Jason Edwards

Certified: The SSCP Audio Course

The SSCP Audio Course from BareMetalCyber.com delivers a complete, exam-ready learning experience for cybersecurity professionals who prefer to learn on the go. Each episode breaks down complex security concepts into plain English, aligning directly with the official (ISC)² Systems Security Certified Practitioner domains. Listeners gain a clear understanding of the core principles—access controls, risk management, cryptography, network defense, and incident response—through real-world examples that tie theory to practice. Every topic is designed to reinforce what matters most on exam day: how...

Author

Jason Edwards

Category

Technology

Podcast website

baremetalcyber.com

Latest episode

Mar 11, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Welcome to the SSCP Course! 11.03.2026

If you are preparing for the Systems Security Certified Practitioner certification, you already know the challenge. There is a lot of material to cover, and most professionals studying for SSCP are balancing that preparation with a full-time job, family responsibilities, and everything else life throws at them. That is exactly why this course exists. The SSCP Audio Course is designed specifically...

Episode 70 — Triage the Adaptive Exam With Proven Tactics 11.11.2025

The SSCP’s adaptive format rewards steady decision-making and penalizes wasted time, so tactics matter as much as knowledge. We explain how adaptive scoring selects items near your current ability estimate, why early stability helps, and how to pace without clock anxiety. You’ll learn a simple loop for each question: read the objective in the stem, eliminate distractors that fail the objective, co...

Episode 69 — Essential Terms: Plain-Language Glossary for the SSCP 11.11.2025

Fast recall of precise meanings accelerates problem solving on exam day, so this episode presents a plain-language mini-glossary woven into context rather than alphabet soup. We clarify frequently tested pairs that candidates mix up: authentication versus authorization, vulnerability versus threat versus risk, qualitative versus quantitative analysis, and preventive versus detective versus correct...

Episode 68 — Consolidate Systems and Application Security Best Practices 11.11.2025

This capstone pulls together system and application safeguards into one coherent playbook, mirroring how exam scenarios blend layers. We connect configuration baselines, least privilege, patch management, and logging with application concerns like input validation, output encoding, authentication flows, and session management. You’ll learn how to convert business requirements into control objectiv...

Episode 67 — Mitigate Hypervisor and Container Security Weaknesses 11.11.2025

Hypervisors and containers minimize overhead differently, which changes how isolation can fail and how you defend it. We distinguish threats to hypervisors—escape exploits, insecure device emulation, overprivileged management APIs—from container risks such as shared kernels, vulnerable images, and noisy orchestration metadata. You’ll learn why host hardening, minimal attack surface, secure boot, a...

Episode 66 — Operate Secure Virtualization Platforms and Services Safely 11.11.2025

Virtualization concentrates risk and enables resilience, so the SSCP exam expects you to understand both the power and the pitfalls. This episode clarifies core concepts—hypervisors (type 1 vs. type 2), guests, snapshots, templates, virtual switches, and storage backends—and explains how shared resources change the threat model. We connect identity and access management to platform roles, highligh...

Episode 65 — Manage Cloud Data Protections, SLAs, and Provider Risk 11.11.2025

Protecting data in the cloud means aligning technical safeguards with service-level commitments and third-party risk oversight. We detail encryption at rest and in transit, tokenization and field-level controls, data loss prevention in SaaS, and backup and snapshot policies keyed to recovery objectives. Service-level agreements (SLAs) define availability, support windows, and response times; we li...

Episode 64 — Navigate Cloud Legal Duties and Shared Responsibilities 11.11.2025

Legal and contractual duties do not vanish in the cloud; they shift and require careful mapping. This episode explains shared responsibility: providers secure the infrastructure they run, while customers configure and govern what they deploy. We tie this to privacy and regulatory obligations—data residency, cross-border transfer, breach notification timelines, and audit rights—and to artifacts lik...

Episode 63 — Understand Cloud Deployment and Service Models Clearly 11.11.2025

Cloud topics appear across SSCP domains, and clarity on models is essential. We define deployment models—public, private, community, and hybrid—and service models—Infrastructure as a Service, Platform as a Service, and Software as a Service. You’ll learn what the customer manages versus the provider in each, how elasticity and multitenancy affect risk, and why identity, logging, and network design...

Episode 62 — Provision EDR, BYOD, and Enterprise Mobility Management 11.11.2025

Modern fleets mix corporate-owned devices with bring-your-own-device (BYOD), demanding layered controls. We position Endpoint Detection and Response (EDR) as telemetry plus containment for suspicious behavior, Enterprise Mobility Management (EMM) or Mobile Device Management (MDM) as the policy engine that enforces configuration, and Mobile Application Management (MAM) as data control inside manage...

Episode 61 — Encrypt Endpoints, Whitelist Applications, and Enforce Policy 11.11.2025

Endpoint protection is strongest when encryption, application control, and policy enforcement work together. This episode clarifies where each control fits: full-disk encryption protects data at rest if a device is lost, while file-level encryption can protect selected repositories and removable media. Application allowlisting (often called whitelisting) constrains execution to approved binaries,...

Episode 60 — Harden Hosts Using HIPS, HIDS, and Host Firewalls 11.11.2025

Host protections remain a last, critical line of defense, and the SSCP exam expects you to differentiate prevention, detection, and containment on endpoints. We position Host-based Intrusion Prevention Systems (HIPS) as policy-driven blockers for exploit techniques, Host-based Intrusion Detection Systems (HIDS) as monitors that flag suspicious behavior and integrity changes, and host firewalls as...

