The CCSP or Certified Cloud Security Professional certification is an advanced cloud certification made available by ISC2.
It is given to candidates that can show they possess the advanced technical knowledge and skills required to manage, secure, and design, applications, cloud infrastructure, and data, whilst utilizing the best procedures, policies, and practices.
The aim of this article is to review the CCSP certification, detailing the numerous requirements and things a prospective CCSP candidate needs to know, as well as a few of the best CCSP study guides available.
What requirements have to be met before the CCSP can be taken?
Before you can attempt the CCSP, you as a candidate are required to have a certain experience level. In this regard, you require at least 5 years of full-time work experience concentrated in the field of information technology.
Out of those 5 years, 3 of them have to be concentrated in the field of information security, and 1 year of the remaining 2 has to be focused on at least 1 of the 6 CCSP Common Body of Knowledge domains. Conversely, it is possible to have this work experience requirement waived, however, this is only possible if you have earned a CCSK or Certificate of Cloud Security Knowledge from CSA.
If neither of these options pertains to you, there is an additional choice of becoming an ISC2 Associate. To have this option available to you, you have to successfully attempt the CCSP exam. When you are an ISC2 associate, you have a maximum time of 6 years to gain the required 5 years’ worth of experience. At this point, interning or working part-time could be allowed to count towards your required experience.
What form of work experience best suits CCSP requirements?
As a prospective CCSP candidate, you will have to show a history of working in a cloud computing environment, conducting information security associated work, or responsibilities that require a knowledge of direct application involved cloud security. Your experience must be in at least one of the following CCSP CBK domains:
- Legal & Compliance
- Cloud Data Security
- Architectural Concepts & Design Requirements
- Cloud Platform & Infrastructure Security
- Cloud Application Security
It is best to remember that the required fulltime experience is amassed each month and at least 35 hours each week for 4 weeks is equivalent to a month’s worth of work experience. It is possible to attain the required work experience hours via part-time work; however, it has to be over 20 hours per week and should not be more than 34 hours. Unpaid or paid internships can be accepted; however, it is always best to obtain official documentation from the company confirming that you are in fact interning.
What steps are necessary for earning a CCSP certification?
The steps required to earn a CCSP certification are pretty straightforward. These steps are split into 4 stages. they are:
Making sure a CCSP certification is suited to you
Before a candidate can even think of attempting to acquire the CCSP certification, there are a few things that have to be considered. You have to find out if the CCSP certification fits with your career progression.
This important step is usually overlooked, particularly for those individuals not from an InfoSec background. It does not matter what background you come from, however, you have to ask yourself if your career in the next couple years is going to be insecurity, particularly cloud security.
If you do not believe your career is going to progress in cloud computing, you should know that there are numerous other certifications available. From CISSP, CCLP, and CAP to HCISPP and SSCP. The aforementioned are but a few of the certifications available to earn.
CCSP Exam Details
The CCSP certification exam is made up of 125 multiple choice questions and lasts 4 hours. The number of maximum points attainable in the exam is 1000, however, to pass the exam a candidate only requires 700. The questions on the CCSP certification exam are not evenly distributed amongst the 6 domains. The following is the breakdown of the CCSP exam domain coverage:
- Architectural Concepts and Design Requirements: 19%
- Cloud Data Security: 20%
- Cloud Platform and Infrastructure Security: 19%
- Cloud Application Security: 15%
- Operations: 15%
- Legal and Compliance: 12%
Registering and Studying for the CCSP exam
To register for the exam, a candidate just has to create a Pearson VUE account. Pearson VUE is the world’s leading purveyor of computer focused training for licensure and certification exams.
Once you register, you will be able to select an exam date. Ensure the date you select provides you with enough time to prepare for the test. There are numerous study methods and one study method that works for one person might not work for another. This is why it is important to create a study/preparation process that is comfortable for you.
As stated earlier in the article, the CCSP certification requires more than a few qualifications in regards to experience. The divergent certification pathway which enables a CCSP candidate to become an ISC2 associate was also highlighted. It enables you to earn work experience after being certified.
Nevertheless, becoming certified means a candidate has had to adhere not just to the ethics code requested by ISC2, but also finish the process of endorsement which required an ISC2 member to endorse a candidate. The entire endorsement process can be done online. Its aim is to demonstrate that you have indeed and truthfully gained the required professional experience, as well as having kept a good reputation in the cybersecurity world.
Choosing to agree to ISC2’s ethics code enables you to keep the CCSP certification just earned. To do this, you have to agree to the following:
- Protect society, the common good, necessary public trust and confidence, and the infrastructure
- Act honorably, honestly, justly, responsibly and legally
- Provide diligent and competent service
- Advance and protect the profession
Becoming a member of ISC2
The moment you become certified, you become an official member of ISC2. This membership avails to you a particularly large community of over 140,000 certified cybersecurity experts from around the world.
