Systems Security Certified Practitioner | SSCP Training & Certification

The (ISC)2 SSCP, or ‘Systems Security Certified Practitioner,’ certifies that you have the advanced technical skills and knowledge to develop, manage, and administer IT infrastructure utilizing best practices, policies, and procedures outlined by (ISC)2.

One-to-one online classes

Systems Security Certified Practitioner | SSCP Training & Certification

  • Get personalized attention
  • Customized content
  • Learn at your dedicated hour
  • Instant clarification of doubt
  • Guaranteed to run

$7000  $5500

Why Enroll In SSCP Course?

The SSCP Online Training & Certification Course covers a broad range of information security topics, including access controls, network security, cryptography, risk management, and incident response. The certification is globally recognized and highly valued by employers, leading to better job opportunities and higher salaries. The course is delivered online, providing flexibility and convenience for professionals, with interactive sessions, practical exercises, and case studies simulating real-world scenarios. The SSCP course is a valuable investment for professionals seeking to enhance their information security skills and advance their careers in cybersecurity.

SSCP Training Features

Live Interactive Learning

Lifetime Access

24x7 Support

Hands-On Project Based Learning

Industry Recognized Certification

SSCP Course Curriculum

1.1 Implement and maintain authentication methods

  • Single/multi factor authentication
  • Single sign-on
  • Device authentication
  • Federated access

1.2 Support internetwork trust architectures

  • Trust relationships (e.g., 1-way, 2-way, transitive)
  • Extranet
  • Third-party connections

1.3 Participate in the identity management lifecycle

  • Authorization
  • Proofing
  • Provisioning/deprovisioning
  • Maintenance
  • Entitlement
  • Identity and Access Management (IAM) systems

1.4 Implement access controls

  • Mandatory
  • Non-discretionary
  • Discretionary
  • Role-based
  • Attribute-based
  • Subject-based
  • Object-based

2.1 Comply with codes of ethics

  • (ISC): Code of Ethics
  • Organizational code of ethics

2.2 Understand security concepts

2.3 Document, implement and maintain functional security controls

  • Deterrent controls
  • Preventative controls
  • Detective controls
  • Corrective controls
  • Compensating controls

2.4 Participate in asset management

  • Lifecycle (hardware, software, and data)
  • Hardware inventory
  • Software inventory and licensing
  • Data storage

2.5 Implement security controls and assess compliance

  • Technical controls (e.g., session timeout, password aging) • Physical controls (e.g., mantrap, cameras, locks)
  • Administrative controls (e.g., security policies and standards, procedures,
  • baselines)
  • Periodic audit and review

2.6 Participate in change management

  • Execute change management process
  • Identify security impact
  • Testing/implementing patches, fixes, and updates (e.g., operating system,
  • applications, SDLC)

2.7 Participate in security awareness and training

badging)

2.8 Participate in physical security operations

3.1 Understand the risk management process

  • Risk visibility and reporting (e.g., risk register, sharing threat intelligence, Common Vulnerability Scoring System (CVSS))
  • Risk management concepts (e.g., impact assessments, threat modeling.

Business Impact Analysis (BIA))

  • Risk management frameworks (e.g., ISO, NIST)
  • Risk treatment (e.g, accept, transfer, mitigate, avoid, recast)

3.2 Perform security assessment activities

  • Participate in security testing
  • Interpretation and reporting of scanning and testing results
  • Remediation validation
  • Audit finding remediation

3.3 Operate and maintain monitoring systems (e.g, continuous monitoring)

  • Events of interest (e.g., anomalies, intrusions, unauthorized changes,
  • compliance monitoring)
  • Logging
  • Source systems
  • Legal and regulatory concerns (e.g., jurisdiction, limitations, privacy)

3.4 Analyze monitoring results

  • Security baselines and anomalies
  • Visualizations, metrics, and trends (e.g., dashboards, timelines)
  • Event data analysis
  • Document and communicate findings (e.g, escalation)

4.1 Support incident lifecycle

  • Preparation
  • Detection, analysis, and escalation
  • Containment
  • Eradication
  • Recovery
  • Lessons learned/implementation of new countermeasure

4.2 Understand and support forensic investigations

  • Legal and ethical principles
  • Evidence handling (e.g., first responder, triage, chain of custody, preservation of scene)

4.3 Understand and support Business Continuity Plan (BCP) and Disaster Recovery

Plan (DRP) activities

  • Emergency response plans and procedures (e.g., information system contingency plan)
  • Interim or alternate processing strategies
  • Restoration planning
  • Backup and redundancy implementation
  • Testing and drills

5.1 Understand fundamental concepts of cryptography

5.2 Understand reasons and requirements for cryptography

  • Confidentiality
  • Integrity and authenticity
  • Data sensitivity (e.g., PII, intellectual property, PHI)
  • Regulatory

