Training & Certifications


Prove your ability to protect key areas of your organization's day-to-day operations as a System Security Certified Practitioner (SSCP). The (ISC)2 certification will demonstrate your technical knowledge and competency in using cryptography, implementing access control systems, performing network monitoring and detecting and resolving security threats. (ISC)2, as the global leader in information security certifications, draws from a comprehensive and cutting-edge body of knowledge to ensure you have the right skills to prevent data breaches and improve your organization's cyber security.


At the end of the program, the participants will be able to :

  1. Demonstrate technical knowledge and competency in using cryptography
  2. Implement access control systems
  3. Perform network monitoring
  4. Detect and resolve security threats
  5. Ensure data confidentiality, integrity, and availability

This course has proven to be very valuable to personnel in an organization that are fairly new to the field of information security or that do not have security as their primary job responsibility. Many of the attendees have been Information Systems Auditors, System and Network Administrators, Application Programmers and Project Managers.


This program is 5 days of intensive training class.


Participants are required to have minimum 1 (one) year of cumulative paid full-time work experience in two or more of the seven domains:

  • Access Controls
  • Security Operations and Administration
  • Risk Identification, Monitoring, and Analysis
  • Incident Response and Recovery
  • Cryptography
  • Networks and Communications Security
  • Systems and Application Security

At the end of the program, the participants will be assessed with 3 hours of SSCP® Exam.


SSCP® Certification will be awarded upon successfully passing the exam from (ISC)2.


  1. Preparation for the SSCP Exam
  2. Submitting Required Paperwork
  3. Resources and Study Aids
  4. Passing the Exam the First Time
  1. Change Control/Configuration Management
  2. Dual Control, Separation of Duties, Rotation of Duties
  3. Vulnerability Assessment and Pen-Testing
  1. AAA
  2. Authentication Methods (Types 1, 2, & 3)
  3. Authorization - DAC, RBAC, MAC
  4. Accounting - Logging, Monitoring, Auditing
  5. Central/Decentralized and Hybrid Management
  6. Single Sign-On - Kerberos, Radius, Diameter, TACACS
  7. Vulnerabilities - Emanations, Impersonation, Rouge Infrastructure, Social Engineering
  1. Intro/History
  2. Symmetric
  3. Asymmetric
  4. Hashing
  5. Cryptosystems - SSL, S/MIME, PGP
  6. PKI
  7. Cryptanalysis
  1. Layering, Data Hiding, and Abstraction
  2. Database Security
  3. AI
  4. OOD
  5. Mobil Code
  6. Malware Architecture Problems - Covert Channels + TOC/TOU, Object Reuse
  7. Network Vulnerabilities
  1. OSI/DoD TCP/IP Models
  2. TCP/UDP/ICMP/IP
  3. Ethernet
  4. Devices - Routers/Switches/Hubs
  5. Firewalls
  6. Wireless
  7. WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable
  8. Voice - PBX/Cell Phones/VOIP
  9. IPSec
  1. CIA
  2. Roles and Responsibilities - RACI
  3. Asset Management
  4. Taxonomy - Information Classification
  5. Risk Management
  6. Policies, Procedures, Standards, Guidelines, Baselines
  7. Knowledge Transfer - Awareness, Training, Education
  8. BIA Policy
  9. BIA Roles and Teams
  10. Data Backups, Vaulting, Journaling, Shadowing
  11. Alternate Sites
  12. Emergency Response
  13. Required notifications
  14. BIA Tests
  1. Ethics - Due Care/Due diligence
  2. Intellectual Property
  3. Incident Response
  4. Forensics
  5. Evidence
  6. Laws - HIPAA, GLB, SOX
  1. Final Review and Test Prep

Scroll to Top