Certified Cloud Security Professional

ISC2 developed the Certified Cloud Security Professional (CCSP) credential to ensure that cloud security professionals have the required knowledge, skills, and abilities in cloud security design, implementation, architecture, operations, controls, and compliance with regulatory frameworks. A CCSP applies information security expertise to a cloud computing environment and demonstrates competence in cloud security architecture, design, operations, and service orchestration. This professional competence is measured against a globally recognized body of knowledge.

• Gain a thorough understanding of the six CCSP domains.
• Develop skills to design, manage, and secure cloud environments.
• Understand cloud architecture and service models.
• Implement cloud data security measures.
• Prepare for and successfully pass the CCSP certification exam.

After completing this course, the student will be able to:

• Grasp fundamental cloud computing concepts and terminology.
• Identify the components and architecture of cloud environments.
• Distinguish between various cloud service and deployment models.
• Evaluate and apply cloud governance frameworks and risk management strategies.
• Understand the data lifecycle within cloud environments.
• Design and implement secure cloud data storage solutions.
• Apply data security strategies, including encryption and key management.
• Perform data discovery, classification, retention, deletion, and archiving in the cloud.
• Analyse cloud infrastructure components and their security implications.
• Design and implement secure cloud infrastructure solutions.
• Ensure security in virtualised environments and manage cloud network security.
• Plan and implement disaster recovery and business continuity strategies in the cloud.
• Integrate security throughout the cloud software development lifecycle (SDLC).
• Secure cloud application architectures and protect APIs.
• Deploy and maintain secure cloud applications.
• Implement robust identity and access management (IAM) practices in the cloud.
• Oversee security operations and administration within cloud environments.
• Address legal, risk, and compliance issues unique to cloud computing.
• Monitor cloud environments and respond to security incidents effectively.
• Conduct digital forensics in the cloud and manage security operations centres (SOC).
• Understand legal requirements and risks associated with cloud computing.
• Comply with international and industry-specific standards and regulations.
• Address privacy concerns and manage jurisdictional variances.
• Establish and manage contractual security requirements.
• Conduct risk assessments and audits to ensure cloud security compliance.

• Cloud Architect
• Cloud Engineer
• Cloud Consultant
• Cloud Administrator
• Cloud Security Analyst
• Cloud Specialist
• Auditor of Cloud Computing Services
• Professional Cloud Developer

A minimum of five years of cumulative, paid work experience in information technology, of which three years must be in information security and one year in one or more of the six domains of the CCSP CBK ISC2 offers an Associate of ISC2 designation for those who pass the CCSP exam but lack the required experience.

• Cloud Concepts, Architecture & Design – 17%
• Cloud Data Security – 20%
• Cloud Platform & Infrastructure Security – 17%
• Cloud Application Security – 17%
• Cloud Security Operations – 16%
• Legal, Risk & Compliance – 13%