Course
digicode: CCSP3
ISC2 Certified Cloud Security Professional® (CCSP®)
Course facts
- Ensuring and maintaining a high level of security for cloud services
- Understanding the different cloud models in terms of service models and architecture
- Understanding the security of cloud services from a deep and practical perspective
- Understanding global requirements from a regulatory and legal perspective
- Implementing the requirements in different cloud services (sourced from global providers or built and offered by them)
- Understanding software and software development security and identity and access management for both in-house and cloud services
- Analysing their practical applicability
- Preparing for the exam for the international «CCSP» certificate
1 Cloud Concepts, Architecture, and Design
Fundamentals of cloud computing models (IaaS, PaaS, SaaS), cloud reference architectures, and design principles. Understanding shared responsibility models, cloud service categories, architecture patterns, and security requirements when planning and designing cloud environments.
2 Cloud Data Security
Protecting data throughout its entire lifecycle – from classification and ownership to encryption and tokenization to data loss prevention (DLP), secure deletion procedures, and data protection requirements in cloud environments.
3 Cloud Platform & Infrastructure Security
Securing cloud infrastructures and platforms, including virtualization, compute, storage, and network resources. Protection against threats at the infrastructure level, as well as configuration, hardening, and monitoring of cloud environments.
4 Cloud Application Security
Secure design, development, integration, and operation of cloud applications. Use of secure development practices, API security, identity and access control in cloud applications, and securing containerized and serverless architectures.
5 Cloud Security Operations
Operation and monitoring of cloud security measures, including incident response, logging, monitoring, continuous risk monitoring, business continuity, and disaster recovery in cloud environments.
6 Legal, Risk & Compliance
Legal, regulatory, and contractual requirements in the cloud context. Risk management, compliance programs, international data protection requirements, auditing, and assessment of cloud providers and third-party risks.
CCSP® certification is ideal for you if you already work in a cloud or security role—or want to strategically specialize in cloud security. It is the decisive career step for:
Cloud architects & engineers:
As a cloud architect, cloud engineer, or professional cloud developer, you will deepen your expertise in cloud concepts, architecture & design, and cloud platform & infrastructure security in order to design and implement secure, scalable cloud environments.
Security specialists and analysts:
As a cloud security analyst or cloud specialist, you will strengthen your expertise in cloud data security, cloud application security, and cloud security operations in order to effectively protect data, workloads, and applications.
Administrators & Operators:
As a cloud administrator, you are responsible for the secure configuration, monitoring, and operational protection of cloud environments—including incident response, monitoring, and business continuity.
Consultants & Auditors:
As a cloud consultant or auditor of cloud services, you will sharpen your profile in legal, risk, and compliance, assess cloud risks, review regulatory requirements, and support organizations in secure cloud transformation.
The CCSP® is aimed at experienced IT and security professionals who want to raise their expertise in cloud architecture, operations, security, and compliance to an internationally recognized, strategic level.
CCSP® certification is aimed at experienced IT and cybersecurity professionals who actively contribute to the secure design and operation of cloud environments—for example, cloud architects, cloud engineers, cloud security analysts, administrators, consultants, or auditors of cloud services. CCSP® certification is particularly valuable for anyone seeking a responsible role in cloud security, cloud governance, or cloud risk management.
The certification requires at least five years of cumulative full-time professional experience in information technology (IT). Of these, three years must be in cybersecurity and at least one year in one or more of the six CCSP® domains of the current exam outline.
How to shorten the time:
- A post-secondary degree (bachelor's or master's) in computer science, IT, or a related field can replace up to one year of the required professional experience.
- Active CISSP® certification can replace the full professional experience required for CCSP®.
- Part-time employment and internships can also be counted toward the required professional experience.
Exam format
- Exam duration: 3 hours
- Number of questions: 100 to 150
- Format: Multiple choice & advanced question types
- Pass rate: 70% (700/1000 points)
- Language: English, Chinese, German, Japanese
Exam content
- Cloud Concepts, Architecture, and Design - 17%
- Cloud Data Security - 20%
- Cloud Platform & Infrastructure Security - 17%
- Cloud Application Security - 17%
- Cloud Security Operations - 16%
- Legal, Risk, and Compliance - 13%
Applying for certification
Once you have passed the CCSP® exam, you can apply for the official ISC2 certificate. To do so, you must sign the ISC2 Code of Ethics and have your professional experience verified by an actively certified ISC2 professional. Certification must be completed within nine months of the exam date. If you are unable to find a suitable person, ISC2 will assist you in validating your application.
Recertification
The CCSP® certificate is valid for three years. To maintain your certification, you must provide proof of continuing professional education (CPE) and pay the annual maintenance fee (AMF) to ISC2. This ensures that your expertise remains up to date and your status as a Certified Professional remains active.