Site Powered by

Systems Security Practitioner
Prepare for the SSCP with superior prep materials and test-taking tips.
  • Credit Hours: 25 Hours

  • Format: Self-Paced Online

  • Professional Certificate: Certificate of Completion

  • Recommended for: IT consultants, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, security engineers, and other security professionals seeking SSCP certification or, ultimately, CIS

Looking to move up in the information security field? If you have at least one year of security experience, you qualify for the Systems Security Certified Practitioner (SSCP) certification, which offers junior security professionals a way to validate their experience and demonstrate competence with (ISC)2®'s seven domains. A free copy of the SSCP Systems Security Certified Practitioner All-in-One Exam Guide is included with the course.

SSCP certification requires passing the SSCP exam (administered separately). Successful applicants for SSCP certification must have at least one year of direct, full-time security experience in one or more of the seven domains of the (ISC)² CBK.

What You'll Learn
In-depth coverage of the seven domains-required to pass the SSCP Exam:

  • Access Controls
  • Security Operations and Administration
  • Analysis and Monitoring
  • Cryptography
  • Networks and Communications
  • Malicious Code and Activity
  • Risk, Response, and Recovery

Systems administration experience, familiarity with TCP/IP, and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in our Security+ Prep Course.
Security+ Prep Course (SYO-301)

Follow-On Courses
CISSP Prep Course

Course Outline

1. Testing-Taking Tips and Study Techniques

  • Preparation for the SSCP Exam
  • Submitting Required Paperwork
  • Resources and Study Aids
  • Passing the Exam the First Time

2. Security Operations and Administration

  • Change Control/Configuration Management
  • Dual Control, Separation of Duties, Rotation of Duties
  • Vulnerability Assessment and Pen-Testing

3. Access Controls

  • AAA
  • Authentication Methods (Types 1, 2, & 3)
  • Authorization - DAC, RBAC, MAC
  • Accounting - Logging, Monitoring, Auditing
  • Central/Decentralized and Hybrid Management
  • Single Sign-On - Kerberos, Radius, Diameter, TACACS
  • Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering

4. Cryptography

  • Intro/History
  • Symmetric
  • Asymmetric
  • Hashing
  • Cryptosystems - SSL, S/MIME, PGP
  • PKI
  • Cryptanalysis

5. Malicious Code and Activity

  • Layering, Data Hiding, and Abstraction
  • Database Security
  • AI
  • OOD
  • Mobil Code
  • Malware Architecture Problems - Covert Channels + TOC/TOU, Object Reuse
  • Network Vulnerabilities

6. Networks and Communications

  • OSI/DoD TCP/IP Models
  • Ethernet
  • Devices - Routers/Switches/Hubs
  • Firewalls
  • Wireless
  • WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable
  • Voice - PBX/Cell Phones/VOIP
  • IPSec

7. Risk, Response, and Recovery

  • CIA
  • Roles and Responsibilities - RACI
  • Asset Management
  • Taxonomy - Information Classification
  • Risk Management
  • Policies, Procedures, Standards, Guidelines, Baselines
  • Knowledge Transfer - Awareness, Training, Education
  • BIA Policy
  • BIA Roles and Teams
  • Data Backups, Vaulting, Journaling, Shadowing
  • Alternate Sites
  • Emergency Response
  • Required notifications
  • BIA Tests

8. Analysis and Monitoring

  • Ethics - Due Care/Due diligence
  • Intellectual Property
  • Incident Response
  • Forensics
  • Evidence
  • Laws - HIPAA, GLB, SOX

9. Review and Q&A Session

  • Final Review and Test Prep

Purchase this Course


This course is delivered as a self-paced online training program.