About our courses

Through years of experience working with more than 1000 top companies in the world, we ́ve architected the Readynez method for learning.
Train in any technology using the award-winning Readynez method and combine any variation of learning style, technology and place, to take learning ambitions from intent to impact.

Learn more about Readynez Training
Isc2 CCSP
9.20

(359 Reviews)

(ISC)2 CCSP - Certified Cloud Security Professional

Your personal Learning Program with everything you need to best prepare for the (ISC)2 CCSP Exam and become a Certified Cloud Security Professional, supported by your expert instructor.

course: (ISC)2 CCSP - Certified Cloud Security Professional

Duration: 5 day(s)

Format: [Dictionary item: Virtual or Classroom]

Prepares for Exam : (ISC)2 Certified Cloud Security Professional (CCSP)

Prepares for Certification : (ISC)2: Certified Cloud Security Professional (CCSP)

The Best Course to get Your CCSP Exam and Certification - with Certification Guarantee!

Achieving the (ISC) Certified Cloud Security Professional certification is not an easy task, but with your Readynez Course and Learning Program we’ve done everything we can to support you from start to finish, ensuring you have the optimal conditions to succeed. That includes the best resources available to help you prepare, including relevant online courses, practice test for Exam prep, study guides, exam support and guides etc, all made easily accessible to you in our Learning Platform. If you select our Virtual Training option, you also contribute to a more sustainable world with a reduction in CO2 emission of 96% compared to the in-classroom option.

  • Includes a comprehensive set of Learning materials for the best possible Exam prep
  • Best rated and valued Cloud Security Certification on the Market
  • Includes access to Online CISM Course from Pluralsight written by Kevin Henry
  • Full support available helping you register, prepare for and sit your exam

Feedback From Our CCSP Delegates

Hans Sjöberg
Hans Sjöberg

Very rewarding and educational training with a professional and educational instructor. I will be well prepared when I take the exam

Kevin Reid
Kevin Reid

I would highly recommend Readynez for professionals who need time to focus on training + certification


Everything You Need To Get The Results You Want

Your Personal Learning Program will provide the skills you need, to help you do more of what you love. The 3-step learning program is built to teach you real applicable skills that open opportunities for you.


How We Get You Certified

Readynez365: Your Personal Learning Program

The Readynez365 platform provides an enhanced digital pathway for all your learning elements, from pre-studies to exam, making it the most direct route to new tech Skills. Pick what you want (and need) to get up to speed. It´s all laid out for you in Readynez365 well in advance of your courses.

Learning Designed For The Virtual Classroom

The training methodology is designed for the virtual classroom to inspire and engage you with a variation of hands-on training, presentations, labs and tests. You’ll also be glad to know that Virtual instructor-led training is loved by managers - it is the most cost-effective way to train.

Expert Mentoring That Get’s You All The Way

There´s a maximum number of learners in the class to ensure your easy access to personal coaching. You’ll meet accredited expert instructors that are seasoned IT Professionals and Consultants certified to the highest level and bringing real-world experience into the classroom.

Exam & Skills Focus

We´ll cover the ins and outs of the subject so that you can apply it in your day-to-day work, and you’ll even learn the specifics that you need to know for the exam. It’s your choice whether to sit the exam, or not, but with our detailed guides and hotline, we’ll make it easy to access your exam voucher, and schedule and sit the exam online

Certification Guarantee

Your access to training is unlimited and you can train as much as you want until you successfully pass your exam.

Sustainable Learning - Train with a Clear Conscience

Train with a clear conscience with training that makes a 96% lower carbon footprint compared to in-classroom training. Our organisation operates with minimal environmental impact and we´ve reduced our Co2 emission with 96% since 2020.We are compliant with the ISO 14001 throughout our entire supply chain as your guarantee for our sustainable business practices.


