(ISC)² Systems Security Certified Practitioner (SSCP) Certificate Online

Move closer to a career in cybersecurity with (ISC)² courses that teach you IT security fundamentals and best practices that ensure data integrity, availability and protection.

Franklin University has partnered with Coursera Campus to provide cutting-edge certificates to learners seeking to advance. Courses are open to all learners. No application required.

What You Will Learn

  • Gain an understanding of access controls and how they're used to protect systems and data
  • Learn basic security concepts and how to apply them to ensure data integrity, availability and confidentiality
  • Become familiar with how to identify, monitor, and analyze risk, and learn processes related to incident response and post-disaster recovery
  • Understand and apply the practice of cryptography to support secure protocols

About the (ISC)² Systems Security Certification Practitioner Professional Certificate

The (ISC)² Systems Security Certification Practitioner Professional Certificate is designed for those wanting to take on a new challenge in the world of information security. This specialization is ideal for anyone looking to build a solid foundation in cybersecurity or take a step forward toward earning the SSCP certification.

With these six courses, you’ll prepare for a variety of cybersecurity-related roles, ranging from network security engineer to security analyst to systems engineer. Through your studies you’ll gain an understanding of network-related security issues, learn how to identify malicious activity, and prepare to support and safeguard IT infrastructure using security best practices.

Throughout these courses, you’ll learn key systems security concepts, such as authentication mechanisms, compliance controls and securing virtual environments. You’ll also apply what you learn during digital lab assignments and hands-on projects to further demonstrate your skills and knowledge to prospective employers. When you complete this Professional Certificate, you’ll be one step closer toward preparing to sit for SSCP certification. 

This Professional Certificate program is ideal for anyone with a passion for threat hunting and cyber incident management and response. You can expect this course to deepen your ability to think critically and solve complex problems in the realm of information security.

Required (ISC)² Systems Security Certified Practitioner (SSCP) Certificate Courses

Access Controls

BEGINNER | Information Technology | Self-paced | 15 hours

Welcome to Access Controls! The Access Controls Course provides information pertaining to specify what users are permitted to do, the resources they are allowed to access, and what operations they are able to perform on a system. Access Controls help managers limit and monitor systems use at a user level or group membership. You will understand the different access control systems and how they should be implemented to protect the system and data using the different levels of confidentiality, integrity, and availability. The Access Controls course provides information pertaining to specifying what users are permitted to do, the resources they are allowed to access, and what operations they are able to perform on a system. Access Controls help managers limit and monitor systems use at a user level, and is usually predefined based on authority level or group membership. You will understand the different access control systems and how they should be implemented to protect the system and data using the different levels of confidentiality, integrity, and availability. Objectives 1. Describe how to implement Authentication mechanisms 2. Identify and operate internetwork trust architectures 3. Describe the process of administering identity management life cycle 4. Implement the different types of access controls (Subject/Object based)
Security Operations and Administration

BEGINNER | Information Technology | Self-paced | 16 hours

Security operations and administration is the task of identifying an organization's information assets and the documentation needed for policy implementation, standards, procedures, and guidelines to ensure confidentiality, integrity, and availability. You will understand the process necessary for working with management and information owners, custodians, and users so that proper data classifications are defined. This will ensure the proper handling of all hard copy and electronic information. The Security operations and Administration course addresses basic security concepts and the application of those concepts in the day to day operation and administration of enterprise computer systems and the information that they host.Ethical considerations in general, and the (ISC)2 Code of Ethics in particular, provide the backdrop for any discussion of information security and SSCP candidates will be tested on both. Information security professionals often find themselves in positions of trust and must be beyond reproach in every way.Several core principles of information security stand above all others and this domain covers these principles in some depth. It can be said that the CIA triad of confidentiality, integrity and availability forms the basis for almost everything that we do in information security and the SSCP candidate must not only fully understand these principles but be able to apply them in all situations. additional security concepts covered in this domain include privacy, least privilege, non-repudiation and the separation of duties. Course Objectives 1. Define Code of Ethics 2. Describe the security concepts 3. Document and operate security controls 4. Describe the asset management process 5. Implement compliance controls 6. Assess compliance controls 7. Describe the change management process 8. Contribute to the security awareness training program 9. Contribute to physical security operations
Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery

BEGINNER | Information Technology | Self-paced | 23 hours

Risk Identification, Monitoring, and Analysis: In the Risk Identification, Monitoring, and Analysis session, you will learn how to identify, measure, and control losses associated with adverse events. You will review, analyze, select, and evaluate safeguards for mitigating risk.You will learn processes for collecting information, providing methods of identifying security events, assigning priority levels, taking the appropriate actions, and reporting the findings to the correct individuals. After collection of the details from monitoring, we can analyze to determine if the system is being operated in accordance with accepted industry practices, and in compliance with organization policies and procedures. Incident Response and Recovery: In the Incident Response and Recovery Session, you will gain an understanding of how to handle incidents using consistent, applied approaches in order to resolve. Once an incident is identified, action will be necessary in order to resolve. We will examine processes such as damage recovery, data integrity and preservation, and the collection, handling, reporting, and prevention. You will be introduced to the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) concepts and how they can be utilized in order to mitigate damages, recover business operations, and avoid critical business interruption. Through the use of the DRP, you will understand the procedures for emergency response and post-disaster recovery. Course Objectives 1. Describe the risk management process 2. Perform security assessment activities 3. Describe processes for operating and maintaining monitoring systems 4. Identify events of interest 5. Describe the various source systems 6. Interpret reporting findings from monitoring results 7. Describe the incident handling process 8. Contribute to the incident handling process based upon role within the organization 9. Describe the supporting role in forensics investigation processes 10. Describe the supporting role in the business continuity planning process 11. Describe the supporting role in the disaster recovery planning process
Cryptography

BEGINNER | Information Technology | Self-paced | 7 hours

Welcome to Cryptography! Cryptography is the practice and study of techniques for securing communications in the presence of third parties. You will learn how to protect information in order to ensure its integrity, confidentiality, authenticity, and non-repudiation. You will come out with a basic understanding of cryptographic concepts and how to apply them, implement secure protocols, key management concepts, key administration and validation, and Public Key Infrastructure. Course Objectives 1. Apply the fundamental concepts of cryptography 2. Describe the difference between symmetric and asymmetric cryptography 3. Define the basic requirements for cryptography 4. Identify processes to support secure protocols 5. Describe the process for implementing cryptographic systems 6. Define key management concepts 7. Define Public Key Infrastructure 8. Identify processes for key administration and validation 9. Describe the implementation of secure protocols
Networks and Communications Security

BEGINNER | Information Technology | Self-paced | 9 hours

Welcome to Networks and Communications Security Course! In the Networks and Communications Security Course, you will learn about the network structure, data transmission methods, transport formats, and the security measures used to maintain integrity, availability, authentication, and confidentiality of the information being transmitted. Concepts for both public and private communication networks will be discussed. Course Objectives 1. Describe network-related security issues 2. Identify protective measures for telecommunication technologies 3. Define processes for controlling network access 4. Identify processes for managing LAN-based security 5. Describe procedures for operating and configuring networked-based security devices 6. Define procedures to implement and operate wireless technologies
Systems and Application Security

BEGINNER | Information Technology | Self-paced | 17 hours

Welcome to Systems and Application Security Course! In the Systems and Application Security Course, you will gain an understanding of computer code that can be described as harmful or malicious. Both technical and non-technical attacks will be discussed. You will learn how an organization can protect itself from these attacks. You will learn concepts in endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments. Objectives 1. Identify malicious code activity 2. Describe malicious code and the various countermeasures 3. Describe the processes for operating endpoint device security 4. Define mobile device management processes 5. Describe the process for configuring cloud security 6. Explain the process for securing big data systems 7. Summarize the process for securing virtual environments
Securing Software, Data and End Points

