Improve your experience. We are very sorry but this website does not support Internet Explorer. We recommend using a different browser that is supported such as Google Chrome or Mozilla Firefox.

ISC2's Systems Security Certified Practitioner (SSCP)

Official (ISC)²® Training Seminar for the Systems Security Certified Practitioner (SSCP®) provides a comprehensive review of the knowledge required to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability.



This training course will help students review and refresh their knowledge and identify areas they need to study for the SSCP exam. Content aligns with and comprehensively covers the seven domains of the (ISC)² SSCP Common Body of Knowledge (CBK®).

Official courseware is developed by (ISC)² – creator of the SSCP CBK  – to ensure your training is relevant and up-to-date. Our instructors are verified security experts who hold the SSCP and have completed intensive training to teach (ISC)² content

About This Course


Course Domains

Domain 1: Security Operations and Administration

Domain 2: Access Controls

Domain 3: Risk Identification, Monitoring and Analysis

Domain 4: Incident Response and Recovery

Domain 5: Cryptography

Domain 6: Network and Communications Security

Domain 7: Systems and Application Security


Course Objectives

After completing this course, the student will be able to:

  • Discuss the core concepts of software security and the foundational principles that drive construction of resilient software.
  • Discuss the security design principles as essential elements for building secure software.
  • Discuss software security standards and frameworks, roadmaps and strategies and risk management.
  • Explain security in software development methodologies, security metrics and security culture in software development.
  • Identify and analyze software requirements pertaining to data privacy, security and compliance with laws and regulations.
  • Describe requirement specification and tractability, misuse and abuse cases and flow down of security requirements to supplier.
  • Explain secure architecture and design elements and patterns, architectural risk assessment, threat modeling, threat intelligence and attack surface evaluation.
  • Explain security architecture and control identification, prioritization and positioning.
  • Apply secure coding practices, analyze code for security risks and implement security controls.
  • Discuss third-party code and libraries, software composition analysis and security of the build process.
  • Discuss security testing strategy plan and analyze security testing methods.
  • Discuss validation and verification, security test results and tracking security errors.
  • Describe secure software integration and deployment, security data and post-deployment security testing.
  • Recognize various security-relevant maintenance activities and discuss planning for the continuity of operations.
  • Discuss software supply chain risks and analyze security of third-party software.
  • Explain supplier security requirements in the acquisition process and support for contractual requirements.



This course covers the following chapters:

Chapter 1: Secure Software Concepts Domain

Chapter 2: Secure Software Lifecycle and Risk Management Domain

Chapter 3: Secure Software Requirements Domain

Chapter 4: Secure Software Architecture and Design Domain

Chapter 5: Secure Software Implementation Domain

Chapter 6: Secure Software Testing Domain

Chapter 7: Secure Software Deployment, Operations and Maintenance Domain

Chapter 8: Secure Software Supply Chain Domain

Chapter 9: Applied Scenario Activities

What's Included?


Training features:

  • Instruction from an (ISC)2 Authorized Instructor
  • Official (ISC)2 Student Training Guide
  • Interactive flash cards to reinforce learning
  • 20 content-specific learning activities and 12 applied scenarios
  • 61 content specific activities, including 6 case studies
  • 8 end of chapter quizzes with answer explanation to assess comprehension
  • 180 question post course assessment with answer explanation highlighting areas for further study
  • Exam fees

Who Should Attend?


This training course is intended for practitioners who have at least one year of cumulative, paid work experience in one or more of the seven domains of the (ISC)2 SSCP CBK and are pursuing SSCP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training seminar is ideal for those with technical skills and practical, hand-on security knowledge working in operational IT positions such as, but not limited to:


  • Network Security Engineer
  • Systems/Network Administrator
  • Security Analyst
  • Systems Engineer
  • Security Consultant/Specialist
  • Security Administrator
  • Systems/Network Analyst
  • Database Administrator




Length of Exam        4 hours

Number of Items      150

Item format               Multiple choice

Passing Grade           700 out of 1000

Languages                 English, Chinese, German, Japanese, Korean, Spanish




Candidates must have a minimum of one year cumulative work experience in one or more of the seven domains of the SSCP CBK. A one year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.

A candidate that doesn’t have the required experience to become an SSCP may become an Associate of (ISC)² by successfully passing the SSCP examination. The Associate of (ISC)² will then have two years to earn the one year required experience. You can learn more about SSCP experience requirements and how to account for part-time work and internships at

Certification Logo

Similar courses

ISO 27001 (2022) Lead Implementer

The IECB's ISO27001 Lead Implementer training and exam package. Attracts 31 CPD hours

More Information
ISO 27001 (2022) Lead Auditor

ISO 27001 Lead Auditor Training. Attracts 31 CPD hours

More Information
ISO 27032: 2023 Lead Cybersecurity Manager

IECB's Official ISO 27032: 2023 Lead Cybersecurity Manager Training Course.

More Information
ISO 27005 Lead Risk Manager

The IECB's ISO 27005 Lead Risk Manager training and exam package

More Information
Lead Cloud Security Manager

IECB's official Lead Cloud Security Manager training course enables participants to develop the competence needed to implement and manage a cloud security program by following widely recognized best practices.

More Information
ISO 27001(2022) Foundation

The IECB's ISO/IEC 27001 Foundation training allows you to learn the basic elements to implement and manage an Information Security Management System as specified in ISO/IEC 27001.

More Information
ISC2's Certified in Cyber Security

A foundational cybersecurity certification designed to help recipients build a pathway to a rewarding career in cybersecurity. This entry-level certification will prove to employers you have the foundational knowledge, skills and abilities necessary for an entry- or junior-level cybersecurity role.

More Information
ISC2's Certified Cloud Security Professional (CCSP)

Official (ISC)²® Training Course for the Certified Cloud Security Professional (CCSP®) provides a comprehensive review of the knowledge required for understanding cloud computing and its information security risks and mitigation strategies.

More Information
ISC2's Certified in Governance, Risk & Compliance

Official (ISC)²® Training course for the Certified in Governance, Risk and Compliance (CGRCTM), provides a comprehensive review of the knowledge required for authorizing and maintaining information systems within the NIST Risk Management Framework

More Information
ISO 27001: 2022 Internal Auditor

IECB's ISO 27001: 2022 Internal Audit course and exam package

More Information

Press enter to see more results