(ISC)²

Certified Cloud Security Professional (CCSP)

(CCSP.AE1) / ISBN : 978-1-64459-187-1
Lessons
Lab
TestPrep
7 Reviews
Get A Free Trial

Skills You’ll Get

(ISC)² CCSP certification validates a candidate's advanced technical skills and knowledge required to design, manage, and secure data, applications, and infrastructure in the cloud using best practices, policies, and procedures established by the cybersecurity experts at (ISC)². (ISC)² Certified Cloud Security (CCSP) certified professionals will have the required knowledge and skills to manage cloud security.
Download Course Outline

1

Introduction

  • Overview of the CCSP Exam
  • Notes on This Course's Organization
2

Architectural Concepts

  • Cloud Characteristics
  • Business Requirements
  • Cloud Evolution, Vernacular, and Models
  • Cloud Computing Roles and Responsibilities
  • Cloud Computing Definitions
  • Foundational Concepts of Cloud Computing
  • Related and Emerging Technologies
  • Summary
  • Exam Essentials
  • Written Labs
3

Design Requirements

  • Business Requirements Analysis
  • Security Considerations for Different Cloud Categories
  • Design Principles for Protecting Sensitive Data
  • Summary
  • Exam Essentials
  • Written Labs
4

Data Classification

  • Data Inventory and Discovery
  • Jurisdictional Requirements
  • Information Rights Management (IRM)
  • Data Control
  • Summary
  • Exam Essentials
  • Written Labs
5

Cloud Data Security

  • Cloud Data Lifecycle
  • Cloud Storage Architectures
  • Cloud Data Security Foundational Strategies
  • Summary
  • Exam Essentials
  • Written Labs
6

Security in the Cloud

  • Shared Cloud Platform Risks and Responsibilities
  • Cloud Computing Risks by Deployment Model
  • Cloud Computing Risks by Service Model
  • Virtualization
  • Disaster Recovery (DR) and Business Continuity (BC)
  • Summary
  • Exam Essentials
  • Written Labs
7

Responsibilities in the Cloud

  • Foundations of Managed Services
  • Business Requirements
  • Shared Responsibilities by Service Type
  • Shared Administration of OS, Middleware, or Applications
  • Shared Responsibilities: Data Access
  • Lack of Physical Access
  • Summary
  • Exam Essentials
  • Written Labs
8

Cloud Application Security

  • Training and Awareness
  • Cloud-Secure Software Development Lifecycle (SDLC)
  • ISO/IEC 27034-1 Standards for Secure Application Development
  • Identity and Access Management (IAM)
  • Cloud Application Architecture
  • Cloud Application Assurance and Validation
  • Summary
  • Exam Essentials
  • Written Labs
9

Operations Elements

  • Physical/Logical Operations
  • Security Operations Center
  • Summary
  • Exam Essentials
  • Written Labs
10

Operations Management

  • Monitoring, Capacity, and Maintenance
  • Change and Configuration Management (CM)
  • IT Service Management and Continual Service Improvement
  • Business Continuity and Disaster Recovery (BC/DR)
  • Summary
  • Exam Essentials
  • Written Labs
11

Legal and Compliance Part 1

  • Legal Requirements and Unique Risks in the Cloud Environment
  • Potential Personal and Data Privacy Issues in the Cloud Environment
  • Audit Processes, Methodologies, and Cloud Adaptations
  • Summary
  • Exam Essentials
  • Written Labs
12

Legal and Compliance Part 2

  • The Impact of Diverse Geographical Locations and Legal Jurisdictions
  • Business Requirements
  • Cloud Contract Design and Management for Outsourcing
  • Identifying Appropriate Supply Chain and Vendor Management Processes
  • Summary
  • Exam Essentials
  • Written Labs

1

Architectural Concepts

  • Capturing Network Traffic
  • Creating a Virtual Machine and Installing Ubuntu Using Hyper-V Manager
  • Using an Asymmetric Algorithm
  • Installing Ubuntu Using Hyper-V Manager
  • Using a Symmetric Algorithm
2

Design Requirements

  • Using Windows Defender
  • Creating a Demilitarized Zone
  • Configuring a VPN
3

Data Classification

  • Displaying Metadata Information
  • Creating a Standard ACL
  • Enabling an Access Control List
4

Cloud Data Security

  • Building IPSec VPN
  • Configuring RAID 5
  • Generating a Symmetric Key
  • Generating an Asymmetric Key
  • Observing an MD5-Generated Hash Value
  • Observing an SHA-Generated Hash Value
5

Security in the Cloud

  • Performing a DoS Attack with SYN Flood
  • Performing a MITM Attack
  • Using Social Engineering Techniques to Plan an Attack
  • Installing Web Application Proxy
  • Performing a Credential-Based Brute-Force Attack
  • Taking a Full Backup
  • Taking an Incremental Backup
6

Responsibilities in the Cloud

  • Setting Up a Honeypot on Kali Linux
  • Configuring a Firewall for Inbound Rules
  • Removing Unnecessary Services
  • Using the Event Viewer
7

Cloud Application Security

  • Authorizing a User
  • Examining File Permissions
  • Conducting Cross-Site Request Forgery with Low Complexity
  • Attacking a Website Using Cross-Site Scripting (XSS) Injection
  • Conducting IP Spoofing
8

Operations Management

  • Verifying RAM Usage
  • Checking Disk Capacity
  • Using MBSA
9

Legal and Compliance Part 1

  • Completing the Chain of Custody

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

To qualify for this cybersecurity certification, you must pass the exam and have at least five years of cumulative, paid work experience in information technology, of which three years must be in information security, and one year in one or more of the six domains of the (ISC)² CCSP Common Body of Knowledge (CBK).

USD 599

Pearson VUE

Multiple choice

The exam contains 125 questions.

180 minutes

700

In the event that you fail your first attempt at passing the CCSP certification, ISC2's retake policy is:

  • If you don’t pass the exam the first time, you can retest after 30 days.
  • If you don’t pass a second time, you can retest after an additional 90 days.
  • If you don’t pass a third time, you can retest after 180 days from your most recent exam attempt.

Three years

Know more about the CCSP

Certified Cloud Security Professional (CCSP)

$279.99

Buy Now