Ultimate Ccsp Certified Cloud Security Professional Training

Train for ISC2 CCSP and Get the Knowledge and Skills needed to Build, Maintain, Assess Cloud Infrastructure #UNOFFICIAL

What you'll learn

Learn the Knowledge areas of the 6 Domains of CCSP in detail

Get Real World Examples that will help you in your preparation efforts for the CCSP Exam

Get Access to +22 Hours of Training Content that is curated to help you master the concepts

Access to Handy and useful resources that will help you toward CCSP achievement

Requirements

Basic IT & Security Knowledge

Understanding the Cloud Computing Concept and Idea

Passion and willingness to pursue the ISC2 CCSP Certification

Description

What is the CCSP?The Certified Cloud Security Professional (CCSP) certification is an industry-leading credential developed by (ISC)² to validate the expertise of professionals in cloud security. The primary goal of the CCSP certification is to ensure that cloud security professionals possess the necessary knowledge, skills, and abilities to design, implement, and manage cloud security architectures, operations, and controls while complying with regulatory frameworks.This certification is designed to demonstrate a deep understanding of cloud security, particularly in areas such as architecture, design, operations, service orchestration, and regulatory compliance. The CCSP measures a candidate’s competence against a globally recognized body of knowledge (CBK), ensuring that certified professionals are equipped to address modern cloud security challenges.Key Focus Areas of the CCSP CertificationThe CCSP curriculum is built around six critical domains that encompass the essential aspects of cloud security. These domains ensure that candidates gain a comprehensive understanding of the concepts and practical skills needed in the cloud security profession:Cloud Concepts, Architecture, and Design – 17%Covers cloud computing models, architectures, and essential design principles.Understand the security implications of deploying cloud technologies.Cloud Data Security – 20%Focuses on protecting cloud data, ensuring confidentiality, integrity, and availability.Covers encryption, data masking, and secure data storage in cloud environments.Cloud Platform & Infrastructure Security – 17%Involves securing cloud infrastructure and platforms.Includes knowledge of virtualization, containers, and securing cloud resources.Cloud Application Security – 17%Addresses secure development practices in cloud-based applications.Covers cloud-specific application vulnerabilities and threat management.Cloud Security Operations – 16%Focuses on managing and operating secure cloud environments.Includes incident response, monitoring, and continuous improvement in cloud security operations.Legal, Risk, and Compliance – 13%Involves understanding the legal and regulatory requirements surrounding cloud technologies.Covers risk management, compliance frameworks, and governance in cloud environments.Together, these six domains form the foundation of cloud security knowledge, providing professionals with the ability to assess risks, implement security solutions, and comply with industry regulations.Experience RequirementsThe CCSP certification has strict experience requirements to ensure that only qualified professionals are certified. Candidates must have at least five years of cumulative paid work experience in information technology. Of these five years, three years must be in information security, and one year must be in one or more of the six domains of the CCSP CBK.However, there are pathways to reduce this requirement:CSA’s CCSK certificate can substitute for one year of required experience in the CCSP domains.CISSP certification can fully waive the experience requirement for CCSP.For those who do not meet the experience requirements, there is the Associate of (ISC)² option. By passing the CCSP exam, candidates can become an Associate and will have six years to gain the required experience to earn the full CCSP certification.Accreditation and Global RecognitionThe CCSP certification is fully accredited and compliant with ANSI/ISO/IEC Standard 17024, which ensures that it meets stringent international standards. This global recognition ensures that the CCSP credential holds value in diverse markets and industries, providing a competitive advantage to certified professionals.Job Task Analysis (JTA)(ISC)² conducts periodic Job Task Analysis (JTA) to maintain the relevance of the CCSP certification. This analysis identifies the essential tasks performed by cloud security professionals and ensures that the exam content aligns with the real-world roles and responsibilities of those working in cloud security. Through this ongoing process, the CCSP exam is regularly updated to reflect the latest trends and technologies in cloud security, keeping it relevant and up to date.CCSP Examination OverviewThe CCSP exam is a three-hour, multiple-choice examination consisting of 125 questions. To pass the exam, candidates must achieve a score of 700 out of 1000 points. The exam is available in English, Chinese, Japanese, and German, and can be taken at any Pearson VUE Testing Center.Length of the exam: 3 hoursNumber of items: 125 multiple-choice questionsPassing score: 700/1000Languages available: English, Chinese, Japanese, GermanTesting centers: Pearson VUEWhy Pursue the CCSP Certification?The demand for cloud security professionals continues to grow as organizations increasingly adopt cloud technologies. A CCSP certification demonstrates expertise in cloud security, making certified professionals highly sought after by employers. By achieving the CCSP credential, you not only validate your skills but also ensure that you stay current with evolving security challenges in the cloud computing landscape.This certification is an excellent investment for professionals who want to:Enhance their cloud security skills.Advance their careers in cloud architecture, security operations, and risk management.Demonstrate their ability to implement secure cloud solutions while ensuring compliance with regulatory frameworks.The Certified Cloud Security Professional (CCSP) certification is one of the most recognized and respected credentials in the field of cloud security. By mastering the six domains covered in the CCSP CBK, professionals will be equipped with the knowledge and skills required to secure cloud environments, ensuring data protection and regulatory compliance. The exam and experience requirements are designed to ensure that only qualified professionals are certified, and the accreditation of the CCSP further emphasizes its global value.For those pursuing a career in cloud security, the CCSP provides the perfect opportunity to validate your expertise, advance your career, and become a leader in the cloud security space.

