This schedule breaks down the seven SSCP domains and the final review strategy into 120 sessions. The weighting of the domains has been used to approximate the number of days assigned to each area.
| Day | Domain | 90-Minute Session Focus |
|---|---|---|
| Week 1: D1 – Security Operations & Administration (15%) | ||
| Day 1 | D1 | Security Roles (CISO, Analyst, Data Owner, Custodian) and Responsibilities. |
| Day 2 | D1 | Security Awareness vs. Training (Behavior vs. Skills). |
| Day 3 | D1 | Change Management Process (Request, Approval, Implementation). |
| Day 4 | D1 | Asset Management: Identification, Classification, and Tracking. |
| Day 5 | D1 | Asset Management: Lifecycle Management and Disposal. |
| Week 2: D1 – Security Operations & Administration (Cont.) | ||
| Day 6 | D1 | Media Protection Procedures (Handling, Storage, Destruction). |
| Day 7 | D1 | Physical Security: Site Access and Entry Controls (Locks, Badges). |
| Day 8 | D1 | Physical Security: Environmental Controls (HVAC, Fire Suppression, Power). |
| Day 9 | D1 | Documentation: Policies, Standards, Procedures, and Guidelines. |
| Day 10 | D1 | Review D1 (Days 1-9) + Practice Questions. |
| Week 3: D2 – Access Controls (16%) | ||
| Day 11 | D2 | Authentication Factors: Something You Know (Passwords) and best practices. |
| Day 12 | D2 | Authentication Factors: Something You Have (Tokens, Smart Cards). |
| Day 13 | D2 | Authentication Factors: Something You Are (Biometrics, types, error rates). |
| Day 14 | D2 | Multi-Factor Authentication (MFA) and Defense-in-Depth. |
| Day 15 | D2 | Federated Identity: Concepts of SAML, OAuth, and OpenID Connect. |
| Week 4: D2 – Access Controls (Cont.) | ||
| Day 16 | D2 | Authorization Models: Mandatory Access Control (MAC). |
| Day 17 | D2 | Authorization Models: Discretionary Access Control (DAC). |
| Day 18 | D2 | Authorization Models: Role-Based Access Control (RBAC) (most common). |
| Day 19 | D2 | Principle of Least Privilege and Need-to-Know. |
| Day 20 | D2 | Account Provisioning, Review, and De-provisioning procedures. |
| Week 5: D2 – Access Controls (Cont.) | ||
| Day 21 | D2 | Access Control Technologies: Firewalls and Proxies (Forward/Reverse). |
| Day 22 | D2 | Access Control Technologies: RADIUS and TACACS+ protocols. |
| Day 23 | D2 | Network Access Control (NAC): Concepts and Enforcement Modes. |
| Day 24 | D2 | Review D2 (Days 11-23) + Practice Questions. |
| Day 25 | D3 | Risk Management Concepts: Assets, Threats, and Vulnerabilities. |
| Week 6: D3 – Risk Identification, Monitoring, and Analysis (15%) | ||
| Day 26 | D3 | Qualitative Risk Analysis: High/Medium/Low, Likelihood, and Impact. |
| Day 27 | D3 | Quantitative Risk Analysis: SLE, ARO, and ALE calculation. |
| Day 28 | D3 | Risk Treatment Options: Avoid, Transfer, Mitigate, Accept. |
| Day 29 | D3 | Vulnerability Assessments: Methods, tools, and reporting. |
| Day 30 | D3 | Penetration Testing Phases: Planning, Discovery, Attack. |
| Week 7: D3 – Risk Identification, Monitoring, and Analysis (Cont.) | ||
| Day 31 | D3 | Penetration Testing Types: Black Box, White Box, Gray Box. |
| Day 32 | D3 | Monitoring Tools: IDS vs. IPS (Signature vs. Anomaly-based). |
| Day 33 | D3 | SIEM (Security Information and Event Management) Overview. |
| Day 34 | D3 | SIEM: Log Aggregation, Normalization, and Correlation. |
| Day 35 | D3 | Log Management: Collection, Storage, and Retention policies. |
| Week 8: D3 – Risk Identification, Monitoring, and Analysis (Cont.) | ||
| Day 36 | D3 | Monitoring: Baselines, False Positives, and False Negatives. |
| Day 37 | D3 | Security Continuous Monitoring (SCM) and Alert Triage. |
