Top of Page
 

SSCP LogoSystems Security Certified Practitioner

 

Advance Your Career With Essential Cybersecurity Skills

You’re dedicated to your work in IT or information security, but it’s time to take your career to the next level. Take a big step forward with the SSCP!

This well-known, global IT security certification offers instant credibility. And it’s an excellent way to expand your cybersecurity knowledge — particularly if you’re in a hands-on, operational IT role or you’re building a foundation in information security.

The SSCP shows you have the technical skills to implement, monitor and administer IT infrastructure using information security policies and procedures. You’re skilled in protecting the confidentiality, integrity and availability of data. You matter!

Prove you’re an integral part of this exciting, constantly-changing field. Pursue your SSCP today.

Steps to Certification

  1. Step 1
  2. Step 2
  3. Step 3
  4. Step 4

Get the Needed Experience

To qualify for SSCP certification, you must have:

  • A minimum of one year of cumulative, paid, full-time work experience 
  • In one or more of the seven domains of the SSCP Common Body of Knowledge (CBK)

Don’t have the required work experience yet? You can take and pass the SSCP exam to earn an Associate of (ISC)2 designation. Then, you’ll have up to two years to earn your required work experience for the SSCP.

Create an Account at Pearson VUE and Schedule Your Exam

To schedule an exam, you must create an account at Pearson VUE

Pearson VUE is the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website. 

Once you’ve set up your account and are ready to register, you’ll need to:

  • Complete the Examination Agreement. You agree to the truth of your assertions regarding professional experience. You also legally commit to the adherence of the (ISC)² Code of Ethics
  • Review the Candidate Background Questions.
  • Pay the exam fee.

Pass the Exam

This is the day to show your greatness! You’ll have three hours to complete the 125 exam questions. 

You must pass the exam with a scaled score of 700 points or greater. 

Want more details? Read our exam scoring FAQs

Subscribe to the Code of Ethics and Get Endorsed

Let’s say you pass the exam. Then what?

Before this IT security certification can be awarded, you have to:

  • Subscribe to the (ISC)² Code of Ethics.
  • Have your application endorsed.

Your endorsement form must be completed and signed by an (ISC)² certified professional. He or she needs to be an active member who can confirm your professional experience.

(ISC)² can endorse you if you can’t find a certified individual.

You have nine months from the date of the exam to complete these steps. If you don’t, you have to retake the exam to get certified.

Want to learn more? Read our endorsement assistance guidelines.

Get to Know the SSCP

  • Why Become an SSCP Why Become an SSCP

    Yes, you can earn other starter IT security certifications. But as other SSCPs will tell you, none of those certifications will give you the sense of achievement you’ll feel with the SSCP. 

    Here are powerful reasons to become an SSCP:

    • Respect. The SSCP certification validates your knowledge and experience. It’s a way to be taken more seriously. SSCPs have a voice in decisions, and their managers and peers value their advice.
    • New career opportunities. The SSCP can spark career growth. It can lead to higher pay, promotions, more complex work, exciting challenges, project lead roles and even better jobs.
    • Growth and learning. The SSCP not only proves your knowledge, it helps you develop new skills you can instantly apply in your day-to-day work. And you’ll stay up-to-date on emerging security threats.
    • A path to the CISSP and/or a career in information security. The SSCP is an excellent way to prepare for the CISSP. It’s also a strong foundation for a career in information security. You’ll build confidence, learn new skills and get familiar with the format of the (ISC)2 exams.
    • A broader perspective. You’ll better understand the business side of things: from risk management, to business continuity planning. And because the SSCP is vendor neutral, you can apply your real-world knowledge across platforms. You’ll bring more value to those you’re serving.
    • Community of professionals. You’ll become a member of the (ISC)2 community. You’ll gain access to an amazing network of peers and ways to better yourself.