This opportunity enables you to not only maintain but advance the skills you have using a treasure trove of educational opportunities. As a member, you can remain up to date on the most recent trends, as well as the best practices whilst ensuring your knowledge and experience is relevant to your career progression.
Preparing for the CCSP Exam: How long does it take?
The amount of time it takes for an individual to study for the CCSP certification exam tends to depend on a vast array of factors. For one, the study method utilized has an influence, as well as the individual’s experience in both Information Technology and Information Technology Security.
It is possible to achieve a study time of just 2 weeks to be knowledgeable enough to pass the CCSP, however, it is typically recommended that a study time of around 300 hours should be met before sitting for the exam. Nevertheless, the time spent studying is simply up to the effort and resources devoted to studying.
Official Study Methods
There are more than a few ISC2 officially sanctioned study methods available to a CCSP certification candidate. They are:
This form of study is an extremely convenient one, particularly if a candidate is limited by geography or is better at studying online.
These study methods involve a traditional instructor and classroom set-up which requires the physical presence of every involved party. This study method is best suited to those candidates that live close to a training location and are available when the session is offered.
This study method is typically used by companies that have candidates interested in attaining CCSP certification. When this happens, ISC2 can create private onsite training for the interested candidates either at a private venue or at the organization. This study differs from others in the sense that it is led by an instructor authorized by ISC2. It typically lasts 3 to 5 days in total.
This online study form is perfect for those individuals that have busy schedules or might prefer to study at their own pace using online resources. Being able to actually determine how quickly you progress through the study material is a clear benefit of this study method.
This is because while some individuals are able to effectively prepare for the exam in a short time, others might take a bit longer. When this happens in an instructor-led online or classroom-based study session, it can be difficult to keep up.
It is also possible to get officially accredited study tools to help supplement study coursework. These tools include official study guides, textbooks, study apps, flashcards, and of course, practice tests.
Best CCSP study guides
Being able to successfully pass any certification requires deliberate and intent studying. Simply trying to learn everything there is to know about certification can cause any progress made to grind to a halt.
In other to ensure prospective CCSP candidates study smarter, numerous study guides have been created, some by ISC2. These study guides offer study and training resources to ensure aspiring CCSP candidates are successful in their certification exams.
The Official (ISC)2 Guide to the CCSP CBK, Second Edition
This guide to the Certified Cloud Security Professional’s Common Body of Knowledge is a fundamental study resource that helps present ideas and topics in an easily understood manner, using real-life situations, frameworks, tables, and illustrations.
This CBK second edition has been updated to cover the very best practices and techniques used by renowned security practitioners with years of experience. it is the most updated version available. It is a guide that comes with steps for every one of the 6 CCSP domains. The CSA- Cloud Security Alliance has endorsed this guide as the go-to encyclopedia for cloud security.
CCSP Certified Cloud Security Professional All-in-One Exam Guide
The CCSP Certified Cloud Security Professional All-in-One Exam Guide is a study guide created by the CSA and the ISC2. It is a self-study guide that offers prospective candidates full coverage of every one of the 6 Common Body of Knowledge domains found in a CCSP exam.
Each of the subjects found int the guide is clearly defined and explained, every practice question is accurately featured and real-life scenarios are correctly provided. Additionally, this self-study guide provides several other features such as practice questions, summaries and exam tips in every chapter, as well as online content like over 300 practice questions that can be downloaded.
The Official (ISC)2 CCSP Study Guide
This CCSP study guide is an official ISC2 publication that offers Sybex study materials to help prospective CCSP candidates prepare faster and smarter. Its aim is to enable candidates to feel confident and comfortable on the scheduled exam day by placing information within easy reach. The Sybex study tools also include the following:
- Pre-exam assessments
- Chapter review questions
- Objective maps
Additionally, this ISC2 CCSP study guide is an online interactive Sybex learning environment. It does so by incorporating the following:
- Access to a glossary PDF
- Two practice exams in their entirety
The aim of this article has been to review the CCSP and cover the things that every prospective CCSP certification candidate must know before beginning their journey. Also spelled out in this article is the work experience requirement, which demands that CCSP candidates have 5 years’ worth of full-time paid work experience in the field of information technology.
Out of those 5 years, 3 of them have to be concentrated in the field of information security, and 1 year of the remaining 2 has to be focused on at least 1 of the 6 CCSP Common Body of Knowledge domains.
One of the most vital things that every CCSP candidate must remember is to discover a study method that efficiently works for them so that they are prepared when it is time to take the CCSP exam.