ISC2 Certified Cloud Security Professional Certification badge achieved after attending CCSP ISC2 Cloud Certification Course
9.20

Fill-star Fill-star Fill-star Fill-star Fill-star Fill-star Fill-star Fill-star Fill-star half-star

(422 Reviews)

ISC2 CCSP Training - Certified Cloud Security Professional

Become a cloud security expert with CCSP. Master cloud security architecture, design, and operations for secure cloud adoption and management.

course: ISC2 CCSP - Certified Cloud Security Professional

Duration: 5 days

Format: Virtual or Classroom

prepare-exam Prepares for Exam : ISC2 Certified Cloud Security Professional Exam (CCSP)

certification-icon Prepares for Certification : ISC2 Certified Cloud Security Professional (CCSP)

ktk-icon Attend this and 60+ other Security courses for FREE with Unlimited Security Training

Overview

Advance your career with ISC2 CCSP - Certified Cloud Security Professional. Our expert-led training prepares you for success in the CCSP certification exam, propelling your career to new heights. Gain in-depth knowledge of cloud security, become certified, and enhance your skills to meet industry demands.


Who is ISC2 CCSP - Certified Cloud Security Professional training course for?

The ISC2 CCSP - Certified Cloud Security Professional training course is intended for IT professionals and security managers responsible for securing cloud environments and services. It covers various areas including cloud concepts, architecture, data security, platform and infrastructure security, application security, security operations, and legal and compliance aspects of cloud security. By completing the course and obtaining the certification, individuals demonstrate their expertise in securing cloud environments, understanding cloud architecture and design principles, implementing data security measures, managing cloud platforms, and addressing legal and compliance requirements. The CCSP certification validates their knowledge and skills in cloud security and enables them to effectively protect cloud-based systems and data.


Feedback from our CCSP delegates

Hans Sjöberg

Very rewarding and educational training with a professional and educational instructor. I will be well prepared when I take the exam

Kevin Reid

I would highly recommend Readynez for professionals who need time to focus on training + certification


Everything you need to get the results you want

Your Personal Learning Program will provide the skills you need, to help you do more of what you love. The 3-step learning program is built to teach you real applicable skills that open opportunities for you.


How we get you certified

Readynez365: Your Personal Learning Program

The Readynez365 platform provides an enhanced digital pathway for all your learning elements, from pre-studies to exam, making it the most direct route to new tech Skills. Pick what you want (and need) to get up to speed. It´s all laid out for you in Readynez365 well in advance of your courses.

Prepared Logo
Learning Designed For The Virtual Classroom

The training methodology is designed for the virtual classroom to inspire and engage you with a variation of hands-on training, presentations, labs and tests. You’ll also be glad to know that Virtual instructor-led training is loved by managers - it is the most cost-effective way to train.

Virtual Learning Logo
Expert Mentoring That Get’s You All The Way

There´s a maximum number of learners in the class to ensure your easy access to personal coaching. You’ll meet accredited expert instructors that are seasoned IT Professionals and Consultants certified to the highest level and bringing real-world experience into the classroom.

Expert Logo
Exam & Skills Focus

We´ll cover the ins and outs of the subject so that you can apply it in your day-to-day work, and you’ll even learn the specifics that you need to know for the exam. It’s your choice whether to sit the exam, or not, but with our detailed guides and hotline, we’ll make it easy to access your exam voucher, and schedule and sit the exam online

Social Learning Logo
Certification Guarantee

Your access to training is unlimited and you can train as much as you want until you successfully pass your exam.

Sustainable Learning - Train with a Clear Conscience

Train with a clear conscience with training that makes a 96% lower carbon footprint compared to in-classroom training. Our organisation operates with minimal environmental impact and we´ve reduced our Co2 emission with 96% since 2020.We are compliant with the ISO 14001 throughout our entire supply chain as your guarantee for our sustainable business practices.


