Pearson IT Certification

Exam Profile: (ISC)2 Systems Security Certified Practitioner (SSCP)

By

Date: Apr 4, 2011

Return to the article

This article profiles the SSCP exam, an entry-level security exam sponsored by the International Information Systems Security Certification Consortium, Inc., or (ISC)2. Pearson IT Certification provides a variety of exam preparation tools to help our customers in their quest for certification. As part of our service to you, we have developed this Exam Profile series. Each profile is developed based on the testing experience of one of our trainers or authors. You won’t get exact questions or answers, but you will get a real feel for the exam. Each profile describes question forms, trouble spots, hints for exam preparation, and recommendations for additional study resources. Find out what you can expect to see on the exam and how you can better prepare for it.

The SSCP exam is an entry-level security exam sponsored by International Information Systems Security Certification Consortium, Inc., or (ISC)2. It is considered by many to be a stepping stone on the path to earning the (ISC)2 Certified Information Systems Security Practitioner (CISSP). (ISC)2 describes the person with the SSCP certification as the person doing the hands-on work, or the enforcer that everyone is going to for answers. However, don’t think that this means that you’ll be asked a lot of questions of how to use specific tools. The exam is still focused on understanding key security concepts.

To achieve the SSCP certification, you have to complete several steps:

Exam Details

Trouble Spots

Trouble Spots

Many people find the following two domains especially challenging.

Preparation Hints

Preparation Hints

One of the first things to do when considering the SSCP exam is to download the Candidate Information Bulletin (CIB). They provide you with a significant amount of information about the exam, including details about the domains covered by the exam. You can retrieve a candidate information bulletin for the SSCP exam here after providing some registration information.

If you’ve studied and passed the Security+ exam, you are well on your way to taking and passing this exam. SSCP includes many of the same topics, though the questions will often be asked differently. If you truly learned the material for the Security+ exam, you can probably brush up on the topics and find that you’re prepared for more than 50% of the exam. However, you will find that many of the questions on the SSCP exam require a deeper level of understanding for many of the topics.

Many people wonder about the difference between the SSCP and the CISSP. There is quite a bit of crossover between the exams. However, the CISSP exam questions are much more complex, requiring a deeper level of understanding of the topics. Additionally, the CISSP exam covers a much broader range of questions. However, if you plan on taking the CISSP exam in the future, it’s worthwhile studying some of the CISSP resources for the SSCP topics. You’ll have a solid understanding for the SSCP exam, and you’ll be a step ahead of the game when you tackle the CISSP.

Recommended Study Resources

Recommended Study Resources

The CIB lists almost 100 references that make up the common body of knowledge (CBK) for the exam. However, it’s not feasible or even recommended to purchase and read all of these books. Unfortunately, there isn’t a standout book available on the SSCP at this time. The biggest challenge is that the CIB covers such a broad base of knowledge, it’s difficult for a single book to cover all of the objectives adequately. Your best bet is to get more than one book. You can start with a search on Amazon for SSCP or even Security+ books. Additionally, there is an active forum on SSCP (combined with CISSP).

Last, ccure.org has some free study guides for SSCP. You’ll need to create a profile; after logging in, search on “SSCP” or follow the menu for Certifications -> ISC2 Certifications -> SSCP. They have several free SSCP study guides, but be aware that many of these are older. Some knowledge, like the OSI model, is timeless, but other topics, like cryptography, change frequently.

Exam Objectives

Exam Objectives

The SSCP includes topics from seven domains:

Where to Go From Here

Where to Go From Here

Get the CIB, read it, and take notes to identify your weaknesses. Once you’ve identified your weaknesses, look for resources to increase your knowledge in those areas. Good luck!

800 East 96th Street, Indianapolis, Indiana 46240