Certified Cloud Security Professional
On Demand $2,495.00
(ISC)² developed the Certified Cloud Security Professional (CCSP) credential to ensure that cloud security professionals have the required knowledge, skills, and abilities in cloud security design, implementation, architecture, operations, controls, and compliance with regulatory frameworks. A CCSP applies information security expertise to a cloud computing environment and demonstrates competence in cloud security architecture, design, operations, and service orchestration. This professional competence is measured against a globally recognized body of knowledge.
The topics included in the CCSP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of cloud security. Successful candidates are competent in the following 6 domains:
- Cloud Concepts, Architecture and Design
- Cloud Data Security
- Cloud Platform & Infrastructure Security
- Cloud Application Security
- Cloud Security Operations
- Legal, Risk, and Compliance
- Understand the legal frameworks and guidelines that affect cloud services.
- Recognize the fundamentals of data privacy regulatory/legislative mandates
- Assess risks, vulnerability, threats, and attacks in the cloud environment.
- Evaluate the design and plan for cloud infrastructure security controls.
- Evaluate what is necessary to manage security operations.
- Understand what operational controls and standards to implement.
- Describe the types of cloud deployment models in the types of “as a service” cloud models currently available today.
- Identify key terminology and associated definitions related to cloud technology. Be able to establish a common terminology for use within your team or workgroup.
- Build a business case for cloud adoption and be able to determine with business units the benefits of the cloud and cloud migration strategies.
To obtain the CCSP certification course, you must have:
- At least five years of working experience in IT, including three years of information security and one year of cloud security experience
- Those without the required experience can take the exam to become an Associate of (ISC)² while working toward the experience needed for full certification
- Lectures 37
- Quizzes 0
- Duration 40 hours
- Skill level Intermediate Level
- Language English
- Students 324
- Certificate No
- Assessments Yes
Domain 1:Cloud Concepts, Architecture and Design
Domain 2:Cloud Data Security
- 2.1 Describe Cloud Data Concepts
- 2.2 Design and Implement Cloud Data Storage Architectures
- 2.3 Design and Apply Data Security Technologies and Strategies
- 2.4 Implement Data Discovery
- 2.5 Implement Data Classification
- 2.6 Design and Implement Information Rights Management (IRM)
- 2.7 Plan and Implement Data Retention, Deletion and Archiving Policies
- 2.8 Design and Implement Auditability, Traceability and Accountability of Data Events
Domain 3:Cloud Platform and InfrastructureSecurity
Domain 4:Cloud Application Security
- 4.1 Advocate Training and Awareness for Application Security
- 4.2 Describe the Secure Software Development Life Cycle (SDLC) Process
- 4.3 Apply the Secure Software Development Life Cycle (SDLC)
- 4.4 Apply Cloud Software Assurance and Validation
- 4.5 Use Verified Secure Software
- 4.6 Comprehend the Specifics of Cloud Application Architecture
- 4.7 Design Appropriate Identity and Access Management (IAM) Solutions
Domain 5:Cloud Security Operations
- 5.1 Implement and Build Physical and Logical Infrastructure for Cloud Environment
- 5.2 Operate Physical and Logical Infrastructure for Cloud Environment
- 5.3 Manage Physical and Logical Infrastructure for Cloud Environment
- 5.4 Implement Operational Controls and Standards (e.g., Information Technology Infrastructure Library (ITIL), International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 20000-1)
- 5.5 Support Digital Forensics
- 5.6 Manage Communication with Relevant Parties
- 5.7 Manage Security Operations
Domain 6:Legal, Risk and Compliance
- 6.1 Articulate Legal Requirements and Unique Risks within the Cloud Environment
- 6.2 Understand Privacy Issues
- 6.3 Understand Audit Process, Methodologies, and Required Adaptations for a Cloud Environment
- 6.4 Understand Implications of Cloud to Enterprise Risk Management
- 6.5 Understand Outsourcing and Cloud Contract Design