The only SSCP study guide officially approved by (ISC)2

The (ISC)2 Systems Security Certified Practitioner (SSCP) certification is a well-known vendor-neutral global IT security certification. The SSCP is designed to show that holders have the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures.

This comprehensive Official Study Guide―the only study guide officially approved by (ISC)2―covers all objectives of the seven SSCP domains.

• Security Operations and Administration
• Access Controls
• Risk Identification, Monitoring, and Analysis
• Incident Response and Recovery
• Cryptography
• Network and Communications Security
• Systems and Application Security

This updated Third Edition covers the SSCP exam objectives effective as of November 2021. Much of the new and more advanced knowledge expected of an SSCP is now covered in a new chapter "Cross-Domain Challenges." If you're an information security professional or student of cybersecurity looking to tackle one or more of the seven domains of the SSCP, this guide gets you prepared to pass the exam and enter the information security workforce with confidence.

Table of Contents

Part I Getting Started as an SSCP 1

Chapter 1 The Business Case for Decision Assurance

and Information Security

Chapter 2 Information Security Fundamentals

Part II Integrated Risk Management and Mitigation

Chapter 3 Integrated Information Risk Management

Chapter 4 Operationalizing Risk Mitigation

Part III The Technologies of Information Security

Chapter 5 Communications and Network Security

Chapter 6 Identity and Access Control

Chapter 7 Cryptography

Chapter 8 Hardware and Systems Security

Chapter 9 Applications, Data, and Cloud Security

Part IV People Power: What Makes or Breaks

Information Security

Chapter 10 Incident Response and Recovery

Chapter 11 Business Continuity via Information Security and People Power

Chapter 12 Cross-Domain Challenges

Appendix Answers to Review Questions

About the Author

Michael S. Wills, SSCP, CISSP, CAMS, is Assistant Professor of Applied Information Technologies in the College of Business at the Embry-Riddle Aeronautical University’s Worldwide Campus. He has many years of experience designing, building, and operating cutting-edge secure systems, and wrote (ISC)2’s official training courses for both the SSCP and CISSP. He is also the creator of ERAU’s Master of Science in Information Security and Assurance degree program.