Certified Cloud Security Professional (CCSP)

Kursinhalt

Domain 1: Architectural Concepts and Design Requirements

• Understand cloud computing concepts
• Describe cloud reference architecture
• Understand security concepts relevant to could computing
• Understand design principles of secure cloud computing
• Identify trusted cloud services

Domain 2: Cloud Data Security

• Understand Cloud Data Life Cycle
• Design and Implement Cloud Data Storage Architectures
• Understand and implement Data Discovery and Classification Technologies
• Design and Implement Relevant Jurisdictional Data Protection for Personally Identifiable Information (PII)
• Design and implement Data Rights Management
• Plan and Implement Data Retention, Deletion, and Archival policies
• Design and Implement Auditability, Traceability, and Accountability of Data Events

Domain 3: Cloud Platform Infrastructure Security

• Comprehend Cloud Infrastructure Comp
• Analyze Risks Associated to Cloud Infrastructure
• Design and Plan Security Controls
• Plans Disaster Recovery & Business Continuity Management

Domain 4: Cloud Application Security

• Recognize Need for Training and Awareness in Application Security
• Understand Cloud Software Assurance and Validation
• Use Verified Secure Software
• Comprehend the Software Development Life Cycle (SDLC) Process
• Apply the Secure Software Development Life Cycle
• Comprehend the Specifics of Cloud Application Architecture
• Design Appropriate Identity and Access Management (IAM) Solutions

Domain 5: Operations

• Support the Planning Process for the Data Center Design
• Implement and Build Physical Infrastructure for Cloud Environment
• Run Physical Infrastructure for Cloud Environment
• Manage Physical Infrastructure for Cloud Environment
• Build Logical Infrastructure for Cloud Environment
• Run Logical Infrastructure for Cloud Environment
• Manage Logical Infrastructure for Cloud Environment
• Ensure Compliance with Regulations and Controls
• Conduct Risk Assessment to Logical and Physical Infrastructure
• Understand the Collection and Preservation of Digital Evidence
• Manage Communications with Relevant Parties Domain

Domain 6: Legal and Compliance

• Understand Legal Requirements and Unique Risks Within the Cloud Environment Module 2: Understand Privacy Issues, Including Jurisdictional Variances
• Understand Audit Process, Methodologies, and Required Adaptions for a Cloud Environment
• Understand Implication of Cloud to Enterprise Risk Management
• Understand Outsourcing and Cloud Contract Design
• Execute Vendor Management

Voraussetzungen

Sie müssen mindestens fünf Jahre Berufserfahrung in der IT haben, davon mind. drei im Bereich Informationssicherheit, davon wiederum mindestens eins im Bereich Cloud Computing.

Darüber hinaus sollten Sie bereits Erfahrung in jeder der sechs CBK Domains haben:

• Architekturkonzepte und Gestaltungsanforderungen
• Clouddatensicherheit
• Cloud-Plattform- & Infrastruktursicherheit
• Cloud-Anwendungssicherheit
• Betrieb
• Rechtliches und Compliance

Zielgruppe

• Enterprise Architect
• Security Administrator
• Systems Engineer
• Security Architect
• Security Consultant
• Security Engineer
• Security Manager
• Systems Architect