The study plan I followed for SSCP
(ISC)2 offers entry level certification for IT Professionals to prove their commitment and competency in the ever growing security field in IT field through SSCP certification. This certification verifies the proficiency of the candidates in many field like cryptography, network communication, risk response, malicious code and network administration.
SSCP certification is mainly for the candidates who work in network security, security analysis, security administration and other security related professions. This certification is passed by clearing the SSCP examination. Candidates who are willing to attend this certification must have atleast one year experience in network security related field. Professionals who satisfy this criteria can register for this examination in www.pearsonvue.com/isc2. The examination fees for this exam is USD 250.
The examination contains 125 multiple choice questions. The duration of the exam is 3 hours and candidates are requested to score above the graded score of 700 out of 1000. This grading is done with special algorithm of (ISC)2 so that the difficult level for all exams are kept constant. The exam mainly deals with the following topics:
- Access Control: It includes the knowledge of local access control in terms of subject and objects, mechanism of authentication, concepts of access control, DAC, internetwork architecture management, management of identity, and basic concepts of security.
- Security Administration and operations: It includes the knowledge of code of ethics, duties of security administrator, security control validations, classification of data, duties of change management, implementation of changed plans, test patches, evaluation of security, data flow management, security awareness education, security testing, data management policies, and advanced concepts of security
- Monitoring and analysis: It includes the knowledge of monitoring systems, their effective maintenance, detecting intrusion and their prevention systems, event corrections, configure and install agents, and monitor deviations from normality.
- Risk, Response and Recovery: It includes the knowledge of process of risk management, auditing, security assessment deeds, vulnerability scanning, penetration testing, analysis of incident handling, implementation of countermeasures, forensic investigations, and disaster recovery and business continuity plans.
- Cryptography: It includes the knowledge of cryptographic systems, their installation and configuration, requirements of cryptography, key and certificate management, and secure protocols.
- Communications and network: It includes the knowledge of network security issues, network topographies, admission control, concepts of network security, telecommunications, remote access, installations of Firewall, Proxies and their methods, wireless technologies and protocols.
- Malicious Activity and Code: It includes the knowledge of malicious code, rootkits, malware types, trap and backdoors, botnets, mobile code concepts, countermeasures, scanning and managing anti-malware, identifying malicious activity, phishing, spoofing, implementing countermeasures for malicious activity and creating awareness.
For this exam, I followed the text book provided by (ISC)2 with the official training. The text book provided is 'Official. (ISC)2 Guide to the SSCP, 2nd. Edition'. It contained the detailed explanation of all the topics involved in the exam. Moreover it gave illustrations wherever necessary so that I didn't had to run for other resources.
I also attended the official training provided by (ISC)2 for this exam. This training was conducted for 5 days with each day having 8 hours of active participations. Well educated trainers from (ISC)2 conducted these coursework and hence they covered all the necessities for the exam. You can also opt for online training if you couldn't allocate time for classroom training. These online courses are delivered over a period of 8 weeks with each week having two 2.5 hour seminars. Plenty of other resources for each individual topics is provided by (ISC)2 but I didn't feel the need for them as I had the textbook with me. Managing time and creating a schedule can help you to get your certificate easily. Follow the text book carefully as it contains many key points which can be formulated as questions in the exam
Candidates who pass this certification are requested to recertify themselves once every three years. This recertification is to maintain themselves in the current technology. Also these certified candidates are requested to pay USD 65 each year for certification maintenance.
Eva Liphner, Infotest systems, Ltd.
Frequently Asked Questions
How can I get the products after purchase?
All products are available for download immediately from your Member's Area. Once you have made the payment, you will be transferred to Member's Area where you can login and download the products you have purchased to your computer.
How long can I use my product? Will it be valid forever?
Test-King products have a validity of 90 days from the date of purchase. This means that any updates to the products, including but not limited to new questions, or updates and changes by our editing team, will be automatically downloaded on to computer to make sure that you get latest exam prep materials during those 90 days.
Can I renew my product if when it's expired?
Yes, when the 90 days of your product validity are over, you have the option of renewing your expired products with a 30% discount. This can be done in your Member's Area.
Please note that you will not be able to use the product after it has expired if you don't renew it.
How often are the questions updated?
We always try to provide the latest pool of questions, Updates in the questions depend on the changes in actual pool of questions by different vendors. As soon as we know about the change in the exam question pool we try our best to update the products as fast as possible.
How many computers I can download Test-King software on?
You can download the Test-King products on the maximum number of 2 (two) computers or devices. If you need to use the software on more than two machines, you can purchase this option separately. Please email firstname.lastname@example.org if you need to use more than 5 (five) computers.
What is a PDF Version?
PDF Version is a pdf document of Questions & Answers product. The document file has standart .pdf format, which can be easily read by any pdf reader application like Adobe Acrobat Reader, Foxit Reader, OpenOffice, Google Docs and many others.
Can I purchase PDF Version without the Testing Engine?
PDF Version cannot be purchased separately. It is only available as an add-on to main Question & Answer Testing Engine product.
What operating systems are supported by your Testing Engine software?
Our testing engine is supported by Windows. Android and IOS software is currently under development.