ALC’s Foundation Exam is held in the classroom at the end of Day 3. This exam is 90 minutes duration and comprises:

• 60 multiple choice single answer questions
• Pass mark of 65%

ALC’s Practitioner Exam is held at the end of Day 5. This exam is 90 minutes duration and comprises:

• 50 multiple choice, single answer questions (/50)
• 10 multiple choice, multiple answer questions (/30)
• Pass mark 65% (52/80)

For those who require it, this course also provides full preparation for the ISACA CSX Fundamentals certificate exam. This exam has to be booked direct with ISACA and would be taken online after the course.

This course is designed for:

• Professionals with a familiarity of basic IT and information security concepts and who need to ensure a sound foundation knowledge of cyber security
• Anyone planning to work in a position that requires cyber security knowledge
• Anyone interested in the field of cyber security

The key objective of the Foundation module is for each participant to be able to leave the course with a good understanding and appreciation of the fundamentals of Cyber Security:

• Cyber Security Concepts
• Risk Management
• Security Architecture
• Cryptography
• Implementing security in networks, endpoint systems, applications and data
• Business Continuity and Disaster Recovery Planning
• Incident Response

The key objective of the Practitioner module is for each participant to be able to apply the theory learnt from the Foundation course to a case study. During this module you will:

• Develop an asset register
• Identify threats and determine risks, and make recommendations
• Create a data classification scheme and use this for managing risks with cloud solutions
• Identify and discuss the advantages and disadvantages of different encryption technologies
• List and prioritise business critical operations for business continuity
• Identify and discuss various approaches to security assurance
• Identify risk remediation strategies and include in a brief management report

ALC’s 5-day Cyber Security Practitioner course is designed for anyone who wants a sound understanding of Information / Cyber Security but who is in the earlier stages of their career and has not taken any of the established certifications such as CISSP® or CISM®. These certifications typically require a number of years prior experience. 

The course is structured into two modules. 

Foundation Module (3 days)

The Foundation module is designed to provide a good strong introduction to the key knowledge areas of Cyber Security. The course follows a robust syllabus based on industry best practice and international standards and frameworks. At the same time it provides maximum regional relevance by fully taking into account relevant sections from the Australian Government Information Security Manual (ISM) and the New Zealand Government’s Information Security Manual (NZISM).

Key areas covered include:

• Cybersecurity Concepts
• Risk Management
• Security Architecture
• Implementation
• Business Continuity and Disaster Recovery Planning
• Incident Response

Practitioner Module (2 days)

This module is all about applying the theory. It builds upon and reinforces the material learnt in the Foundation module. The course makes strong use of a case study, along with workshops and exercises. Participants will be provided with sample Word and Excel templates for use. 

Which option to choose?

You may enrol in Foundation only, or in the 5-day Foundation/Practitioner combined, according to your needs.

Prerequisites

Candidates must have at least five years of cumulative, paid full-time working experience in Information Technology. Three of these must be in information security, and one of which must be in one of the six CCSP domains.

Candidates who are already (ISC)2 members in good standing and who possess a Certified Information Systems Security Professional (CISSP) certificate may substitute all of the CCSP experience requirements on this basis

CCSP candidates who have passed the Cloud Security Alliance (CSA) Certificate of Cloud Security Knowledge (CCSK) may count this certification towards one year of experience in one of the six domains.

Exam format

• The maximum time allowed for the exam is 4 hours, which includes all rest breaks.
• The exam has 125 questions, all of which must be answered.
• The pass mark is 700 / 1000.

CCSP Exam – procedure | dates | locations

The CCSP exams are administered by Pearson Vue on behalf of (ISC)2. You must register for the exam  direct with PearsonVue.

A list of PearsonVue Test Centres is shown below.  For the most up-to-date listing please go to the PearsonVue ISC2 web page then click on Find a Test Centre in the upper right of the page.

If you experience any issues please contact ALC.

Fees per person

Certified Cloud Security Professional Course (5 days)

• view current pricing here.

Fees include:

• Course presentation
• Comprehensive printed course workbook
• Course textbook

NOTE: The CCSP exam is NOT included in the course fees.  The CCSP exam is administered by Pearson Vue on behalf of (ISC)2. If you wish to sit the exam you must register direct with Pearson Vue.  See below.

Day 1 – Introductions and Course Overview

Day 1 – Cloud Concepts, Architecture and Design

• Understand cloud computing concepts
• Describe cloud reference architecture
• Understand security concepts relevant to cloud computing
• Understand security design principles of cloud computing
• Evaluate cloud service providers

Day 2 – Cloud Data Security

• Describe cloud data concepts
• Design and implement cloud data storage architectures
• Design and apply data security technologies and strategies
• Implement data discovery
• Implement data classification
• Design and implement Information Rights Management
• Design and implement of data retention, deletion and archiving policies
• Design and implement auditability, traceability and accountability of data events

Day 2 – Cloud Platform and Infrastructure Security

• Comprehend cloud infrastructure components
• Design a secure data centre
• Analyse risks associated with cloud infrastructure
• Design and plan security controls
• Plan disaster recovery and business continuity

Day 3 – Cloud Application Security

• Advocate training and awareness for application security
• Describe the secure software development life cycle process
• Apply the secure software development life cycle
• Apply cloud software assurance and validation
• Use verified secure software
• Comprehend the specifics of cloud application architecture
• Design appropriate Identity and Access Management solutions

Day 4 – Cloud Security Operations

• Implement and build physical and logical infrastructure for cloud environments
• Operate physical and logical infrastructure for cloud environments
• Manage physical and logical infrastructure for cloud environments
• Implement operational controls and standards
• Support digital forensics
• Manage communication with relevant parties
• Manage security operations

Day 4 – Legal and Compliance

• Articulate legal requirements and unique risks within the cloud environment
• Understand privacy issues
• Understand audit process, methodologies, and required adaptations
• Understand implications of cloud to enterprise risk management
• Understand outsourcing and cloud contract design

Day 5 – Exam

• CCSP Official Practice Questions
• CCSP Workbook Review

Important note about the CCSP Exam

• The maximum time allowed for the exam is 3 hours, which includes all rest breaks.
• The exam has 125 questions, all of which must be answered.
• The pass mark is 700 / 1000.

The course is designed for :

• Enterprise architects
• Security administrators
• Systems engineers
• Security architects
• Security consultants
• Security engineers
• Security managers
• Systems architects

Important Information for CCSP Candidates

Requirements:

• Candidates must have at least five years of cumulative, paid full-time working experience in Information Technology. Three of these years must be in information security, and one of which must be in one of the six CCSP domains; or
• Candidates who are already (ISC)2 members in good standing and who possess a Certified Information Systems Security Professional (CISSP) certificate may substitute all of the CCSP experience requirements on this basis; and
• CCSP candidates who have passed the Cloud Security Alliance (CSA) Certificate of Cloud Security Knowledge (CCSK) may count this certification towards one year of experience in one of the six domains.

Course Preparation:

• You will be asked to read essential background documents from the Cloud Security Alliance (CSA), National Institute for Standards & Technology (NIST) and the European Network and Information Security Agency (ENISA) before the course that will assist with your learning and exam preparation.