Welcome to The Official (ISC)² Guide to the SSCP CBK! By picking up this book, you’ve made the decision to take the next step in your career and have demonstrated your commitment to continuing your professional education.

The recognition that comes with an (ISC)² Systems Security Certified Practitioner (SSCP) credential next to your name shows your understanding of and proficiency with the hands-on technical work that is needed in the information security field. It demonstrates that you closely follow best practices, policies and procedures in accordance with the SSCP Common Body of Knowledge. Whether you are using this guide to supplement your preparation to sit for the exam or you are an existing SSCP using this as a reference, this book helps to facilitate the practical knowledge you need to assure strong information security for your organization’s daily operations.

The recognized leader in the field of information security education and certification, (ISC)² promotes the development of information security professionals throughout the world. As a SSCP with all the benefits of (ISC)² membership, you will become part of a global network of more than 140,000 certified professionals who are working to inspire a safe and secure cyber world. By becoming a member of (ISC)² you will have also officially committed to ethical conduct commensurate to your position of trust as a cybersecurity professional.

Reflecting the most pertinent issues that security practitioners currently face, along with the best practices for mitigating those issues, The Official (ISC)² Guide to the SSCP CBK offers step-by-step guidance through the seven different domains included in the exam, which are:

• Access Controls
• Security Operations and Administration
• Risk Identification, Monitoring and Analysis
• Incident Response and Recovery
• Cryptography
• Networks and Communications Security
• Systems and Application Security

Drawing from a comprehensive, up-to-date global body of knowledge, this book prepares you to join thousands of practitioners worldwide who have obtained the SSCP. For those with proven technical skills and practical security knowledge, the SSCP certification is the ideal credential. The SSCP confirms the breadth and depth of practical security knowledge expected of those in hands-on operational IT roles. The certification provides industry-leading confirmation of a practitioner’s ability to implement, monitor and administer information security policies and procedures that ensure data confidentiality, integrity and availability (CIA).

The goal for SSCP credential holders is to achieve the highest standard for cybersecurity expertise – managing multi-platform IT systems while keeping sensitive data secure. This becomes especially crucial in the era of digital transformation, where cybersecurity permeates virtually every value stream imaginable. Organizations that can demonstrate world-class cybersecurity capabilities and trusted transaction methods enable customer loyalty and fuel success.

The opportunity has never been greater for dedicated men and women to carve out a meaningful career and make a difference in their organizations. The Official (ISC)² Guide to the SSCP CBK will be your constant companion in protecting and securing the critical data assets of your organization that will serve you for years to come.

Thank you for reading and good luck in this next step along your career path.

Regards,

David P. Shearer, CISSP

CEO, (ISC)²