What You will Learn During Our CCSP Course

- Cloud Computing Definitions
- Cloud Computing Roles (e.g., cloud service customer, cloud service provider, cloud service partner, cloud service broker)
- Key Cloud Computing Characteristics (e.g., on-demand self-service, broad network access, multi-tenancy, rapid elasticity and scalability, resource pooling, measured service)
- Building Block Technologies (e.g., virtualization, storage, networking, databases, orchestration)

- Cloud Computing Activities
- Cloud Service Capabilities (e.g., application capability types, platform capability types, infrastructure capability types)
- Cloud Service Categories (e.g., Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS))
- Cloud Deployment Models (e.g., public, private, hybrid, community)
- Cloud Shared Considerations (e.g., interoperability, portability, reversibility, availability, security, privacy, resiliency, performance, governance, maintenance and versioning, service levels and Service Level Agreements (SLA), auditability, regulatory)
- Impact of Related Technologies (e.g., machine learning, artificial intelligence, blockchain, Internet of Things (IoT), containers, quantum computing)

- Cryptography and Key Management
- Access Control
- Data and Media Sanitization (e.g., overwriting, cryptographic erase)
- Network Security (e.g., network security groups)
- Virtualization Security (e.g., hypervisor security, container security)
- Common Threats

- Cloud Secure Data Lifecycle
- Cloud based Disaster Recovery (DR) and Business Continuity (BC) planning
- Cost Benefit Analysis
- Functional Security Requirements (e.g., portability, interoperability, vendor lock-in)
- Security Considerations for Different Cloud Categories (e.g., Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS))

- Verification Against Criteria (e.g., International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27017, Payment Card Industry Data Security Standard (PCI DSS))
- System/subsystem Prod

- Cloud Data Life Cycle Phases
- Data Dispersion

- Storage Types (e.g. long term, ephemeral, raw-disk)
- Threats to Storage Types

- Encryption and Key Management
- Hashing
- Masking
- Tokenization
- Data Loss Prevention (DLP)
- Data Obfuscation
- Data De-identification (e.g., anonymization)

- Structured Data
- Unstructured Data

- Mapping
- Labeling
- Sensitive data (e.g., Protected Health Information (PHI), Personally Identifiable Information (PII), card holder data)

- Objectives (e.g., data rights, provisioning, access models)
- Appropriate Tools (e.g., issuing and revocation of certificates)

- Data Retention Policies
- Data Deletion Procedures and Mechanisms
- Data Archiving Procedures and Mechanisms
- Legal Hold

- Definition of Event Sources and Requirement of Identity Attribution
- Logging, Storage and Analysis of Data Events
- Chain of Custody and Non-repudiation

- Physical Environment
- Network and Communications
- Compute
- Virtualization
- Storage
- Management Plane

- Logical Design (e.g., tenant partitioning, access control)
- Physical Design (e.g. location, buy or build)
- Environmental Design (e.g., Heating, Ventilation and Air Conditioning (HVAC), multi-vendor pathway connectivity

- Risk Assessment and Analysis
- Cloud Vulnerabilities, Threats and Attacks
- Virtualization Risks
- Counter-measure Strategies

- Physical and Environmental Protection (e.g., on-premise)
- System and Communication Protection
- Virtualization Systems Protection
- Identification, Authentication and Authorization in Cloud Infrastructure
- Audit Mechanisms (e.g., log collection, packet capture)

- Risks Related to the Cloud Environment
- Business Requirements (e.g., Recovery Time Objective (RTO), Recovery Point Objective (RPO), Recovery Service Level (RSL))
- Business Continuity/Disaster Recovery Strategy
- Creation, Implementation and Testing of Plan

- Cloud Development Basics
- Common Pitfalls
- Common Cloud Vulnerabilities

- Business Requirements
- Phases and Methodologies

- Avoid Common Vulnerabilities During Development
- Cloud-specific Risks
- Quality Assurance
- Threat Modeling
- Software Configuration Management and Versioning

- Functional Testing
- Security Testing Methodologies

- Approved Application Programming Interfaces (API)
- Supply-chain Management
- Third Party Software Management
- Validated Open Source Software

- Supplemental Security components (e.g., Web Application Firewall (WAF), Database Activity Monitoring (DAM), Extensible Markup Language (XML) firewalls, Application Programming Interface (API) gateway)
- Cryptography
- Sandboxing
- Application Virtualization and Orchestration

- Federated Identity
- Identity Providers
- Single Sign-On (SSO)
- Multi-factor Authentication
- Cloud Access Security Broker (CASB)

- Hardware Specific Security Configuration Requirements (e.g., Basic Input Output System (BIOS), settings for virtualization and Trusted Platform Module (TPM), storage controllers, network controllers)
- Installation and Configuration of Virtualization Management Tools
- Virtual Hardware Specific Security Configuration Requirements (e.g., network, storage, memory, Central Processing Unit (CPU))
- Installation of Guest Operating System (OS) Virtualization Toolsets

- Configure Access Control for Local and Remote Access (e.g., Secure Keyboard Video Mouse (KVM), console-based access mechanisms, Remote Desktop Protocol (RDP))
- Secure Network Configuration (e.g., Virtual Local Area Networks (VLAN), Transport Layer Security (TLS), Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), Virtual Private Network (VPN))
- Operating System (OS) Hardening Through the Application of Baselines (e.g., Windows, Linux, VMware)
- Availability of Stand-Alone Hosts
- Availability of Clustered Hosts (e.g., Distributed Resource Scheduling (DRS), Dynamic Optimization (DO), storage clusters, maintenance mode, High Availability)
- Availability of Guest Operating System (OS)

- Access Controls for Remote Access (e.g., Remote Desktop Protocol (RDP), Secure Terminal Access, Secure Shell (SSH))
- Operating System (OS) Baseline Compliance Monitoring and Remediation
- Patch Management
- Performance and Capacity Monitoring (e.g., network, compute, storage, response time)
- Hardware Monitoring (e.g., Disk, Central Processing Unit (CPU), fan speed, temperature)
- Configuration of Host and Guest Operating System (OS) Backup and Restore Functions
- Network Security Controls (e.g., firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), honeypots, vulnerability assessments, network security groups)
- Management Plane (e.g., scheduling, orchestration, maintenance)

- Change Management
- Continuity Management
- Information Security Management
- Continual Service Improvement Management
- Incident Management
- Problem Management
- Release Management
- Deployment Management
- Configuration Management
- Service level Management
- Availability Management
- Capacity Management

- Forensic Data Collection Methodologies
- Evidence Management
- Collect, Acquire and Preserve Digital Evidence

- Vendors
- Customers
- Partners
- Regulators
- Other Stakeholders

- Security Operations Center (SOC)
- Monitoring of Security Controls (e.g., firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), honeypots, vulnerability assessments, network security groups)
- Log Capture and Analysis (e.g., Security Information and Event Management (SIEM), log management)
- Incident Management

- Conflicting International Legislation
- Evaluation of Legal Risks Specific to Cloud Computing
- Legal Framework and Guidelines
- eDiscovery (e.g., International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27050, Cloud Security Alliance (CSA) Guidance)
- Forensics Requirements

- Difference Between Contractual and Regulated Private Data (e.g., Protected Health Information (PHI), Personally Identifiable Information (PII))
- Country-Specific Legislation Related to Private Data (e.g., Protected Health Information (PHI), Personally Identifiable Information (PII))
- Jurisdictional Differences in Data Privacy
- Standard Privacy Requirements (e.g., International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27018, Generally Accepted Privacy Principles (GAPP), General Data Protection Regulation (GDPR))

- Internal and External Audit Controls
- Impact of Audit Requirements
- Identify Assurance Challenges of Virtualization and Cloud
- Types of Audit Reports (e.g., Statement on Standards for Attestation Engagements (SSAE), Security Operations Center (SOC), International Standard on Assurance Engagements (ISAE))
- Restrictions of Audit Scope Statements (e.g., Statement on Standards for Attestation Engagements (SSAE), International Standard on Assurance Engagements (ISAE))
- Gap Analysis
- Audit Planning
- Internal Information Security Management System (ISMS)
- Internal Information Security Controls System
- Policies (e.g., organizational, functional, cloud computing)
- Identification and Involvement of Relevant Stakeholders
- Specialized Compliance Requirements for Highly-Regulated Industries (e.g., North American Electric Reliability Corporation/ Critical Infrastructure Protection (NERC/CIP), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI))
- Impact of Distributed Information Technology (IT) Model (e.g., diverse geographical locations and crossing over legal jurisdictions)

