Exactly three weeks ago, I was privileged to receive the SSCP Scholarship from the Center for Cyber Safety and Education. This award includes an ISC² certification exam voucher for the SSCP, along with several other amazing benefits.

I've decided to start my studies early, 180 days in advance so that by the time I sit for the exam, I'll have fully covered the material, internalized it, and continuously applied what I've learned in practice. Someone believed in me enough to invest in my potential, and I intend to honor that belief by giving my best effort.

For accountability, I'll be posting what I learn each day. If you don't see updates from me, feel free to ask, this is my way of staying consistent and committed. For context, I'm using the Official SSCP Study Guide by Mike Wills as my primary resource.

What Is the SSCP?

I decided to begin at the very beginning: the introduction. My goal is not just to pass the exam, but to understand the purpose and intent behind the certification itself.

At first glance, SSCP stands for Systems Security Certified Practitioner, which might sound straightforward: a certification for those who protect information systems. But as I read further, I realized that the SSCP is broader and deeper than that.

It represents:

  • A standard of excellence in systems security.
  • A credential that attests to demonstrated excellence.
  • The person who has earned the credential.

As the guide defines it:

"A Systems Security Certified Practitioner is a person who performs systems security tasks to a level of competency that meets or exceeds the established standard, and who has earned a credential as a testament to their knowledge and skills." — SSCP Official Study Guide, p. XXVII

An SSCP is expected not only to monitor and safeguard information systems from threats, vulnerabilities, and risks but also to respond effectively to security incidents.

Key Insight of the Day

I learned the difference between a certificate and a certification a distinction that's easy to overlook but deeply important.

  • A certificate is proof that you've completed a course or training program.
  • A certification is a professional credential granted by an industry organization, demonstrating that you have the knowledge and skills the industry values.

Looking Ahead

The SSCP will challenge me not only to understand the seven domains and their core concepts but also to develop hands-on, technical cybersecurity skills. The study material covers policies, procedures, standards, and guidelines, as well as practical tools like PowerShell, Java, HTML, CSS, Python, and C#.

That's where I ended Day 1. Tomorrow, I'll complete the rest of the introduction pages.

I have a question for those who've passed the SSCP. What was the most valuable non-textbook resource you used? Let me know below.

See you tomorrow