The new CCSP exam will be in effect as of August 1, 2019. We have listed some of the changes made to the old CCSP exam to the new CCSP exam.
Here are the old CCSP Domains and Weightage vs. the new CCSP Domains and Weightage:
Old CCSP domains and weightageNew CCSP domains and weightageArchitectural Concepts & Design Requirements 19%Cloud Concepts, Architecture and Design 17%Cloud Data Security 20%Cloud Data Security 19%Cloud Platform & Infrastructure Security 19%Cloud Platform & Infrastructure Security 17%Cloud Application Security 15%Cloud Application Security 17%Operations 15%Cloud Security Operations 17%Legal & Compliance 12%Legal, Risk and Compliance 13%As we can see from the above, the first three domains have less weight now and the last three domains have slightly more weight in the new CCSP exam.Here is the comparison of exam information between the old CCSP examination, and the new CCSP examination:
Old CCSP exam informationNew CCSP exam informationLength of exam4 hours3 hoursNo.of questions125125Question formatMultiple choiceMultiple choicePassing grade700 out of 1000 points700 out of 1000 points
As you can see, the new CCSP examination is shorter for the same number questions (125). The question format for new CCSP exams remains the same (multiple-choice). The passing grade for new CCSP exams remains the same (700 points out 1000).
Let’s take a look at the changes made from the old CCSP into the new CCSP.
Domain 1: The domain that was the first has been renamed to ‘Cloud concepts Architecture and Design’. This domain now has a weight of 17%.
Old CCSP Domain 1New CCSP Domain 11. Understanding Cloud Computing Concepts1. Understanding Cloud Computing Concepts1.2 Describe Cloud Reference architecture1.2 Describe Cloud Reference architecture
ADDED: “Impact of Related Technologies”1.3 Learn Security Concepts Relevant To Cloud Computing
1.3 Understanding Security Concepts Relevant To Cloud Computing
REMOVED: ‘Security Considerations For Different Cloud Categories’1.4 Understanding the Design Principles Of Secure Cloud Computing1.4 Understanding the Design Principles Of Secure Cloud Computing
ADDED: ‘Security Considerations For Different Cloud Categories’1 5 Identify Trusted Cloud Service Providers1.5 Evaluate Cloud Service providers (RENAMED).Domain 2: The second domain of the new CCSP exam, ‘Cloud Data security’, has the same name and format as the old version. This domain has 19% weightage, and 1% more weight than the previous exam.
Old CCSP domain 2New CCSP domain 22.1 Understand Cloud Data Lifecycle (CSA Guidance)2.1 Describe Cloud Data Concepts (RENAMED)ADDED: ‘Data Dispersion’2.2 Design and Implement Cloud Data Storage Architectures2.2 Design and Implement Cloud Data Storage ArchitecturesREMOVED: ‘Technologies Available to Address Threats’2.3 Design and Apply Data Security Strategies2.3 Design and Apply Data Security Technologies and Strategies
REMOVED
ADDED:Data Loss Prevention (DLP)Data ObfuscationData De-identification2.4 Understand and Implement Data Discovery and Classification Technologies2.4 Implement Data Discovery (RENAMED)REMOVED ALL OLD SUB-SECTIONS ADDED:Structured DataUnstructured Data2.5 Design and Implement Relevant Jurisdictional Data Protections for Personally Identifiable Information (PII)2.5 Implement Data Classification(RENAMED)
OLD SUB-SECTIONS HAVE BEEN CHANGED TO:
Mapping
Labeling
Sensitive data
2.6 Designing and Implementing Data Rights Management2.6 Designing and Implementing Information Rights Management (RENAMED).2.7 Planning and Implementing Data Retention and Deletion Policies2.7 Planning and Implementing Data Retention and Archiving Policy
ADDED: “Legal Hold”2.8 Design and Implement Auditability Traceability and Accountability of D