    What the Industry Is Saying About the SSCP

    DoD 8570 Approved
    The SSCP is DoD 8570 approved. It’s listed in three categories on the DoD 8570 matrix:

    • IAT Level 1
    • IAT Level II
    • CND Infrastructure Support

    ANSI-Accredited
    The SSCP certification is accredited by the American National Standards Institute (ANSI). This means it complies with the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 17024 Standards. Why is accreditation important when choosing a certification program?

    Visit the Institute for Credentialing Excellence website for details. >

  • Should You Pursue the SSCP? Should You Pursue the SSCP?

    You have hands-on, technical IT skills and some practical security knowledge. Sound familiar?

    The SSCP is an excellent step for you if you:

    • Want to validate your skills and experience, so you can advance your career and earn more respect.
    • Are serious about the exciting field of information security.
    • Love a challenge and are always looking for ways to better yourself.
    • Want to expand your knowledge and confidence, so you can deal with new IT security threats and better protect your organization.
    • Want to join a global community of subject matter experts. As a member of (ISC)2, you gain access to networking, professional development and more.
    • Need to comply with government or industry regulations. (The SSCP is DoD 8570 approved.)

     The SSCP is ideal for those working in roles such as:

    • Network security engineer
    • Systems/network administrator
    • Security analyst
    • Systems engineer
    • Security consultant/specialist
    • Security administrator
    • Systems/network analyst
    • Database administrator 
  • Getting the SSCP Training That's Right for You Getting the SSCP Training That's Right for You
    Classroom-Icon

    Classroom-Based Training

    • Ideal for hands-on learners. The most thorough review of the SSCP CBK, industry concepts and best practices.
    • A five-day training event delivered in a classroom setting. Eight hours a day.
    • Available at (ISC)2 facilities and through (ISC)2 Official Training Providers worldwide.
    • Led by authorized instructors.

     

    Get details on Classroom-Based Training. >


    School-Icon

    Private On-Site Training

    • A cost-effective and convenient training solution if your organization has 10 or more employees taking the exam.
    • Tailored to your team’s schedule, budget and certification requirements.
    • Conveniently taught in your office space or a local venue.
    • Led by authorized instructors.

    Get details on Private On-Site Training. >

    Instructor-Icon

    Instructor-Led Training

    • Participate from the convenience of your computer. This saves you travel time and expense.
    • Weekday, weekend and evening options to fit your needs.
    • Comprehensive review of the CBK, so you’re ready for this cybersecurity certification.
    • Delivered in a variety of schedules with weekday, weekend, and evening options to suit your needs.
    • Access to recordings of all course sessions for 60 days.
    • Led by authorized instructors.

    Get details on Instructor-Led Seminars. >


    SSCP Training Course Overview

    Our training helps you fully prepare for this IT security certification. You will:

    • Review, refresh and expand your knowledge of maintaining and securing IT networks, systems and servers. 
    • Identify areas you need to study for the SSCP exam.

    You can expect an in-depth review of the seven domains of the SSCP CBK — including discussion of industry best practices and timely IT security concepts.

    (ISC)² authorized instructors lead all our training. You’re learning from industry experts who understand you. They know how to make the content highly relatable. And they go through a rigorous process to teach to our CBK.

    Plus, we use proven adult learning techniques to reinforce topics. This approach increases how much information you retain. Our techniques are highly interactive. They focus on real-world learning activities and scenarios, so you get the most out of training.

    In addition to training, we offer resources to help you with self-study. Our resources include the:

  • Mastering the Domain on the Exam Mastering the Domain on the Exam

    The SSCP exam tests your skills in seven domains. Think of the domains as specific knowledge areas you need to know based on your experience and education. 

    The domains draw from a range of IT security topics within the (ISC)² Common Body of Knowledge (CBK).

