CCSP: Overview of Domains

What Is the CCSP Exam?

The Certified Cloud Security Professional (CCSP) exam is a certification exam designed to test an applicant’s knowledge of the principles of securing cloud-based environments. It was developed by the International Information Systems Security Certification Consortium, Inc. or (ISC)2 and the Cloud Security Alliance (CSA).

In order to earn a CCSP certification, an applicant must pass the exam and meet certain eligibility requirements (five years in information technology, three years in information security and one year in cloud security).

CCSP Exam Details

The CCSP exam is a 125-question, multiple-choice exam with a four-hour time limit (consider bringing a snack). The exam has a total of 1000 possible points and passing requires a score of at least 700.

Questions are not equally distributed among the six domains of the exam. The breakdown of the exam is as follows:

  • Domain 1: 19%
  • Domain 2: 20%
  • Domain 3: 19%
  • Domain 4: 15%
  • Domain 5: 15%
  • Domain 6: 12%

What Is Covered By the CCSP Exam?

The CCSP exam is broken into six domains and numerous subdomains. This section provides a brief introduction to each of the subdomains included in the CCSP exam.

Domain 1: Architectural Concepts and Design Requirements

The first domain of the CCSP covers a lot of ground. Each of its five subdomains covers a very different aspect of cloud computing.

Understand Cloud Computing Concepts

This section of the exam is designed to evaluate the test-taker’s knowledge of fundamental cloud computing concepts. To prepare for this section, brush up on the cloud computing definitions in ISO/IEC 17788, role descriptions within cloud computing (Customer, Provider, Partner), cloud computing characteristics (multi-tenancy, resource pooling and so forth), and the technology used in cloud computing (virtualization, databases and more).

Describe Cloud Reference Architecture

The cloud reference architecture section of the (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Howard Poston. Read the original post at: