The (ISC)² Certified Cloud Security Professional CCSP Training Course is designed for security professionals seeking to enhance their knowledge of cloud security. The program covers various aspects of data security, cloud infrastructure security, and information security. Through this training, participants will learn how to secure data centers, cloud environments, and cloud-based data access. The focus will be on cloud security solutions and techniques for detecting and responding to security incidents.
The training covers cloud computing technologies, including Microsoft Azure, as well as security practices related to physical infrastructure, cloud resource access control, and protection of sensitive data. Load balancers, security operations centers (SOCs), and cloud environment security will also be covered. Upon completion of the training, participants can attempt the CCSP exam, and earn the CCSP certification after passing the exam, which is a recognized industry standard for cloud security expertise.
Skills Gained
In this CCSP course, you will learn how to:
- Define Cloud Concepts, Architecture, and Design
- Implement Cloud Data Security
- Understand Cloud Platform and Infrastructure Security
- Secure Cloud Applications
- Operationalize Cloud Security
- Understand Legal, Risk, and Compliance
- Continue learning and face new challenges with after-course one-on-one instructor coaching
Prerequisites
- Five years of cumulative, full-time working experience in IT (Information Technology) (three must be in information security, and one must be in one of the six CCSP CBK domains).
- Those without the required experience can take the exam to become an Associate of (ISC)²; while working toward the experience needed for full certification.
Outline
Domain 1: Cloud Concepts, Architecture and Design
- 1.1 Understand cloud computing concepts
- 1.2 Describe cloud reference architecture
- 1.3 Understand security concepts relevant to cloud computing
- 1.4 Understand design principles of secure cloud computing
- 1.5 Evaluate cloud service providers
Domain 2: Cloud Data Security
- 2.1 Describe cloud data concepts
- 2.2 Design and implement cloud data storage architectures
- 2.3 Design and apply data security technologies and strategies
- 2.4 Implement data discovery
- 2.5 Plan and implement data classification
- 2.6 Design and implement Information Rights Management (IRM)
- 2.7 Plan and implement data retention, deletion, and archiving policies
- 2.8 Design and implement auditability, traceability, and accountability of data events
Domain 3: Cloud Platform and Infrastructure Security
- 3.1 Comprehend cloud infrastructure and platform components
- 3.2 Design a secure data center
- 3.3 Analyze risks associated with cloud infrastructure and platforms
- 3.4 Plan and implementation of security controls
- 3.5 Plan business continuity (BC) and disaster recovery (DR)
Domain 4: Cloud Application Security
- 4.1 Advocate training and awareness for application security
- 4.2 Describe the Secure Software Development Life Cycle (SDLC) process
- 4.3 Apply the Secure Software Development Life Cycle (SDLC)
- 4.4 Apply cloud software assurance and validation
- 4.5 Use verified secure software
- 4.6 Comprehend the specifics of cloud application architecture
- 4.7 Design an appropriate identity and access management (IAM) solution
Domain 5: Cloud Security Operations
- 5.1 Build and implement physical and logical infrastructure for the cloud environment
- 5.2 Operate and maintain physical and logical infrastructure for cloud environment
- 5.3 Implement operational controls and standards
- 5.4 Support digital forensics
- 5.5 Manage communication with relevant parties
- 5.6 Manage security operations
Domain 6: Legal, Risk, and Compliance
- 6.1 Articulate legal requirements and unique risks within the cloud environment
- 6.2 Understand privacy issues
- 6.3 Understand audit process, methodologies, and required adaptations for a cloud environment
- 6.4 Understand implications of cloud to enterprise risk management
- 6.5 Understand outsourcing and cloud contract design