ISC2 System Security Certified Practitioner (SSCP) Learning Path

The SSCP certificate path will prepare students for one of the industry's leading certifications.

9 hours, 58 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    9 hours, 58 minutes

  • Assessment

    questions

About ISC2 System Security Certified Practitioner (SSCP)

The System Security Certified Practitioner (SSCP) certification path will provide students with an overview of foundational information security concepts. The course will cover the seven domains that encompass the SSCP, with topics ranging from securing information systems and data to overall security operations. This training would benefit those looking to get started in the information security field, or those who want to reinforce and prove their information security knowledge.

 

Syllabus

SSCP Practice Exam

Assessment - 121 questions

Security Operations and Administration

Course - 01:37:00

The following domain will begin with detailing the requirements and what to expect from the SSCP exam. Subsequent sections will focus on the core concepts of managing and operating security operations. This course will take a closer look at different aspects of security operations from code of ethics to the security controls needed to ensure the confidentiality, integrity and availability (CIA framework) of an organization's information systems. The CIA framework will be a common reference throughout the entirety of the course.
Access Controls

Course - 00:52:00

This domain will discuss how organizations implement various controls that aid systems in evaluating the identity of users or other systems attempting to use their systems. The implementation of adequate access controls is imperative to the overall protection of confidentiality, integrity and availability of information systems. This course will walk through how organizations implement and maintain various authentication methods to those systems. We will discuss various techniques used by organizations such as single vs. multi-factor authentication and how single sign-on works.
Risk Identification, Monitoring and Analysis

Course - 01:03:00

In this course, the primary focus will be understanding the general risk management process. We'll look at how organizations identify their risk and choose how they want to treat their risk, whether they opt to accept it, mitigate it or transfer the risk to a third-party entity. We will also walk through various regulatory concerns that information security teams must be aware of, especially if organizations decide to operate in different counties or jurisdictions.
Incident Response and Recovery

Course - 00:50:00

The establishment of an incident response process will ensure that an organization can recover following the identification of a security incident. And while all alerts are not considered incidents, this section focuses on how to properly identify an security event in order to potentially declare it as an incident. In this course, you will learn how to truly define security incidents versus security events.
Overview of Cryptography

Course - 00:55:00

This course will review the core aspects of cryptography and the need for it. We take a pragmatic approach to understanding how and why cryptography and information security go hand-in-hand. We'll begin by discussing the history and the reasons to why cryptography overlaps with the goals of confidentiality, integrity and availability within information security. We will also discuss the core aspects of secure protocols needed to establish confidential conversations at a network level, and the public-key infrastructure systems used to support various secure communication.
Network and Communications Security

Course - 01:59:00

Data that travels, either to an external party or to various internal systems, needs to be protected on the medium that it travels through. That's where the importance of network and communications security comes into play. The security in your organization's network is just as important as the devices that sit on that network. In this section, we will discuss the various fundamental concepts of networking, starting with a model that helps describe a network at a logical level.
System and Application Security

Course - 01:41:00

In this course, we will discover most prevalent types of malware and malicious code that exist today, such as Trojans, viruses and ransomware. We will also discuss different methods of prevention that an organization may take, such as the deployment of endpoint security products. We will then discuss how organizations increased mobile device footprints either through Bring Your Own Device (BYOD) or Corporate-Owned Personally Enabled (COPE) devices.

Meet the author

Latoya Jamison

Latoya Alford is currently the Manager of Cyber Threat Intel and Hunt for a global pharmaceutical company where she focuses on hunting for cyber threats and using cyber threat intelligence to help drive security detection and response strategy. Latoya has several industry-relevant certifications from (ISC), GIAC(SANS), and CompTIA.

Prior to her current role, Latoya worked at Etsy and QVC, where she specialized in security operations, monitoring, and incident response. In her free time, Latoya explores ways to improve data analytics in security operations to drive cybersecurity strategy. She is also a hobbyist developer, with expertise in Python, Javascript, Ruby, and the Ruby on Rails frameworks. Latoya holds a Bachelor of Science in Digital Forensics from Bloomsburg University.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo