(ISC)² Systems Security Certified Practitioner (SSCP)

Introducing Security: Aligning Asset and Risk Management

• Understand security concepts and asset management
• Identify common risks and vulnerabilities
• Learn about the risk management process and treatment options

Risk Management: Use of Access Controls to Protect Assets

• Implement and maintain functional security controls
• Classify various access control models
• Understand identity management lifecycle and authentication methods

Cryptography

• Apply fundamental concepts of cryptography
• Describe symmetric and asymmetric cryptography
• Define key management concepts and Public Key Infrastructure

Securing Software, Data and End Points

• Discuss software systems and application security
• Identify data security concepts and malicious code countermeasures
• Evaluate mobile device management and security issues

Networks and Communications Security

• Describe network-related security issues
• Identify protective measures for telecommunication technologies
• Define procedures for controlling network access and managing LAN-based security

Cloud and Wireless Security

• Recall cloud security concepts and configurations
• Recognize types of virtualization and cloud security considerations
• Summarize the types of telecommunications and network access controls

Incident Detection and Response

• Review steps for monitoring, incident detection, and data loss prevention
• Identify elements of incident response policy and forensic investigations

Maturing Risk Management

• Identify operational aspects of change management
• Summarize physical security considerations and security education strategies
• Recognize common security assessment activities and components of business continuity and disaster recovery plans