CCSP exam and CBK changes in August


Since August 1, 2019, (ISC)² has introduced changes to its Certified Cloud Security Professional (CCSP) certification. The purpose of these enhancements is to establish the CCSP domains’ relevancy with rapidly growing cloud computing technologies and methodologies. With the updated CCSP exam, CCSP-certified professionals will be able to deal with the latest trends in cloud computing, including the newly emerging, fast and sophisticated threats in the face of cloud platforms.

In this article, we will discuss the new changes to the CCSP exam in greater detail.

What changes are made to CCSP domains and their weight?

Some new cloud security concepts have been added and some previous content has been removed. The difference in the exam percentage for each concept was also introduced to each domain. The following sections delve deeper into these changes to the CCSP Common Body of Knowledge (CBK).

CCSP old domains and their percentage CCSP new domains and their percentage 
Architectural Concepts & Design Requirements19%Cloud Concepts, Architecture and Design17%
Cloud Data Security20%Cloud Data Security19%
Cloud Platform and Infrastructure Security19%Cloud Platform and Infrastructure Security17%
Cloud Application Security15%Cloud Application Security17%
Operations15%Cloud Security Operations17%
Legal & Compliance12%Legal, Risk and Compliance13%

Below are the details of the CCSP domain changes. For the purposes of clarity:

  • Green text represents a new addition to content
  • Red text represents deleted content
  • Yellow text represents renamed content

Changes to CCSP domains

Old Domain 1

  • 1.1 Understand Cloud Computing Concepts
  • 1.2 Describe Cloud Reference Architecture
  • 1.3 Understand Security Concepts Relevant to Cloud Computing
  • 1.4 Understand the Design Principles of Secure Cloud Computing
  • 1.5 Identify Trusted Cloud Services

New Domain 1

The title of the first domain has been changed from (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Fakhar Imam. Read the original post at: