What Does MVP Stand For? It’s Not What You Think.
October 7, 2024
Article
Advance Your IT Career with Cybersecurity Skills. Gain Flexibility with Self-Paced Learning.
Instructor: ISC2 Education & Training
22,067 already enrolled
(964 reviews)
(964 reviews)
Implement, monitor and administer an organization’s IT infrastructure
Add to your LinkedIn profile
December 2024
Improve your resume and LinkedIn with personalized feedback
Practice your skills with interactive tools and mock interviews
Plan your career move with Coursera's job search guide
Add this credential to your LinkedIn profile, resume, or CV
Share it on social media and in your performance review
Pursue better IT security job opportunities and prove knowledge with confidence. The SSCP Professional Training Certificate shows employers you have the IT security foundation to defend against cyber attacks – and puts you on a clear path to earning SSCP certification.
Upon completing the SSCP Professional Certificate, you will:
Complete seven courses of preparing you to sit for the Systems Security Certified Practitioner (SSCP) certification exam as outlined below.
Course 1 - Security Concepts and Practices
Course 2 - Access Controls
Course 3 - Risk Identification, Monitoring, and Analysis
Course 4 - Incident Response and Recovery
Course 5 - Cryptography
Course 6 - Network and Communications Security
Course 7 - Systems and Application Security
Receive a certificate of program completion.
Understand how to implement, monitor and administer an organization’s IT infrastructure in accordance with security policies and procedures that ensure data confidentiality, integrity and availability.
Applied Learning Project
Each course includes a final assessment and knowledge checks that will require students to put into practice the knowledge they have gained throughout each course. Successful completion of assessments will require the basic understanding of the topics covered and the ability to relate those topics to the real world.
Course 1 - Security Concepts and Practices
This is the first course under the specialization SSCP. In this course, we will focus on the core aspects of security concepts and practice, starting with the importance of codes of ethics. We will then cover the basic principles of information security and move on to describe security controls, their implementation, maintenance, and assessment. We will also address the identification of corporate assets and the change management life cycle. We will then explain the importance of awareness and training and conclude with an exploration of physical security operations. Course 1 Learning Objectives After completing this course, the participant will be able to: - Recall the ISC2 Code of Ethics. - Explain the importance of an organizational code of ethics in the cybersecurity profession. - Compare the security concepts of confidentiality, integrity, and availability. - Apply accountability in the implementation of certain data protection controls. - Explain the concept of non-repudiation. - Discuss the concept of least privilege. - Indicate the importance of segregation of duties. - Differentiate technical, physical, and administrative security controls. - Relate security controls to considerations of assessing compliance requirements and organizational needs. - Indicate the importance of periodic audit and review of security controls. - Categorize various control types or technologies based on their different roles as part of an overall security structure and posture. - Summarize the security of assets all through the stages of their life cycle. - Examine operational requirements of change management. - Categorize security education and awareness strategies. - Define measurements for gauging the effectiveness of a security education and awareness program. - Indicate strategies that security professionals can use to collaborate with physical security operations. Who Should Take This Course: Beginners Experience Required: No prior experience required
Course 2 - Access Controls
This is the second course under the specialization SSCP. In this course, we will examine the business of controlling how our systems, services, resources and data can be Safely accessed only by those authorized to do so. We will discuss authentication methods, trust, the identity management life cycle and access control models. Course 2 Learning Objectives After completing this course, the participant will be able to: - Categorize identity and access management implementation authentication methods. - Discuss the importance of trust from a security standpoint. - Compare levels of trust among various relationships and internetwork architectures. - Explain the implications of trust among third-party connections. - Differentiate among the activities of the identity management life cycle. - Categorize various access control models. - Define the elements, methods, and processes used when administering access control models. Who Should Take This Course: Beginners Experience Required: No prior experience required
Course 3 - Risk Identification, Monitoring and Analysis
