CCSP: Certified Cloud Security Professional Certification Preparation

As powerful as cloud computing is for the organization, understanding its information security risks and mitigation strategies is critical. Legacy approaches are inadequate, and organizations need competent, experienced professionals equipped with the right cloud security knowledge and skills to be successful. They need CCSPs. Backed by the two leading non-profits focused on cloud and information security, the Cloud Security Alliance (CSA) and (ISC)², the CCSP credential denotes professionals with deep-seated knowledge and competency derived from hands-on experience with cyber, information, software and cloud computing infrastructure security. CCSPs help you achieve the highest standard for cloud security expertise and enable your organization to benefit from the power of cloud computing while keeping sensitive data secure.

During this training you will:

  • gain knowledge in identifying the types of controls necessary to administer various levels of confidentiality, integrity, and availability, with regard to securing data in the cloud.
  • identify the virtual and physical components of the cloud infrastructure with regard to risk management analysis, including tools and techniques necessary for maintaining a secure cloud infrastructure.
  • gain an understanding in cloud software assurance and validation, utilizing secure software, and the controls necessary for developing secure cloud environments.
  • identify privacy issues and audit processes utilized within a cloud environment, including auditing controls, assurance issues, and the specific reporting attributes.

Course Format

Lecture based, Self-Study & Classroom Discussions.

Audience profile

The CCSP credential is designed for experienced information security professionals with at least five years of full-time IT experience, including three years of information security and at least one year of cloud security experience. The CCSP credential is suitable for mid-level to advanced professionals involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance, and even IT auditing.

CCSP is most appropriate for those whose day-to-day responsibilities involve procuring, securing and managing cloud environments or purchased cloud services. In other words, CCSPs are heavily involved with the cloud. Many CCSPs will be responsible for cloud security architecture, design, operations, and/or service orchestration.

xExample job functions include, but are not limited to:

Enterprise Architect, Security Administrator, Systems Engineer, Security Architect, Security Consultant, Security Engineer, Security Manager, Systems Architect

Prerequisites 

Experienced information security professionals with at least five years of IT experience, including three years of information security and at least one year of cloud security experience.

Course Objectives

CCSP is a global credential born from the expertise of the two industry-leading stewards of information systems and cloud computing security, (ISC)² and CSA. The CCSP credential is appropriate and applicable to cloud security in a global environment. This is especially important given the legal, regulatory and compliance concerns that come with multi-jurisdictional housing of personally identifiable information (PII).

For those who qualify, the CCSP exam will test their competence in the six CCSP domains of the (ISC)² Common Body of Knowledge (CBK), which cover:

  • Architectural Concepts & Design Requirements
  • Cloud Data Security
  • Cloud Platform & Infrastructure Security
  • Cloud Application Security
  • Operations
  • Legal & Compliance

Course content

The CCSP draws from a comprehensive, up-to-date, global common body of knowledge that ensures security leaders have a deep knowledge and understanding of new threats, technologies, regulations, standards, and practices relating to the security & protection of the cloud.

The CCSP exam tests ones competence in the 6 domains of the CCSP CBK, which cover: 

Domain 1: Architecture Concepts and Design Requirements

Understand Cloud Computing Concepts
Describe Cloud Reference Architecture
Understand Security Concepts Relevant to Cloud Computing
Understand Design Principles of Secure Cloud Computing
Identigy Trusted Cloud Services

Domain 2: Cloud Data Security

Cloud Data Lifecycle
Design and Implement Cloud Data Storage Architectures
Design and Apply Data Security Strategies
and Implement Data Discovery and Classification Technologies
Design and Implement Data Rights Management
Design and Implement Relevant Jurisdictional Data Protections for Personally Identifiable Information (PIN)
Plan and Implement Data Retention, Deletion, and Archiving Policies
Design and Implement Auditability, Traceability, and Accountability of Data Events

Domain 3: Cloud Platform and Infrastructure Security

Cloud Infrastructure Components
Risks Associated to Cloud Infrastructure
Design and Plan Security Controls
Plan Disaster Recovery and Business Continuity Management

Domain 4: Cloud Application Security

Need for Training and Awareness in Application Security
Cloud Software Assurance and Validation
Use Verified Secure Software
Software Development Life-Cycle (SDLC) Process
Apply the Software Development Life-Cycle
Specifics of Cloud Application Architecture
Design Appropriate Identity and Access Management (IAM) Solutions

Domain 5: Operations

Support the Planning Process for the Data Center Design
Implement and Build Physical Infrastructure for Cloud Environment
Run Physical Infrastructure for Cloud Environment
Manage Physical Infrastructure for Cloud Environment
Build Logical Infrastructure for Cloud Environment
Run Logical Infrastructure for Cloud Environment
Manage Logical Infrastructure for Cloud Environment
Ensure Compliance with Regulations and Controls (ITIL, ISO/IEC 20000-I)
Conduct Risk Assessment to Logical and Physical Infrastructure
Collection, Acquisition, and Preservation of Digital Evidence
Manage Communication with Relevant Parties

Domain 6. Legal and Compliance

Legal Requirements and Unique Risks within the Cloud Environment
Privacy Issues, Including Jurisdictional Variation
Audit Process, Methodologies, and Required Adaptions for a Cloud Environment
Implications of Cloud to Enterprise Risk Management
Outsourcing and Cloud Contract Design
Execute Vendor Management
Legal and compliance

Certification

This course and materials, along with previous experience and rigorous self-study, will help prepare you to take the (ISC)2 CCSP certification exam.

NOTE! The CCSP exam is not included in the CCSP training, but you may book and take the exam at Glasspaper`s test centers. The cost for the CCSP exam is EUR 550 + mva (when you book the test directly with Glasspaper, we will add an administration fee of NOK 750). 

 

Other relevant courses

30. November
5 days
Classroom Virtual Guaranteed to run