Overview

Section 1: Welcome to CCSP Training!

Lecture 1 CCSP Course Introduction

Lecture 2 How to get the most out of this course?

Lecture 3 About Trainer

Lecture 4 Useful Links and Resources

Section 2: Domain 1: Cloud Concepts, Architecture and Design - Obj 1.1 & 1.2

Lecture 5 Introduction to Cloud computing Obj. 1.1

Lecture 6 Cloud Computing Shared Responsibility Matrix and Shared Considerations Obj1.1-2

Lecture 7 Cloud deployment models - Private, Public, Hybrid Obj. 1.2

Lecture 8 Benefits of Cloud Computing and Economy of Scale Obj. 1.2

Lecture 9 Fault Domain, Availability Domain and Region in Cloud Computing

Lecture 10 Cloud Native Architecture

Lecture 11 Understand the Multi-tenancy / Resource Sharing

Lecture 12 Infrastructure as Code & Infrastructure as Code (IaC) strategy Obj. 1.3

Lecture 13 API and API Gateway Obj 4.5

Lecture 14 Understand CapEX & OpEX

Section 3: Domain 1: Cloud Concepts, Architecture and Design - Obj 1.3

Lecture 15 Virtualization Obj. 1.3

Lecture 16 Virtualization Security Obj. 1.3

Lecture 17 Containers Obj. 1.3

Lecture 18 Containers Security Threats and Best Practices Obj. 1.3

Lecture 19 Docker Overview, Threats, Best Practices Obj. 1.3

Lecture 20 Kubernetes Overview, Threats, Best Practices Obj. 1.3

Lecture 21 Serverless Computing and Microservices technology Obj. 1.3

Lecture 22 SDN - Software Defined Networks Obj. 1.3

Lecture 23 NFV - Network Function Virtualization Obj. 1.3

Section 4: Domain 1: Cloud Concepts, Architecture and Design - Obj 1.3 & 1.4 & 3.5

Lecture 24 Common threats and Vulnerabilities on Cloud Computing Obj. 1.3 & 3.3

Lecture 25 Self Reading - CISA Report for Key Security Threats on Cloud Obj. 1.3 & 3.3

