What Is the CCSP? Your Guide to Becoming Certified in Cloud Security

Written by Coursera • Updated on

This intermediate cloud credential is designed for cybersecurity professionals working in cloud environments.

A cloud security professional wearing a pale pink sweater stands in front of a desk with two monitors and several indoor plants.

The Certified Cloud Security Professional (CCSP) is a certification designed for those with some experience in information technology (IT) and security looking to advance their careers in cloud-based cybersecurity. Becoming a CCSP demonstrates to potential employers that you have the technical skills needed to secure valuable assets in the cloud.

With more and more organizations moving their operations to cloud environments, security professionals with specialized cloud knowledge will be in demand. Burning Glass Technologies even rated cloud security as one of the fastest-growing skills in cybersecurity [1]. 

Read on to learn more about CCSP requirements, what to expect from the exam, and how to prepare for certification if you decide it’s a good fit for you.

How to get your CCSP certification

Becoming a CCSP means meeting a set of requirements and passing a certification exam designed to test your knowledge of cloud security topics. Here’s a quick look at the CCSP exam:

Cost$599 (US)
Number of questions125
Type of questionsMultiple choice
Time to complete3 hours
Passing score700 out of 1,000 points
Prerequisites5 years of paid work experience in IT (3 years must be in information security and 1 year must be in one of six (ISC)² CCSP Common Body of Knowledge (CBK) domains
Testing locationsPearson VUE testing centers
Available languagesEnglish and Japanese
Average CCSP salary (US)$150,400*

*All salary data is reported by (ISC)2 as of June 2022

CCSP requirements

The CCSP is designed for IT professionals with a few years of experience in both IT and security. To qualify for the exam, you need five years of cumulative experience in IT. Three of those years must have been in information security, and one of them must have been in one of the six CCSP domains:

  • Cloud architecture and design

  • Cloud data security

  • Cloud platform and infrastructure security

  • Cloud application security

  • Cloud security operations

  • Legal, risk, and compliance

Full-time, part-time, and paid or unpaid internships count toward the experience requirement. Earning the Certificate of Cloud Security Knowledge (CCSK) from the Cloud Security Alliance also counts toward one year of experience in one of the six domains. 

If you have the relevant IT and information security experience but haven’t yet worked with a cloud environment, earning the CCSK could be a faster option than accruing a year of experience working in cloud security. The CCSK has no experience requirements.

If you're just starting out in the world of cybersecurity, consider an entry-level credential, like the IBM Cybersecurity Analyst Professional Certificate. You can build job-ready skills in less than eight months while earning a shareable certificate from an industry leader.


What does the CCSP exam cover?

The multiple-choice exam questions cover each of the six (ISC)² CCSP Common Body of Knowledge (CBK) domains listed above. Each is weighted at 17 percent except cloud data security, which is worth 19 percent, and legal, risk, and compliance, which is worth 13 percent. 

The CCSP Certification Exam Outline goes into detail about what you need to know for each domain.

Preparing for the CCSP exam

The CCSP is a knowledge-based exam with a clear outline of six domains to cover. While experience is an excellent teacher, it’s often a good idea to set aside extra time to prepare for the exam. There’s more than one right way to prepare depending on your learning style and other obligations. Here are a few options:

  • Exam prep course: Several companies offer training for the CCSP. While you’ll have to figure in the extra cost, a course could be helpful for those who do well with a more structured learning environment.

  • Practice tests: When you take practice exams ahead of the real thing, you can identify areas where you may need to spend more time, and you can build confidence on test day by knowing what to expect. (ISC)² offers an official set of practice tests with 1,000-plus questions, but you’ll find others online and in print as well.

  • Study groups: Learning with others can be a fun way to keep yourself motivated as exam day approaches. If you’re looking for fellow exam takers to form a study group, start with forums like the subreddit r/CCSP.

Tips for CCSP exam success

Here are some tips to keep in mind as you prepare:

  • Register for the exam to give yourself a date to work toward. Consider your other obligations and pick a date that is realistic for you.

  • Set aside a little time each day to study. Even 15 minutes a day can add up when you’re consistent.

