Course Code: 2401

SSCP - Systems Security Certified Practitioner

Class Dates:
3/10/2025
5/5/2025
Length:
5 Days
Cost:
$3595.00
Class Time:
Technology:
Security
Delivery:
Instructor-Led Training, Virtual Instructor-Led Training

Overview

  • Course Overview
  • The Systems Security Certified Practitioner (SSCP®) is the ideal certification for those with proven technical skills and practical, hands-on security knowledge in operational IT roles. It provides confirmation of a practitioner’s ability to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability.

    The broad spectrum of topics included in the SSCP body of knowledge ensure its relevancy across all disciplines in the field of information security.

    Successful candidates are competent in the following seven domains:
    • Security Operations and Administration
    • Access Controls
    • Risk Identification, Monitoring and Analysis
    • Incident Response and Recovery
    • Cryptography
    • Network and Communications Security
    • Systems and Application Security
  • Audience
  • Who should attend? This training course is intended for those with proven technical skills and practical, hand-on security knowledge in operational IT roles. The candiate is required to have a minimum of 1 year of cumulative paid full-time work experience in 1 of the 7 domains of the SSCP CBK. The training seminar is ideal for those working in positions such as, but not limited to:

    Network Security Engineer
    Systems/Network Administrator
    Security Analyst
    Systems Engineer
    Security Consultant/Specialist
    Security Administrator
    Systems/Network Analyst
    Database Administrator

Prerequisites

  • Experience Required: Candidates must have a minimum of one-year full-time experience in one or more of the seven domains of the current SSCP outline. Earning a post-secondary degree (bachelor's or master's) in computer science, information technology (IT) or related fields may satisfy up to one year of the required experience. Part-time work and internships may also count towards the experience requirement. Accreditation

    SSCP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.

    J

Course Disclaimer

*Course cost listed does not include the cost of courseware (required) or lunch (optional). Please contact us at learn@vtec.org or 207-775-0244 for additional pricing information, or if you have any questions. Course is subject to minimum enrollment. Course may run a live distance learning class if minimum is not met.

Job Task Analysis (JTA) ISC2 has an obligation to its membership to maintain the relevancy of the SSCP. Conducted at regular intervals, the Job Task Analysis (JTA) is a methodical and critical process of determining the tasks that are performed by security professionals who are engaged in the profession defined by the SSCP. The results of the JTA are used to update the examination. This process ensures that candidates are tested on the topic areas relevant to the roles and responsibilities of today’s practicing information security professionals.

