Who should attend
- Enterprise Architect
- Security Administrator
- Systems Engineer
- Security Architect
- Security Consultant
- Security Engineer
- Security Manager
- Systems Architect
Prerequisites
You must have at least five years experience in IT, of which at least three must be in Information Security, of which at least one must be in Cloud Computing. In addition, you should already have experience in each of the six CBK domains:
- Architectural concepts and design requirements
- Cloud data security
- Cloud platform & infrastructure security
- Cloud application security
- Operation
- Legal and Compliance
If you lack the necessary experience, you can still attend the course and take the exam. You can collect the necessary experience afterwards and prove it. You have up to 5 years after passing the exam to do this. Until then, you will be considered an Associate of ISC2. Further information on the Associate program can be found at https://www.isc2.org/Certifications/Associate.
Certification
The CCSP is an internationally recognized certificate developed by the leading non-profit organizations, the ISC2 in cooperation with the CSA (Cloud Security Alliance). With the CCSP you prove your expert knowledge in the field of cloud security and position yourself vis-à-vis employers and customers as a cloud expert who knows the new challenges of the cloud and is able to cope with them.
Course Objectives
By participating in this 5-day knowledge-intensive course, you will be prepared for the CCSP exam by an ISC2 authorized trainer. As an official ISC2 training provider, we only use the official CCSP training documents and the corresponding test exams to prepare you for the knowledge areas of the 6 different CCSP domains.
Outline: Certified Cloud Security Professional (CCSP)
Domain 1: Architectural Concepts and Design Requirements
- Understand cloud computing concepts
- Describe cloud reference architecture
- Understand security concepts relevant to could computing
- Understand design principles of secure cloud computing
- Identify trusted cloud services
Domain 2: Cloud Data Security
- Understand Cloud Data Life Cycle
- Design and Implement Cloud Data Storage Architectures
- Understand and implement Data Discovery and Classification Technologies
- Design and Implement Relevant Jurisdictional Data Protection for Personally Identifiable Information (PII)
- Design and implement Data Rights Management
- Plan and Implement Data Retention, Deletion, and Archival policies
- Design and Implement Auditability, Traceability, and Accountability of Data Events
Domain 3: Cloud Platform Infrastructure Security
- Comprehend Cloud Infrastructure Comp
- Analyze Risks Associated to Cloud Infrastructure
- Design and Plan Security Controls
- Plans Disaster Recovery & Business Continuity Management
Domain 4: Cloud Application Security
- Recognize Need for Training and Awareness in Application Security
- Understand Cloud Software Assurance and Validation
- Use Verified Secure Software
- Comprehend the Software Development Life Cycle (SDLC) Process
- Apply the Secure Software Development Life Cycle
- Comprehend the Specifics of Cloud Application Architecture
- Design Appropriate Identity and Access Management (IAM) Solutions
Domain 5: Operations
- Support the Planning Process for the Data Center Design
- Implement and Build Physical Infrastructure for Cloud Environment
- Run Physical Infrastructure for Cloud Environment
- Manage Physical Infrastructure for Cloud Environment
- Build Logical Infrastructure for Cloud Environment
- Run Logical Infrastructure for Cloud Environment
- Manage Logical Infrastructure for Cloud Environment
- Ensure Compliance with Regulations and Controls
- Conduct Risk Assessment to Logical and Physical Infrastructure
- Understand the Collection and Preservation of Digital Evidence
- Manage Communications with Relevant Parties Domain
Domain 6: Legal and Compliance
- Understand Legal Requirements and Unique Risks Within the Cloud Environment Module 2: Understand Privacy Issues, Including Jurisdictional Variances
- Understand Audit Process, Methodologies, and Required Adaptions for a Cloud Environment
- Understand Implication of Cloud to Enterprise Risk Management
- Understand Outsourcing and Cloud Contract Design
- Execute Vendor Management