| Day 38 | D3 | Review D3 (Days 25-37) + Practice Questions. |
| Day 39 | D4 | Incident Response (IR) Process: Preparation Phase. |
| Day 40 | D4 | IR Process: Identification (Detection and Triage). |
| Week 9: D4 – Incident Response and Recovery (14%) | ||
| Day 41 | D4 | IR Process: Containment (Isolation of affected systems). |
| Day 42 | D4 | IR Process: Eradication (Root cause removal). |
| Day 43 | D4 | IR Process: Recovery (Restoring systems). |
| Day 44 | D4 | IR Process: Lessons Learned (Post-incident review). |
| Day 45 | D4 | Digital Forensics: Importance of Chain of Custody. |
| Week 10: D4 – Incident Response and Recovery (Cont.) | ||
| Day 46 | D4 | Digital Forensics: Preserving Evidence (Volatile vs. Non-Volatile Data). |
| Day 47 | D4 | Business Continuity Planning (BCP): Maintaining essential functions. |
| Day 48 | D4 | Disaster Recovery Planning (DRP): Restoring IT infrastructure. |
| Day 49 | D4 | Recovery Metrics: RTO (Time) and RPO (Data Loss). |
| Day 50 | D4 | Backups: Full, Incremental, and Differential types. |
| Week 11: D4 – Incident Response and Recovery (Cont.) | ||
| Day 51 | D4 | Backup Storage Strategies (Offsite, Cloud) and Testing. |
| Day 52 | D4 | High Availability (HA) and Fault Tolerance concepts. |
| Day 53 | D4 | Review D4 (Days 39-52) + Practice Questions. |
| Day 54 | D5 | Cryptography Types: Symmetric (AES, DES, Speed). |
| Day 55 | D5 | Cryptography Types: Asymmetric (RSA, ECC, Key Exchange). |
| Week 12: D5 – Cryptography (9%) | ||
| Day 56 | D5 | Hashing: SHA-256, Integrity, and One-Way Function. |
| Day 57 | D5 | Public Key Infrastructure (PKI): Components (CA, RA, CRL). |
| Day 58 | D5 | PKI: Certificate Usage, Validation, and Revocation. |
| Day 59 | D5 | Key Management: Generation, Storage, and Escrow. |
| Day 60 | D5 | Key Management: Revocation and Destruction procedures. |
| Week 13: D5 & D6 – Cryptography (Cont.) & Network Security (16%) | ||
| Day 61 | D5 | Applications of Cryptography: TLS/SSL, S/MIME, PGP. |
| Day 62 | D5 | Review D5 (Days 54-61) + Practice Questions. |
| Day 63 | D6 | OSI Model Layers and Protocol Functions (L2, L3, L7). |
| Day 64 | D6 | Network Devices: Switches, Routers, and Hubs (functions/security). |
| Day 65 | D6 | Secure Network Devices: Firewalls and ACLs (Configuration Basics). |
| Week 14: D6 – Network and Communications Security (Cont.) | ||
| Day 66 | D6 | Secure Network Devices: Proxy Server types and filtering. |
| Day 67 | D6 | Secure Network Devices: IPS/IDS placement and modes. |
| Day 68 | D6 | Network Segmentation: VLANs and their security purpose. |
| Day 69 | D6 | Network Segmentation: DMZs and their role in perimeter defense. |
| Day 70 | D6 | Network Segmentation: Physical vs. Logical Separation. |
| Week 15: D6 – Network and Communications Security (Cont.) | ||
| Day 71 | D6 | Secure Protocols: SSH vs. Telnet, SNMPv3, Secure Email. |
| Day 72 | D6 | HTTPS/TLS: Understanding the handshake and encryption. |
| Day 73 | D6 | Wireless Security: Evolution from WEP to WPA3. |
| Day 74 | D6 | Wireless AP Security: Disabling SSID, MAC filtering, and power control. |
| Day 75 | D6 | Virtual Private Networks (VPNs): Remote Access VPNs. |
| Week 16: D6 – Network and Communications Security (Cont.) | ||
| Day 76 | D6 | VPNs: Site-to-Site VPNs and Tunneling Protocols (IPsec). |
| Day 77 | D6 | Network Hardening: Disabling unnecessary services and ports. |
| Day 78 | D6 | Network Monitoring and Traffic Analysis (Basics). |
| Day 79 | D6 | Review D6 (Days 63-78) + Practice Questions. |
| Day 80 | D7 | Operating System Hardening: Patches and updates management. |
| Week 17: D7 – Systems and Application Security (15%) | ||
