
Introduction to Networks and Telecommunications
Network Protocols and Security Characteristics
Data Communications and Network Infrastructure Components and Security Characteristics
Wireless Local Area Networking
Sample Questions

Security Operations and Administration; C. Karen Stopford
Security Program Objectives: The C-I-A Triad
Code of Ethics
Security Best Practices
Designing a Security Architecture
Security Program Frameworks
Aligning Business, IT, and Security
Security Architecture and Models
Access Control Models
Identity and Access Management
Managing Privileged User Accounts
Outsourcing Security and Managed Security Service Providers
Business Partner Security Controls
Security Policies, Standards, Guidelines, and Procedures
Considerations for Safeguarding Confidentiality
Privacy and Monitoring
Information Life Cycle
Protecting Confidentiality and Information Classification
Information Handling Policy
Information Collection
Secure Information Storage
Secure Output
Record Retention and Disposal
Disclosure Controls: Data Leakage Prevention
Secure Application Development
Web Application Vulnerabilities and Secure Development Practices
Implementation and Release Management
Systems Assurance and Controls Validation
Certification and Accreditation
Security Assurance Rating: Common Criteria
Change Control
Configuration Management
Patch Management
Monitoring System Integrity
Endpoint Protection
Thin Client Implementations
Metrics
Security Awareness and Training
Review Questions
References

Risk, Response, and Recovery; Chris Trautwein
Introduction to Risk Management
Incident Response
Forensics
Recovery

Appendix: Questions and Answers
Access Controls
Cryptography
Malicious Code
Monitoring and Analysis
Networks and Telecommunications
Risk, Response, and Recovery
Security Operations and Administration