Can I use a CISSP book to study for SSCP?

Last Updated on August 1, 2017 by Dave Farquhar

Can I use a CISSP book to study for SSCP? That’s a good question, and a good idea, but I don’t recommend it anymore.

SSCP covers less ground and goes into more depth than CISSP does. SSCP is designed for hands-on security operations types. CISSPs tend to be policy types and/or managers. You’ll do better with a post-2015 SSCP guide, such as SSCP Systems Security Certified Practitioner All-in-One Exam Guide, Second Edition. You might as well get a used copy to save money.

That said, if you know the material, you can pass it using old books. I passed CISSP with old, dated books because the new books weren’t ready yet. I relied on work experience to close the gaps. Work experience is just as important as book knowledge. Perhaps more so. I’ve worked with people with lots of book knowledge who couldn’t solve the problems they encountered on the job. You can’t fake your way through operations.

If you have an old CISSP book from before 2015, read the seven relevant domains from the CISSP book: Access Control; Cryptography; Malicious Code and Activity; Monitoring and Analysis; Networks and Communications; Risk, Response and Recovery; and Security Operations and Administration. Anything that’s fair game in those domains for CISSP always was fair for SSCP too.

If you found this post informative or helpful, please share it!