(ISC)2 Systems Security Certified Practitioner (SSCP)

The SSCP Professional Training Certificate shows employers you have the IT security foundation to defend against cyber-attacks.
Become an ISC2 certified practitioner on your own schedule with 120-day access to content aligned with the latest ISC2 SSCP exam domains.

Each course in the ISC2 systems certification includes a case study that will require you to practice the knowledge gained throughout each course. Successful completion of course projects will require the basic understanding of the topics covered and the ability to relate those topics to the real world.

IT Infrastructure

Use advanced technical skills and knowledge to implement, monitor and administer IT infrastructure

Best Practices

Use security best practices, policies and procedures established by the cybersecurity experts at (ISC)2

Advance your Career

Prove your skills, advance your career and gain the support of a community of cybersecurity leaders

Professional Certificate Programs enable you to become empowered and successful in every phase of your job!

Dana Baker

Dana Baker, Executive Director of Regional Campuses

"We are committed to developing current and relevant coursework to help transform our next generation of leaders."

ISC2 Systems Security Certified Practitioner Professional Certification

100% Online

Learn on your own schedule

Flexible Schedule

Set and maintain flexible deadlines

Entry Level

No previous experience required

6-Months to Complete

Suggested pace of 10 hours/week; 6 Courses

(ISC)2 Systems Security Certified Practitioner Professional Certificate Courses

Access Controls

This course outlines what users are permitted to do, resources they are allowed to access and operations they can perform on a system. Access Controls help managers limit and monitor systems use at a user level or group membership.

By the end of this course, you will:

  • Understand the different access control systems.
  • Know proper implementation to protect the system and data.
  • Use the different levels of confidentiality, integrity and availability.

Security Operations and Administration

This course addresses basic security concepts and the application of those concepts in the day-to-day operation and administration of enterprise computer systems and the information that they host. Ethical considerations in general and the (ISC)2 Code of Ethics in particular, provide the backdrop for any discussion of information security.

In this course, you will learn to:

  • Define Code of Ethics.
  • Describe the security concepts.
  • Document and operate security controls.
  • Describe the asset management process.
  • Implement and access compliance controls.
  • Describe the change management process.
  • Contribute to the security awareness training program.
  • Contribute to physical security operations.

Identifying, Monitoring and Analyzing Risk and Incident Response and Recovery

In this course, you will identify, measure and control losses associated with adverse events. You will review, analyze, select, and evaluate safeguards for mitigating risk.

You will learn processes for collecting information, providing methods of identifying security events, assigning priority levels, taking the appropriate actions and reporting the findings to the correct individuals. You will be introduced to the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) concepts and how they can be utilized to mitigate damages, recover business operations and avoid critical business interruption.

In this course, you will learn to:

  • Describe the risk management process.
  • Perform security assessment activities.
  • Describe processes for operating and maintaining monitoring systems.
  • Identify events of interest.
  • Describe the various source systems.
  • Interpret reporting findings from monitoring results.
  • Describe the incident handling process.
  • Contribute to the incident handling process based on role within the organization.
  • Describe the supporting role in forensics investigation processes.
  • Describe the supporting role in the business continuity planning process.
  • Describe the supporting role in the disaster recovery planning process.


Cryptography is the practice and study of techniques for securing communications in the presence of third parties. In this course, you will learn to protect information to ensure its integrity, confidentiality, authenticity and non-repudiation. You will understand the basics of  cryptographic concepts and how to apply them.

In this course, you will learn to:

  • Apply the fundamental concepts of cryptography.
  • Describe the difference between symmetric and asymmetric cryptography.
  • Define the basic requirements for cryptography.
  • Identify processes to support secure protocols.
  • Describe the process for implementing cryptographic systems.
  • Define key management concepts.
  • Define Public Key Infrastructure.
  • Identify processes for key administration and validation.
  • Describe the implementation of secure protocols.

Networks and Communication Security

In this course, you will learn network structure, data transmission methods, transport formats and the security measures used to maintain integrity, availability, authentication and confidentiality of the information being transmitted. Concepts for both public and private communication networks will be discussed.

In this course, you will learn to:

  • Describe network-related security issues.
  • Identify protective measures for telecommunication technologies.
  • Define processes for controlling network access.
  • Identify processes for managing LAN-based security.
  • Describe procedures for operating and configuring networked-based security devices.
  • Define procedures to implement and operate wireless technologies.

Systems and Application Security

In this course you will understand the kind of computer code described as harmful or malicious. Both technical and non-technical attacks will be discussed and you will learn how organizations protect themselves from these attacks.  Endpoint device security, cloud infrastructure security, securing big data systems and securing virtual environments will also be discussed.

In this course, you will learn to:

  • Identify malicious code activity.
  • Describe malicious code and the various countermeasures.
  • Describe the processes for operating endpoint device security.
  • Define mobile device management processes.
  • Describe the process for configuring cloud security.
  • Explain the process for securing big data systems.
  • Summarize the process for securing virtual environments.

Skills you will gain: