I recently enrolled for the Certified Cloud Security Professional certification by (ISC)2. One of the books recommended to me for preparing for this certification was CCSP for Dummies by Arthur J. Deane. It was published in November 2020 by For Dummies publication (a brand of John Wiley & Sons, Inc). I will not go into details of the CCSP certification. I will say this though, content-wise there is a lot of overlap between CCSP and CISSP.  If you want to learn more about it, check out this guide.

Content Overview

The book is divided into three parts spanning ten chapters.

• Starting your CCSP journey - This part encompasses first two chapters of the book. In these chapters, the author has provided an overview of CCSP certification and some information security fundamentals.

• Exploring the CCSP Certification Domains - This part encompasses chapters three to eight. Each chapter covers one of the following domains of the certification:

  • Cloud concepts, architecture and design

  • Cloud data security

  • Cloud platform and infrastructure security

  • Cloud application security

  • Cloud security operations

  • Legal, risk and compliance

• The Part of Tens  - This section encompasses chapters nine to ten. In this part, the author has shared tips for how to prepare for the CCSP certification and ten tips for the exam day.

Salient Features

• The philosophy behind Dummies series is that they explain complex concepts in an easy to understand manner. Keeping this perspective, this book is a good introduction to the CCSP certification as well as cloud security concepts.

• It covers most of the content prescribed by (ISC)2 for the CCSP certification and it is (ISC)2 approved.

• It comes with 2 practices tests and 100 flash cards to help study for the exam.

• It is good for people new to cloud security.

Not so salient Features

• It is highly repetitive and the content is not well organized within chapters 3-8.

• The language is easy to understand but I felt that it was written in a rushed manner.

My rating 3.3 / 5.0

Join our book club on Discord and share your views on this book (or any other security book of your choice).

Other book reviews

• Practical Social Engineering by Joe Gray

• Ethical Hacking by Daniel G. Graham

• How to Hack Like a GHOST by Sparc Flow

• How to Hack Like a LEGEND by Sparc Flow

• Practical Threat Intelligence and Data-Driven Threat Hunting by by Valentina Costa-Gazcón

• Cyber Warfare – Truth, Tactics, and Strategies by Dr. Chase Cunningham

• Hacking APIs by Corey Ball

• Pentesting Azure Applications by Matt Burrough

• Penetration Testing Azure for Ethical Hackers by David Okeyode, Karl Fosaaen

• Red Team Development and Operations by Joe Vest and James Tubberville

• Container Security by Liz Rice

• Web Application Security by Andrew Hoffman