Certified Cloud Security Professional

(CCSP-2018)/ISBN:978-1-64459-027-0

This course includes
Lessons
TestPrep
Hand-on Lab

Get certified for the (ISC)² CCSP certification with the Certified Cloud Security Professional course and lab. The lab is cloud-based, device-enabled, and can easily be integrated with an LMS. The CCSP training course provides skills for all the CCSP exam topics and expertise in areas such as cloud concepts, architecture and design, cloud data security, cloud platform and infrastructure security, cloud application security, cloud security operations.

Here's what you will get

The (ISC)² CCSP certification is a vendor-neutral, globally-acknowledged credential in the field of cloud security. The CCSP certification exam validates the advanced technical skills and ability to design, manage, and secure data, applications, and infrastructure in the cloud. The (ISC)² CCSP certification represents the highest standard for Cloud security and provides step by step guidance and easy-to-follow detailed explanations on every part of CCSP certification.

Lessons

12+ Lessons | 81+ Exercises | 225+ Quizzes | 100+ Flashcards | 100+ Glossary of terms

TestPrep

125+ Pre Assessment Questions | 2+ Full Length Tests | 123+ Post Assessment Questions | 171+ Practice Test Questions

Hand on lab

31+ LiveLab | 21+ Video tutorials | 41+ Minutes

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • Overview of the CCSP Exam
  • Notes on This Course's Organization

Lessons 2: Architectural Concepts

  • Business Requirements
  • Cloud Evolution, Vernacular, and Definitions
  • Cloud Computing Roles and Responsibilities
  • Cloud Computing Definitions
  • Foundational Concepts of Cloud Computing
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 3: Design Requirements

  • Business Requirements Analysis
  • Boundaries of Cloud Models
  • Design Principles for Protecting Sensitive Data
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 4: Data Classification

  • Data Inventory and Discovery
  • Jurisdictional Requirements
  • Data Rights Management
  • Data Control
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 5: Cloud Data Security

  • Cloud Data Life Cycle
  • Cloud Storage Architectures
  • Cloud Data Security Foundational Strategies
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 6: Security in the Cloud

  • Shared Cloud Platform Risks and Responsibilities
  • Cloud Computing Risks by Deployment and Service Model
  • Virtualization
  • Cloud Attack Surface
  • Disaster Recovery (DR) and Business Continuity Management (BCM)
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 7: Responsibilities in the Cloud

  • Foundations of Managed Services
  • Business Requirements
  • Shared Responsibilities by Service Type
  • Shared Administration of OS, Middleware, or Applications
  • Share Responsibilities: Data Access
  • Lack of Physical Access
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 8: Cloud Application Security

  • Training and Awareness
  • Cloud-Secure Software Development Life Cycle (SDLC)
  • ISO/IEC 27034-1 Standards for Secure Application Development
  • Identity and Access Management (IAM)
  • Cloud Application Architecture
  • Cloud Application Assurance and Validation
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 9: Operations Elements

  • Physical/Logical Operations
  • Security Training and Awareness
  • Basic Operational Application Security
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 10: Operations Management

  • Monitoring, Capacity, and Maintenance
  • Change and Configuration Management (CM)
  • Business Continuity and Disaster Recovery (BC/DR)
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 11: Legal and Compliance Part 1

  • Legal Requirements and Unique Risks in the Cloud Environment
  • Potential Personal and Data Privacy Issues in the Cloud Environment
  • Audit Processes, Methodologies, and Cloud Adaptations
  • Summary
  • Exam Essentials
  • Written Labs

Lessons 12: Legal and Compliance Part 2

  • The Impact of Diverse Geographical Locations and Legal Jurisdictions
  • Business Requirements
  • Cloud Contract Design and Management for Outsourcing
  • Identifying Appropriate Supply Chain and Vendor Management Processes
  • Summary
  • Exam Essentials
  • Written Labs

Hands-on LAB Activities

Architectural Concepts

  • Capturing Network Traffic
  • Installing Ubuntu Using Hyper-V Manager
  • Using a Symmetric Algorithm
  • Using an Asymmetric Algorithm

Design Requirements

  • Performing Active Scanning using Nmap
  • Creating a DMZ Zone

Data Classification

  • Displaying Metadata Information
  • Enabling Access Control List
  • Standard Access Control List
  • Extended Access Control List

Cloud Data Security

  • Building IPSec VPN using ubuntu
  • Generating a Symmetric key
  • Generating an Asymmetric key
  • Observe an MD5-Generated Hash Value
  • Observe an SHA-Generated Hash Value

Security in the Cloud

  • Performing DoS Attacks with SYN Flood
  • Performing an MITM using websploit
  • Using Social Engineering to Plan an Attack

Responsibilities in the Cloud

  • Setup Honeypot on Kali Linux
  • Enabling an Intrustion Detection Policy
  • Removing Unnecessary Services

Cloud Application Security

  • Authorization of an User
  • Examining File Permissions
  • Cross-site request forgery with low complexity
  • Reviewing the Top 10 OWASP Attacks
  • Attacking a website using XSS injection
  • Conducting IP Spoofing

Operations Management

  • Verify RAM Usage
  • Checking Disk Capacity
  • Using MBSA

Legal and Compliance Part 1

  • Complete Chain of Custody

Exam FAQs

To qualify for this cybersecurity certification, you must pass the exam and have at least five years of cumulative, paid work experience in information technology, of which three years must be in information security, and one year in one or more of the six domains of the (ISC)² CCSP Common Body of Knowledge (CBK).

USD 599

Multiple choice

The exam contains 125 questions.

180 minutes

700

In the event that you fail your first attempt at passing the CCSP certification, ISC2's retake policy is:

  • Candidates who do not pass the exam the first time will be able to retest after 30 days.
  • Candidates that fail a second time will need to wait 90 days prior sitting for the exam again
  • If a candidate fails third time, the next available time to sit for the exam will be 180 days after the most recent exam attempt.

Three years

Customer Review

As a Sr. Information Security Engineer, I have a strong desire to keep up-to-speed on all areas of Information Security. uCertify has continually polished and improved its interface and delivery to the point of sheer perfection! The content in the Cloud Security course was well written and highly engaging. There are plenty of knowledge checks and quick tips along the way too. The tests are easy to use and the answers are clear and concise. The best aspect of their training is their interactive labs. In the labs your objectives are clear and you work through the various topic points from the training. The VM environment was intuitive and easy to navigate and control. (Even from my cell phone)

uCertify ISC2 Certified Cloud Security Professional course and found it to be the best among all another platform available. The course has tried to make you understand everything with the Study Help modules. You get a number of Exam Standard/Objectives, Articles, How To’s, Notes & Key terms which you can understand before you are heading for the tests.

The uCertify Certified Cloud Security Professional CCSP course is a complete package for my preparation. The course is bundled with a variety of tests such as Pre- Assesment, Chapters and lessons, Practice Test, Post Assessments and Performance-based labs. You can also customize the tests according to your needs. Detailed result analysis of all the tests taken will help you to focus on your weak areas so that you can overcome your shortcomings. In general, it is a nice product that can be helpful for one to prepare for an exam.