SSCP Domain : Risk, Response, and Recovery

This course is included in our On-demand training solution.


With more and more business success relying on secure and guaranteed access to data, having plans and policies in place to manage risks and recover from disasters is pivotal. This course provides the learner with the knowledge to provide data redundancy and handling incidents and risks. This course teaches the learner how to identify the threats and vulnerabilities that can put information systems at risk and how to optimize a risk assessment and management system to protect resources. It covers risk limitation and mitigation and the security incident handling process. The course covers business continuity planning and shows how to design an effective disaster contingency plan and an optimized data recovery and restoration methodology. This course guides you through the Common Body of Knowledge (CBK) recommended by the International Information Systems Security Certification Consortium (ISC)2 for its Systems Security Certified Practitioner (SSCP) certification. The SSCP credential certifies student expertise in 7 different knowledge domains.

Target Audience

Experienced IT professionals with a basic knowledge of network and communications protocols and equipment seeking to pass the System Security Certified Practitioner (SSCP) exam, or otherwise gain knowledge in assessing, planning, implementing and managing IT security in an enterprise environment. A minimum of one year’s professional experience in one of the seven SSCP CBK Domains is required for certification.


Expected Duration

180 min.

Course Objectives

Managing Risk and Identifying Vulnerabilities

  • recognize threats and vulnerabilities that expose information technology systems to risk
  • define key risk management concepts
  • Improving Risk Management Systems

  • recognize key factors for improving a risk management system
  • Mitigating Risks

  • specify appropriate risk limitation controls for a particular scenario
  • Detecting and Analyzing Security Incidents

  • describe a security incident detection and analysis process
  • Containing and Eradicating Security Incidents

  • describe a security incident containment and eradication process
  • identify key considerations for gathering and handling evidence
  • Managing and Handling Security Risks and Incidents

    Business Continuity Planning

  • describe a business impact analysis process
  • define key business impact analysis concepts
  • Disaster Contingency Planning and Recovery Strategies

  • select an appropriate disaster recovery site for a particular scenario
  • identify key considerations for disaster recovery planning
  • Testing Disaster Recovery Plans

  • describe disaster plan testing methodologies
  • Data Backup and Restoration Solutions

  • identify an appropriate data backup rotation schedule for a particular scenario
  • Data and System Availability and Redundancy

  • identify features of high-availability and load-balancing clustering
  • select an appropriate RAID level for a particular scenario
  • Disaster Planning and Data Recovery