CCSP Certification Exam

«« Previous
Next »»

Prove You’re on the Forefront of Cloud Security

In the ever-changing world of the cloud, you face unique security challenges every day — from new threats to sensitive data, to uneducated internal teams.

Take command with the CCSP: the premier cloud security certification.

The CCSP is a global credential that represents the highest standard for cloud security expertise. It was co-created by (ISC)² and Cloud Security Alliance — leading stewards for information security and cloud computing security.

When you earn this cloud security certification, you prove you have deep knowledge and hands-on experience with cloud security architecture, design, operations and service orchestration.

1. Steps to Certification

1.1 Get the Needed Experience

To qualify for the CCSP certification, you must have:

◈ A minimum of five years cumulative, paid, full-time work experience in information technology
◈ Of which three years must be in information security and one year in one or more of the six domains of the CCSP Common Body of Knowledge (CBK)

Earning CSA’s CCSK certificate can be substituted for one year of experience in one or more of the six domains of the CCSP CBK.

Earning (ISC)²’s CISSP credential can be substituted for the entire CCSP experience requirement.

Don’t have the required work experience yet? You can take and pass the CCSP exam to earn an Associate of (ISC)² designation. Then, you’ll have up to six years to earn your required work experience for the CCSP.

1.2 Create an Account at Pearson VUE and Schedule Your Exam

To schedule an exam, you must create an account at Pearson VUE.

Pearson VUE is the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website.

Once you’ve set up your account and are ready to register, you’ll need to:

◉ Complete the Examination Agreement. You agree to the truth of your assertions regarding professional experience. You also legally commit to the adherence of the (ISC)² Code of Ethics.
◉ Review the Candidate Background Questions.
◉ Pay the exam fee.

1.3 Pass the Exam

This is the day to show your greatness! You’ll have four hours to complete the 125 exam questions.

Recommended CCSP Online Practice Exams with EDUSUM.COM

You must pass the exam with a scaled score of 700 points or greater.

1.4 Subscribe to the (ISC)² Code of Ethics and Get Endorsed

Let’s say you pass the exam. Then what?

Before this cloud security certification can be awarded, you have to:

◈ Subscribe to the (ISC)² Code of Ethics.
◈ Have your application endorsed.

Your endorsement form must be completed and signed by an (ISC)² certified professional. He or she needs to be an active member who can confirm your professional experience.

(ISC)² can endorse you if you can’t find a certified individual.

You have nine months from the date of the exam to complete these steps. If you don’t, you have to retake the exam to get certified.

2. Why Become a CCSP

Your time is valuable, and you need to use it wisely. Here’s why the CCSP is a smart investment:

◉ Instant credibility and differentiation. The CCSP positions you as an authority figure on cloud security. It’s a quick way to communicate your knowledge and earn trust from your clients or senior leadership.
◉ Unique recognition. When you earn the CCSP, you achieve the highest standard for cloud security expertise. This certification is powered by the two leading non-profits focused on cloud and information security: CSA and (ISC)². It’s vendor-neutral, and you need practical knowledge and experience to earn it. Quite simply, there is no other cloud security certification like it.
◉ Staying ahead. The CCSP can enhance your working knowledge of cloud security principles and practices. It can keep you current on evolving technologies, new threats and new mitigation strategies. And it can fill in unknown gaps in your knowledge. You’ll stay ahead.
◉ Versatility. Because the CCSP is vendor-neutral, you can use your knowledge across a variety of different cloud platforms. This not only makes you more marketable, it ensures you’re better equipped to protect sensitive data in a global environment.
◉ Career advancement. The CCSP creates opportunities. For example, as a consultant, it can help you expand into cloud services and win new business. If you’re an internal subject matter expert, it can help you move into more strategic roles.

The CCSP is ANSI-Accredited

The CCSP certification is accredited by the American National Standards Institute (ANSI). This means it complies with the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 17024 Standards. Why is accreditation important when choosing a certification program?

Visit the Institute for Credentialing Excellence website for details.