  • You don’t get penalized for incorrect answers on the CCSP exam, so use the process of elimination and make your best guess.

  • You can flag questions to skip and come back to later. Remember, you have three hours to finish—that works out to nearly 90 seconds per question.

Is the CCSP right for me?

If you’re working in cybersecurity and are interested in specializing in cloud security, becoming a CCSP could be a worthwhile investment. According to (ISC)², CCSPs in the US earn an average salary of $135,510. In comparison, Glassdoor reports an average salary of $101,043 for cloud security analysts with or without a CCSP certification.

If you’re just starting out in cybersecurity but think you might be interested in working in cloud security, the CCSP might be something to aim for as you build experience and earn more beginner-friendly credentials, like the CCSK.

Jobs that hire for CCSP

As more companies work with cloud technologies, it’s common for cybersecurity professionals in a variety of roles to need cloud security skills. Here’s a look at some of the jobs listed on LinkedIn that require or request a CCSP:

  • Product security engineer

  • Cybersecurity solutions architect

  • Application security architect

  • Cloud security engineer

  • Information security auditor

  • Compliance technology specialist

  • Information security manager

Benefits of a CCSP certification

Becoming a CCSP could help you advance into a better, higher-paying job. But it could also come with other benefits.

  • Learn new skills: Preparing for the CCSP certification exam could double as a way to develop your vendor-neutral cloud security skills in a more structured way.

  • On-the-job confidence: The knowledge and skills gained by attaining CCSP status could help you be better prepared to solve cloud security problems in the real world.

  • Networking: Earning the CCSP also gives you membership to (ISC)², which includes networking opportunities and professional development resources. 

Security clearance

The CCSP is one of seven certifications approved by the US Department of Defense as an information assurance (IA) baseline certification. Earning this certification meets the minimum certification requirement for IAT Level III and IASAE III jobs [2].



If you have several years of experience working in cybersecurity, you may find yourself deciding between the CCSP and the Certified Information Systems Security Professional (CISSP), two reputable security certifications from (ISC)². 

Which you choose will depend on your level of experience and your career goals. While the CCSP requires five years of experience, the CISSP doubles that requirement to 10 years of cumulative experience; this could be a limiting factor if you’re still early in your career.

The CSSP focuses on cloud security specifically, while the CISSP covers cybersecurity topics more broadly (and may be desirable for a wider range of jobs). 

It’s also possible to start with the CCSP as a way to advance your career and build experience while working toward the CISSP in the future. 

Get started in cybersecurity

Curious if a job in cybersecurity could be a good fit for you? Experience the work of a cybersecurity analyst as you build job-ready skills with the IBM Cybersecurity Analyst Professional Certificate on Coursera. Learn at your own pace from top industry experts at IBM as you earn a credential for your resume.


professional certificate

IBM Cybersecurity Analyst

Get ready to launch your career in cybersecurity. Build job-ready skills for an in-demand role in the field, no degree or prior experience required.


(6,757 ratings)

78,823 already enrolled


Average time: 8 month(s)

Learn at your own pace

Skills you'll build:

information security analyst, IT security analyst, security analyst, Junior cybersecurity analyst, Information Security (INFOSEC), IBM New Collar, Malware, Cybersecurity, Cyber Attacks, database vulnerabilities, Network Security, Sql Injection, networking basics, scripting, forensics, Penetration Test, Computer Security Incident Management, Application Security, threat intelligence, network defensive tactics, cyber attack, Breach (Security Exploit), professional certificate, cybersecurity analyst

Frequently asked questions (FAQ)

Related articles

Article sources

1. Burning Glass Technologies. "Protecting the Future: The Fastest-Growing Cybersecurity Skills, https://www.burning-glass.com/wp-content/uploads/2020/10/Fastest_Growing_Cybersecurity_Skills_Report.pdf." Accessed June 10, 2022.

2. DoD Cyber Exchange. "DoD Approved 8570 Baseline Certifications, https://public.cyber.mil/cw/cwmp/dod-approved-8570-baseline-certifications/." Accessed June 10, 2022.

Written by Coursera • Updated on

This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.

Learn without limits