🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
CCSP-ICCP
Coming Soon
Expected availability announced soon

This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.

Notify me
CCSP-ICCP ICCP Coming Soon

CCSP ICCP®

The CCSP-ICCP program teaches professionals how to design, implement, and manage network, application, and operational security controls, ensuring robust protection across enterprise environments while aligning with governance, risk, and compliance standards.

90
Minutes

Who Should Take This

Mid‑level security engineers, analysts, and architects with two to ten years of hands‑on experience benefit from the CCSP‑ICCP certification. They seek to validate their ability to operate enterprise‑wide security programs, integrate identity and access controls, and lead incident response and governance initiatives.

What's Covered

1 Domain 1: Network Security
2 Domain 2: Application Security
3 Domain 3: Security Operations and Incident Response
4 Domain 4: Identity and Access Management
5 Domain 5: Security Governance, Risk, and Compliance
6 Domain 6: Emerging Threats and Cloud Security

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

56 learning goals
1 Domain 1: Network Security
3 topics

Network defense architecture

  • Implement network security architecture including firewall rule design, DMZ configuration, network segmentation, micro-segmentation, and defense-in-depth layering for enterprise networks.
  • Implement intrusion detection and prevention systems including signature-based, anomaly-based, and behavior-based detection with appropriate tuning to minimize false positives.
  • Apply secure remote access solutions including VPN protocols, zero trust network access, software-defined perimeter, and multi-factor authentication for remote workforce connectivity.
  • Analyze network security posture by evaluating firewall rule effectiveness, segmentation adequacy, traffic flow anomalies, and attack surface exposure to recommend hardening actions.

Network monitoring and threat detection

  • Implement network monitoring solutions including packet capture, NetFlow analysis, DNS monitoring, and network traffic analysis for continuous threat detection.
  • Apply wireless security controls including WPA3 configuration, rogue access point detection, wireless intrusion prevention, and network access control for Wi-Fi environments.
  • Analyze network attack patterns including lateral movement, command and control traffic, data exfiltration indicators, and advanced persistent threat behaviors in network telemetry.
  • Design a network security monitoring strategy that establishes sensor placement, logging requirements, alert priorities, and escalation procedures for comprehensive network visibility.

Network security architecture design

  • Implement zero trust network architecture including identity-based access, micro-segmentation, encrypted communications, and continuous verification for enterprise network security.
  • Apply software-defined networking security including SD-WAN security policies, network function virtualization, and programmable security controls for modern network architectures.
  • Design a network security architecture that integrates perimeter defense, internal segmentation, cloud connectivity security, and remote access in a unified security framework.
2 Domain 2: Application Security
3 topics

Secure software development

  • Implement secure SDLC practices including threat modeling, security requirements, secure coding standards, code review, SAST, DAST, and security testing in CI/CD pipelines.
  • Apply OWASP Top 10 mitigations including input validation, parameterized queries, output encoding, CSRF tokens, security headers, and authentication hardening for web applications.
  • Implement API security controls including OAuth 2.0 flows, API key management, rate limiting, input validation, and API gateway security policies for microservices architectures.
  • Analyze application security assessment results from vulnerability scans, penetration tests, and code reviews to prioritize remediation based on exploitability and business impact.

Container and cloud-native security

  • Implement container security practices including image scanning, runtime protection, network policies, secret management, and least-privilege pod security for Kubernetes environments.
  • Apply supply chain security practices including software bill of materials, dependency scanning, signed artifacts, and provenance verification for software delivery pipelines.
  • Analyze cloud-native application security by evaluating identity management, network segmentation, encryption coverage, and compliance posture across containerized microservices deployments.

DevSecOps and security automation

  • Implement DevSecOps practices including security scanning in CI/CD pipelines, infrastructure as code security validation, and automated compliance checking for cloud deployments.
  • Apply security automation using scripting and orchestration to automate vulnerability remediation, configuration compliance, and security incident response workflows.
  • Analyze DevSecOps maturity by evaluating security scan coverage, remediation velocity, false positive rates, and developer security awareness across engineering teams.
3 Domain 3: Security Operations and Incident Response
3 topics

Security operations center management

  • Implement SIEM platform operations including log source onboarding, correlation rule development, alert tuning, dashboard creation, and integration with threat intelligence feeds.
  • Apply security automation and orchestration using SOAR platforms to create playbooks for common incident types, automate enrichment, and streamline analyst workflows.
  • Implement vulnerability management programs including scanner deployment, scan scheduling, remediation tracking, exception management, and risk-based prioritization using CVSS and EPSS.
  • Analyze SOC effectiveness by evaluating mean time to detect, mean time to respond, alert-to-incident ratios, and analyst workload to optimize security operations.

Incident response and digital forensics

  • Implement incident response procedures including detection, triage, containment, eradication, recovery, and post-incident review aligned with NIST SP 800-61 guidelines.
  • Apply digital forensics techniques including evidence preservation, chain of custody, disk imaging, memory analysis, log analysis, and timeline reconstruction for incident investigations.
  • Analyze incident response outcomes to identify root causes, evaluate containment effectiveness, assess data exposure scope, and develop recommendations for security posture improvement.
  • Design an incident response program that establishes response team structures, communication plans, escalation procedures, and tabletop exercise programs for organizational resilience.