3. Should You Pursue the CCSP?

The CCSP is one of the hottest certifications on the market today. But is this cloud security certification right for you? The answer is yes if you:

◉ Are an experienced IT professional who’s involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance or IT auditing.
◉ Are heavily involved with the cloud (or you’d like to be) in a global environment. You’re responsible for migrating to, managing or advising on the integrity of cloud-based software, such as SalesForce, Office 365, Optum, Impact Cloud, JIRA Software, SharePoint or CTERA.
◉ Are an early adopter who loves being on the leading edge of technology.
◉ Are passionate about security.
◉ Want to differentiate yourself (or your business).
◉ Want to stay up-to-speed on rapidly evolving cloud technologies, threats and mitigation strategies.

In addition, many who pursue the CCSP find it useful for working with organizations committed to DevSecOps, Agile or Bimodal IT practices.

The CCSP is ideal for those working in roles such as:

◉ Enterprise Architect
◉ Security Administrator
◉ Systems Engineer
◉ Security Architect
◉ Security Consultant
◉ Security Engineer
◉ Security Manager
◉ Systems Architect

4. Mastering the Domains on the Exam

The CCSP exam tests your skills in six domains. The domains draw from a range of cloud security topics within the (ISC)² Common Body of Knowledge (CBK).

Here’s a closer look at the CCSP domains and how they’re weighted on the exam:

Domains Weight 
1. Architectural Concepts and Design Requirements 19%
2. Cloud Data Security   20% 
3. Cloud Platform and Infrastructure Security   19% 
4. Cloud Application Security   15%
5. Operations   15% 
6. Legal and Compliance   12% 
Total  100%

Architectural Concepts and Design Requirements

◉ Understand cloud computing concepts
◉ Describe cloud reference architecture
◉ Understand security concepts relevant to cloud computing
◉ Understand design principles of secure cloud computing
◉ Identify trusted cloud services

Cloud Data Security

◉ Understand cloud data lifecycle
◉ Design and implement cloud data storage architectures
◉ Design and apply data security strategies
◉ Understand and implement data discovery and classification technologies
◉ Design and implement relevant jurisdictional data protections for personally identifiable information (PII)
◉ Design and implement data rights management
◉ Plan and implement data retention, deletion, and archiving policies
◉ Design and implement auditability, traceability and accountability of data events

Cloud Platform and Infrastructure Security

◉ Comprehend cloud infrastructure components
◉ Analyze risks associated to cloud infrastructure
◉ Design and plan security controls
◉ Plan disaster recovery and business continuity management

Cloud Application Security

◉ Recognize the need for training and awareness in application security
◉ Understand cloud software assurance and validation
◉ Use verified secure software
◉ Comprehend the software development life-cycle (SDLC) process
◉ Apply the secure software development life-cycle
◉ Comprehend the specifics of cloud application architecture
◉ Design appropriate identity and access management (IAM) solutions


◉ Support the planning process for the data center design
◉ Implement and build physical infrastructure for cloud environment
◉ Run physical infrastructure for cloud environment
◉ Manage physical infrastructure for cloud environment
◉ Build logical infrastructure for cloud environment
◉ Run logical infrastructure for cloud environment
◉ Manage logical infrastructure for cloud environment
◉ Ensure compliance with regulations and controls (e.g., ITIL, ISO/IEC 20000-1)
◉ Conduct risk assessment to logical and physical infrastructure
◉ Understand the collection, acquisition and preservation of digital evidence
◉ Manage communication with relevant parties

Legal and Compliance

◉ Understand legal requirements and unique risks within the cloud environment
◉ Understand privacy issues, including jurisdictional variation
◉ Understand audit process, methodologies, and required adaptions for a cloud environment
◉ Understand implications of cloud to enterprise risk management
◉ Understand outsourcing and cloud contract design
◉ Execute vendor management

5. Getting CCSP Training That’s Right for You

Prepare for your CCSP exam through a combination of training courses and individual study. And learn from (ISC)² — the creator of the CCSP CBK!

Simply choose the best training format for your schedule, needs and learning style.

In-Person Training Seminars

ISC2 Tutorials and Materials, ISC2 Guides, ISC2 Certifications
Classroom-Based Training

◉ Ideal for hands-on learners. The most thorough review of the CCSP CBK, industry concepts and best practices.
◉ Five-day training event delivered in a classroom setting. Eight hours a day.
◉ Available at (ISC)² facilities and through (ISC)² Official Training Providers worldwide.
◉ Led by authorized instructors.

Get details on Classroom-Based Training.

