CCSP: Certified Cloud Security Professional

This course provides experienced IT and security professionals with in-depth knowledge of cloud security architecture, design, operations, and compliance. Participants learn how to apply security best practices to cloud environments across multiple service models and deployment scenarios. The course is aligned with the CCSP certification from ISC2 and focuses on real-world cloud security challenges, governance, and risk management in enterprise environments.

The topics included in the CCSP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of cloud security. Successful candidates are competent in the following 6 domains:

  • Cloud Concepts, Architecture and Design
  • Cloud Data Security
  • Cloud Platform & Infrastructure Security
  • Cloud Application Security
  • Cloud Security Operations
  • Legal, Risk and Compliance

Key takeaways

You will learn how to:

  • Identify and explain the five characteristics required to satisfy the NIST definition of cloud computing
  • Differentiate between various as-a-service delivery models and frameworks that are incorporated into the cloud computing reference architecture
  • Explain strategies for protecting data at rest and data in motion
  • Discuss strategies for safeguarding data, classifying data, ensuring privacy, assuring compliance with regulatory agencies, and working with authorities during legal investigations
  • Contrast between forensic analysis in corporate data center and cloud computing environments

Prerequisites

Candidates must have a minimum of 5 years cumulative paid work experience in information technology, of which 3 years must be in information security and 1 year in 1 or more of the 6 domains of the CCSP CBK. Earning CSA’s CCSK certificate can be substituted for 1 year of experience in 1 or more of the 6 domains of the CCSP CBK. Earning ISC2’s CISSP credential can be substituted for the entire CCSP experience
requirement.

A candidate that doesn’t have the required experience to become a CCSP may become an Associate of ISC2 by successfully passing the CCSP examination. The Associate of ISC2 will then have 6 years to earn the 5 years required experience. You can learn more about CCSP experience requirements and how to account for part-time work and internships at www.isc2.org/Certifications/CCSP/experience-requirements.

Target audience

The CCSP credential is designed for experienced information security professionals with at least five years of full-time IT experience, including three years of information security and at least one year of cloud security experience. The CCSP credential is suitable for mid-level to advanced professionals involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance, and even IT auditing.

CCSP is most appropriate for those whose day-to-day responsibilities involve procuring, securing and managing cloud environments or purchased cloud services. In other words, CCSPs are heavily involved with the cloud. Many CCSPs will be responsible for cloud security architecture, design, operations, and/or service orchestration.

Example job functions include, but are not limited to:

Enterprise Architect, Security Administrator, Systems Engineer, Security Architect, Security Consultant, Security Engineer, Security Manager, Systems Architect

 

Cloud concepts, architecture, and design

The course begins with cloud computing concepts, reference architectures, and design principles. Participants learn how to apply security controls across IaaS, PaaS, and SaaS environments.

Cloud data security

This section focuses on data classification, data lifecycle management, encryption, key management, and data discovery in cloud environments.

Cloud platform and infrastructure security

Participants learn how to secure cloud infrastructure, including compute, storage, networking, and virtualization components.

Cloud application security

This section covers application security responsibilities in the cloud, including secure development considerations, shared responsibility models, and application-level controls.

Identity and access management

Participants explore identity federation, access control models, authentication mechanisms, and trust relationships in cloud environments.

Security operations

This section focuses on operational security, including logging, monitoring, incident response, and business continuity in cloud-based environments.

Legal, risk, and compliance

The course concludes with legal, regulatory, and compliance considerations, including data residency, privacy requirements, risk management, and audit readiness in the cloud.

This course and materials, along with previous experience and rigorous self-study, will help prepare you to take the ISC2 CCSP certification exam.

Important! The CCSP exam voucher is NOT included in this CCSP training.

Is this course suitable for beginners?
No. This course is designed for experienced professionals with prior knowledge of IT, security, or cloud technologies.

Is this course vendor-specific?
No. The CCSP certification is vendor-neutral and applies to multiple cloud platforms and service providers.

How long does the course last?
The course is delivered over five days as instructor-led training.

Does the course prepare me for certification?
Yes. The course is designed to prepare participants for the CCSP certification exam.

Relevant courses

Other subject areas