Management with adaptable practices
We denounce with righteous indige nation and dislike men who are so beguiled and demo realized by the charms of pleasure of the moment, so blinded by desire, that they cannot foresee the pain and trouble that are bound to ensue cannot foresee. These cases are perfectly simple and easy to distinguish. In a free hour, when our power of choice is untrammelled data structures manages data in technology.
Certified Cloud Security Professional Course Outline
Certified Cloud Security Professional Course Outline
Domain 1: Cloud Concepts, Architecture, and Design
Module 1: Understand Cloud Computing Concepts
- Introduction to Cloud Computing
- Benefits of Cloud Computing
- Cloud Computing Definitions
- Cloud Computing Roles
- Key Cloud Computing Characteristics
- Building Block Technologies
Module 2: Describe Cloud Reference Architecture
- Cloud Reference Model
- Conceptual Reference Model
- Cloud Computing Activities
- Cloud Service Capabilities
- Deployment Models
- Cloud Shared Considerations
- Impact of Related Technologies
Module 3: Understand Security Concepts Relevant to Cloud Computing
- Cryptography
- Key Management
- IAM and Access Control
- Data and Media Sanitisation
- Virtualisation Security
- Common Threats
- Network Security
Module 4: Understand Design Principles of Secure Cloud Computing
- Cloud Secure Data Lifecycle
- Cloud-Based Disaster Recovery (DR) Planning
- Business Continuity Planning
- Cost-Benefit Analysis
- Security Considerations for Different Cloud Categories
Module 5: Identify Trusted Cloud Services
- Certification Against Criteria
Domain 2: Cloud Data Security
Module 6: Describe Cloud Data Concepts
- Cloud Data Life Cycle Phases
- Data Dispersion
Module 7: Design and Implement Cloud Data Storage Architectures
- Storage Types
- Threats to Storage Types
Module 8: Design and Apply Data Security Technologies and Strategies
- Encryption
- Key Management
- Hashing
- Data De-identification
- Data Masking
- Tokenisation
- Data Loss Prevention (DLP)
Module 9: Implement Data Discovery
- Structured Data
- Unstructured Data
Module 10: Implement Data Classification
- Mapping
- Labelling
- Sensitive Data
Module 11: Design and Implement Information Rights Management (IRM)
- Objectives
- Provisioning
- Access Models
- Appropriate Tools
Module 12: Plan and Implement Data Retention, Deletion and Archiving Policies
- Data Protection Policies
- Data Retention Policies
- Data Deletion Procedures and Mechanisms
- Data Archiving Policies
- Legal Hold
Module 13: Design and Implement Auditability, Traceability and Accountability of Data Events
- Definition of Event Sources
- Requirement of Identity Attribution
- Logging
- Storage and Analysis of Data Events
- Chain of Custody and Nonrepudiation
Domain 3: Cloud Platform Infrastructure Security
Module 14: Comprehend Cloud Infrastructure Components
- Cloud Infrastructure
- Physical Environment
- Network and Communications
- Compute Parameters of a Cloud Server
- Virtualisation
- Storage
- Management Plane
Module 15: Design a Secure Data Centre
- Logical Design
- Physical Design
- Environmental Design
Module 16: Analyse Risks Associated with Cloud Infrastructure
- Risk Assessment and Analysis
- Virtualisation Risks
- Counter-Measure Strategies
Module 17: Design and Plan Security Controls
- Physical and Environmental Protection
- System and Communication Protection
- Virtualisation Systems Protection
- Identification, Authentication, and Authorisation in Cloud Infrastructure
- Audit Mechanisms
Module 18: Plan Disaster Recovery and Business Continuity Management
- Risks Related to the Cloud Environment
- Business Requirements
- Business Continuity/Disaster Recovery Strategy
- Creation, Implementation, and Testing of Plan
Domain 4: Cloud Application Security
Module 19: Advocate Training and Awareness for Application Security
- Cloud Development Basics
- Common Pitfalls
- Common Cloud Vulnerabilities
Module 20: Describe the Secure Software Development Life Cycle (SDLC) Process
- Business Requirements
- Phases and Methodologies
Module 21: Apply the Secure Software Development Life Cycle (SDLC)
- Cloud-Specific Risks
- Threat Modelling
- Software Configuration Management and Versioning
- Quality of Service (QoS)
Module 22: Apply Cloud Software Assurance and Validation
- Functional Testing
- Security Testing Methodologies
Module 23: Use Verified Secure Software
- Approved API
- Supply-Chain Management
- Validated Open Source Software
Module 24: Comprehend the Specifics of Cloud Application Architecture
- Supplement Security Devices
- Cryptography
- Sandboxing
- Application Virtualisation
- Orchestration
Module 25: Design Appropriate Identity and Access Management (IAM) Solutions
- Federated Identity
- Identity Providers
- Single Sign-On (SSO)
- Multifactor Authentication
- Cloud Access Security Broker (CASB)
Domain 5: Cloud Security Operations
Module 26: Implement and Build Physical and Logical Infrastructure for Cloud Environment
- Hardware Specific Security Configuration Requirements
- Installation and Configuration of Virtualisation Management Tools
- Virtual Hardware Specific Security Configuration Requirements
- Installation of Guest Operating System (OS) Virtualisation Toolsets
Module 27: Operate Physical and Logical Infrastructure for Cloud Environment
- Configure Access Control for Local and Remote Access
- Securing Network Configuration
- Dynamic Host Configuration Protocol
- Securing Network Configuration
- Operating System (OS) Hardening Through the Application of Baselines
- Availability of Stand-Alone Hosts
- Availability of Clustered Hosts
- Availability of the Guest OS
Module 28: Manage Physical and Logical Infrastructure for Cloud Environment
- Access Control for Remote Access
- Operating System (OS) Baseline Compliance Monitoring and Remediation
- Patch Management
- Performance and Capacity Monitoring
- Hardware Monitoring
- Configuration of Host and Guest Operating System (OS) Backup and Restore Functions