Threat intelligence and hunting

  • Implement threat intelligence programs including IOC collection, threat feed integration, TTP mapping to MITRE ATT&CK, and intelligence-driven detection rule development.
  • Apply threat hunting techniques including hypothesis-driven hunting, anomaly-based hunting, and intelligence-driven hunting across endpoint, network, and cloud telemetry.
  • Analyze threat hunting effectiveness by measuring hunt-to-detection ratios, novel threat discovery rates, and mean time to identify previously undetected threats.
  • Design a threat intelligence strategy that establishes collection requirements, sharing partnerships, dissemination processes, and feedback loops for continuous intelligence improvement.
4 Domain 4: Identity and Access Management
2 topics

Authentication and authorization

  • Implement enterprise authentication solutions including MFA, FIDO2/WebAuthn, certificate-based authentication, and passwordless authentication for workforce and customer identities.
  • Apply identity federation and SSO using SAML, OAuth 2.0, OpenID Connect, and SCIM for centralized identity management across cloud and on-premises applications.
  • Implement privileged access management including just-in-time access, session recording, credential vaulting, standing privilege elimination, and break-glass procedures.
  • Analyze IAM security posture by auditing authentication strength, access recertification coverage, privilege creep, orphaned accounts, and federation configuration weaknesses.
  • Design a zero trust identity strategy that implements continuous verification, adaptive authentication, micro-segmentation based on identity, and context-aware access decisions.

Endpoint security management

  • Implement endpoint detection and response including EDR agent deployment, behavior-based detection, automated containment, and threat investigation capabilities.
  • Apply mobile device security including MDM enrollment, application management, data containerization, and compliance enforcement for BYOD and corporate device programs.
  • Analyze endpoint security coverage by evaluating EDR deployment rates, detection effectiveness, patch compliance, and vulnerability exposure across the device fleet.
5 Domain 5: Security Governance, Risk, and Compliance
2 topics

Security program governance

  • Implement security policies and standards including acceptable use, access control, data classification, incident response, and change management policies aligned with organizational risk appetite.
  • Apply risk assessment methodologies including qualitative and quantitative approaches, threat modeling, vulnerability assessment, and risk treatment strategies for cybersecurity programs.
  • Implement compliance monitoring for security frameworks including NIST CSF, ISO 27001, SOC 2, PCI-DSS, and HIPAA with evidence collection, gap analysis, and remediation tracking.
  • Analyze security program effectiveness by evaluating risk reduction trends, compliance posture, security investment ROI, and alignment with business objectives.
  • Design an enterprise security strategy that integrates risk management, compliance requirements, security architecture, and operational security into a cohesive program aligned with business goals.

Security awareness and training

  • Implement security awareness programs including phishing simulations, role-based security training, secure coding workshops, and security champion networks for organizational resilience.
  • Analyze security awareness program effectiveness by measuring phishing click rates, security incident reporting rates, and employee security behavior improvements over time.
  • Design a security culture transformation strategy that embeds security thinking into organizational processes, incentive systems, and leadership accountability structures.
6 Domain 6: Emerging Threats and Cloud Security
2 topics

Cloud security and emerging threats

  • Implement cloud security controls including CSPM, CWPP, CASB, identity federation, encryption, and security group configuration aligned with the shared responsibility model.
  • Apply IoT and OT security practices including device inventory, firmware management, network isolation, protocol security, and monitoring for industrial control system environments.
  • Analyze emerging threat landscapes including AI-powered attacks, deepfake social engineering, quantum computing threats to cryptography, and ransomware evolution to inform defense strategies.
  • Design a security architecture for hybrid and multi-cloud environments that provides consistent security controls, unified visibility, and centralized governance across cloud providers.

Data protection and privacy security

  • Implement data loss prevention controls including endpoint DLP, network DLP, cloud DLP, and email DLP configured with data classification-aligned policies.
  • Apply encryption and key management practices including PKI design, certificate lifecycle management, HSM integration, and crypto-agility planning for post-quantum readiness.
  • Analyze data protection effectiveness by evaluating DLP alert accuracy, encryption coverage gaps, key management compliance, and data exposure incident trends.

Scope

Included Topics

  • Cybersecurity professional competencies as tested on the ICCP Certified CyberSecurity Professional exam, covering network security, application security, incident response, governance, and emerging threats.
  • Network security including firewall design, intrusion detection and prevention, VPN configuration, network segmentation, wireless security, and network monitoring for threat detection.
  • Application security including secure software development lifecycle, OWASP Top 10 mitigation, code review, penetration testing fundamentals, and web application firewall configuration.
  • Security operations and incident response including SIEM management, threat intelligence, incident handling, digital forensics, vulnerability management, and security automation.
  • Security governance, risk, and compliance including security policy development, risk assessment methodologies, compliance frameworks, audit management, and business continuity planning.
  • Emerging cybersecurity challenges including cloud security, IoT security, AI-driven threats, zero trust architecture, supply chain security, and privacy engineering.

Not Covered

  • Advanced penetration testing and red team operations requiring deep offensive security skills beyond professional-level cybersecurity practice.
  • Detailed cloud platform-specific security configurations covered by vendor-specific cloud security certifications such as ISC2 CCSP.
  • Data management, data governance, and business intelligence topics covered by CDP, DGSP, and CBIP certifications.
  • Blockchain-specific security concerns covered by the CBP certification.

Official Exam Page

Learn more at ICCP

Visit

CCSP-ICCP is coming soon

Adaptive learning that maps your knowledge and closes your gaps.

Create Free Account to Be Notified

Trademark Notice

ICCP® and CDP® are registered trademarks of the Institute for Certification of Computing Professionals. ICCP does not endorse this product.

AccelaStudy® and Renkara® are registered trademarks of Renkara Media Group, Inc. All third-party marks are the property of their respective owners and are used for nominative identification only.