Who should attend
- Cloud Architect
- Cloud Engineer
- Cloud Consultant
- Cloud Administrator
- Cloud Security Analyst
- Cloud Specialist
- Auditor of Cloud Computing Services
- Professional Cloud Developer
Prerequisites
Requirements for the exam preparation course ISC2 CCSP - Business Englisch:
- Several years of professional experience in IT and/or in information security with the basics of cloud security
Exam requirements
- You can take the exam at any time.
- A candidate that doesn’t have the required experience to become a CCSP may become an Associate of ISC2 by successfully passing the CCSP examination. The Associate of ISC2 will then have six years to earn the five years required experience.
Certification requirements:
- For the certificate, each participant must state their professional experience in endorsement, based on the ISC2 domains.
- You must have at least five years of professional experience in IT, of which at least 3 years in the field of information security, of which at least 1 year of experience in one or more of the six domains of the CCSP Common Body of Knowledge (CBK)
- With the ISC2 CISSP certification, you automatically meet all the requirements.
CCSP (Certified Cloud Security Professional): The premier cloud security certification. One of the hottest certifications on the market today. The CCSP recognizes IT and information security leaders who have the knowledge and competency to apply best practices to cloud security architecture, design, operations and service orchestration.
Course Objectives
ISC2 developed the Certified Cloud Security Professional (CCSP) credential to ensure that cloud security professionals have the required knowledge, skills, and abilities in cloud security design, implementation, architecture, operations, controls, and compliance with regulatory frameworks. A CCSP applies information security expertise to a cloud computing environment and demonstrates competence in cloud security architecture, design, operations, and service orchestration. This professional competence is measured against a globally recognized body of knowledge.
Course Content
6 Domains ISC2 CCSP Certified Cloud Security Professional
Domain 1. Cloud Concepts, Architecture and Design
- Understand cloud computing concepts
- Describe cloud reference architecture
- Understand security concepts relevant to cloud computing
- Understand design principles of secure cloud computing
- Evaluate cloud service providers
Domain 2. Cloud Data Security
- Describe cloud data concepts
- Design and implement cloud data storage architectures
- Design and apply data security technologies and strategies
- Implement data discovery
- Plan and implement data classification
- Design and implement Information Rights Management (IRM)
- Plan and implement data retention, deletion and archiving policies
- Design and implement auditability, traceability and accountability of data events
Domain 3. Cloud Platform & Infrastructure Security
- Comprehend cloud infrastructure and platform components
- Design a secure data center
- Analyze risks associated with cloud infrastructure and platforms
- Plan and implementation of security controls
- Plan business continuity (BC) and disaster recovery (DR)
Domain 4. Cloud Application Security
- Advocate training and awareness for application security
- Describe the Secure Software Development Life Cycle (SDLC) process
- Apply the Secure Software Development Life Cycle (SDLC)
- Apply cloud software assurance and validation
- Use verified secure software
- Comprehend the specifics of cloud application architecture
- Design appropriate identity and access management (IAM) solutions
Domain 5. Cloud Security Operations
- Build and implement physical and logical infrastructure for cloud environment
- Operate and maintain physical and logical infrastructure for cloud environment
- Implement operational controls and standards (e.g., Information Technology Infrastructure Library (ITIL), International Organization for Standardization/International Electrotechnical
- Commission (ISO/IEC) 20000-1)
- Support digital forensics
- Manage communication with relevant parties
- Manage security operations
Domain 6. Legal, Risk & Compliance
- Articulate legal requirements and unique risks within the cloud environment
- Understand privacy issues
- Understand audit process, methodologies, and required adaptations for a cloud environment
- Understand implications of cloud to enterprise risk management
- Understand outsourcing and cloud contract design