Episode 59 — Counter Social Engineering With Behavior-Aware Defenses 11.11.2025

Social engineering exploits attention, trust, and time pressure, so defenses must combine technology, process, and human habits. We define major vectors—phishing, spear phishing, vishing, smishing, business email compromise, and pretexting—and explain cues that reveal manipulation: urgency, authority claims, mismatched domains, and payment redirection. You’ll learn how layered controls reduce risk...

Episode 58 — Identify Malicious Code, TTPs, and Host Artifacts 11.11.2025

Malware analysis on the SSCP exam focuses on recognizing behaviors and artifacts rather than reverse-engineering internals. We define common classes—viruses, worms, Trojans, ransomware, rootkits, and fileless malware—and the techniques adversaries use to persist and evade detection: scheduled tasks, registry run keys, DLL search-order hijacking, living-off-the-land binaries, and in-memory injectio...

Episode 57 — Recap Network Security Essentials for Quick Reinforcement 11.11.2025

Solid network fundamentals enable fast, confident choices under test pressure. This recap organizes key ideas you have used throughout earlier episodes: zoning and trust boundaries, default-deny routing with least-privilege flows, authenticated administration on out-of-band networks, and telemetry that validates control operation. We connect the OSI/TCP-IP mapping to practical placements—firewalls...

Episode 56 — Protect and Monitor Internet of Things Deployments 11.11.2025

Internet of Things (IoT) ecosystems expand the attack surface by introducing diverse, often constrained devices that run long-lived firmware and communicate over specialized protocols. This episode clarifies why standard hardening practices must be adapted for IoT realities: limited CPU and memory, intermittent connectivity, vendor-managed updates, and field installations with physical exposure. W...

Episode 55 — Secure Wi-Fi and Wireless Access From End to End 11.11.2025

Wireless networks extend enterprise reach—and risk—and the SSCP exam stresses understanding their protections. This episode describes core wireless security standards: WPA3 with SAE authentication, enterprise 802.1X integration, and encryption protocols that protect data in transit. We explain how SSID broadcast control, channel management, and antenna placement affect exposure, plus why rogue acc...

Episode 54 — Optimize DLP, UTM, NAC, and Quality of Service 11.11.2025

Modern enterprises combine multiple protective systems, and the SSCP exam expects you to understand how these integrate without conflict. This episode defines Data Loss Prevention (DLP), Unified Threat Management (UTM), Network Access Control (NAC), and Quality of Service (QoS) in security contexts. You’ll learn how DLP monitors content for sensitive data, how UTM consolidates firewalls, intrusion...

Episode 53 — Configure Firewalls, WAFs, and Core Security Services 11.11.2025

Firewalls and related technologies enforce boundaries between zones, a fundamental competency for SSCP professionals. This episode explains packet-filtering, stateful, and next-generation firewalls, emphasizing rule evaluation order, implicit denies, and policy documentation. You’ll learn how Web Application Firewalls (WAFs) protect against injection, cross-site scripting, and other application-la...

Episode 52 — Design Network Segmentation and Secure Device Placement 11.11.2025

Segmentation limits blast radius, improves performance, and appears across multiple SSCP domains. This episode explains logical and physical segmentation methods—VLANs, subnets, virtual routing, and isolated management networks—and how zoning aligns with trust boundaries and data sensitivity. You’ll learn how to separate user, server, and management traffic; isolate DMZs from internal systems; and...

Episode 51 — Administer 802.1X, RADIUS, and TACACS+ Authentication Services 11.11.2025

Network authentication frameworks define who connects and with what privileges, a recurring focus on the SSCP exam. This episode introduces IEEE 802.1X as the standard for port-based network access control, showing how it uses an authenticator (such as a switch or wireless controller), a supplicant (the client), and an authentication server that validates credentials. We then compare Remote Authen...

Episode 50 — Counter DDoS, Man-in-the-Middle, and Poisoning Attacks 11.11.2025

Network attacks often exploit trust and scale, and the SSCP exam assesses how well you can neutralize them. This episode explains the mechanics of Distributed Denial of Service (DDoS), man-in-the-middle (MITM), and poisoning attacks like ARP, DNS, and cache corruption. We describe volumetric versus application-layer DDoS, active interception through rogue gateways or compromised certificates, and...

Episode 49 — Identify Network Attack Patterns and Adversary Tactics 11.11.2025

Recognizing attack patterns lets defenders predict behavior instead of merely reacting, a key skill tested in the SSCP exam. We define reconnaissance, exploitation, privilege escalation, lateral movement, and exfiltration, then align them with controls that detect or prevent each step. You’ll learn how frameworks like MITRE ATT&CK organize tactics, techniques, and procedures (TTPs) into repeat...

Episode 48 — Recognize Ports, Protocols, and Software-Defined Networking 11.11.2025

Ports and protocols are the vocabulary of connectivity, and SSCP candidates must interpret them quickly. This episode reviews common ports—HTTP 80, HTTPS 443, DNS 53, SMTP 25, SSH 22—and protocol roles in securing or exposing data. We discuss TCP versus UDP behavior, handshake flows, and how stateful inspection uses port and session context for filtering. The section on Software-Defined Networking...

Episode 47 — Map OSI and TCP/IP Models to Security Controls 11.11.2025

The OSI and TCP/IP models organize communication, and the SSCP exam tests your ability to connect each layer to its security controls. We review the seven OSI layers—physical through application—and the four TCP/IP layers, showing how protections align: physical controls for cables and ports, data link protections like MAC filtering, network controls such as firewalls and routers, transport safegu...

Listen to the Certified: The SSCP Audio Course podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.