    Here’s a closer look at the SSCP domains and how they’re weighted on the exam:

    Domains Weight
    1. Access Controls 16%
    2. Security Operations and Administration 17%
    3. Risk Identification, Monitoring and Analysis 12%
    4. Incident Response and Recovery 13%
    5. Cryptography 9%
    6. Network and Communications Security 16%
    7. Systems and Application Security 17%
    Total 100%



    Access Controls

    • Implement authentication mechanisms
    • Operate internetwork trust architectures
    • Participate in the identity-management lifecycle
    • Implement access controls

    Security Operations and Administration

    • Understand and comply with code of ethics
    • Understand security concepts
    • Document and operate security controls
    • Participate in asset management
    • Implement and assess compliance with controls
    • Participate in change management
    • Participate in security awareness and training
    • Participate in physical security operations

    Risk Identification, Monitoring, and Analysis

    • Understand the risk management process
    • Perform security assessment activities
    • Operate and maintain monitoring systems
    • Analyze monitoring results

    Incident Response and Recovery

    • Participate in incident handling
    • Understand and support forensic investigations
    • Understand and support BCP and DRP

    Cryptography

    • Understand and apply fundamental concepts of cryptography
    • Understand requirements for cryptography
    • Understand and support secure protocols
    • Operate and implement cryptographic systems

    Networks and Communications Security

    • Understand security issues related to networks
    • Protect telecommunications technologies
    • Control network access
    • Manage LAN-based security
    • Operate and configure network-based security devices
    • Implement and operate wireless technologies

    Systems and Application Security

    • Identify and analyze malicious code and activity
    • Implement and operate endpoint device security
    • Operate and configure cloud security
    • Secure big data systems
    • Operate and secure virtual environments
  • Taking Your SSCP Exam Taking Your SSCP Exam
    Length of exam 

    Up to 3 Hours

    Number of questions   

    125 Questions

    Question format

    Multiple Choice

    Passing grade

    A passing score is 700 out of 1000 points

    Exam Language

    English, Japanese and Brazilian Portuguese

     Testing Center  Pearson VUE

     

  • Maintaining or Regaining SSCP Certification Maintaining or Regaining SSCP Certification

    Once you’ve earned this world-class IT security certification, you become a member of (ISC)2. You enter one of the largest communities of information security professionals in the world. You gain access to unparalleled global resources and networking.

    Quite simply, you have endless opportunities to grow and refine your craft.

    But certification is a privilege that must be earned and maintained.

    To remain in good standing with your SSCP, you need to:

    • Abide by the (ISC)² Code of Ethics.
    • Earn and post Continuing Professional Education (CPE) credits.
    • Pay your Annual Maintenance Fee (AMF).

    Here’s a closer look at each.

    Abiding by the (ISC)² Code of Ethics
    You agree to fully support and follow the (ISC)² Code of Ethics.

    Earning and Posting CPE Credits
    Cybersecurity is constantly changing. (You know this well!) You need to earn CPE hours to stay well-rounded and keep up your expertise.

    For the SSCP, you need to earn and post a minimum of 20 CPE credits per year. You need to do so before your certification annual anniversary date.

    CPEs may sound like a big task. However, (ISC)² makes it easy for you to earn your CPE credits on a regular basis. 

    We offer access to:

    • Live educational events around the world.
    • Online seminars that can be taken in the comfort of your home or office. They’re available exclusively to (ISC)² members.
    • And many more learning opportunities.

    Paying Annual Maintenance Fees (AMFs)
    Once you earn this IT security certification, you must pay USD $65 each year of your three-year certification cycle. Your payment is due before your certification or recertification annual anniversary date.

    Your payments help ensure that (ISC)2 has the financial resources to:

    • Be a functional, dynamic entity for leading information and IT security professionals (like you) far into the future.
    • Develop more CPE opportunities.
    • Continue to meet the certification needs and requirements of information security professionals.
    • Maintain member records.

    How to Regain Membership if Your SSCP Ceases
    If you wish to regain membership, you’ll need to:

    • Pay any outstanding AMF payments. (This needs to take place before you sit for the exam.)
    • Retake and pass the exam to become certified again.
    • Contact Member Services to reactivate your certification after you pass the exam.

    Do you have questions about maintaining your SSCP certification? Ask Member Services. >

Free SSCP Exam Outline

Get Started Today

Download your free SSCP Exam Outline >