BEGINNER | Information Technology | Self-paced | 8 hours

Course 4: Securing Software, Data and End Points Welcome to Course Four. As we know, most attacks against systems involve exploiting vulnerabilities in software that powers hardware. Additionally, attackers may exploit vulnerabilities in the underlying hardware, especially when that hardware is for the protected against being stolen or accessed with unauthorized use, but their real target and all the tax is data. Therefore, it's so critical, the total set of software powering an organization's business logic and processes must be kept secure. As we'll see in this chapter, the software provides a layered environment. Building from a core or kernel of trustworthy functions up through to the mobile code and executable content. This enables and empowers all web apps and remote data access. Security professionals need to appreciate securing software covers two very different, but closely related major tasks. They need to ensure that the Security Posture of that software is known and understood, as well as ensure the software is installed, maintained, and used in ways consistent with Security Posture or improve it over time. As we discussed in the previous chapter, Security Posture is the set of risks, vulnerabilities controls, and residual risks pertaining to an asset or system. We summarize the safety or risk of using an asset and the degree of reliance that can be placed on the results from a specific context or situation. In this course, we'll build on that foundation by looking more closely at how the data can be the target of an attack and part of exploiting other vulnerabilities in the system. We'll explore what security professionals, as non-programmers, can do to reduce the risk of such malformed input attacks. In course two, we also discussed the non-human user concept as a general way to view management and security of devices and software entities to protect those entities from threats to their integrity and to protect the overall system and individual assets from unauthorized behavior by those non-human users. In this chapter, we'll build on those concepts, as we dive into Endpoint Security Issues and Approaches. Course 4 Learning Objectives After completing this course, the participant will be able to:  L4.1 - Discuss software systems and application security. L4.2 - Recognize data security concepts and skills.  L4.3 - Identify malicious code and countermeasures.   L4.4 - Evaluate mobile device management (MDM) and security issues with mobile and autonomous endpoints. L4.5 - Review attacks and countermeasures for virtual machines. Course Agenda Module 1: Securing Software (Domain 1 - Security Operations and Administration, Domain 3 - Risk Identification, Monitoring and Analysis , Domain 7 - Systems and Application Security ) Module 2: Securing Data (Domain 1 - Security Operations and Administration, Domain 7 - Systems and Application Security ) Module 3: Identify and Analyze Malicious Code and Activity (Domain 7 - Systems and Application Security) Module 4: Implement and Operate Endpoint Security (Domain 7 - Systems and Application Security ) Module 5: Operate and Secure Virtual Environments (Domain 7 - Systems and Application Security , Domain 6 - Network and Communications Security)    Who Should Take This Course: Beginners Experience Required: No prior experience required
Incident Detection and Response

BEGINNER | Information Technology | Self-paced | 6 hours

Course 7: Incident Detection and Response Welcome to course seven, Incident Detection and Response. Having an intruder inside your systems for months unnoticed by your systems, administrators, security specialists, and end-users is tantamount to giving the intruder, the keys to your business or organization. In many cases, organizations discover that they have been subjected to a data breach when they are told by others that their private data has been offered for sale on the dark web. Many leading voices within the security profession state that we all must do better to detect the intruders in our myths. Many people even say that detecting intruders should be the priority for security professionals. Ransomware attacks have become a big business involving not only large scale extortion attacks, but also the sell of ransomware attack tools and services, as well as the exploitation of any data ex-filtrated during the breach. Government officials and industry professionals worldwide have been raising their voices about this new and very troubling variant in the business model of advanced persistent threat or APT attackers. In this chapter, we'll focus on intrusion and incident detection. Many of the tools, techniques, technologies, and ideas, you'll see here have already been examined in previous chapters. This course brings them together and begins by discussing the central theme of detecting the intruder. Model one uses the concepts of precursors and indicators, the signals that give us advanced warning and a genuine alert about a risk event and the indicators of compromise concept which are those signals that we're certain can only mean a hostile agent has gained access. Module two will extend these ideas and concepts around the idea of what to do after you've discovered a possible intrusion, expanding your understanding of incident response. Module three continues with a deeper look at supporting forensic investigations. Forensics is an evidence-based process of logically and dispassionately reasoning about a situation or an event. It's your inner child, looking at something and asking questions. Then following each of those questions with more questions, letting the facts that you find frame and shape your growing understanding of what happened, how why and where, who did it and what impacts it may have. With these questions answered you can circle back to reviewing risk mitigation controls to see which if any, need to be modified, replaced or augmented. Course 7 Learning Objectives After completing this course, the participant will be able to:  L7.1 - Review the steps for monitoring, incident detection and data loss prevention using all-source intelligence. L7.2 - Identify the elements of an incident response policy and members of the incident response team (IRT). L7.3 - Classify the security professional’s role in supporting forensic investigations. Course Agenda Module 1: Operate All-source Intelligence for Monitoring and Incident Detection (Domain 3 - Risk Identification, Monitoring, and Analysis) Module 2: Support Incident Lifecycle (Domain 4 - Incident Response and Recovery) Module 3: Understand and Support Forensic Investigations (Domain 4 - Incident Response and Recovery) Who Should Take This Course: Beginners Experience Required: No prior experience required
Cloud and Wireless Security

BEGINNER | Information Technology | Self-paced | 6 hours

Course 6: Cloud and Wireless Security Welcome to course six. This course applies to security concepts, ideas, and considerations to two major changes that we have experienced in recent years. It's regarding the way we use the data. First, we use our data on the go. In other words, data services are provided to our mobile phones, Wi-Fi, and other devices. Second, many enhanced functions are implemented through services hosted in the cloud platform, where our data is stored or processed. Both transformations are complex topics. However, as a security practitioner, we can narrow these two topics by applying the security fundamentals to secure the data. This boils down to the three basics of protecting data at rest, in motion, and in use. The data is either on the endpoint devices, servers, or other endpoints, making these services a reality. Course 6 Learning Objectives After completing this course, the participant will be able to:  L6.1 - Recall cloud security concepts and configurations. L6.2 - Recognize types of virtualization and cloud security considerations. L6.3 - Summarize the types of telecommunications and network access controls. Course Agenda Module 1: Operate and Configure Cloud Security (Domain 7 - Systems and Application Security) Module 2: Cloud Security Considerations (Domain 6 - Network and Communications Security) Module 3: Secure Wireless Configurations (Domain 6 - Network and Communications Security) Who Should Take This Course: Beginners Experience Required: No prior experience required
Maturing Risk Management

BEGINNER | Information Technology | Self-paced | 7 hours

Course 8: Maturing Risk Management In management science terms, maturing a process or practice means taking positive steps over time to make it more reliable, repeatable and efficient. In practice, this means getting better every day, while showing the measurements that demonstrate improvement and suggest other opportunities to improve. As we saw in chapters one and two risk management for information intensive organizations works best when using evidence-based reasoning to identify, characterize, and take actions as necessary to resolve the issues. Course eight will bring together numerous threads that are intrinsically related to managing the risks associated with information systems. Also, we know that cyber attack is a risk for all organizations. In this course, we will focus on bringing these ideas together in a context of continuous maturity modeling, measuring and monitoring. Risk alignment works best at the strategic long-term level of planning. By contrast risk maturation can be most effective when considered in day-to-day business operations. This is sometimes called operationalizing one's approach to risk management and maturation. Operationalizing risk management asks us to take the life cycle models about systems, software and data and connect or pivot them around business operations. We'll take on the view of the workers who use the business logic and the systems or the people who oversee the robotics and internet of things on the factory or warehouse floor and see how each of the different security disciplines brings something to them. This course has five modules. Module one focuses on change management and reveals how this detailed administratively intense process plays a primary role in protecting information systems. We'll also look at its vital contributions to incident response and remediation. Module two shows how physical security design principles are used to monitor and control the flow of physical objects in and out of various security zones. This module also considers the operational effects of safety planning and preparation on people and property, as well as availability and integrity of systems and information. Module three provides a different attitude and mindset about empowering and enabling the people in the organization to become more effective contributors and proponents of its information security. Security training programs have failed to help people complete their job safely and securely. New concepts such as micro chaining demonstrates that security education and awareness can add value to the security process. Module four shows us that system security assessment should be an ongoing task. Security has always involved continuous vigilance and integrity. Formal and informal audits demonstrate just how effective an organization's security controls are. As its process of maturing those controls continues to improve their performance. Module five brings many of these ideas and concepts together through business continuity and disaster recovery planning. The emphasis will be the operational support of these tasks, both in the planning and execution stages. We've prepared the foundations so you can bring concepts covered thus far into a cohesive daily operational context. Course 8 Learning Objectives After completing this course, the participant will be able to:  L8.1 - Identify operational aspects of change management. L8.2 - Summarize physical security considerations. L8.3 - Design a security education and awareness strategy. L8.4 - Recognize common security assessment activities. L8.5 - Classify the components of a business continuity plan and disaster recovery plan. Course Agenda Module 1: Participate in Change Management (Domain 1 - Security Operations and Administration) Module 2: Physical Security Considerations (Domain 1 - Security Operations and Administration) Module 3: Collaborate in Security Awareness and Training (Domain 1 - Security Operations and Administration) Module 4: Perform Security Assessment Activities (Domain 3 - Risk Identification, Monitoring and Analysis) Module 5: Understand and Support the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) (Domain 4 - Incident Response and Recovery) Who Should Take This Course: Beginners Experience Required: No prior experience required
Risk Management: Use of Access Controls to Protect Assets

BEGINNER | Information Technology | Self-paced | 6 hours

Course 2: Understanding Risk Management Options and the Use of Access Controls to Protect Assets In this course, we will focus on understanding risk management options and the use of access controls to protect assets. We will start by examining the basic steps that must be in place to develop a security culture within the organization and impacting policies. We will also look into how to write and use them to enforce security requirements. Then we will move on to the actual business of controlling how our systems, services, resources, and data can be accessed safely by authorized persons. We will also cover access control models like MAC, DAC, RBAC, and conclude the chapter with an examination of both LAN and WAN identity management. Course 2 Learning Objectives After completing this course, the participant will be able to:  L2.1 - Provide examples of the types of functional security controls and policies for identified scenarios.  L2.2 - Classify various access control models.  L2.3 - Identify components of identity management lifecycle.  L2.4 - Recognize access control and authentication methods. Course Agenda Module 1: Document, Implement, and Maintain Functional Security Controls (Domain 1 - Security Operations and Administration) Module 2: Access Controls Models (Domain 1 - Security Operations and Administration, Domain 2 - Access Controls) Module 3: Identity Management Lifecycle (Domain 2 - Access Controls) Module 4: Implement and Maintain Authentication Methods (Domain 2 - Access Controls, Domain 6 - Network and Communication Security) Who Should Take This Course: Beginners Experience Required: No prior experience required
Introducing Security: Aligning Asset and Risk Management

BEGINNER | Information Technology | Self-paced | 7 hours

Course 1 - Introducing Security and Aligning Asset Management to Risk Management In this course, we're going to start by discussing the security concepts, identifying corporate assets, and discussing the risk management process. Course 1 Learning Objectives After completing this course, the participant will be able to:  L1.1 - Classify information security and security concepts.   L1.2 - Summarize components of the asset management lifecycle.  L1.3 - Identify common risks and vulnerabilities.  L1.4 - Provide examples of appropriate risk treatment.  Course Agenda Module 1: Understand Security Concepts (Domain 1 - Security Operations and Administration) Module 2: Participate in Asset Management (Domain 1 - Security Operations and Administration) Module 3: Understand the Risk Management Process (Domain 3 - Risk Identification, Monitoring and Analysis) Module 4: Understand the Risk Treatment Process (Domain 3 - Risk Identification, Monitoring and Analysis) Who Should Take This Course: Beginners Experience Required: No prior experience required

Bolster Your Professional Skills

Take back control or rethink your career by strengthening your skills with a Professional Certificate through Franklin. Learn, hone or master job-related skills with professional development classes that won't break the bank or gobble up your free time. These online courses let you feed your curiosity and develop new skills that have real value in the workplace. Learn at your own pace. Cancel your subscription anytime.

Showcase Your Capabilities

Through Franklin’s partnership with Coursera, Certificate courses let you apply your learnings and build a career portfolio that helps demonstrate your professional capabilities to employers. Whether you're moving into a new field or progressing in your current one, the hands-on projects offer real-world examples that help illustrate your skills and abilities. Project completion is required to earn your Certificate.