What you will learn during our ISC2 CCSP training

- Definitions of cloud computing
- Roles in cloud computing (e.g. cloud service customer, cloud service provider, cloud service partner, cloud service broker)
- Key features of cloud computing (e.g. self-service on demand, wide network access, multi-tenancy, rapid elasticity and scaling, resource pooling, metered service)
- Building block technologies (e.g. virtualization, storage, networking, databases, orchestration)
- 1.2 Describe Cloud Reference Architecture Activities with cloud computing
- Cloud service functionalities (e.g. application feature types, platform feature types, infrastructure feature types)
- Cloud service categories (e.g. software as a service (SaaS), infrastructure as a service (IaaS), platform as a service (PaaS))
- Cloud deployment models (e.g. public, private, hybrid, community)
- Common cloud considerations (eg interoperability, portability, reversibility, availability, security, privacy, robustness, performance, governance, maintenance and versioning, service levels and service level agreements (SLA), auditing, regulation)
- Impact of related technologies (e.g. machine learning, artificial intelligence, blockchain, internet of things (IoT), containers, quantum computing)
- 1.3 Understand security concepts relevant to cloud computing
- Cryptography and key management
- Access control
- Sanitization of data and media (e.g. overwriting, cryptographic erasure)
- Network security (eg network security groups)
- Virtualization security (e.g. hypervisor security, container security)
- Common threats
- 1.4 Understand design principles for secure cloud computing
- Cloud Secure Data Lifecycle
- Cloud based Disaster Recovery (DR) and Business Continuity (BC) planning
- Cost/benefit assessment
- Functional security requirements (e.g. portability, interoperability, vendor lock-in)
- Security considerations for different cloud categories (e.g. Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS))
- 1.5 Evaluate cloud service providers
- Verification against criteria (e.g. International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27017, Payment Card Industry Data Security Standard (PCI DSS))
- System/sub-system products

- Phases of cloud data life cycle phases
- Data dissemination
- 2.1 Design and implement architectures for cloud data storage
- Storage types (e.g. long-term, ephemeral, raw disk)
- Threats to storage types
- 2.2 Design and apply data security technology and strategies
- Encryption and key management
- Hashing
- Maybe
- Tokenization
- Data Loss Prevention (DLP)
- Data Obfuscation
- Data de-identification (e.g. anonymisation)
- 2.3 Implement data discovery > Structured data
- Structured data
- Unstructured data
- 2.4 Implement data classification
- Mapping
- Marking
- Sensitive Data (e.g. Protected Health Information (PHI), Personally Identifiable Information (PII), Cardholder Data)
- 2.5 Design and information rights management (IRM)
- Objectives (e.g. data rights, provisioning, access models)
- Appropriate tools (e.g. issuance and revocation of certificates)
- 2.6 Plan and implement policies for data retention, deletion and archiving
- Data retention policies
- Data deletion procedures and mechanisms
- Data archiving procedures and mechanisms
- Legal team
- 2.7 Define and implement auditability, traceability and accountability for data events
- Definition of event sources and requirements for identity attribution
- Logging, storage and analysis of data events
- Chain control and non-judgment

- Physical environment
- Network and communications
- Calculations
- Virtualization
- Storage
- Management plan
- 3.1 Design a secure data center
- Logical design (e.g. tenant partitioning, access control)
- Physical design (e.g. location, purchase or build)
- Environmental design (e.g. heating, ventilation and air conditioning (HVAC), connection with multi-vendors)
- 3.2 Analyze risks associated with cloud infrastructure
- Risk assessment and analysis
- Cloud vulnerabilities, threats and attacks
- Virtualization risks
- Counter strategies
- 3.3 Design and plan security controls
- Physical and environmental protection (e.g. on-site)
- System and communication protection
- Protection of virtualization systems
- Identification, authentication and authorization in cloud infrastructure
- Audit mechanisms (e.g. log collection, packet collection)
- 3.4 Plan emergency plans (DR) and business continuity (BC)
- Risks related to the cloud environment
- Business requirements (e.g. restore time objective (RTO), restore point objective (RPO), restore service level (RSL))
- Business continuity/disaster plan strategy
- Creation, implementation and testing of plan

