SSCP: Systems Security Certified Practitioner

Become an SSCP – Systems Security Certified Practitioner! Earning a globally recognized IT security administration and operations certification like the SSCP is a great way to grow your career and better secure your organization’s critical assets. SSCP certification demonstrates you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures established by the cybersecurity experts at ISC2.

The broad spectrum of topics included in the SSCP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security.

Successful candidates are competent in the following 7 domains:

  • Access Controls
  • Security Operations and Administration
  • Risk Identification, Monitoring, and Analysis
  • Incident Response and Recovery
  • Cryptography
  • Network and Communications Security
  • Systems and Application Security

Prerequisites

Candidates must have a minimum of 1-year cumulative work experience in 1 or more of the 7 domains of the SSCP CBK. A 1-year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.

A candidate that doesn’t have the required experience to become an SSCP may become an Associate of ISC2 by successfully passing the SSCP examination. The Associate of ISC2 will then have 2 years to earn the 1 year required experience. You can learn more about SSCP experience requirements and how to account for part-time work and internships at www.isc2.org/certifications/sscp/sscp-experience-requirements.

Target audience

The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets, including those in the following positions:

  • Network Security Engineer
  • Systems Administrator
  • Security Analyst
  • Systems Engineer
  • Security Consultant/Specialist
  • Security Administrator
  • Systems/Network Analyst
  • Database Administrator
  • Health Information Manager
  • Practice Manager

 

Course outline

Domain 1: Access Controls
1.1 Implement and maintain authentication methods
1.2 Support internetwork trust architectures
1.3 Participate in the identity management lifecycle
1.4 Implement access controls

Domain 2: Security Operations and Administration
2.1 Comply with codes of ethics
2.2 Understand security concepts
2.3 Document, implement, and maintain functional security controls
2.4 Participate in asset management
2.5 Implement security controls and assess compliance

Domain 3: Risk Identification, Monitoring, and Analysis
3.1 Understand the risk management process
3.2 Perform security assessment activities
3.3 Operate and maintain monitoring systems 
3.4 Analyse monitoring results

Domain 4: Incident Response and Recovery
4.1 Support incident lifecycle
4.2 Understand and support forensic investigations
4.3 Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities

Domain 5: Cryptography
5.1 Understand fundamental concepts of cryptography
5.2 Understand reasons and requirements for cryptography
5.3 Understand and support secure protocols
5.4 Understand Public Key Infrastructure (PKI) systems

Domain 6: Network and Communications Security
6.1 Understand and apply fundamental concepts of networking
6.2 Understand network attacks and countermeasures (e.g., DDoS, man-in-the-middle, DNS poisoning)
6.3 Manage network access controls
6.4 Manage network security
6.5 Operate and configure network-based security devices
6.6 Operate and configure wireless technologies (e.g., bluetooth, NFC, WiFi)

Domain 7: Systems and Application Security
7.1 Identify and analyze malicious code and activity
7.2 Implement and operate endpoint device security
7.3 Operate and configure cloud security
7.4 Operate and secure virtual environments

This course and materials will help prepare you to take the SSCP: Systems Security Certified Practioner exam

Exam format: From October 1, 2025, the SSCP exam is delivered as a Computer Adaptive Test (CAT) with 100–125 questions and a 2-hour time limit.

Accreditation: SSCP is ANAB-accredited to ISO/IEC 17024 (ISC2).

IMPORTANT! The SSCP exam voucher is NOT included in this SSCP training.

Hvem passer dette kurset for?
Junior sikkerhets- og driftsroller som SOC-analytikere, system-/nettverksadministratorer og IT-drift. Også relevant for kandidater som vil bygge praktiske ferdigheter før mer avanserte sertifiseringer.

Hvilke forkunnskaper bør jeg ha?
Grunnleggende forståelse av IT-drift og nettverk. For sertifisering krever ISC2 normalt 1 års relevant erfaring (relevant utdanning kan gi fritak). Mangler du erfaring, kan du ta eksamen og bli Associate of ISC2 mens du bygger erfaring (opptil 2 år).

Hva lærer jeg i kurset?
Vi dekker alle 7 SSCP-domener med fokus på praktisk anvendelse:

  • Access Controls

  • Security Operations & Administration

  • Risk Identification, Monitoring & Analysis

  • Incident Response & Recovery

  • Cryptography

  • Network & Communications Security

  • Systems & Application Security

Hvordan foregår kurset?
Instruktørledet undervisning med teori, oppgaver og eksamenstips. Leveres i klasserom og digitalt. Datoer/format finner du i kurskalenderen.

Hva er inkludert i prisen?
Offisielt kursmateriell. Eksamensvoucher er ikke inkludert for SSCP (kan kjøpes separat eller bestilles via Glasspaper ved behov).

Gir kurset sertifisering?
Kurset forbereder deg til ISC2 SSCP-eksamen. Sertifisering oppnås når du består eksamen, oppfyller erfaringskravet og fullfører ISC2s endorsement-prosess.

Hvordan foregår eksamen og vedlikehold av sertifisering?
Fra 1. oktober 2025 leveres SSCP som Computer Adaptive Test (CAT) med 100–125 spørsmål og 2 timers tidsramme. Sertifiseringen vedlikeholdes med CPE-poeng over 3 år og årlig vedlikeholdsavgift til ISC2.

Er SSCP-sertifiseringen akkreditert?
Ja. SSCP fra ISC2 er ANAB-akkreditert iht. ISO/IEC 17024.

Kan jeg få kurset spesialtilpasset?
Ja – vi kan skreddersy interne gjennomføringer, f.eks. med domeneprioritering eller virksomhetsnære case.

Kan jeg bestille kurset for min organisasjon?
Ja – Glasspaper leverer bedriftsinternt, både fysisk og digitalt.

Hva er neste steg etter kurset?
Meld deg opp til SSCP-eksamen. Videre kan du bygge mot CISSP (arkitektur/leder), CCSP (skysikkerhet) eller fordype deg i Microsoft/AWS-sikkerhet.

Andre relevante kurs

17. november
5 dager
Classroom Virtual