Gain a Competitive Advantage

Get noticed by hiring managers and by your network of professional connections when you add a Professional Certificate to your credentials. Many Certificates are step toward full certification while others are the start of a new career journey. At Franklin, your Certificate also may be evaluated for course credit if you decide to enroll in one of our many degree programs.

Frequently Asked Questions

How much does the (ISC)² Systems Security Certification Practitioner Professional Certificate cost?

When you enroll in this self-paced certificate program, you decide how quickly you want to complete each of the courses in the specialization. To access the courses, you pay a small monthly cost of $35, so the total cost of your Professional Certificate depends on you. Plus, you can take a break or cancel your subscription anytime.

How long does it take to finish the (ISC)² Systems Security Certification Practitioner Professional Certificate?

It takes about 4-5 months to finish all the courses and hands-on projects to earn your certificate.

What prior experience do I need to enroll?

No prior experienced is needed for this beginner-level series. Enroll now.

What will I be able to do with my (ISC)² Systems Security Certification Practitioner Professional Certificate?

In addition to being one step closer to your SSCP certification, you'll have the foundational knowledge and skills needed to implement, deploy, maintain, and monitor security controls for IT infrastructure.

Plus, you'll want to share your certificate with your professional network to demonstrate your ability to ensure data confidentiality, integrity, and availability.

Do I need to apply and be accepted as a Franklin University student to take courses offered through the FranklinWORKS Marketplace?

No. Courses offered through the Marketplace are for all learners. There is no application or admission process.



4-5
Months to Complete

Shareable Certificate

Earn a certificate upon completion

100% Online

Start instantly and learn on your own schedule

Flexible

Set timelines that are convenient for you

Beginner Level

For anyone who is interested in learning

Login

Returning User

Have you taken Franklin courses previously? If so, you can log in with your existing credentials:

LOG IN

If you have an account but do not know your username or password, you can recover them here:

ACCOUNT RECOVERY

New User

The email address you entered is already associated with a Franklin account.

Please LOG IN in the Returning User area.

If you have an existing account with Franklin University but are unable to log in, you can recover a lost or forgotten username/password with the ACCOUNT RECOVERY button.

If you believe this to be in error, or if you are unable to use your existing Franklin account credentials, please contact the Franklin University Helpdesk for assistance.

Pay Now to Enroll in Coursera Programs!

For $35 per month, you will receive unlimited access to the full catalog of programs offered through Franklin University's partnership with Coursera.

Learn at your own pace, and cancel your subscription at any time.

(ISC)² Systems Security Certified Practitioner (SSCP) Certificate Online

Total $0

We do not refund payment for online courses or programs. If you purchased an online course and it is not what you expected, please contact us at FWMarketplace@franklin.edu to share your constructive feedback.

Ask A Question

Partnership and Group Discounts

If you are with an organization looking to upskill your workforce, discounted group pricing is available. Please contact:

Whitney Iles
Director of Partnerships and Client Management
whitney.iles@franklin.edu
614.947.6702

Additional Options

If you can't find what you're looking for, additional options may be available. Please contact:

Abigail Warfel
Workforce and Professional Development Coordinator
abigail.warfel@franklin.edu
614.947.6288

How It Works

  1. Create Your Account

    Sign up with just your name, email, and phone number. This will let you log in and save your favorite programs as you browse our offerings, as well as access any products you purchase.

  2. Pay Now to Enroll

    Some programs are included as part of our $35 monthly subscription, while others are priced on an individual basis. Select what works for you and pay through our fast, simple, and secure payment portal.

  3. Start Learning

    Choose from our self-paced offerings to work on your own schedule, or select instructor-led courses for a more traditional experience.

  4. Share

    Share the certificates, badges, and credentials you earn to put your new skills to work for you.

How It Works

  1. Sign Up

    Provide your name, email and phone number to start learning more about MedCerts and get connected to a personal education consultant.

  2. Meet Your Education Consultant

    Enroll in your ideal program based on your career goals. We'll help you determine the best path & payment plan for you.

  3. Start Learning

    Utilize our immersive learning & dynamic exam prep. Get guidance and motivation from your personal Student Success Advisor.

  4. Get Certified

    Use your newly learned knowledge to take your certification exam & gain national credentials.