SSCP: Systems Security Certified Practitioner

Gain core knowledge and experience to successfully manage security administration and operations and prepare for the Systems Security Certified Practitioner (SSCP®) certification.

Earning a globally recognised advanced security administration and operations certification like the SSCP is a great way to grow your career and better secure your organisation’s critical assets.

SSCP certification demonstrates you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures established by the cybersecurity experts at (ISC)².

Exam purchased separately. You may add this to your booking for an additional $410.

Candidates must have a minimum of one year cumulative paid work experience in one or more of the seven domains of the SSCP CBK® (Common Body of Knowledge). A one year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.

A candidate who doesn’t have the required experience to become an SSCP may become an Associate of (ISC)² by successfully passing the SSCP examination. The Associate of (ISC)² will then have two years to earn the one year required experience.

SSCP certification demonstrates you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures established by the cybersecurity experts at (ISC)².

The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organisation’s critical assets, including those in the following positions:

• Network Security Engineer
• Systems Administrator
• Security Analyst
• Systems Engineer
• Security Consultant/Specialist
• Security Administrator
• Systems/Network Analyst
• Database Administrator

We can also deliver and customise this training course for larger groups – saving your organisation time, money and resources. For more information, please contact us on 0800 835 835.

The SSCP exam evaluates your expertise across seven security domains. Think of the domains as topics you need to master based on your professional experience and education.

Refer to the SSCP Exam Outline for a deeper dive into the SSCP domains.

1. Access Controls

• Implement and maintain authentication methods
• Support internetwork trust architectures
• Participate in the identity management lifecycle
• Implement access controls

2. Security Operations and Administration

• Comply with codes of ethics
• Understand security concepts
• Document, implement, and maintain functional security controls
• Participate in asset management
• Implement security controls and assess compliance
• Participate in change management
• Participate in security awareness and training
• Participate in physical security operations (e.g. data centre assessment, badging)

3. Risk Identification, Monitoring and Analysis

• Understand the risk management process
• Perform security assessment activities
• Operate and maintain monitoring systems (e.g. continuous monitoring)
• Analyse monitoring results

4. Incident Response and Recovery

• Support incident lifecycle
• Understand and support forensic investigations
• Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities

5. Cryptography

• Understand fundamental concepts of cryptography
• Understand reasons and requirements for cryptography
• Understand and support secure protocols
• Understand Public Key Infrastructure (PKI) systems

6. Network and Communications Security

• Understand and apply fundamental concepts of networking
• Understand network attacks and countermeasures (e.g. DDoS, man-in-the-middle, DNS poisoning)
• Manage network access controls
• Manage network security
• Operate and configure network-based security devices
• Operate and configure wireless technologies (e.g. bluetooth, NFC, WiFi)

7. Systems and Application Security

• Identify and analyse malicious code and activity
• Implement and operate endpoint device security
• Operate and configure cloud security
• Operate and secure virtual environments

About (ISC)²
(ISC)²: The world’s leading cybersecurity and IT security professional organisation.
(ISC)² is an international, not for profit membership association for information security leaders. It is committed to helping their members grow, learn and thrive. With more than 140,000 certified members, it empowers professionals who touch every aspect of information security.

Is your course supplied by an Official (ISC)² Training Provider?
Auldhouse is one of only a few in Australasia who offer official (ISC)² courseware and materials. You wouldn’t update your company’s security policies with versions that were 12-18 months out of date…. By choosing an Official Training Provider, you are guaranteed the very latest in defence strategies and content that is mapped directly to the exam.