- Implementation of Network Security Controls
Module 29: Implement Operational Controls and Standards
- Overview
- Change Management
- Continuity Management
- Information Security Management
- Continual Service Improvement Management
- Incident Management
- Problem Management
- Release and Deployment Management
- Configuration Management
- Service Level Management
- Availability Management
- Capacity Management
Module 30: Support Digital Forensics
- Support Digital Forensics
- Forensic Data Collection Methodologies
- Evidence Management
- Collect, Acquire and Preserve Digital Evidence
Module 31: Manage Communication with Relevant Parties
- Vendors
- Customers
- Partners
- Regulators
- Other Stakeholders
Module 32: Manage Security Operations
- Security Operations Center (SOC)
- Log Capture and Analysis
Domain 6: Legal, Risk and Compliance
Module 33: Articulate Legal Requirements and Unique Risks within the Cloud Environment
- Conflicting International Legislation
- Evaluation of Legal Risks Specific to Cloud Computing
- Legal Framework and Guidelines
- eDiscovery
- Forensics Requirements
Module 34: Understand Privacy Issues
- Contractual and Regulated PII
- Country-Specific Legislation and Regulation of PII
- Difference between Confidentiality, Authentication, and Integrity
- Standard Privacy Requirements
Module 35: Understand Audit Process, Methodologies, and Required Adaptations for a Cloud Environment
- Internal and External Audit Control
- Impact of Audit Requirements
- Identify Assurance Challenges of Virtualisation and Cloud
- Types of Audit Reports
- Restrictions of Audit Scope Statements
- Gap Analysis
- Audit Planning
- Internal Information Security Management System (ISMS)
- Internal Information Security Controls System
- Policies
- Identification and Involvement of Relevant Stakeholders
- Specialised Compliance Requirements for Highly-Regulated Industries
- Impact of Distributed IT Models
Module 36: Understand Implications of Cloud to Enterprise Risk Management
- Assess Providers Risk Management Programs
- Difference
- Regulatory Transparency Requirements
- Risk Treatment
- Different Risk Frameworks
- Metrics for Risk Management
- Assessment of the Risk Environment
Module 37: Understand Outsourcing and Cloud Contract Design
- Business Requirements
- Vendor Management
- Contract Management
- Supply Chain Management
- Implementation of Network Security Controls
- Management Plane
Who should attend this CCSP Training Course?
This CCSP course is aimed at IT professionals that want to enhance their knowledge of Cloud Security, including:
- IT and Cloud Security Experts.
- Enterprise Architects.
- Security Consultants.
- Systems Engineers.
- Security Administrators.
Prerequisites
There are no formal prerequisites, however having some background knowledge of IT would be useful.
Certified Cloud Security Professional Course Overview
CCSP training refers to building, managing, and protecting data and infrastructure in the cloud following best practices, policies, and procedures specified by (ISC)² cybersecurity experts. It provides various advantages, including credibility and recognition as a cloud security authority figure, the ability to keep current on the newest cloud security practices and principles, and exposure to various cloud platforms and technologies. Delegates will understand the audit process, methodologies, and required adaptations for a cloud environment. Holding the skills and knowledge to manage cloud security will lead the delegates to accomplish numerous job profiles such as Security Architects/Engineers, Security Managers/Engineers/Architects/Consultants, Security Administrators, Enterprise Architects. These obtained positions will help individuals climb the ladder of success and substantial earnings in their careers.
In this 5-day CCSP (Certified Cloud Security Professional) training course, delegates will comprehend knowledge about moving the data, infrastructure, and apps from on-premises hardware to the cloud to help the hybrid workforce be more productive. Delegates will lay their hands-on approach with protecting the organisation’s information assets from cybercriminals against insider threats and human mistakes, which are still among the primary causes of data breaches today. Our highly expert trainer with abundant knowledge will teach the delegates to identify information security risks and apply data security methods to reduce security threats in cloud storage.
It also accommodates the delegates with the acquainted concepts related to the security of the cloud, such as:
- Data and media sanitisation.
- Virtualisation security.
- Data de-identification.
- Data masking.
- Environmental design.
At the end of this training course, delegates will be able to design and implement cloud data storage architectures, inaccessible interfaces, metered resources, and scalability. They will also be able to design and apply auditability, traceability, and accountability of data events in cloud security.
CCSP Certified Cloud Security Professional Exam Information
This course prepares individuals to successfully apply and sit the official CCSP Certified Cloud Security exam - a signifier of cloud security excellence. To enrol in the CCSP exam, delegates must have a minimum of five years IT experience. Delegates must also have three years of experience in security information and a minimum of one year in cloud computing.
What’s Included in this CCSP Training Course?
- The Knowledge Academy’s Certified Cloud Security Professional Manual
- Experienced CCSP Instructor
- Certificate of Completion
- Refreshments
EU GDPR Practitioner Exam Information
The GDPR Practitioner exam assesses a candidate’s knowledge of compliance mechanisms, cloud and third-party processing, the stipulations of the GDPR, Data Protection Impact Assessments, security breaches, and the expectations of GDPR-mandated roles. The exam consists of:
- Type: Multiple choice questions
- Duration: 1 hour 30 minutes
- Pass mark: 55%
- Open Book: Yes