Course Overview

The CCSP is a global credential that represents the highest standard for cloud security expertise. It was co-created by (ISC)² and Cloud Security Alliance — leading stewards for information security and cloud computing security.
When you earn this cloud security certification, you prove you have deep knowledge and hands-on experience with cloud security architecture, design, operations and service orchestration

The CCSP exam tests your skills in six domains. The domains draw from a range of cloud security topics within the (ISC)² Common Body of Knowledge (CBK).

We welcome auditing student.*

* Provided there is space available on the first class, undecided students may join the first half of class to observe. Please contact us to schedule in advance.

Architectural Concepts and Design Requirements

  • Understand cloud computing concepts.
  • Describe cloud reference architecture.
  • Understand security concepts relevant to cloud computing.
  • Understand design principles of secure cloud computing.
  • Identify trusted cloud services.

Cloud Data Security

  • Understand cloud data lifecycle.
  • Design and implement cloud data storage architectures.
  • Design and apply data security strategies.
  • Understand and implement data discovery and classification technologies.
  • Design and implement relevant jurisdictional data protections for personally identifiable information (PII).
  • Design and implement data rights management.
  • Plan and implement data retention, deletion, and archiving policies.
  • Design and implement auditability, traceability and accountability of data events.

Cloud Platform and Infrastructure Security

  • Comprehend cloud infrastructure components.
  • Analyze risks associated to cloud infrastructure.
  • Design and plan security controls.
  • Plan disaster recovery and business continuity management.

Cloud Application Security

  • Recognize the need for training and awareness in application security.
  • Understand cloud software assurance and validation.
  • Use verified secure software.
  • Comprehend the software development life-cycle (SDLC) process.
  • Apply the secure software development life-cycle.
  • Comprehend the specifics of cloud application architecture.
  • Design appropriate identity and access management (IAM) solutions.


  • Support the planning process for the data center design.
  • Implement and build physical infrastructure for cloud environment.
  • Run physical infrastructure for cloud environment.
  • Manage physical infrastructure for cloud environment.
  • Build logical infrastructure for cloud environment.
  • Run logical infrastructure for cloud environment.
  • Manage logical infrastructure for cloud environment.
  • Ensure compliance with regulations and controls (e.g., ITIL, ISO/IEC 20000-1).
  • Conduct risk assessment to logical and physical infrastructure.
  • Understand the collection, acquisition and preservation of digital evidence.
  • Manage communication with relevant parties.

Legal and Compliance

  • Understand legal requirements and unique risks within the cloud environment.
  • Understand privacy issues, including jurisdictional variation.
  • Understand audit process, methodologies, and required adaptations for a cloud environment.
  • Understand implications of cloud to enterprise risk management.
  • Understand outsourcing and cloud contract design.
  • Execute vendor management.

About the Course

Classes are held in a Classroom


  • Certificate of Completion
  • Tax Receipt Form for tuition fees for courses taken in the calendar year. To qualify, the fees must be more than $100 for the year.


Intermediate level of English, Knowledge of Microsoft Office.

About the Instructor

Anupam Rawla, Bachelor of Engineering, CISSP, CCSP and GIAC-GCIH (GIAC Certified Incident Handler) has over 25 years of experience in Information Technology with over 15 years in Information Security.

He brings real world projects and operations experience in teaching the CISSP course. He has led numerous leading edge IT security & risk assignments covering Application Security, Infrastructure/Network Security, Mobile Security, Cryptography, Cloud and Data Security. He has also dealt with hundreds of IT operational security incidents over the course of his work. He teaches the science of security & risk as an art to make the learning engaging and invigorating.

He has worked with Big 4 Consulting and blue chip companies on projects and programs across several security domains in North America.

Next Session

February 5th, 2022 (Online Class)|Toronto
Saturdays | 9:00 A.M. – 3:00 P.M. (7 weeks, 38 Hours)

No reviews at the moment