What Is the SSCP Certification? 2021 Guide

Written by Coursera • Updated on Oct 12, 2021

Learn more about this credential for early to mid-career security professionals.

A woman in a coral colored shirt sits on a beige sofa studying for the SSCP cybersecurity certification on her laptop.

The SSCP, or Systems Security Certified Practitioner, is a certification for cybersecurity practitioners tasked with monitoring information systems and reacting to security incidents. Becoming an SSCP could demonstrate to potential employers that you have the technical skills needed to advance in your cybersecurity career.

Is the SSCP right for me?

If you’d like to work hands-on with an organization’s security, becoming a SSCP could be a good step toward achieving your goal. You may find it particularly suitable if you’ve already gained a year or two of work experience in cybersecurity, or if you’ve recently graduated from a cybersecurity or computer science degree program.  

Jobs that hire for SSCP

The SSCP is designed for security professionals that work with operational security. Here are just a few of the job titles on LinkedIn that request or require SSCP certification:

  • Network analyst: $66,837

  • Systems administrator: $76,356

  • Security analyst: $78,533

  • Threat intelligence analyst: $90,585

  • Systems engineer: $92,340

  • DevOps engineer: $105,004

  • Security engineer: $111,656

Salary data represents average US salary according to Glassdoor (September 2021)

Benefits of getting SSCP-certified

Becoming a SSCP comes with several potential benefits for the right candidate, including the possibility of a high-paying, in-demand position. By achieving SSCP status, you could also:

  • Learn new skills that you can use on the job

  • Validate your skills and commitment to cybersecurity to recruiters and hiring managers

  • Enhance your resume to make you more marketable

  • Fulfill requirements for security clearance

  • Gain access to a community of fellow cybersecurity professionals

Security clearance

The SSCP is one of seven certifications approved by the US Department of Defense as an information assurance (IA) baseline certification. Earning this certification meets the minimum certification requirement for IAT Level II and CSSP Infrastructure Support jobs [1].

Placeholder

What to expect from the SSCP exam

Becoming a SSCP requires passing a certification exam designed to test your knowledge in seven different security topics. Here’s a quick look at the SSCP exam details.

CertificationSSCP
Cost$249
Number of questions125
Type of questionsMultiple choice
Time to complete180 minutes
Passing score700 out of 1000 points
Prerequisites1 year cumulative work experience
Testing locationsPearson VUE Testing Centers

4-step certification process

Taking and passing the SSCP exam is an accomplishment you should feel proud of, but it’s only the first step in the certification process. Let’s take a look at the four steps you’ll need to take in order to get fully certified.

1. Pass the certification exam: At the time of writing, you’ll need to score 700 of an available 1,000 points to pass the exam. You can take the exam up to four times in a 12-month period, though you’ll have to wait 30, 60, and 90 days between respective attempts.

2. Complete the endorsement process: Getting endorsed requires submitting an online application endorsed and digitally signed by another (ISC)²-certified professional, like a coworker or manager. If you don’t know anyone personally, (ISC)² can act as an endorser. You have nine months from your exam date to complete this step. 

3. Agree to the Code of Ethics: Before becoming a certified SSCP, you’ll need to commit to four canons of ethical practice. These are:

  • Protect society, the common good, necessary public trust and confidence, and the infrastructure

  • Act honorably, honestly, justly, responsibly, and legally

  • Provide diligent and competent service to principals

  • Advance and protect the profession

4. Pay the annual maintenance fee: You’ll need to pay a $125-fee upon certification and each year on the anniversary of your certification. If you earn additional certifications from (ISC)², you only need to pay the fee once per year.

Requirements

To qualify to take the SSCP exam, you need at least a year of paid work experience in one more of the exam domains. This could include full or part-time work, as well as paid or unpaid internships. 

Earning a bachelor’s or master’s degree in cybersecurity, computer science, computer engineering, computer systems engineering, management information systems, or information technology (IT) also satisfies the work experience requirement.  

Earn your computer science degree

Considering a computer science degree? Check out these programs from top universities that allow you to learn from anywhere with an internet connection, at your own pace. 

Placeholder

What does the exam cover?

The SSCP exam covers seven different topic areas, called domains, in cybersecurity. Each domain accounts for 10 to 16 percent of the exam score. The domains are as follows:

  1. Access controls

  2. Security operations and administration

  3. Risk identification, monitoring, and analysis

  4. Incident response and recovery

  5. Cryptography

  6. Network and communications security

  7. Systems and application security

New exam outline in November 2021

The SSCP will transition to a new exam outline on November 1, 2021. While the seven domains will remain the same, the domain weights will change to reflect the most important issues in cybersecurity. Incident response and recovery and security operations and administration will be weighted more heavily, while access controls and cryptography will have their weights reduced.

Placeholder

How to prepare for the SSCP exam

The best way to set yourself up for success on the SSCP exam will depend on previous experience, current knowledge, and learning style. Here are some resources that you may find helpful as you prepare.

Exam prep courses

Several companies offer training courses specifically for the SSCP exam. While it’s possible to study independently, you may find the structure of a course helpful in ensuring you cover the required content from the exam. Before you enroll in a course, make sure it’s covering the latest version of the exam outline. 

Prepare for the exam at your own pace with the (ISC)² Systems Security Certified Practitioner (SSCP) Specialization, offered by (ISC)² on Coursera. You get 120-day access to courses covering the latest exam domains, and save when you bundle them together.

Placeholder

(ISC)² Systems Security Certified Practitioner (SSCP)

(ISC)²

SPECIALIZATION

Practice tests

Taking a practice exam can help prepare you for what to expect on exam day, as well as highlight any areas where you may need additional study. (ISC)² has a book of some 700 practice questions with explanations for purchase, but you can also find a variety of practice exams online.

Exam tips

Here are some additional tips for preparing for and taking the exam:

  • Give yourself adequate time to prepare. Depending on what you already know, this might mean a few weeks or a few months. 

  • Make flashcards to learn acronyms and port numbers.

  • Read each exam question more than once. You’ll have a minute and a half to answer each question within the allotted time.

  • Use the “Flag for review” option to flag questions you’re unsure of. You can return to them later.

  • Answer all the questions. There’s no penalty for incorrect answers.

Other certifications to consider

SSCP vs. Security+

Both the SSCP from (ISC)² and the Security+ from CompTIA are common certification options for those just starting out or early in their cybersecurity career. Depending on your goals and experience, one may be a better fit than the other.

Generally speaking, if you’re working toward your first job in cybersecurity and you either don’t have a degree or have a degree in an unrelated subject, then the Security+ might be a better option. If you already have some experience or a cybersecurity or computer science degree, you might consider the slightly more advanced SSCP.  

SSCP vs. CISSP

If you’ve already gained some experience working in cybersecurity, you might be deciding between the SSCP and the Certified Information Systems Security Professional (CISSP), both from (ISC)². 

In this case, which certification you choose to pursue could likely come down to your amount of experience. If you’ve already been working in cybersecurity for five or more years, it might be worthwhile going for the CISSP, ranked among the most popular and respected credentials. Otherwise, earning SSCP status could open up opportunities to build the experience needed to earn the CISSP in the future.

Security+SSCPCISSP
ProviderCompTIA(ISC)²(ISC)²
Cost$370$249 (US)$749 (US)
Number of questions90125100 to 150
Types of questionsMultiple choice and performance basedMultiple choiceMultiple choice and advanced innovative
Test length90 minutes180 minutes180 minutes
Required years of experienceNone1 year5 years
Best forEntry levelEarly careerAdvanced

Next steps

Start preparing for the SSCP exam with the (ISC)² Systems Security Certified Practitioner (SSCP) Specialization on Coursera. Curious to learn more about cybersecurity? Enroll in the IBM Cybersecurity Analyst Professional Certificate to start learning job-ready skills—no prior experience required.

Placeholder

(ISC)² Systems Security Certified Practitioner (SSCP)

(ISC)²

SPECIALIZATION
Placeholder

IBM Cybersecurity Analyst

IBM

PROFESSIONAL CERTIFICATE

Frequently asked questions (FAQ)

Article sources

1. DoD Cyber Exchange Public. "DoD Approved 8570 Baseline Certifications, https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/." Accessed September 9, 2021.

Written by Coursera • Updated on Oct 12, 2021

This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.

Learn without limits