The Systems Security Certified Practitioner (SSCP) is the ideal certification for those with proven technical skills and practical, hands-on security knowledge in operational IT roles. It provides confirmation of a practitioner's ability to implement, monitor, and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity, and availability.
The broad spectrum of topics included in the SSCP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following domains:
Candidates must have a minimum of one year cumulative work experience in one or more of the domains of the SSCP CBK. A one-year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.
A candidate that doesn't have the required experience to become an SSCP may become an Associate of ISC2 by successfully passing the SSCP examination. The Associate of ISC2 will then have two years to earn the one year required experience. You can learn more about SSCP experience requirements and how to account for part-time work and internships at www.isc2.org/Certifications/SSCP/SSCP-Experience-Requirements.
Accreditation
SSCP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.
Job Task Analysis (JTA)
ISC2 has an obligation to its membership to maintain the relevancy of the SSCP. Conducted at regular intervals, the Job Task Analysis (JTA) is a methodical and critical process of determining the tasks that are performed by security professionals who are engaged in the profession defined by the SSCP. The results of the JTA are used to update the examination. This process ensures that candidates are tested on the topic areas relevant to the roles and responsibilities of today's practicing information security professionals.
Security information and event management (SIEM) (e.g., real-time monitoring, analysis, tracking, audit)
3.5 - Analyze monitoring results
Security baselines and anomalies (e.g., correlation, noise reduction)
Visualizations, metrics, and trends (e.g., notifications, dashboards, timelines)
Event data analysis
Document and communicate findings (e.g., escalation)
4.1 - Understand and support incident response lifecycle (e.g., National Institute of Standards and Technology (NIST), International Organization for Standardization (ISO))
Preparation (e.g., defining roles, training programs)
Detection, analysis, and escalation (e.g., incident communication, public relations)
Containment
Eradication
Recovery (e.g., incident documentation)
Post incident activities (e.g., lessons learned, new countermeasures, continuous improvement)
4.2 - Understand and support forensic investigations
Legal (e.g., civil, criminal, administrative) and ethical principles
Evidence handling (e.g., first responder, triage, chain of custody, preservation of scene)
Reporting of analysis
Organization Security Policy Compliance
4.3 - Understand and support business continuity plan (BCP) and disaster recovery plan (DRP)
Emergency response plans and procedures (e.g., information system contingency, pandemic, natural disaster, crisis management)
Interim or alternate processing strategies
Restoration planning (e.g., Restore Time Objective (RTO), Restore Point Objectives (RPO), Maximum Tolerable Downtime (MTD))
Backup and redundancy implementation
Testing and drills (e.g., playbook, tabletop, disaster recovery exercises, scheduling)
5.1 - Understand reasons and requirements for cryptography
Confidentiality
Integrity and authenticity
Data sensitivity (e.g., personally identifiable information (PII), intellectual property (IP), protected health information (PHI))
Regulatory and industry best practice (e.g., Payment Card Industry Data Security Standards (PCI-DSS), International Organization for Standardization (ISO))
6.2 - Understand network attacks (e.g., distributed denial of service (DDoS), man-in-the-middle (MITM), Domain Name System (DNS) cache poisoning)
Countermeasures (e.g., content delivery networks (CDN), firewalls, network access controls, intrusion detection and prevention systems (IDPS))
6.3 - Manage network access controls
Network access controls, standards and protocols (e.g., Institute of Electrical and Electronics Engineers (IEEE) 802.1X, Remote Authentication Dial-In User Service (RADIUS), Terminal Access Controller Access-Control System Plus (TACACS+))
Logical and physical placement of network devices (e.g., inline, passive, virtual)
Segmentation (e.g., physical/logical, data/control plane, virtual local area network (VLAN), access control list (ACL), firewall zones, micro-segmentation)
Secure device management
6.5 - Operate and configure network-based security appliances and services
Firewalls and proxies (e.g., filtering methods, web application firewall (WAF), cloud access security broker (CASB))
Network intrusion detection/prevention systems
Routers and switches
Traffic-shaping devices (e.g., wide area network (WAN) optimization, load balancing)
Network Access Control (NAC)
Data Loss Prevention (DLP)
Unified Threat Management (UTM)
6.6 - Secure wireless communications
Technologies (e.g., cellular network, Wi-Fi, Bluetooth, Near-Field Communication (NFC))
Candidates are encouraged to supplement their education and experience by reviewing relevant resources that pertain to the CBK and identifying areas of study that may need additional attention.
ISC2 recommends that SSCP candidates review exam policies and procedures prior to registering for the examination. Read the comprehensive breakdown of this important information at www.isc2.org/register-for-exam.
Exam Preparation
Preparation for the SSCP exam can be intensive. Candidates are encouraged to utilize a variety of resources, including official ISC2 training materials, boot camps, and study groups. Engaging in practical exercises and scenario-based questions is crucial for success on the exam. Additionally, using the WannaPractice platform can enhance your preparation with interactive practice questions and scenarios that are specifically tailored to the SSCP domains.