ISC2 CCSP (Certified Cloud Security Professional) Exam Guide

The **CCSP** certification is the global gold standard in Cloud Security. It proves your expertise in designing, managing, and securing data, applications, and infrastructure in the Cloud.

Who is responsible for data-at-rest encryption in a SaaS model?

Answer : The Cloud Service Provider (CSP).

In SaaS, the provider manages most of the technology stack, including underlying security.

What is a Cloud Access Security Broker (CASB)?

Answer : Security software between cloud users and providers that enforces security policies.

Helps monitor cloud usage and prevent unauthorized data exfiltration.

What is the top threat to cloud environments according to most security reports?

Answer : Misconfigurations.

Settings like publicly open storage buckets cause the majority of cloud data breaches.

What does 'Elasticity' mean in the cloud?

Answer : The ability to dynamically scale resources up or down based on demand.

Ensures that resources match actual needs to optimize cost and performance.

What is 'Data Sovereignty'?

Answer : The principle that data is subject to the laws of the country where it is physically stored.

A critical compliance consideration (e.g., GDPR requirements).

Related Certifications

• ISC2 Certified in Cybersecurity (CC)
• ISC2 Systems Security Certified Practitioner (SSCP)
• ISC2 CISSP - Certified Information Systems Security Professional
• ISC2 Building AI Strategy Certificate