Demonstrates the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures established by the cybersecurity experts at (ISC)².
Certificate Exam Details
The Systems Security Certified Practitioner (SSCP) is the ideal certification for those with proven technical skills and practical, hands-on security knowledge in operational IT roles. It provides confirmation of a practitioner’s ability to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability. The broad spectrum of topics included in the SSCP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security.
SSCP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.
- Security Operations and Administration: Codes of ethics, CIA triad, least privilege, separation of duties, maintaining, implementing and documenting functional security controls, asset management, assess compliance of technical, physical, and administrative controls.
- Risk Identification, Monitoring, and Analysis: Understands the risk management process, performs security assessment activities, operates and maintains monitoring systems, analyzes monitoring results.
- Incident Response and Recovery: Understands and supports the incident lifecycle, forensic investigations, Evidence handling, and Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities.
- Cryptography: Understands fundamental concepts of cryptography, the reasons and requirements for cryptography, secure protocols, and Public Key Infrastructure (PKI) systems.
- Systems and Application Security: Identifies and analyzes malicious code and activity, implements and operates endpoint device security, cloud security, and secure virtual environments.
- Access Controls: Single/multifactor authentication, Trust relationships, Provisioning/de-provisionin, Identity and Access Management (IAM) systems
- Network and Communications Security: DDoS, IEEE 802.1X, Radius, TACAC, SSL/IPSec VPN, VLAN Segmentation, Firewalls, WIPS, WID, WAN optimization, load balancing, etc