5.3 Understand and support secure protocols

  • Services and protocols (e.g., IPSec, TLS, S/MIME, DKIM)
  • Common use cases
  • Limitations and vulnerabilities

5.4 Understand Public Key Infrastructure (PKI) systems

  • Fundamental key management concepts (e.g., key rotation, key composition, key creation, exchange, revocation, escrow)
  • Web of Trust (WOT) (e.g., PGP, GPG)

6.1 Understand and apply fundamental concepts of networking

6.2 Understand network attacks and countermeasures (e.g, DDOS, man-in-the- middle, DNS poisoning)

6.3 Manage network access controls

  • Network access control and monitoring (e.g., remediation, quarantine
  • , admission
  • Network access control standards and protocols (e.g., IEEE 802.1X, Radius, TACACS
  • Remote access operation and configuration (e.g., thin client, SSL VPN, IPSec VPN, telework)

6.4 Manage network security

  • Logical and physical placement of network devices (e.g., inline, passive)
  • Segmentation (e.g., physical/logical, data/control plane, VLAN, ACLS)
  • Secure device management

6.5 Operate and configure network-based security devices

  • Firewalls and proxies (e.g., filtering methods)
  • Network intrusion detection/prevention systems
  • Routers and switches
  • Traffic-shaping devices (e.g. WAN optimization, load balancing)

6.6 Operate and configure wireless technologies (e.g., Bluetooth, NFC, WiFi)

  • Transmission security
  • Wireless security devices (e.g., WIPS, WIDS)

7.1 Identify and analyze malicious code and activity

  • Malware (e.g., rootkits, spyware, scareware, ransomware, trojans, virus, worms, trapdoors, backdoors, and remote access trojans)
  • Malicious code countermeasures (e.g., scanners, anti-malware, code signing. sandboxing)
  • Malicious activity (e.g., insider threat, data theft, DDoS, botnet)
  • Malicious activity countermeasures (e.g., user awareness, system hardening, patching, sandboxing, isolation)

7.2 Implement and operate endpoint device security

7.3 Operate and configure cloud security

7.4 Operate and secure virtual environments

SSCP Certification

The Systems Security Certified Practitioner (SSCP) certification offered by (ISC)² validates knowledge and skills for IT security administration and operations. It covers topics such as access controls, security operations, and risk identification. One year of work experience in one or more of the seven domains is required. Earning the SSCP certification demonstrates the ability to implement and maintain security controls and can enhance career opportunities in IT security.

SSCP Online Training FAQs

The SSCP certification is a globally recognized certification for professionals in the field of information security. It demonstrates their proficiency in various domains related to information security, including access controls, network and communications security, cryptography, risk management, and incident response.

The SSCP certification is highly valued by employers and can lead to better job opportunities and higher salaries. It demonstrates the proficiency of professionals in the field of information security and provides a broad understanding of various topics related to information security.

The course covers a broad range of topics related to information security, including access controls, network and communications security, cryptography, risk management, and incident response. It is delivered online through interactive sessions, practical exercises, and case studies that simulate real-world scenarios.

The course typically takes around 40 hours to complete, but the actual time may vary depending on the individual’s pace of learning and other factors.

Yes, there is a certification exam that candidates must pass in order to obtain the SSCP certification. The exam consists of 125 multiple-choice questions and must be completed within 3 hours.

The SSCP certification is valid for three years. After three years, professionals must recertify by earning Continuing Professional Education (CPE) credits or retaking the certification exam.

Professionals with at least one year of cumulative work experience in one or more of the seven SSCP domains are eligible to take the certification exam. Alternatively, candidates with a four-year college degree or equivalent may substitute one year of experience.

SSCP Course Description

The SSCP certification is intended for persons in hands-on operational IT responsibilities who have demonstrated technical competence and practical security expertise. It validates a practitioner’s competence to develop, manage, and administer IT infrastructure using information security policies and procedures that assure data confidentiality, integrity, and availability.

The SSCP certifies a security practitioner’s technical ability to handle operational demands and responsibilities such as authentication, security testing, intrusion detection/prevention, incident response and recovery, attacks and countermeasures, cryptography, malicious code countermeasures, and more.

  • Database Administrator

  • Network Security Engineer

  • Security Administrator

  • Security Analyst

  • Security Consultant/Specialist

  • Systems Administrator

  • Systems Engineer

  • Systems/Network Analyst

To be SSCP certified, a candidate must pass the test and have at least one year of cumulative paid full-time job experience in one or more of the SSCP CBK’s seven areas.

  • Access Controls

  • Security Operations and Administration

  • Security Operations and Administration

  • Risk Identification, Monitoring, and Analysis

  • Incident Response and Recovery

  • Cryptography

  • Network and Communications Security

  • Systems and Application Security