SSCP: System Security Certified Practitioner

Valid experience includes information systems security-related work performed, or work that requires information security knowledge and involves direct application of that knowledge. For the SSCP certification, a candidate is required to have a minimum of 1 year of cumulative paid full-time work experience in one or more of the 7 domains of the SSCP CBK.

Systems Auditors

System and Network Administrators

Application Programmers

Project Managers

Understand Access Control policies, procedures and standards to define operations and user controls.

Implement security operations provide for the availability, integrity, and confidentiality of organizational assets.

Identify and define the processes and methods based on IT criteria for the continuous monitoring and analysis of system access results.

Collect information for identification of, and response to, security breaches or events.

Identify the Business Continuity and Disaster Recovery Planning requirements necessary to ensure the preservation of the business.

Identify the concepts and the requirements within cryptography, certificate and key management and secure protocols.

Provide the basic understanding of Telecommunication and Network Security Concepts.

Define and explain the countermeasures and techniques for dealing with viruses, worms, logic bombs, Trojan horses and other related forms of intentionally created damaging code.

Your will learn:

 Module 1: Access Controls

• Implement and maintain authentication methods
• Support internetwork trust architectures
• Participate in the identity management lifecycle
• Implement access controls

 Module 2: Security Operations and Administration

• Comply with codes of ethics
• Understand security concepts
• Document, implement, and maintain functional security controls
• Participate in asset management
• Implement security controls and assess compliance
• Participate in change management
• Participate in security awareness and training
• Participate in physical security operations (e.g., data center assessment, badging)

 Module 3: Risk Identification, Monitoring,and Analysis

• Understand the risk management process
• Perform security assessment activities
• Operate and maintain monitoring systems (e.g., continuous monitoring)
• Analyze monitoring results

 Module 4: Incident Response and Recovery

• Support incident lifecycle
• Understand and support forensic investigations
• Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities

 Module 5: Cryptography

• Understand fundamental concepts of cryptography
• Understand reasons and requirements for cryptography
• Understand and support secure protocols
• Understand Public Key Infrastructure (PKI) systems

 Module 6: Network and Communications Security

• Understand and apply fundamental concepts of networking
• Understand network attacks and countermeasures (e.g., DDoS, man-in-the-middle, DNS poisoning)
• Manage network access controls
• Manage network security
• Operate and configure network-based security devices
• Operate and configure wireless technologies (e.g., bluetooth, NFC, WiFi)

 Module 7: Systems and Application Security

• Identify and analyze malicious code and activity
• Implement and operate endpoint device security
• Operate and configure cloud security
• Operate and secure virtual environments