SSCP Domain: Malicious Code

This course is included in our On-demand training solution.


In the modern world of computing, malicious code is becoming commonplace. Organizations and individuals must protect themselves from these attacks. This course provides a history of malicious code and details of how to recognize and analyze the effects of malcodes and infection vectors on a computing system using VMware testing and file capturing techniques. It also explains how to determine appropriate malcode evaluation and mitigation techniques to protect an enterprise environment. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC)2 for its Systems Security Certified Practitioner (SSCP) certification. The SSCP credential certifies student expertise in 7 different knowledge domains.

Target Audience

Experienced IT professionals with a basic knowledge of network and communications protocols and equipment seeking to pass the System Security Certified Practitioner (SSCP) exam, or otherwise gain knowledge in assessing, planning, implementing and managing IT security in an enterprise environment. A minimum of one year’s professional experience in one of the seven SSCP CBK Domains is required for certification.


Expected Duration

180 min.

Course Objectives

Malicious Code and Naming Conventions

  • recognize components of CARO-like names
  • recognize the main purpose of application security
  • Types of Malcode

  • identify types of malicious code
  • define the basic terms in malicious code
  • The Origins of Malicious Code

  • identify significant events in the evolution of malcode
  • order the significant events in the emergence of the Internet criminal marketplace
  • Infection Vectors

  • identify common methods used to spread malcodes
  • recognize social engineering attacks
  • Malicious Code, its History and Propagation

    Malcode Payloads

  • recognize types of attacks that are carried out on computing environments
  • Infection Identification

  • describe best practices for implementing a security solution in an enterprise environment
  • implement appropriate malcode inspection processes
  • Analysis of Malcode Behavior

  • select appropriate malcode behavioral analysis methods
  • VMware Testing

  • sequence the steps for using VMware to test malcode samples
  • identify techniques for capturing files from a computer
  • Mitigation of Malicious Code

  • identify appropriate malcode mitigation policies for an enterprise environment
  • Identification and Mitigation of Malicious Code