Certified Cloud Security Professional by ISC2
(ISC)² and the Cloud Security Alliance (CSA) developed the Certifed Cloud Security Professional (CCSP) credential to ensure that cloud security professionals have the required knowledge, skills, and abilities in
cloud security design, implementation, architecture, operations, controls, and compliance with regulatory frameworks.
A CCSP applies information security expertise to a cloud computing environment and demonstrates competence in cloud security architecture, design, operations, and service orchestration. This professional competence is measured against a globally recognized body of knowledge.
The CCSP is a stand-alone credential that complements and builds upon existing credentials and educational programs, including (ISC)²’s Certifed Information Systems Security Professional (CISSP) and CSA’s Certifcate of Cloud Security Knowledge (CCSK).
The topics included in the CCSP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the feld of cloud security. Successful candidates are competent in the following 6 domains:
• Cloud Concepts, Architecture and Design
• Cloud Data Security
• Cloud Platform & Infrastructure Security
• Cloud Application Security
• Cloud Security Operations
• Legal, Risk and Compliance
Candidates must have a minimum of 5 years cumulative paid work experience in information technology, of which 3 years must be in information security and 1 year in 1 or more of the 6 domains of the CCSP CBK.
Earning CSA’s CCSK certifcate can be substituted for 1 year of experience in 1 or more of the 6 domains of the CCSP CBK. Earning (ISC)²’s CISSP credential can be substituted for the entire CCSP experience
A candidate that doesn’t have the required experience to become a CCSP may become an Associate of (ISC)² by successfully passing the CCSP examination. The Associate of (ISC)² will then have 6 years to earn the 5 years required experience.
You can learn more about CCSP experience requirements and how to account for part-time work and internships at www.isc2.org/Certifcations/CCSP/experience-requirements.
Accreditation CCSP under ANSI review for compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.
Job Task Analysis (JTA)
(ISC)² has an obligation to its membership to maintain the relevancy of the CCSP. Conducted at regular intervals, the Job Task Analysis (JTA) is a methodical and critical process of determining the tasks that are
performed by security professionals who are engaged in the profession defned by the CCSP. The results of the JTA are used to update the examination. This process ensures that candidates are tested on the topic
areas relevant to the roles and responsibilities of today’s practicing information security professionals focusing on cloud technologies.
Length of exam is 3 hours
The Number of questions on the exam is 125
Question format: Multiple choice
Passing grade 700 out of 1000 points
Language is English
Exam availability at Pearson VUE Testing Center