Systems Security Certified Practitioner (SSCP)

This course includes
Lessons
TestPrep
Hand-on Lab

Prepare for the (ISC)² SSCP certification exam with the SSCP course and lab. The lab can be mapped to any course, textbook, or training, therefore, adding value and a hands-on component to training. The course and lab will help you understand exam objectives completely with their various interactive learning resources, including Lessons, TestPrep and Flashcards. With this SSCP course, you will learn everything you need to know to ace the SSCP certification exam.  

Here's what you will get

Become a (ISC)² certified professional by passing the SSCP certification exam. The SSCP exam objectives cover accessing controls, security operations and administration; risk identification, monitoring, and analysis; incident response and recovery; cryptography, network and communications security; and systems and application security.

Lessons

13+ Lessons | 203+ Quizzes |

TestPrep

125+ Pre Assessment Questions | 2+ Full Length Tests | 125+ Post Assessment Questions | 250+ Practice Test Questions

Hand on lab

41+ LiveLab | 00+ Minutes

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • About This Course
  • What Is an SSCP?
  • Using This Course
  • Objective Map
  • Earning Your Certification

Lessons 2: The Business Case for Decision Assurance and Information Security

  • Information: The Lifeblood of Business
  • Policy, Procedure, and Process: How Business Gets Business Done
  • Who Runs the Business?
  • Summary

Lessons 3: Information Security Fundamentals

  • The Common Needs for Privacy, Confidentiality, Integrity, and Availability
  • Training and Educating Everybody
  • SSCPs and Professional Ethics
  • Summary
  • Exam Essentials

Lessons 4: Integrated Risk Management and Mitigation

  • It’s a Dangerous World
  • The Four Faces of Risk
  • Getting Integrated and Proactive with Information Defense
  • Risk Management: Concepts and Frameworks
  • Risk Assessment
  • Four Choices for Limiting or Containing Damage
  • Summary
  • Exam Essentials

Lessons 5: Operationalizing Risk Mitigation

  • From Tactical Planning to Information Security Operations
  • Operationalizing Risk Mitigation: Step by Step
  • The Ongoing Job of Keeping Your Baseline Secure
  • Ongoing, Continuous Monitoring
  • Reporting to and Engaging with Management
  • Summary
  • Exam Essentials

Lessons 6: Communications and Network Security

  • Trusting Our Communications in a Converged World
  • Internet Systems Concepts
  • Two Protocol Stacks, One Internet
  • IP Addresses, DHCP, and Subnets
  • IPv4 vs. IPv6: Key Differences and Options
  • CIANA Layer by Layer
  • Securing Networks as Systems
  • Summary
  • Exam Essentials

Lessons 7: Identity and Access Control

  • Identity and Access: Two Sides of the Same CIANA Coin
  • Identity Management Concepts
  • Access Control Concepts
  • Network Access Control
  • Implementing and Scaling IAM
  • Zero Trust Architectures
  • Summary
  • Exam Essentials

Lessons 8: Cryptography

  • Cryptography: What and Why
  • Building Blocks of Digital Cryptographic Systems
  • Keys and Key Management
  • Modern Cryptography: Beyond the “Secret Decoder Ring”
  • “Why Isn’t All of This Stuff Secret?”
  • Cryptography and CIANA
  • Public Key Infrastructures
  • Other Protocols: Applying Cryptography to Meet Different Needs
  • Measures of Merit for Cryptographic Solutions
  • Attacks and Countermeasures
  • On the Near Horizon
  • Summary
  • Exam Essentials

Lessons 9: Hardware and Systems Security

  • Infrastructure Security Is Baseline Management
  • Infrastructures 101 and Threat Modeling
  • Malware: Exploiting the Infrastructure’s Vulnerabilities
  • Privacy and Secure Browsing
  • “The Sin of Aggregation”
  • Updating the Threat Model
  • Managing Your Systems’ Security
  • Summary
  • Exam Essentials

Lessons 10: Applications, Data, and Cloud Security

  • It’s a Data-Driven World…At the Endpoint
  • Software as Appliances
  • Applications Lifecycles and Security
  • CIANA and Applications Software Requirements
  • Application Vulnerabilities
  • “Shadow IT:” The Dilemma of the User as Builder
  • Information Quality and Information Assurance
  • Protecting Data in Motion, in Use, and at Rest
  • Into the Clouds: Endpoint App and Data Security Considerations
  • Legal and Regulatory Issues
  • Countermeasures: Keeping Your Apps and Data Safe and Secure
  • Summary
  • Exam Essentials

Lessons 11: Incident Response and Recovery

  • Defeating the Kill Chain One Skirmish at a Time
  • Incident Response Framework
  • Preparation
  • Detection and Analysis
  • Containment and Eradication
  • Recovery: Getting Back to Business
  • Post-Incident Activities
  • Summary
  • Exam Essentials

Lessons 12: Business Continuity via Information Security and People Power

  • A Spectrum of Disruption
  • Surviving to Operate: Plan for It!
  • Cloud-Based “Do-Over” Buttons for Continuity, Security, and Resilience
  • CIANA at Layer 8 and Above
  • Summary
  • Exam Essentials

Lessons 13: Risks, Issues, and Opportunities, Starting Tomorrow

  • On Our Way to the Future
  • CIA, CIANA, or CIANAPS?
  • Enduring Lessons
  • Your Next Steps
  • At the Close

Hands-on LAB Activities

Information Security Fundamentals

  • Encrypting Files with EFS

Integrated Risk Management and Mitigation

  • Conducting Vulnerability Scanning Using Nessus
  • Installing Antivirus Software
  • Using Social Engineering Techniques to Plan an Attack
  • Configuring a VPN

Communications and Network Security

  • Performing ARP Spoofing
  • Obtaining Hardware Information of a Network Adapter
  • Obtaining the ARP Cache
  • Obtaining Information about Different IP versions
  • Obtaining the IP Version of a Network Adapter
  • Getting the TCP Settings
  • Getting Information about the Current Connection Statistics of TCP
  • Getting the UDP Settings
  • Getting Information about the Current Connection Statistics of UDP
  • Getting Information about DNS
  • Finding the Host Name of a Machine
  • Finding the Physical Address of a LAN Adapter
  • Finding the Logical Address of a LAN Adapter
  • Tracing Route Using Tracert
  • Intercepting Packets
  • Configuring a Router
  • Configuring SSH in a Router
  • Configuring Static Routing
  • Configuring Default Routing
  • Configuring VLANs
  • Configuring Network Address Translation
  • Assigning Different Classes of IP Addresses
  • Adding an IPv6 Address
  • Spoofing MAC Address
  • Performing Session Hijacking Using Burp Suite
  • Attacking a Website Using XSS Injection
  • Exploiting a Website Using SQL Injection
  • Performing a Man-in-the-Middle Attack
  • Using nmap for Scanning
  • Performing a DoS Attack with the SYN Flood

Identity and Access Control

  • Creating ACL in a Router

Cryptography

  • Observing an MD5-Generated Hash Value
  • Observe an SHA-Generated Hash Value
  • Applying Symmetric Key Encryption
  • Using OpenSSL to Create a Public/Private Key Pair

Hardware and Systems Security

  • Creating a Virtual Machine

Exam FAQs

To qualify for this cybersecurity certification, you must pass the exam and have at least one year of cumulative, paid work experience in one or more of the seven domains of the (ISC) SSCP Common Body of Knowledge (CBK).

USD 249

Multiple choice questions

The exam contains 125 questions.

180 minutes

700

Here is the retake policy:

  • You can sit for ISC2 exams up to three times within a 12-month period.
  • For the CISSP-CAT, CISSP, SSCP, CAP, CSSLP, ISSAP, ISSEP and ISSMP:
  • If you don’t pass the exam the first time, you can retest after 30 days.
  • If you don’t pass a second time, you can retest after an additional 90 days.
  • If you don’t pass a third time, you can retest after 180 days from your most recent exam attempt.

Three years