Catalog

The ISC2 CCSP (Certified Cloud Security Professional) course is specifically designed for IT and cybersecurity professionals looking to deepen their knowledge and expertise in cloud security. This comprehensive training program covers a wide range of topics essential for securing cloud environments, including cloud data security, cloud platform and infrastructure security, cloud application security, compliance, and legal issues, as well as cloud security operations. The curriculum is aligned with the best practices and standards recognized in the industry, ensuring that participants are well-versed in the latest cloud security technologies and strategies. Throughout the course, participants will engage in detailed studies of cloud computing architecture, understanding the intricacies of cloud data lifecycle management, and exploring the key principles of designing a secure cloud environment. Additionally, the course addresses the management of cloud security and operations, focusing on risk assessment, governance, and legal and compliance challenges associated with cloud computing. By the end of the training, participants will be equipped with the necessary skills to design and implement comprehensive security measures for cloud services, prepare for the ISC2 CCSP certification exam, and advance their careers in the rapidly evolving field of cloud security. This certification is highly regarded in the IT industry, opening doors to roles such as cloud security architect, cloud engineer, and cybersecurity analyst, among others.

##### Domain 1 - Cloud Concepts, Architecture and Design - Understand cloud computing concepts - Describe cloud reference architecture - Understand security concepts relevant to cloud computing - Understand design principles of secure cloud computing - Evaluate cloud service providers ##### Domain 2 - Cloud Data Security - Describe cloud data concepts - Design and implement cloud data storage architectures - Design and apply data security technologies and strategies - Implement data discovery - Implement data classification - Design and implement Information Rights Management (IRM) - Plan and implement data retention, deletion, and archiving policies - Design and implement auditability, traceability, and accountability of data events ##### Domain 3 - Cloud Platform and Infrastructure Security - Comprehend cloud infrastructure components - Design a secure data center - Analyze risks associated with cloud infrastructure - Design and plan security controls - Plan Disaster Recovery (DR) and Business Continuity (BC) ##### Domain 4 - Cloud Application Security - Plan Disaster Recovery (DR) and Business Continuity (BC) - Describe the Secure Software Development Life Cycle (SDLC) process - Apply the Secure Software Development Life Cycle (SDLC) - Apply cloud software assurance and validation - Use verified secure software - Comprehend the specifics of cloud application architecture - Design appropriate Identity and Access Management (IAM) solutions ##### Domain 5 -Cloud Security Operations - Build and implement physical and logical infrastructure for cloud environment - Operate and maintain physical and logical infrastructure for cloud environment - Implement operational controls and standards (e.g., Information Technology Infrastructure Library (ITIL), International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 20000-1) - Support digital forensics - Manage communication with relevant parties - Manage security operations ##### Domain 6 - Legal, Risk and Compliance - Articulate legal requirements and unique risks within the cloud environment - Understand privacy issues - Understand audit process, methodologies, and required adaptations for a cloud environment - Understand implications of cloud to enterprise risk management - Understand outsourcing and cloud contract design