This is the third course under the specialization SSCP In this course, we will explore how to manage the risks related to information systems. It is time to bring these ideas together in a context of continuous maturity modeling, measuring, and monitoring, which we will see is focused on the here and now. Risk alignment works best at the strategic, long-term level of planning; risk maturation, by contrast, can be most effective when considered in the day-to-day of business operations. This is sometimes called operationalizing the approach to risk management and maturation. Course 3 Learning Objectives After completing this course, the participant will be able to: - Identify common risks and vulnerabilities. - Describe risk management concepts. - Recognize risk management frameworks. - Provide examples of appropriate risk tolerance. - Provide examples of appropriate risk treatment. - Identify risks of noncompliance with laws and regulations. - Identify appropriate methods for risk management frameworks implementation. - Indicate the range and scope of risk review. - Identify the components of risk review. - Describe vulnerability assessment activities used to examine all aspects of network and system security. - Review the steps for monitoring, incident detection, and data loss prevention. - Classify the use of tools that collect information about the IT environment to better examine the organization’s security posture. - Identify events of interest to focus on those that may be part of an attack or intrusion. - Select methods for managing log files. - Describe tools and methods for analyzing the results of monitoring efforts. - Identify communication requirements when documenting and reporting the results of monitoring security platforms. Who Should Take This Course: Beginners Experience Required: No prior experience required
Course 4 - Incident Response and Recovery
This is the fourth course under the specialization SSCP In this course, we will focus on incident response and recovery. We will explore the incident life cycle as defined by NIST and continue with a deeper look at supporting forensic investigations. We will also extend these ideas and concepts around the theme of business continuity and disaster recovery. Course 4 Learning Objectives After completing this course, the participant will be able to: - Identify the elements of an incident response policy and members of the incident response team (IRT). - Evaluate the security professional’s role in supporting forensic investigations. - Explain how the security professional supports activities of business continuity and disaster recovery planning. Who Should Take This Course: Beginners Experience Required: No prior experience required
Course 5 - Cryptography
This is the fifth course under the specialization SSCP. In this course, we will explore the field of cryptography, including public-key infrastructures (PKIs), certificates, and digital signing. Here we enter the realm of confidentiality, integrity, and availability, since we use cryptography to protect data from unauthorized disclosure and improper modification and use encryption to regulate the ability of users to log in to systems and applications. Course 5 Learning Objectives After completing this course, the participant will be able to: - Recognize the impacts of cryptography on confidentiality, integrity, and authenticity. - Determine the requirements for cryptography when handling sensitive data. - Identify regulatory and industry best practices in cryptography. - Define cryptography entropy. - Differentiate common cryptographic techniques used to enhance the security of sensitive data including hashing, salting, symmetric/asymmetric encryption, and elliptic curve cryptography. - Identify the features and requirements of nonrepudiation. - Compare the strength of different encryption algorithms and keys. - Describe the process of identifying and addressing cryptographic attacks. - Define the features of and the implementation process of secure services and protocols. - Discuss common use cases for secure services and protocols. - Explain limitations and vulnerabilities in the implementation of secure protocols. - Summarize fundamental key management concepts. - Describe the features of the Web of Trust (WoT) in relation to cryptographic protocols. Who Should Take This Course: Beginners Experience Required: No prior experience required
Course 6 - Network and Communications Security
This is the sixth course under the specialization SSCP. This course includes an orientation to the network neighborhood via the OSI 7-Layer and TCP/IP models in the context of internetworking and communications. It also probes each of the seven layers of this combined protocol stack, introducing the key technologies at each layer and their normal uses. There is also information on various protocols that run on top of this architecture, as well as attack and defensive strategies and tactics. Additionally, discussed in this course is how to manage network security and secure wireless communications. Course 6 Learning Objectives After completing this course, the participant will be able to: - Recognize layers of the OSI model, their functions and attacks present at each layer, and identify commonly used ports and protocols. - Select appropriate security controls for various network attacks. - Describe the tools used for network access control. - Summarize best practices for establishing a secure networked environment. - Understand how to configure and operate security devices such as firewalls and proxies. - Summarize the types of telecommunications and network access controls. Who Should Take This Course: Beginners Experience Required: No prior experience required
Course 7 - Systems and Application Security
This is the seventh course under the specialization SSCP. This course discusses two major changes in recent years to how we use our data: going mobile and using the cloud. First, we use our data on the go by means of data services provided to our mobile phones, Wi-Fi, and other devices. Second, so many of the enhanced functions we take for granted in our daily personal and professional lives are made possible by cloud services, where our data is stored or processed. Course 7 Learning Objectives After completing this course, the participant will be able to: - Classify different types of malware. - Determine how to implement malware countermeasures. - Identify various types of malicious activities. - Develop strategies for mitigating malicious activities. - Describe various social engineering methods used by attackers. - Explain the role of behavior analytics technologies in detecting and mitigating threats. - Explain the role and functionality of host-based intrusion prevention system (HIPS), host-based intrusion detection system (HIDS), and host-based firewalls. - Evaluate the benefits of application whitelisting in endpoint device security. - Explain the concept of endpoint encryption and its role in endpoint security. - Describe the role and functionality of Trusted Platform Module (TPM) technology in providing hardware-based security features. - Identify the steps in implementing secure browsing practices using digital certificates and secure communication protocols. - Explain the concept of endpoint detection and response (EDR) and its role in providing real-time monitoring, detection, investigation, and response capabilities to identify and mitigate advanced threats and security incidents on endpoint devices. - Identify provisioning techniques for mobile devices. - Explain the concept of containerization and how it contributes to effective mobile device management. - Explain how encryption contributes to effective mobile device management. - Describe the process of Mobile Application Management (MAM) to effectively manage the life cycle of mobile applications. - Distinguish among public, private, hybrid, and community deployment models in cloud security. - Distinguish among various service models and their impact on cloud security practices. - Describe virtualization technologies and their role in maintaining cloud security. - Identify legal and regulatory concerns related to cloud security. - Determine strategies to implement data storage, processing, and transmission while maintaining cloud security. - Explain the requirements and considerations associated with third-party services and outsourcing in cloud storage. - Explain the concept of the shared responsibility model in cloud storage. - Identify steps to manage and secure hypervisor environments. - Explain how to deploy, configure, and maintain virtual appliances within virtualized environments. - Determine the process for managing containerized environments. - Describe the best practices of storage management in virtualized environments. - Develop strategies for ensuring business continuity and resilience in virtualized environments. - Analyze potential threats and attacks targeting virtual environments. Who Should Take This Course: Beginners Experience Required: No prior experience required
ISC2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, ISC2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. www.isc2.org
Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription
Earn a degree from world-class universities - 100% online
Upskill your employees to excel in the digital economy
You'll walk away with a more thorough understanding of information security concepts and industry best practices for systems security. You'll also gain confidence to sit for and pass the SSCP certification exam.
The certificate contains 40 hours of study materials over 6 courses. You have access to course content for 120 days from the time you register.
This certificate is designed for people with strong technical skills and practical security knowledge. No specific background is required.
No. Each course covers specific content that does not rely on information from the other courses.
No. The certificate program is intended to prepare students to sit for the SSCP certification exam.
In order to hold the SSCP certification cadidates must pass the SSCP certification exam and meet work experience requirements as outlined below:
Candidates must have a minimum of 1 year cumulative work experience in 1 or more of the 7 domains of the SSCP CBK. A 1 year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.
Candidates that do not have the required experience can take and pass the SSCP exam to earn an Associate of (ISC)² designation, and will have up to two years to earn the required work experience for the SSCP.
The certificate for this course prepares you to confidently sit for the (ISC)2 SSCP certification exam. To become SSCP-certified, candidates must pass the SSCP exam and meet outlined work experience requirements.
Candidates must have at least 1 year of cumulative work experience in 1 or more of the 7 domains of the (ISC)2 SSCP Common Body of Knowledge (CBK). A 1-year prerequisite pathway will be granted for candidates who received a degree (bachelor's or master's) in a cybersecurity program.
Candidates without the required experience can take and pass the SSCP exam to earn an Associate of (ISC)2 designation, and will have up to 2 years to gain the work experience needed for the SSCP.
The American Council on Education's College Credit Recommendation Service (ACE CREDIT®) has evaluated and recommended 3 college credit hours for completing a Training Seminar for the SSCP.
ACE CREDIT connects workplace learning with colleges and universities by helping adults gain access to academic credit at colleges and universities for formal courses and examinations taken in the workplace or other settings outside traditional higher education.
For more information, visit the ACE CREDIT website at:
http://www.acenet.edu/news-room/Pages/College-Credit-Recommendation-Service-CREDIT.aspx
This course is completely online, so there’s no need to show up to a classroom in person. You can access your lectures, readings and assignments anytime and anywhere via the web or your mobile device.
If you subscribed, you get a 7-day free trial during which you can cancel at no penalty. After that, we don’t give refunds, but you can cancel your subscription at any time. See our full refund policy.
Yes! To get started, click the course card that interests you and enroll. You can enroll and complete the course to earn a shareable certificate, or you can audit it to view the course materials for free. When you subscribe to a course that is part of a Certificate, you’re automatically subscribed to the full Certificate. Visit your learner dashboard to track your progress.
¹Based on Coursera learner outcome survey responses, United States, 2021.
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.