CERTIFIED CLOUD SECURITY PROFESSIONAL (CCSP)

COURSE DESCRIPTION

Attackers never rest and along with all the traditional threats targeting internal networks and systems, an entirely new variety specifically targeting the cloud has emerged. Organizations need cloud security professionals with the requisite knowledge, skills and abilities to be able to audit, assess and secure cloud infrastructures. In this 5-day course you will gain a thorough understanding of the information security risks and mitigation strategies critical to data security in the cloud.

COURSE OBJECTIVES

• Understand Cloud Computing concepts and definitions based on ISO/IEC 17788 and NIST standards
• Identify Cloud Security Alliance’s Treacherous Twelve
• Understand various service delivery models, frameworks and hypervisor threats
• Be able to recommend appropriate controls for protecting data at rest and data in motion
• Be able to recommend risk mitigation strategies
• Design identity and access management solutions

WHO SHOULD ATTEND

• Enterprise architects

   

• Security administrators

   

• Systems engineers

   

• Security architects

   

• Security consultants

   

• Security engineers

   

• Security managers

   

• Systems architects

COURSE OUTLINE

Module 01: Introductions and Course Overview

Module 02: Architectural Concepts and Designs Requirements

• Important cloud computing concepts
• Cloud reference architecture
• Security concepts relevant to cloud computing
• Security design principles of cloud computing

Module 03: Cloud Data Security

• Design and implementation of cloud data storage architectures
• Design and application of data security strategies
• Implementation of data discovery and classification technologies
• Implementation of data protection for personally identifiable information (PII)
• Design and implementation of Data Rights Management
• Design and implementation of data retention, deletion and archiving policies
• Auditability, traceability and accountability of data events

Module 04: Cloud Platform and Infrastructure Security

• Comprehend cloud infrastructure components
• Analyze risks associated to cloud infrastructure
• Design and plan security controls
• Plan disaster recovery and business continuity management

Module 05: Cloud Application Security

• Training and awareness for application security
• Cloud software assurance and validation
• Use of verified secure software
• Understand and apply the Software Development Life-Cycle (SDLC) process
• Comprehend the specifics of Cloud Application Architecture
• Design appropriate Identity and Access Management (IAM) solutions

Module 06: Operations

• Support the planning process for the data centre design
• Build, run and manage physical infrastructure for cloud environment
• Build, run and manage physical infrastructure for cloud environment within an ITIL framework, aligned to ISO/IEC 20000
• standard.
• Ensure compliance with various regulations and control requirements
• Conduct risk assessments for logical and physical infrastructure
• Collection, acquisition and preservation of digital evidence

Module 07: Legal and Compliance

• Legal requirements and unique risks within the cloud environment
• Privacy issues, including jurisdictional variation
• The audit process and methodologies adapted for the cloud environment
• Implications of cloud to enterprise risk management
• Outsourcing and cloud contract design 

Please contact us for schedules and for booking a private class.

Inquire Now