Lecture 26 Security Vulnerabilities

Lecture 27 Vulnerability Related Terms, CVE, CVSS

Lecture 28 Advanced Persistent Threats

Lecture 29 DOS & DDOS Attacks

Lecture 30 Understand Security Controls

Lecture 31 Best Practices in Control Selection, Design, Operations Obj. 1.4

Lecture 32 Defence in Depth Concept

Lecture 33 Zero Trust vs Trust but Verify

Lecture 34 Self-Reading Zero Trust Guiding Principals

Section 5: Domain 1: BCP and DRP

Lecture 35 Business impact analysis (BIA) Obj. 1.4

Lecture 36 RPO & RTO Obj 3.5

Lecture 37 BCP Testing Obj 3.5

Section 6: Domain 1: Cloud Concepts, Architecture and Design - Obj 1.5

Lecture 38 Security Standards and Frameworks

Lecture 39 ISO/IEC 27017 Obj. 1.5

Lecture 40 CSA - STAR Registry and CCM, CAIQ

Lecture 41 PCI-DSS v4.0 Overview Obj. 1.5

Lecture 42 PCI-DSS v4.0.1 - Requirements Deep Dive

Lecture 43 Federal Information Processing Standard (FIPS) 140-3 Obj. 1.5

Lecture 44 Common Criteria (CC) and Security Evaluation Models Obj. 1.5

Lecture 45 Gap analysis

Lecture 46 Knowledge Check

Section 7: Domain 2 - Cloud Data Security - Obj 2.1, 2.2, 2.3

Lecture 47 Data lifecycle Obj. 2.1

Lecture 48 Data Storage and Retention and Archiving Obj. 2.2

Lecture 49 Common threats on Cloud Storage - Malware

Lecture 50 Data dispersion in the Cloud and Data Flow Obj. 2.1

Lecture 51 Cloud Storage Services

Lecture 52 Data Disposal Obj 2.2

Lecture 53 Storage Redundancy Through RAID

Lecture 54 Data Roles (Owner, Custodian, User)

Lecture 55 Data Protection Policies, Encryption and Classification Obj 3.4

Lecture 56 Knowledge Check

Section 8: Domain 2 - Cloud Data Security - Cryptography

Lecture 57 Encryption 101 Obj. 2.3

Lecture 58 Symmetric Encryption

Lecture 59 Asymmetric Encryption

Lecture 60 Public Key Infrastructure

Lecture 61 Digital Certificates

Lecture 62 Hashing Obj. 2.3

Lecture 63 Digital Signature and Non-Repudiation Obj. 2.8

Lecture 64 Knowledge Check

Section 9: Domain 2 - Cloud Data Security - Obj 2.4, 2.5, 2.6, 2.7, 2.8

Lecture 65 Secrets and Key Management Obj. 2.3

Lecture 66 Data obfuscation & Tokenization Obj. 2.3

Lecture 67 Data Discovery and Governance Tools Obj. 2.4

Lecture 68 Data Classification Obj. 2.5

Lecture 69 Data loss prevention (DLP) Obj. 2.3

Lecture 70 Information Rights Management (IRM) & Digital Rights Management Obj. 2.6

Lecture 71 DRM tool Usage and Examples

Lecture 72 Intellectual Properties

Lecture 73 Knowledge Check

Section 10: Domain 3 - Cloud Platform and Infrastructure Security

Lecture 74 Design a secure data centre and Datacenter Tiers Obj 3.2

Lecture 75 Physical and environmental protection Obj 3.4

Lecture 76 Physical Access Control

Lecture 77 Knowledge Check

Section 11: Domain 4 - Cloud Application Security

Lecture 78 Application Development Key Concepts Obj 4.1

Lecture 79 Software Development Methodologies Obj 4.2

Lecture 80 Common pitfalls in Software Development Obj 4.1

Lecture 81 OWASP Top 10 Obj 4.3

Lecture 82 CWE - Common Weak Enumeration Obj 4.3

Lecture 83 SANS - Top 25 Obj 4.3

Lecture 84 Threat modeling - STIRDE, DREAD, PASTA Obj 4.3

Lecture 85 Self Reading - Threat modeling - ATASM Obj 4.3

Lecture 86 Self Reading - ASVS & SAFECode Obj 4.3

Lecture 87 Secure Coding 101 Obj 4.3

Lecture 88 Self Reading - ISO 27034-1 Standards for Secure App Development

Lecture 89 Version Control System Obj 4.3

Lecture 90 Knowledge Check

Section 12: Domain 4 - Cloud Application Security

Lecture 91 Software Testing Obj 4.4

Lecture 92 Test Case and Abuse Case Obj 4.4

Lecture 93 Software Security Testing Obj 4.4

Lecture 94 Release management Obj 5.3

Lecture 95 QA & QC Obj 4.4

Lecture 96 Penetration Testing Obj 4.4

Lecture 97 DevOps

Lecture 98 DevOps security Obj. 1.4

Lecture 99 Third-party software management Obj 4.5

Lecture 100 Knowledge Check

Section 13: Domain 4: - Cloud Application Security

Lecture 101 Identity and access control Obj. 1.3

Lecture 102 Privileged Access Management Obj. 1.3

Lecture 103 Authorization Models and RBAC

Lecture 104 Single sign-on (SSO) & RSO & MTLS Obj 4.7

Lecture 105 Key Access Control Concepts

Lecture 106 Federated identity and IdP, OpenID, SAML, Auth Protocols Obj 4.7

Lecture 107 MFA and Biometric Authentication Obj 4.7

Lecture 108 SASE & CASB Obj 4.7

Lecture 109 Knowledge Check

Section 14: Domain 4 - Cloud Application Security

Lecture 110 What is Load Balancer

Lecture 111 Domain Name System DNS & Security Extensions (DNSSEC) and Securing DNS

