I recently enrolled for the Certified Cloud Security Professional certification by (ISC)2. One of the books recommended to me for preparing for this certification was CCSP for Dummies by Arthur J. Deane. It was published in November 2020 by For Dummies publication (a brand of John Wiley & Sons, Inc). I will not go into details of the CCSP certification. I will say this though, content-wise there is a lot of overlap between CCSP and CISSP. If you want to learn more about it, check out this guide.
The book is divided into three parts spanning ten chapters.
- Starting your CCSP journey – This part encompasses first two chapters of the book. In these chapters, the author has provided an overview of CCSP certification and some information security fundamentals.
- Exploring the CCSP Certification Domains – This part encompasses chapters three to eight. Each chapter covers one of the following domains of the certification:
- Cloud concepts, architecture and design
- Cloud data security
- Cloud platform and infrastructure security
- Cloud application security
- Cloud security operations
- Legal, risk and compliance
- The Part of Tens – This section encompasses chapters nine to ten. In this part, the author has shared tips for how to prepare for the CCSP certification and ten tips for the exam day.
- The philosophy behind Dummies series is that they explain complex concepts in an easy to understand manner. Keeping this perspective, this book is a good introduction to the CCSP certification as well as cloud security concepts.
- It covers most of the content prescribed by (ISC)2 for the CCSP certification and it is (ISC)2 approved.
- It comes with 2 practices tests and 100 flash cards to help study for the exam.
- It is good for people new to cloud security.
Not so salient Features
- It is highly repetitive and the content is not well organized within chapters 3-8.
- The language is easy to understand but I felt that it was written in a rushed manner.
My rating 3.3 / 5.0
Other book reviews
- Cyber Warfare – Truth, Tactics, and Strategies by Dr. Chase Cunningham
- Practical Threat Intelligence and Data-driven threat hunting by Valentina Costa-Gazcón
- Hacking APIs by Corey Ball
- Pentesting Azure Applications by Matt Burrough
- Penetration Testing Azure for Ethical Hackers by David Okeyode, Karl Fosaaen
- Red Team Development and Operations by Joe Vest and James Tubberville
- Container Security by Liz Rice
- Web Application Security by Andrew Hoffman
Uday Mittal is a cybersecurity professional with rich working experience working with various industries including telecom, publishing, consulting and finance. He holds internationally recognized certifications such as CRTP, OSCE, OSCP, CISSP, CISA, CISM, CRISC among others. He speaks on cybersecurity awareness, offensive security research etc. and has authored various articles on topics related to cyber security and software development for a leading magazine on open source software.