Course Overview
The Certified Cloud Security Professional (CCSP) is a certification program that is designed to validate the knowledge and skills required to secure cloud computing environments. It is a vendor-neutral program that is recognized globally. This certification is specifically designed for those who have prior experience in information technology and they want to further update their skills in the cloud-based cybersecurity field. This certification is offered by the International Information System Security Certification Consortium, also known as (ISC)².
Learning Options
Target audiences
- The Certified Cloud Security Professional (CCSP) training is aimed at professionals in the IT, security and compliance field who seeking increase their credentials, knowledge and experience in cloud security.
- The target audience includes IT professionals such as IT directors, architects, engineers, and system administrators, as well as security administrators, security engineers, security architects, risk and compliance professionals and other technology professionals,
- The training is also appropriate for professionals in the public sector (healthcare, financial services, government, law enforcement, etc), mid-enterprise, Fortune 500 and global organizations.As the cloud computing industry continues to expand, it is imperative that security professionals have the right credentials and knowledge to help protect their organizations from cyber threats and data breaches
- As the cloud computing industry continues to expand, it is imperative that security professionals have the right credentials and knowledge to help protect their organizations from cyber threats and data breaches.
- The CCSP training is designed to help professionals stay up-to-date on current cloud security best practices, regulations and compliance standards, and acquire the skills necessary to protect their data and assets.
Schedule Dates
Curriculum
-
Module 1: Architectural Concepts & Design Requirements
-
Module 2: Cloud Data Security
- Understand Cloud Data Lifecycle
- Design and Implement Cloud Data Storage Architectures
- Design and Apply Data Security Strategies
- Understand and Implement Data Discovery and Classification Technologies
- Design and Implement Relevant Jurisdictional Data Protections for Personally Identifiable Information (PII)
- Design and Implement Data Rights Management
- Plan and Implement Data Retention, Deletion, and Archiving Policies
- Design and Implement Auditability, Traceability and Accountability of Data Events
-
Module 3: Cloud Platform & Infrastructure Security
-
Module 4: Cloud Application Security
- Recognize the need for Training and Awareness in Application Security
- Understand Cloud Software Assurance and Validation
- Use Verified Secure Software
- Comprehend the Software Development Life-Cycle (SDLC) Process
- Apply the Secure Software Development Life-Cycle
- Comprehend the Specifics of Cloud Application Architecture
- Design Appropriate Identity and Access Management (IAM) Solutions
-
Module 5: Operations
- Implement and Build Physical Infrastructure for Cloud Environment
- Run Physical Infrastructure for Cloud Environment
- Manage Physical Infrastructure for Cloud Environment
- Logical Infrastructure for Cloud Environment
- Run Logical Infrastructure for Cloud Environment
- Manage Logical Infrastructure for Cloud Environment
- Ensure Compliance with Regulations and Controls (e.g., ITIL, ISO/IEC 20000-1)
- Conduct Risk Assessment to Logical and Physical Infrastructure
- Understand the Collection, Acquisition and Preservation of Digital Evidence
- Manage Communication with Relevant Parties
-
Module 6: Legal & Compliance
- Understand Legal Requirements and Unique Risks within the Cloud Environment
- Understand Privacy Issues, Including Jurisdictional Variation
- Understand Audit Process, Methodologies, and Required Adaption’s for a Cloud Environment
- Understand Implications of Cloud to Enterprise Risk Management
- Understand Outsourcing and Cloud Contract Design
- Execute Vendor Management
To be eligible to take the CCSP exam, candidates must have a minimum of five years of cumulative, paid work experience in information technology, of which three years must be in information security, and one year in one or more of the six domains of the CCSP Common Body of Knowledge (CBK).
The six domains of the CCSP CBK include:
Cloud Concepts, Architecture and Design
Cloud Data Security
Cloud Platform and Infrastructure Security
Cloud Application Security
Cloud Security Operations
Legal, Risk, and Compliance
Approximately there are 125 multiple-choice questions and a candidate has a maximum of four hours to complete this exam.
The passing score for the CCSP exam is 700 out of a possible 1000 points. The exam is scored on a scale from 0 to 1000, with a score of 700 or above required to pass.
It's worth noting that the exam is designed to test the candidate's knowledge and understanding of the six domains of the CCSP Common Body of Knowledge (CBK), and candidates are required to demonstrate their proficiency in each domain to pass the exam.
After the exam, candidates will receive a report that indicates their overall score as well as their
performance in each domain. This report can be used to identify areas where the candidate may need additional study or preparation before retaking the exam.
