Virtual Attendance is now available on this course. Click for more details

Attackers never rest, and along with all the traditional threats targeting internal networks and systems, an entirely new variety specifically targeting the cloud has emerged.

As more organisations adopt cloud-based systems, new complexities and challenges surface and the risks increase. Organisations need cloud security professionals with the requisite knowledge, skills and abilities to be able to audit, assess and secure cloud infrastructures.

In response to this, (ISC)² and the Cloud Security Alliance (CSA) have developed the Certified Cloud Security Professional (CCSP) certification. This credential reflects in-depth knowledge derived from hands-on information security and cloud computing experience. It validates practical know-how for professionals whose responsibilities involve cloud security architecture, design, operations and service orchestration.

In this 5-day course you will gain a thorough understanding of the information security risks and mitigation strategies critical to data security in the cloud. The course covers the six domains of the Official (ISC)² CCSP Common Body of Knowledge (CBK®) and prepares you to take the CCSP exam to become a Certified Cloud Security Professional.

Our trainers make the difference

When you attend a training course there are actually two costs – the course fee, and the value of your time. You can see the fee. But whether you get value for your time and money depends totally on the quality of the course.

Lots of things go into making a great course, but the single most important is always the trainer: their knowledge of the subject, their real world experience that they can draw upon in the class, their ability to answer questions, their communication skills. This is what makes the difference.

ALC works only with the best. When it comes to CCSP, ALC has two exceptional world-class trainers:

Paul Colmer

Paul “Cloud” Colmer is a forward thinking digital business leader, with a passion for the practical application of disruptive technologies. As Lead Digital Architect at ALC Group he has oversight and responsibility for ALC’s Digital Architecture and Cloud instruction and advisory services complemented by an array of recent cloud certifications from AWS, VMware, Microsoft and ISC2.

Read full bio >

Chris Evans

Chris is a widely experienced and versatile network engineering and security professional, with a multi-discipline background.  His broad and expansive career covers more than 30 years in IT, including banking and finance, accounting and auditing, EDP, software development, firewalls, anti-virus, backup and storage, cloud architecture and infrastructure, service delivery and business management..

Read full bio >

Learning outcomes

  • Identify and explain the Cloud Computing concepts and definitions based on the ISO/IEC 17788 and NIST standards.
  • Identify and explain the Cloud Security Alliance’s Treacherous Twelve.
  • Understand and be able to differentiate between the various service delivery models, frameworks and hypervisor threats that are incorporated into the cloud computing reference architecture.
  • Demonstrate the application of appropriate security strategies and be able to recommend appropriate controls for protecting data at rest and data in motion.
  • Discuss strategies for data ownership, data sovereignty, data classification and implementing appropriate measures for assurance for ensuring privacy, compliance with regulatory agencies and working with authorities during legal investigations.
  • Understand the challenges for data centre design, forensic analysis and cloud environment deployments and recommend appropriate risk mitigation strategies.
  • Understand and apply Business Continuity Planning and Disaster Recovery procedures for disaster situations.
  • Design appropriate identity and access management solutions.
  • Comprehend and apply appropriate processes and frameworks including the Software Development Life-Cycle (SDLC) process, ITIL and ISO/IEC 20000.

Who should attend

The course is designed for :

  • Enterprise architects
  • Security administrators
  • Systems engineers
  • Security architects
  • Security consultants
  • Security engineers
  • Security managers
  • Systems architects

Course contents

1.   Introduction and Course Overview
2.   Architectural Concepts and Designs Requirements
  • Important cloud computing concepts
  • Cloud reference architecture
  • Security concepts relevant to cloud computing
  • Security design principles of cloud computing
  • Trusted cloud services
3.   Cloud Data Security
  • The cloud data lifecycle
  • Design and implementation of cloud data storage architectures
  • Design and application of data security strategies
  • Implementation of data discovery and classification technologies
  • Implementation of data protection for personally identifiable information (PII)
  • Design and implementation of Data Rights Management
  • Design and implementation of data retention, deletion and archiving policies
  • Auditability, traceability and accountability of data events
4.   Cloud Platform and Infrastructure Security
  • Comprehend cloud infrastructure components
  • Analyse risks associated to cloud infrastructure
  • Design and plan security controls
  • Plan disaster recovery and business continuity management
5.   Cloud Application Security
  • Training and awareness for application security
  • Cloud software assurance and validation
  • Use of verified secure software
  • Understand and apply the Software Development Life-Cycle (SDLC) process
  • Comprehend the specifics of Cloud Application Architecture
  • Design appropriate Identity and Access Management (IAM) solutions
6.   Operations
  • Support the planning process for the data centre design
  • Build, run and manage physical infrastructure for cloud environment
  • Build, run and manage logical infrastructure for cloud environment
  • Ensure compliance with various regulations and control requirements
  • Conduct risk assessments for logical and physical infrastructure
  • Collection, acquisition and preservation of digital evidence
  • Manage communication with relevant parties
7.   Legal and Compliance
  • Legal requirements and unique risks within the cloud environment
  • Privacy issues, including jurisdictional variation
  • The audit process and methodologies adapted for the cloud environment
  • Implications of cloud to enterprise risk management
  • Outsourcing and cloud contract design
  • Vendor management
8.   Summary
  • Review
  • Mock exam

Course fees

Face-to-face classroom training

Fees per person

Certified Cloud Security Professional Course (5 days)

  • $3150 + gst

Fees include:

  • Course presentation
  • Comprehensive printed course workbook
  • Course textbook
  • Full sit-down lunch each day as well as morning and afternoon tea

NOTE: The CCSP exam is NOT included in the course fees.  The CCSP exam is administered by Pearson Vue on behalf of (ISC)2. If you wish to sit the exam you must register direct with Pearson Vue.  See below.


Candidates must have at least five years of cumulative, paid full-time working experience in Information Technology. Three of these must be in information security, and one of which must be in one of the six CCSP domains.

Candidates who are already (ISC)2 members in good standing and who possess a Certified Information Systems Security Professional (CISSP) certificate may substitute all of the CCSP experience requirements on this basis

CCSP candidates who have passed the Cloud Security Alliance (CSA) Certificate of Cloud Security Knowledge (CCSK) may count this certification towards one year of experience in one of the six domains.

Exam format

  • The maximum time allowed for the exam is 4 hours, which includes all rest breaks.
  • The exam has 125 questions, all of which must be answered.
  • The pass mark is 700 / 1000.


CCSP Exam – procedure | dates | locations

The CCSP exams are administered by Pearson Vue on behalf of (ISC)2. You must register for the exam  direct with PearsonVue.

A list of PearsonVue Test Centres is shown below.  For the most up-to-date listing please go to the PearsonVue ISC2 web page then click on Find a Test Centre in the upper right of the page.

If you experience any issues please contact ALC.

More testimonials for this course

Face-to-face classroom training

What our clients say