Lecture 112 Network Availability - Single Home, Multi Home, and Understand CDN

Lecture 113 Self Reading - Packet Broker

Lecture 114 Databases

Lecture 115 Database Security Obj 4.6

Lecture 116 Knowledge Check

Section 15: Domain 5 - Cloud Security Operations

Lecture 117 Securing Servers, Applications and Backup Policies

Lecture 118 Firewalls, DMZ & HoneyPots and HoneyNets

Lecture 119 IPS & IDS

Lecture 120 Virtual private network (VPN)

Lecture 121 VLANs and Segmentation

Lecture 122 Web application firewall (WAF) Obj 4.6

Lecture 123 Proxy and Web Filtering

Lecture 124 Sandboxing Obj 4.6

Lecture 125 Network Security Practices and Policies

Lecture 126 Knowledge Check

Section 16: Domain 5 - Cloud Security Operations

Lecture 127 Change Management

Lecture 128 Configuration management Obj 5.3

Lecture 129 Patch Management and Vulnerability Management Obj. 1.3

Lecture 130 Performance Monitoring and KPI

Lecture 131 Key Performance Indicators

Lecture 132 Knowledge Check

Section 17: Domain 5 - Cloud Security Operations

Lecture 133 Incident management

Lecture 134 Incident Response Plan

Lecture 135 Log Management Obj. 2.8

Lecture 136 Forensic data collection methodologies Obj 5.4

Lecture 137 Security operations center (SOC)

Lecture 138 SIEM

Lecture 139 Knowledge Check

Section 18: Domain 6 - Legal, Risk and Compliance

Lecture 140 Laws, Regulations, Act

Lecture 141 US Federal Laws 1

Lecture 142 US Federal Laws 2

Lecture 143 Understand the PII & PHI

Lecture 144 Privacy Regulations

Lecture 145 The EU-U.S. Data Privacy Framework (DPF), and Privacy Shield

Lecture 146 The Privacy Policy

Lecture 147 Privacy Controls, Privacy Impact Assessments and E-Discovery, and Data Flow

Lecture 148 Knowledge Check

Section 19: Domain 6 - Legal, Risk and Compliance

Lecture 149 Policies

Lecture 150 Standards

Lecture 151 Procedures and Guidelines

Lecture 152 Cloud Related Policies and Understand Data Residency and Sovereignty

Lecture 153 Knowledge Check

Section 20: Domain 6 - Legal, Risk and Compliance

Lecture 154 Risk Management Overview Obj 3.3

Lecture 155 Risk Identification Obj 3.3

Lecture 156 Risk Analysis Obj 3.3

Lecture 157 Risk Evaluation and Treatment Obj 3.3

Lecture 158 Risk Monitoring and Reporting

Lecture 159 COSO ERM

Lecture 160 ISO 31000 & 27005

Lecture 161 NIST RMF

Lecture 162 Knowledge Check

Section 21: Domain 6 - Legal, Risk and Compliance

Lecture 163 Information System Auditing Overview

Lecture 164 Internal and external audit controls

Lecture 165 Audit planning

Lecture 166 Legal Impact on Audit Engagement

Lecture 167 SSAE & ISAE

Lecture 168 SOC Audit Report

Lecture 169 Knowledge Check

Section 22: Domain 6 - Legal, Risk and Compliance

Lecture 170 Vendor management

Lecture 171 Self Reading - Contract Management

Lecture 172 SoW, RFI, RFB, RFP, Bidding Process

Lecture 173 SLA, OLA and Overview of IT Infrastructure Library Services

Lecture 174 Supply-chain management

Lecture 175 Knowledge Check

Section 23: CCSP - Emerging Technologies

Lecture 176 Industrial Control System - ICS and Operational Technology

Lecture 177 Artificial Intelligence and Machine Learning

Lecture 178 Types of AI, Narrow, General

Lecture 179 Cryptography Advancements and Block Chain and Impact of Quantum Computing

Lecture 180 Knowledge Check

Section 24: Practice Exams

IT Professionals,Security Professionals,Cloud Computing Specialists,Anyone Interested to become CCSP!