ISC2 Tutorials and Materials, ISC2 Guides, ISC2 Certifications
Private On-Site Training

◉ A cost-effective and convenient training solution if your organization has 10 or more employees taking the exam.
◉ Tailored to your team’s schedule, budget and certification requirements.
◉ Conveniently taught in your office space or a local venue.
◉ Led by authorized instructors

Get details on Private On-Site Training.

Online Training Seminars

ISC2 Tutorials and Materials, ISC2 Guides, ISC2 Certifications
Instructor-Led Training

◉ Participate from the convenience of your computer. This saves you travel time and expense.
◉ Weekday, weekend and evening options to fit your needs.
◉ Comprehensive review of the CBK, so you’re ready for this cloud security certification.
◉ Delivered in a variety of schedules with weekday, weekend, and evening options to suit your needs.
◉ Access to recordings of all course sessions for 60 days.
◉ Led by authorized instructors.

Self-Paced Training

ISC2 Tutorials and Materials, ISC2 Guides, ISC2 Certifications
◉ A powerful alternative to traditional classroom training. You’ll use modular training and interactive study materials.
◉ Virtual lessons taught by authorized instructors through HD video.
◉ Rich content equal to classroom training. It meets certification course requirements.
◉ 120 days to access the content from any web-enabled device. Available any time and as often as you want.

CCSP Training Course Overview

Our training helps you fully prepare for this cloud security certification. You will:

◉ Review, refresh and expand your cloud security knowledge.
◉ Identify areas you need to study for the CCSP exam.

You can expect an in-depth review of the six domains of the CCSP CBK — including discussion of industry best practices and timely cloud security concepts.

(ISC)² authorized instructors lead all our training. You’re learning from industry experts who understand you. They know how to make the content highly relatable. And they go through a rigorous process to teach to our CBK.

Plus, we use proven adult learning techniques to reinforce topics. This approach increases how much information you retain. Our techniques are highly interactive. They focus on real-world learning activities and scenarios, so you get the most out of training.

Self-Study Tools

In addition to training, we offer resources to help you with self-study. Our resources include the:

6. Taking Your CCSP Exam

Length of exam Up to 4 hours 
Number of questions 125 questions 
Question format Multiple choice 
Passing grade   A passing score is 700 out of 1000 points 
Exam Language  English 
Testing Center Pearson Vue Testing Center 

7. Maintaining or Regaining CCSP Certification

Once you’ve earned this cloud security certification, you become a member of (ISC)2. You enter one of the largest communities of information security professionals in the world. You gain access to unparalleled global resources and networking.

Quite simply, you have endless opportunities to grow and refine your craft.

But certification is a privilege that must be earned and maintained. To remain in good standing with your CCSP, you need to:

◉ Abide by the (ISC)² Code of Ethics.
◉ Earn and post Continuing Professional Education (CPE) credits.
◉ Pay your Annual Maintenance Fee (AMF).

Here’s a closer look at each.

Abiding by the (ISC)² Code of Ethics

You agree to fully support and follow the (ISC)² Code of Ethics.

Earning and Posting CPE Credits

Cloud security technology is constantly changing. (You know this well!) You need to earn CPE hours to stay well-rounded and keep up your expertise.

For the CCSP, you need to earn and post a minimum of 30 CPE credits per year. You need to do so before your certification annual anniversary date.

CPEs may sound like a big task. However, (ISC)² makes it easy for you to earn your CPE credits on a regular basis.

We offer access to:

◉ Live educational events around the world.
◉ Online seminars that can be taken in the comfort of your home or office. They’re available exclusively to (ISC)² members.
◉ And many more learning opportunities.

Paying Annual Maintenance Fees (AMFs)

Once you earn this cloud security certification, you must pay USD$100 each year of your three-year certification cycle. Your payment is due before your certification or re certification annual anniversary date.

Your payments help ensure that (ISC)2 has the financial resources to:

◉ Be a functional, dynamic entity for leading information security and IT professionals (like you) far into the future.
◉ Develop more CPE opportunities.
◉ Continue to meet the certification needs and requirements of information security professionals.
◉ Maintain member records.

How to Regain Membership if Your CCSP Ends

If you wish to regain membership, you’ll need to:

◉ Pay any outstanding AMF payments. (This needs to take place before you sit for the exam.)
◉ Retake and pass the exam to become certified again.
◉ Contact Member Services to reactivate your certification after you pass the exam.

«« Previous
Next »»


Post a comment