CCSP Domain 4 Cloud Application Secucurity

Exam preparation – This domain is in alignment with the August 2022 exam outline
CCSP Domain 4 Cloud Application Secucurity
File Size :
1.72 GB
Total length :
2h 45m



Gwen Bettwy | over 5,000 enrollments worldwide


Last update




CCSP Domain 4 Cloud Application Secucurity

What you’ll learn

Understand what (ISC)2 expects you to know about the Cloud Applications Security domain.

CCSP Domain 4 Cloud Application Secucurity


There are no requirements.
A desire to learn what you need to know about the cloud application security for the CCSP exam is very beneficial to have.
A basic understanding of information security is recommended.


In this course we walk through all of the critical concepts within the Cloud Application Security domain. This domain is 17% of the test as of August 2022. I will guide you through all of the concepts that you need to know and advise you on the level of knowledge that you need to get comfortable with.There are over two and a half hours of video content plus course notes based on information from my book: Cloud Guardians.We will explore the software development lifecycle (SDLC), to include the phases and the methodologies for moving through those phases.It is important to know the risks to applications including any that are cloud specific. We will talk about SQL injections and buffer overflows and the like. The more that you know of these threats from the Pandemic 11 to OWASP and the SANS Top 20 the better prepared you will be for the exam.Threat modeling techniques are also key. We will look at STRIDE and DREAD and a couple of others.Testing application is very critical. This is our most common attack point these days. We will talk about closed box and open box testing as well as DAST, SAST and IAST.There is also a great need to take care with the supply chain involved in creating software today. We have learned from recent attacks that the supply chain can be compromised.We finish with discussion about maturity models and data rights management/information rights management and maturity models.


Section 1: Introduction

Lecture 1 Introduction and What is Clean Code?

Lecture 2 Software Development Life Cycle (SDLC)

Lecture 3 Supply Chain Management

Lecture 4 Software Development Methodologies

Lecture 5 DevOps Practices

Lecture 6 Xtra -My thoughts numbers 4 the test

Lecture 7 CI/CD and DevSecOps

Lecture 8 Software Verification and Validation

Lecture 9 Software Testing

Lecture 10 SANS Top 10 of 25 Programming Errors

Lecture 11 OWASP Top 4 Programming Errors to know

Lecture 12 ISO 27034

Lecture 13 Sandbox

Lecture 14 Threat Modeling

Lecture 15 Orchestration

Section 2: Cryptography Basics

Lecture 16 Introduction to encryption

Lecture 17 Encrypting data in use

Lecture 18 Encrypting data at rest

Lecture 19 Encrypting data in motion – SSH

Lecture 20 Encrypting data in motion – TLS

Lecture 21 Encrypting data in motion – IPSec

Lecture 22 Symmetric encryption

Lecture 23 Introduction to Asymmetric

Lecture 24 Use of public and private keys

Lecture 25 Key storage location

Section 3: Identity and Access Management

Lecture 26 Basic IAAA Introduction

Lecture 27 Single Sign On (SSO)

Lecture 28 SAML

Lecture 29 CASB

This course is intended for people that are preparing for the (ISC)2 CCSP exam.,This course would benefit anyone working to expand their knowledge and understanding of the Cloud Application Security.

Course Information:

Udemy | English | 2h 45m | 1.72 GB
Created by: Gwen Bettwy | over 5,000 enrollments worldwide

You Can See More Courses in the IT & Software >> Greetings from

New Courses

Scroll to Top