Course Details

  • Domain 1: Security Operations and Administration
  • Comply with codes of ethics, » (ISC)² Code of Ethics, Organizational code of ethics
  • Understand security concepts, Confidentiality, Availability, Accountability , Privacy, Non-repudiation,
  • Least privilege, Segregation of duties (SoD)
  • Identify and implement security controls
  • Technical controls (e.g., session timeout, password aging)
  • » Physical controls (e.g., mantraps, cameras, locks)
  • Administrative controls (e.g., security policies, standards, procedures, baselines)
  • » Assessing compliance, Periodic audit and review
  • Document and maintain functional security controls
  • » Deterrent, » Preventative, Detective, Corrective, and Compensating controls,
  • Participate in asset management lifecycle (hardware, software and data)
  • » Process, planning, design and initiation
  • .
  • Development/Acquisition, Inventory and licensing
  • Implementation/Assessment, Operation/Maintenance
  • Archiving and retention requirements
  • Disposal and destruction
  • Participate in change management lifecycle
  • Change management (e.g., roles, responsibilities, processes)
  • Security impact analysis, Configuration management (CM)
  • Participate in implementing security awareness and training (e.g., social engineering/
  • Collaborate with physical security operations (e.g., data center assessment, badging)
  • Domain 2: Access Controls
  • Implement and maintain authentication methods
  • Single/Multi-factor authentication (MFA)
  • » Single sign-on (SSO) (e.g., Active Directory Federation Services (ADFS), OpenID Connect)
  • Device authentication
  • Federated access (e.g., Open Authorization 2 (OAuth2), Security Assertion Markup Language (SAML))
  • Support internetwork trust architectures
  • Trust relationships (e.g., 1-way, 2-way, transitive, zero)
  • Internet, intranet and extranet, Third-party connections
  • Participate in the identity management lifecycle
  • Authorization, Proofing, Provisioning/De-provisioning, Maintenance, Entitlement
  • Identity and access management (IAM) systems
  • Understand and apply access controls,
  • .
  • Mandatory, Discretionary , Role-based (e.g., attribute-, subject-, object-based), Rule-based
  • Domain 3: Risk Identification, Monitoring
  • Understand the risk management process
  • Risk visibility and reporting (e.g., risk register, sharing threat intelligence/Indicators of
  • Risk management concepts (e.g., impact assessments, threat modelling)
  • Risk management frameworks (e.g., International Organization for Standardization (ISO),
  • Risk tolerance (e.g., appetite)
  • Risk treatment (e.g., accept, transfer, mitigate, avoid, ignore
  • Understand legal and regulatory concerns (e.g., jurisdiction, limitations, privacy)
  • Participate in security assessment and vulnerability management activities
  • Security testing, Risk review (e.g., internal, supplier, architecture, Vulnerability management lifecycle
  • Operate and monitor security platforms (e.g., continuous monitoring)
  • Source systems (e.g., applications, security appliances, network devices and hosts)
  • Events of interest (e.g., anomalies, intrusions, unauthorized changes, compliance monitoring)
  • .
  • Log management, Event aggregation and correlation
  • Analyze monitoring results
  • Security baselines and anomalies
  • » Visualizations, metrics, and trends (e.g., notifications, dashboards, timelines)
  • Event data analysis
  • Document and communicate findings (e.g., escalation)
  • Domain 4: Incident Response and Recovery
  • Support incident lifecycle (e.g., National Institute of Standards and Technology (NIST),
  • Preparation, Detection, analysis and escalation
  • Containment, Eradication, Recovery, Lessons learned/Implementation of new countermeasure
  • Understand and support forensic investigations
  • Legal (e.g., civil, criminal, administrative) and ethical principles
  • Evidence handling (e.g., first responder, triage, chain of custody, preservation of scene)
  • Reporting of analysis
  • Understand and support business continuity plan (BCP) and disaster recovery plan (DRP)
  • Emergency response plans and procedures (e.g., information systems contingency,
  • Interim or alternate processing strategies, Restoration planning
  • Backup and redundancy implementation
  • Testing and drills
  • Domain 5: Cryptography
  • Understand reasons and requirements for cryptography
  • Confidentiality, Integrity and authenticity
  • Data sensitivity (e.g., personally identifiable information (PII), intellectual property (IP),
  • Regulatory and industry best practice (e.g., Payment Card Industry Data Security Standards (PCI-DSS),
  • Apply cryptography concepts
  • Hashing,Salting,Symmetric/Asymmetric encryption/Elliptic curve cryptography (ECC)
  • Non-repudiation (e.g., digital signatures/certificates, Hash-based Message Authentication Code (HMAC),
  • Strength of encryption algorithms and keys (e.g., Advanced Encryption Standards (AES),
  • Cryptographic attacks, cryptanalysis, and countermeasures (e.g., quantum computing)
  • .
  • Understand and implement secure protocols
  • Services and protocols (e.g., Internet Protocol Security (IPsec), Transport Layer Security
  • Common use cases, Limitations and vulnerabilities
  • Understand and support public key infrastructure (PKI) systems
  • Web of Trust (WOT) (e.g., Pretty Good Privacy (PGP), GNU Privacy Guard (GPG), blockchain)
  • Domain 6: Network and Communications Security
  • Understand and apply fundamental concepts of networking
  • Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP)
  • Network topologies, Network relationships (e.g., peer-to-peer (P2P),
  • Transmission media types (e.g., wired, wireless
  • Software-defined networking (SDN) (e.g., Software-Defined Wide Area Network (SD-WAN),
  • Commonly used ports and protocols
  • .
  • Understand network attacks (e.g., distributed denial of service (DDoS), man-in-the-middle
  • Manage network access controls
  • Network access controls, standards and protocols (e.g., Institute of Electrical and Electronics Engineers
  • (IEEE) 802.1X, Remote Authentication Dial-In User Service (RADIUS), Terminal Access Controller, Control System Plus (TACACS+))
  • Remote access operation and configuration (e.g., thin client, virtual private network (VPN))
  • Manage network security, Logical and physical placement of network devices (e.g., inline, passive, virtual)
  • Segmentation (e.g., physical/logical, data/control plane, virtual local area network (VLAN), access control list (ACL), firewall zones, micro-segmentation) Secure device management
  • Operate and configure network-based security devices
  • Firewalls and proxies (e.g., filtering methods, web application firewall (WAF)) Intrusion detection systems (IDS) and intrusion prevention systems (IPS)
  • Routers and switches, Traffic-shaping devices (e.g., wide area network (WAN) optimization, load balancing)
  • Secure wireless communications, Technologies (e.g., cellular network, Wi-Fi, Bluetooth, Near-Field Communication (NFC))
  • Authentication and encryption protocols (e.g., Wired Equivalent Privacy (WEP), Wi-Fi Protected Access, Internet of Things (IoT)
  • Domain 7: Systems and Application Security
  • Identify and analyze malicious code and activity
  • Malware (e.g., rootkits, spyware, scareware,
  • Malware countermeasures (e.g., scanners, antimalware, code signing)
  • Malicious activity (e.g., insider threat, data
  • Malicious activity countermeasures (e.g.,
  • Social engineering (e.g., phishing,
  • Behavior analytics (e.g., machine learning,
  • Implement and operate endpoint device security
  • Host-based intrusion prevention system (HIPS)
  • Host-based firewalls, Application whitelisting
  • Endpoint encryption (e.g., whole disk
  • Trusted Platform Module (TPM), Secure browsing, Endpoint Detection and Response (EDR)
  • .
  • Administer Mobile Device Management (MDM)
  • Provisioning techniques (e.g., corporate owned,
  • Containerization, Encryption, Mobile application management (MAM)
  • Understand and configure cloud security
  • Deployment models (e.g., public, private, hybrid,
  • Service models (e.g., Infrastructure as a Service
  • Virtualization (e.g., hypervisor, Legal and regulatory concerns (e.g., privacy, surveillance, data ownership, jurisdiction, eDiscovery)
  • Data storage, processing, and transmission (e.g.,
  • Third-party/outsourcing requirements (e.g., service-level agreement (SLA), data portability, data
  • Shared responsibility mode, Operate and maintain secure virtual environments
  • Hypervisor, Virtual appliances, Containers
  • Continuity and resilience, Attacks and countermeasures, Shared storage