- Basics in cloud development
- Common pitfalls
- Common cloud vulnerabilities
- 4.1 Describe the secure software development life cycle (SDLC) process
- Business requirements
- Phases and methods
- 4.2 Apply the Secure Software Development Life Cycle (SDLC)
- Avoid common vulnerabilities during development
- Risks specific to the cloud
- Quality assurance
- Threat modeling
- Software configuration management and versioning
- 4.3 Use software security and validation
- Function test
- Security testing methods
- 4.4 Use verified secure software
- Approved Application Programming Interfaces (API)
- Supply chain management
- Third party software management
- Validated open source software
- 4.5 Understand specific to cloud application architecture
- Additional security components (e.g. Web Application Firewall (WAF), Database Activity Monitoring (DAM), Extensible Markup Language (XML) firewall, Application Programming Interface (API) gateway)
- Encryption
- Sand box
- Application virtualization and orchestration
- 4.6 Design appropriate identity and access management (IAM) solutions
- Federal identity
- Identity providers
- Single sign-on (SSO)
- Multi-factor authentication
- Cloud Access Security Broker (CASB)

- Hardware specific security configuration requirements (e.g. Basic Input Output System (BIOS), virtualization and Trusted Platform Module (TPM) settings, storage management, network management)
- Installation and configuration of virtualization management tools
- Specific security configuration requirements for virtual hardware (eg network, storage, memory, central processing unit (CPU))
- Installation of guest operating system (OS) virtualization toolkit
- 5.1 Operation physical and logical infrastructure for cloud environment
- Configure access control for local and remote access (eg Secure Keyboard Video Mouse (KVM), console-based access mechanism, Remote Desktop Protocol (RDP))
- Secure network configuration (e.g. Virtual Local Area Networks (VLAN), Transport Layer Security (TLS), Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), Virtual Private Network (VPN))
- Guest operating system (OS) provisioning through the use of bases (eg Windows, Linux, VMware)
- Availability of stand-alone hosts
- Availability of cluster hosts (eg Distributed Resource Scheduling (DRS), Dynamic Optimization (DO), Storage Cluster, Maintenance Mode, High Availability)
- Availability of guest operating system (OS)
- 5.2 Manage physical and logical infrastructure for cloud environment
- Access control for remote access (e.g. Remote Desktop Protocol (RDP), secure terminal access, Secure Shell (SSH))
- Basic operating system (OS) compliance checks and patches
- Patch Management
- Performance and capacity monitoring (e.g. network, compute, storage, response time)
- Hardware monitoring (eg disk, central processing unit (CPU), fan speed, temperature)
- Configuration of host and guest operating system (OS) backup and restore functions
- Network security controls (eg firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), honeypots, vulnerability assessments, network security groups)
- Management plan (e.g. planning, orchestration, maintenance)
- 5.3 Implement operator controls and standards (e.g. information technology infrastructure library (ITIL), International organization for standardization/International electrotechnical commission (ISO/IEC) 2000-1)
- Change management
- Continuity management
- Information security management
- Continuous service improvement management
- Incident management
- Problem management
- Broadcast management
- Configuration management
- Service level management
- Availability management
- Capacity management
- 5.4 Support digital rhetoric
- Forensic data collection methods
- Evidence management
- Collection, acquisition and preservation of digital evidence
- 5.5 Manage communication with relevant parties
- Supplier
- Customers
- Partners
- Regulators
- Other stakeholders
- 5.6 Manage security operations
- Security Operations Center (SOC)
- Monitoring security controls (e.g. firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), honeypots, vulnerability assessments, network security groups)
- Logging and analysis (e.g. Security Information and Event Management (SIEM), logging management)
- Handling of incidents

- Contradictions in international law
- Evaluation of legal risks specific to cloud computing
- Legal and guidance frameworks
- eDiscovery (e.g. International Organization for Standardization / International Electrotechnical Commission (ISO / IEC) 27050, Cloud Security Alliance (CSA) guidance)
- Forensic requirements
- 6.1 Understand personal data issues
- Difference between contractual and regulatory private data (e.g. protected health information (PHI), personally identifiable information (PII)) - Country-specific legislation on private data (e.g. protected health information (PHI), personally identifiable information (PII))
- Legal differences in data protection
- Standard privacy requirements (e.g. International Organization for Standardization / International Electrotechnical Commission (ISO / IEC) 27018, Generally Accepted Privacy Principles (GAPP), General Data Protection Regulation (GDPR))
- 6.2 Understand the audit process, methods and required adaptation to a cloud environment
- Internal and external audit controls
- Effects of audit requirements
- Identifying support issues regarding virtualization and cloud
- Types of audit reports (e.g. Statement on Standards for Attestation Engagements (SSAE), Security Operations Center (SOC), International Standard on Assurance Engagements (ISAE))
- Limitations of audit scope opinions (e.g. Statement on Standards for Attestation Engagements (SSAE), International Standard on Assurance Engagements (ISAE))
- Salary analysis
- Audit planning
- Internal information security management (ISMS)
- Internal information security control system
- Policies (e.g. organization, function, cloud computing)
- Identification and involvement of relevant stakeholders
- Special compliance requirements for highly regulated industries (e.g. North American Electric Reliability Corporation / Critical Infrastructure Protection (NERC / CIP), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI))
- Impact of information and technology (IT) distribution model (e.g. different geographical locations and crossing legal jurisdictions)
- 6.3 Understand the implications of the cloud for the company's risk management
- Assess suppliers' risk management programs (e.g. controls, methods, policies)
- Difference between data owner / controller vs. data keeper / processor (e.g. risk profile, risk threshold, responsibility)
- Regulatory transparency requirements (e.g. breach notification, Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR))
- Risk management (ie avoid, modify, share, retain)
- Different risk frameworks
- Metrics for risk management
- Assessment of risk environment (e.g. service, supplier, infrastructure)
- 6.4 Understand outsourcing and cloud contract design
- Business requirements (e.g. service agreement (SLA), master service agreement (MSA), description of work (SOW))
- Supplier management
- Contract management (e.g. right to audit, metrics, definitions, termination, litigation, security, compliance, access to cloud / data, cyber risk insurance)
- Supply chain management (e.g. International Organization for Standardization / International Electrotechnical Commission (ISO / IEC) 27036)


Meet our instructors

Meet some of the Readynez Instructors you can meet on your course. They are experts, passionate about what they do, and dedicated to give back to their industry, their field, and those who want to learn, explore, and advance in their careers.

Kevin Henry
#CISSP #CCSP #CISM #CISA #CRISC #CSSLP #SSCP #COBIT #ISO27001

Kevin has served for years as an authorised instructor for (ISC)2 and is renowned for his 20-year contribution to learners training for IT security skills

Friedhelm Düsterhöft
#CISSP #CCSP #CDPO #CISM #CRISC #ISO

Friedhelm Düsterhöft has 30+ years of work experience in IT, Information Security and Data Privacy.

James Rowney
#CISSP #CCSP #CISM #CISA #CRISC

James is recognised for his more than 20 years of contribution to learning and certification within IT Security.


How to best be prepared for our ISC2 CCSP training

At Readynez, we provide many resources and have experienced experts in the field. That is why we are also very successful with many satisfied customers. You can therefore safely take your course with us. To take our CCSP course, you need to have some experience in the field in advance.

You thus have the perfect starting point to take the course with these prerequisites:

  • It is strongly recommended that you have a minimum of five years of full-time experience in information technology, including three years of work experience in IT security and one year in cloud computing.
  • You must also be able to demonstrate knowledge within one or more of the six CBK domains:
    • Domain 1: Cloud Concepts, Architecture and Design
    • Domain 2: Cloud Data Security
    • Domain 3: Cloud Platform and Infrastructure Security
    • Domain 4: Cloud Application Security
    • Domain 5: Cloud Security Operations
    • Domain 6: Legal, Risk and Compliance


Our track record

With 15 years experience and more than 50.000 happy customers from all over the world, companies such as ALSO, ATEA, Microsoft, Serco, and many more, trust Readynez to help them train and certify their staff.

  • [Dictionary item: Green-check] Top rated courses, with learners most often rating their training 10/10
  • [Dictionary item: Green-check] Globally recognized expert instructors, many of which are MVP's
  • [Dictionary item: Green-check] 50.000 delegates trained and certified
  • [Dictionary item: Green-check] Trusted provider of large training projects for many large companies

These are just some of the many major brands trusting Readynez.


Others also attended

ISACA CISM Certification Training

Forge a path to success with the ISACA CISM certification, a pinnacle in information security management. Gain expert training for the CISM exam, become certified, and fortify your role as a leader in protecting information assets. Propel your career to new heights with a certification that sets you apart in the cybersecurity realm. Elevate your skills, advance in your career, and secure a future at the forefront of information security.

