Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

4 Tips to Successfully Prepare for the SSAP Exam

The SANS Security Awareness Professional (SSAP) is the world’s leading industry-recognized credential that signifies that the holder has the knowledge

Authored byLance Spitzner
Lance Spitzner

The SANS Security Awareness Professional (SSAP) is the world’s leading industry-recognized credential that signifies that the holder has the knowledge and expertise to build, maintain and measure a mature security awareness program. The SSAP was developed and is maintained by GIAC, the same organization that develops and maintains security certifications for SANS Institute courses.

The first step to achieving your SSAP is taking the 3-day SANS LDR433: Managing Human Risk course on building mature awareness programs. Once you have completed this course, you will be fully prepared to take the exam. Full details on the exam and how to register can be found on the SSAP page.

A question we are commonly asked is how to prepare for the exam. Here are key tips for success.

  1. Know the Content. First, make sure you understand all the LDR433 course training content. If it’s in the course books, it’s eligible to be in the exam. If it’s a fun but random story from the instructor, it’s not in the exam. Keep in mind that even if you have multiple years of experience, you will need to study the material to be successful, as the course goes into the theory and models of concepts such as risk management, marketing, adult learning theory and behavior change. You need to know those models.
  2. Open Book: The SSAP, like all GIAC certifications, are open book. This means you can bring your course books (and any other printed materials / notes) with you for the exams. GIAC exams are not testing your ability to memorize content, they test your ability to comprehend and apply the content. Please note, you cannot bring any digital materials / notes to an exam, printed only.
  3. Index Your Course Books. You will receive a book for each day of each class. The course books have the class slides and details notes for each slide. We recommend that you highlight, tag and take notes in your books during the course. Even better, we suggest you index your books so you can quickly find and reference key points during the exam, such as models and frameworks covered in the materials. Check out this outstanding tutorial on how to index a SANS course by Hacks4Pancakes.
  4. Take the Practice Test. Like other GIAC exams, the SSAP comes with a practice test. Unlike other GIAC exams, you only get one practice test. This is due to LDR433 being a three-day course. Be sure to take the practice test AFTER you complete the steps above.

Remember, GIAC exams are not designed to trick you, they are designed to test your retention and comprehension. If you take the class, pay attention, review the content, create an index and then take the practice test, you are going to do just fine.

Best of luck, and welcome to the community!

Meet the expert

Lance Spitzner
Lance Spitzner

Lance Spitzner

Senior Instructor

Lance revolutionized cyber defense by founding the Honeynet Project. Over the past 25 years, he has helped 350+ organizations worldwide build resilient security cultures, transforming human risk management into a cornerstone of modern cybersecurity.

Read more about Lance Spitzner
4 Tips to Successfully Prepare for the SSAP Exam