Cloud Concepts, Architecture and DesignCloud computing conceptsCloud Reference ArchitectureSecurity concepts relevant to could computingDesign principles of secure cloud computingIdentify trusted cloud servicesCloud Architecture Models
Cloud computing concepts
Cloud Reference Architecture
Security concepts relevant to could computing
Design principles of secure cloud computing
Identify trusted cloud services
Cloud Architecture Models
Cloud Data SecurityUnderstand Cloud Data Life CycleDesign and Implement Cloud Data Storage ArchitecturesDesign and Apply Data Security StrategiesData Discovery and Classification TechnologiesRelevant Jurisdictional Data Protection for Personally Identifiable Information (PII)Data Rights ManagementData Retention, Deletion, and Archival policiesAuditability, Traceability, and Accountability of Data Events
Understand Cloud Data Life Cycle
Design and Implement Cloud Data Storage Architectures
Design and Apply Data Security Strategies
Data Discovery and Classification Technologies
Relevant Jurisdictional Data Protection for Personally Identifiable Information (PII)
Data Rights Management
Data Retention, Deletion, and Archival policies
Auditability, Traceability, and Accountability of Data Events
Cloud Platform Infrastructure SecurityCloud Infrastructure ComponentsRisks Associated with Cloud InfrastructureDesign and Plan Security ControlsDisaster Recovery & Business Continuity Management
Cloud Infrastructure Components
Risks Associated with Cloud Infrastructure
Design and Plan Security Controls
Disaster Recovery & Business Continuity Management
Cloud Application SecurityTraining and Awareness in Application SecurityCloud Software Assurance and ValidationVerified Secure SoftwareSoftware Development Life Cycle (SDLC) ProcessApply the Secure Software Development Life CycleCloud Application ArchitectureIdentity and Access Management (IAM) Solutions
Training and Awareness in Application Security
Cloud Software Assurance and Validation
Verified Secure Software
Software Development Life Cycle (SDLC) Process
Apply the Secure Software Development Life Cycle
Cloud Application Architecture
Identity and Access Management (IAM) Solutions
Cloud Security OperationsSupport the Planning Process for the Data Center DesignImplement and Build Physical Infrastructure for Cloud EnvironmentRun Physical Infrastructure for Cloud EnvironmentManage Physical Infrastructure for Cloud EnvironmentBuild Logical Infrastructure for Cloud EnvironmentRun Logical Infrastructure for Cloud EnvironmentManage Logical Infrastructure for Cloud EnvironmentEnsure Compliance with Regulations and ControlsConduct Risk Assessment to Logical and Physical InfrastructureUnderstand the Collection and Preservation of Digital EvidenceManage Communications with Relevant Parties
Support the Planning Process for the Data Center Design
Implement and Build Physical Infrastructure for Cloud Environment
Run Physical Infrastructure for Cloud Environment
Manage Physical Infrastructure for Cloud Environment
Build Logical Infrastructure for Cloud Environment
Run Logical Infrastructure for Cloud Environment
Manage Logical Infrastructure for Cloud Environment
Ensure Compliance with Regulations and Controls
Conduct Risk Assessment to Logical and Physical Infrastructure
Understand the Collection and Preservation of Digital Evidence
Manage Communications with Relevant Parties
Legal, Risk and ComplianceLegal Requirements and Unique RisksPrivacy Issues and Jurisdictional VariancesAudit Process, Methodologies, and Required AdaptationsImplication of Cloud to Enterprise Risk ManagementOutsourcing and Cloud Contract DesignExecutive Vendor Management
Legal Requirements and Unique Risks
Privacy Issues and Jurisdictional Variances
Audit Process, Methodologies, and Required Adaptations
Implication of Cloud to Enterprise Risk Management
Outsourcing and Cloud Contract Design
Executive Vendor Management

Candidates must have a minimum of 5 years cumulative paid full-time work experience in information technology, of which 3 years must be in information security and 1 year in 1 or more of the6 domainsof the CCSP CBK. Earning (ISC)²’sCISSP credentialcan be substituted for the entire CCSP experience requirement.
If you do not have the required experience, you may still sit for the exam and become anAssociate of (ISC)²until you have gained the required experience.