- Assess Providers Risk Management Programs (e.g., controls, methodologies, policies)
- Difference Between Data Owner/Controller vs. Data Custodian/Processor (e.g., risk profile, risk appetite, responsibility)
- Regulatory Transparency Requirements (e.g., breach notification, Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR))
- Risk Treatment (i.e., avoid, modify, share, retain)
- Different Risk Frameworks
- Metrics for Risk Management
- Assessment of Risk Environment (e.g., service, vendor, infrastructure)

- Business Requirements (e.g., Service Level Agreement (SLA), Master Service Agreement (MSA), Statement of Work (SOW))
- Vendor Management
- Contract Management (e.g., right to audit, metrics, definitions, termination, litigation, assurance, compliance, access to cloud/data, cyber risk insurance)
- Supply-Chain Management (e.g., International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27036)


Meet Our Instructors

Meet some of the Readynez Instructors you can meet on your course. They are experts, passionate about what they do, and dedicated to give back to their industry, their field, and those who want to learn, explore, and advance in their careers.

Kevin Henry
Kevin Henry
#CISSP #CCSP #CISM #CISA #CRISC #CSSLP #SSCP #COBIT #ISO27001

Kevin has served for years as an authorised instructor for (ISC)2 and is renowned for his 20-year contribution to learners training for IT security skills

Friedhelm Düsterhöft
Friedhelm Düsterhöft
#CISSP #CCSP #CDPO #CISM #CRISC #ISO

Friedhelm Düsterhöft has 30+ years of work experience in IT, Information Security and Data Privacy.

James Rowney (1)
James Rowney
#CISSP #CCSP #CISM #CISA #CRISC

James is recognised for his more than 20 years of contribution to learning and certification within IT Security.


How to Best Be Prepared for our CCSP Course

You´ll have the perfect starting point for your training with these prerequisites: it's highly recommended that you have a minimum of five years of full-time work experience in information technology, including three years' work experience in IT security and one year in cloud computing. You should also be able to demonstrate knowledge in one or more of the six CBK domains: Domain 1: Cloud Concepts, Architecture, and Design, Domain 2: Cloud Data Security, Domain 3: Cloud Platform and Infrastructure Security, Domain 4: Cloud Application Security, Domain 5: Cloud Security Operations and Domain 6: Legal, Risk, and Compliance


Our Track Record

With 15 years experience and more than 35.000 happy customers from all over the world, companies such as ALSO, ATEA, Microsoft, Serco, and many more, trust Readynez to help them train and certify their staff.

  • Top rated courses, with learners most often rating their training 10/10
  • Globally recognized expert instructors, many of which are MVP's
  • 35.000 delegates trained and certified
  • Trusted provider of large training projects for many large companies

These are just some of the many major brands trusting Readynez.

Also Logo Kmd Logo Atea Logo Microsoft Logo Serco Logo

Others Also Attended

ISACA CISM Certification

Achieving the ISACA CISM certification is not an easy task, but with your Readynez Course and Learning Program we’ve done everything we can to support you from start to finish, ensuring you have the optimal conditions to succeed. That includes the best resources available to help you prepare, including relevant online courses, practice test for Exam prep, study guides, exam support and guides etc, all made easily accessible to you in our Learning Platform. If you select our Virtual Training option, you also contribute to a more sustainable world with a reduction in CO2 emission of 96% compared to the in-classroom option.

