CCSP Certified Cloud Security Professional + Agiles Projektmanagement + MS Office 365

CCSP (Certified Cloud Security Professional) von (ISC)² ist die führende Cloud-Security-Cert weltweit. Bestandteile: ISC2 + Cloud Security Alliance CSA Kooperation. CCSP (10 Tage / 2 Wochen): 6 Domänen (Common Body of Knowledge CBK) — 1. Cloud Concepts, Architecture and Design (17%) — Cloud Service Models (IaaS, PaaS, SaaS, FaaS, XaaS), Deployment Models (Public, Private, Hybrid, Community, Multi-Cloud), Shared Responsibility Model je Provider und Service-Modell, Cloud Security Concepts (CIA-Triade in Cloud-Context), Cloud Computing Activities (NIST), Trust und Compliance Concepts. Cloud Reference Architecture (NIST, Cloud Security Alliance CSA, ISO 17789). Security Architectures (Trusted Cloud Initiative TCI Reference Architecture, Defense-in-Depth in Cloud, Zero Trust Network Architecture). 2. Cloud Data Security (20%) — Data Classifications, Data Discovery, Data Loss Prevention (DLP) in Cloud, Cloud Storage Architectures (Object, Block, File, Database), Data Lifecycle in Cloud (Create, Store, Use, Share, Archive, Destroy), Data Security Strategies (Encryption with KMS, HSM, BYOK Bring Your Own Key, HYOK Hold Your Own Key, Tokenization, Data Masking, Anonymization). Information Rights Management (IRM/DRM). Cloud Database Security (TDE Transparent Data Encryption, Database Activity Monitoring). 3. Cloud Platform and Infrastructure Security (17%) — Cloud Infrastructure Components (Compute, Storage, Network, Hypervisor), Risiken und Bedrohungen (Multi-Tenancy-Risks, Shared Hardware), Cloud Provider Security Controls (Microsegmentation, Network Security Groups, WAF, DDoS Protection). Datacenter-Sicherheit (Tier I-IV nach Uptime Institute). Business Continuity in Cloud (Backup, Geo-Replication, Disaster Recovery). 4. Cloud Application Security (17%) — Secure Software Development Lifecycle (SDLC), Cloud-spezifische Sicherheits-Anforderungen (Cloud-Native Architecture, Microservices, API Security, Container Security mit Image Scanning, Runtime Security, Kubernetes Security), DevSecOps in Cloud (SAST, DAST, SCA, IaC Scanning), Identity and Access Management in Cloud (Federation mit SAML/OAuth/OIDC, MFA, Service Accounts/Managed Identities, Privileged Access Management PAM, Zero Trust). 5. Cloud Security Operations (16%) — Cloud Operations (Continuous Monitoring, Incident Response in Cloud, SIEM mit Cloud-Integration), Logging und Auditing (CloudTrail-equivalent in jeder Cloud), Cloud Security Posture Management (CSPM mit Wiz, Lacework, Microsoft Defender for Cloud, Palo Alto Prisma), Cloud Workload Protection Platform (CWPP), Cloud Access Security Broker (CASB), Secure Access Service Edge (SASE), Zero Trust Network Access (ZTNA). 6. Legal, Risk, and Compliance (13%) — Cloud-Compliance-Frameworks (CSA STAR Cloud Security Alliance Security Trust Assurance Risk, ISO 27017 für Cloud, ISO 27018 für PII in Cloud, SOC 2 Type II, FedRAMP für US-Government, GDPR/DSGVO, HIPAA), Vendor Risk Management, Audit-Frameworks. Examen CCSP: 125 Multiple-Choice, 4h, 700/1000 Pass. Voraussetzung Zertifikats-Award: 5 Jahre IT-Erfahrung mit 3 Jahren in Information Security und 1 Jahr in einer der CCSP-Domänen. CISSP-Substitution für gesamte Erfahrung. Scrum Foundation (1 Woche): Standard. Microsoft Office 365 (3 Wochen): Standard.