VIEW COURSE
ISC2 CISSP - Certified Information Systems Security Professional

Elevate your cybersecurity career with ISC2 CISSP - the gold standard in information security certifications and training. Validate your expertise in designing, implementing, and managing a secure IT environment. Gain recognition globally as a Certified Information Systems Security Professional, unlocking opportunities and establishing yourself as a trusted leader in the ever-evolving field of cybersecurity.

VIEW COURSE

FAQ - THE CCSP CERTIFIED CLOUD SECURITY PROFESSIONAL COURSE

The Virtual Classroom is an online room, where you will join your instructor and fellow classmates in real time. Everything happens live and you can interact freely, discuss, ask questions, and watch your instructor present on a whiteboard, discuss the courseware and slides, work with labs, and review.

Your exam voucher is usually included in your virtual training package. When you´re ready to sit your exam, you just book it with the exam provider. You can sit most exams from home or at a local test centre. We’re here to help you with that process.

Yes, you can sit exams from all the major Vendors like Microsoft, Cisco etc from the comfort of your home or office.

With Readynez you do any course form the comfort of your home or office. Readynez provides support and best practices for your at-home classroom and you can enjoy learning with minimal impact on your day-to-day life. Plus you'll save the cost and the environmental burden of travelling.

Well, learning is limitless, when you are motivated, but you need the right path to achieve what you want. Readynez consultants have many years of experience customizing learner paths and we can design one for you too. We are always available with help and guidance, and you can reach us on the chat or write us at info@readynez.com.

The CCSP is a globally recognized certification for the highest level of expertise in cloud security. As a result, it was co-created by the leading stewards for information security and cloud computing security, the Cloud Security Alliance (CSA).

In order to earn this certification, you must have a deep understanding of cloud security architecture, design, operations, and service orchestration.

Cloud security architects, designers, operators, and orchestrators with the CCSP credential have demonstrated their ability to apply industry best practices to all aspects of cloud security. It demonstrates that you're at the cutting edge of cloud security.

Security professionals who successfully complete the Certified Cloud Security Professional (CCSP) exam are recognized as experts in their field. The CCSP exam is designed to ensure that cloud security professionals have the required knowledge, skills and abilities in cloud security design, implementation, architecture, operations, controls and compliance with regulatory frameworks.

The ideal candidates are more senior IT architects and security professionals, including engineers, and the must hold a minimum of five years of experience in IT, three of which must be in information security, with one year in cloud computing. The candidate should also be able to demonstrate capabilities in each of the six CBK domains (see below in “What is the syllabus for the CCSP Certification”).

The CCSP exam costs $599, and costs are comparable in local currencies in the European Union and the United Kingdom.

The CCSP exam is not included in your Readynez course.

To achieve the CCSP certification, please consider the following:

  • Candidates must have a cumulative total of five years of paid, full-time work experience in information technology
  • Three years must be spent in information security, and one year must be spent in one or more of the CCSP Common Body of Knowledge's six domains (CBK).
  • Earning the CISSP credential from (ISC)2 can be used to satisfy the entire CCSP experience requirement

Your CCSP certification is valid for a period of three years. The member must, however, continue to complete certain standards in order to keep his or her certification active and effective.

Typical job roles for people holding this certification are;

  • Security Administrator
  • Security Consultant
  • Security Engineer
  • Security Architect
  • Security Manager
  • Systems Engineer
  • Systems Architect
  • Enterprise Architect

The syllabus for the CCSP exam includes the following domains:

  • Cloud Concepts, Architecture and Design
  • Cloud Data Security
  • Cloud Platform and Infrastructure Security
  • Cloud Application Security
  • Cloud Security Operations
  • Legal, Risk and Compliance

Yes, the CCSP is the official ISC2 Cloud Certification.

Our ISC2 CCSP training is a 5 day ISc2 Cloud Certification course. 

Yes, our ISC2 Cloud Certification course CCSP is available virtually.

Basket

{{item.CourseTitle}}

Price: {{item.ItemPriceExVatFormatted}} {{item.Currency}}