Systems Security Certified Practitioner (SSCP)

Posted by in (ISC)2, Security+, SSCP | 13 comments

The Systems Security Certified Practitioner (SSCP) is a logical next step for many people that have cm the CompTIA Security+ and is often used by people as a stepping stone to the much more difficult CISSP certification. The SSCP certification is more technical than the CISSP, which has a much broader focus. Objectives for the SSCP are contained in the Candidate Information Bulletin (CIB) which you can get from this page.


This post is about the objectives that went live in 2012. New objectives will go live April 15th.


When will the new SSCP All-In-One be study guide be available?

This is controlled by the publisher and it is tentatively scheduled for a release data of November 1, 2015.

Here are some details on the certification:

SSCP Seven Domains

The SSCP has objectives listed in the following seven domains:

  • Access Controls
  • Cryptography
  • Malicious Code and Activity
  • Monitoring and Analysis
  • Networks and Communications
  • Risk, Response and Recovery
  • Security Operations and Administration

Candidates must have at least one year of direct full-time security work experience in one or more of these seven domains. After passing the exam, you’ll be required to submit a resume documenting this experience. Additionally, your application must be endorsed by someone that holds a certification with (ISC)2 and can attest to the accuracy of your resume. If you don’t know someone with a certification, you can still turn in your application, but it will take longer to complete the endorsement process.

If you don’t have the required experience, you can still take the exam and earn the Associate of (ISC)2 designation for the SSCP. You’ll then have two years to get the required experience and change this over to a fully certified SSCP.

Released ahead of schedule and now available:
SSCP Systems Security Certified Practitioner All-in-One Exam Guide

About the SSCP Exam

The exam includes 125 multiple choice questions with each question having four choices. Only 100 questions are graded and the additional 25 questions are used for research purposes but you won’t know questions are graded and which questions are research questions. In other words, answer them all as if they are graded questions. The questions are weighted with some questions more difficult than others. A passing score of 700 out of a possible 1000 points is required to pass.

SSCP Update

The SSCP exam is now available as a computer based test in many areas. It is a proctored exam but because it is computer based, you don’t have to take it in a huge room with dozens or hundreds of others.

It is a paper-based exam. You’ll be given a test booklet and a bubble sheet to fill in your answers. For each question, you use the old-fashioned number 2 pencil to fill in the correct bubble. When you’re done, you turn in your answer sheet. You’ll get the results via email within 4 to 6 weeks after taking the exam.

Expect to take it in a large ballroom in a hotel or some similar setting with other people taking exams such as the CISSP, or CSSLP exams. Several proctors will be walking around the room during the exam.

You’ll have three hours to take the exam and this is strictly timed. If you need to take a break, you can usually walk to the back of the room and have a drink or snack if you brought it with you. Signout sheets are commonly used for people that need to use the restroom. However, all of this time still counts towards your three hours. Other exams are longer. For example, other people in the room will probably be taking the CISSP exam which is six hours long.

Registering for the SSCP Exam

The exam costs $300 if you’re taking it in the United States. If you register and pay for the exam at least 16 days earlier, you get a break and it only costs $250. You can view the full price list here which includes prices for all the exams and the cost in other countries and currencies.

When you’re ready to register for the exam, you can start the process here. During this process, you’ll be required to commit to abiding to the Code of Ethics. This is also included in the objectives for the exam so you should look this over before starting the registration process.

Good luck!



  1. Hi Darrill,

    Thanks for your SSCP book. I bought and found it really easy to read. (not common in IT). In order to maximise my chances, would you recommand any sscp practise exam closed to the real exam?

    Thank in advance for your answer.

    • It depends on your understanding of the topics. You’ll find that the SSCP questions change frequently, but if you want to get some to test your readiness, then by all means do so. I haven’t looked at any recently so I’m reluctant to recommend any specific vendor. You might like to browse this forum for ideas.

  2. Darril

    Thank you for the assistance. I misspoke when I said I used only your book but it was the one that helped me understand better Security + and was actually combined with a training and other training resources. Any I have 12 years combined experience as help-desk, System admin, IT manger and IT project manager working in a very tight IT security environment.
    My last question: I just noticed I bought the February 2012 edition. Is there a big difference with the 2013 edition? Could you tell me what makes the difference?

    Thank you

  3. Darril

    I am studying to take SSCP and already bought your book. Do you think I need to add another study guide? I have already taken and failed CISSP with a score of 600. I am still preparing for CISSP but I recently read in online forum that SSCP is a stepping to for CISSP. I took a two-week CISSP class, used ISC2 4th edition, Shon Harris All-in One 6th edition, and CCCure practice tests.

    Note: I passed my Network + years ago using only your Network+ book.

    Thank you in advance for the feedback

    • > Do you think I need to add another study guide?

      In general, a single certification book is rarely enough for most individuals to master topics for a certification exam.

      SSCP is a good stepping stone to CISSP. People often do the Security+ first building a solid IT security foundation, expand it with SSCP, and then go to the CISSP. I’ve heard from many people telling me they were successful with this route.

      I don’t know what your security knowledge is, so it’s difficult for me to give you a better answer.

      However, if you had recently taken and passed the Security+ exam, I would say this:

      In general, a single certification book is rarely enough for most individuals to master topics for a certification exam. However, I’ve heard from many people telling me that they took the SSCP shortly after passing the Security+ exam. They said they used primarily the SSCP All-in-one book (first edition) and passed.

      Hope this helps.

  4. Dear Darril

    Hoping this finds you well. I would like you to clear my confusion with regard to the most suitable SSCP Study Guide, I purchased Official (ISC)2 Guide to the SSCP CBK, 2nd addition, but later downloaded the Examination SSCP-CIB Guide from the (ISC)2 website, I found out that some of the objectives or area of knowledge outlined on the SSCP-CIB Guide are not covered on the Official (ISC)2 Guide to the SSCP CBK Book. I ran into this forum because i have been seeking clarity on which book covers the SSCP Examination. Some say the All in One is the right Book some suggest SSCP Systems Security Certified Practitioner Study Guide. I am really lost, please clarify. Thanks -Mandla

    • Hi Mandla,

      It’s rare that you can find a single book that will cover everything you need for a certification. That said, many people have purchased the SSCP Systems Security Certified Practitioner All-in-One Exam Guide and used it as a primary source and others have used in combination with the Official (ISC)2 Guide.

      Both books are designed to cover the SSCP.

      Hope that helps.

  5. Dear sir

    Let me introduce myself that i am Ye Myo Thu, Myanmar. Firstly, let me say you thanks you for your book CompTIA Security+ and it is very useful for me to pass the exam. It is very easy to read and understand. Now i am planning to take SSCP and i would like to get some advice from you.

    Your sincerely

  6. Darril,
    I was very happy with your Security+ book and how it was setup for kindles and iphones.
    Now I want to buy your SSCP book for kindle but I see there is CD it comes with…Is there a possibility download stuff that is on CD somewhere or may be you created an app insted?

    Thank you very much!

    • Thanks for the kind words on the Security+ book. The SSCP book is published by McGraw-Hill and I queried them about this before. I had to hunt for the answer but here’s the answer:

      Yes, we do have solutions in place for customer who buy the Kindle.

      Please convey to the customer that there is an About the Download appendix at the back of the e-book (Kindle, Nook, etc) that provides instructions on how to download the files from a M-H download site.

      Good luck.

      • Darril, you are just so much help! I wish I can thank you personally!
        Only good wishes to you and your family

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.