VIEW COURSE
(ISC)2 CISSP - Certified Information Systems Security Professional

CISSP is the gold standard credential to pursue for IT security professionals. It remains at the very top of the game and is a requirement for a majority of senior IT security roles. The CISSP certification proves you have the advanced skills, knowledge and commitment required, to command higher wages. The challenging standards require students to have at least 5 years of experience in two of the eight (ISC)2 domains. Additionally, you must complete a 100-150 multiple choice- and advanced innovative questions exam in order to be officially certified. This is no walk in the park and that’s why the Readynez CISSP course- and certification program is taught by experts who will work with you before, during and after your course to ensure you're best prepared for the exam. Although a difficult process, the return on investment makes it one of the most highly sought after courses available.

VIEW COURSE

FAQ - THE CCSP CERTIFIED CLOUD SECURITY PROFESSIONAL COURSE

The Virtual Classroom is an online room, where you will join your instructor and fellow classmates in real time. Everything happens live and you can interact freely, discuss, ask questions, and watch your instructor present on a whiteboard, discuss the courseware and slides, work with labs, and review.

Your exam voucher is usually included in your virtual training package. When you´re ready to sit your exam, you just book it with the exam provider. You can sit most exams from home or at a local test centre. We’re here to help you with that process.

Yes, you can sit exams from all the major Vendors like Microsoft, Cisco etc from the comfort of your home or office.

With Readynez you do any course form the comfort of your home or office. Readynez provides support and best practices for your at-home classroom and you can enjoy learning with minimal impact on your day-to-day life. Plus you'll save the cost and the environmental burden of travelling.

Well, learning is limitless, when you are motivated, but you need the right path to achieve what you want. Readynez consultants have many years of experience customizing learner paths and we can design one for you too. We are always available with help and guidance, and you can reach us on the chat or write us at info@readynez.com.

The CCSP is a globally recognized certification for the highest level of expertise in cloud security. As a result, it was co-created by the leading stewards for information security and cloud computing security, the Cloud Security Alliance (CSA).

In order to earn this certification, you must have a deep understanding of cloud security architecture, design, operations, and service orchestration.

Cloud security architects, designers, operators, and orchestrators with the CCSP credential have demonstrated their ability to apply industry best practices to all aspects of cloud security. It demonstrates that you're at the cutting edge of cloud security.

Security professionals who successfully complete the Certified Cloud Security Professional (CCSP) exam are recognized as experts in their field. The CCSP exam is designed to ensure that cloud security professionals have the required knowledge, skills and abilities in cloud security design, implementation, architecture, operations, controls and compliance with regulatory frameworks.

The ideal candidates are more senior IT architects and security professionals, including engineers, and the must hold a minimum of five years of experience in IT, three of which must be in information security, with one year in cloud computing. The candidate should also be able to demonstrate capabilities in each of the six CBK domains (see below in “What is the syllabus for the CCSP Certification”).

The CCSP exam costs $599, and costs are comparable in local currencies in the European Union and the United Kingdom.

The CCSP exam is not included in your Readynez course.

To achieve the CCSP certification, please consider the following:

  • Candidates must have a cumulative total of five years of paid, full-time work experience in information technology
  • Three years must be spent in information security, and one year must be spent in one or more of the CCSP Common Body of Knowledge's six domains (CBK).
  • Earning the CISSP credential from (ISC)2 can be used to satisfy the entire CCSP experience requirement

Your CCSP certification is valid for a period of three years. The member must, however, continue to complete certain standards in order to keep his or her certification active and effective.

Typical job roles for people holding this certification are;

  • Security Administrator
  • Security Consultant
  • Security Engineer
  • Security Architect
  • Security Manager
  • Systems Engineer
  • Systems Architect
  • Enterprise Architect

The syllabus for the CCSP exam includes the following domains:

  • Cloud Concepts, Architecture and Design
  • Cloud Data Security
  • Cloud Platform and Infrastructure Security
  • Cloud Application Security
  • Cloud Security Operations
  • Legal, Risk and Compliance

Basket

{{item.CourseTitle}}

Price: {{item.ItemPriceExVatFormatted}} {{item.Currency}}