☁️ CCSP Exam Prep
Free, independent CCSP exam-preparation across the ISC2 Common Body of Knowledge. Learn the modules, pass the exam.
Last updated: June 2026
An independent, free exam-preparation course that walks through the publicly published ISC2 CCSP Common Body of Knowledge across its six domains: Cloud Concepts, Architecture & Design; Cloud Data Security; Cloud Platform & Infrastructure Security; Cloud Application Security; Cloud Security Operations; and Legal, Risk & Compliance. It uses visual lessons, worked examples, original self-check questions and a 45-question final exam to build exam-ready understanding of cloud reference architectures, the shared responsibility model, the cloud data lifecycle, encryption and key management, virtualization and hypervisor security, BCDR, secure SDLC, SOC operations, and cloud governance, audit and privacy law. It is awareness/prep only — not the official ISC2 training or the licensing exam — and claims no ISC2 affiliation or endorsement. It maps to ISC2 CCSP Common Body of Knowledge (6 domains). The course is organized into 22 modules, ending with a final exam (pass mark 80%). It is independent, free exam-preparation training — not an official or accredited review course.
What you'll learn
- Cloud Computing Concepts & Definitions
- Service Models: IaaS, PaaS, SaaS
- Deployment Models & the Shared Responsibility Line
- Cloud Reference Architecture & Design Principles
- Emerging Technologies: Containers, Serverless & AI
- The Cloud Data Lifecycle
- Encryption & Key Management in the Cloud
- Masking, Tokenization, Anonymization & Data Dispersion
- Data Classification, DLP & Information Rights Management
- Cloud Infrastructure Components & Physical Environment
- Virtualization & Hypervisor Security
- Securing the Cloud Network & Communications
- Business Continuity & Disaster Recovery (BCDR)
- Secure Software Development Lifecycle (SDLC)
- Threat Modeling, STRIDE & Secure Design
- Application Testing: SAST, DAST & API Security
- Identity & Access Management (IAM) in the Cloud
- Security Operations: SOC, Logging & Monitoring
- Incident Response & Cloud Forensics
- Legal, Privacy Law & Cross-Border Data
- Audit, eDiscovery & the CSA Cloud Controls Matrix
- Risk Management, Vendor Governance, Contracts & SLAs
Learning objectives
- Explain core cloud concepts, roles, deployment and service models, and the shared responsibility line that splits provider and customer duties.
- Apply the cloud reference architecture, key cloud characteristics and emerging technologies (containers, serverless, AI) to design decisions.
- Secure data across the full cloud data lifecycle using encryption, key management, tokenization, masking, DLP and data dispersion.
- Design and protect cloud platform and infrastructure: virtualization, network, compute, storage and the management plane.
- Plan and test business continuity and disaster recovery (BCDR) aligned to RTO, RPO and recovery service levels.
- Build security into the cloud application lifecycle with secure SDLC, threat modeling, SAST/DAST and hardened APIs.
- Run cloud security operations: a SOC, logging and monitoring, incident response, change and configuration management.
- Apply identity and access management — federation, SSO, MFA and secrets management — across cloud services.
- Navigate legal, risk and compliance: data privacy law (GDPR), eDiscovery, audit, the CSA Cloud Controls Matrix and contracts/SLAs.
- Pass a 45-question exam (80% to earn your certificate).