SSCP Systems Security Certified Practitioner

The world of IT security is fast-paced and exciting, with the potential for high earnings—but it can also be competitive. To stay ahead, you will need a certification like the Systems Security Certified Practitioner (SSCP), a premier credential that is ideal for those wanting to begin or advance a career in computer networking or security. An SSCP exam prep course is a great way to ensure you have the knowledge to succeed—and take on more responsibility with your current or future employer.

You...

SHARE
6 Months / 75 Course Hrs
Open Enrollment
Offered in partnership with your preferred school

Butler Community College

Change School
Learning method

for additional information

Course code: GES3105

What you will learn

  • Understand authentication, identity management, and network trusts
  • Master cloud computing security concepts, as well as network data security
  • Learn about wireless security and cellular technologies
  • Explore malware identification and mitigation
  • Discover risk management, security assessment, and incident handling
  • Practice cryptography, encryption, PKI, and certificates
  • Understand security auditing and systems monitoring and analysis

How you will benefit

  • Become prepared to work as a Systems Security Certified Practitioner (SSCP)
  • Prepare yourself for a career as an information security analyst, computer system analyst, security management specialist, or computer user support specialist
  • Begin or advance your career in computer networking or security

How the course is taught

  • Self-paced, online course
  • 6 Months to complete
  • Open enrollment, begin anytime
  • 75 course hours
  1. Security Operations and Administration
    1. What is ISC/SSCP
    2. Security Basics
    3. Segregation of duties
    4. Security controls
    5. Administrative controls
    6. Assessing compliance
    7. Types of security controls
    8. Asset management
    9. Change management lifecycle
  2. Access Controls
    1. Types of authentication
    2. Access Controls
    3. RBAC
    4. Rule Based Access Control
    5. MAC
    6. DAC
    7. Trust relationships
    8. Transitive
    9. Zero
    10. Identity management
    11. Authorization
  3. Risk Identification
    1. Definitions – risk, risk management, vulnerability
    2. Determining risk levels
    3. Key Risk Indicator
    4. Types of risk responses
    5. Acceptance
    6. Mitigation
    7. Identifying risks and vulnerabilities
    8. Creating baselines and anomalies
    9. Risk management frameworks (RMF) – enterprise level
    10. COBIT
    11. Vulnerability management planning
    12. Creating reports
    13. Remediation
    14. Continuous monitoring
    15. Slow performance of systems/crashing
    16. Network
    17. Metrics and data analysis
    18. Event triggers
    19. Legal restraints
  4. Incident Response
    1. Response plan
    2. Documenting a response plan
    3. First steps
    4. Recording any changes/moves made to secure data – chain of custody
    5. Contain damage (disconnect drives, etc)
    6. Next steps
    7. Plan on how to resolve issue
    8. Investigate source of incident – forensic investigation
    9. Begin recovery
    10. Document all actions
    11. After actions reporting
    12. Document future prevention plan
    13. Provide employee/personal training to avoid repeat scenario
    14. Backup planning
    15. Testing backups
    16. Emergency response plans
  5. Cryptography
    1. Laws and regulations
    2. ISO
    3. Data encryption
    4. Encryption during transit
    5. Encryption at rest
    6. Strength of encryptions
    7. What is Public Key Infrastructure (PKI)
    8. Certificate authority
    9. What uses PKI
    10. Key creation and destruction
    11. PGP
    12. GPG
    13. Blockchain
    14. Nonrepudiation
    15. Digital Signatures
    16. HMAC
    17. Security protocols
    18. SSL/TLS
    19. S/MIME
    20. DKIM
  6. Network and Communication Security
    1. Parts of a network
    2. Routers/switches
    3. Firewalls
    4. IDS/IPS
    5. TCP/IP model
    6. OSI Model
    7. Compare/contrast models side by side
    8. Important protocols in IP stack
    9. HTTP
    10. Email protocols
    11. Other common protocols – FTP, DNS
    12. Network topologies
    13. Bus
    14. Ring
    15. Hybrid
    16. Peer-to-peer
    17. Switches
    18. VLANs
    19. Switchport abilities
    20. Trunking
    21. Routers
    22. Routing protocols
    23. Load balancing
    24. RADIUS
    25. TACACS
    26. ACLs
    27. Remote access through VPN
    28. VPN
    29. Types
    30. Function
    31. VPN topology
    32. Firewalls
    33. Selecting an appropriate technology
    34. Best practices
    35. Firewall evasion
    36. Other devices
    37. Wireless topology
    38. Wireless Standards
    39. Encryption
    40. Authentication
    41. Threats
    42. Prevention
    43. Placement of APs/antennas
    44. Bluetooth
    45. NFC technology
  7. Systems and Applications Security
    1. Network attacks
    2. Ransomware
    3. Trojans
    4. Exploits
    5. Spyware/Adware
    6. Man in the Middle
    7. Rootkits
    8. Social Engineering attacks
    9. Whaling
    10. Password hacking
    11. System hardening
    12. Anti-Virus
    13. Host based IDS
    14. Host Based firewalls
    15. Utilities
    16. Common types
    17. Application whitelisting
    18. Mobile device management
    19. Encryption
    20. Mobile application management
    21. Restrictions
    22. DLP
    23. Disk encryption
    24. File level encryption
    25. Containerization
    26. Cloud security
    27. Data transmission
    28. Benefits/drawbacks of cloud
    29. Data ownership in cloud environments
    30. Virtualization

Derrick Coston

Derrick Coston is a blue-team cybersecurity professional. Derrick has run a team of cybersecurity professionals for a major financial institution. Outside of teaching classes such as CISA and CISSP, Derrick serves as a cybersecurity consultant and auditor for organizations, and performs security assessments for large organizations.

Prerequisites:

This is an advanced level course. You should have a base knowledge about computer hardware, networking, and security knowledge. It is recommended that you should either first take CompTIA A+ and Network+ or have the equivalent of two years of experience working with computers.

  • Systems administration experience
  • Familiarity with TCP/IP
  • An understanding of UNIX, Linux, and Windows
  • Intermediate-level knowledge of network security concepts

Certification Requirements:

Candidates must have a minimum of one-year full-time experience in one or more of the seven domains of the current SSCP Exam Outline. Earning a post-secondary degree (bachelors or masters) in computer science, information technology (IT) or related fields may satisfy up to one year of the required experience. Part-time work and internships may also count towards the experience requirement.

https://www.isc2.org/certifications/sscp/sscp-experience-requirements

Requirements:

Hardware Requirements:

  • This course can be taken on either a PC, Mac, or Chromebook.

Software Requirements:

  • PC: Windows 10 or later.
  • Mac: macOS 10.6 or later.
  • Browser: The latest version of Google Chrome or Mozilla Firefox is preferred. Microsoft Edge and Safari are also compatible.
  • Virtual Labs included with course
  • Microsoft Word Online
  • Adobe Acrobat Reader
  • Software must be installed and fully operational before the course begins.

Other:

  • Email capabilities and access to a personal email account.

Instructional Material Requirements:

The instructional materials required for this course are included in enrollment.

  • Study guide
  • Practice exams

The following textbook(s) will also be shipped to you approximately 7-10 business days after enrollment:

  • SSCP Systems Security Certified Practitioner All-in-One Exam Guide, 3rd Edition

About Certification: ISC2

The International Information System Security Certification Consortium, or ISC2, is a non-profit organization which specializes in training and certifications for cybersecurity professionals. It has been described as the "world's largest IT security organization".

ISC2 is the world's leading member association for cybersecurity professionals. With more than 600,000 members, their candidates and associates lead the profession with the same shared vision.

According to ZipRecruiter, the SSCP certification prepares for several different roles with differing salaries:

  • Systems administrator - Salary $88,927 (average annual)
  • Cybersecurity analyst – Salary $99,400 (average annual)
  • Network manager – Salary $106,570 (average annual)
  • Information systems security officer - Salary $118,327 (average annual)
  • Network and computer systems administrator - Salary $83,055 (average annual)

Yes, this course will prepare you for the Systems Security Certified Practitioner (SSCP) exam offered by ISC2. (Exam not included)

Valid experience includes information systems security-related work performed or work that requires information security knowledge and involves direct application of that knowledge. For the SSCP certification, one year of cumulative work experience in one or more of the seven domains of the SSCP CBK is required. If you do not have the required experience, you may still sit for the exam and become an Associate of ISC2until you have gained the required experience. To take the exam, you have to schedule it at an authorized testing center scheduled through VUE. A score of 700 out of 1000 is required to pass.

After you register, you will receive 6 months to complete the course. The time allotted for completion has been calculated based on the number of course hours.

This course is open enrollment, so you can register and start the course whenever you are ready. Access to your course can take 24-48 business hours.

The time allotted for course completion has been calculated based on the number of course hours. However, if you are unable to complete the course, contact the student advising team to see what options you may have available to work out a suitable completion date. Please note that an extension fee may be charged.

Our courses are designed to accommodate various learning preferences. Depending on the course structure, you may get different forms of support. Self-paced courses are designed to be user-friendly and independent, minimizing the need for external support. In courses with instructors, our direct platform support feature includes opportunities for questions, discussions, and remediation, with email and phone support available for select courses. Our student advising team is available to guide you on program requirements and administrative requests, but they do not provide assistance with course content. Our goal is to provide you with the necessary support for success, whether it's through self-paced exploration, direct communication, or guidance from our advising team.

Upon successfully passing the final exam, you will be awarded a certificate of completion from the school or organization that you registered through.

ed2go courses will help you gain the skills you need to obtain an entry-level position in most cases. However, you should always research the job market in your area before enrolling.

ed2go courses are non-credit, so they do not qualify for federal aid, FAFSA, and Pell Grant. In some states, vocational rehab or workforce development boards may provide funding to take our courses. Additionally, you may qualify for financial assistance if you meet certain requirements. Learn more about financial assistance.

If you have questions that are not answered on our website, representatives are available via LIVE chat. You can also call us at 1-877-221-5151 during regular business hours to have your questions promptly answered. If you are visiting us during non-business hours, please send us a question using the "Contact Us."