| Day 81 | D7 | OS Hardening: Disabling unnecessary services/accounts and Baselines. |
| Day 82 | D7 | Endpoint Security: Antivirus/Antimalware and host-based firewalls. |
| Day 83 | D7 | Endpoint Detection and Response (EDR) concepts. |
| Day 84 | D7 | Virtualization Security: Hypervisor types (Type 1/2) and risks. |
| Day 85 | D7 | Virtualization Security: VM Sprawl and VM Escapes. |
| Week 18: D7 – Systems and Application Security (Cont.) | ||
| Day 86 | D7 | Cloud Deployment Models: IaaS, PaaS, and SaaS (Security Responsibility). |
| Day 87 | D7 | Cloud Security: Shared Responsibility Model in detail. |
| Day 88 | D7 | Database Security: Access Control and Least Privilege for queries. |
| Day 89 | D7 | Database Security: Encryption (At Rest and In Transit). |
| Day 90 | D7 | Software Development Life Cycle (SDLC) Security: Integration points. |
| Week 19: D7 – Systems and Application Security (Cont.) | ||
| Day 91 | D7 | SDLC: Secure Coding Practices and Input Validation. |
| Day 92 | D7 | SDLC: Testing (Static, Dynamic, and Interactive Analysis). |
| Day 93 | D7 | Malware Analysis Basics: Ransomware, Spyware, Rootkits. |
| Day 94 | D7 | Malware Detection Methods and Indicators of Compromise (IOCs). |
| Day 95 | D7 | Review D7 (Days 80-94) + Practice Questions. |
| Week 20: Comprehensive Review & Practice Exams | ||
| Day 96 | Review | Full D1 & D2 Review (Operations & Access Controls). |
| Day 97 | Review | Full D3 & D4 Review (Risk, IR, and Recovery). |
| Day 98 | Review | Full D5 & D6 Review (Crypto & Network Security). |
| Day 99 | Review | Full D7 Review (Systems & Application Security). |
| Day 100 | Practice | Mini Practice Exam 1 (60 questions) + Review Results. |
| Week 21: Deep Dive & Targeted Practice | ||
| Day 101 | Deep Dive | Review weakest areas identified in Mini-Exam 1 (e.g., Quantitative Risk). |
| Day 102 | Deep Dive | Review second weakest areas (e.g., Network Segmentation). |
| Day 103 | Deep Dive | Review ISC2 Code of Ethics and Ethical Scenario Questions. |
| Day 104 | Deep Dive | Focus on all Authorization Models (MAC, DAC, RBAC). |
| Day 105 | Deep Dive | Focus on all Recovery Metrics (RTO, RPO, RTO/DRP testing). |
| Week 22: Full Practice Exams | ||
| Day 106 | Practice | Full Practice Exam 2 (125 questions, timed) – Simulate Exam Day. |
| Day 107 | Review | Thorough review of Full Practice Exam 2 results and detailed explanations. |
| Day 108 | Deep Dive | Review all Cryptography concepts, focusing on application (PKI, Key Management). |
| Day 109 | Deep Dive | Review all Network Security concepts, focusing on secure protocols (SSH, HTTPS, WPA3). |
| Day 110 | Practice | Mini Practice Exam 3 (60 questions) + Review Results. |
| Week 23: Consolidation and Process Review | ||
| Day 111 | Consolidation | Focus on the Change Management Process and the IR Process phases. |
| Day 112 | Consolidation | Review all Documentation requirements (Policies, Standards, Procedures). |
| Day 113 | Consolidation | Review all Access Control principles (Least Privilege, Need-to-Know). |
| Day 114 | Consolidation | Review all Media Protection and Asset Disposal steps. |
| Day 115 | Practice | Full Practice Exam 4 (125 questions, timed) – Simulate Exam Day. |
| Week 24: Final Polish (The Week Before the Exam) | ||
| Day 116 | Final Review | Review Full Practice Exam 4 results. |
| Day 117 | Final Review | Read through the entire SSCP Study Guide summary one last time. |
| Day 118 | Final Review | Review key acronyms and metrics (RPO, RTO, ALE, MAC/DAC/RBAC). |
| Day 119 | Final Review | Light review. Confirm test center logistics. Rest and relax! |
| Day 120 | EXAM DAY | PASS THE SSCP! |